News 

The university's Phalanx system uses a swarm of good computers to battle the infected machines, ensuring that only a small proportion of the attacking machines can ever affect a server.

Botnets are commonly used to create denial of service attacks, crippling websites by flooding them with requests for information. Phalanx aims to stop the majority of those requests getting through, by using a network of computers to create a shield around the server.

Rather than the server being queried directly, all information must pass through so-called "mailbox" computers. "Phalanx makes only the modest assumption that the aggregate capacity of the swarm exceeds that of the botnet," writes the university's Colin Dixon

ADVERTISEMENT

and Thomas Anderson, in paper explaining the Phalanx concept.

"A client communicating with a destination bounces its packets through a random sequence of end-host mailboxes; because an attacker doesn't know the sequence, they can disrupt at most only a fraction of the traffic, even for end-hosts with low bandwidth access links."

The Phalanx system can also demand that the incoming computer solves a cryptographic puzzle before being granted access to the server. A zombie computer sending multiple requests to the server will soon be grounded by the computational requirements of the puzzle, while genuine single attempts will pass through with ease.

The Washington team claim the system can not only be used on corporate networks, but by using home machines too. "As future work, we are exploring modifying a popular BitTorrent client to convert the millions of BitTorrent users into a community-based botnet defence," the paper claims.

"A single large ISP should be able deploy an effective DoS solution for its customers, even from a massive attack, without needing to first reach a global agreement with all or most other ISPs," it adds.