[SkyArrow]

This bears the question of how does an exchange efficiently detect, log and take action against these kinds of behaviours without increasing its own latency too much and (perhaps?) affecting the market?

Does it even matter if a centralised exchange increases its own latency when all market participants have to go through it? I can only think of the case when a security is listed on multiple exchanges, where the latency could mean a small arbitrage opportunity.

[reisse]

Exchanges rarely care about their absolute latency. The latency race is for the best place in the order entry queue. As soon as the order is queued for sequential processing by the risk checker or the matching engine, the race is over. I've seen places where you needed sub-microsecond tick-to-order latency to win the race for the front of the queue, but the actual risk check and matching took tens of milliseconds.

They do care about throughput and providing fair conditions to all of the participants, though. On busiest derivatives exchanges this means resorting to FPGAs for initial checks.

Then, every message send to the exchange is clearly traceable. In some cases participants have dedicated physical lines. When the exchange sees increased rate of malformed packets from a single line or from a certain participant, they just cut it off and call the contact person from the participant (trader/broker) side to demand explanation.

[kasey_junk]

Most exchanges have switched to order gateways that are either fpga or asic based.

Also every packet you send to an exchange is trivially attributed. They just kick you off if your shenanigans cause a problem. And then they tell all the other exchanges about you.