First Disclosing a New Type of DDoS Attack on GeekPwn: RangeAMP attack
In the GeekPwn2019 International Security Geek Competition, we successfully demonstrated RangeAMP attack. We use RangeAmp attack to implement DDoS attacks on web servers with an export bandwidth of 3Gbps. The victim’s website was a website server (domain name cdntest.geekpwn.org) in China provided by the organizer. The attack lasted more than 5 minutes. During the attack, the outlet bandwidth of the target website server was completely exhausted. The organizer placed two pictures on the homepage of the victim’s website, the size of which was 6.4MB and 5.3MB. Before the attack, the website homepage loading delay was about 2s; during the attack, the organizer visited the website homepage many times, and the loading delay almost exceeded 20s each time.
Related technical presentations:
- In March 2020, the job was accepted by DSN 2020.
- In May 2020, this work was selected as one of DSN2020 Best Paper candidate papers.
- In July 2020, this work won the best paper award of DSN 2020 (1/285).
Zdnet: RangeAmp attacks can take down websites and CDN servers
Dosarrest: How the RangeAmp attack works