Wouldn't a scattering scheme do the job? If a malicious node has chosen a target, then move the target.
Maybe the following scheme for scattering would work (condition -> something is triggered saying "hey, loadsa requests"): * duplicate target to two new nodes * (perhaps) delete target in current node ----- Original Message ----- From: "Tavin Cole" <[email protected]> To: <devl at freenetproject.org> Sent: Thursday, June 07, 2001 9:38 PM Subject: Re: [freenet-devl] Freenet DOS defense strategy??? > On Thu, Jun 07, 2001 at 12:52:00PM -0700, coderman wrote: > > Tavin Cole wrote: > > > > > > On Thu, Jun 07, 2001 at 10:09:18AM -0700, Ian Clarke wrote: > > > > On Thu, Jun 07, 2001 at 12:52:37PM -0400, Tavin Cole wrote: > > > > > I have a new suggestion for this: just count the number of hits on each key > > > > > and call that P, and whenever P reaches a certain limit, delete the key. > > > > > > > > Er - I am probably misunderstanding you, but wouldn't this create a > > > > trivial attack for removing particular keys from Freenet? Simply hammer > > > > nodes with requests until they drop the key you are requesting... > > > > > > The idea is that once every several hundred or several thousand requests, > > > the node will pass the request upstream, but the chances of 2 nodes dropping > > > it at the same time will be very small. > > > > > > Once it is passed upstream the node will no longer be queried (at least from that > > direction) right? So if you delete a datum after so many requests, it is trivial for a > > specific node to force that data out of the data store. It simply progresses from one > > node to the next, until it is gone completely (i.e. the malicious node is assumed to have > > this upstream copy, when in fact, it has been performing the requests to force the data > > out of store). > > > > Perhaps I am misunderstanding, but this would appear to be a major vulnerability. > > No, there is no reason why the first node wouldn't continue servicing requests > for the key. It wouldn't drop out one-by-one up a chain, instead each node in the > chain would periodically drop and regain it at a different frequency. > > -- > > # tavin cole > # > # "Technology is a way of organizing the universe so that > # man doesn't have to experience it." > # > # - Max Frisch > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://lists.freenetproject.org/mailman/listinfo/devl _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
