A review of amplification-based distributed denial of service attacks and their mitigation

Salih Ismail*, Hani Ragab Hassen, Mike Just, Hind Zantout

*Corresponding author for this work

Research output: Contribution to journalReview articlepeer-review

13 Citations (Scopus)
297 Downloads (Pure)


The rise of Distributed Denial of Service (DDoS) attacks have been steady in terms of the frequency and the impact of the attack. Traditionally, the attackers required control of a huge amount of resources to launch an attack. This has changed with the use of reflectors and amplifiers in DDoS attacks. A recent shift consisted of using other protocols than the traditional NTP and DNS protocols which were heavily used for ADDoS. In this paper, we review and organize amplification-based DDoS (ADDoS) attacks and associated countermeasures into a new taxonomy. Furthermore, we present a modus operandi of ADDoS attacks and analyze how it differs from traditional DDoS attacks. We also investigate how accessible ADDoS are for attackers with average resources. We survey readily available open-source scripts on GitHub and also the ADDoS features available in hire-to-DDoS platforms. We believe that accessibility and low-cost of hire-to-DDoS platforms are the major reasons for the increase of amplification-based DDoS attacks. Lastly, we provide a list of future directions that might be interesting for the community to focus on.

Original languageEnglish
Article number102380
JournalComputers and Security
Early online date24 Jun 2021
Publication statusPublished - Oct 2021


  • Amplification attack
  • DDoS
  • Reflection attack

ASJC Scopus subject areas

  • General Computer Science
  • Law


Dive into the research topics of 'A review of amplification-based distributed denial of service attacks and their mitigation'. Together they form a unique fingerprint.

Cite this