Existing research lacks quantitative analysis of the structural robustness of decentralized anonymous networks under targeted attacks. Method: This work systematically evaluates the resilience of the I2P anonymity network against degree-centrality–based targeted attacks by proposing a novel adversarial percolation model, leveraging real-world I2P topology data to identify and iteratively remove high-degree nodes. Contribution/Results: Experimental results demonstrate that removing only ~5% of the highest-degree nodes reduces network density by 10% and increases average path length by 33%, severely degrading connectivity and transmission efficiency. These findings reveal an inherent structural vulnerability in I2P—despite its decentralized design—highlighting critical dependencies on high-degree nodes. The study provides empirical evidence and a methodological framework for improving anonymity network design and developing effective defense strategies against targeted structural attacks.

This study examines the robustness of I2P, a well-regarded anonymous and decentralized peer-to-peer network designed to ensure anonymity, confidentiality, and circumvention of censorship. Unlike its more widely researched counterpart, TOR, I2P's resilience has received less scholarly attention. Employing network analysis, this research evaluates I2P's susceptibility to adversarial percolation. By utilizing the degree centrality as a measure of nodes' influence in the network, the finding suggests the network is vulnerable to targeted disruptions. Before percolation, the network exhibited a density of 0.01065443 and an average path length of 6.842194. At the end of the percolation process, the density decreased by approximately 10%, and the average path length increased by 33%, indicating a decline in efficiency and connectivity. These results highlight that even decentralized networks, such as I2P, exhibit structural fragility under targeted attacks, emphasizing the need for improved design strategies to enhance resilience against adversarial disruptions.