Parasitic Computing

Published : 01-01-2015 by : Pawan Janorkar

Rating: 4/5 (6 votes)

Parasitic computing is programming technique where a program in normal authorized interactions with another program manages to get the other program to perform computations of a complex nature. It is, in a sense, a security exploit in that the program implementing the parasitic computing has no authority to consume resources made available to the other program.

The example given by the original paper was two computers communicating over the Internet, under disguise of a standard communications session. The first computer is attempting to solve a large and extremely difficult 3-SAT problem; it has decomposed the original 3-SAT problem in a considerable number of smaller problems.

Each of these smaller problems is then encoded as a relation between a checksum and a packet such that whether the checksum is accurate or not is also the answer to that smaller problem. The packet/checksum is then sent to another computer. This computer will, as part of receiving the packet and deciding whether it is valid and well-formed, create a checksum of the packet and see whether it is identical to the provided checksum. If the checksum is invalid, it will then request a new packet from the original computer.

Parasitic computing has drawn a lot of attention in the Internet community since the first demonstration of its potential. A search of the term “parasitic computing” on google returns 544 results, with coverage on several major portal website such as CNN and BBC. Much attention was draw to the concept of parasitic computing because it is capable of making use of computational resources from all the computers connected to the Internet and comply to the transmission control protocol (TCP). Since most, if not all, of the computers on the Internet need to use the standard TCP protocol to communicate, the resource available to a parasiting user appears unlimited and every server could be exploited. This imposes a serious problems for the servers on the Internet, as it can possibly allocate all the computational capability to the parasiting users and thus affect the access effort from a normal client similar to that in the denial of access attack.

Download seminar docs :