Identification of Dynamic IP Addresses with Public Data
Abstract
We introduce DynMap, a system to identify dynamically-assigned IP addresses. DynMap tracks hosts using publicly-accessible HTTPS certificate fingerprints, making DynMap generally applicable by any network operator. We develop mechanisms to deal with HTTPS certificate sharing across multiple devices as well as reverse proxies and load balancers. We apply DynMap to a wide-area scanning dataset and show that DynMap is capable of identifying IPs that are clearly assigned dynamically.
References
Dan, Ovidiu, Vaibhav Parikh e Brian D. Davison (2021). “IP Geolocation through Reverse DNS”. Em: ACM Trans. Internet Technol. DOI: 10.1145/3457611.
Fiebig, Tobias, Kevin Borgolte, Shuang Hao, Christopher Kruegel, Giovanni Vigna e Anja Feldmann (2018). “In rDNS We Trust: Revisiting a Common Data-Source’s Reliability”. Em: Passive and Active Measurement. Springer International Publishing. DOI: 10.1007/978-3-319-76481-8_10.
Jin, Yu, Esam Sharafuddin e Zhi Li Zhang (2007). “Identifying dynamic IP address blocks serendipitously through background scanning traffic”. Em: Proceedings of the 2007 ACM CoNEXT Conference. Association for Computing Machinery. DOI: 10.1145/1364654.1364659.
Marder, Alexander, Matthew Luckie, Amogh Dhamdhere, Bradley Huffaker, kc claffy e Jonathan M. Smith (2018). “Pushing the Boundaries with bdrmapIT: Mapping Router Ownership at Internet Scale”. Em: Proceedings of the Internet Measurement Conference 2018. Association for Computing Machinery. DOI: 10.1145/3278532.3278538.
Martin, Husák, Čermák Milan, Jirsík Tomáš e Čeleda Pavel (2016). “HTTPS traffic analysis and client identification using passive SSL/TLS fingerprinting”. Em: EURASIP Journal on Information Security. DOI: 10.1186/s13635-016-0030-7.
Nakamori, Tomofumi, Daiki Chiba, Mitsuaki Akiyama e Shigeki Goto (2019). “Detecting Dynamic IP Addresses and Cloud Blocks Using the Sequential Characteristics of PTR Records”. Em: Journal of Information Processing. DOI: 10.2197/ipsjjip.27.525.
Richter, Philipp, Georgios Smaragdakis, David Plonka e Arthur Berger (2016). “Beyond Counting: New Perspectives on the Active IPv4 Address Space”. Em: Proceedings of the Internet Measurement Conference 2016. Association for Computing Machinery. DOI: 10.1145/2987443.2987473.
Sankar, Vedha, Varsha Bharanikumar e Lakshmi Swaminathan (2024). “Dynamic Load Balancing and Resource Optimization Algorithm for Reverse Proxy Servers”. Em: 2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS). DOI: 10.1109/ICC-ROBINS60238.2024.10533888.
Tundis, Andrea, Wojciech Mazurczyk e Max Mühlhäuser (2018). “A review of network vulnerabilities scanning tools: types, capabilities and functioning”. Em: Proceedings of the 13th International Conference on Availability, Reliability and Security. Association for Computing Machinery. DOI: 10.1145/3230833.3233287.
Xiao, Zhen, Weijia Song e Qi Chen (2013). “Dynamic Resource Allocation Using Virtual Machines for Cloud Computing Environment”. Em: IEEE Transactions on Parallel and Distributed Systems. DOI: 10.1109/TPDS.2012.283.
Xie, Yinglian, Fang Yu, Kannan Achan, Eliot Gillum, Moises Goldszmidt e Ted Wobber (2007). “How Dynamic are IP Addresses?” Em: Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. Association for Computing Machinery. DOI: 10.1145/1282380.1282415.
Fiebig, Tobias, Kevin Borgolte, Shuang Hao, Christopher Kruegel, Giovanni Vigna e Anja Feldmann (2018). “In rDNS We Trust: Revisiting a Common Data-Source’s Reliability”. Em: Passive and Active Measurement. Springer International Publishing. DOI: 10.1007/978-3-319-76481-8_10.
Jin, Yu, Esam Sharafuddin e Zhi Li Zhang (2007). “Identifying dynamic IP address blocks serendipitously through background scanning traffic”. Em: Proceedings of the 2007 ACM CoNEXT Conference. Association for Computing Machinery. DOI: 10.1145/1364654.1364659.
Marder, Alexander, Matthew Luckie, Amogh Dhamdhere, Bradley Huffaker, kc claffy e Jonathan M. Smith (2018). “Pushing the Boundaries with bdrmapIT: Mapping Router Ownership at Internet Scale”. Em: Proceedings of the Internet Measurement Conference 2018. Association for Computing Machinery. DOI: 10.1145/3278532.3278538.
Martin, Husák, Čermák Milan, Jirsík Tomáš e Čeleda Pavel (2016). “HTTPS traffic analysis and client identification using passive SSL/TLS fingerprinting”. Em: EURASIP Journal on Information Security. DOI: 10.1186/s13635-016-0030-7.
Nakamori, Tomofumi, Daiki Chiba, Mitsuaki Akiyama e Shigeki Goto (2019). “Detecting Dynamic IP Addresses and Cloud Blocks Using the Sequential Characteristics of PTR Records”. Em: Journal of Information Processing. DOI: 10.2197/ipsjjip.27.525.
Richter, Philipp, Georgios Smaragdakis, David Plonka e Arthur Berger (2016). “Beyond Counting: New Perspectives on the Active IPv4 Address Space”. Em: Proceedings of the Internet Measurement Conference 2016. Association for Computing Machinery. DOI: 10.1145/2987443.2987473.
Sankar, Vedha, Varsha Bharanikumar e Lakshmi Swaminathan (2024). “Dynamic Load Balancing and Resource Optimization Algorithm for Reverse Proxy Servers”. Em: 2024 International Conference on Cognitive Robotics and Intelligent Systems (ICC - ROBINS). DOI: 10.1109/ICC-ROBINS60238.2024.10533888.
Tundis, Andrea, Wojciech Mazurczyk e Max Mühlhäuser (2018). “A review of network vulnerabilities scanning tools: types, capabilities and functioning”. Em: Proceedings of the 13th International Conference on Availability, Reliability and Security. Association for Computing Machinery. DOI: 10.1145/3230833.3233287.
Xiao, Zhen, Weijia Song e Qi Chen (2013). “Dynamic Resource Allocation Using Virtual Machines for Cloud Computing Environment”. Em: IEEE Transactions on Parallel and Distributed Systems. DOI: 10.1109/TPDS.2012.283.
Xie, Yinglian, Fang Yu, Kannan Achan, Eliot Gillum, Moises Goldszmidt e Ted Wobber (2007). “How Dynamic are IP Addresses?” Em: Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. Association for Computing Machinery. DOI: 10.1145/1282380.1282415.
Published
2024-09-16
How to Cite
CARDOSO, Gabriel Pains de Oliveira; OLIVEIRA, Leonardo B.; CUNHA, Ítalo.
Identification of Dynamic IP Addresses with Public Data. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 822-828.
DOI: https://doi.org/10.5753/sbseg.2024.241681.
