The new QUIC protocol can be implemented in user space, and various implementations already exist. While they follow the same specification and general interoperability is given, differences in performance, functionality, but also security (e.g., due to bugs) can be expected. Therefore, knowledge about the implementation of an endpoint on the Internet can help researchers, operators and users to better analyze connections, evaluations and findings. We provide an approach to identify used libraries of QUIC servers based on CONNECTION_CLOSE frames and transport parameter orders. We apply our methodology to Internet-wide scans and identify at least one deployment for 18 QUIC libraries. In total, we can identify the library of 8.8 M IPv4 and 2.5 M IPv6 addresses.

翻译：新型QUIC协议可在用户空间实现，目前已存在多种不同实现方式。尽管各实现遵循相同规范且具备基本互操作性，但在性能、功能以及安全性（例如因漏洞导致的问题）方面仍可能存在差异。因此，掌握互联网端点的实现信息，有助于研究人员、运维人员及用户更深入地分析连接、评估结果与研究发现。本文提出一种基于CONNECTION_CLOSE帧和传输参数顺序的QUIC服务端库识别方法。通过对全网范围的扫描应用该技术，我们成功鉴定了18种QUIC库的至少一个部署实例。最终，共计识别出约880万个IPv4地址与250万个IPv6地址所对应的库类型。