skip to main content
research-article

One bad apple can spoil your IPv6 privacy

Published: 20 June 2022 Publication History
  • Get Citation Alerts
  • Abstract

    IPv6 is being more and more adopted, in part to facilitate the millions of smart devices that have already been installed at home. Unfortunately, we find that the privacy of a substantial fraction of end-users is still at risk, despite the efforts by ISPs and electronic vendors to improve end-user security, e.g., by adopting prefix rotation and IPv6 privacy extensions. By analyzing passive data from a large ISP, we find that around 19% of end-users' privacy can be at risk. When we investigate the root causes, we notice that a single device at home that encodes its MAC address into the IPv6 address can be utilized as a tracking identifier for the entire end-user prefix---even if other devices use IPv6 privacy extensions. Our results show that IoT devices contribute the most to this privacy leakage and, to a lesser extent, personal computers and mobile devices. To our surprise, some of the most popular IoT manufacturers have not yet adopted privacy extensions that could otherwise mitigate this privacy risk. Finally, we show that third-party providers, e.g., hypergiants, can track up to 17% of subscriber lines in our study.

    References

    [1]
    R. Almeida, R. Teixeira, D. Veitch, and C. Diot. Classification of Load Balancing in the Internet. In IEEE INFOCOM, 2020.
    [2]
    IEEE Standards Association. Guidelines for Use of Extended Unique Identifier (EUI), Organizationally Unique Identifier (OUI), and Company ID (CID). https://standards.ieee.org/content/dam/ieee-standards/standards/web/documents/tutorials/eui.pdf, 2018.
    [3]
    V. Bajpai and J. Schönwälder. A Longitudinal View of Dual-Stacked Websites---Failures, Latency and Happy Eyeballs. IEEE/ACM Transactions on Networking, 27(2), 2019.
    [4]
    A. Banks and R. Gupta. MQTT Version 3.1.1. MQTT Version 3.1.1, https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html.
    [5]
    R. Beverly, R. Durairajan, D. Plonka, and J. P. Rohrer. In the IP of the beholder: Strategies for active IPv6 topology discovery. In ACM IMC, 2018.
    [6]
    K. Borgolte, S. Hao, T. Fiebig, and G. Vigna. Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones. In IEEE Symposium on Security and Privacy, 2018.
    [7]
    T. Böttger, F. Cuadrado, G. Tyson, I. Castro, and S. Uhlig. A Hyper-giant's View of the Internet. ACM SIGCOMM CCR, 47(1), 2017.
    [8]
    T. Bruns. Network Reconnaissance in IPv6-based Residential Broadband Networks. arXiv preprint arXiv:2012.10652, 2020.
    [9]
    Cisco. Introduction to Cisco IOS NetFlow - A Technical Overview. https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html, 2012.
    [10]
    European Commission. Internal Market, Industry, Entrepreneurship and SMEs - CE Marking. https://ec.europa.eu/growth/single-market/ce-marking_en, 2021.
    [11]
    T. Cui, G. Gou, G. Xiong, C. Liu, P. Fu, and Z. Li. 6GAN: IPv6 Multi-Pattern Target Generation via Generative Adversarial Nets with Reinforcement Learning. In IEEE INFOCOM, 2021.
    [12]
    G. Van de Velde, T. Hain, R. Droms, B. Carpenter, and E. Klein. Local Network Protection for IPv6. RFC 4864 (Informational), May 2007.
    [13]
    S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) Specification. RFC 2460 (Draft Standard), Dec 1998. Obsoleted by RFC 8200, updated by RFCs 5095, 5722, 5871, 6437, 6564, 6935, 6946, 7045, 7112.
    [14]
    S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) Specification. RFC 8200 (Internet Standard), Jul 2017.
    [15]
    R. Droms. Dynamic Host Configuration Protocol. RFC 2131 (Draft Standard), Mar 1997. Updated by RFCs 3396, 4361, 5494, 6842.
    [16]
    T. Fiebig, K. Borgolte, S. Hao, C. Kruegel, and G. Vigna. Something from Nothing (There): Collecting Global IPv6 Datasets from DNS. In PAM, 2017.
    [17]
    T. Fiebig, K. Borgolte, S. Hao, C. Kruegel, G. Vigna, and A. Feldmann. In rDNS We Trust: Revisiting a Common Data-Source's Reliability. In PAM, 2018.
    [18]
    P. Foremski, D. Plonka, and A. Berger. Entropy/IP: Uncovering Structure in IPv6 Addresses. In ACM IMC, 2016.
    [19]
    K. Fukuda and J. Heidemann. Who Knocks at the IPv6 Door? Detecting IPv6 Scanning. In ACM IMC, 2018.
    [20]
    O. Gasser, Q. Scheitle, P. Foremski, Q. Lone, M. Korczynski, S. D. Strowes, L. Hendriks, and G. Carle. Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists. In ACM IMC, 2018.
    [21]
    O. Gasser, Q. Scheitle, S. Gebhard, and G. Carle. Scanning the IPv6 Internet: Towards a Comprehensive Hitlist. In TMA, 2016.
    [22]
    P. Gigis, M. Calder, L. Manassakis, G. Nomikos, V. Kotronis, X. Dimitropoulos, E. Katz-Bassett, and G. Smaragdakis. Seven Years in the Life of Hypergiants' Off-Nets. In ACM SIGCOMM, 2021.
    [23]
    F. Gont and T. Chown. Network Reconnaissance in IPv6 Networks. RFC 7707 (Informational), Mar 2016.
    [24]
    F. Gont, S. Krishnan, T. Narten, and R. Draves. Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6. RFC 8981 (Proposed Standard), Feb 2021.
    [25]
    Google. IPv6 Adoption. https://www.google.com/intl/en/ipv6/statistics.html.
    [26]
    Google. Android Enterprise Network Requirements. https://support.google.com/work/android/answer/10513641?hl=en, 2021.
    [27]
    Google. Google Cloud IoT Core. https://cloud.google.com/iot-core, 2021.
    [28]
    B. Hou, Z. Cai, K. Wu, J. Su, and Y. Xiong. 6Hit: A Reinforcement Learning-based Approach to Target Generation for Internet-wide IPv6 Scanning. In IEEE INFOCOM, 2021.
    [29]
    G. Huston. IPv6 and the Internet of Things. https://blog.apnic.net/2016/04/13/ipv6-internet-things/, 2016.
    [30]
    Amazon Web Services Inc. AWS IoT Core. Amazon Web Services, https://aws.amazon.com/iot-core/.
    [31]
    Apple Inc. IPv6 security. Apple Platform Security, https://support.apple.com/guide/security/ipv6-security-seccb625dcd9/web.
    [32]
    Institute of Electrical and Electronics Engineers (IEEE). Organizationally Unique Identifier (OUI) MAC Address Registry. http://standards-oui.ieee.org/oui/oui.txt.
    [33]
    E. Karpilovsky, A. Gerber, D. Pei, J. Rexford, and A. Shaikh. Quantifying the extent of IPv6 deployment. In PAM, 2009.
    [34]
    F. Li and D. Freeman. Towards A User-Level Understanding of IPv6 Behavior. In ACM IMC, 2020.
    [35]
    X. Li, B. Liu, X. Zheng, H. Duan, Q. Li, and Y. Huang. Fast IPv6 Network Periphery Discovery and Security Implications. In IEEE/IFIP DSN, 2021.
    [36]
    Z. Liu, Y. Xiong, X. Liu, W. Xie, and P. Zhu. 6Tree: Efficient dynamic discovery of active addresses in the IPv6 address space. Computer Networks, 155, 2019.
    [37]
    T. Mrugalski, M. Siodelski, B. Volz, A. Yourtchenko, M. Richardson, S. Jiang, T. Lemon, and T. Winters. Dynamic Host Configuration Protocol for IPv6 (DHCPv6). RFC 8415 (Proposed Standard), Nov 2018.
    [38]
    A. Murdock, F. Li, P. Bramsen, Z. Durumeric, and V. Paxson. Target Generation for Internet-wide IPv6 Scanning. In ACM IMC, 2017.
    [39]
    T. Narten, R. Draves, and S. Krishnan. Privacy Extensions for Stateless Address Autoconfiguration in IPv6. RFC 4941 (Draft Standard), Sep 2007.
    [40]
    R. Padmanabhan, J. P. Rula, P. Richter, S. D. Strowes, and A. Dainotti. DynamIPs: Analyzing address assignment practices in IPv4 and IPv6. In ACM CoNEXT, 2020.
    [41]
    J. P. Rohrer, B. LaFever, and R. Beverly. Empirical study of router IPv6 interface address distributions. IEEE Internet Computing, 20(4).
    [42]
    E. C. Rye and R. Beverly. Discovering the IPv6 network periphery. arXiv preprint arXiv:2001.08684, 2020.
    [43]
    E. C. Rye, R. Beverly, and kc claffy. Follow the Scent: Defeating IPv6 Prefix Rotation Privacy. In ACM IMC, 2021.
    [44]
    E. C. Rye, J. Martin, and R. Beverly. EUI-64 Considered Harmful. arXiv preprint arXiv:1902.08968, 2019.
    [45]
    S. J. Saidi, A. M. Mandalari, R. Kolcun, H. Haddadi, D. J. Dubois, D. Choffnes, G. Smaragdakis, and A. Feldmann. A Haystack Full of Needles: Scalable Detection of IoT Devices in the Wild. In ACM IMC, 2020.
    [46]
    S. Strowes. IPv6 Adoption in 2021. https://labs.ripe.net/author/stephen_strowes/ipv6-adoption-in-2021/, 2021.
    [47]
    S. D. Strowes. Bootstrapping Active IPv6 Measurement with IPv4 and Public DNS. arXiv preprint arXiv:1710.08536, 2017.
    [48]
    S. Thomson, T. Narten, and T. Jinmei. IPv6 Stateless Address Auto-configuration. RFC 4862 (Draft Standard), Sep 2007. Updated by RFC 7527.
    [49]
    J. Ullrich, P. Kieseberg, K. Krombholz, and E. Weippl. On reconnaissance with IPv6: a pattern-based scanning approach. In ARES, 2015.
    [50]
    G. Zheng, X. Xu, and C. Wang. An Effective Target Address Generation Method for IPv6 Address Scan. In IEEE ICCC, 2020.

    Cited By

    View all
    • (2023)Network Layer Privacy Protection Using Format-Preserving EncryptionElectronics10.3390/electronics1223480012:23(4800)Online publication date: 27-Nov-2023
    • (2023)Target Acquired? Evaluating Target Generation Algorithms for IPv62023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10199073(1-10)Online publication date: 26-Jun-2023
    • (2023)6Scan: A High-Efficiency Dynamic Internet-Wide IPv6 Scanner With Regional EncodingIEEE/ACM Transactions on Networking10.1109/TNET.2023.323395331:4(1870-1885)Online publication date: 9-Jan-2023
    • Show More Cited By

    Index Terms

    1. One bad apple can spoil your IPv6 privacy

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM SIGCOMM Computer Communication Review
        ACM SIGCOMM Computer Communication Review  Volume 52, Issue 2
        April 2022
        69 pages
        ISSN:0146-4833
        DOI:10.1145/3544912
        Issue’s Table of Contents
        Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 20 June 2022
        Published in SIGCOMM-CCR Volume 52, Issue 2

        Check for updates

        Author Tags

        1. EUI-64
        2. IPv6
        3. IoT
        4. user privacy

        Qualifiers

        • Research-article

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)127
        • Downloads (Last 6 weeks)14
        Reflects downloads up to 09 Aug 2024

        Other Metrics

        Citations

        Cited By

        View all
        • (2023)Network Layer Privacy Protection Using Format-Preserving EncryptionElectronics10.3390/electronics1223480012:23(4800)Online publication date: 27-Nov-2023
        • (2023)Target Acquired? Evaluating Target Generation Algorithms for IPv62023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10199073(1-10)Online publication date: 26-Jun-2023
        • (2023)6Scan: A High-Efficiency Dynamic Internet-Wide IPv6 Scanner With Regional EncodingIEEE/ACM Transactions on Networking10.1109/TNET.2023.323395331:4(1870-1885)Online publication date: 9-Jan-2023
        • (2023)Search in the Expanse: Towards Active and Global IPv6 HitlistsIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10229089(1-10)Online publication date: 17-May-2023
        • (2023)The state is watching you—A cross-national comparison of data retention in EuropeTelecommunications Policy10.1016/j.telpol.2023.10254247:4Online publication date: 1-May-2023
        • (2023)GraphNEIComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.109946235:COnline publication date: 1-Nov-2023
        • (2023)In the loopComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2022.109500221:COnline publication date: 1-Feb-2023
        • (2022)Towards a Behavioral and Privacy Analysis of ECS for IPv6 DNS Resolvers2022 18th International Conference on Network and Service Management (CNSM)10.23919/CNSM55787.2022.9965032(303-309)Online publication date: 31-Oct-2022
        • (2022)The multiple roles that IPv6 addresses can play in today's internetACM SIGCOMM Computer Communication Review10.1145/3561954.356195752:3(10-18)Online publication date: 6-Sep-2022
        • (2022)Wireless Communication-Based Coexistence of IPv4 and IPv6 for IoT Devices2022 International Conference on Knowledge Engineering and Communication Systems (ICKES)10.1109/ICKECS56523.2022.10060098(1-7)Online publication date: 28-Dec-2022
        • Show More Cited By

        View Options

        Get Access

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Media

        Figures

        Other

        Tables

        Share

        Share

        Share this Publication link

        Share on social media