|
Abstract:
|
Internet geolocation technology aims to determine the physical (geographic) location of Internet users and
devices. It is currently proposed or in use for a wide variety of purposes, including targeted marketing, restricting digital
content sales to authorized jurisdictions, and security applications such as reducing credit card fraud. This raises questions
about the veracity of claims of accurate and reliable geolocation. We provide a survey of Internet geolocation technologies
with an emphasis on adversarial contexts; that is, we consider how this technology performs against a knowledgeable adversary
whose goal is to evade geolocation. We do so by examining first the limitations of existing techniques, and then, from this
base, determining how best to evade existing geolocation techniques. We also consider two further geolocation techniques which
may be of use even against adversarial targets: (1) the extraction of client IP addresses using functionality introduced in the
1.5 Java API, and (2) the collection of round-trip times using HTTP refreshes. These techniques illustrate that the seemingly
straightforward technique of evading geolocation by relaying traffic through a proxy server (or network of proxy servers) is
not as straightforward as many end-users might expect. We give a demonstration of this for users of the popular Tor anonymizing
network.
|