Open Access  Subscription Access

近幾年來分散式阻斷服務(DDoS)攻擊事件仍然層出不窮，例如2016年Mirai殭屍網路操控物聯網設備發動約620Gbit/s的DDoS攻擊及2017年台灣券商遭自稱Armada Collective駭客集團發動DDoS攻擊。除此之外，越來越多新型態DDoS攻擊手法出現，例如2015年The Great Cannon攻擊Github的事件。此種攻擊手法利用瀏覽器執行惡意的JavaScript，讓網頁不斷送出HTTP連線請求給受害網站，他可以輕易地發動比一般DDoS還要大規模的攻擊。鑑於此種特殊形態的DDoS與一般DDoS有許多不同之處，在本篇報告中我們深入介紹此種基於瀏覽器式的DDoS攻擊(Browser-Based DDoS)，討論針對此種攻擊的防禦方式與一般DDoS防禦有何不同，並分析比較各種過去已被提出的防禦方式，最後我們探討防禦此種攻擊的未來的挑戰及瓶頸，以提供後續在此技術領域研究之參考。Distributed Denial of Service (DDoS) attacks continue to threaten the Internet in recent years. For example, the Mirai IoT botnet launched an unprecedented 620Gbit/s DDoS attack in 2016, and a DDoS threat was made to several brokerages in Taiwan by a self-proclaimed group of cybercriminal calling themselves Armada Collective in 2017. Besides, new DDoS attack methods appeared and rendered existing defenses ineffective. A blatant example is the China's Great Cannon first observed in 2015. By injecting malicious JavaScript in the web browsers of unwitting users, this attack caused thousands of HTTP requests per second to victim sites and can easily scale up the attack volume because of its special attack method. Because such browser-based DDoS attacks exhibit several distinct features compared to previous DDoS attacks, we argue that a systematic investigation of traditional DDoS mitigation techniques against browser-based DDoS attacks is needed. Hence, in this survey paper, we introduce browser-based DDoS attacks and examine potential mitigation techniques against such attacks. The aim of this survey is to gain insights into current research on the defense of this attack by analyzing their effectiveness. This survey also discusses various technical challenges that need to be addressed and provides recommendations for future research directions.

分散式阻斷服務攻擊; 基於瀏覽器分散式阻斷攻擊; Distributed Denial of Service; Browser-based DDoS