The new role of blockchain technology in the development of the Internet of Things: defending against DDoS attacks

With the arrival of next-generation “distributed consensus” algorithms that combine security and performance, enterprise organizations, even those leveraging IoT devices, have become able to defend against DDoS attacks.

On October 21, 2016, a new type of rogue software weapon called Mirai botnet launched a fierce DDoS attack on DNS service provider Dyn, causing serious problems in accessing many websites, including many European and American websites: Twitter, The Guardian, Netflix, Reddit, CNN, etc.

The Mirai botnet is very special, as it is largely composed of IoT devices and DVR players. Since the botnet itself has a wide selection of Internet-connected devices, the attack of Mirai is much more aggressive than previous DDoS attacks. Dyn estimates that the attack involved 100,000 malicious terminals with a rate of 1.2Tbps. In comparison, the intensity of the attack on October 21 is twice that of any similar attack in the past.

Since then, Mirai's source code has been made public in hacker forums, and this technique has now been adopted by other malware projects. In addition, cyber threat actors will learn techniques like Mirai faster, so we may see these attacks more frequently in the future. When there is a situation like the botnet attacking the DNS system, the company's servers and traditional DDoS defense methods are far from enough.

It is difficult to defend against a large group of attackers attacking a single target. Therefore, we must find a corresponding solution. Assuming that we have multiple protected targets, the attacker has to disperse its strength, and the strength of each group is not as strong as the original whole. Distributed consensus technology can replace the central server, so it is impossible for an attacker to achieve his goal by attacking a single target unless he successfully attacks at least one-third of the network nodes.

Distributed consensus algorithms (such as blockchain and hashgraph) can ensure the security of collaboration between community members who do not know or trust each other, without the need for third-party guarantees. In other words, it does not require a central server to enable the operation of many development participants and applications under the general goal to be effectively executed. Each member of the community runs a local copy of the application. The consensus algorithm ensures that all instances of the application can accurately reflect the changes of all members of the community, while ensuring that no member can commit fraud.

There are currently two types of consensus technologies to choose from:

1) Public networks, such as Bitcoin and Ethereum, which require proof of work and suffer from poor performance and inefficiency.

2) Private permissioned solutions, such as HyperLedger Fabric, and Bitcoin or Ethereum that do not require proof of work. (In this case, network nodes take turns processing a certain portion of transactions.)

In terms of transaction throughput and transaction latency under consensus, public networks are more secure but have poorer performance because it takes time for transaction participants to determine the order of transactions and reach consensus. This shortcoming of the technology greatly limits its practical application. For example, the Bitcoin blockchain can process 7 transactions per second, but it takes community members 1 hour to decide the order of these transactions. Currently, there are not many applications that can use databases with these performance.

Some users choose to reduce the security requirements of the distributed consensus algorithm and limit the use of the algorithm to a dedicated network of trusted participants. This greatly improves performance and achieves a very short time to reach a transaction consensus, but it comes at the expense of security. If a single network member is compromised, the attacker can disrupt the entire network transaction by launching a DoS attack.

A new distributed consensus model from a variety of vendors, including Swirlds, offers a third option: an algorithm that combines high security with high performance. For many applications, this combination can effectively resist DDoS attacks, even those that exploit IoT devices.

To illustrate this point, let's think about today's popular online game, World of Warcraft (WoW). The current game system has a central server that ensures that all players exist in a common world and cannot cheat. However, when a DDoS attack is launched on the server, it will disrupt everyone's game progress. In addition, the presence of malicious insiders or remote attackers can also undermine the integrity and availability of the game.

The distributed version of WoW can provide a layer of defense against this type of attack. Under this distributed technology, each player is a node in the network, and the consensus technology ensures that the players have a common "world view" and prevents cheating. It effectively resists attacks on the central server. DDoS attacks may destroy the game system of a few players, but other players will not be affected and can continue to use it.

The Bitcoin blockchain introduced us to the model of modern distributed consensus, but it is far from enough. The emerging next-generation distributed consensus technology will provide us with a dual combination of performance and security. I believe that we will eventually form a brand new DDoS defense system, and eventually every industry will have networked distributed applications, which will fundamentally achieve Internet security.

Mance Harmon is the co-founder and CEO of Swirlds and an experienced entrepreneur with over 20 years of strategic leadership experience working in multinational corporations, government agencies and high-tech startups.

For more information, please see the special topic [Blockchain and Internet of Things]