IP infrastructure geolocation
Cai, Guan Yan
MetadataShow full item record
Physical network maps are important to critical infrastructure defense and planning. Current state-of-the-art network infrastructure geolocation relies on Domain Name System (DNS) inferences. However, not only is using the DNS relatively in accurate for infrastructure geolocation, many router interfaces lack DNS name entries. We adapt the technique of Wang et al. to send trace route probes from distributed vantage points, and approximate a target’s location by finding the nearest landmark. To evaluate the technique’s performance, we geolocate router interfaces previously geolocated via DNS-based router positioning (DRoP). Our results show that 50% of the targets have error distances greater than 2,400 km; however, 75% of the nearest landmark predictions are less than 5 ms distant. We find that geolocation accuracy is insensitive to vantage point location, while the use of more vantage points improves accuracy. To better understand these results, we use Constraint-based Geolocation (CBG) on a subset of DRoP predictions. Forty-six percent of 4,638 DRoP location inferences are in regions outside the feasible physical boundaries imposed by CBGand 56% are 1,800 km away from the CBG centroid. Our findings suggest that our methodology can supplement prior work to not only geolocate infrastructure without DNS names, but also improve accuracy.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Donnelly, Timothy S. (Monterey, California. Naval Postgraduate School, 2012-03);What constitutes an effective Critical Infrastructure and Key Resources (CIKR) protection program for Massachusetts This study evaluates existing literature regarding CIKR to extrapolate an infrastructure protection role ...
Carrillo, Camilo (Monterey, California: Naval Postgraduate School, 2017-12);Cyberattacks against critical infrastructure are not merely theoretical. Nations and private enterprises have come to understand that critical infrastructure can be attacked via cyberspace with serious repercussions. ...
Alderson, David L.; Brown, Gerald G.; Carlyle, W. Matthew (Society for Risk Analysis, 2015);We propose a definition of infrastructure resilience that is tied to the operation (or function) of an infrastructure as a system of interacting components and that can be objectively evaluated using quantitative models. ...