Over the past decades, DoS attacks have rapidly increased in terms of occurrence and intensity, steadily becoming one of the largest threats to the stability and reliability of the Internet. In this thesis we reveal the massive scale of the problem, by showing, among others, that one-third of all /24 networks estimated to be active on the Internet have suffered at least one DoS attack during a recent two-year observation period. 1.3.3 Adoption of Mitigation and Expertise of Users Even though diverse solutions are readily available to mitigate attacks, quantitative knowledge of their adoption on the Internet is limited. In addition, an understanding of how solutions are deployed and operated when operators are faced with attacks featuring differing characteristics is missing. A related challenge stems from the potential disconnect between the ease of setup of mitigation solutions and the expertise of adopting operators. Providers, be it of cloud-based services or on-site appliances, stand to benefit from a low adoption barrier. Often they try to capitalize rapid product (or service) deployment, because that is what companies need in times of crisis (i.e., when attacked). But what exactly does a black box with proprietary algorithms do after it is so easily plugged into a network? While that box may effectively mitigate attacks and 1.4.1 Goal 1: The DoS Phenomenon Research Questions In the first goal we expressed wanting to study the DoS phenomenon on a global, Internet-wide scale. This leads to our first research question: RQ 1: Which data sources on DoS do we need in order to study the DoS phenomenon on a global scale? Are there existing data that we can work with, fuse or derive from? Or do we need to gather new measurements? • M. Jonker and A. Sperotto. Mitigating DDoS Attacks using OpenFlowbased Software Defined Networking. In Proceedings of the 9th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security (AIMS'15). Ghent, Belgium [55]. Chapter 3: Attack Characterization This chapter discusses our first steps towards addressing challenges that pertain to: (i) data availability; and (ii) processing large-scale and diverse data This chapter is based on (part of) the following peer-reviewed publication: