Scroll Top

New blockchain DNS system would put an end to DDoS attacks


Blockchain can help organisations and governments improve the resilience of their operations without compromising security.


On Friday, October 21st the internet – specifically the US west coast and parts of Europe, fell victim to the worlds largest DDoS attack. At the time reports said that nearly half the internet was incapacitated with sites like Twitter, Reddit, Netflix and more not just running slowly, but temporarily shut down.

Although the state of the web looks grim, as the size and frequency of these types of attacks occur there’s a new train of thought emerging that blockchain technology could not just help assuage the impacts of these types of attacks, but that they could prevent them from happening altogether.




Many people think the internet is persistent with multiple points of failure but that’s not true. It, like many other systems relies on a number of key, critical components to keep it running and it’s these points which are increasingly being targeted.

In order for the internet to work effectively – that is, for it to route your request to the right web server, and for it then to get those results back to you in a timely manner – it relies on Domain Name Systems (DNS) and it’s these services which were attacked. And it’s not the first time, or the last time, that this has happened with news emerging that someone – whether that is a group of individuals, or a nation state, trying to cripple the internet by disrupting these services with increasingly large DDoS attacks like those we saw on the 21st.

In the latest attack it’s thought that the actors used massive networks of botnets to attack at a DNS company called Dyn whose clients include a veritable who’s who of internet giants – from Netflix to Twitter, LinkedIn to Salesforce. This is why so many of the more common services that we all take for granted were disrupted.


See also
Google's revolutionary new "Codeless AI" lets non programmers build their own AI's


It’s this centralised architecture that’s the problem for security experts and that presents the opportunity for bad actors because as long as the internet relies on such a concentrated number of services to keep its “core” running smoothly they will always prove to be an easy, attractive target. And, as is the nature with DDoS attacks, which flood a users system with millions, or even billions of requests, unless a company – like Google, for example – has the excess network capacity to manage, or divert them, then these companies will always be playing catch up – and hoping that they aren’t the next to be targeted.

This is where blockchain becomes interesting because unlike today’s “under the covers” centralised systems blockchain is completely distributed and as a consequence it’s much, much harder to attack, let alone take down. So the theory goes that if you can create a blockchain based DNS system – one which is decentralised not centralised – then DDoS attacks become impossible to instigate.

One startup using the blockchain to try to thwart these attacks is Blockstack. Formally OneName, the company is a decentralized DNS working towards a creating a decentralized web. Blockstack wants to remove third parties from managing web servers, databases and ID systems and Blockstack’s engineer Jude Nelson explained how their DNS platform could’ve prevented the October 21st attack.

“By using the Bitcoin blockchain to bind the name to a public key and DNS information, Blockstack allows anyone to register a name while simultaneously ensuring that only the name’s owner can control it,” says Nelson, “if the Dyn attackers wanted to knock websites offline in Blockstack, they would have to attack either the individual sites or attack the blockchain network itself. Even then, all the Dyn attackers could do is slow down name updates,” he added.

Another project similar to the Blockstack vision is a platform called Nebulis, which uses Ethereum under the hood. Creator Philip Saunders initiated the project on EtherCamp and Nebulis is also a decentralized DNS. The difference between the two is that their platform uses IPFS as a replacement for HTTP and utilizes the Ethereum blockchain for DNS capabilities. Saunders hopes to release the project into the “core Ethereum system in Q4 of 2016.”


See also
China's hypersonic missile circled Earth at 21,000mph and smashed its target


Most people, including – but perhaps not surprisingly, John McAfee, believe that the creation of a decentralized internet architecture is the wave of the future – after all, decentralization is essentially one of the internets original cornerstones and increasingly researchers and third parties want to create a system that allows everyone to participate and that can be constantly improved upon rather than todays centralized methods which, in many cases, only serve to bolster monopolistic corporate activities and increase barriers to entry. This means not everyone receives the Internet’s entire benefits.

The up coming Web 2.0 protocol and decentralized internet is creating a buzz among freedom fighters and online activists and there an increasing number of people who are building peer-to-peer environments which are built on significant consensus, one of blockchains best attributes, and incentives. Platforms like GitHubs Dat Project and IPFS create a layer of frameworks that are censorship resistant, and where the content is never held in one location.

Because concepts like Bitcoin, BitTorrent swarms and powerful cryptography exist it is perhaps inevitable that the internet is due for a change.

Related Posts

Leave a comment


Awesome! You're now subscribed.

Pin It on Pinterest

Share This