Abstract:
Distributed Denial of Service attacks are still a growing problem in 2021. To combat this problem, many services rely on the help of DDoS Protection Service (DPS) providers. In this thesis we provide an analysis of the defenses of the biggest DPS provider, Cloudflare. Furthermore, we conduct a study on the origin exposure problem, which allows an attack to bypass DPSs. For this we implement a scanning application utilizing multiple origin exposure attack vectors. We then use this application to conduct an analysis on 139,503 domains protected by Cloudflare to assess the magnitude of the origin exposure problem. Our results show that the origin exposure problem has decreased overall. We find that Cloudflare’s efforts to better secure origin servers through the use of certificates may also lead to origin exposure. Further, we demonstrate that origin discovery through internet wide scans is feasible and highlight the challenges of current origin exposure methods.