One Host with So Many IPs! On The Security Implications of Dynamic Virtual Private Servers [journal]
Three computers with locks in a circle illustration

Journal

IEEE Communications Magazine - March 10, 2021

Authors

Xiaobo Ma, Jian Qu, Feitong Chen, Wenmao Liu, Jianfeng Li, Jing Tao, Hongshan Jiao, Mawei Shi, Zhi-Li Zhang (professor)

Abstract

Many malicious activities require a large number of IP addresses for altering user identities. It is well known that a large number of IP addresses could be obtained through compromising numerous machines and building botnets. However, we recently found that a special type of off-the-shelf virtual private server (VPS), which we refer to as dynamic VPSs, can retrieve a huge number of IP addresses using just a single virtual machine. Although dynamic VPSs are intended for legitimate purposes, whether they are actually misused in malicious activities has never been investigated. In this article, we take the first step to study dynamic VPSs, with an emphasis on their security implications. We reveal that dynamic VPSs are surprisingly and extensively involved in malicious activities, explore their internal working mechanisms, and suggest that the linkage of dynamic VPSs to the security domain deserves adequate attention.

Link to full paper

One Host with So Many IPs! On The Security Implications of Dynamic Virtual Private Servers

Keywords

networking, security

Share