Printed from www.pcpro.co.uk
Good botnets to take on the bad boys
Posted on 23 Apr 2008 at 08:56
Researchers at the University of Washington have come up with a novel way of combating botnets - beating them at their own game.
The university's Phalanx system uses a swarm of good computers to battle the infected machines, ensuring that only a small proportion of the attacking machines can ever affect a server.
Botnets are commonly used to create denial of service attacks, crippling websites by flooding them with requests for information. Phalanx aims to stop the majority of those requests getting through, by using a network of computers to create a shield around the server.
Rather than the server being queried directly, all information must pass through so-called "mailbox" computers. "Phalanx makes only the modest assumption that the aggregate capacity of the swarm exceeds that of the botnet," writes the university's Colin Dixon and Thomas Anderson, in paper explaining the Phalanx concept.
"A client communicating with a destination bounces its packets through a random sequence of end-host mailboxes; because an attacker doesn't know the sequence, they can disrupt at most only a fraction of the traffic, even for end-hosts with low bandwidth access links."
The Phalanx system can also demand that the incoming computer solves a cryptographic puzzle before being granted access to the server. A zombie computer sending multiple requests to the server will soon be grounded by the computational requirements of the puzzle, while genuine single attempts will pass through with ease.
The Washington team claim the system can not only be used on corporate networks, but by using home machines too. "As future work, we are exploring modifying a popular BitTorrent client to convert the millions of BitTorrent users into a community-based botnet defence," the paper claims.
"A single large ISP should be able deploy an effective DoS solution for its customers, even from a massive attack, without needing to first reach a global agreement with all or most other ISPs," it adds.
Author: Barry Collins
advertisement
- Microsoft shows courage at Tech-Ed 09
- PowerPoint and Silverlight: a perfect match?
- Why all the fuss over Windows Explorer?
- Your iPhone has a virus? Well it's your fault
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
- Building a better Google
- Beware HP's horrendous printer-driver glitch
- Microsoft debuts free Morro antivirus package
- Getting started with Search Server 2008 Express
advertisement
