virus: Script kiddies, DoS attacks, puzzles and AI

From: rhinoceros (rhinoceros@freemail.gr)
Date: Wed May 14 2003 - 06:24:48 MDT

Next message: Corey A Cook: "virus: Re:Virian Celebration"

Previous message: rhinoceros: "virus: No Klingon interpreters will be hired"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

[rhinoceros]
Just a thought. This article which appeared in New Scientist could have an
interesting implication. The security measures proposed could motivate
hackers to work on a versatile problem solving approach.

http://www.newscientist.com/news/news.jsp?id=ns99993729

Puzzles could block mass computer attacks
NewScientist, 14 May 03

Setting computers a puzzle could thwart a type of mass computer attack
increasingly being used to target websites, say US computer researchers.

Distributed denial of service (DDoS) attacks involve bombarding a web server
with a flood of faked requests. This can prevent legitimate requests
reaching a site and may crash the site's server. The attack is co-ordinated
from thousands of previously hacked computers making very hard to identify
and block the source of an assault.

DDoS attacks have become a popular method of online protest. The Arabic news
organisation Al Jazeera saw its web site brought down after it broadcast and
posted online images of US prisoners of war during the conflict in Iraq.

But forcing computers to solve a puzzle in return for access to a web site
could provide a solution, says XiaoFeng Wang at Carnegie Mellon University
in the US. At the IEEE Symposium on Security and Privacy on Monday, Wang
presented research showing that this technique can control the number of
requests a machine is able send to a site.

This is because the more requests a computer sends, the more time-consuming
puzzles it has to solve, creating a self-limiting feedback loop. Wang also
suggests that the more bandwidth a computer is requesting, the more
difficult a puzzle it should be required to solve.

<snip>

----
This message was posted by rhinoceros to the Virus 2003 board on Church of
Virus BBS.
<http://virus.lucifer.com/bbs/index.php?board=54;action=display;threadid=284
42>
---
To unsubscribe from the Virus list go to <http://www.lucifer.com/cgi-bin/virus-l>

Next message: Corey A Cook: "virus: Re:Virian Celebration"
Previous message: rhinoceros: "virus: No Klingon interpreters will be hired"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Wed May 14 2003 - 08:20:12 MDT