Have a question? Want to advertise? Something else? Contact us: [email protected]

From the Front Page

Categories: General

Proof of Work is Kryptonite for DDoSers

Published on October 2nd, 2013 by michael

by Michael Magan

[caption id="attachment_1236" align="alignright" width="300"]Image credit: Flickr Image credit: Flickr[/caption] Due in large part to media interest,  Bitcoin saw a huge price surge in March from around $70 to $260- all within less than one month. These days the Mt.Gox price is much lower, and this is largely due to the Distributed Denial of Service (DDoS) attack that left the market in a tail spin after the surge.  Values reached a low of about $50 before recovering to a relatively stable price of around $100 for the months since. Many observers of the Bitcoin economy blamed the loss of confidence in the market on new adopters that were not used to the highly-technical nature of cryptocurrencies. Although this theory is unsubstantiated, there is evidence that there may have been subsequent DDoS attacks that lead to almost no price change even after the volatility in early April. For now- while the vast majority of Bitcoin's users are tech-savvy enthusiasts- we can be lax about DDoS attacks, but in the future, when there are more waves of new users, exchanges and other Bitcoin institutions needs to be prepared for these types of attacks. Thankfully the Bitcoin community can look to Bitcoin's main protocols for answers to this problem. DDoS attacks are when malicious hackers try to overload servers with illegitimate requests; Proof of Work is an excellent tool to differentiate between good and bad traffic. Proof of Work (PoW) is an easy way for sites to discriminate real traffic from attacks.  Typically, unscrupulous hackers try to manipulate price of Bitcoin via DDoS attacks on exchanges for dishonest gain.  Implementation of a PoW system would make the illegitimate site traffic of hackers more costly to them. For a user to prove themselves as being legitimate, their computer must perform a certain amount of work. This work can be likened to sending out a puzzle of varying difficulty to all users, even the illegitimate users. The server can verify whether the user exerted a certain amount of computing power to solve the puzzle. The opportunity cost of completing the puzzle is higher for illegitimate users, since they must use vastly more computing power to have a functional DDoS attack, they profitability of such an attack is significantly reduced. Since there is little financial incentive to attack most websites, typically these websites only require users to just request information to service them. On the other hand; for exchanges, after a surge in price especially, there is a large economic incentive for dishonest hackers to manipulate the market through scaring new users with DDoS attacks. If exchanges implemented PoW regimes that increase in difficulty under load times, this problems can be substantially reduced if not entirely averted. This PoW scheme would increase in difficulty when load capacity of a website is being reached and users would receive a warning message such as:
“We are currently reaching our servers limit. To make sure that our service is not interrupted we are requesting that all users submit PoW to prove they are legitimate requests. Sorry for any inconvenience to legitimate users.”
This type of warning message might be an inconvenience for new and old users but would spell doom for botnets trying to manipulate the market. For the regular user this might mean that it takes longer for their trades to go through and make their experience slower when the exchange is under attack. This may seem frustrating for some users, but the alternative is the whole exchange crashing and no trades going through for an unpredictable length of time. In the future, PoW could increase confidence in the institutions of the Bitcoin economy- especially for new non-technical entrants. While also reducing the volatility of the market for power users, PoW may prove unnecessary in the future when exchanges have dedicated super-computers and software that can handle virtually unlimited requests.  But, until then, we need them to take precautions. In this primordial market PoW will do the trick until the infrastructure catches up with the demand.

Want to Stay Ahead of the Curve? Order your Video Pass to the Crypto Currency Conference Today!

Views: 1,715


Make sure to make use of the "downvote" button for any spammy posts, and the "upvote" feature for interesting conversation. Be excellent.

comments powered by Disqus