分散式阻斷服務攻擊(Distributed Denial of Service,DDoS)是網路服務提供者都會面臨的問題,這是一種網路攻擊手法,攻擊者藉由大量機器或是殭屍網路對目標機器發起攻擊,迫使網路服務提供者的服務暫時中斷或停止,讓正常用戶無法存取,進而造成服務提供者與使用者在財務與時間上的損失。 大量惡意連線下載就是一種分散式阻斷服務攻擊,攻擊者的目標是受害者的應用層服務、同時也消耗對方的網路頻寬,因為針對應用層服務的攻擊,受害者很難判斷是正常用戶還是攻擊者,如果受害者嘗試要回應所有的請求、可能會造成正常用戶無法正常地使用該服務。 本論文設計一套系統,名為FTP2P,結合Client-Server與Peer-to-Peer架構,利用此系統可以動態建立Client群來分享檔案,讓Server能同時提供服務給更多Client。 ;Distributed Denial of Service (DDoS) is one kind of network attack, and every network service provider is exposed on this threat. Attackers use many computers or zombie network to launch an attack to victims, and let victims can’t provide their service to normal users. Victims lose their money and reputation because of DDoS attack. Massive malicious downloads is one kind of DDoS attack. Attacker target victim’s application-level service and consume victim’s bandwidth resource. It’s hard to differentiate attacker’s requests and normal user’s requests because all look same. If the victim tries to respond all of requests, it may cause normal users can’t use the victim’s service normally. We design a system named FTP2P. This system combines Client-Server and Peer-to-Peer, and this system can solve massive malicious downloads. This system can dynamically create client groups and increase more clients that server can provide service.
