Secure Client and Server Geolocation Over the Internet
AbdelRahman Abdou, Paul C. van Oorschot
TL;DR
This paper reviews recent methods for secure Internet geolocation, focusing on verifying client and server locations in real-time while resisting manipulation tactics like VPNs and anonymizers.
Contribution
It provides a technical overview of Client Presence Verification and Server Location Verification, highlighting their capabilities to prevent geolocation cheating.
Findings
CPV and SLV effectively detect location spoofing
Techniques resist VPN and anonymizer-based deception
Real-time geolocation verification is feasible
Abstract
In this article, we provide a summary of recent efforts towards achieving Internet geolocation securely, \ie without allowing the entity being geolocated to cheat about its own geographic location. Cheating motivations arise from many factors, including impersonation (in the case locations are used to reinforce authentication), and gaining location-dependent benefits. In particular, we provide a technical overview of Client Presence Verification (CPV) and Server Location Verification (SLV)---two recently proposed techniques designed to verify the geographic locations of clients and servers in realtime over the Internet. Each technique addresses a wide range of adversarial tactics to manipulate geolocation, including the use of IP-hiding technologies like VPNs and anonymizers, as we now explain.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Cryptography and Data Security · Spam and Phishing Detection