Slashdot Mirror

← Back to Stories (view on slashdot.org)

Recruiting Friendly Botnets To Counter Bad Botnets

Posted by kdawson on from the was-an-old-lady-who-swallowed-a-fly dept.

holy_calamity writes "New Scientist reports on a University of Washington project aiming to marshal swarms of 'good' computers to take on botnets. Their approach — called Phalanx — uses its distributed network to shield a server from DDoS attacks. Instead of that server being accessed directly, all information must pass through the swarm of 'mailbox' computers, which are swapped around randomly and only pass on information to the shielded server when it requests it. Initially the researchers propose using the servers in networks such as Akamai as mailboxes; ultimately they would like to piggyback the good-botnet functionality onto BitTorrent."

7 of 127 comments (clear)

  1. Re:What kind of mental cripple thinks this shit up by zedlander · · Score: 5, Informative
    From TFA:

    Their system, called Phalanx, uses its own large network of computers
    Chill the flip out, man. They're not taking over your computer.
  2. Re:What kind of mental cripple thinks this shit up by whm · · Score: 4, Informative

    Did you even read the summary?

    It's not an offense, it's a defense. A protected server has all traffic routed to members of large cluster of helper machines (the "good botnet"). The protected server then contacts and collects the content as it is able. Instead of a DDOS attack being able to shovel data down on the target, the data is distributed to the cluster of helper machines. The recipient server then deals with the traffic at a pace it is able.

    The article is short, but it kind of sounds like each node in the "good botnet" is serving as a sort of per-connection proxy to the destination server.

    Maybe that clarifies things a bit?

  3. The same kind of mental cripple who doesn't RTFA? by Len · · Score: 3, Informative

    They are NOT talking about "accessing and carrying out tasks on my machine without my express permission."

    "Rather than using an ill-gotten botnet, Phalanx would use the large networks of computers which companies currently use to serve massive amounts of content," says team member Colin Dixon.
  4. Re:I've always wondered... by ChenLiWay · · Score: 4, Informative

    It's been done http://en.wikipedia.org/wiki/Welchia with mixed results.

  5. Re:Question by What+Would+NPH+Do · · Score: 3, Informative

    1) How do you detect a DDoS attack? There are various ways. Activity profiling, sequential change point detection, wavelet analysis, etc. Here's a good page on different techniques: http://dsonline.computer.org/portal/site/dsonline/menuitem.6dd2a408dbe4a94be487e0606bcd45f3/index.jsp?&pName=dso_level1_article&TheCat=1001&path=dsonline/2006/01&file=w1spot.xml&
  6. Re:What kind of mental cripple thinks this shit up by Anonymous Coward · · Score: 1, Informative

    From TFA, it looks like Akamai or CoralCDN with HashCash and endpoint-initiated throttling.

    Nice, but I'm failing to see where the "bots" are in this net.

  7. Re:Could we have something like Phalanx@Home? by BrunoUsesBBEdit · · Score: 2, Informative

    Calling it Phalanx is lame. It should be called Legion. Good idea, Legion as in http://www.biblegateway.com/passage/?search=Mark%205:1-10;&version=31;

    All botnets are evil. Things like Folding@Home, Seti@Home, etc. are not botnets.
    --
    The only stable state is the one in which all men are equal before the