Is IPFS vulnerable to network attacks?
Abstract
The InterPlanetary File System (IPFS) is a peer-to-peer, distributed file storage and sharing protocol designed to create a more decentralized and efficient internet, which is the cornerstone for the emerging Web3. By addressing content through unique cryptographic hashes instead of traditional location-based URLs, IPFS enables users to retrieve files from multiple nodes hosting the content, reducing reliance on centralized servers and improving resilience against censorship or outages.
That said, recent research shows that IPFS is not entirely decentralized. To boost the performance, scalability, and adoption, IPFS incorporates several centralized components, such as HTTP Gateways for web content [1]. Balduf et al. also show that most of IPFS nodes hosted in a few clouds [2]. When there exist single points of failure, attacks can affect the system at large. Indeed, specific content can be censored due eclipse attacks [3].
This thesis explores if IPFS is vulnerable to other network attacks, such as BGP hijacking, and to what extent the damage can be.
This thesis is supervised remotely by Muoi Tran (Chalmers).
Milestones
- Study the IPFS networks, including how nodes connect to each other under the libp2p library.
- Collect data regarding IPFS networks, such as IP addresses of nodes.
- Evaluate network attacks, such as BGP hijacking and eclipse attacks.
Requirements
- Background: BGP, DHT or Blockchain, Security Basics (attended Network Security or Advance Topics in Communication Networks)
- Programming Languages: Python, Shell, Docker
References
Wei et al., The Eternal Tussle: Exploring the Role of Centralization in IPFS.
Balduf et al. The Cloud Strikes Back: Investigating the Decentralization of IPFS.
Prünster et al. Total Eclipse of the Heart – Disrupting the InterPlanetary File System.
Supervisors
