research-article

One bad apple can spoil your IPv6 privacy

Authors:

Said Jawad Saidi,

Georgios SmaragdakisAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 52, Issue 2

Pages 10 - 19

https://doi.org/10.1145/3544912.3544915

Published: 20 June 2022 Publication History

Abstract

IPv6 is being more and more adopted, in part to facilitate the millions of smart devices that have already been installed at home. Unfortunately, we find that the privacy of a substantial fraction of end-users is still at risk, despite the efforts by ISPs and electronic vendors to improve end-user security, e.g., by adopting prefix rotation and IPv6 privacy extensions. By analyzing passive data from a large ISP, we find that around 19% of end-users' privacy can be at risk. When we investigate the root causes, we notice that a single device at home that encodes its MAC address into the IPv6 address can be utilized as a tracking identifier for the entire end-user prefix---even if other devices use IPv6 privacy extensions. Our results show that IoT devices contribute the most to this privacy leakage and, to a lesser extent, personal computers and mobile devices. To our surprise, some of the most popular IoT manufacturers have not yet adopted privacy extensions that could otherwise mitigate this privacy risk. Finally, we show that third-party providers, e.g., hypergiants, can track up to 17% of subscriber lines in our study.

References

[1]

R. Almeida, R. Teixeira, D. Veitch, and C. Diot. Classification of Load Balancing in the Internet. In IEEE INFOCOM, 2020.

[2]

IEEE Standards Association. Guidelines for Use of Extended Unique Identifier (EUI), Organizationally Unique Identifier (OUI), and Company ID (CID). https://standards.ieee.org/content/dam/ieee-standards/standards/web/documents/tutorials/eui.pdf, 2018.

[3]

V. Bajpai and J. Schönwälder. A Longitudinal View of Dual-Stacked Websites---Failures, Latency and Happy Eyeballs. IEEE/ACM Transactions on Networking, 27(2), 2019.

Digital Library

[4]

A. Banks and R. Gupta. MQTT Version 3.1.1. MQTT Version 3.1.1, https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html.

[5]

R. Beverly, R. Durairajan, D. Plonka, and J. P. Rohrer. In the IP of the beholder: Strategies for active IPv6 topology discovery. In ACM IMC, 2018.

Digital Library

[6]

K. Borgolte, S. Hao, T. Fiebig, and G. Vigna. Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones. In IEEE Symposium on Security and Privacy, 2018.

[7]

T. Böttger, F. Cuadrado, G. Tyson, I. Castro, and S. Uhlig. A Hyper-giant's View of the Internet. ACM SIGCOMM CCR, 47(1), 2017.

[8]

T. Bruns. Network Reconnaissance in IPv6-based Residential Broadband Networks. arXiv preprint arXiv:2012.10652, 2020.

[9]

Cisco. Introduction to Cisco IOS NetFlow - A Technical Overview. https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html, 2012.

[10]

European Commission. Internal Market, Industry, Entrepreneurship and SMEs - CE Marking. https://ec.europa.eu/growth/single-market/ce-marking_en, 2021.

[11]

T. Cui, G. Gou, G. Xiong, C. Liu, P. Fu, and Z. Li. 6GAN: IPv6 Multi-Pattern Target Generation via Generative Adversarial Nets with Reinforcement Learning. In IEEE INFOCOM, 2021.

Digital Library

[12]

G. Van de Velde, T. Hain, R. Droms, B. Carpenter, and E. Klein. Local Network Protection for IPv6. RFC 4864 (Informational), May 2007.

[13]

S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) Specification. RFC 2460 (Draft Standard), Dec 1998. Obsoleted by RFC 8200, updated by RFCs 5095, 5722, 5871, 6437, 6564, 6935, 6946, 7045, 7112.

Digital Library

[14]

S. Deering and R. Hinden. Internet Protocol, Version 6 (IPv6) Specification. RFC 8200 (Internet Standard), Jul 2017.

[15]

R. Droms. Dynamic Host Configuration Protocol. RFC 2131 (Draft Standard), Mar 1997. Updated by RFCs 3396, 4361, 5494, 6842.

[16]

T. Fiebig, K. Borgolte, S. Hao, C. Kruegel, and G. Vigna. Something from Nothing (There): Collecting Global IPv6 Datasets from DNS. In PAM, 2017.

[17]

T. Fiebig, K. Borgolte, S. Hao, C. Kruegel, G. Vigna, and A. Feldmann. In rDNS We Trust: Revisiting a Common Data-Source's Reliability. In PAM, 2018.

[18]

P. Foremski, D. Plonka, and A. Berger. Entropy/IP: Uncovering Structure in IPv6 Addresses. In ACM IMC, 2016.

Digital Library

[19]

K. Fukuda and J. Heidemann. Who Knocks at the IPv6 Door? Detecting IPv6 Scanning. In ACM IMC, 2018.

[20]

O. Gasser, Q. Scheitle, P. Foremski, Q. Lone, M. Korczynski, S. D. Strowes, L. Hendriks, and G. Carle. Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists. In ACM IMC, 2018.

Digital Library

[21]

O. Gasser, Q. Scheitle, S. Gebhard, and G. Carle. Scanning the IPv6 Internet: Towards a Comprehensive Hitlist. In TMA, 2016.

[22]

P. Gigis, M. Calder, L. Manassakis, G. Nomikos, V. Kotronis, X. Dimitropoulos, E. Katz-Bassett, and G. Smaragdakis. Seven Years in the Life of Hypergiants' Off-Nets. In ACM SIGCOMM, 2021.

Digital Library

[23]

F. Gont and T. Chown. Network Reconnaissance in IPv6 Networks. RFC 7707 (Informational), Mar 2016.

[24]

F. Gont, S. Krishnan, T. Narten, and R. Draves. Temporary Address Extensions for Stateless Address Autoconfiguration in IPv6. RFC 8981 (Proposed Standard), Feb 2021.

[25]

Google. IPv6 Adoption. https://www.google.com/intl/en/ipv6/statistics.html.

[26]

Google. Android Enterprise Network Requirements. https://support.google.com/work/android/answer/10513641?hl=en, 2021.

[27]

Google. Google Cloud IoT Core. https://cloud.google.com/iot-core, 2021.

[28]

B. Hou, Z. Cai, K. Wu, J. Su, and Y. Xiong. 6Hit: A Reinforcement Learning-based Approach to Target Generation for Internet-wide IPv6 Scanning. In IEEE INFOCOM, 2021.

Digital Library

[29]

G. Huston. IPv6 and the Internet of Things. https://blog.apnic.net/2016/04/13/ipv6-internet-things/, 2016.

[30]

Amazon Web Services Inc. AWS IoT Core. Amazon Web Services, https://aws.amazon.com/iot-core/.

[31]

Apple Inc. IPv6 security. Apple Platform Security, https://support.apple.com/guide/security/ipv6-security-seccb625dcd9/web.

[32]

Institute of Electrical and Electronics Engineers (IEEE). Organizationally Unique Identifier (OUI) MAC Address Registry. http://standards-oui.ieee.org/oui/oui.txt.

[33]

E. Karpilovsky, A. Gerber, D. Pei, J. Rexford, and A. Shaikh. Quantifying the extent of IPv6 deployment. In PAM, 2009.

[34]

F. Li and D. Freeman. Towards A User-Level Understanding of IPv6 Behavior. In ACM IMC, 2020.

Digital Library

[35]

X. Li, B. Liu, X. Zheng, H. Duan, Q. Li, and Y. Huang. Fast IPv6 Network Periphery Discovery and Security Implications. In IEEE/IFIP DSN, 2021.

[36]

Z. Liu, Y. Xiong, X. Liu, W. Xie, and P. Zhu. 6Tree: Efficient dynamic discovery of active addresses in the IPv6 address space. Computer Networks, 155, 2019.

[37]

T. Mrugalski, M. Siodelski, B. Volz, A. Yourtchenko, M. Richardson, S. Jiang, T. Lemon, and T. Winters. Dynamic Host Configuration Protocol for IPv6 (DHCPv6). RFC 8415 (Proposed Standard), Nov 2018.

[38]

A. Murdock, F. Li, P. Bramsen, Z. Durumeric, and V. Paxson. Target Generation for Internet-wide IPv6 Scanning. In ACM IMC, 2017.

Digital Library

[39]

T. Narten, R. Draves, and S. Krishnan. Privacy Extensions for Stateless Address Autoconfiguration in IPv6. RFC 4941 (Draft Standard), Sep 2007.

[40]

R. Padmanabhan, J. P. Rula, P. Richter, S. D. Strowes, and A. Dainotti. DynamIPs: Analyzing address assignment practices in IPv4 and IPv6. In ACM CoNEXT, 2020.

Digital Library

[41]

J. P. Rohrer, B. LaFever, and R. Beverly. Empirical study of router IPv6 interface address distributions. IEEE Internet Computing, 20(4).

[42]

E. C. Rye and R. Beverly. Discovering the IPv6 network periphery. arXiv preprint arXiv:2001.08684, 2020.

[43]

E. C. Rye, R. Beverly, and kc claffy. Follow the Scent: Defeating IPv6 Prefix Rotation Privacy. In ACM IMC, 2021.

[44]

E. C. Rye, J. Martin, and R. Beverly. EUI-64 Considered Harmful. arXiv preprint arXiv:1902.08968, 2019.

[45]

S. J. Saidi, A. M. Mandalari, R. Kolcun, H. Haddadi, D. J. Dubois, D. Choffnes, G. Smaragdakis, and A. Feldmann. A Haystack Full of Needles: Scalable Detection of IoT Devices in the Wild. In ACM IMC, 2020.

Digital Library

[46]

S. Strowes. IPv6 Adoption in 2021. https://labs.ripe.net/author/stephen_strowes/ipv6-adoption-in-2021/, 2021.

[47]

S. D. Strowes. Bootstrapping Active IPv6 Measurement with IPv4 and Public DNS. arXiv preprint arXiv:1710.08536, 2017.

[48]

S. Thomson, T. Narten, and T. Jinmei. IPv6 Stateless Address Auto-configuration. RFC 4862 (Draft Standard), Sep 2007. Updated by RFC 7527.

[49]

J. Ullrich, P. Kieseberg, K. Krombholz, and E. Weippl. On reconnaissance with IPv6: a pattern-based scanning approach. In ARES, 2015.

[50]

G. Zheng, X. Xu, and C. Wang. An Effective Target Address Generation Method for IPv6 Address Scan. In IEEE ICCC, 2020.

Cited By

Mićović MRadenković UVuletić P(2023)Network Layer Privacy Protection Using Format-Preserving EncryptionElectronics10.3390/electronics1223480012:23(4800)Online publication date: 27-Nov-2023
https://doi.org/10.3390/electronics12234800
Steger LKuang LZirngibl JCarle GGasser O(2023)Target Acquired? Evaluating Target Generation Algorithms for IPv62023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10199073(1-10)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10199073
Hou BCai ZWu KYang TZhou T(2023)6Scan: A High-Efficiency Dynamic Internet-Wide IPv6 Scanner With Regional EncodingIEEE/ACM Transactions on Networking10.1109/TNET.2023.323395331:4(1870-1885)Online publication date: 9-Jan-2023
https://dl.acm.org/doi/10.1109/TNET.2023.3233953
Show More Cited By

Index Terms

One bad apple can spoil your IPv6 privacy
1. Networks
2. Security and privacy

Recommendations

Understanding IPv6 populations in the wild
PAM'13: Proceedings of the 14th international conference on Passive and Active Measurement

With the global exhaustion of the IPv4 address pool, there has been significant interest in understanding the adoption of IPv6. Previous studies have shown that IPv6 traffic continues to be a very small fraction of the overall total traffic in any ...
An experimental evaluation of IP4-IPV6 IVI translation

While IPv6 deployment in the Internet continues to grow slowly at present, the imminent exhaustion of IPv4 addresses will encourage its increased use over the next several years. However, due to the predominance of IPv4 in the Internet, the transition ...
Anonymous authentication for mobile Single Sign-On to protect user privacy

This article proposes a system in which a Global System for Mobile (GSM) communication user can access and be authenticated to third party services with total anonymity as far as the Services Providers are concerned and where the GSM Network Operator ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 52, Issue 2

April 2022

69 pages

ISSN:0146-4833

DOI:10.1145/3544912

Editor:
Steve Uhlig
Queen Mary, Univ. of London

Issue’s Table of Contents

Copyright © 2022 Copyright is held by the owner/author(s).

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 June 2022

Published in SIGCOMM-CCR Volume 52, Issue 2

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
298
Total Downloads

Downloads (Last 12 months)127
Downloads (Last 6 weeks)14

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mićović MRadenković UVuletić P(2023)Network Layer Privacy Protection Using Format-Preserving EncryptionElectronics10.3390/electronics1223480012:23(4800)Online publication date: 27-Nov-2023
https://doi.org/10.3390/electronics12234800
Steger LKuang LZirngibl JCarle GGasser O(2023)Target Acquired? Evaluating Target Generation Algorithms for IPv62023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10199073(1-10)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10199073
Hou BCai ZWu KYang TZhou T(2023)6Scan: A High-Efficiency Dynamic Internet-Wide IPv6 Scanner With Regional EncodingIEEE/ACM Transactions on Networking10.1109/TNET.2023.323395331:4(1870-1885)Online publication date: 9-Jan-2023
https://dl.acm.org/doi/10.1109/TNET.2023.3233953
Hou BCai ZWu KYang TZhou T(2023)Search in the Expanse: Towards Active and Global IPv6 HitlistsIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10229089(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10229089
Birrer AHe DJust N(2023)The state is watching you—A cross-national comparison of data retention in EuropeTelecommunications Policy10.1016/j.telpol.2023.10254247:4Online publication date: 1-May-2023
https://dl.acm.org/doi/10.1016/j.telpol.2023.102542
Ma ZZhang SLi NLi THu XFeng HZhou QLiu FQuan XWang HHu GZhang SZhai YChen SZhang S(2023)GraphNEIComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.109946235:COnline publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.comnet.2023.109946
Maier MUllrich J(2023)In the loopComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2022.109500221:COnline publication date: 1-Feb-2023
https://dl.acm.org/doi/10.1016/j.comnet.2022.109500
Nie LHe LSong GGao HLi CWang ZYang J(2022)Towards a Behavioral and Privacy Analysis of ECS for IPv6 DNS Resolvers2022 18th International Conference on Network and Service Management (CNSM)10.23919/CNSM55787.2022.9965032(303-309)Online publication date: 31-Oct-2022
https://doi.org/10.23919/CNSM55787.2022.9965032
Piraux MBarbette TRybowski NNavarre LAlfroy TPelsser CMichel FBonaventure O(2022)The multiple roles that IPv6 addresses can play in today's internetACM SIGCOMM Computer Communication Review10.1145/3561954.356195752:3(10-18)Online publication date: 6-Sep-2022
https://dl.acm.org/doi/10.1145/3561954.3561957
Jin BZha ZYu MMeng HChen JLong FXu JZhang R(2022)Wireless Communication-Based Coexistence of IPv4 and IPv6 for IoT Devices2022 International Conference on Knowledge Engineering and Communication Systems (ICKES)10.1109/ICKECS56523.2022.10060098(1-7)Online publication date: 28-Dec-2022
https://doi.org/10.1109/ICKECS56523.2022.10060098
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents