Interstellar file system: how to deal with the war of attrition of network attacks with Web3?

After US House Speaker Nancy Pelosi visited Taiwan last week, China immediately announced military exercises against Taiwan. In addition to the visible missile test, invisible online warfare also started simultaneously. In the past few days, the websites of the Taiwanese government, such as the Presidential Office, the Ministry of National Defense, and the Ministry of Foreign Affairs, have been temporarily paralyzed by cyber attacks, attracting the attention of domestic and foreign media.

In an exclusive interview with the Liberty Times , Tang Feng, who will be the Minister of Digital Development, explained why the paralysis of the government website does not mean that the information has been leaked . — In response to such cyber-attacks, white hat hackers are also encouraged to help with stress testing.

Unfortunately, judging from the report presented at the end, the content did not fully convey the meaning of visiting the present, which made many people think that Tang Feng was using Web3 to play tricks. Even the PTT forum dedicated to discussing blockchain, the moderator also deleted the report on the grounds that it has nothing to do with Web3. Quite a pity.

This article will first explain how hackers use DDoS to take down government websites, and then discuss how the Ministry of Digital Development is using IPFS to deal with the war of attrition for cyber attacks.

Phone busy

According to a CNA report last week:

U.S. House of Representatives Speaker Nancy Pelosi plans to visit Taiwan this evening. The Presidential Palace said today that from about 5:15 pm, the official website of the Presidential Palace was attacked by an overseas DDoS attack, and the attack traffic was 200 times that of normal days, causing the official website to be unavailable for a time. However, after being disposed of by the Presidential Palace, normal operations have resumed within 20 minutes.

The same situation has also occurred in the Ministry of National Defense and the Ministry of Foreign Affairs. Most of the media reports were subordinated to the government website "hacked". But those who are familiar with information security know that DDoS attacks will not cause government data leakage. Hackers just find a group of zombie computers to block government websites with traffic to create a topic.

During the interview, Tang Feng used a busy phone line to describe how a DDoS attack works:

These days, the government website is a bit like a busy phone line. Many people make cross-border calls from abroad to the dedicated line, but they cannot dial in. This is technically called a massive denial of service attack (DDoS). But in fact the phone line was not broken, and government information was not leaked. If people don't take it seriously, it will not disturb people's hearts. If it is regarded as a ridiculous thing that makes people sleep well, the attack will have the effect of psychological warfare, and it will probably become normalized.

No one will say the bank has been hacked just because the bank's customer service phone is busy. In the same way, DDoS attacks on government websites are just a kind of "phone busy".

In other words, the purpose of hackers launching DDoS attacks is not to steal government and public information, but to fight psychological warfare. Seeing that people can't tell the difference between "phone busy" and hacking, so as to create social unrest. Therefore, when a hacker launches DDoS, the target of the attack is generally a website with indicator significance, in order to attract media attention and cause panic among the public.

DDoS attacks are quite common around the world. Even people grabbing concert tickets is quite similar to the effect of a DDoS attack, and the website will be paralyzed if you are not careful. Therefore, there is a set of coping methods in technology:

Our countermeasure is technically called flow cleaning. It’s like if you can’t get in on the phone, you can set up more dedicated lines to get through. The correspondence of this kind of traffic cleaning is constantly being done, and of course, the corresponding resources have been invested. But this is a bit like a war of attrition. In order to fight foreign attacks, we invest corresponding resources to block them.

Both DDoS attacks and defenses have to pay corresponding resources. Once hackers find that they can successfully disrupt people's hearts and use the media to confuse the public into thinking that the phone line is busy is a form of hacking, perhaps hackers will devote more resources to attack in the future.

On the other hand, if both the media and the public can know that a short-term "phone line busy" will not cause serious harm, or even take it seriously, it will make hackers feel uninterested. In addition to raising people's awareness of DDoS attacks, Tang Feng also tested another Web3-based asymmetric defense architecture on the website of the Digital Development Department, hoping to reduce the resource consumption of defenders.

Interstellar File System

Tang Feng pointed out:

At noon on the day of the start of the communist military exercise, the website of the Ministry of Digital Development was launched, and so far it has not been stuck for a second. This new website is based on the Web3 architecture. The back end uses the Interstellar File System (IPFS), which is tied to the global blockchain community or the global backbone of Web2. It is an asymmetric defense architecture. Students, they are all robots or voice answering machines. When he spends a lot of resources to attack, you don’t need to spend resources on defense. This is different from traditional traffic cleaning, which consumes each other with each other.

The Ministry of Digital Development currently hosts its website on Web3's Interplanetary File System (IPFS) at ipns://moda.gov.tw. This is not the same as the familiar HTTP header URL. The beginning is different, which means that the communication protocol used is different.

It's a pity that most browsers on the market "can't understand" this string of IPFS URLs. For the time being, only two browsers, Brave1 and Opera Crypto Browser2, can directly access this website hosted on IPFS, as shown in the screenshot below. Other browsers can only access indirectly.

At first glance, only the beginning of the URL is different, but in fact the working mechanism behind the two URLs is very different.

Everyone is familiar with HTTP URLs, but it may be the first time you see a URL that starts with IPFS (and IPNS). The difference between the two lies in the way in which the content is obtained. For example, two of my friends, Xiao Ming and Xiao Hua, both recommended me the book "Blockchain Sociology", but the way they recommended me to buy this book was different.

Xiao Ming said, "I recommend you to go to the Causeway Bay Bookstore in Zhongshan Station of the MRT. After entering the door, the fifth book on the second shelf is the book I recommended you."

Xiaohua said: "I recommend you to buy Gao Reconstruction's "Blockchain Sociology", its ISBN number is 9789888599288.

Xiao Ming is talking about the location addressing of books, which is similar to how HTTP works. He told me the location, but not what it was. The advantage is that the route is clear. As long as the boss doesn't change the placement and the bookstore doesn't close, I can find the right book.

What Xiaohua is talking about is the content addressing of the book, which is similar to how IPFS works. He told me the content, but didn't tell me where to get it. The upside is that the goal is clear. As long as there are people on the market for sale, I can find the right book.

This is just an example of a book. But when hackers launched DDoS attacks, they targeted government websites. To apply HTTP as an example, it would be like the Causeway Bay Bookstore was suddenly occupied by a large group of people in black who did not buy books, so that people who followed the route to buy books could not get in at all. Therefore, bookstores have to use the "traffic cleaning" mechanism to counteract, so that people who really want to buy books can enter.

But IPFS does not have this problem. What IPFS provides is not a route to find a "book", but the author, name and ISBN number of the book. Therefore, if I find that the Causeway Bay Bookstore is occupied by men in black, I can go to the opposite Eslite Bookstore or a blog on the Internet to buy books, and I will not be unable to buy books because a certain bookstore is paralyzed.

If hackers want to carry out DDoS attacks on IPFS, they have to find a way to find more "men in black", and it is possible to block the global access. In this way, the cost of attack is much higher than the cost of defense. Easy to defend and hard to attack is the main reason why the digital development department’s website on IPFS is difficult to be paralyzed by hackers, and it is also the asymmetric defense structure that Tang Feng said in the interview.

The Taiwanese government's use of IPFS to defend against cyber-hacking attacks is a new way to confront great powers from the Ukraine war. Even technologists are unfamiliar . But in fact, in recent years, IPFS has become an important tool for people to fight against power and prevent content from "disappearing".

asymmetric defense system

In 2017, the Turkish government called Wikipedia a threat to national security and ordered a ban. In order to save data, many Turkish netizens have begun to upload the content of Wikipedia to IPFS for preservation.

Taking the bookstore just now as an example, it would be as if the government used public power to force the bookstore to close, so that people who followed the address to the Wikipedia website to find information could only be closed. At that time, netizens thought that IPFS could be used to establish an asymmetric defense system, and people were encouraged to use Wikipedia built on IPFS to browse as usual, thereby fighting against the government.

Similar apps can also be found in Taiwan. In 2018, Block Potential introduced 3 Matters' IPFS function, which permanently stores content on the Internet for creators to avoid "disappearing" due to political or commercial factors. It’s just that in the past, everyone always felt that they would not be weak or a minority, and it was difficult to understand the specific purpose of additionally backing up articles to IPFS.

After the recent cyber attack incidents, everyone will gradually realize that it is not only individuals who are vulnerable. In the face of big countries, small countries are also a minority that can be ignored. And whether it's cryptocurrencies or IPFS, Web3 technology tools are an asymmetric defense system for disadvantaged and minority groups.

Block Potential is an independent media that is maintained by readers' paid subscriptions, and the content does not accept factory or commercial distribution. If you think the block potential article is good, please share it. If the bank has spare capacity, it can also support the block potential operation with a regular quota. To view the content of past publications, you can refer to the article list .