Monitoring Data Requests in Decentralized Data Storage Systems: A Case Study of IPFS

04/19/2021
by   Leonhard Balduf, et al.
0

Decentralized data storage systems like the Interplanetary Filesystem (IPFS) are becoming increasingly popular, e.g., as a data layer in blockchain applications and for sharing content in a censorship-resistant manner. In IPFS, data is hosted by an open set of peers, requests to which are broadcast to all directly connected peers and routed via a DHT. In this paper, we showcase how the monitoring of said data requests allows for profound insights about the IPFS network while simultaneously breaching individual users' privacy. To this end, we present a passive monitoring methodology that enables us to collect all data requests of a significant and upscalable portion of the total IPFS node population. Using a measurement setup implementing our approach and data collected over a period of nine months, we demonstrate the estimation of, among other things: the size of the IPFS network, activity levels and structure, and content popularity distributions. We furthermore present how our methodology can be abused for attacks on users' privacy. As a demonstration, we identify and successfully surveil public IPFS/HTTP gateways, thereby also uncovering their (normally hidden) node identifiers. We give a detailed analysis of the mechanics and reasons behind implied privacy threats and discuss possible countermeasures.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset