In EDS ansehen

A large-scale scan of IPv6 IP-ID.

Gespeichert in:

Bibliographische Detailangaben
Titel:	A large-scale scan of IPv6 IP-ID.
Autoren:	HUANG, Fengyuan¹ huangfengyuan@nudt.edu.cn, YANG, Yifan¹ yangyifanyyf@nudt.edu.cn, YU, Bo¹ yubo0615@nudt.edu.cn, YANG, Zhenzhong¹, CAI, Zhiping¹ zpcai@nudt.edu.cn, HOU, Bingnan¹
Quelle:	Computer Engineering & Science / Jisuanji Gongcheng yu Kexue. Aug2025, Vol. 47 Issue 8, p1391-1398. 8p.
Schlagwörter:	INTERNET protocols, COMPUTER network security, COMPUTER network protocols, LEAKS (Disclosure of information), RESEARCH personnel, INTERNET protocol version 6
Abstract:	In IPv6 networks, the Internet protocol identification (IP-ID) fields, which are used to support fragmentation and reassembly of network-layer datagrams, no longer appear as fixed fields but are instead placed in the extension header for flexible use. In recent years, researchers have exploited the IPv6 fragmentation mechanism to induce IPv6 target hosts to generate IP-IDs and perform tasks such as alias prefix resolution, demonstrating that the IP-ID field in IPv6 networks can still leak information and pose certain security risks. Since existing IP-ID exploitation methods rely on simple, predictable IP-ID types, probing whether the IP-ID types of IPv6 devices on the internet are predictable hold significant importance for IPv6 network security and asset assessment. This paper proposes a method to detect IPv6 devices on the Internet, and classifies them into different types. Among the nearly 5 million IPv6 addresses returned, 41. 1% of the addresses still used predictable IP-ID, indicating that IPv6 networks are not immune to fragment and IP-ID based attacks. There are still a considerable number of devices in IPv6 network using predictable IP-ID which are of high security risk. [ABSTRACT FROM AUTHOR]
Datenbank:	Academic Search Index

Nájsť tento článok vo Web of Science

Beschreibung
Abstract:	In IPv6 networks, the Internet protocol identification (IP-ID) fields, which are used to support fragmentation and reassembly of network-layer datagrams, no longer appear as fixed fields but are instead placed in the extension header for flexible use. In recent years, researchers have exploited the IPv6 fragmentation mechanism to induce IPv6 target hosts to generate IP-IDs and perform tasks such as alias prefix resolution, demonstrating that the IP-ID field in IPv6 networks can still leak information and pose certain security risks. Since existing IP-ID exploitation methods rely on simple, predictable IP-ID types, probing whether the IP-ID types of IPv6 devices on the internet are predictable hold significant importance for IPv6 network security and asset assessment. This paper proposes a method to detect IPv6 devices on the Internet, and classifies them into different types. Among the nearly 5 million IPv6 addresses returned, 41. 1% of the addresses still used predictable IP-ID, indicating that IPv6 networks are not immune to fragment and IP-ID based attacks. There are still a considerable number of devices in IPv6 network using predictable IP-ID which are of high security risk. [ABSTRACT FROM AUTHOR]
ISSN:	1007130X
DOI:	10.3969/j.issn.1007-130X.2025.08.006