Erik Bergenholtz, D. Ilie, Andrew Moss, E. Casalicchio
{"title":"大海捞针——IPv6扫描方法的比较研究","authors":"Erik Bergenholtz, D. Ilie, Andrew Moss, E. Casalicchio","doi":"10.1109/ISNCC.2019.8909131","DOIUrl":null,"url":null,"abstract":"It has previously been assumed that the size of an IPv6 network would make it impossible to scan the network for vulnerable hosts. Recent work has shown this to be false, and several methods for scanning IPv6 networks have been suggested. However, most of these are based on external information like DNS, or pattern inference which requires large amounts of known IP addresses. In this paper, DeHCP, a novel approach based on delimiting IP ranges with closely clustered hosts, is presented and compared to three previously known scanning methods. The method is shown to work in an experimental setting with results comparable to that of the previously suggested methods, and is also shown to have the advantage of not being limited to a specific protocol or probing method. Finally we show that the scan can be executed across multiple VLANs.","PeriodicalId":187178,"journal":{"name":"2019 International Symposium on Networks, Computers and Communications (ISNCC)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Finding a needle in a haystack - A comparative study of IPv6 scanning methods\",\"authors\":\"Erik Bergenholtz, D. Ilie, Andrew Moss, E. Casalicchio\",\"doi\":\"10.1109/ISNCC.2019.8909131\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"It has previously been assumed that the size of an IPv6 network would make it impossible to scan the network for vulnerable hosts. Recent work has shown this to be false, and several methods for scanning IPv6 networks have been suggested. However, most of these are based on external information like DNS, or pattern inference which requires large amounts of known IP addresses. In this paper, DeHCP, a novel approach based on delimiting IP ranges with closely clustered hosts, is presented and compared to three previously known scanning methods. The method is shown to work in an experimental setting with results comparable to that of the previously suggested methods, and is also shown to have the advantage of not being limited to a specific protocol or probing method. Finally we show that the scan can be executed across multiple VLANs.\",\"PeriodicalId\":187178,\"journal\":{\"name\":\"2019 International Symposium on Networks, Computers and Communications (ISNCC)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Symposium on Networks, Computers and Communications (ISNCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISNCC.2019.8909131\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Symposium on Networks, Computers and Communications (ISNCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISNCC.2019.8909131","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Finding a needle in a haystack - A comparative study of IPv6 scanning methods
It has previously been assumed that the size of an IPv6 network would make it impossible to scan the network for vulnerable hosts. Recent work has shown this to be false, and several methods for scanning IPv6 networks have been suggested. However, most of these are based on external information like DNS, or pattern inference which requires large amounts of known IP addresses. In this paper, DeHCP, a novel approach based on delimiting IP ranges with closely clustered hosts, is presented and compared to three previously known scanning methods. The method is shown to work in an experimental setting with results comparable to that of the previously suggested methods, and is also shown to have the advantage of not being limited to a specific protocol or probing method. Finally we show that the scan can be executed across multiple VLANs.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
