DDoS攻击防御新思考

随着Internet互联网络带宽的增加和多种DDoS工具的不断发布,DDoS拒绝服务攻击的实施越来越容易,DDoS攻击随处可见,人们为克服DDoS攻击进行了大量研究,提出了多种解决方案.本文系统分析了DDoS攻击的原理和攻击思路,从管理和技术两个方面提出一些关于减少DDoS攻击的方法.     

The changing face of protests in the digital age: on occupying cyberspace and Distributed-Denial-of-Services (DDoS) attacks

On 7th January 2013 the Anonymous hacking collective launched a White House petition asking the Obama administration to recognize DDoS¹1. Distributed Denial of Service attacks, thereafter referred to as DDoS attacks as a valid form of protest, similar to the Occupy protests. The ‘Occupy’ movement against financial inequality has become an international protest phenomenon stirring up the debate on the legal responses to acts of civil disobedience. At the same time, online attacks in the form of DDoS are considered by many as the digital counterparts of protesting. While the law generally acknowledges a certain level of protection for protesting as a manifestation of the rights to free speech and free assembly, it is still unclear whether DDoS attacks could qualify as free speech. This paper examines the analogies between offline protests and DDoS attacks, discusses legal responses in both cases and seeks to explore the scope for free speech protection.     

Avoiding the internet of insecure industrial things

Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regulatory perspectives. Legal changes are being ushered by the European Union (EU) Network and Information Security (NIS) Directive 2016 and the General Data Protection Regulation 2016 (GDPR) (both to be enforced from May 2018). We use the case study of the emergent smart energy supply chain to frame, scope out and consolidate the breadth of security concerns at play, and the regulatory responses. We argue the industrial IoT brings four security concerns to the fore, namely: appreciating the shift from offline to online infrastructure; managing temporal dimensions of security; addressing the implementation gap for best practice; and engaging with infrastructural complexity. Our goal is to surface risks and foster dialogue to avoid the emergence of an Internet of Insecure Industrial Things.