DDoS Coin - theoretical cryptocurrency backed by DDoS-attacks - Polidicks

[quote]With DDoSCoin miners cryptocurrency can prove their participation in DDoS-attacks. Associate Professor of the University of Colorado Vustrou Eric (Eric Wustrow) and graduate student at Michigan State University Vanderslut Benjamin (Benjamin VanderSloot) have published a very interesting report entitled «DDoSCoin: cryptocurrency using the principle of proof of performance with the malicious purpose» (DDoSCoin: Cryptocurrency with a Malicious Proof-of- Work). Proof of performance (Proof-of-work) - the principle of the protection systems against abuse of services (eg, DoS-attacks, and spam), based on the need to implement the requesting party challenging enough, the result of which is easily and quickly verified by the other party.[/quote] (translated from Russian using Google Translate) source: [url]http://www.securitylab.ru/news/483372.php[/url] [quote]In this paper, we present DDoSCoin, which is a cryptocurrency with a malicious proof-of-work. DDoSCoin allows miners to prove that they have contributed to a distributed denial of service attack against specific target servers. This proof involves making a large number of TLS connections to a target server, and using cryptographic responses to prove that a large number of connections has been made. Like proof-of-work puzzles, these proofs are inexpensive to verify, and can be made arbitrarily difficult to solve.[/quote] source: [url]https://www.usenix.org/conference/woot16/workshop-program/presentation/wustrow[/url] (when will we see the first DarkRP server with an economy based upon DDoS Coin?)

uh. what. Couldn't this be used as a tool to target DDoSers or is that the point?

some men just want to watch the world burn

[QUOTE=BlackMageMari;50885708]uh. what. Couldn't this be used as a tool to target DDoSers or is that the point?[/QUOTE] No the point is its just a research paper so its only hypothetical. But basically bad actor decides to target "xyz server" and solicits an attack from the network--users then direct their connections to packet the shit out of "xyz server" and somehow provide proof of having done so. [editline]14th August 2016[/editline] [QUOTE=Mastermind of42;50885710]some men just want to watch the world burn[/QUOTE] It's an "offensive paper". i.e. one designed pretty much solely to solicit a reaction out of academic types and the like. [media]https://twitter.com/yossioren/status/763059955217764352[/media] Also if you Google the name a bit you'll see that a bunch of people have had the exact same idea a few years back but it has never been put into practice.

[QUOTE=BlackMageMari;50885708]uh. what. Couldn't this be used as a tool to target DDoSers or is that the point?[/QUOTE] I'm not keen on the details but you probably can't prove whether a person is a DDoS'er or trader if they have the currency.

[QUOTE=Mastermind of42;50885725]I'm not keen on the details but you probably can't prove whether a person is a DDoS'er or trader if they have the currency.[/QUOTE] That and IIRC most sources of DDoS attacks are compromised computers. For instance the Citadel botnet which was shut down by the FBI / Microsoft involved as many as 5 million computers (source: [url]http://www.eweek.com/security/microsoft-fbi-shutter-citadel-botnets-seeking-to-end-500m-crime-spree[/url])

[QUOTE=gawkermedia;50885711]No the point is its just a research paper so its only hypothetical. But basically bad actor decides to target "xyz server" and solicits an attack from the network--users then direct their connections to packet the shit out of "xyz server" and somehow provide proof of having done so. [editline]14th August 2016[/editline] It's an "offensive paper". i.e. one designed pretty much solely to solicit a reaction out of academic types and the like. [media]https://twitter.com/yossioren/status/763059955217764352[/media] Also if you Google the name a bit you'll see that a bunch of people have had the exact same idea a few years back but it has never been put into practice.[/QUOTE] Well I learned something new. By 'offensive' they mean it's supposed to cause people to question the ideas in it rather than cause confusion or anger? As for the idea itself, I'm pretty sure it'd cause a hell of a lot more DDoS attacks and that might result in more restrictive security measures. It could also lead to increased education however. But I'm pretty sure if someone put this into practice people would refuse to buy this type of coin, like shopkeepers would refuse to buy proven stolen goods.

[QUOTE=BlackMageMari;50885748]Well I learned something new. By 'offensive' they mean it's supposed to cause people to question the ideas in it rather than cause confusion or anger? As for the idea itself, I'm pretty sure it'd cause a hell of a lot more DDoS attacks and that might result in more restrictive security measures. It could also lead to increased education however. But I'm pretty sure if someone put this into practice people would refuse to buy this type of coin, like shopkeepers would refuse to buy proven stolen goods.[/QUOTE] Probably part offensive and part research based. I took a gander at the whitepaper and it had this to say: [quote]"Cryptocurrency innovation continues to produce new and useful proof-of-work replacements. Still, proving access to arbitrary resources remains a difficult challenge. In this direction, DDoSCoin delivers a novel technique for proving the use of bandwidth to a (potentially unwilling) target domain. We hope that this work encourages others to discover and innovate on novel proof-of-resource puzzles"[/quote] source: [url]https://www.usenix.org/system/files/conference/woot16/woot16-paper-wustrow.pdf[/url] So I guess there is some potential that this could be used for positive things.

Weren't you permad? I'm never going to understand why people are spending so much time trying to make new cryptocurrencies.

[QUOTE=paul simon;50885885]Weren't you permad? I'm never going to understand why people are spending so much time trying to make new cryptocurrencies.[/QUOTE] Maybe it has something to do with like money or something? [quote]Market Cap: $11,322,019,793 / 24h Vol: $92,084,256 / BTC Dominance: 79.7%[/quote] [url]https://coinmarketcap.com/[/url] Like maybe there are people out there who are like "hey I could do some programming and make money from it?!". Nah probably not.

[QUOTE=gawkermedia;50885907]Maybe it has something to do with like money or something? [url]https://coinmarketcap.com/[/url] Like maybe there are people out there who are like "hey I could do some programming and make money from it?!". Nah probably not.[/QUOTE] It seems to me it's well saturated already. We don't need 50 more cryptocurrencies, right.

[QUOTE=paul simon;50885929]It seems to me it's well saturated already. We don't need 50 more cryptocurrencies, right.[/QUOTE] If people weren't making money from it then they wouldn't be shoveling them out the door. There are people out there who will invest in pretty much anything they see. The wrong way to see it is "there are too many cryptocurrencies" Its more like its a 21st century version of the stock market; there are differing ideas/projects etc that you can invest in. Without paperwork. Easily. And yeah, every now and then (rarely) people do invest in the right thing every now and then and make a shit ton.

So basically people get paid in cryptocurrency to help DDoS other people?

[I]Invest. Heavily.[/I]

What, this is the stupidest idea I ever heard

so like a currency that is generated durring the attack which presumably could then be exchanged for a payout in other currency later on and because of the nature of it, anyone could contribute to the attack just to make money it is a terrible idea in practice to monitize the destruction and disruption of the internet but then its just hypothetical since nobody would honestly payout after the attack since they have no incentive to do so

[QUOTE=Intoxicated Spy;50886498]What, this is the stupidest idea I ever heard[/QUOTE] It's not being presented as something that someone should actually [i]do[/i], so much as a paper regarding the fact that it's possible to do it with the goal of getting people thinking about the implications of such a thing coming to exist in the near future.

This just seems like it'll end up as another reason for people who don't use, have no need for and/or simply don't like cryptocurrencies to throw them under the bus because now there are "maliciously created" cryptocoins. It'll just create a bigger PR problem for everyone involved if people start thinking "DDoS attacks" when they think "cryptocurrencies". Really neat idea, it'd just be kind of terrible to have around in general.