Accession Number:

ADA620814

Title:

IP Infrastructure Geolocation

Descriptive Note:

Master's thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2015-03-01

Pagination or Media Count:

77.0

Abstract:

Physical network maps are important to critical infrastructure defense and planning. Current state-of-the-art network infrastructure geolocation relies on Domain Name System DNS inferences. However, not only is using the DNS relatively inaccurate for infrastructure geolocation, many router interfaces lack DNS name entries. We adapt the technique of Wang et al. to send traceroute probes from distributed vantage points, and approximate a targets location by finding the nearest landmark. To evaluate the techniques performance, we geolocate router interfaces previously geolocated via DNS-based router positioning DRoP. Our results show that 50 of the targets have error distances greater than 2,400 km however, 75 of the nearest landmark predictions are less than 5 ms distant. We find that geolocation accuracy is insensitive to vantage point location, while the use of more vantage points improves accuracy. To better understand these results, we use Constraint based Geolocation CBG on a subset of DRoP predictions. Forty-six percent of 4,638 DRoP location inferences are in regions outside the feasible physical boundaries imposed by CBG and 56 are 1,800 km away from the CBG centroid. Our findings suggest that our methodology can supplement prior work to not only geolocate infrastructure without DNS names, but also improve accuracy.

Subject Categories:

  • Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE