2023年第4四半期DDoS脅威レポート

1. DoS (Denial of Service) and DDoS (Distributed Denial of Service): These are attacks where the attacker tries to make a machine or network resource unavailable for its intended users by overwhelming it with traffic from multiple sources. The difference between DoS and DDoS is that in DoS, the attacker uses their own resources, while in DDoS, the attacker leverages multiple compromised systems to launch an attack. 2. Ping Flood: A ping flood is a type of denial-of-service (DoS) attack where an attacker sends large amounts of ICMP Echo Request packets to overwhelm the victim's network, causing it to become unresponsive or crash. 3. Smurf Attack: This is a distributed denial-of-service (DDoS) attack that exploits vulnerabilities in the ICMP protocol by sending large amounts of spoofed ICMP packets to broadcast addresses within a targeted network, causing all machines on that network to respond to each packet and overwhelming the victim's network. 4. Fraggle Attack: Similar to a Smurf attack, but instead using UDP (User Datagram Protocol) traffic instead of ICMP packets. The attacker sends large amounts of spoofed UDP packets with random source ports to broadcast addresses within a targeted network, causing all machines on that network to respond and overwhelm the victim's network. 5. SYN Flood: A type of denial-of-service (DoS) attack where an attacker sends large numbers of SYN (synchronization) packets with spoofed source IP addresses to a targeted server, causing it to allocate resources for each connection attempt and leaving none available for legitimate users. 6. Slowloris: This is another type of denial-of-service (DoS) attack where an attacker opens multiple connections to a targeted web server but sends only partial HTTP headers at irregular intervals, preventing the server from closing those connections and eventually leading to resource exhaustion and Denial of Service. 7. Amplification Attack: An amplification attack is a form of Distributed Denial-of-Service (DDoS) attack where an attacker sends spoofed requests to multiple reflection points, causing them to respond with large traffic packets directed at the victim's network or server, overwhelming its resources and causing Denial of Service. 8. NTP Amplification Attack: This is a specific type of amplification attack that exploits vulnerabilities in Network Time (NTP) protocol bypassing firewall rules, making it even more challenging for victims to recover from.``` SUMMARY: