[e2e] new network architecture idea -
Jon Crowcroft
Jon.Crowcroft at cl.cam.ac.uk
Sun May 21 23:36:19 PDT 2006
exactly
swarming systems also have a variety of mechanisms built into the swarm analogy
of a "routing" substrate, that match incentives for download/receiver, versus forwarding
which make it hard for a zombie farm to dent the system unless there are
a significant fraction of nodes subverted (significant being >33% or 50%
typically depending on the algorithm) - frankily,m a system with 1/3 or more nodes subverted is
so badly infiltrated that I have no idea what the bad guys are still after in it:)
the other thing with swarms is that not only is hard to overload the swarm (as it isn't a _point_ service)
but its also hard to do topological attacks
packet swarming - an idea whose time has comefrom...
In missive <70C6EFCDFC8AAD418EF7063CD132D064BA0671 at WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com>, "Christian Huitema" typed:
>>> When things go wrong (black holes, DDoS, ..., even spam and the
>>> blogosphere) is when activities are "sender driven" without regard for
>>> the wishes or needs of the receivers.
>>
>>You can definitely accomplish a receiver driven DDOS. Assume a large
>>band of zombies, and instruct them to all receive a large set of large
>>pages from the target server. Pretty soon, the server's sending capacity
>>will be saturated. Voila, receiver driven DDOS.
>>
>>In Jon's proposal, the principle that prevent's DOS is swarming.
>>Swarming allows the data to be served from any valid copy, not just the
>>initial publisher. In my example, if swarming worked, each zombie will
>>become a potential surrogate for the server, and the server's resource
>>would remain available. I suspect however that the zombies may try to
>>not fully cooperate with the swarming...
>>
>>-- Christian Huitema
cheers
jon
More information about the end2end-interest
mailing list