Advertisement

GeoBLR: Dynamic IP Geolocation Method Based on Bayesian Linear Regression

  • Fei Du
  • Xiuguo Bao
  • Yongzheng ZhangEmail author
  • Yu Wang
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 268)

Abstract

The geographical location of dynamic IP addresses is important for network security applications. The delay-based or topology-based measurement method and the association-analysis-based method improve the median estimation accuracy, but are still affected by the limited precision (about 799 m) and the longer response time (tens of seconds), which cannot meet the location-aware applications of high-precise and real-time location requirements, especially the position of dynamic IP addresses. In this paper, we propose a novel approach for dynamic IP geolocation based on Bayesian Linear Regression, namely, GeoBLR, which exploits geolocation resources fundamentally different from existing ones. We exploit the location data that users would like to share in location sharing services for accurate and real-time geolocation of dynamic IP addresses. Experimental results show that compared to existing geolocation techniques, GeoBLR achieves (1) a median estimation error of 239 m and (2) a mean response time of 270 ms, which are valuable for accurate location-aware network security applications.

Keywords

Network security Dynamic IP geolocation Machine learning Bayesian Linear Regression 

Notes

Acknowledgment

This work was supported by the National Key R&D Program 2016, 2016YFB080 1300/2016YFB0801304.

References

  1. 1.
    Apnic - query the apnic whois database. http://wq.apnic.net/apnic-bin/whois.pl
  2. 2.
  3. 3.
    Google maps with my location. http://www.google.com/mobile/gmm/index.html
  4. 4.
  5. 5.
    Ip2location.geolocate ip address location using ip2location. https://www.ip2location.com/
  6. 6.
    Maxmind.detect online fraud and locate online visitors. http://www.hostip.info/
  7. 7.
  8. 8.
    Skyhook.location technology and intelligence. https://www.skyhookwireless.com/
  9. 9.
    Arif, M.J., Karunasekera, S., Kulkarni, S., Gunatilaka, A., Ristic, B.: Internet host geolocation using maximum likelihood estimation technique. In: 2010 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), pp. 422–429. IEEE (2010)Google Scholar
  10. 10.
    Ciavarrini, G., Disperati, F., Lenzini, L., Luconi, V., Vecchio, A.: Geolocation of internet hosts using smartphones and crowdsourcing. In: WMNC, pp. 176–183 (2015)Google Scholar
  11. 11.
    Ciavarrini, G., Luconi, V., Vecchio, A.: Smartphone-based geolocation of internet hosts. Comput. Netw. 116, 22–32 (2017)CrossRefGoogle Scholar
  12. 12.
    Dan, O., Parikh, V., Davison, B.D.: Improving IP geolocation using query logs. In: Proceedings of the Ninth ACM International Conference on Web Search and Data Mining, pp. 347–356. ACM (2016)Google Scholar
  13. 13.
    Ding, S., Luo, X., Yin, M., Liu, Y., Liu, F.: An IP geolocation method based on rich-connected sub-networks. In: 2015 17th International Conference on Advanced Communication Technology (ICACT), pp. 176–181. IEEE (2015)Google Scholar
  14. 14.
    Eriksson, B., Barford, P., Sommers, J., Nowak, R.: A learning-based approach for IP geolocation. In: Krishnamurthy, A., Plattner, B. (eds.) PAM 2010. LNCS, vol. 6032, pp. 171–180. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-12334-4_18CrossRefGoogle Scholar
  15. 15.
    Gueye, B., Uhlig, S., Fdida, S.: Investigating the imprecision of IP block-based geolocation. In: Uhlig, S., Papagiannaki, K., Bonaventure, O. (eds.) PAM 2007. LNCS, vol. 4427, pp. 237–240. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71617-4_26CrossRefGoogle Scholar
  16. 16.
    Guo, C., Liu, Y., Shen, W., Wang, H.J., Yu, Q., Zhang, Y.: Mining the web and the internet for accurate IP address geolocations. In: IEEE INFOCOM 2009, pp. 2841–2845. IEEE (2009)Google Scholar
  17. 17.
    Hillmann, P., Stiemert, L., Dreo, G., Rose, O.: On the path to high precise IP geolocation: a self-optimizing model. Int. J. Intell. Comput. Res. (IJICR) 7, 682–693 (2016)Google Scholar
  18. 18.
    Jin, Y., Sharafuddin, E., Zhang, Z.L.: Identifying dynamic IP address blocks serendipitously through background scanning traffic. In: Proceedings of the 2007 ACM CoNEXT Conference, p. 4. ACM (2007)Google Scholar
  19. 19.
    Johnson, S.C.: Hierarchical clustering schemes. Psychometrika 32(3), 241–254 (1967)CrossRefGoogle Scholar
  20. 20.
    Lee, Y., Park, H., Lee, Y.: IP geolocation with a crowd-sourcing broadband performance tool. ACM SIGCOMM Comput. Commun. Rev. 46(1), 12–20 (2016)CrossRefGoogle Scholar
  21. 21.
    Li, D., et al.: IP-geolocation mapping for moderately-connected internet regions. IEEE Trans. Parallel Distrib. Syst. 24, 381–391 (2012)CrossRefGoogle Scholar
  22. 22.
    Li, H., Zhang, P., Wang, Z., Du, F., Kuang, Y., An, Y.: Changing IP geolocation from arbitrary database query towards multi-databases fusion. In: 2017 IEEE Symposium on Computers and Communications (ISCC), pp. 1150–1157. IEEE (2017)Google Scholar
  23. 23.
    Li, M., Luo, X., Shi, W., Chai, L.: City-level IP geolocation based on network topology community detection. In: 2017 International Conference on Information Networking (ICOIN), pp. 578–583. IEEE (2017)Google Scholar
  24. 24.
    Liu, H., Zhang, Y., Zhou, Y., Zhang, D., Fu, X., Ramakrishnan, K.: Mining checkins from location-sharing services for client-independent IP geolocation. In: IEEE INFOCOM, 2014 Proceedings, pp. 619–627. IEEE (2014)Google Scholar
  25. 25.
    Mun, H., Lee, Y.: Building IP geolocation database from online used market articles. In: 2017 19th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 37–41. IEEE (2017)Google Scholar
  26. 26.
    Ng, T.E., Zhang, H.: Predicting internet network distance with coordinates-based approaches. In: Proceedings of Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 2002, vol. 1, pp. 170–179. IEEE (2002)Google Scholar
  27. 27.
    Padmanabhan, V.N., Subramanian, L.: An investigation of geographic mapping techniques for internet hosts. In: ACM SIGCOMM Computer Communication Review, vol. 31, pp. 173–185. ACM (2001)Google Scholar
  28. 28.
    Siwpersad, S.S., Gueye, B., Uhlig, S.: Assessing the geographic resolution of exhaustive tabulation for geolocating internet hosts. In: Claypool, M., Uhlig, S. (eds.) PAM 2008. LNCS, vol. 4979, pp. 11–20. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-79232-1_2CrossRefGoogle Scholar
  29. 29.
    Wang, T., Xu, K., Song, J., Song, M.: An optimization method for the geolocation databases of internet hosts based on machine learning. Math. Probl. Eng. 2015, 17 (2015)Google Scholar
  30. 30.
    Wang, Y., Burgener, D., Flores, M., Kuzmanovic, A., Huang, C.: Towards street-level client-independent ip geolocation. In: NSDI, vol. 11, p. 27 (2011)Google Scholar
  31. 31.
    Wong, B., Stoyanov, I., Sirer, E.G.: Octant: a comprehensive framework for the geolocalization of internet hosts. In: NSDI, vol. 7, p. 23 (2007)Google Scholar
  32. 32.
    Xie, Y., Yu, F., Achan, K., Gillum, E., Goldszmidt, M., Wobber, T.: How dynamic are IP addresses? In: ACM SIGCOMM Computer Communication Review, vol. 37, pp. 301–312. ACM (2007)CrossRefGoogle Scholar
  33. 33.
    Youn, I., Mark, B.L., Richards, D.: Statistical geolocation of internet hosts. In: Proceedings of 18th International Conference on Computer Communications and Networks, ICCCN 2009, pp. 1–6. IEEE (2009)Google Scholar
  34. 34.
    Zhao, F., Luo, X., Gan, Y., Zu, S., Cheng, Q., Liu, F.: IP geolocation based on identification routers and local delay distribution similarity. Concurrency Comput.: Practice Exp. e4722 (2018)Google Scholar
  35. 35.
    Zhao, F., Luo, X., Gan, Y., Zu, S., Liu, F.: IP geolocation base on local delay distribution similarity. In: Wen, S., Wu, W., Castiglione, A. (eds.) CSS 2017. LNCS, vol. 10581, pp. 383–395. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-69471-9_28CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  • Fei Du
    • 1
    • 2
  • Xiuguo Bao
    • 3
  • Yongzheng Zhang
    • 1
    • 2
    Email author
  • Yu Wang
    • 3
  1. 1.Institute of Information EngineeringChinese Academy of SciencesBeijingChina
  2. 2.School of Cyber SecurityUniversity of Chinese Academy of SciencesBeijingChina
  3. 3.National Internet Emergency Center, CNCERT/CCBeijingChina

Personalised recommendations