޽Îm点
DoSU
lCLݷݸ
Tv
񾷭èްè > Ǝ㐫U@ > DoSU DoSUi޽jipFDenial of Service attackjͤ񾷭èɂ—pNQU@̂ЂƂ¡

޻޽ғĂȯܰȂǂؿijɈӐ}IɉߏȕׂƎ㐫‚肷鎖Ż޽WQ

Tv[ҏW]

DoSUɂ͂Qނ̗ތ^褑̗ތ^ͳ޻޽ɑʂظĂ⋐ް𑗂‚ȂǂĻ޽𗘗ps\ɂׯލUiFlood^jł褑̗ތ^ͻ޽̐Ǝ㐫𗘗p鎖Ż޽ɗOȂǂĻ޽𗘗ps\ɂUł[1][2]

U̖ړI[ҏW]

DoSU̎ȖړIͻ޽—pNQ鎖ɂ褋̓IȔQƂĄ̆ͤ̑ɂȯܰ̒xނ⻲Ăւ̱s\Ƃ̂[3]

DoSU͔Q҂ɌoϓIҰނ𕉂킹鎖ړIƂčsꍇEDoSU(Economic DoS Attack)ƌĂ΂顂Ƃθ׳ޏŏ]ʉۋĂ黰޽DoSUλ޽̉^c҂ɍzȉۋ𔭐邱Ƃł[4]

DDoSU[ҏW]

ׯތ^DoSUɂͤʂϼ݂1‚̻޽ɤĂDoSUd|DDoSUiި޽U^޽WQUp: Distributed Denial of Service attackjƂތ^

DDoSU̗ތ^2‚褑͍̂̂U҂ʂϼ(ݑ)sɏŤϼ݂ĂDoSUU^DoSUł

̗ތ^ͤDRDoSUiDistributed Reflective Denial of Service attackDoSڸݍUUˌ^DoSUj[5][6]ƌĂ΂DRDoSUłͤU҂UΏۂϼ݂ɂȂ肷܂đʂϼ݂ɉ炩ظĂĂɑM顂ظĂ󂯎ϼݒB͍UΏۂϼ݂ɌĈĂɕԓԂƂɂȂ̂ŤUΏۂϼ݂ɂ͑ʂ̕ԓWׂ邱ƂɂȂ[7]DRDoSU͋U^DDoSUƈقȂٳȂǂœݑȂĂs”\ȂߍUoÂ炢

DRDoSUƂĤDomain Name System𗘗pDNSߍU(DNS amplification attacksDNS ampUDNSڸUDNSڸݍUƂ)[7] ICMP echo 𗘗pSmurfUȂǂ

DRDoSUɎgĺقƂĤTCPSYNACKDATANULLICMPECHO RequestTime Stamp RequestAddress Mask RequestUDPIP pkt (low TTL) DNS query [8]

NetBIOSȰѻނRPC߰ϯ߂ȂǂւظĂ𗘗pUϑĂ[9]U^DDoSUDRDoSUgݍ킳邱Ƃ[10]

U@[ҏW]

ׯތ^DoSUͤޏɌJĂlXȻ޽ɑ΂čsƂł̂ŤUΏۂƂȂ黰޽ƂׯލU݂

SYNׯލU[ҏW]

TCPł͂Q‚ϼA,BTCPڑۤAʐMvSYN߹Ă𑗐MBSYN/ACK߹Ă𑗐MŌAACK߹Ă𑗂Ƃ菇ǂ
SYNׯލUł͍U҂UΏۂϼ݂ɑ΂SYN߹ĂUΏۂɑʂɑ‚炷ׂĂɑ΂SYN/ACK߹ĂUΏۂɔs顂U҂͂SYN/ACK߹Ăɑ΂ACK߹ĂԐMȂɂUΏۂѱĂɂȂ܂ł‚܂łACK߹Ă҂邱ƂƂȂؿH‚ԂĂ܂΍ƂĂRFC 4987̧۷̗pƂʓI@̑SYN cookiesTCP half-openipjSYN CacheƂ@LڂĂ

ICMPUDP[ҏW]

ICMPUDP̂悤Ⱥȸڽ̻޽ł͔M̋UeȂ̂ŤDoSUsU҂ɂƂĐg킩ɂƂ_

ICMP𗘗p̂ɂICMP echo request (𗘗pping)UΏۂɑʂɑ葱ICMP echoׯލUipjipingׯލUj⤓ݑICMP echo request۰޷Ă鎖ICMP echo replyUΏۂɏW߂DRDDoSUłSmurfU

ɂKiȎ傫ȻނICMP߹Ă𑗂‚鎖ōUΏۂׯping of deathƂU‚Ă1996NɔĈȍ~̐Ǝ㐫͖hĂ邽ߤ̎@͂قڒʗpȂȂĂ

UDPɑ΂ĂUDP߰Ăɑ΂đʂ̨𑗐MUDPׯލUipjUDP𗘗pDRDDoSUUDPްUiUDP-Based Amplification AttackjƌĂԡ

UDPްU̒łNTP̎łntpdmonlistނgU͑19{206{̑ɒB[11]̺ނNTPނߋɂ肵ڽő600Ԃ̂łntpdɂނ𗘗pU2013NɊϑĂ[12][13]Ȃntpdްޮ4.2.7p26ȍ~̺͂ނpłȂ悤CĂ[12]

̑ɂSSDPRIPv1𗘗pUDPްU[14][15]

׳ނ̍ēǂݍ[ҏW]

׳ɔĂ߰ނ̍ēǂݍ݋@\gpWebɑʂظĂ𑗂‚UF5iF5UjƌĂ΂邱Ƃ顂̖̂ͤF5AłUł邱ƂɗR

Windowsœ삷鳪׳ނłͤF5XV@\Ɋ蓖ĂĂ邱ƂߤF5邽тWebނظĂ邱ƂɂȂ

̑[ҏW]

۰HTTPnFԂɂ킽Webނȸ݂ێĂ邱ƂpĔ\͂Q[16]̍U[17]
Slow HTTP HeadersiSlowlorisj
Slow HTTP POSTiRUDYFR-U-Dead-Yet?j
Slow Read DoS
ҰсFނ̑傫ҰقʂҰق𑗂t@
HTTP GET/POSTׯށFHTTP̋Kiɂ͏Ă邪ׂ̂ظĂʂWebވĂɑ
TeardropLandUF‚TCP/IPɂƎ㐫[18]𗘗pUO҂͕ꂽIP߹Ăē߹Ă̏d܂Ȃ̖𗘗pU҂͍U҂ƑMv߹Ă𑗂‚Ɩٰ߂ɂ͂܂Ȃǂ̐Ǝ㐫𗘗pU[18]
WinNukeipj ‚Microsoft Windows̢NetBIOS over TCP/IPɍ݂Ǝ㐫Uꂽ

[ҏW]

r炵۸тƂͤWebfr炷߂ɍꂽ۸тweƂĂHTML̉͂HTMLFORM̑M@\Ae”\ƂHTTPײĂŤDoSU۸тɏĂF5Web׳GETҿނɂhttpoȂ̂ɑ΂r炵۸т͗lXҿނɂĂ̱”\ƂĂ顂܂OqDDoSɏݑƂȂނ̈čUŝ顏HTML̒mΎg镨⤱ڽ͂邾Ŏg悤ɂȂ()°ق݂顎PerlɂċLq邪ݑƂꂽނł̗֐l̂ł
LOICͤϽ̏ƂiƂȂĂႦ2010N߲ޯɂĂgꂽ
HOICiHigh Orbit IonCanonLOIČpƂ2010N߲ޯ̎ɊJꂽ
SlowlorisͤSlow HTTP HeadersUČ
StacheldrahtiƁFLhS̈Ӂj͐}Ɏ悤ɤݑ䑤̴ުĂƤުĂ𑀂װƤU҂װ𑀂ײĂ琬DDoSU°قł
ؽGCHQͤ`PREDATORS FACE'`ROLLING THUNDER'ƂDDoSU°قĂ[19]ƂĂ
cChttpظĂAM齸Ăgݍ񂾋ɂ߂ĒPȍU°ق̈łҶޗqcCAcCȂǂ̂UIȈJꂽ

hZ@[ҏW]

eĂɂhZ@[ҏW]

Nh~iIPSF Intrusion Prevention SystemjɂͤɊÂh@\臒lɊÂh@\Ă顼ɊÂh@\ͤSmurfULandÛ悤ɓ߹Ăɑ΂ėLłĺَ̐Ǝ㐫łɉĂ
SYNͤSYNׯޓւ̑΍ƂĊeOSƂɊJ꤂ꂼĺٽɎĂ
WAFiWeb Application Firewalljɂͤ۰HTTPn̍Uɑ΂ݒsWebނɂ‚ĂQoSѱɂ‚Ă̐ݒl

ȯĻ޽޲ނɂhZ@[ҏW]

ݸڽ̨ݸށFMIPڽU߹Ą̆ݸނ邱ƂɂčUƂȂȂ悤ɂ[20]
[21]
ш搧
ׯΰ
OpenFlow

[ҏW]


2000N2l15΂̏N6Ԃɂ킽ޯȯYahoo!CNNAmazon.comȂǂ̐lCɍĂɑ΂DDoSUsޯĂɂĂ޽s\ԂɊׂ点g̍sȯďIRCٰтŐߕ߂ꂽ͍̎ۓIɑ傫グꂽ
č Yahoo!
߿݂𗘗pݑͤ䓖̌vZʐM\͂͒ႢcȐp鎖礏]̻ނ𗘗pDDoSUrȔQ𔭐₷LȂ̂Ƃ2002N2čYahoo!̍U󂯤s\ɂȂƂQ󂯂Ă顂܂ɑK͂ȊN߭ٽ̂ȂɂͤDDoSUӐ}Đ݌vꂽƐ@̂2002N犈mFĂ߭ٽɂČ`ꂽUp߿ȯܰɂ褊Ƌ̔뜜Ă
ض ޯҰ
2004NOɂͤޯҰiIȓq܂Ƃ߂Ăƥc̓j̻ĂUƖWQꤋꂽ[22]⤉p̑ww̔PoɈĂuĔȗv𐶂Million Dollar Home Page󂯂񂶂Ă
ƺƺ()
2007N220DDoSɂU󂯤ɉ^cłԂłȂȂĂ܂N224ɈꎞIɻ޽~鎖ԂƂȂ[23]
2˂ij

f»Ă͓xXDoSU̕WIɂĂ褒łK͂Ȃ̂2010N3ݸް߯̎ɋNĂ顊؍ȯĺЭèȲް޳ѣォ2˂ɑ΂čUĂт꤂ɂꕔ̻ް޳݂̌̏ႵްꤑȂ鑹QoFBIŏIIɓʂƂȂ
s}َ

DoSUƂ͓ĂׂȂ悤Ȓʏ̢펯IŢV݌v۰łĂऋɒ[ɐƎȼтɂĂ͖Nꍇ2010N5̂̎͂̑\IȗłOHd@̫Ұݼѽ̒vIȕs¼Ѥ̕sF߂Ȃs}x@S҂̖mю̋vdȂ褑ߕߌɎ[24]ʂƂȂ̖̎@IȌɂ‚Ăͤ2010N7_ł͖c_̑Ώ[25]ƂȂĂ
Ͻɂ߲ޯ

2010N9ϽɂĤȯď̕s߰sׂɑΉc̓ɑ΂DDoSUsꂽ2010N12Ͻͤذւ̊tt~sڼޯĶތωЂWebĂɑ΂DDoSUsi햼Fݼނ̕Qj[26]
ưڲðȯܰ
2011N4ϽͿư̲ȯĔzM޽ڲðȯ̻ܰނɑ΂ĂDDoSU[27]
Dynް

2016N1021質޻ĂȂǂҲ݊Ǘт^cĂȯĊǗDyn ()ipjɑ΂ĤfIDDoSUsꂽʤAmazon.comPaypalNetflixTwitterRedditSpotifyGov.UKip{޻ājƭְѽ٥ذĥެȂǑ̳޻Ļ޽ײ݂ɂȂȂǂ̎xႪoĂ[28][29]èƂȂǂɂƤ̍U;è̎アĎٰȂǂIoT@ٳMiraiɂĈN1.2ޯĖb̒ʐMׂꂽ̂Ƃ݂Ă[30][29]
github
2018N31Githubɑ΂Ĥō1.35ޯĖb̒fIȍUsꂽAkamaiDDoSy޽gp邱ƂɂĤ邱Ƃɐ[31]

֘A[ҏW]

HOICipj
LOIC
ޯȯ
ʐMWQ

r[ҏW]

[ҏW]

gReport: Distributed Denial of Service Attacks Against Independent Media and Human Rights Sitesh. Berkman Center for Internet & Society (2010N1220). 2015N1226{
oT:Wikipedia
2020/03/13 21:01
lCLݷݸ
2020/03/28 XV
 1{
 2O
 3
 4ʖؗ
 5ެݳݸ޽9525֒ė
ɖ߂
[9]Wikipediaį
[0]gooį
Ɛӎ
(C)NTT Resonant