基于种子地址的IPv6地址探测技术综述

李果; 何林; 宋光磊; 王之梁; 杨家海; 李子木

doi:10.11959/j.issn.1000-0801.2019296

您当前的位置：

首页 >

文章列表页 >

基于种子地址的IPv6地址探测技术综述

专题：IPv6技术与应用 | 更新时间：2024-06-05

- 基于种子地址的IPv6地址探测技术综述
- Survey on IPv6 address scanning technology based on seed sources
- 电信科学 2019年35卷第12期页码：24-37
- 作者机构：
  
  1. 清华大学网络科学与网络空间研究院，北京 100084
  2. 北京信息科学与技术国家研究中心，北京 100084
- 作者简介：
  
  [ "李果（1996- ），男，清华大学硕士生，主要研究方向为网络空间探测、网络空间安全和数据挖掘" ]
  [ "何林（1991- )，男，博士，清华大学博士后，主要研究方向为互联网可审计性与隐私性、网络体系结构与协议设计" ]
  [ "宋光磊（1992- ），男，清华大学博士生，主要研究方向为IPv6网络资源探测" ]
  [ "王之梁（1978- ），男，博士，清华大学副教授、博士生导师，主要研究方向为网络测试测量、互联网体系结构与协议、软件定义网络等" ]
  [ "杨家海（1966- ），男，清华大学教授、博士生导师，主要研究方向为网络管理、网络测量、云计算以及网络安全" ]
  [ "李子木（1978- ），男，博士，清华大学高级工程师，主要研究方向为互联网体系结构与协议、网络安全与管理等。" ]
- 基金信息：
  
  “十三五”国家重点研发计划资助项目;The National Key Research and Development Program during the 13th Five-year Plan Period(2017YFB0803004)
- DOI：10.11959/j.issn.1000-0801.2019296
  中图分类号： TP393
- 网络出版日期：2019-12，
  
  纸质出版日期：2019-12-20
- 稿件说明：
移动端阅览
李果, 何林, 宋光磊, 等. 基于种子地址的IPv6地址探测技术综述[J]. 电信科学, 2019,35(12):24-37.

Guo LI, Lin HE, Guanglei SONG, et al. Survey on IPv6 address scanning technology based on seed sources[J]. Telecommunications science, 2019, 35(12): 24-37.
李果, 何林, 宋光磊, 等. 基于种子地址的IPv6地址探测技术综述[J]. 电信科学, 2019,35(12):24-37. DOI： 10.11959/j.issn.1000-0801.2019296.

Guo LI, Lin HE, Guanglei SONG, et al. Survey on IPv6 address scanning technology based on seed sources[J]. Telecommunications science, 2019, 35(12): 24-37. DOI： 10.11959/j.issn.1000-0801.2019296.

摘要

现有的扫描技术能够在非常短的时间内对整个IPv4空间完成扫描，但是这些方法都不适合庞大的IPv6网络空间。因此近年来，许多研究学者提出了各种启发式的 IPv6 地址探测算法。这些算法使用收集的 IPv6种子地址作为输入，输出最可能活跃的IPv6地址列表作为扫描目标，大大缩小了活跃地址区域的扫描范围。对这些基于种子地址的技术进行了分类、梳理和总结，然后详细分析了各个算法的优缺点，并且讨论了这些技术面临的多种挑战。从参考文献公开的IPv6数据集和中国教育科研计算机网的北京节点两个来源收集了总共7 300万种子地址。通过实验，比较了4种基于种子地址的地址探测算法的命中率和时间性能。最后给出了对本领域的思考和未来研究方向。

Abstract

Nowadays

the state-of-the-art technologies can spend a very short time to scan the whole IPv4 space

but these methods cannot be applied to the huge IPv6 space easily.Therefore

many researchers propose different heuristic algorithms for the sake of IPv6 scanning.The common way of these algorithms is to input collected IPv6 seed addresses and output new most likely active IPv6 addresses as candidates for later scanning.These methods greatly reduce the scanning range of the active address area.These technologies based on seed addresses were classified

analyzed and summarized

and detailed analysis of the advantages and disadvantages of each method was given.And the several challenges faced by the methods were discussed.73M seed addresses were collected in total from two sources

including published IPv6 datasets in papers and Beijing Node of China Education and Research Network.Through the proposed experiments

time performance and hit rate of four IPv6 address scanning technologies based on seed addresses was compared.Finally

the own thoughts on this field and some future research directions were proposed.

关键词

Keywords

references

DURUMERIC Z , BAILEY M , HALDERMAN J . An internet-wide view of internet-wide scanning [C ] // USENIX Conference on Security,Aug 20-22,2014,San Diego,USA.[S.l.:s.n] . 2014 : 65 - 78 .

DURUMERIC Z , WUSTROW E , HALDERMAN J A . ZMap:fast internet-wide scanning and its security applications [C ] // USENIX Conference on Security,Aug 14-16,2013,Washington D.C.,USA.[S.l.:s.n] . 2013 : 605 - 620 .

SAILAN M , HASSAN R , PATEL A . A comparative review of IPv4 and IPv6 for research test bed [C ] // International Conference on Electrical Engineering and Informatics,Aug 5-7,2009,Selangor,Malaysia . Piscataway:IEEE Press , 2009 : 427 - 433 .

IETF . Network reconnaissance in IPv6 networks:RFC7707 [S ] . 2016 .

OTTOW C , VLIET F , BOER P . The impact of IPv6 on penetration testing [C ] // Information and Communication Technologies,EUNICE 2012 . Heidelberg:Springer , 2012 : 88 - 89 .

STROWES S D . Bootstrapping active IPv6 measurement with IPv4 and public DNS [J ] . Computing Research Repository , 2017 .

FIEBIG T , BORGOLTE K , HAO S , et al . Something from nothing (there):collecting global IPv6 datasets from DNS [C ] // International Conference on Passive and Active Network Measurement . Heidelberg:Springer , 2017 .

FIEBIG T , BORGOLTE K , HAO S , et al . In rDNS we trust:revisiting a common data-source’s reliability [C ] // Passive and Active Measurement Conference,March 26,2018,Berlin,Germany . Heidelberg:Springer , 2018 .

BORGOLTE K , HAO S , FIEBIG T , et al . Enumerating active IPv6 hosts for large-scale security scans via DNSSEC-signed reverse zones [C ] // 2018 IEEE Symposium on Security and Privacy (SP),May 20-24,2018,Francisco,CA,USA . Washington:IEEE Computer Society , 2018 : 770 - 784 .

ULLRICH J , KIESEBERG P , KROMBHOLZ K , et al . On reconnaissance with IPv6:a pattern-based scanning approach [C ] // 2015 10th International Conference on Availability,Reliability and Security (ARES) , 2015 .

FOREMSKI P , PLONKA D , BERGER A . Entropy/IP:uncovering structure in IPv6 addresses [C ] // ACM Internet Measurement Conference,Nov 14-16,2016,Santa Monica,USA . New York:ACM Press , 2016 .

MURDOCK A , LI F , BRAMSEN P , et al . Target generation for internet-wide IPv6 scanning [C ] // Internet Measurement Conference,Nov 1-3,2017,London,UK . New York:ACM Press , 2017 .

GASSER O , SCHEITLE Q , FOREMSKI P , et al . Clusters in the expanse:understanding and unbiasing IPv6 hitlists [C ] // Internet Measurement Conference (IMC),Oct 31-Nov 2,2018,Boston,USA.[S.l.:s.n] . 2018 : 364 - 378 .

LIU Z Z , XIONG Y Q , XIN L , et al . 6Tree:efficient dynamic discovery of active addresses in the IPv6 address space [J ] . Computer Networks , 2019 .

IETF . Basic requirements for IPv6 customer edge routers:RFC 7084 [EB/OL ] . 2013 .

HUZ G , BAUER S , CLAFFY KC , et al . Experience in using MTurk for network measurement [C ] // SIGCOMM C2B(I)D Workshop,Aug 17,2015,London,UK . New York:ACM Press , 2015 .

QASIM L , MATTHEW L , MACIEJ K , et al . Using crowd sourcing market places for network measurements:the case of spoofer [C ] // Network Traffic Measurement and Analysis Conference,June 26-29,2018,Vienna,Austria . Piscataway:IEEE Press , 2018 .

VARVELLO M , BLACKBURN J , NAYLOR D , et al . EYEORG:a platform for crowdsourcing Web quality of experience measurements [C ] // ACM Conference on Emerging Networking Experiments and Technologies,Nov 30-Dec 3,2016,Philadelphia,USA . New York:ACM Press , 2016 .

CHOWN T . IPv6 implications for network scanning internet requests for comments:RFC5157 [S ] . 2008 .

BARRERA D , OORSCHOT P . Security visualization tools and IPv6 addresses [C ] // International Workshop on Visualization for Cyber Security,Oct 11,2009,Atlantic City,USA . Piscataway:IEEE Press , 2009 : 21 - 26 .

GASSER O . Evaluating network security using internet-wide measurements [D ] . München:Technische Universität München , 2019 .

IETF . IPv6 Addressing of IPv4/IPv6 translators:RFC6052 [S ] . 2010 .

IETF . Teredo:tunneling IPv6 over UDP through network address translations (NAT):RFC4380 [S ] . 2006 .

IETF . IP version 6 addressing architecture:RFC4291 [S ] . 2006 .

IETF . A recommendation for IPv6 address text representation:RFC5952 [S ] . 2010 .

刘觅 , 杨海川 , 李振华 . 运营商构建电信大数据生态之道 [J ] . 电信科学 , 2018 , 34 ( 1 ): 109 - 119 .

LIU M , YANG H C , LI Z H . Way for operators to build the tele communication big data ecology [J ] . Telecommunications Science , 2018 , 34 ( 1 ): 109 - 119 .

浏览量

921

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

IPv6远程监控网络下无状态通信数据的多尺度离群点挖掘算法

宽带私网双栈地址溯源的云化实现

泛在IP协议体系

基于“IPv6+”的应用感知网络（APN6）

面向下一代互联网的随愿网络研究与实现