Print Email Facebook Twitter Targeting financial organisations with DDoS: a multi-sided perspective Title Targeting financial organisations with DDoS: a multi-sided perspective: Comparing patterns in AmpPot data to experts view on target selection in the financial sector Author Cheung, Ryan (TU Delft Technology, Policy and Management; TU Delft Multi Actor Systems) Contributor van Eeten, M.J.G. (graduation committee) Hernandez Ganan, C. (graduation committee) Herdeiro Teixeira, A.M. (graduation committee) Waart, Vincent (mentor) Degree granting institution Delft University of Technology Programme Systems Engineering, Policy Analysis and Management (SEPAM) Date 2017-07-03 Abstract Currently, DDoS attacks have become inevitable for financial services and their threat keeps rising. Numerous researches have focused on the technical since the rise of DDoS amplification attacks. However, there is less understanding regarding their target selection on financial services. This research uses a mixed method approach to capture factors that influence cybercriminals in their selection of victims. Via data from amplification DDoS honeypots, various factors are identified and explanatory models are provided. In addition, financial cyber security experts are consulted to assess their perspective on target selection. The analysis demonstrates that certain countries have significantly higher or lower victims, which can partially be explained through country level factors such as the ICT development and Normal GDP Per capita. In addition, the ICT development influences the duration of the attack significantly. The findings also indicate that organizational size, as measured by market value, showed a limited effect on the number of attacks. Contrary, experts regarded the size as a highly influential factor. The analyses furthermore demonstrate that financial organisations incur significantly more attacks on Friday than on any other day. Moreover, the experts mention additional target selection factors such as,reputation, media attention, patching, having capable employees, and mitigation parties. Finally, this paper reflects on the implications of these findings for the financial sector and related sectors. To reference this document use: http://resolver.tudelft.nl/uuid:cd5fd5ea-ec4e-4cf4-bb8c-2fc4c84f583a Part of collection Student theses Document type master thesis Rights © 2017 Ryan Cheung Files PDF master_thesis_Ryan_Cheung_final.pdf 8.85 MB PDF Scientific_paper_Ryan_Che ... _final.pdf 548.53 KB Close viewer /islandora/object/uuid:cd5fd5ea-ec4e-4cf4-bb8c-2fc4c84f583a/datastream/OBJ1/view