Digital Currency Revolution Series: Travala.com Partners With Expedia Group For Cryptocurrency-Based Travel Booking
Regulatory Series On Cryptocurrencies: US-SEC’s Finhub To Organize Virtual Meet-Ups Amid Pandemic Covid-19
Crypto-Technicals: Bitcoin Flirts Shy Of $10k As bears Drifts In Sideways After Hanging Man – Trading & Hedging Setup
Digital Currency Revolution Series: Bakkt And Galaxy Digital Collaboration For Bitcoin Trading & Custody Services For Institutions
Digital Currency/Stablecoin/Tokenization Series: Crypto Garage Launches Yen-Pegged Stablecoin On ‘SETTLENET’
Digital Currency Revolution Series: Gemini Designates Ex-Goldman Sachs Executive As MD For APAC Region
Cryptocurrency Derivatives Series: Bitcoin Flirts With Technical Supports & Drifts In Sideways, Uphold Long Hedges
Regulatory Series on Cryptocurrencies: US SEC Hammers Lobbyist CEO of AML Bitcoin With Fraudulent ICO Project
New cryptocurrency ‘DDoSCoin’ incentivizes users for participating in DDoS attacks
The number of Distributed Denial of Service (DDoS) attacks, which tries to make an online service unavailable by flooding it with traffic from multiple sources, has been rising at an alarming rate.
In a new research paper, Eric Wustrow, University of Colorado Boulder, and Benjamin VanderSloot, University of Michigan, have put forward the concept of DDoSCoin – a cryptocurrency with a ‘malicious’ proof-of-work (“Proof-of-DDoS”).
“DDoSCoin allows miners to prove that they have contributed to a distributed denial of service attack against specific target servers”, the paper says.
Presented at the Usenix 2016 security conference, the researchers explain the DDoSCoin system which enables miners to select the victim servers by consensus using a proof-of-stake protocol. The authors note that although the malicious proof-of-DDoS only works against websites that support TLS 1.2 (Transport Layer Security), as of April 2016, over 56% of the Alexa top million websites support this version of TLS.
By design, miners are incentivized to send and receive large amounts of network traffic to and from the target in order to produce a valid proof-of-work. These proofs can be inexpensively verified by others, and the original miner can collect a reward. This reward can be sold for other currencies, including Bitcoin or even traditional currencies, allowing botnet owners and other attacks to directly collect revenue for their assistance in a decentralized DDoS attack.
Wustrow told Motherboard that something like DDoSCoin could encourage hacktivists to use the system to incentivize others to perform attacks on their behalf.
"However, it's probably still easier and more effective to just pay a 'reputable' botnet to do this for you,” he said. “On the other hand, something similar to DDoSCoin might lower the barrier to collecting rewards for DoS attacks, ultimately driving down the cost for hacktivist consumers.”
The researchers admit that the paper introduces an idea that could be used to incentivize malicious behavior. To that end, they say that in demonstrating the proof-of-concept and evaluating proof-of-DDoS code, they have only “attacked” websites they have ownership and authority over. They emphasize that they are not publishing a working altcoin that uses this proof-of-DDoS, but rather a conceptual description of one.