FTP2P: A Solution to Solve Massive Malicious Downloads

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：39

、訪客IP：3.133.87.156

姓名

林哲安(Zhe-An Lin) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

(FTP2P: A Solution to Solve Massive Malicious Downloads)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2024-6-30以後開放)

摘要(中)

分散式阻斷服務攻擊（Distributed Denial of Service，DDoS）是網路服務提供者都會面臨的問題，這是一種網路攻擊手法，攻擊者藉由大量機器或是殭屍網路對目標機器發起攻擊，迫使網路服務提供者的服務暫時中斷或停止，讓正常用戶無法存取，進而造成服務提供者與使用者在財務與時間上的損失。
大量惡意連線下載就是一種分散式阻斷服務攻擊，攻擊者的目標是受害者的應用層服務、同時也消耗對方的網路頻寬，因為針對應用層服務的攻擊，受害者很難判斷是正常用戶還是攻擊者，如果受害者嘗試要回應所有的請求、可能會造成正常用戶無法正常地使用該服務。
本論文設計一套系統，名為FTP2P，結合Client-Server與Peer-to-Peer架構，利用此系統可以動態建立Client群來分享檔案，讓Server能同時提供服務給更多Client。

摘要(英)

Distributed Denial of Service (DDoS) is one kind of network attack, and every network service provider is exposed on this threat. Attackers use many computers or zombie network to launch an attack to victims, and let victims can’t provide their service to normal users. Victims lose their money and reputation because of DDoS attack.
Massive malicious downloads is one kind of DDoS attack. Attacker target victim’s application-level service and consume victim’s bandwidth resource. It’s hard to differentiate attacker’s requests and normal user’s requests because all look same. If the victim tries to respond all of requests, it may cause normal users can’t use the victim’s service normally.
We design a system named FTP2P. This system combines Client-Server and Peer-to-Peer, and this system can solve massive malicious downloads. This system can dynamically create client groups and increase more clients that server can provide service.

關鍵字(中)

★ 分散式阻斷服務
★ 對等網路

關鍵字(英)

★ DDoS
★ P2P

論文目次

摘要 i
Abstract ii
誌謝 iii
目錄 iv
圖目錄 v
表目錄 vi
第 1 章緒論 1
第 2 章背景介紹 5
2.1 DDoS 5
2.2 DDoS攻擊的分類 6
第 3 章相關研究 10
第 4 章系統設計與實作 13
4.1 Client Handler 14
4.1.1 多執行緒 14
4.1.2 溝通協定 15
4.1.3 建立連線 19
4.2 Time Controller 21
4.3 Network Detector 23
4.4 Decider 26
4.5 Client Matcher 29
第 5 章實驗分析 31
5.1 實驗環境 31
5.2 測試案例 32
5.3 效能評估 33
第 6 章討論 38
6.1 限制 38
6.2 未來研究 39
6.3 差異 40
第 7 章結論 42
參考文獻 43

參考文獻

[1] Kaspersky Lab. DDoS attacks in Q1 2019 [Online]. Available: https://securelist.com/ddos-report-q1-2019/90792/
[2] Carlos Morales NETSCOUT Arbor Confirms 1.7 Tbps DDoS Attack; The Terabit Attack Era Is Upon Us [Online]. Available:
https://www.netscout.com/blog/asert/netscout-arbor-confirms-17-tbps-ddos-attack-terabit-attack-era
[3] Sam Kottler February 28th DDoS Incident Report [Online]. Available: https://github.blog/2018-03-01-ddos-incident-report/
[4] Yi Xie, Shun-Zheng Yu, "Monitoring the Application-Layer DDoS Attacks for Popular websites", IEEE/ACM Trans on Networking, vol. 17, no. 1, pp. 15-25, Feb 2009.
[5] Garber Lee, "Denial-of-Service Attack Rip the Internet", ACM Computer, vol. 33, no. 4, pp. 12-17, April 2000.
[6] Roy Mark Oregon Man Cops Plea in eBay DDOS Attack [Online]. Available: http://www.internetnews.com/security/article.php/3574101
[7] Jignesh Vania, Arvind Meniya, H. B. Jethva, "A Review on Botnet and Detection Technique", International Journal of Computer Trends and Technology vol.4 Issue 1 2013
[8] E. Alomari, S. Manickam, B. B. Gupta, S. Karuppayah, R. Alfaris, "Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art" International Journal of Computer Applications, vol. 49, no. 7, pp. 24-32, Jul. 2012.
[9] Hoque, N., Bhattacharyya, D., Kalita, J., "Botnet in DDoS attacks: trends and challenges. ", IEEE Commun. Surv. Tutor. 99, 1–1 (2015)
[10] Kolias, C.; Kambourakis, G.; Stavrou, A.; Voas, J. "DDoS in the IoT: Mirai and other botnets. ", Computer. 2017, 50, 80–84.
[11] Harry Halpin The Philosophy of Anonymous [Online]. Available: https://www.radicalphilosophy.com/article/the-philosophy-of-anonymous
[12] T Peng, C Leckie, . K Ramamohanarao, "Survey of Network-based Defense Mechanisms Countering the DoS and DDoS Problems", ACM Computing Surveys, vol. 39, no. 1, April 2007.
[13] A. Studer and A. Perrig. "The Coremelt Attack. ", Proceedings of the European Symposium on Researchin Computer Security (ESORICS), Saint Malo, France,September 2009.
[14] J. Lemon, "Resisting SYN flooding DoS attacks with a SYN cache", Proceedings of USENIX BSDCon′2002, February 2002.
[15] D.J. Bernstein, E. Schenk, "Linux kernel SYN cookies firewall project"
[16] S.w. Shin, K.y. Kim, J.s. Jang, "D-SAT: detecting SYN flooding attack by two-stage statistical approach", Applications and the Internet, 2005
[17] Lim, S.; Ha, J.; Kim, H.; Kim, Y.; Yang, S.: "A SDN-oriented DDoS blocking scheme for botnet-based attacks". Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 63–68. IEEE (2014)
[18] N. Z. Bawany, J. A. Shamsi, and K. Salah, "DDoS attack detection and mitigation using SDN: methods, practices, and solutions", Arabian Journal for Science and Engineering, vol. 42, no. 2, pp. 425–441, 2017.
[19] Python documentation 16.3. thread — Multiple threads of control — [Online]. Available: https://docs.python.org/2/library/thread.html
[20] Python documentation 16.1. select — Waiting for I/O completion [Online]. Available: https://docs.python.org/2/library/select.html
[21] mondain GitHub - mondain/public-stun-list.txt [Online]. Available: https://gist.github.com/mondain/b0ec1cf5f60ae726202e
[22] PyPI pystun [Online]. Available: https://pypi.org/project/pystun/
[23] jtriley. GitHub - jtriley/pystun [Online]. Available: https://github.com/jtriley/pystun
[24] psutil documentation [Online]. Available: https://psutil.readthedocs.io/en/latest/
[25] Python documentation 15.3. time — Time access and conversions [Online]. Available: https://docs.python.org/2/library/time.html
[26] R. Mahy, "Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN)", IETF RFC 5766, 2010

指導教授

許富皓(Fu-Hau Hsu)

審核日期

2019-7-12

推文