LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What are Sybil attacks and Intersection attacks, and how does I2P defend against them?

A Sybil attack floods the network with fake identities to seize control; an Intersection attack correlates traffic over time to link nodes and de-anonymise a user. I2P counters both with resource limits and constantly rotating tunnels.

Sybil attack: an attacker creates many false identities to gain disproportionate control of the network. I2P makes this hard because each identity costs limited resources, and the network automatically detects and throttles suspicious activity.

Intersection attack: an attacker observes network traffic over a long period to figure out which nodes belong together and thereby identify a user. I2P defends by constantly changing the traffic flow and regularly rebuilding tunnels — typically every ~10 minutes — so a connection between two points is hard to follow over time.

Tip: Short-lived tunnels are a recurring anonymity theme: the less time a path stays fixed, the smaller the window an observer has to correlate it.

Go deeper:

From Quiz: PRIVACY / Anonymous Surfing, Tor & Location Tracking | Updated: Jul 05, 2026