Gladius Brings Distributed Defense to DDoS

You can either build dozens of data centers or you can harness millions of volunteer clients to deal with DDoS. Which one would you choose?

Andy Patrizio, Technology Journalist

November 7, 2017

4 Min Read

Distributed Denial of Service (DDoS) attacks are a constant nuisance, mostly because they are so easy to initiate. There are tools on the dark web that make it easy for anyone with a grudge to cause some real havoc. Hackers can even repurpose legitimate "penetration testing" services in executing this type of attack.

Unfortunately, it's not only a nuisance, but it also comes with costs. For a large enterprise, the average cost from addressing a DDoS attack is $250,000 per hour.

The solution up to now has been to throw bandwidth at the problem -– distribute the traffic load so far and wide, such that there is no single point of vulnerability. For example, the content delivery network (CDN) giant Cloudflare operates 118 data centers around the world to help avoid a single choke point.

A startup called Gladius thinks it has an alternative. Rather than build out (or co-locate in) data centers, it lets individuals share the spare bandwidth they have at their own home connections, thus turning every desktop or laptop computer into a distribution node.

End users simply download and install the Gladius client, which then uses spare compute cycles and bandwidth to help distribute content through a decentralized CDN. Files are then cached on their computers for faster delivery to web clients who are closer to their geographic location than the main server. And when a DDoS attack occurs, traffic can then be distributed to the thousands and thousands of user nodes across the globe.

Gladius has significant similarities to BitTorrent in the way it operates. With BitTorrent, bits and pieces of a file are downloaded from a peer-to-peer network of computers, so that no single server is burdened with traffic.

With Gladius' CDN, files are likewise cached across a decentralized network, so that there is no single point of vulnerability or failure.

The main difference, however, is that Gladius uses the Ethereum blockchain to establish smart contracts every time there is load distribution or file download. Users also get paid for their spare bandwidth through GLA tokens, which are cryptocurrency that can be exchanged for fiat money or exchanged for other cryptocurrencies like Bitcoin or Ether.

Of course, how much you can actually earn from Gladius is unclear, but it would depend on how much of your bandwidth the network actually uses -- I wouldn't plan my retirement on it.

Gladius uses blockchain to administer and allocate the resources of the network and manage payments. Because of this, there is no centralized storage location, making DDoS attacks much harder, if not impossible, to succeed.

There is another security-related reason for such a server-free architecture. Gladius will have no role in storing sensitive data, managing communication channels between customers and pools, or controlling who has access to the platform. In theory, the product is community-owned, not Gladius-owned. It could outlive Gladius, because even if the company goes away, the network will still operate, although the network will likely fade away if the company does as well.

It also means that as Gladius clients come online in areas not normally served by massive data centers, like Africa, the Middle East, parts of Europe, Asia, and South America, those people will be served by content distribution nodes closer to home -- something that the current major services like Cloudflare do not offer.

The company believes it might be able to convince ISPs to not only not stop their customers from using its software but even get master nodes inside of their network because it would have a net effect of lowering the traffic leaving their network, because static content would be cached and served from inside their own network. Less traffic leaving means they actually money that they would otherwise pay their transit provider for.

The success of Gladius depends on ubiquity. It can't be a quiet sensation or a well-kept secret. The more clients out there, the more successful it will be. Would you consider running Gladius on your PCs at work? At home?

Related posts:

— Andy Patrizio has been a technology journalist for more than 20 years and remembers back when Internet access was only available through his college mainframe. He has written for InformationWeek, Byte, Dr. Dobb's Journal, eWeek, Computerworld and Network World.

Read more about:

Security Now

About the Author(s)

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights