Tuesday, November 29, 2016

URL look up is made safe from DOD attacks, with a little knowledge of probability

FRIDAY MORNING IS prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ WIRED.com. For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard.

Distribute URL data entries according to probability of use such that the number of hops from the originating device to the nearest look up is short.  Then, in total, the probability of an innocent user being delayed by DOD attacks is minimized.

Best way to distribute the DNS look up service?

Spare processors in local routers that can spawn a new router with available DNS database functions, a slot for the DNS provider.  Then dynamically distribute DNS information by probability, as in a Huffman tree.

Ultimately, the best bet is to charge a hundreth cent per cycle on the database, and use all of that dough-re-me to buy spare processor as needed.  But that fine tuning requires Smart Card, like just about all the good things to come.

No comments: