[e2e] new network architecture idea -

Christian Huitema huitema at windows.microsoft.com
Mon May 22 00:16:24 PDT 2006

Well, you trade DDOS for the sibyl attack. The problem is that in most
P2P systems there is little "barrier to entry". Each zombie can manifest
itself as multiple nodes, virtual nodes if you want. They can
potentially have enough virtual nodes to represent 1/3rd of the
population. If you don't believe that's possible, consider that 70% of
e-mail is spam...

> swarming systems also have a variety of mechanisms built into the
> analogy
> of a "routing" substrate, that match incentives for download/receiver,
> versus forwarding
> which make it hard for a zombie farm to dent the system unless there
> a significant fraction of nodes subverted (significant being >33% or
> typically depending on the algorithm) - frankily,m a system with 1/3
> more nodes subverted is
> so badly infiltrated that I have no idea what the bad guys are still
> in it:)
> the other thing with swarms is that not only is hard to overload the
> (as it isn't a _point_ service)
> but its also hard to do topological attacks
> packet swarming - an idea whose time has comefrom...
> In missive <70C6EFCDFC8AAD418EF7063CD132D064BA0671 at WIN-MSG-
> 21.wingroup.windeploy.ntdev.microsoft.com>, "Christian Huitema" typed:
>  >>> When things go wrong (black holes, DDoS, ..., even spam and the
>  >>> blogosphere) is when activities are "sender driven" without
> for
>  >>> the wishes or needs of the receivers.
>  >>
>  >>You can definitely accomplish a receiver driven DDOS. Assume a
>  >>band of zombies, and instruct them to all receive a large set of
>  >>pages from the target server. Pretty soon, the server's sending
> capacity
>  >>will be saturated. Voila, receiver driven DDOS.
>  >>
>  >>In Jon's proposal, the principle that prevent's DOS is swarming.
>  >>Swarming allows the data to be served from any valid copy, not just
>  >>initial publisher. In my example, if swarming worked, each zombie
>  >>become a potential surrogate for the server, and the server's
>  >>would remain available. I suspect however that the zombies may try
>  >>not fully cooperate with the swarming...
>  >>
>  >>-- Christian Huitema
>  cheers
>    jon

More information about the end2end-interest mailing list