1
DDOS20135DDOS
VLC DDoS Logstalgia
3Mobile
2012PC
4
20125
googleandorid botnet1790000android
AppsDDoS
Apps
6Android.DDoS.1.origin
12Doctor WebAndroid.DDoS.1.originAndroidGoogle Play
Command and Control)
Doctor Web
7MDK
2012100
MDK
APP71532011
8AnDosid
AnDOSidDOS(http post,dDOS
McAfeeLow Orbit Ion Cannon(LOIC)DDoSAndroidAnonymous
AndroidAndroid DDoSAndroid
9 DDOSIDS/IPSACLIptablesSYN-cookieIDS
IPSDDOSIDSDDOSIDSDDoSIDS
ACLAccess Control List,ACLACLDDOShttp
Iptablesiptablesip
Syn-cookie:SYN CookieTCPSYN FloodTCPTCP SYNTCP
SYN+ACKSYNcookieTCP ACKTCPcookieTCP ACKTCP
10 DDOSJSCDNWAFCDNCDNcdnddos
WAFWeb Application FirewallwafddosIDS iPS0dayNginx
ipip
11DDOS
ddospc
ddos12IPISPIP
ddosipddosipipip
13JSnative app
APPNative APP
ddosjsNativeappjsjs14ddosISPIDCDDoS
google apple microsoft
androidgoogle
15
cookie
IPGeo IP80 / 20
Ddos
ddosddos(0day)
ddosddos
native apphttpcookiecookie
ipip802080%20%ipip16
THE END
Thanks!
Collect & Filter == Detect & Challenge ===Learn &
Fight back17
![Worm DDos Spam - SecurityCN.net · CNCERT/CC CNCERT/CC CNCERTCC_TR_2005-001(Draft) Worm DDos Spam Phishing Spyware Botnet [1] Bot DDos DDos Bot: ±Robo Bot](https://img.dokumen.tips/doc/110x75/5c040e7609d3f203258dac36/worm-ddos-spam-cncertcc-cncertcc-cncertcctr2005-001draft-worm-ddos-spam.jpg)
