m o c . 5 h t i g b u © 2016 绿盟科技 关于中国电信云堤 2008 年以来,中国电信开始着力于网络 DDoS 攻击防护能力建设, 已形成了覆盖国内 31 省和亚太、欧洲、北美等主要 POP 点的一体化攻 击防御能力。2014 年,中国电信首次在业界系统性提出电信级网络集约 化安全能力开放平台框架,并将“云堤”作为对外服务的统一品牌。 m o 几年来,中国电信云堤一方面致力于高效、可靠、精确、可开放的 DDoS 攻击防护能力建设,同时,面向政企客户提供运营商级 DDoS 攻 击防护服务。目前已涵盖互联网、金融、能源制造、政府机构等各个行业。 b u c . 5 h t i g 关于绿盟科技 北京神州绿盟信息安全科技股份有限公司(简称绿盟科技)成立于 2000 年 4 月,总部位于北京。在国内外设有 30 多个分支机构,为政府、 运营商、金融、能源、互联网以及教育、医疗等行业用户,提供具有核心 竞争力的安全产品及解决方案,帮助客户实现业务的安全顺畅运行。 基于多年的安全攻防研究,绿盟科技在网络及终端安全、互联网基础 安全、合规及安全管理等领域,为客户提供入侵检测 / 防护、抗拒绝服务 攻击、远程安全评估以及 Web 安全防护等产品以及专业安全服务。 北京神州绿盟信息安全科技股份有限公司于 2014 年 1 月 29 日起 在深圳证券交易所创业板上市交易。 股票简称:绿盟科技 股票代码:300369 目录 DDoS 攻击态势趋于多变 ····································································································· 1 观点 1 1T 超大流量攻击令人警醒 ······················································································································ 2 观点 2 攻击在多维度呈现两极分化···················································································································· 4 观点 3 受控攻击溯源多来自中俄美···················································································································· 6 观点 4 BOTNET DDoS 温床危害巨大··········································································································· 11 DDoS 攻击事件追逐利益 ···································································································17 事件 1 竞争优势:Carphone Warehouse 240 万用户数据被窃 ···················································· 18 事件 2 实施报复:Lizard Squad 对抗 NCA······························································································ 18 事件 3 追求名利:英国 19 岁青年 拿下 FBI“圣杯” ············································································ 18 事件 4 敲诈勒索:某游戏公司被收保护费 1888 元················································································ 19 事件 5 未知利益:世界互联网大会期间 浙江某网站抵御攻击 ··························································· 19 c . 5 DDoS 事件的警醒及展望 ········································································································································ 20 b u DDoS 攻击手段考虑 ROI ···································································································23 观点 5 新的协议利用形式 网络服务 ··········································································································· 24 观点 6 新的目标设备 移动终端 ···················································································································· 25 观点 7 新的攻击方法 延时攻击 ···················································································································· 25 观点 8 新的攻击工具 DDoS 木马 ··············································································································· 26 h t i g DDoS 防护走向生态化 ·······································································································29 治理 运营商治理大流量········································································································································ 30 治理 互联网公司阻断 DDoS 攻击工具传播 ································································································ 32 缓解 网络安全公司强化 DDoS 攻防技术 ····································································································· 32 缓解 用户加固特定业务········································································································································ 35 生态 DDoS 防护生态环境 ·································································································································· 38 结束语····································································································································39 作 m o 者 ············································································································································································· 39 DDoS 威胁报告 ··························································································································································· 39 内容提要 纵观 2015 全年 DDoS 威胁态势, DDoS 攻击峰值流量不断上升,甚至出现了 1T 超大流量攻击事件,全年的 攻击总流量接近 28 万 Tbytes,大流量乃至超大流量攻击更易于在运营商层面发现及治理。同时攻击形式发生改变, 具有多维度两极分化的特性,从而远离大众的视野,更具隐蔽性。 为了探究这些转变,报告呈现及分析多个较为典型的 DDoS 攻击事件,以便从中分析和了解攻击者们所追逐的 利益。正是由于这些利益的驱使,攻击者们同样有自己的“老板”,也需要考虑攻击的投资回报率 ROI,攻击者发起 攻击的几率大小,一方面取决于其所追逐的利益,另一方面更取决于防守方面临攻击所采取的态度和能力,当收益对 比风险的天平倾斜时,攻击者就敢于发动进攻。 面对如此恶劣的 DDoS 攻击态势,为

pdf文档 绿盟 2015全年DDoS威胁报告

文档预览
中文文档 46 页 50 下载 1000 浏览 0 评论 0 收藏 3.0分
温馨提示:本文档共46页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
绿盟 2015全年DDoS威胁报告 第 1 页 绿盟 2015全年DDoS威胁报告 第 2 页 绿盟 2015全年DDoS威胁报告 第 3 页
下载文档到电脑,方便使用
本文档由 路人甲 于 2022-07-17 01:16:29上传分享
站内资源均来自网友分享或网络收集整理,若无意中侵犯到您的权利,敬请联系我们微信(点击查看客服),我们将及时删除相关资源。