Blockchain startup, Gladius is developing a platform on the Ethereum blockchain that will utilize the excess bandwidth and redundant computing power of computers across the globe to protect and accelerate websites against DDoS attacks.
The enemy within
In October 2016, some top websites such as Amazon, Twitter, Netflix, Etsy, Github and Spotify were attacked and users could not gain access for some period of time.
One of the biggest DNS companies was also attacked and according to Dyn’s reports, the attack was well planned and executed, coming from tens of millions of IP addresses at the same time. One of the sources of the attack is internet-connected products like printers, DVRs, and appliances, often called the “internet of things”.
In the past few years, victims of the second phase of DDoS attacks (the flooding) have included:
- Internet Relay Chat (IRC) networks.
- Web sites associated with government agencies, such as the NSA, FBI, NASA, Department of Justice, and the Port of Houston in Texas.
- Web sites associated with news organizations, such as Al-Jazeera, CNN, and the New York Times.
- Terrorist-related Websites.
- Web sites associated with opposing sides in political conflicts (e.g., Arab/Israeli, Indian/Pakistani, U.S./China).
- Web hosting sites, such as Rackspace.com and Rackshack.com.
- Online gambling or pornography sites.
In its simplest form, Distributed Denial of Service. DDoS is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.
To combat this, the single system or server must operate at a level that is higher than the incoming attacks. In order words, to be free from the effects of an attack, a platform must run on a higher internet speed and power than the cumulative speed and power of its attackers.
This explains why there have been repeated attacks on websites and exchanges. Apparently, it is a case of “keep running ahead of those chasing you”. Therefore, any slip by these platforms, or better improvement by the attackers would imply a successful attack.
Typical DDoS Attacks
In a typical DDoS attack, the army of the attacker consists of master zombies and slave zombies.
The hosts of both categories are compromised machines that have arisen during the scanning process and are infected by malicious code. The attacker coordinates and orders master zombies and they, in turn, coordinate and trigger slave zombies.
More specifically, the attacker sends an attack command to master zombies and activates all attack processes on those machines, which are in hibernation, waiting for the appropriate command to wake up and start attacking. Then, master zombies, through those processes, send attack commands to slave zombies, ordering them to mount a DDoS attack against the victim. In that way, the agent machines (slave zombies) begin to send a large volume of packets to the victim, flooding its system with useless load and exhausting its resources. This is explained by the figure below:
Millions of steps ahead
The decentralized and unlimited exposure provided by the blockchain is enabling Gladius to create a system that is capable of connecting millions of computers all over the world to work as a team in defending websites and other platforms from DDoS attacks.
The Gladius blockchain platform enables anyone with a highspeed internet connection and spare computing power to join a pool and start accelerating and protecting websites. A Gladius pool consists of a DNS server that returns IP addresses based on geographical location of the client, many high-speed nodes to filter and accelerate traffic, and a final proxy to protect the IP address of the destination server.
Using this architecture enables a potential website to provide static content that is extremely geographically close to the client, while also protecting them by employing traditional DDoS mitigation techniques spread over an extremely fault tolerant network.
Websites can then purchase the power of these pools through a competitive decentralized marketplace ensuring the best prices and the best performance.
The reward of participation
The participating computers in this setup are required to contribute their underutilized bandwidth and redundant power and help protect and accelerate websites throughout the world while make money in the process.
The result of this process is that the Gladius network will make available an infinite power and bandwidth resource that the “bad guys” on the internet will not be able to compete with. Websites and other platforms will be presented with the opportunity to rent such resources through the decentralized Gladius platform, while the contributing participants are appropriately compensated in the process.