KYC(本人確認)
顧客確認プロセス。
Attack Types: 1. Volumetric (ICMP, UDP). 2. Protocol (SYN Flood, Ping of Death). 3. Application-layer (HTTP GET/POST). Defenses: CDN, WAF, Scrubbing, Anycast, IP Reputation.
graph LR
Center["KYC(本人確認)"]:::main
Pre_compliance["compliance"]:::pre --> Center
click Pre_compliance "/terms/compliance"
Center --> Child_aml["aml"]:::child
click Child_aml "/terms/aml"
Rel_cex["cex"]:::related -.-> Center
click Rel_cex "/terms/cex"
Rel_ring_signatures["ring-signatures"]:::related -.-> Center
click Rel_ring_signatures "/terms/ring-signatures"
Rel_zero_trust["zero-trust"]:::related -.-> Center
click Rel_zero_trust "/terms/zero-trust"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5歳でもわかるように説明
銀行やアプリを使うときに、「あなたは本当に本人ですか?」と身分証明書を見せて確認することです。
🤓 Expert Deep Dive
Technically, DDoS attacks are classified by the OSI layer they target. 'Volumetric' attacks (L3/L4) like UDP Floods or DNS Amplification aim to fill the target's network capacity. 'Protocol' attacks (e.g., SYN Floods) exploit weaknesses in the TCP handshake, filling up the server's 'Connection Tables'. 'Application Layer' attacks (L7), such as HTTP Floods, are more surgical; they mimic real user behavior to exhaust server CPU or RAM by requesting expensive resources like heavy database searches. Mitigation requires a combination of 'Anycast' routing to spread the load, 'Scrubbing Centers' to filter packets, and 'Rate Limiting' to prevent any single source from taking too much capacity. Modern attackers often use 'Multi-vector' attacks, switching between layers to bypass defenses.