Attacks on the Web to be Prevented with a Decentralized Internet?
If you are wondering why recently that access to some of the internet’s largest websites was not available, it was due to to the fact that an essential component of the web browsing, DNS, was under attack by a massive botnet.
DNS (Domain Name Servers) are equivalent to home utilities; no one appreciates them, and they are expected to work around the clock with mass chaos ensuing when they do not, which is exactly what happened on October 21. Functioning as the internet’s phone book, DNS systems allow users to navigate to websites by translating IP addresses to something human readable, the domain name.
The DDoS attack on Dyn, a DNS provider, rendered access to thousands of sites such as Spotify, Reddit, PayPal, Amazon, PSN, impossible or very limited. The attack was reported to occur in three waves: the first wave hitting the US east coast, the second wave hitting the US west coast but reports of internet outage as far as Australia were reported, and the third wave coming from tens of millions of IP addresses simultaneously, Dyn told CNBC. Hackers were able to gain unauthorized access to millions of internet-connected devices such as cameras, refrigerators, toaster ovens, and much more, and then use them to grind DNS servers to a halt.
Like blockchain technology has been able to do so many times in the past, it could provide a possible solution to the poisoning of DNS systems, significantly lowering the amount of internet censorship that occurs such as in China, North Korea, and Russia. Not only that, blockchain technology could reduce access times as well as increase reliability of a DNS system, proving to be more resilient when the next barrage of DDoS attacks surface. Nebulis realizes this and is looking to be the answer to the internet’s fragile state of security.
Built on the Ethereum platform, Nebulis is looking to build a more secure domain system, which also aims to replace the HTTP protocol and geographical IP addresses all in one fell swoop. Utilizing a federated file system, the organization would go from more generic clusters to more specific domains. For example, http://www.google.com would look like “ipfs://home.google.”
The decentralized nature of a blockchain where all users download and maintain a ledger of all transactions further reduces the ability for a similar attack on DNS to work when using the Nebulis.
Traditionally, DNS requests are routed to the server that is physically closest to you or accessing a cache on your machine. If the hacks were all routed to the same server, the effects would have been much more devastating. “Poisoning” the caches is the way that hackers can restrict access to parts of the internet.
Not only would poisoning the cache be a lot more unrealistic if everyone maintained a record of it, reads of these caches are free and instant on the Ethereum blockchain, allowing Nebulis to be a much more efficient solution to DNS under high-traffic situations.
The Nebulis project currently has six people on board, with the publishing of smart contracts to occur by early November. They will also be competing in Ether Camp this year, allowing us to see how much they have progressed since then.