DoS attacks continue to become increasingly devastating, despite widespread adoption of mechanisms to circumvent IP spoofing1 . In 2013, CloudFlare registered a DDoS bandwidth record by an attack which generated nearly 300 Gbps traffic [36]. A year later, a new record was established by a DDoS attack that generated 400 Gbps [37]. Both these record-setting attacks belonged to a category of DoS attacks where the attacker does not send traffic directly to the victim; traffic is instead sent to reflectors (with spoofed source IP of the victim) which in turn flood the victim with responses.

Click to access woot15-paper-adamsky.pdf