移动互联网对 ddos 攻防带来的新挑战
DESCRIPTION
移动互联网对 DDOS 攻防带来的新挑战. 网易信息安全部 2013 年 5 月. 议程. 移动互联网的兴起 移动设备恶意软件 对 DDOS 攻防的新挑战 应对方法探讨. 美 丽的“罪行”. Mobile 时代的车轮滚滚而来. “裸奔”的移动设备. 移动 僵尸网络. 大规模移动僵尸网络正在形成. Android.DDoS.1.origin 木马. MDK 木马. AnDosid 工具. 传统 DDOS 防御策略. IDS/IPS ACL Iptables SYN-cookie. 传统 DDOS 防御策略. JS 跳转 CDN 缓存 - PowerPoint PPT PresentationTRANSCRIPT
1
DDOS20135DDOS
VLC DDoS Logstalgia
3Mobile
2012PC
4
20125
googleandorid botnet1790000android
AppsDDoS
Apps
6Android.DDoS.1.origin
12Doctor WebAndroid.DDoS.1.originAndroidGoogle Play
Command and Control)
Doctor Web
7MDK
2012100
MDK
APP71532011
8AnDosid
AnDOSidDOS(http post,dDOS
McAfeeLow Orbit Ion Cannon(LOIC)DDoSAndroidAnonymous
AndroidAndroid DDoSAndroid
9 DDOSIDS/IPSACLIptablesSYN-cookieIDS IPSDDOSIDSDDOSIDSDDoSIDS
ACLAccess Control List,ACLACLDDOShttp
Iptablesiptablesip
Syn-cookie:SYN CookieTCPSYN FloodTCPTCP SYNTCP SYN+ACKSYNcookieTCP ACKTCPcookieTCP ACKTCP
10 DDOSJSCDNWAFCDNCDNcdnddos
WAFWeb Application FirewallwafddosIDS iPS0dayNginx
ipip
11DDOS
ddospc
ddos12IPISPIP
ddosipddosipipip
13JSnative app
APPNative APP
ddosjsNativeappjsjs14ddosISPIDCDDoS
google apple microsoft
androidgoogle
15
cookie
IPGeo IP80 / 20
Ddos
ddosddos(0day)
ddosddos
native apphttpcookiecookie
ipip802080%20%ipip16
THE END
Thanks!
Collect & Filter == Detect & Challenge ===Learn & Fight back17