Active Sybil Attack and Efficient Defense Strategy in IPFS DHT
V. H. M. Netto, T. Cholez, C. L. Ignat
TL;DR
This work reframes IPFS DHT security by introducing an active Sybil attack that uses premature termination to eclipse content, achieving up to around 80–82% eclipse rate against recent defenses. It proposes SR-DHT-Store, a Sybil-resistant publication strategy that uses XOR-distance zone delimitation to publish provider records to a carefully chosen set of resolvers, reducing overhead and avoiding sole reliance on anomaly detection. The authors further strengthen defense by combining SR-DHT-Store with PR limitations and disjoint lookup paths, demonstrating near-perfect or perfect retrieval resilience under both passive and active attacks, albeit with overhead tradeoffs. The findings advance practical, incremental defenses for IPFS and similar DHT-based systems, highlighting the importance of robust publication and lookup strategies to curb content eclipse and Sybil-driven disruption in decentralized networks.
Abstract
The InterPlanetary File System (IPFS) is a decentralized peer-to-peer (P2P) storage that relies on Kademlia, a Distributed Hash Table (DHT) structure commonly used in P2P systems for its proved scalability. However, DHTs are known to be vulnerable to Sybil attacks, in which a single entity controls multiple malicious nodes. Recent studies have shown that IPFS is affected by a passive content eclipse attack, leveraging Sybils, in which adversarial nodes hide received indexed information from other peers, making the content appear unavailable. Fortunately, the latest mitigation strategy coupling an attack detection based on statistical tests and a wider publication strategy upon detection was able to circumvent it. In this work, we present a new active attack, with malicious nodes responding with semantically correct but intentionally false data, exploiting both an optimized placement of Sybils to stay below the detection threshold and an early trigger of the content discovery termination in Kubo, the main IPFS implementation. Our attack achieves to completely eclipse content on the latest Kubo release. When evaluated against the most recent known mitigation, it successfully denies access to the target content in approximately 80\% of lookup attempts. To address this vulnerability, we propose a new mitigation called SR-DHT-Store, which enables efficient, Sybil-resistant content publication without relying on attack detection but instead on a systematic and precise use of region-based queries, defined by a dynamically computed XOR distance to the target ID. SR-DHT-Store can be combined with other defense mechanisms resulting in a defense strategy that completely mitigates both passive and active Sybil attacks at a lower overhead, while allowing an incremental deployment.
