摘要
Numerous measurement researches have been performed to discover the IPv4 network security issues by leveraging the fast Internet-wide scanning techniques. However, IPv6 brings the 128-bits address space and renders brute-force network scanning impractical. Although significant efforts have been dedicated to enumerating active IPv6 hosts, limited by technique efficiency and probing accuracy, large-scale empirical measurement studies under the increasing IPv6 networks are infeasible now.
To fill this research gap, by leveraging the extensively adopted IPv6 address allocation strategy, we propose a novel IPv6 network periphery discovery approach. Specifically, XMap, a fast network scanner, is developed to find the periphery, such as a home router. We evaluate it on twelve prominent Internet service providers and harvest 52M active peripheries. Grounded on these found devices, we explore IPv6 network risks of the unintended exposed security services and the flawed traffic routing strategies. First, we demonstrate the unintended exposed security services in IPv6 networks, such as DNS, and HTTP, have become emerging security risks by analyzing 4.7M peripheries. Second, by inspecting the periphery’s packet routing strategies, we present the flawed implementations of IPv6 routing protocol affecting 5.8M router devices. Attackers can exploit this common vulnerability to conduct effective routing loop attacks, inducing DoS to the ISP’s and home routers with an amplification factor of >200. We responsibly disclose those issues to all involved vendors and ASes and discuss mitigation solutions. Our research results indicate that the security community should revisit IPv6 network strategies immediately.
在2021年第51届IEEE/IFIP国际可靠系统和网络会议上(线上举办),我分享了论文:Fast IPv6 Network Periphery Discovery and Security Implications。
李想
清华大学博士研究生(网络空间安全)
李想,清华大学网络科学与网络空间研究院五年级博士研究生,导师为李琦副教授和段海新教授。研究方向为网络与协议安全,已发表论文12篇(含一作5篇:在网络安全四大顶会均有发表、通讯1篇),授权专利1项,在Black Hat多次演讲,获得180+CVE等漏洞编号。研究获得多个政府及大学CERT安全公告、60+媒体报道,并被纳入RFC标准文档。其也获得了多项奖项荣誉,如清华优秀奖学金、龙湖奖学金卓越奖等。