Da-Chief
04-23-2008, 09:50
http://i.dslr.net/urls/74/2074.gif (http://www.dslreports.com/shownews/Using-Friendly-Zombies-To-Fight-DDoS-Attacks-93820)
A team at the University of Washington wants to use swarms of "good" computers to neutralize computers that are engaged in DDoS attacks as part of botnets. The system they've developed (dubbed Phalanx (http://www.usenix.org/events/nsdi08/tech/full_papers/dixon/dixon_html/index.html)), uses its own large network of computers to effectively act as a shield surrounding a targeted server. The good computers not only act as a relay that protect the original host from being overloaded, but they also require that computers requesting communication with a server solve a computational puzzle.Each packet requesting to initiate a connection must either carry an authentication token or a solution to a cryptographic puzzle. These provide the burden of proof necessary for a mailbox to allow access to general purpose nonces. Authentication tokens provide support for pre-authenticated connections allowing them to begin with no delay; for example, a popular e-commerce site such as Amazon might provide a cookie to allow quicker access to its web site to its registered users. Cryptographic puzzles provide resource proofs to approximate fair queueing of requests, when no prior relationship exists between source and destination. Authentication tokens are simply a token signed by the server stating that the given client is allowed to contact that server.
Instead of using trojan-infected PCs to fight the good fight, Phalanx would use PCs that have traditionally participated in Content Delivery Networks (http://en.wikipedia.org/wiki/Content_delivery_network) (CDN). This New Scientist (http://technology.newscientist.com/article/dn13753-to-defeat-a-malicious-botnet-build-a-friendly-one.html) report indicates that early tests have proven successful in keeping servers from being overwhelmed.The Washington team simulated an attack by a million-computer botnet on a server connected to a network of 7,200 mailboxes organised by Phalanx. Even when the majority of the mailboxes were under simultaneous attack, the server was not overwhelmed and could still function normally. In principle, simply recruiting more mailbox computers allows Phalanx to deal with any size of botnet, Dixon says.
While CDN computers would form the primary line of defense, a site under attack from a botnet could also recruit its users to help lend additional help. Interestingly, the researchers think that BitTorrent users could be re-formed into community-based botnet defense squads.
read comment(s) (http://www.dslreports.com/shownews/Using-Friendly-Zombies-To-Fight-DDoS-Attacks-93820)
More...
A team at the University of Washington wants to use swarms of "good" computers to neutralize computers that are engaged in DDoS attacks as part of botnets. The system they've developed (dubbed Phalanx (http://www.usenix.org/events/nsdi08/tech/full_papers/dixon/dixon_html/index.html)), uses its own large network of computers to effectively act as a shield surrounding a targeted server. The good computers not only act as a relay that protect the original host from being overloaded, but they also require that computers requesting communication with a server solve a computational puzzle.Each packet requesting to initiate a connection must either carry an authentication token or a solution to a cryptographic puzzle. These provide the burden of proof necessary for a mailbox to allow access to general purpose nonces. Authentication tokens provide support for pre-authenticated connections allowing them to begin with no delay; for example, a popular e-commerce site such as Amazon might provide a cookie to allow quicker access to its web site to its registered users. Cryptographic puzzles provide resource proofs to approximate fair queueing of requests, when no prior relationship exists between source and destination. Authentication tokens are simply a token signed by the server stating that the given client is allowed to contact that server.
Instead of using trojan-infected PCs to fight the good fight, Phalanx would use PCs that have traditionally participated in Content Delivery Networks (http://en.wikipedia.org/wiki/Content_delivery_network) (CDN). This New Scientist (http://technology.newscientist.com/article/dn13753-to-defeat-a-malicious-botnet-build-a-friendly-one.html) report indicates that early tests have proven successful in keeping servers from being overwhelmed.The Washington team simulated an attack by a million-computer botnet on a server connected to a network of 7,200 mailboxes organised by Phalanx. Even when the majority of the mailboxes were under simultaneous attack, the server was not overwhelmed and could still function normally. In principle, simply recruiting more mailbox computers allows Phalanx to deal with any size of botnet, Dixon says.
While CDN computers would form the primary line of defense, a site under attack from a botnet could also recruit its users to help lend additional help. Interestingly, the researchers think that BitTorrent users could be re-formed into community-based botnet defense squads.
read comment(s) (http://www.dslreports.com/shownews/Using-Friendly-Zombies-To-Fight-DDoS-Attacks-93820)
More...