A pair of researchers has developed a cryptocurrency called DDoSCoin that rewards users for participating in distributed denial of service ( DDoS ) attacks. The currency only works when the user’s computer targets a TLS-enabled website. TLS stands for Transport Layer Security, a cryptographic protocol for secure Internet communication. Researchers Eric Wustrow at the University of Colorado Boulder and Benjamin VanderSloot at the University of Michigan published a paper , “DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work” that presents a proof-of-work DDoS currency that allows miners to prove their participation in sending requests to a targeted webserver. The authors said they were not publishing a working altcoin that uses the proof-of-DDoS, but rather a conceptual description of one. Proves Bandwidth to Target Domain Cryptocurrency continuously provides proof-of-work replacements, the paper noted. Providing access to arbitrary resources, however, remains challenging. DDoSCoin provides a way to prove the use of bandwidth to a target domain. The authors noted they hope this concept encourages others to innovate proof-of-resource puzzles. DDoSCoin demonstrates maliciousness inherent to a cryptocurrency’s design, turning the notion of what constitutes a “useful” proof-of-work around. Proof-Of-Work Requires Consensus Proof-of-work DDoS can replace proof-of-work in a cryptocurrency setting if there is a consensus on what victims the attackers want to target. The conceptual altcoin provides such a consensus using two mechanisms: 1) PAY_TO_DDOS, which allows a bounty to be set for targeting a certain domain, and 2) proof-of-stake updates to a list of valid victims. The DDoSCoin proof of work incentivizes miners to send and receive large amounts of traffic to and from the target to produce a valid proof of work. The proofs can be verified easily, and the original miner can claim a reward that can be sold for other currencies. Botnet owners and other attacks can directly collect rewards […]
