Internet-wide measurements and scans have become an essential tool of today's research for large-scale phenomena. For example, in respect to security research, we might want to study how the Internet's overall security posture is, to focus our attention on mitigating large-scale threats. While we are able to perform large-scale scans for the IPv4 address space of today's Internet, we are currently lacking the techniques and tools to do so for its IPv6 counterpart. Yet, understanding and measuring how the IPv6 Internet is deployed and scanning IPv6-connected devices is similarly important as it is for IPv4, and it will only become more important in the future with its increased adoption.

As part our research, we develop techniques to enumerate part of the IPv6 Internet that is (supposedly) actively being used. To empower other researchers, we aim to make the corresponding source code available as open source, and we publish resulting datasets available as open data. Currently, however, the IPv6 Internet cannot yet be considered stable, which means that the benefit of a single point-in-time IPv6 snapshot will be ever-decreasing. Therefore, we will publish regularly updated versions of our datasets.

The use of the published datasets requires agreeing to the terms of the license below. Specifically, it is a common open data license with special requirements on academic attribution.

Publications

Datasets

March 2019: Updates to the datasets had been delayed because all authors recently started new positions. We are slowly catching up and hope to publish a new versions of the datasets soon.

Please note that the format of our datasets will likely change in the future. Newer versions of our dataset will appear here regularly. Please follow the collaborators on Twitter for announcements about new data (see Twitter handles below).

Current versions of our dataset are (all times UTC):

IPv6 NXDOMAIN based

IPv4 NXDOMAIN based

IPv4 Bruteforce

License

The datasets are licensed under Creative Commons Attribution 4.0 International License with the additional requirement that the corresponding publications should be cited alongside the website. The respective BibTeX is:

BibTeX

@inproceedings{sp2018-dnssec-ipv6,
  title     = {{Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones}},
  author    = {Borgolte, Kevin and Hao, Shuang and Fiebig, Tobias and Vigna, Giovanni},
  booktitle = {Proceedings of the 39th IEEE Symposium on Security \& Privacy},
  series    = {S\&P},
  month     = {May},
  year      = {2018}
}

@inproceedings{pam2018-rdns,
  title     = {{In rDNS We Trust: Revisiting a Common Data-Source's Reliability}},
  author    = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni and Feldmann, Anja},
  booktitle = {Proceedings of the 19th Passive and Active Measurement Conference},
  series    = {PAM},
  month     = {March},
  year      = {2018}
}

@inproceedings{pam2017-nxdomain,
  title     = {{Something From Nothing (There): Collecting Global IPv6 Datasets From DNS}},
  author    = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 18th Passive and Active Measurement Conference},
  series    = {PAM},
  month     = {March},
  year      = {2017}
}

Main Collaborators

Kevin Borgolte
Kevin Borgolte
Princeton University
@caovc
Tobias Fiebig
Tobias Fiebig
TU Delft
@chelloway
Shuang Hao
Shuang Hao
UT Dallas
@shuang_hao

Institutions

Princeton University

TU Delft

UT Dallas