{"id":"https://openalex.org/W4200385810","doi":"https://doi.org/10.23919/cnsm52442.2021.9615596","title":"ANYway: Measuring the Amplification DDoS Potential of Domains","display_name":"ANYway: Measuring the Amplification DDoS Potential of Domains","publication_year":2021,"publication_date":"2021-10-25","ids":{"openalex":"https://openalex.org/W4200385810","doi":"https://doi.org/10.23919/cnsm52442.2021.9615596"},"language":"en","primary_location":{"id":"doi:10.23919/cnsm52442.2021.9615596","is_oa":false,"landing_page_url":"https://doi.org/10.23919/cnsm52442.2021.9615596","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 17th International Conference on Network and Service Management (CNSM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://research.utwente.nl/en/publications/f5e2f433-62ab-4191-a1d3-a4734af9be2c","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076772757","display_name":"Olivier van der Toorn","orcid":"https://orcid.org/0000-0002-1610-7086"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Olivier van der Toorn","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054043921","display_name":"Johannes Krupp","orcid":"https://orcid.org/0000-0002-5106-3736"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Johannes Krupp","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043382340","display_name":"Mattijs Jonker","orcid":"https://orcid.org/0000-0001-5174-9140"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Mattijs Jonker","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091643049","display_name":"Roland van Rijswijk-Deij","orcid":"https://orcid.org/0000-0002-0249-8776"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Roland van Rijswijk-Deij","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033589837","display_name":"Christian Rossow","orcid":"https://orcid.org/0000-0003-2470-8444"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christian Rossow","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025537461","display_name":"Anna Sperotto","orcid":"https://orcid.org/0000-0002-9481-5846"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Anna Sperotto","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5076772757"],"corresponding_institution_ids":["https://openalex.org/I94624287"],"apc_list":null,"apc_paid":null,"fwci":1.2744,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.81750977,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"500","last_page":"508"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.6740460395812988},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5575575828552246},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.11243060231208801},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.0798288881778717}],"concepts":[{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.6740460395812988},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5575575828552246},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.11243060231208801},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0798288881778717}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.23919/cnsm52442.2021.9615596","is_oa":false,"landing_page_url":"https://doi.org/10.23919/cnsm52442.2021.9615596","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 17th International Conference on Network and Service Management (CNSM)","raw_type":"proceedings-article"},{"id":"pmh:oai:ris.utwente.nl:openaire_cris_publications/f5e2f433-62ab-4191-a1d3-a4734af9be2c","is_oa":true,"landing_page_url":"https://research.utwente.nl/en/publications/f5e2f433-62ab-4191-a1d3-a4734af9be2c","pdf_url":null,"source":{"id":"https://openalex.org/S4406922991","display_name":"University of Twente Research Information","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"van der Toorn, O, Krupp, J, Jonker, M, van Rijswijk - Deij, R M, Rossow, C & Sperotto, A 2021, ANYway: Measuring the Amplification DDoS Potential of Domains. in 2021 17th International Conference on Network and Service Management (CNSM)., 9615596, International Conference on Network and Service Management (CNSM), vol. 2021, IEEE, Piscataway, NJ, 17th International Conference on Network and Service Management, CNSM 2021, Izmir, Turkey, 25/10/21. https://doi.org/10.23919/CNSM52442.2021.9615596","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:figshare.com:article/24613833","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/ANYway_Measuring_the_Amplification_DDoS_Potential_of_Domains/24613833","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"doi:10.60882/cispa.24613833.v1","is_oa":true,"landing_page_url":"https://doi.org/10.60882/cispa.24613833.v1","pdf_url":null,"source":{"id":"https://openalex.org/S7407050916","display_name":"CISPA Helmholtz Center","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:ris.utwente.nl:openaire_cris_publications/f5e2f433-62ab-4191-a1d3-a4734af9be2c","is_oa":true,"landing_page_url":"https://research.utwente.nl/en/publications/f5e2f433-62ab-4191-a1d3-a4734af9be2c","pdf_url":null,"source":{"id":"https://openalex.org/S4406922991","display_name":"University of Twente Research Information","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"van der Toorn, O, Krupp, J, Jonker, M, van Rijswijk - Deij, R M, Rossow, C & Sperotto, A 2021, ANYway: Measuring the Amplification DDoS Potential of Domains. in 2021 17th International Conference on Network and Service Management (CNSM)., 9615596, International Conference on Network and Service Management (CNSM), vol. 2021, IEEE, Piscataway, NJ, 17th International Conference on Network and Service Management, CNSM 2021, Izmir, Turkey, 25/10/21. https://doi.org/10.23919/CNSM52442.2021.9615596","raw_type":"info:eu-repo/semantics/publishedVersion"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1432036814","https://openalex.org/W1828150029","https://openalex.org/W1927311981","https://openalex.org/W1989454965","https://openalex.org/W2028110717","https://openalex.org/W2114398364","https://openalex.org/W2344804892","https://openalex.org/W2402560368","https://openalex.org/W2588683548","https://openalex.org/W2748868501","https://openalex.org/W2910287288","https://openalex.org/W3094423012","https://openalex.org/W3139597027","https://openalex.org/W4213362721","https://openalex.org/W4300559383","https://openalex.org/W6677217071","https://openalex.org/W6743493502"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2765763546","https://openalex.org/W4386482731","https://openalex.org/W4385302085","https://openalex.org/W2360429410","https://openalex.org/W4390188535","https://openalex.org/W4256682929","https://openalex.org/W335511927"],"abstract_inverted_index":{"DDoS":[0,187],"attacks":[1,8,144,166,218],"threaten":[2],"Internet":[3],"security":[4],"and":[5,19,92,124,224],"stability,":[6],"with":[7],"reaching":[9],"the":[10,42,46,56,99,108,133,137,154,168,173,182,191,211,225],"Tbps":[11],"range.":[12],"A":[13],"popular":[14],"approach":[15],"involves":[16],"DNS-based":[17,186,246],"reflection":[18],"amplification,":[20,48],"a":[21,27,33,94,103,249],"type":[22],"of":[23,102,119,121,139,175,214,227,254,263],"attack":[24,194],"in":[25,142,145,167,193,217],"which":[26],"domain":[28,104,122],"name,":[29,105],"known":[30],"to":[31,54,69,73,97,136,184,200,245,258,267],"return":[32],"large":[34],"answer,":[35],"is":[36,240],"queried":[37],"using":[38,153],"spoofed":[39],"requests.":[40],"Do":[41],"chosen":[43],"names":[44,123],"offer":[45],"largest":[47],"however,":[49],"or":[50,160],"have":[51],"we":[52,84,90,114,148,162,171,234],"yet":[53],"see":[55],"full":[57],"amplification":[58,100,129],"potential?":[59],"And":[60],"while":[61],"operational":[62],"countermeasures":[63,78],"are":[64,152],"proposed,":[65],"chiefly":[66],"limiting":[67],"responses":[68],"\u2018ANY\u2019":[70],"queries,":[71,178],"up":[72],"what":[74],"point":[75],"will":[76],"these":[77],"be":[79,220],"effective?":[80],"In":[81],"this":[82],"paper":[83],"make":[85],"three":[86],"main":[87],"contributions.":[88],"First,":[89],"propose":[91],"validate":[93],"scalable":[95],"method":[96],"estimate":[98],"potential":[101],"based":[106],"on":[107],"expected":[109,260],"ANY":[110,177,199,239],"response":[111,212,261],"size.":[112],"Second,":[113],"create":[115],"estimates":[116],"for":[117,157],"hundreds":[118],"millions":[120],"rank":[125],"them":[126],"by":[127,181,189,208,222,231],"their":[128,158],"potential.":[130],"By":[131],"comparing":[132],"overall":[134],"ranking":[135],"set":[138],"domains":[140,156,215,229,255],"observed":[141,216],"actual":[143],"honeypot":[146],"data,":[147],"show":[149,206,236],"whether":[150],"attackers":[151],"most-potent":[155,228],"attacks,":[159,188],"if":[161],"may":[163],"expect":[164],"larger":[165],"future.":[169],"Finally,":[170],"evaluate":[172],"effectiveness":[174],"blocking":[176,209],"as":[179,248],"proposed":[180],"IETF,":[183],"limit":[185],"estimating":[190],"decrease":[192],"volume":[195],"when":[196],"switching":[197],"from":[198],"other":[201,269],"query":[202],"types.":[203],"Our":[204],"results":[205],"that":[207,237],"ANY,":[210],"size":[213,226,262],"can":[219],"reduced":[221],"57%,":[223],"decreases":[230],"69%.":[232],"However,":[233],"also":[235],"dropping":[238],"not":[241],"an":[242,259],"absolute":[243],"solution":[244],"DDoS,":[247],"small":[250],"but":[251],"potent":[252],"portion":[253],"remain":[256],"leading":[257],"over":[264],"2,048":[265],"bytes":[266],"queries":[268],"than":[270],"ANY.":[271]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":3}],"updated_date":"2026-03-25T14:56:36.534964","created_date":"2025-10-10T00:00:00"}