Active Sybil attack and efficient defense strategy in IPFS DHT

TL;DR

This paper identifies a new active Sybil attack in IPFS DHT that can fully eclipse content and proposes SR-DHT-Store, a Sybil-resistant publication method that mitigates both passive and active attacks efficiently.

Contribution

It introduces a novel active attack exploiting Sybil placement and early termination, and proposes SR-DHT-Store, a new mitigation strategy using region-based queries for robust defense.

Findings

The active attack can deny access to content in 80% of lookup attempts.

SR-DHT-Store effectively mitigates passive and active Sybil attacks.

The proposed method supports incremental deployment with lower overhead.

Abstract

The InterPlanetary File System (IPFS) is a decentralized peer-to-peer (P2P) storage built on Kademlia, a Distributed Hash Table (DHT) structure commonly used in P2P systems and known for its proved scalability. However, DHTs susceptible to Sybil attacks, where a single entity controls multiple malicious nodes. Recent studies have shown that IPFS is affected by a passive content eclipse attack, leveraging Sybils, in which adversarial nodes hide received indexed information from other peers, making the content appear unavailable. Fortunately, the latest mitigation strategy coupling an attack detection based on statistical tests and a wider publication strategy upon detection was able to circumvent it. In this work, we present a new active attack in which malicious nodes return semantically correct but intentionally false data. The attack leverages strategic Sybil placement to evade detection and exploits an early termination in the actual Kubo, the main IPFS implementation. It achieves to fully eclipse content on recent Kubo versions. When evaluated against the most recent known mitigation, it successfully denies access to the target content in approximately 80% of lookup attempts. To address this vulnerability, we propose a new mitigation called SR-DHT-Store, which enables efficient, Sybil-resistant content publication without relying on attack detection. Instead, it uses systematic and precise use of region-based queries based on a dynamically computed XOR distance to the target ID. SR-DHT-Store can be combined with other defense mechanisms, fully mitigating passive and active Sybil attacks at a lower overhead while supporting an incremental deployment.