Over the last decade, there has been a rise in cybercrime services offered on a feefor- service basis, enabling individuals to direct attacks against various targets. One of the recent services offered involves stresser or booter operators, who offer distributed reflected denial of service (DRDoS) attacks on an hourly or subscription basis. These attacks involve the use of malicious traffic reflected off of webservers to increase the volume of traffic, which is directed toward websites and servers rendering them unusable. Researchers have examined DRDoS attacks using realtime data, though few have considered the experience of their customers and the factors associated with the likelihood of successful attack outcomes. This study examines this issue using a binary logistic regression analysis of survey responses from a population of stresser clients. The implications of this study for our understanding of the social factors underlying cyberattacks is discussed in depth.


Arbor Networks. (2015, January). Arbor Networks 10th Annual Worldwide Infrastructure Security Report Finds 50X Increase in DDoS Attack Size in Past Decade. [Online] Available at: http://www.arbornetworks.com/arbornetworks- 10th-annualworldwide- infrastructure-securityreport- finds-50x-increase-in-ddosattack- size-in-past-decade

Curtin, R., Presser, S., & Singer, E. (2005). Changes in telephone survey nonresponse over the past quarter century. Public Opinion Quarterly, 69, 87-98.

Denning, D. E. (2011). Cyber-conflict as an Emergent Social Problem. In T. J. Holt & B. H. Schell (Eds.), Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications (pp. 170-186). Hershey, PA: IGI-Global.

Dhanjani, N., & Rios, B. (2008). Bad sushi: Beating phishers at their own game. Presented at the Annual Blackhat Meetings, Las Vegas, Nevada.

Fan, W., & Yan, Z. (2010). Factors affecting response rates of the web survey: A systematic review. Computers in Human Behavior, 26, 132-139.

Franklin, J., Paxson, V., Perrig, A. & Savage, S. (2007). An inquiry into the nature and causes of the wealth of Internet miscreants. ACM Conference on Computer and Communications Security (CCS), pp.275-288, Alexandria, VA: ACM.

Graham-Cumming, J. (2014). Understanding and mitigating NTP-based DDoS attacks. Cloudflare, January 9, 2014. [Online] Available at: https://blog.cloudflare.com/understandi ng-and-mitigating-ntp-based-ddosattacks/

Herley, C., & Florencio, D. (2010). Nobody sells gold for the price of silver:

Dishonesty, uncertainty and the underground economy. In T. Moore, D. J. Pym, & C. Ionnidis (Eds.), Economics of Information Security and Privacy, (pp. 35-53). New York: Springer.

Holt, T. J. (2007). Subcultural evolution? Examining the influence of on- and off-line experiences on deviant subcultures. Deviant Behavior, 28, 171–198.

Holt, T. J. (2013). Examining the forces shaping cybercrime markets online. Social Science Computer Review, 31(2), 165-177.

Holt, T. J., & Bossler, A. M. (2016). Cybercrime in progress: Theory and prevention of technology-enabled offenses. London: Routledge.

Holt, T. J., Chua, Y.-T., & Smirnova, O. (2013). An exploration of the factors affecting the advertised price for stolen data. eCrime Researchers Summit (eCRS), 1-10.

Holt, T. J., & Lampke, E. (2010). Exploring stolen data markets on-line: Products and market forces. Criminal Justice Studies, 23, 33-50.

Holt, T. J., Smirnova, O., & Chua, Y. T. (2016). Exploring and Estimating the Revenues and Profits of Participants in Stolen Data Markets. Deviant Behavior, 37, 353-367.

Holz, T., Engelberth, M., & Freiling, F. (2009). Learning more about the underground economy: A case-study of keyloggers and dropzones.” In M. Backes & P. Ning (Eds.), Computer Security-ESCORICS, (pp. 1-18). Berlin and Heidelberg, Springer.

Honeynet Research Alliance. (2003). Profile: Automated Credit Card Fraud. Know Your Enemy Paper series. [Online] Available at http://www.honeynet.org/papers/profiles/cc fraud.pdf.

Hutchings, A., & Holt, T. J. (2015). A crime script analysis of the online stolen data market. British Journal of Criminology, 55, 596-614.

Hutchings, A., & Clayton, R. (2016). Exploring the provision of online booter services. Deviant Behavior, 37, 1163-1178.

Ianelli, N., & Hackworth, A. (2005). Botnets as a vehicle for online crime. Forensic Computer Science, 1, 19-39.

Jordan, T., & Taylor, P. (2004). Hacktivism and cyber wars. London: Routledge.

Karami, M., & McCoy, D. (2013). Understanding the emerging threat of DDoS-as-a-service. LEET, 2013. [Online] Available at: http://citeseerx.ist.psu.edu/viewdoc/do wnload;jsessionid=917A63159F2C3E0 172FB5BC0DD62A575?doi= 4.1421&rep=rep1&type=pdf

Karami, M., Park, Y., & McCoy, D. (2015, August). Stress testing the booters: Understanding and undermining the business of DDoS services. Computer Science. [Online] Available at: https://arxiv.org/pdf/1508.03410v1.pdf

Mansfield-Devine, S. (2011, January). Anonymous: serious threat of mere annoyance? Network Security, 2011(1), 4-10. DOI: 10.1016/S1353- 4858(11)70004-6

Moore, T., Clayton, R., & Anderson, R.. (2009). The Economics of Online Crime, Journal of Economic Perspectives, 23, 3-20.

Motoyama, M., McCoy, D., Levchenko, K., Savage, S., & Voelker, G. M. (2011). An Analysis of Underground Forums. IMC’11, 71-79.

Pruitt, M. V. (2007). Deviant research: Deception, male internet escorts, and response rates. Deviant Behavior, 29, 70-82.

Rossow, C., & Gortz, H. (2014, February). Amplification hell: Revisiting network protocols for DDoS abuse. Proceedings of the 2014 Network and Distributed System Security (NDSS) Symposium, San Diego, CA. [Online] Available at: http://www.internetsociety.org/sites/def ault/files/01_5.pdf

Santanna, J., RiJswijk-Deij, R., Hofstede, R., Sperotto, A., Wierbosch, M., Granville,

L., & Pra, A. (2015, May). Booters - An Analysis of DDoS-as-a-Service Attacks. 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), 243-251.

Segura, V., & Lahuerta, J. (2010). Modeling the economic incentives of ddos attacks: Femtocell case study. Economics of information security and privacy, 107-119.

Smirnova, O., & Holt, T. J. (2017). Examining the geographic distribution of victim nations in stolen data markets. American Behavioral Scientist, 60, 1403-1426.

Thomas, R. & Martin, J. (2006). The underground economy: Priceless. ;login: The Usenix Magazine, 31, 7-17.

U.S. CERT. 2014. Alert (TA14-017A). UDPBased Amplification Attacks. Government Report. Retrieved June 2, 2016 Fromhttps://www.uscert. gov/ncas/alerts/TA14-017A

Woo, H., Kim, Y., & Dominick, J. (2004). Hackers: Militants or Merry Pranksters? A content analysis of defaced web pages." Media Psychology, 6, 63-82.

Yip, M., Webber, C., & Shadbolt, N. (2013). Trust among cybercriminals? Carding forums, uncertainty, and implications for policing. Policing and Society, 23, 1-24.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.