In amplification denial-of-service, adversaries send requests to public
servers (e.g., open recursive DNS resolvers) and spoof the IP address of
a victim. These servers, in turn, flood the victim with valid responses
and - unknowingly - exhaust its bandwidth. In 2014, such abuses have
lead to highly critical attack bandwidths of 400 Gbps.
We revisit popular protocols of common network services, online games,
P2P filesharing networks and P2P botnets in order to assess their
security against such abuse. We explore how the threat of amplification
attacks can be mitigated and illustrate our security notification
efforts for the Network Time Protocol (NTP). As an outlook to the
future, we present our ongoing research that aims to track down the
actual sources of spoofed traffic.