{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T21:08:03Z","timestamp":1764018483139,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":57,"publisher":"ACM","funder":[{"name":"Deutsche Forschungsgemeinschaft","award":["WE 2935\/20-1"],"award-info":[{"award-number":["WE 2935\/20-1"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,10,28]]},"DOI":"10.1145\/3730567.3764502","type":"proceedings-article","created":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T15:22:38Z","timestamp":1763738558000},"page":"970-982","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Time To Scan: Digging into NTP-based IPv6 Scanning"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-1535-6987","authenticated-orcid":false,"given":"Michael","family":"Klopsch","sequence":"first","affiliation":[{"name":"Communication and Distributed Systems, RWTH Aachen University, Aachen, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-6627-1708","authenticated-orcid":false,"given":"Constantin","family":"Sander","sequence":"additional","affiliation":[{"name":"Communication and Distributed Systems, RWTH Aachen University, Aachen, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7252-4186","authenticated-orcid":false,"given":"Klaus","family":"Wehrle","sequence":"additional","affiliation":[{"name":"Communication and Distributed Systems, RWTH Aachen University, Aachen, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9733-540X","authenticated-orcid":false,"given":"Markus","family":"Dahlmanns","sequence":"additional","affiliation":[{"name":"Communication and Distributed Systems, RWTH Aachen University, Aachen, Germany"}]}],"member":"320","published-online":{"date-parts":[[2025,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363192"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487848"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978364"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131401"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/EECSI.2017.8239179"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.23919\/IFIPNetworking52078.2021.9472785"},{"key":"e_1_3_2_1_7_1","unstructured":"IEEE Registration Authority. 2024. IEEE MA-S M L Assignments. https:\/\/standards.ieee.org\/products-programs\/regauth\/"},{"key":"e_1_3_2_1_8_1","first-page":"7463","volume-title":"Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation. In 33rd USENIX Security Symposium (USENIX Security 24)","author":"B\u00e4umer Fabian","year":"2024","unstructured":"Fabian B\u00e4umer, Marcus Brinkmann, and J\u00f6rg Schwenk. 2024. Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation. In 33rd USENIX Security Symposium (USENIX Security 24). USENIX Association, Philadelphia, PA, 7463-7480."},{"key":"e_1_3_2_1_9_1","first-page":"308","volume-title":"Proceedings of the Internet Measurement Conference","author":"Beverly Robert","year":"2018","unstructured":"Robert Beverly, Ramakrishnan Durairajan, David Plonka, and Justin P Rohrer. 2018. In the IP of the beholder: Strategies for active IPv6 topology discovery. In Proceedings of the Internet Measurement Conference 2018. 308-321."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00027"},{"key":"e_1_3_2_1_11_1","unstructured":"CAIDA. 2024. The CAIDA Macroscopic Internet Topology Data Kit - 2024-02. https:\/\/www.caida.org\/catalog\/datasets\/internet-topology-data-kit."},{"key":"e_1_3_2_1_12_1","unstructured":"Censys. 2024. https:\/\/search.censys.io\/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q="},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM42981.2021.9488912"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23047"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS59830.2024.10574963"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3488932.3497762"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3579856.3590329"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"David Dittrich and Erin Kenneally. 2012. The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research. Technical Report. U.S. Department of Homeland Security.","DOI":"10.2139\/ssrn.2342036"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3646547.3689012"},{"key":"e_1_3_2_1_20_1","first-page":"605","volume-title":"ZMap: Fast Internet-wide Scanning and Its Security Applications. In 22nd USENIX Security Symposium (USENIX Security 13)","author":"Durumeric Zakir","unstructured":"Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2013. ZMap: Fast Internet-wide Scanning and Its Security Applications. In 22nd USENIX Security Symposium (USENIX Security 13). USENIX Association, Washington, D.C., 605-620. https:\/\/www.usenix.org\/conference\/usenixsecurity13\/technical-sessions\/paper\/durumeric"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-54328-4_3"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987445"},{"key":"e_1_3_2_1_23_1","volume-title":"In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements. In Passive and Active Measurement Conference","author":"Gasser Oliver","year":"2018","unstructured":"Oliver Gasser, Benjamin Hof, Max Helm, Maciej Korczynski, Ralph Holz, and Georg Carle. 2018a. In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements. In Passive and Active Measurement Conference 2018."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2014.6838249"},{"key":"e_1_3_2_1_25_1","first-page":"364","volume-title":"Proceedings of the Internet Measurement Conference","author":"Gasser Oliver","year":"2018","unstructured":"Oliver Gasser, Quirin Scheitle, Pawel Foremski, Qasim Lone, Maciej Korczy'nski, Stephen D Strowes, Luuk Hendriks, and Georg Carle. 2018b. Clusters in the expanse: Understanding and unbiasing IPv6 hitlists. In Proceedings of the Internet Measurement Conference 2018. 364-378."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Sharon Goldberg Moni Naor Dimitrios Papadopoulos Leonid Reyzin Sachin Vasantand and Asaf Ziv. 2015. NSEC5: Provably Preventing DNSSEC Zone Enumeration.","DOI":"10.14722\/ndss.2015.23211"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3656300"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM42981.2021.9488794"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3579334"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-56249-5_5"},{"key":"e_1_3_2_1_31_1","volume-title":"Altcoin Explorer: QLC Chain, the Next Generation Public Chain for Network-as-a-Service (NAAS). https:\/\/crypto.news\/altcoin-explorer-qlc-chain-generation-public-chain-network-service-naas\/","author":"Jones Wayne","year":"2022","unstructured":"Wayne Jones. 2022. Altcoin Explorer: QLC Chain, the Next Generation Public Chain for Network-as-a-Service (NAAS). https:\/\/crypto.news\/altcoin-explorer-qlc-chain-generation-public-chain-network-service-naas\/"},{"key":"e_1_3_2_1_32_1","volume-title":"Said Jawad Saidi, and Oliver Gasser","author":"Jose Peter","year":"2023","unstructured":"Peter Jose, Said Jawad Saidi, and Oliver Gasser. 2023. Analyzing iot hosts in the ipv6 internet. (2023). arXiv:2307.09918 https:\/\/arxiv.org\/abs\/2307.09918"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN48987.2021.00025"},{"key":"e_1_3_2_1_34_1","volume-title":"Characterizing the VPN Ecosystem in the Wild. In International Conference on Passive and Active Network Measurement. Springer, 18-45","author":"Maghsoudlou Aniss","year":"2023","unstructured":"Aniss Maghsoudlou, Lukas Vermeulen, Ingmar Poese, and Oliver Gasser. 2023. Characterizing the VPN Ecosystem in the Wild. In International Conference on Passive and Active Network Measurement. Springer, 18-45."},{"key":"e_1_3_2_1_35_1","unstructured":"MaxMind. 2024. GeoLite2 Database. https:\/\/dev.maxmind.com\/geoip\/geolite2-free-geolocation-data\/"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3652963.3655051"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131405"},{"key":"e_1_3_2_1_38_1","first-page":"1470","article-title":"Guardians of DNS Integrity: A Remote Method for Identifying DNSSEC Validators Across the Internet. In 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","author":"Nosyk Yevheniya","year":"2023","unstructured":"Yevheniya Nosyk, Maciej Korczy'nski, and Andrzej Duda. 2023. Guardians of DNS Integrity: A Remote Method for Identifying DNSSEC Validators Across the Internet. In 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 1470-1479.","journal-title":"IEEE"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP57164.2023.00053"},{"key":"e_1_3_2_1_40_1","unstructured":"NTP Pool project. 2024. pool.ntp.org: NTP Servers in Global pool.ntp.org. https:\/\/www.ntppool.org\/zone\/@"},{"key":"e_1_3_2_1_41_1","unstructured":"Qualys. 2024. regreSSHion: RCE in OpenSSH's server on glibc-based Linux systems (CVE-2024-6387). https:\/\/www.qualys.com\/2024\/07\/01\/cve-2024-6387\/regresshion.txt"},{"key":"e_1_3_2_1_42_1","unstructured":"RIPE. 2024. RIPE Routing Information Service. https:\/\/www.ripe.net\/analyse\/internet-measurements\/routing-information-service-ris\/."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2016.52"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3603269.3604829"},{"key":"e_1_3_2_1_45_1","first-page":"3","volume-title":"Passive and Active Measurement: 21st International Conference, PAM 2020, Eugene, Oregon, USA, March 30-31, 2020, Proceedings 21","author":"Rye Erik C","year":"2020","unstructured":"Erik C Rye and Robert Beverly. 2020. Discovering the IPv6 network periphery. In Passive and Active Measurement: 21st International Conference, PAM 2020, Eugene, Oregon, USA, March 30-31, 2020, Proceedings 21. Springer, 3-18."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3517745.3561431"},{"key":"e_1_3_2_1_47_1","volume-title":"Rapha\u00ebl Hertzog, Andreas Barth, Lucas Nussbaum, Hideki Yamane, and Holger Levsen.","author":"Schwarz Christian","year":"2025","unstructured":"Christian Schwarz, Adam Di Carlo, Rapha\u00ebl Hertzog, Andreas Barth, Lucas Nussbaum, Hideki Yamane, and Holger Levsen. 2025. Debian Developer's Reference: Managing Packages. https:\/\/www.debian.org\/doc\/manuals\/developers-reference\/pkgs.en.html"},{"key":"e_1_3_2_1_48_1","unstructured":"Tanya Shreedhar Danesh Zeynali Oliver Gasser Nitinder Mohan and J\u00f6rg Ott. 2022. A longitudinal view at the adoption of multipath TCP. (2022). arXiv:2205.12138 https:\/\/arxiv.org\/abs\/2205.12138"},{"key":"e_1_3_2_1_49_1","first-page":"309","volume-title":"2022 USENIX Annual Technical Conference (USENIX ATC 22)","author":"Song Guanglei","year":"2022","unstructured":"Guanglei Song, Jiahai Yang, Lin He, Zhiliang Wang, Guo Li, Chenxin Duan, Yaozhong Liu, and Zhongxiang Sun. 2022. AddrMiner: A Comprehensive Global Active IPv6 Address Discovery System. In 2022 USENIX Annual Technical Conference (USENIX ATC 22). USENIX Association, Carlsbad, CA, 309-326. https:\/\/www.usenix.org\/conference\/atc22\/presentation\/song"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW61312.2024.00038"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487833"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.23919\/TMA58422.2023.10199073"},{"key":"e_1_3_2_1_53_1","unstructured":"Stephen D. Strowes. 2017. Bootstrapping Active IPv6 Measurement with IPv4 and Public DNS. (2017). arXiv:1710.08536 https:\/\/arxiv.org\/abs\/1710.08536"},{"key":"e_1_3_2_1_54_1","unstructured":"The ZMap Project. 2024. ZGrab 2.0. https:\/\/github.com\/zmap\/zgrab2."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/NCA.2014.27"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3646547.3688449"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3517745.3561440"}],"event":{"name":"IMC '25:ACM Internet Measurement Conference","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication"],"location":"Madison WI USA"},"container-title":["Proceedings of the 2025 ACM Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3730567.3764502","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T21:06:18Z","timestamp":1764018378000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3730567.3764502"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,28]]},"references-count":57,"alternative-id":["10.1145\/3730567.3764502","10.1145\/3730567"],"URL":"https:\/\/doi.org\/10.1145\/3730567.3764502","relation":{},"subject":[],"published":{"date-parts":[[2025,10,28]]},"assertion":[{"value":"2025-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}