Decentralized data storage systems like the Interplanetary Filesystem (IPFS) are becoming increasingly popular, e. g., as a data layer in blockchain applications and for sharing content in a censorship-resistant manner. In IPFS, data is hosted by an open set of nodes and data requests are broadcast to connected peers in addition to being routed via a distributed hash table (DHT). In this paper, we present a passive monitoring methodology that exploits this design for obtaining data requests from a significant and upscalable portion of nodes. Using an implementation of our approach for the IPFS network and data collected over a period of fifteen months, we demonstrate how our methodology enables profound insights into, among other things: the size of the IPFS network, activity levels and structure, and content popularity distributions. We furthermore present that our methodology can be abused for attacks on users' privacy. For example, we were able to identify and successfully surveil the IPFS nodes corresponding to public IPFS/HTTP gateways.We give a detailed analysis of the mechanics and reasons behind implied privacy threats and discuss possible countermeasures.
翻译:行星间文件系统(IPFS)等分散式数据储存系统越来越受欢迎,例如,作为一个数据层,作为块链应用和以抵制审查的方式共享内容的数据层,在森林小组和森林论坛中,数据由一组开放节点托管,数据请求除了通过散发散散散散列表(DHT)传送给相连接的同侪之外,还广播给数据请求。在本文件中,我们提出了一个被动的监测方法,利用这一设计从大量和可扩增的节点中获取数据请求。我们利用我们为森林小组和森林论坛网络采用的方法和在15个月内收集的数据,我们展示了我们的方法如何使人们能够深刻地洞察到,除其他事项外:森林小组和森林论坛网络的规模、活动水平和结构以及内容的普及性分布。我们还指出,我们的方法可以被用来攻击用户的隐私。例如,我们能够查明并成功地揭示森林小组和工作队与公共森林小组/HTTP网关相对应的节点。我们详细分析了隐私隐威胁背后的机械和原因,并讨论了可能的反措施。