According to Arbor Networks’ attack data released on July 19, 2016, an average of 124,000 distributed denial-of-service (DDoS) attacks per week were recorded at that time in 2016, with an average size of 1.1 Gbps – more than enough bandwidth to take down a small business website.
The impact of DDoS attacks continues to grow, with perpetrators now able to push 1 Tbps in traffic. Such incidents can bring down the likes of Dyn, whose infrastructure supports major services such as Amazon, Netflix, Spotify and Twitter.
In terms of cost, the security situation is disproportionately skewed to the advantage of attackers. According to studies, a DDoS attacker can engage botnets for as little as $20, which can result in a few hours of downtime for a small business website. In comparison, however, businesses need to shell out hundreds, if not thousands, of dollars for a monthly subscription to a capable DDoS protection provider.
For example, consider Cloudflare, which offers a $200 starter package for business websites, and this package is only for “peacetime.” In the event of an attack, the cost goes up significantly, depending on the amount of bandwidth that an attacker is actually consuming.
An Outdated Model
Such is the situation in terms of the network security landscape, and this business model has been existent for years. Even with cloud-based models, businesses pay expensive subscription fees for a service that is necessary for business continuity in the face of constant threats. Much like an insurance policy, traditional DDoS protection is a service that is good to have, but one would rather not resort to using.
Even with subscription-based cloud models, this model for DDoS protection would appear to be outdated. Attackers are already leveraging ad hoc networks of bots and zombies that continuously inundate websites attempting to bring them down. To more effectively counter such bandwidth-based attacks, it is necessary to fight fire with fire.
The solution here is bandwidth – more precisely, decentralized bandwidth.
A Bandwidth-Based Approach to DDoS Protection
Blockchains, which are decentralized ledgers for authentication and recordkeeping, have become a viable means to exchange value in the form of cryptocurrency and cryptographic tokens. With smart contracts, blockchains can also carry data and programmatic instructions, both of which are reflected as synchronized, immutable records across all the nodes on its network.
Such a decentralized network can also be used to manage bandwidth and thus deflect DDoS attacks. This is the basic concept behind Gladius, a blockchain-driven start-up that is building a global network of blockchain nodes to prevent malicious DDoS traffic from ever reaching its intended target.
Gladius uses a network of user computers that share their excess bandwidth and computing resources to absorb spikes in traffic. In addition, during the absence of a DDoS attack, this network of nodes acts as a content delivery network (CDN), caching web content such as videos, images, scripts and other media to speed up website loading.
A Blockchain-Based Economic Model
Blockchains have already been proven to be useful in exchanging value in the form of cryptocurrencies such as Bitcoin and Ether. With Gladius, the users who offer their resources as nodes are also paid for their services through cryptographic tokens. All these services are paid on a per-use basis, which means websites that require only minimal excess bandwidth will pay a small amount, which will increase only as more bandwidth is consumed.
Thus, it is a win-win situation for participants in the network and subscribers who need DDoS protection and website optimization through a CDN.
This approach is similar to the one that start-ups use in an attempt to disrupt the email and instant messaging business, while at the same time dealing with messaging spam.
For instance, 21 has sought to do away with centralized servers for email exchange, thereby taking away the potential single point of failure that is often the security nightmare of any communication service.
In addition, 21 also incentivizes users to read their email messages. The platform gives out cryptocurrency rewards when users interact via email by actions such as sending responses, answering surveys or correctly answering trivia questions. This approach helps reduce or eliminate spam altogether, and it also creates an opportunity for marketers to more effectively use their email spend – rather than blindly spend for newsletter campaigns or cold-call emails, they get direct feedback from users, who also get the benefit of their own share of micro-payments.
Messaging systems that run off the blockchain are inherently secure, which is why even the United States military, through the Defense Advanced Research Projects Agency (DARPA), is also looking into ways to leverage the blockchain for secure and decentralized messaging.
Other messaging applications such as Kik leverage an ecosystem wherein their own cryptographic tokens are used as currency for exchanging goods, services and value across the network. In all these applications, the value exchange and smart contract mechanism of blockchains make it possible to run the decentralized network without central intervention, and again, without the risk of a central server falling victim to attackers and inefficiencies.
Blockchains are disrupting the way business is done across industries, and the internet’s own infrastructure is soon due for innovation through this decentralized peer-to-peer technology. Time will tell, however, which particular innovations will have a longer term impact on internet users, whether they are individuals or businesses. When it comes to security, however, decentralizing consensus and incentivizing positive contributions can help in ensuring a robust, secure, optimized network.