[Geowanking] IP geolocation

James Muir jamuir at scs.carleton.ca
Mon Apr 17 19:00:27 PDT 2006 

those on the list with an interest in geolocating internet users and/or
devices may be interested in the following:

%%%%%%%%
title:  Internet Geolocation and Evasion

http://www.ccsl.carleton.ca/~jamuir/papers/TR-06-05.pdf
http://www.scs.carleton.ca/research/tech_reports/2006/

abstract:

Internet geolocation technology (IP geolocation) aims to determine the
physical (geographic) location of Internet users and devices. It is
currently proposed or in use for a wide variety of purposes, including
targeted marketing, restricting digital content sales to authorized
jurisdictions, and security applications such as reducing credit card
fraud. This raises questions about the veracity of claims of accurate
and reliable geolocation, and the ability to evade geolocation. We begin
with a state-of-the-art survey of IP geolocation techniques and
limitations, and examine the specific problems of (1) approximating a
physical location from an IP address; and (2) approximating the physical
location of an end client requesting content from a web server. In
contrast to previous work, we consider also an adversarial model: a
knowledgeable adversary seeking to evade geolocation. Our survey serves
as the basis from which we examine tactics useful for
evasion/circumvention. The adversarial model leads us to also consider
the difficulty of (3) extracting the IP address of an end client
visiting a server. As a side-result, in exploring the use of proxy
servers as an evasionary tactic, to our surprise we found that we were
able to extract an end-client IP address even for a browser protected by
Tor/Privoxy (designed to anonymize browsing), provided Java is enabled.
We expect our work to stimulate further open research and analysis of
techniques for accurate and reliable IP geolocation, and also for
evasion thereof. Our work is a small step towards a better understanding
of what can, and cannot, be reliably hidden or discovered about IP
addresses and physical locations of Internet users and machines.
%%%%%%%%%

any comments are welcome.

-James

_______________________________________________
Geowanking mailing list
Geowanking at lists.burri.to
http://lists.burri.to/mailman/listinfo/geowanking

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the Testlist mailing list