CN116827904B - IPv6 address searching method, system, medium and equipment - Google Patents
IPv6 address searching method, system, medium and equipment Download PDFInfo
- Publication number
- CN116827904B CN116827904B CN202311085837.6A CN202311085837A CN116827904B CN 116827904 B CN116827904 B CN 116827904B CN 202311085837 A CN202311085837 A CN 202311085837A CN 116827904 B CN116827904 B CN 116827904B
- Authority
- CN
- China
- Prior art keywords
- address
- ipv6
- searched
- ipv6 address
- addresses
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 26
- 238000012545 processing Methods 0.000 claims abstract description 35
- 238000004891 communication Methods 0.000 claims abstract description 32
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 27
- 230000000694 effects Effects 0.000 claims abstract description 14
- 238000004590 computer program Methods 0.000 claims description 10
- 238000004364 calculation method Methods 0.000 claims description 8
- 238000004458 analytical method Methods 0.000 abstract description 2
- 238000001514 detection method Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000004064 recycling Methods 0.000 description 2
- 238000012935 Averaging Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004883 computer application Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/618—Details of network addresses
- H04L2101/659—Internet protocol version 6 [IPv6] addresses
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an IPv6 address searching method, a system, a medium and equipment, wherein the system comprises a data acquisition unit, a data processing unit, a modeling unit, an Apriori algorithm processing unit and a traversing unit, the data processing unit comprises a primary classifying module, an IPv6 address generating module, an IPv6 address activity judging module and a secondary classifying module, the data acquisition unit is in communication connection with the primary classifying module, the primary classifying module is in communication connection with the IPv6 address generating module, the IPv6 address generating module is in communication connection with the IPv6 address activity judging module, the IPv6 address activity judging module is in communication connection with the secondary classifying module, the secondary classifying module is in communication connection with the modeling unit, the modeling unit is in communication connection with the Apriori algorithm processing unit, and the Apriori algorithm processing unit is in communication connection with the traversing unit. The invention solves the detection problem of massive IPv6 addresses, and improves the hit rate and analysis efficiency of IPv6 address searching.
Description
Technical Field
The invention relates to the technical field of computer application, in particular to an IPv6 address searching method, an IPv6 address searching system, an IPv6 address searching medium and IPv6 address searching equipment.
Background
With the increasing number of internet users, the number of conventional IPV4 addresses has failed to meet the rapidly growing internet development demands. The IPv4 protocol specifies an IP address length of 32 bits, that is, IPv4 addresses are only 32 times 2. On the 11 th 2019 26 th, all 43 billions of IPv4 addresses are allocated worldwide, meaning that no more IPv4 addresses can be allocated to ISPs and other large network infrastructure providers. The address length of IPv6 is 128 bits, and the address space is 128 times of 2, so that the dilemma of exhaustion of the current address space can be effectively solved, and the explosive demands of novel network technologies such as the Internet of things and big data on network addresses in the future can be met. Meanwhile, the country definitely adopts an IPv6 scale deployment task and target in a fourteen-five period, and the completion rate of government websites above the county level at the end of 2025 reaches more than 95 percent. IPV6 addresses will gradually eliminate IPV4 in the future, and therefore discovery and exploration of massive IPV6 addresses becomes important.
Some researchers currently propose an active IPv6 address probing method based on a seed address, that is, by learning the structural rule of an IPv6 seed address to generate a new IPv6 address to be probed that is likely to survive. Seed addresses refer to IPv6 addresses collected by researchers that survive long or short term. For example, a binary search tree is built according to the value condition of the seed address set in each bit, and the value of each bit is traversed according to a certain priority order, so that exploration of massive IPv6 addresses is realized.
The problem of finding IPV6 addresses in a binary search tree approach is many. The problem of unbalanced distribution of generated addresses is that the generated addresses are mostly concentrated in prefixes with a very large number of addresses or in some particularly active address space areas. The correlation algorithm almost exclusively relies on 128 bits of information from the IPV6 itself to divide or classify seed addresses, but ignores the multiple dimensional information associated with the addresses. The method for modeling the address space has defects in the selection of the size of the modeling space, or the address modeling space is reduced due to excessively dependent on collected seed addresses so as to cause the problem of sample deviation, or the address range to be generated is larger due to overlarge modeling space so as to greatly reduce the hit rate.
Disclosure of Invention
Therefore, the technical problem to be solved by the invention is to provide a method, a system, a medium and equipment for searching IPv6 addresses, which solve the problem of detecting massive IPv6 addresses and improve the hit rate and the analysis efficiency of searching IPv6 addresses.
In order to solve the technical problems, the invention provides the following technical scheme:
an IPv6 address searching method includes the steps of:
s1) classifying seed addresses according to two dimensional information of the seed addresses to obtain an address set to be searched, wherein the two dimensional information is an autonomous number+a border gateway protocol and an address interface identifier IID respectively;
s2) setting an explored space range for a certain class of address set to be searched after the classification in the step S1), defining the space range as SR and calculating by the following formula:
wherein ,the multiplication sum of the values of each nibble in the address set to be searched after the nibble is de-duplicated;
the number product sum of each value of each nibble in the address set to be searched;
for the +.>Entropy of the individual nibbles;
for the +.>Extremely bad of the individual nibbles;
for a set of addresses to be searchedIn combination->The number of the valued seeds of each nibble;
for the +.>The value of each half byte after the duplication removal;
s3) utilizing an Apriori algorithm to obtain a comparison result of the maximum and entropy of the IPv6 address in the space range SR in the step S2) and the number of the valued seeds and a set of optional data;
s4) circularly traversing seed addresses in the address set to be searched, calculating a comparison result of statistics, and further obtaining optional value content of the seed addresses.
The above method, classifying the seed address in step S1) is achieved by:
s1-1) carrying out primary classification on the seed address by utilizing the ASN of the autonomous system or the BGP prefix of the IPv6 address to obtain a primary classified address set;
s1-2) generating a new IPv6 address corresponding to each primary classified address set according to each primary classified address set obtained in the step S1-1);
s1-3) judging whether the new IPv6 address generated in the step S1-2) is an active address or not by utilizing an IPv6 active address discovery algorithm based on the seed address;
s1-4) performing secondary classification on the new IPv6 address judged to be the active address in the step S1-3) by using the address interface identifier IID to obtain an address set to be searched.
In the above method, in step S1-4), the new IPv6 address determined as an active address is secondarily classified using the log_a value of the address interface identifier IID; the log_a is calculated by the following formula:
wherein A is calculated by the following formula:
wherein n is the number of the most valued values of the last 16 nibble IID parts of the IPv6 address;
for IPv6 address->The value of each nibble is 16 scale [0, f]。
In step S2), three statistics of each nibble position of each IPv6 address in a certain class of address set to be searched in the address set to be searched are calculated and compared with a threshold value of the address set to be searched to obtain a set of comparison results with the threshold value, and then specific characters of each nibble in the IID to be searched are set according to the comparison results and the corresponding address selectable array, wherein the three statistics are respectively the extreme difference and the entropyAnd the number of species is the->Entropy of individual nibbles->The definition is as follows:
in the formula ,set at +.>The value of each nibble is +.>Is a probability of (2).
The method comprises the following steps that the threshold value of the address set to be searched is obtained:
s2-11) obtaining a space change range in a certain type of address set Log_A to be searched through an SR calculation formula, and sequentially obtaining the largest space exploration change range in all the groups of the address set Log_A to be searched through the operation;
s2-12) calculating the standard deviation average value of each address set to be searched by the following formula:
in the formula ,an arithmetic mean of the SRs for all sets of addresses to be searched;
s2-13) calculating three statistics of 16 nibbles of the seed address in the address set to be searched with the minimum difference between SR and BalanceSR according to the BalanceSR value calculated in the step S2-12), and taking the three statistics obtained by calculation as thresholds of the three statistics of all the address sets to be searched;
s2-14) comparing each nibble of the IID of the seed address in the address set to be searched with the threshold value obtained in the step S2-13) to determine the IP value which should be set by each nibble.
A system for searching IPv6 address by using the IPv6 address searching method comprises the following steps:
the data acquisition unit is used for acquiring the IPv6 address in an automatic acquisition or manual loading mode;
the data processing unit is used for classifying the IPv6 addresses acquired by the data acquisition unit;
the modeling unit is used for constructing a space range model for a certain class of address set to be searched obtained after the classification of the data processing unit;
the Apriori algorithm processing unit is used for solving the maximum and entropy of the IPv6 address in the space range defined by the space range model constructed by the modeling unit, and comparing results of the number of the valued seeds and a set of optional data;
the traversal unit is used for circularly traversing the comparison result of the maximum and entropy obtained by the Apriori algorithm processing unit and the number of the valued seeds and the optional data set;
the data acquisition unit is in communication connection with the data processing unit, the data processing unit is in communication connection with the modeling unit, the modeling unit is in communication connection with the Apriori algorithm processing unit, and the Apriori algorithm processing unit is in communication connection with the traversing unit.
The above system, the data processing unit includes:
the first-level classification module is used for carrying out primary classification on the seed address by utilizing the BGP prefix of the ASN or IPv6 address of the autonomous system;
the IPv6 address generation module is used for generating a new IPv6 address according to the processing result of the first-level classification module;
the IPv6 address activity judging module is used for judging whether the new IPv6 address generated by the IPv6 address generating module is an active address or not;
a secondary classification module for secondarily classifying the new IPv6 address judged as the active address by using the address interface identifier IID;
the data acquisition unit is in communication connection with the primary classification module, the primary classification module is in communication connection with the IPv6 address generation module, the IPv6 address generation module is in communication connection with the IPv6 address activity judgment module, the IPv6 address activity judgment module is in communication connection with the secondary classification module, and the secondary classification module is in communication connection with the modeling unit.
A computer readable storage medium having stored thereon a computer program which when executed by a processor implements the above method.
Computer device comprising a readable storage medium, a processor and a computer program stored on the readable storage medium and executable on the processor, which computer program, when executed by the processor, implements the method described above.
The technical scheme of the invention has the following beneficial technical effects:
1. the workload of grouping reduction operation on seed ground values and a more reasonable IPV6 address exploration range.
2. By establishing the exploration space model, the calculated IPV6 address has higher accuracy.
Drawings
FIG. 1 is a schematic diagram of the operation of an IPv6 address search system according to the present invention;
FIG. 2 is a flow chart of IPv6 address searching in the present invention;
FIG. 3 is a flow chart of seed address classification according to the present invention;
FIG. 4 is a diagram showing a seed address partitioning scheme according to the present invention;
FIG. 5 is a flow chart of threshold value acquisition of an address set to be searched in the present invention;
fig. 6 is a schematic diagram of a computer device capable of IPv6 address searching.
Detailed Description
The invention is further described below with reference to examples.
As shown in FIG. 1, the IPv6 address searching system comprises a data acquisition unit, a data processing unit, a modeling unit, an Apriori algorithm processing unit and a traversing unit, wherein the data processing unit comprises a primary classification module, an IPv6 address generation module, an IPv6 address activity judgment module and a secondary classification module, the data acquisition unit is in communication connection with the primary classification module, the primary classification module is in communication connection with the IPv6 address generation module, the IPv6 address generation module is in communication connection with the IPv6 address activity judgment module, the IPv6 address activity judgment module is in communication connection with the secondary classification module, the secondary classification module is in communication connection with the modeling unit, the modeling unit is in communication connection with the Apriori algorithm processing unit, and the Apriori algorithm processing unit is in communication connection with the traversing unit.
The data acquisition unit is used for acquiring the IPv6 address in an automatic acquisition or manual loading mode; the data processing unit is used for classifying the IPv6 addresses acquired by the data acquisition unit; the first-level classification module is used for carrying out primary classification on the seed address by utilizing the BGP prefix of the ASN or IPv6 address of the autonomous system; the IPv6 address generation module is used for generating a new IPv6 address according to the processing result of the first-level classification module; the IPv6 address activity judging module is used for judging whether the new IPv6 address generated by the IPv6 address generating module is an active address or not; a secondary classification module for secondarily classifying the new IPv6 address judged as the active address by using the address interface identifier IID; the modeling unit is used for constructing a space range model for a certain class of address set to be searched obtained after the classification of the data processing unit; the Apriori algorithm processing unit is used for solving the maximum and entropy of the IPv6 address in the space range defined by the space range model constructed by the modeling unit, and comparing results of the number of the valued seeds and a set of optional data; and the traversing unit is used for circularly traversing the comparison result of the maximum and entropy obtained by the Apriori algorithm processing unit and the number of the valued seeds and the optional data set.
As shown in fig. 2, the above IPv6 address searching system is utilized to search a large number of IPv6 addresses to generate new IPv6 addresses that may survive, and the specific flow is as follows:
s1) classifying seed addresses according to two dimensional information of the seed addresses to obtain an address set to be searched, wherein the two dimensional information is an autonomous number+a border gateway protocol and an address interface identifier IID respectively;
s2) setting an explored space range for a certain class of address set to be searched after the classification in the step S1), defining the space range as SR and calculating by the following formula:
wherein ,for each half of the set of addresses to be searchedThe product sum of the values of the bytes after the duplication removal;
the number product sum of each value of each nibble in the address set to be searched;
for the +.>Entropy of the individual nibbles;
for the +.>Extremely bad of the individual nibbles;
for the +.>The number of the valued seeds of each nibble;
for the +.>The value of each half byte after the duplication removal;
s3) utilizing an Apriori algorithm to obtain the comparison result of the range, entropy and number of the valued seeds of the IPv6 address in the space range SR in the step S2) and the set of optional data;
s4) circularly traversing seed addresses in the address set to be searched, calculating a comparison result of statistics, and further obtaining optional value content of the seed addresses.
Specifically, as shown in fig. 3, classifying the seed address in step S1) is achieved by:
s1-1) carrying out primary classification on the seed address by utilizing the ASN of the autonomous system or the BGP prefix of the IPv6 address to obtain a primary classified address set;
s1-2) generating a new IPv6 address corresponding to each primary classified address set according to each primary classified address set obtained in the step S1-1);
s1-3) judging whether the new IPv6 address generated in the step S1-2) is an active address or not by utilizing an IPv6 active address discovery algorithm based on the seed address;
s1-4) performing secondary classification on the new IPv6 address judged to be the active address in the step S1-3) by using the address interface identifier IID to obtain an address set to be searched.
For IPv6 addresses belonging to the same network segment, the IPv6 addresses have the same autonomous number and border gateway protocol prefix, each autonomous system needs an ASN, and the BGP prefix of the IPv6 address is also an important characteristic basis in the routing process. Therefore, firstly, the seed address is divided by ASN or BGP prefix to obtain primary classified address sets, then, each primary classified address set is respectively generated with a new IPv6 address, and whether the new IPv6 address is active or not is judged by detection.
The address interface identifier IID is used to designate the single network interface of the host or router, typically 64 bits after IPv6, i.e. the last 16 nibble bits, whereas the most important thing for the seed address-based IPv6 active address discovery algorithm is to predict and generate the IID part.
In this embodiment, in order to make the classification of IID more uniform and not affected by the extremum, in step S1-4), the log_a value of the address interface identifier IID is used to perform a secondary classification on the new IPv6 address determined as the active address; the log_a is calculated by the following formula:
wherein A is calculated by the following formula:
wherein n is the number of the most valued values of the last 16 nibble IID parts of the IPv6 address;
for IPv6 address->The value of each nibble is 16 scale [0, f]。
For example, the number of values 0 is the largest in 0000:0000:0000:0000, and the total is 16, namely n=16; whereas 0123:4567:89ab:cdef has only 1 value for each value, so n=1. Examples of calculation results of different IPv6 addresses are shown in table 1.
Table 1 log_a calculation results for different IPv6 addresses
In the third example, the types of IID are 8, 0, b, 3, 4, 1, 5, c, 7, d, f, and e, and 12 characters in total, so n=12, and the type of character that appears at most is 4 times 3. So a=3/12=0.25, log_a=0.5.
After solving the log_a of all the seed addresses, firstly dividing the seed address set according to the ASN and BGP prefixes, and then further dividing the seed addresses according to the log_a value on the basis of classification of the ASN and BGP. The manner of division is shown in fig. 4.
In step S2), three statistics of each nibble position of each IPv6 address in a certain type of address set to be searched in the address set to be searched are calculated and compared with the threshold value of the address set to be searched to obtainA group of comparison results with threshold values, and then specific characters of each nibble in the IID to be explored are set according to the comparison results and the corresponding address selectable arrays, wherein three statistics are extremely poor and entropy respectivelyAnd the number of species is the->Entropy of individual nibbles->The definition is as follows:
in the formula ,set at +.>The value of each nibble is +.>Is a probability of (2).
As shown in fig. 5, the threshold value of the set of addresses to be searched is obtained by:
s2-11) obtaining a space variation range in a certain type of address set Log_A to be searched through an SR calculation formula, and sequentially obtaining the maximum space exploration variation range in all the address set Log_A groups to be searched through the operation;
s2-12) calculating the standard deviation average value of each address set to be searched by the following formula:
in the formula ,for all to-be-searchedArithmetic mean of SR for the set of addresses;
s2-13) calculating three statistics of 16 nibbles of seed addresses in the address set to be searched with the minimum difference between SR and BalanceSR according to the BalanceSR value calculated in the step S2-12), taking the three statistics obtained by calculation as thresholds of the three statistics of all the address sets to be searched, and respectively defining the thresholds of the three statistics as a range threshold value range_t, an entropy threshold value entropy_t and a value category number threshold value type_t;
s2-14) comparing each nibble of the IID of the seed address in the address set to be searched with the threshold value obtained in the step S2-13) to determine the IP value which should be set by each nibble.
In this embodiment, the method of selecting the standard deviation average is mainly such that the averaging has two advantages: first), adapted for data having an equal or near equal relationship; second), the influence of the extreme values is very small.
In step S3), IPv6 addresses within the space range SR in step S2) are assembled into a set, and then the range, entropy and number of valued seeds of each nibble are calculated, and these three statistics are compared with a threshold value, so as to obtain specific comparison results of these three statistics, such as larger, smaller, etc. The number of each half byte is parallel to the comparison result to form a row. The same operation is performed for each nibble, and finally a table of the value types and the threshold comparison results of the three statistics is formed. This embodiment will be described taking the IPv6 address set described in table 2 as an example.
Table 2 IPv6 address set
Taking the last half character as an example, the number of the seeds is 3, 1, 8 and 2; assuming that the comparison result of the range, entropy, number of the taken value species and each threshold value is R Larger size 、E Smaller size 、T Smaller size . Finally forming a number of columns {3, 1, 8, 2, R Larger size 、E Smaller size 、T Smaller size The sequence is taken as a row to further execute Apriori. The same operation is performed sequentially for each example. Finally, the following table is formed:
{3、1、8、2、R larger size 、E Smaller size 、T Smaller size }
{4、3、6、2、5、7、R Smaller size 、E Larger size 、T Smaller size }
{1、3、2、R Larger size 、E Larger size 、T Smaller size }
......
{1、4、6、8、9、R Larger size 、E Smaller size 、T Smaller size }
Obtaining a new data set, setting the confidence coefficient of 0.5 and the lifting degree of 1 by using an Apriori association relation algorithm, and finally obtaining an association relation result as shown in the following table.
{R Larger size 、E Larger size 、T Larger size }->{1,2,3,4}
{R Larger size 、E Larger size 、T Smaller size }->{2,3,4,6}
{R Larger size 、E Smaller size 、T Larger size }->{5,6,7,8、9}
{R Smaller size 、E Larger size 、T Larger size }->{1,2}
{R Smaller size 、E Smaller size 、T Larger size }->{2,5,6}
{R Smaller size 、E Larger size 、T Smaller size }->{3,1,7,9}
{R Larger size 、E Smaller size 、T Smaller size }->{1,2,5}
{R Smaller size 、E Smaller size 、T Smaller size }->{6,4,7,5、9}
After the optional value content of all the bits is obtained, the optional values of all the bits of the IID are continuously traversed and combined to form different IPV6 addresses. And then scanning and verifying the generated address. And finally, obtaining an active and effective IPV6 address set.
Based on the above IPv6 address searching method, correspondingly, there is also provided a computer readable storage medium storing a computer program, which when executed by a processor, implements the steps of: classifying seed addresses according to two dimensional information of the seed addresses to obtain an address set to be searched, setting an explored space range for a single address set to be searched, then utilizing an Apriori algorithm to clearly obtain a comparison result of the range, entropy and number of the IPv6 addresses in the space range and a set of selectable data, recycling through the seed addresses in the address set to be searched, calculating a comparison result of statistics, and obtaining selectable value content of the seed addresses.
As shown in fig. 6, based on the above IPv6 address searching method and the computer readable storage medium, in this embodiment, there is further provided a computer device, which includes a readable storage medium, a processor, and a computer program stored on the readable storage medium and executable on the processor, where the readable storage medium and the processor are both disposed on a bus, and when the processor executes the computer program, the processor implements the following steps: classifying seed addresses according to two dimensional information of the seed addresses to obtain an address set to be searched, setting an explored space range for a single address set to be searched, then utilizing an Apriori algorithm to clearly obtain a comparison result of the range, entropy and number of the IPv6 addresses in the space range and a set of selectable data, recycling through the seed addresses in the address set to be searched, calculating a comparison result of statistics, and obtaining selectable value content of the seed addresses.
It is apparent that the above examples are given by way of illustration only and are not limiting of the embodiments. Other variations or modifications of the above teachings will be apparent to those of ordinary skill in the art. It is not necessary here nor is it exhaustive of all embodiments. While the obvious variations or modifications which are extended therefrom remain within the scope of the claims of this patent application.
Claims (9)
1. An IPv6 address searching method, comprising the steps of:
s1) classifying seed addresses according to two dimensional information of the seed addresses to obtain an address set to be searched, wherein the two dimensional information is an autonomous number+a border gateway protocol and an address interface identifier IID respectively;
s2) setting an explored space range for a certain class of address set to be searched after the classification in the step S1), defining the space range as SR and calculating by the following formula:
wherein ,the multiplication sum of the values of each nibble in the address set to be searched after the nibble is de-duplicated;
the number product sum of each value of each nibble in the address set to be searched;
for the +.>Entropy of the individual nibbles;
for the +.>Extremely bad of the individual nibbles;
for the +.>The number of the valued seeds of each nibble;
for the +.>The value of each half byte after the duplication removal;
s3) utilizing an Apriori algorithm to obtain the comparison result of the range, entropy and number of the valued seeds of the IPv6 address in the space range SR in the step S2) and the set of optional data; the comparison result of the range, entropy and number of the IPv6 addresses in the space range SR is obtained through the following operations: combining IPv6 addresses in the interval range SR in the step S2) into a set, then calculating the range, entropy and number of valued seeds of each nibble, and comparing the three statistics with a threshold value to obtain a specific comparison result of the three statistics;
s4) circularly traversing seed addresses in the address set to be searched, calculating a comparison result of statistics, and further obtaining optional value content of the seed addresses.
2. The method according to claim 1, characterized in that the sorting of seed addresses in step S1) is achieved by:
s1-1) carrying out primary classification on the seed address by utilizing the ASN of the autonomous system or the BGP prefix of the IPv6 address to obtain a primary classified address set;
s1-2) generating a new IPv6 address corresponding to each primary classified address set according to each primary classified address set obtained in the step S1-1);
s1-3) judging whether the new IPv6 address generated in the step S1-2) is an active address or not by utilizing an IPv6 active address discovery algorithm based on the seed address;
s1-4) performing secondary classification on the new IPv6 address judged to be the active address in the step S1-3) by using the address interface identifier IID to obtain an address set to be searched.
3. The method according to claim 2, wherein in step S1-4), the new IPv6 address determined as an active address is secondarily classified using the log_a value of the address interface identifier IID; the log_a is calculated by the following formula:
wherein A is calculated by the following formula:
wherein n is the number of the most valued values of the last 16 nibble IID parts of the IPv6 address;
for IPv6 address->The value of each nibble is 16 scale [0, f]。
4. The method according to claim 1, wherein in step S2), three statistics of each nibble position of each IPv6 address in a set of addresses to be searched in the set of addresses to be searched are calculated and compared with a threshold value of the set of addresses to be searched to obtain a set of comparison results with the threshold value, and then each nibble in the IID to be searched is set according to the comparison results and the corresponding address selectable arraySpecific characters, wherein three statistics are respectively the range and the entropyAnd the number of species is the->Entropy of individual nibbles->The definition is as follows:
in the formula ,set at +.>The value of each nibble is +.>Is a probability of (2).
5. The method according to claim 4, characterized in that the threshold value of the set of addresses to be searched is obtained by:
s2-11) obtaining a space variation range in a certain type of address set Log_A to be searched through an SR calculation formula, and sequentially obtaining the maximum space exploration variation range in all the address set Log_A groups to be searched through the operation;
s2-12) calculating the standard deviation average value of each address set to be searched by the following formula:
in the formula ,an arithmetic mean of the SRs for all sets of addresses to be searched;
s2-13) calculating three statistics of 16 nibbles of the seed address in the address set to be searched with the minimum difference between SR and BalanceSR according to the BalanceSR value calculated in the step S2-12), and taking the three statistics obtained by calculation as thresholds of the three statistics of all the address sets to be searched;
s2-14) comparing each nibble of the IID of the seed address in the address set to be searched with the threshold value obtained in the step S2-13) to determine the IP value which should be set by each nibble.
6. A system for performing IPv6 address searching using the IPv6 address searching method of claim 1, comprising:
the data acquisition unit is used for acquiring the IPv6 address in an automatic acquisition or manual loading mode;
the data processing unit is used for classifying the IPv6 addresses acquired by the data acquisition unit;
the modeling unit is used for constructing a space range model for a certain class of address set to be searched obtained after the classification of the data processing unit;
the Apriori algorithm processing unit is used for solving the maximum and entropy of the IPv6 address in the space range defined by the space range model constructed by the modeling unit, and comparing results of the number of the valued seeds and a set of optional data; the comparison result of the range, entropy and number of the IPv6 addresses in the space range SR is obtained through the following operations: combining IPv6 addresses in a space range SR into a set, then calculating the range, entropy and number of valued seeds of each nibble, and comparing the three statistics with a threshold value to obtain a specific comparison result of the three statistics;
the traversal unit is used for circularly traversing the comparison result of the maximum and entropy obtained by the Apriori algorithm processing unit and the number of the valued seeds and the optional data set;
the data acquisition unit is in communication connection with the data processing unit, the data processing unit is in communication connection with the modeling unit, the modeling unit is in communication connection with the Apriori algorithm processing unit, and the Apriori algorithm processing unit is in communication connection with the traversing unit.
7. The system of claim 6, wherein the data processing unit comprises:
the first-level classification module is used for carrying out primary classification on the seed address by utilizing the BGP prefix of the ASN or IPv6 address of the autonomous system;
the IPv6 address generation module is used for generating a new IPv6 address according to the processing result of the first-level classification module;
the IPv6 address activity judging module is used for judging whether the new IPv6 address generated by the IPv6 address generating module is an active address or not;
a secondary classification module for secondarily classifying the new IPv6 address judged as the active address by using the address interface identifier IID;
the data acquisition unit is in communication connection with the primary classification module, the primary classification module is in communication connection with the IPv6 address generation module, the IPv6 address generation module is in communication connection with the IPv6 address activity judgment module, the IPv6 address activity judgment module is in communication connection with the secondary classification module, and the secondary classification module is in communication connection with the modeling unit.
8. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program, when executed by a processor, implements the method of any of claims 1-5.
9. Computer device comprising a readable storage medium, a processor and a computer program stored on the readable storage medium and executable on the processor, characterized in that the computer program when executed by the processor implements the method according to any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311085837.6A CN116827904B (en) | 2023-08-28 | 2023-08-28 | IPv6 address searching method, system, medium and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311085837.6A CN116827904B (en) | 2023-08-28 | 2023-08-28 | IPv6 address searching method, system, medium and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116827904A CN116827904A (en) | 2023-09-29 |
| CN116827904B true CN116827904B (en) | 2023-11-03 |
Family
ID=88139581
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311085837.6A Active CN116827904B (en) | 2023-08-28 | 2023-08-28 | IPv6 address searching method, system, medium and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116827904B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115334044A (en) * | 2022-06-23 | 2022-11-11 | 中保能源科技有限公司 | Internet of things-oriented large-scale IPv6 address survivability detection method |
| CN116366603A (en) * | 2022-12-16 | 2023-06-30 | 绿盟科技集团股份有限公司 | Method and device for determining active IPv6 address |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10243733B2 (en) * | 2016-03-17 | 2019-03-26 | Virginia Tech Intellectual Properties, Inc. | Process and system for establishing a moving target connection for secure communications in client/server systems |
| CN111432043B (en) * | 2020-03-09 | 2021-06-01 | 清华大学 | Dynamic IPv6 address detection method based on density |
-
2023
- 2023-08-28 CN CN202311085837.6A patent/CN116827904B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115334044A (en) * | 2022-06-23 | 2022-11-11 | 中保能源科技有限公司 | Internet of things-oriented large-scale IPv6 address survivability detection method |
| CN116366603A (en) * | 2022-12-16 | 2023-06-30 | 绿盟科技集团股份有限公司 | Method and device for determining active IPv6 address |
Non-Patent Citations (1)
| Title |
|---|
| 基于种子地址的IPv6地址探测技术综述;李果;何林;宋光磊;王之梁;杨家海;李子木;;电信科学(第12期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116827904A (en) | 2023-09-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111565205B (en) | Network attack identification method and device, computer equipment and storage medium | |
| CN109905497B (en) | IPv6 active address dynamic discovery method | |
| CN111935136B (en) | Domain name query and analysis anomaly detection system and method based on DNS data analysis | |
| CN112347377B (en) | IP address field searching method, service scheduling method, device and electronic equipment | |
| CN107046586B (en) | A kind of algorithm generation domain name detection method based on natural language feature | |
| CN109165334B (en) | Method for establishing CDN manufacturer basic knowledge base | |
| CN105335402A (en) | Search method, index data generation method and device on the basis of static Cache | |
| CN111935185B (en) | Method and system for constructing large-scale trapping scene based on cloud computing | |
| CN113452802A (en) | Equipment model identification method, device and system | |
| CN111026917B (en) | Data packet classification method and system based on convolutional neural network | |
| CN112492056A (en) | IP address use analysis method and device | |
| CN116827904B (en) | IPv6 address searching method, system, medium and equipment | |
| CN103455491B (en) | To the method and device of query word classification | |
| CN111092879B (en) | Log association method and device, electronic equipment and storage medium | |
| CN110334252B (en) | Skyline query method on partial order domain | |
| CN113382092B (en) | Active address detection method and device based on graph community discovery | |
| CN111797180A (en) | Method for establishing geographic position information index and inquiring information and electronic equipment | |
| CN107423319B (en) | Junk web page detection method | |
| Gao et al. | FT-INDEX: A distributed indexing scheme for switch-centric cloud storage system | |
| CN110430094B (en) | Detection packet generation method based on active detection in SDN | |
| CN108776707B (en) | Sampling method for exploratory query | |
| CN115242716B (en) | IP address route reachability identification method based on BGP prefix tree | |
| CN111510512A (en) | Method for quickly acquiring all IP of domain name | |
| CN109189346B (en) | Data processing method and device | |
| Zhang et al. | 6MCBLM: Multi-scale CNN and BiLSTM-Attention Hybrid Model for IPv6 Target Generation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |