分散式阻斷服務攻擊（Distributed Denial of Service，DDoS）是網路服務提供者都會面臨的問題，這是一種網路攻擊手法，攻擊者藉由大量機器或是殭屍網路對目標機器發起攻擊，迫使網路服務提供者的服務暫時中斷或停止，讓正常用戶無法存取，進而造成服務提供者與使用者在財務與時間上的損失。
大量惡意連線下載就是一種分散式阻斷服務攻擊，攻擊者的目標是受害者的應用層服務、同時也消耗對方的網路頻寬，因為針對應用層服務的攻擊，受害者很難判斷是正常用戶還是攻擊者，如果受害者嘗試要回應所有的請求、可能會造成正常用戶無法正常地使用該服務。
本論文設計一套系統，名為FTP2P，結合Client-Server與Peer-to-Peer架構，利用此系統可以動態建立Client群來分享檔案，讓Server能同時提供服務給更多Client。

Distributed Denial of Service (DDoS) is one kind of network attack, and every network service provider is exposed on this threat. Attackers use many computers or zombie network to launch an attack to victims, and let victims can’t provide their service to normal users. Victims lose their money and reputation because of DDoS attack.
Massive malicious downloads is one kind of DDoS attack. Attacker target victim’s application-level service and consume victim’s bandwidth resource. It’s hard to differentiate attacker’s requests and normal user’s requests because all look same. If the victim tries to respond all of requests, it may cause normal users can’t use the victim’s service normally.
We design a system named FTP2P. This system combines Client-Server and Peer-to-Peer, and this system can solve massive malicious downloads. This system can dynamically create client groups and increase more clients that server can provide service.

[1] Kaspersky Lab. DDoS attacks in Q1 2019 [Online]. Available: https://securelist.com/ddos-report-q1-2019/90792/
[2] Carlos Morales NETSCOUT Arbor Confirms 1.7 Tbps DDoS Attack; The Terabit Attack Era Is Upon Us [Online]. Available:
https://www.netscout.com/blog/asert/netscout-arbor-confirms-17-tbps-ddos-attack-terabit-attack-era
[3] Sam Kottler February 28th DDoS Incident Report [Online]. Available: https://github.blog/2018-03-01-ddos-incident-report/
[4] Yi Xie, Shun-Zheng Yu, "Monitoring the Application-Layer DDoS Attacks for Popular websites", IEEE/ACM Trans on Networking, vol. 17, no. 1, pp. 15-25, Feb 2009.
[5] Garber Lee, "Denial-of-Service Attack Rip the Internet", ACM Computer, vol. 33, no. 4, pp. 12-17, April 2000.
[6] Roy Mark Oregon Man Cops Plea in eBay DDOS Attack [Online]. Available: http://www.internetnews.com/security/article.php/3574101
[7] Jignesh Vania, Arvind Meniya, H. B. Jethva, "A Review on Botnet and Detection Technique", International Journal of Computer Trends and Technology vol.4 Issue 1 2013
[8] E. Alomari, S. Manickam, B. B. Gupta, S. Karuppayah, R. Alfaris, "Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art" International Journal of Computer Applications, vol. 49, no. 7, pp. 24-32, Jul. 2012.
[9] Hoque, N., Bhattacharyya, D., Kalita, J., "Botnet in DDoS attacks: trends and challenges. ", IEEE Commun. Surv. Tutor. 99, 1–1 (2015)
[10] Kolias, C.; Kambourakis, G.; Stavrou, A.; Voas, J. "DDoS in the IoT: Mirai and other botnets. ", Computer. 2017, 50, 80–84.
[11] Harry Halpin The Philosophy of Anonymous [Online]. Available: https://www.radicalphilosophy.com/article/the-philosophy-of-anonymous
[12] T Peng, C Leckie, . K Ramamohanarao, "Survey of Network-based Defense Mechanisms Countering the DoS and DDoS Problems", ACM Computing Surveys, vol. 39, no. 1, April 2007.
[13] A. Studer and A. Perrig. "The Coremelt Attack. ", Proceedings of the European Symposium on Researchin Computer Security (ESORICS), Saint Malo, France,September 2009.
[14] J. Lemon, "Resisting SYN flooding DoS attacks with a SYN cache", Proceedings of USENIX BSDCon'2002, February 2002.
[15] D.J. Bernstein, E. Schenk, "Linux kernel SYN cookies firewall project"
[16] S.w. Shin, K.y. Kim, J.s. Jang, "D-SAT: detecting SYN flooding attack by two-stage statistical approach", Applications and the Internet, 2005
[17] Lim, S.; Ha, J.; Kim, H.; Kim, Y.; Yang, S.: "A SDN-oriented DDoS blocking scheme for botnet-based attacks". Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 63–68. IEEE (2014)
[18] N. Z. Bawany, J. A. Shamsi, and K. Salah, "DDoS attack detection and mitigation using SDN: methods, practices, and solutions", Arabian Journal for Science and Engineering, vol. 42, no. 2, pp. 425–441, 2017.
[19] Python documentation 16.3. thread — Multiple threads of control — [Online]. Available: https://docs.python.org/2/library/thread.html
[20] Python documentation 16.1. select — Waiting for I/O completion [Online]. Available: https://docs.python.org/2/library/select.html
[21] mondain GitHub - mondain/public-stun-list.txt [Online]. Available: https://gist.github.com/mondain/b0ec1cf5f60ae726202e
[22] PyPI pystun [Online]. Available: https://pypi.org/project/pystun/
[23] jtriley. GitHub - jtriley/pystun [Online]. Available: https://github.com/jtriley/pystun
[24] psutil documentation [Online]. Available: https://psutil.readthedocs.io/en/latest/
[25] Python documentation 15.3. time — Time access and conversions [Online]. Available: https://docs.python.org/2/library/time.html
[26] R. Mahy, "Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN)", IETF RFC 5766, 2010