CC攻击防御产品介绍
CC攻击(Challenge Collapsar)是分布式拒绝服务(DDoS)攻击的一种类型,通常情况下指应用层攻击(Application Layer Attack)。通过控制某些主机向目标网络服务器不停地发送伪造的HTTP/HTTPS请求,比如频繁请求一个需要消耗大量服务器资源的搜索页面或者登录页面,以消耗服务器的资源或网络带宽,导致网站响应变慢,无法处理正常用户的访问请求。
With traditional network layersDDoS攻击不同,CC攻击更加隐蔽,因为它模仿的是正常的用户请求。为了提升网站业务安全性,速盾CDN系统提供了浏览器指纹模块产品用于防御CC攻击。
Browser Fingerprint Technology: Principle, Application and Protection
What is a browser fingerprint?
Browser Fingerprint is a network tracking technology that collects the hardware information, software configuration, and network parameters of a user's browser to generate a fingerprint
The unique "fingerprint" identifier can still be identified and tracked, even if the user clears the cookie or uses the private browsing mode.
The technical principle of browser fingerprinting
1. Dimensions of data collection
Browser fingerprints collect user information through the following multiple dimensions:
User-Agent: browser version, operating system, device type
Hardware information: CPU core number, GPU parameters, memory size, screen definition
Font list: System installed font information
Plugin information: Installed browser plug-ins and extensions
Time zone and language: the user's localized configuration
WebGL fingerprinting: details on GPU and graphics drivers
Canvas fingerprinting: Identify rendering differences by drawing specific images
Network Information: Internet Protocol Address, ISP, Connection Speed
Timestamp: client side and server time difference
2. Fingerprint generation process
Data collection → feature extraction → hash calculation → unique identifier
By collecting the above multi-dimensional data and using hashing algorithms (e.g. MD5, SHA-256) to calculate, a relatively stable unique device identifier is obtained.防护策略启用浏览器指纹防护规则动作后,将会在HTTP报文的Header中植入Cookie用于获取客户端浏览器的指纹信息,当访问流量命中浏览器指纹规则后,CDN系统将对客户端发起挑战探测,并结合浏览器的指纹统计信息判断客户端是否有异常,识别异常客户端的CC攻击行为。
As shown in the figure:
