Abstract
The device detected from the public network usually associates with an IP as the unique identity generally. The problem is that many registrants of devices are always different from their true users, which make it difficult for operators to discover whether the IPs are used normally. The research on users of IPs plays an important role to help us for network security and protection. In this paper, we are seeking the users of devices and investigating why they are exposed to the public from five aspects: SSL certificates, protocol banners, address, topology and location. We presented FIUD: A Framework to Identify Users of Devices to extract users automatically. FIUD is based on Seed Extension so as to ensure both accuracy and coverage of user identification. We evaluated our methodology in laboratory and in the real-world. Compared with the mature results in the industry, the experiment shows that our methodology has achieved higher performances to discover the true users of IPs. At the same time, we did the network measurement in Beijing based on our methodology.
Supported by National Key Research and Development Projects (No. Y950201104) and National Natural Science Foundation of China (No. U1766215).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Chen, J.: Towards IP location estimation using the nearest common router. J. Internet Technol. 19(7), 2097–2110 (2018)
Daigle, L.: WHOIS protocol specification. RFC 49(8), 756–757 (2004)
Jia, Y., Han, B., Li, Q., et al.: Who owns Internet of Thing devices? Int. J. Distrib. Sens. Netw. 14(11), 155014771881109 (2018)
Zheng, X., Cai, Z., Yu, J.: Follow but no track: privacy preserved profile publishing in cyber-physical social systems. IEEE Internet Things J. 6, 1868–1878 (2017)
Pingley, A., Yu, W., Zhang, N., et al.: CAP: a context-aware privacy protection system for location-based services. In: IEEE International Conference on Distributed Computing Systems. IEEE (2009)
Wang, Y., Burgener, D., Flores, M., Kuzmanovic, A., Huang, C.: Towards street-level client-independent IP geolocation. In: Proceedings of the 8th USENIX Conference on Networked Systems Design and Implementation (NSDI 2011), pp. 365–379. USENIX Association, USA (2011)
Roughan, M., Chang, R. (eds.): PAM 2013. LNCS, vol. 7799. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36516-4
Rüth, J., Zimmermann, T., Hohlfeld, O.: Hidden treasures – recycling large-scale Internet measurements to study the Internet’s control plane. In: Choffnes, D., Barcellos, M. (eds.) PAM 2019. LNCS, vol. 11419, pp. 51–67. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15986-3_4
Holz, R.: The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, pp. 427–444 (2011)
Weinstein, J., Weinstein, T., Elgamal, T.: SSL step-up (2000)
Clark, J., Oorschot, P.C.V.: SoK: SSL and HTTPS: revisiting past challenges and evaluating certificate trust model enhancements. In: 2013 IEEE Symposium on Security and Privacy (SP). IEEE (2013)
Goyal, A., Gupta, V., Kumar, M.: Recent named entity recognition and classification techniques: a systematic review. Comput. Sci. Rev. 29, 21–43 (2018)
Georgescu, T.M., Iancu, B., Zurini, M.: Named-entity-recognition-based automated system for diagnosing cybersecurity situations in IoT networks. Sensors 19(15), 3380 (2019)
Ling, L., Zhihao, Y., Pei, Y., et al.: An attention-based BiLSTM-CRF approach to document-level chemical named entity recognition. Bioinformatics 34(8), 1381–1388 (2019)
Meng, X., Xu, Z., Zhang, B., et al.: IPv4 address allocation and the BGP routing table evolution. ACM SIGCOMM Comput. Commun. Rev. 35(1), 71–80 (2005)
Bakker, N., Jasinska, E., Raszuk, R., et al.: Internet exchange BGP route server (2016)
Katz-Bassett, E., John, J.P., Krishnamurthy, A., et al.: Towards IP geolocation using delay and topology measurements. In: ACM SIGCOMM Conference on Internet Measurement. ACM (2006)
Cohen, W.W.: A comparison of string distance metrics for name-matching tasks. In: IIWEB 2003 Proceedings of the 2003 International Conference on Information Integration on the Web, pp. 73–78 (2003)
Miller, F.P., Agnes, F., et al.: Geohash. Alphascript Publishing, USA (2010)
Taylor, T., Leech, M., Bellovin, S.: ICMP traceback messages Internet draft (2003)
Claffy, K.C.: CAIDA: visualizing the Internet. IEEE Internet Comput. 5(1), 88 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Ren, Y., Li, H., Zhu, H., Sun, L. (2021). FIUD: A Framework to Identify Users of Devices. In: Liu, Z., Wu, F., Das, S.K. (eds) Wireless Algorithms, Systems, and Applications. WASA 2021. Lecture Notes in Computer Science(), vol 12938. Springer, Cham. https://doi.org/10.1007/978-3-030-86130-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-86130-8_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-86129-2
Online ISBN: 978-3-030-86130-8
eBook Packages: Computer ScienceComputer Science (R0)