Bitcoin botnet to become a star of the future security of things
Strong judgment requires strong proof, so when the NeuroMesh will be the founder of bitcoin based products described as “impregnable botnet”, there still have a lot of questions.
Nevertheless, the statement has received some support, two prize bonus of $1 billion MIT entrepreneurship competition, and the ongoing 2017 AtosIT contest finalist – the two raising the credibility of praise.
NeuroMesh from MIT network security GregFalco and doctoral candidate of the same institution student MBA CalebLi co founded, is currently seeking Networking (IoT) solutions to security problems.
The two saw what they say is the need for security products market gap, the working range of the product will be restricted in low power, limited storage equipment in.
NeuroMesh’s idea is to imitate the hacker first tried to use the machine failure strategy — Installation hijacking kernel lightweight code, then dial to the command and control (C & C) server, add resources to the machine by the robot program “herder” command to the botnet.
“We want to first install the security software of our own in the kernel to make vaccine for IoT equipment. Just like playing “KingoftheHill”, so we can control the equipment becomes the only person.”
A major problem is the vulnerability of Botnet C & C server when the hacker attacks, botnets trying to make fall over each other offline rivals and command equipment, often find this point.
The NeuroMesh solution is by sending bitcoin block OP_RETURN code in order to link the technology under the protection of the equipment, this code allows the transfer of any data (such as “MinedbyAntpool”, “Happyhalvingday” or the encyclical of the text).
“This means we can send these IoT devices should not be used by bitcoin block links IP address list.” Falco explained and added:
“(usually using botnets) will you close to convey the central server command, but we do not have this blockchain worry, because it is completely to the center.”
New research progress
In fact, this relates to the connection can be signed transaction bitcoin wallet address C & C server. In turn, the NeuroMesh network IoT device will run a read only transaction NeuroMesh signature of the SPV client, and execute commands in the data contains OP_RETURN.
Because the data in a distributed manner among bitcoin nodes, theoretically speaking, reading these commands will not be released first server location are given more information.
Deputy director of the MIT IC3 network security alliance and NeuroMesh project research consultant Dr. MichaelSiegel said that Li and Falco work from the traditional research on safety communication between distributed systems.
Siegel told CoinDesk, “the clever use of a piece of code can be run in many types of equipment.”
He also said:
“This is a great idea: although not hitherto unknown, but in the field of networking, their botnets, block chain and central command together, this is a kind of innovation, and seems to provide a very safe environment for small distributed equipment management.”
Falco also confirmed that the unique NeuroMesh product is to find new uses for existing practices.
“Although we are doing from a business perspective is innovative, but some white hat security researchers are and we do the same thing to close the loopholes in the system.”
RomanSinayev is a Juniper Networks Inc in the design of anti malware system security software engineer, familiar with the concepts behind the NeuroMesh project (although he hasn’t seen the software runtime state).
Sinayev said that no code can use the error, then there will be a secure communication channel.
In addition, he pointed out that the chain does not need to hide the communication block.
The other way is the P2P program like BitTorrent. You can also use many different proxy servers and change the IP, or you can use some intermediate service information is embedded in the public channel in the picture.”
Sinayev also did not see the code, he stressed that there is no way to verify whether the product will run according to the description of NeuroMesh. However, he suggested that (as with all security software), it is best to conduct independent audits in the finalized products.
Dr. Siegel MIT also pointed out that in similar warnings, the weakest link technology is not always in the system, he said:
“It is based on a secure system, with reliable technology, it is difficult to break security. But this does not prevent the human to do stupid things! Finally, there will be a person to control the password and access control, and that person will always be stupid.”
Even taking into account human error, the bitcoin network has also been shown to be able to be very good against malicious attacks, while Falco and Li are hoping to use this attribute to the development of networking products.
“We say it is” impregnable “because so far, bitcoin block chain has not been hacked.”