Abstract
InterPlanetary File System (IPFS) is one of the most promising decentralized off-chain storage mechanisms, particularly relevant for blockchains, aiming to store the content forever, thus it is crucial to understand its composition, deduce actor intent and investigate its operation and impact. Beyond the network functionality that IPFS offers, assessing the quality of nodes, i.e. analysing and categorising node software and data, is essential to mitigate possible risks and exploitation of IPFS. To this end, in this work we took three daily snapshots of IPFS nodes within a month and analysed each node (by IP address) individually, using threat intelligence feeds. The above enabled us to quantify the number of potentially malicious and/or abused nodes. The outcomes lead us to consider using a filter to isolate malicious nodes from the network, an approach we implemented as a prototype and used for assessment of effectiveness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
References
Althouse, J.: Easily Identify Malicious Servers on the Internet with JARM (2020). https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
Balduf, L., Henningsen, S., Florian, M., Rust, S., Scheuermann, B.: Monitoring data requests in decentralized data storage systems: a case study of IPFS. In: 2022 IEEE 42nd International Conference on Distributed Computing Systems (ICDCS), pp. 658–668. IEEE (2022)
Benet, J.: Ipfs-content addressed, versioned, p2p file system. arXiv preprint arXiv:1407.3561 (2014)
Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)
Casino, F., Politou, E., Alepis, E., Patsakis, C.: Immutability and decentralized storage: an analysis of emerging threats. IEEE Access 8, 4737–4744 (2019)
Cook, A.V., Bechtel, M., Anderson, S., Novak, D.R., Nodi, N., Parekh, J.: The spatial web and web 3.0: what business leaders should know about the next era of computing. Deloitte Insights (2020)
Henningsen, S., Florian, M., Rust, S., Scheuermann, B.: Mapping the interplanetary filesystem. In: 2020 IFIP Networking Conference (Networking), pp. 289–297 (2020)
Karapapas, C., Pittaras, I., Fotiou, N., Polyzos, G.C.: Ransomware as a service using smart contracts and IPFS. In: 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pp. 1–5. IEEE (2020)
Labs, P.: Libp2p (2021). https://libp2p.io/
Mamun, A.A., Hasan, S.R., Bhuiyan, M.S., Kaiser, M.S., Yousuf, M.A.: Secure and transparent KYC for banking system using IPFS and blockchain Technology. In: 2020 IEEE Region 10 Symposium (TENSYMP), pp. 348–351 (2020). https://doi.org/10.1109/TENSYMP50017.2020.9230987
Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_5
Murray, A., Kim, D., Combs, J.: The promise of a decentralized internet: what is web 3.0 and how can firms prepare? Business Horizons (2022)
Patsakis, C., Casino, F.: Hydras and IPFS: a decentralised playground for malware. Int. J. Inf. Secur. 18(6), 787–799 (2019)
Pripoae, S.: Looking Into the Eye of the Interplanetary Storm (2020). https://www.bitdefender.com/files/News/CaseStudies/study/376/Bitdefender-Whitepaper-IPStorm.pdf
De la Rocha, A., Dias, D., Psaras, Y.: Accelerating content routing with bitswap: a multi-path file transfer protocol in IPFS and Filecoin (2021)
Trautwein, D., et al: Design and evaluation of IPFS: a storage layer for the decentralized web. In: Proceedings of the ACM SIGCOMM 2022 Conference, pp. 739–752 (2022)
Acknowledgements
The authors would like to thank Dennis Trautwein for his insightful comments. This work was supported in part by the European Commission under the Horizon Europe Programme, as part of the project LAZARUS (https://lazarus-he.eu/, Grant Agreement no. 101070303) and the Horizon 2020 Programme, as part of the project HEROES (https://heroes-fct.eu/, Grant Agreement no. 101021801) and was also supported in part by the Research Center of the Athens University of Economics and Business.
The content of this article does not reflect the official opinion of the European Union. Responsibility for the information and views expressed therein lies entirely with the authors.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 IFIP International Federation for Information Processing
About this paper
Cite this paper
Karapapas, C., Polyzos, G.C., Patsakis, C. (2024). What’s Inside a Node? Malicious IPFS Nodes Under the Magnifying Glass. In: Meyer, N., Grocholewska-Czuryło, A. (eds) ICT Systems Security and Privacy Protection. SEC 2023. IFIP Advances in Information and Communication Technology, vol 679. Springer, Cham. https://doi.org/10.1007/978-3-031-56326-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-56326-3_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-56325-6
Online ISBN: 978-3-031-56326-3
eBook Packages: Computer ScienceComputer Science (R0)
