Yakai Fang, Liancheng Zhang, Luyang Li, Ce Sun, Yi Guo, Hongtao Zhang, Bin Lin, Jichang Wang, Wenhao Xia
{"title":"An IPv6 address fast scanning method based on local domain name association.","authors":"Yakai Fang, Liancheng Zhang, Luyang Li, Ce Sun, Yi Guo, Hongtao Zhang, Bin Lin, Jichang Wang, Wenhao Xia","doi":"10.1038/s41598-025-95680-w","DOIUrl":null,"url":null,"abstract":"<p><p>With the increase of security issues in IPv6 networks, conducting address scanning in IPv6 networks proves beneficial for identifying potential security risks and vulnerabilities. To enhance the privacy of users' IPv6 addresses, mainstream OS (Operating System) nodes currently employ randomized interface identifiers and temporary IPv6 addresses. Additionally, since most existing IPv6 address scanning methods rely on active scanning, which makes current on-link IPv6 address scanning methods face the challenges of incomplete scan results, poor coverage across different OSs, significant impact on network performance, and the inability to promptly detect subsequently joined hosts. To this end, An IPv6 address fast scanning method based on local domain name association (FScan6), which combines active scanning and passive listening, is proposed. The active scanning module targets different OSs using distinct protocols (Browser and DNS-SD) to obtain local domain names of on-link hosts. Meanwhile, the passive listening module monitors traffic to extract local domain names of on-link hosts. Then, it employs mDNS protocol to retrieve IPv6 addresses associated with these local domain names. A typical on-link IPv6 network environment was constructed, comprising 26 versions of Windows, Apple, and Linux OSs, and FScan6 was compared with 9 IPv6 address scanning methods. The experimental results show that FScan6 outperforms existing IPv6 address scanning methods in terms of OS coverage and scanning result completeness. Specifically, regarding OS coverage, FScan6 successfully detected all IPv6 addresses across 26 different OS versions, which outperformed 9 address scanning tools and scripts by a factor of 2.89 times at most. Regarding scanning result completeness, FScan6 identified up to 54 additional IPv6 addresses at most compared to these tools and scripts. Additionally, FScan6 has a minimal impact on network performance, with the packet loss rate induced by the tool consistently remaining at 0%.</p>","PeriodicalId":21811,"journal":{"name":"Scientific Reports","volume":"15 1","pages":"11524"},"PeriodicalIF":3.9000,"publicationDate":"2025-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC11968882/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scientific Reports","FirstCategoryId":"103","ListUrlMain":"https://doi.org/10.1038/s41598-025-95680-w","RegionNum":2,"RegionCategory":"综合性期刊","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"MULTIDISCIPLINARY SCIENCES","Score":null,"Total":0}
引用次数: 0
Abstract
With the increase of security issues in IPv6 networks, conducting address scanning in IPv6 networks proves beneficial for identifying potential security risks and vulnerabilities. To enhance the privacy of users' IPv6 addresses, mainstream OS (Operating System) nodes currently employ randomized interface identifiers and temporary IPv6 addresses. Additionally, since most existing IPv6 address scanning methods rely on active scanning, which makes current on-link IPv6 address scanning methods face the challenges of incomplete scan results, poor coverage across different OSs, significant impact on network performance, and the inability to promptly detect subsequently joined hosts. To this end, An IPv6 address fast scanning method based on local domain name association (FScan6), which combines active scanning and passive listening, is proposed. The active scanning module targets different OSs using distinct protocols (Browser and DNS-SD) to obtain local domain names of on-link hosts. Meanwhile, the passive listening module monitors traffic to extract local domain names of on-link hosts. Then, it employs mDNS protocol to retrieve IPv6 addresses associated with these local domain names. A typical on-link IPv6 network environment was constructed, comprising 26 versions of Windows, Apple, and Linux OSs, and FScan6 was compared with 9 IPv6 address scanning methods. The experimental results show that FScan6 outperforms existing IPv6 address scanning methods in terms of OS coverage and scanning result completeness. Specifically, regarding OS coverage, FScan6 successfully detected all IPv6 addresses across 26 different OS versions, which outperformed 9 address scanning tools and scripts by a factor of 2.89 times at most. Regarding scanning result completeness, FScan6 identified up to 54 additional IPv6 addresses at most compared to these tools and scripts. Additionally, FScan6 has a minimal impact on network performance, with the packet loss rate induced by the tool consistently remaining at 0%.
期刊介绍:
We publish original research from all areas of the natural sciences, psychology, medicine and engineering. You can learn more about what we publish by browsing our specific scientific subject areas below or explore Scientific Reports by browsing all articles and collections.
Scientific Reports has a 2-year impact factor: 4.380 (2021), and is the 6th most-cited journal in the world, with more than 540,000 citations in 2020 (Clarivate Analytics, 2021).
•Engineering
Engineering covers all aspects of engineering, technology, and applied science. It plays a crucial role in the development of technologies to address some of the world''s biggest challenges, helping to save lives and improve the way we live.
•Physical sciences
Physical sciences are those academic disciplines that aim to uncover the underlying laws of nature — often written in the language of mathematics. It is a collective term for areas of study including astronomy, chemistry, materials science and physics.
•Earth and environmental sciences
Earth and environmental sciences cover all aspects of Earth and planetary science and broadly encompass solid Earth processes, surface and atmospheric dynamics, Earth system history, climate and climate change, marine and freshwater systems, and ecology. It also considers the interactions between humans and these systems.
•Biological sciences
Biological sciences encompass all the divisions of natural sciences examining various aspects of vital processes. The concept includes anatomy, physiology, cell biology, biochemistry and biophysics, and covers all organisms from microorganisms, animals to plants.
•Health sciences
The health sciences study health, disease and healthcare. This field of study aims to develop knowledge, interventions and technology for use in healthcare to improve the treatment of patients.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
