Analyzing IoT Hosts in the IPv6 Internet

TL;DR

This study provides a comprehensive analysis of IPv6 IoT hosts through active measurements, revealing their low prevalence, security issues with TLS certificates, and offering tools and data for future research.

Contribution

It is the first extensive measurement-based analysis of IPv6 IoT end-hosts, including security assessment and public data sharing.

Findings

380x fewer IoT hosts in IPv6 compared to IPv4

Up to 57% of TLS certificates are untrusted

25% of certificates are expired

Abstract

Users and businesses are increasingly deploying Internet of Things (IoT) devices at home, at work, and in factories. At the same time, we see an increase in the use of IPv6 for Internet connectivity. Even though the IoT ecosystem has been the focus of recent studies, there is no comprehensive analysis of IoT end-hosts in the IPv6 Internet to date. In this paper we perform an in-depth analysis of IPv6-reachable IoT hosts using active measurements. We run measurements targeting 530M IPv6 addresses on six popular IoT-related protocols. With 36.4K hosts in 156 countries we find 380x fewer IoT-speaking end-hosts compared to IPv4. Moreover, we conduct a security analysis for TLS-enabled IoT-speaking hosts identifying up to 57% untrusted certificates, with up to 32% being self-signed and 25% being expired. Finally, we plan to publish our measurement results, tools, and a website dashboard to foster further research in the area.