CN110300368A - A kind of IP geo-positioning system overall process method - Google Patents
A kind of IP geo-positioning system overall process method Download PDFInfo
- Publication number
- CN110300368A CN110300368A CN201910436919.8A CN201910436919A CN110300368A CN 110300368 A CN110300368 A CN 110300368A CN 201910436919 A CN201910436919 A CN 201910436919A CN 110300368 A CN110300368 A CN 110300368A
- Authority
- CN
- China
- Prior art keywords
- node
- geo
- network
- location
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/63—Location-dependent; Proximity-dependent
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/023—Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
- H04W64/003—Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention belongs to technical field of network security, a kind of disclosed network IP geo-positioning system overall process method, it is the position that tested host is determined using a kind of method of triangulation location, the distance range of all neighbouring datum nodes to destination host forms an overlapping region, and using the center-of-mass coordinate of overlapping region as the actual physical address of measurement target, its geographical location is obtained.The present invention improves the accuracy of IP Geographic mapping, solves the problems, such as that the geographical location IP of network target node is accurately positioned.On civilian, the IP geo-positioning system conceptual solutions based on DoS attack can help network application to improve performance, improve safety and provide new service;Militarily, the IP geo-location fusion method based on multi-point cooperative can provide technical support for the cross-domain cooperation of network.
Description
Technical field
The invention belongs to technical field of network security, and in particular to a kind of network IP geo-positioning system overall process side
Method.
Background technique
The basic skills of network IP geo-location is estimated using name, registration information or Delay of IP device etc.
Count its geographical location.The basic principle of location algorithm design is: under the premise of guaranteeing positioning accuracy, reducing measurement to the greatest extent and opens
Pin, while good scalability is had both, and privacy of user can be protected.Initial location algorithm is by being Domain Name to DNS
System, the server inquiry of domain name system or excavates the information that lies in host name to speculate the geographical position of IP device
It sets.Later, some location algorithms estimate position of host machine according to the linear relationship between time delay and geographic distance, and pass through topology
Information reduces position error.In recent years, location algorithm based on probability becomes a research hotspot again, by finding time delay
It is positioned with the regularity of distribution of geographic distance, though through continuously improving, these two types of algorithms cannot all be accurately positioned target section
The geographical location IP of point, reason are not only to lack the datum node that closes on of multiple destination nodes, but also no relevant blending algorithm.
Be about IP geo-positioning system conceptual solutions it is very difficult, challenging, currently publish
In document, related research result is not yet seen.
Summary of the invention
To solve the problems, such as that the geographical location IP of network target node is accurately positioned, the present invention is searched in the neighbouring datum node of foundation
On the basis of rope is theoretical, a kind of network IP geo-positioning system overall process method is proposed.
For achieving the above object, the present invention adopts the following technical scheme:
A kind of network IP geo-positioning system overall process method, tested master is determined using a kind of method of triangulation location
The distance range of the position of machine, all neighbouring datum nodes to destination host forms an overlapping region, and with overlapping region
Actual physical address of the center-of-mass coordinate as measurement target, obtains its geographical location;The specific steps of which are as follows:
Step 1:IP geo-location is adjacent to datum node search module:
STEP.1 is searched for adjacent to datum node
The network measure path of neighbouring datum node B1: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1 is the geographical location IP a reference value nearest away from destination node on network measure path;A is
Network attack node;
According to measured destination host IP, network road warp is measured, the geographical location IP pattern library is compared, obtains network measure
Road neighbouring datum node nearest away from Target IP on, and measure distance of the destination host to this adjacent to datum node;
STEP.2DoS attack test
It attacks host and implements DoS attack, Denial of Service attack to known neighbouring datum node;The known neighbouring base of obstruction
Quasi- node prevents it from normally routing, so that reaching the network measure road of destination node by known neighbouring datum node
Diameter is obstructed;
STEP.3 is searched for based on the neighbouring datum node of DoS attack
DoS attack is implemented to known neighbouring datum node, measurement network road warp obtains the new neighbouring benchmark of Target IP
Node, and measure destination host to new neighbouring datum node distance;
The network measure path of neighbouring datum node B2: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1 is known neighbouring datum node, B2 on network measure path away from destination node most
The close geographical location IP a reference value;A is network attack node, sends DoS data packet to known neighbouring datum node;
The network measure path of neighbouring datum node B3: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1 and B2 is known neighbouring datum node, and B3 is on network measure path away from target section
The nearest geographical location the IP a reference value of point;A is network attack node, sends DoS data packet to known neighbouring datum node;
The network measure path of neighbouring datum node B4: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1, B2 and B3 are known neighbouring datum node, and B4 is on network measure path away from target
The nearest geographical location the IP a reference value of node;A is network attack node, sends DoS data packet to known neighbouring datum node;
Step 2:IP geo-location module, the IP geo-location module based on multi-point cooperative is using a kind of fixed similar to triangle
The method of position determines the position of tested host;Assuming that there are a kind of linear relationships between time delay and geographic distance, such as formula (1)
It is shown:
di=m.c. (xi-bi) (1)
Wherein, diRepresent datum node BiTo the geographic distance of tested node T, xiRepresent the time delay between two kinds of nodes, bi
Certain local time delay for representing datum node, such as congestion time delay;M is conversion factor, and m:0 < m < 1, c are the light velocity;By probability
Estimate that tested host arrives the distance of datum node, when the number of datum node is greater than 2, then one overlapping region of formation, and with
Actual physical address of the center-of-mass coordinate of overlapping region as measurement target, so that it is determined that the position of tested host;
Step 3:IP geo-location blending algorithm module
Input: n intersection is not empty border circular areas { (xi,yi,ri) i=1,2 ... n, wherein xi,yiFor central coordinate of circle
And riFor round radius;
Output: n border circular areas { (xi,yi,ri) i=1,2 ... the center-of-mass coordinate (c_x, c_y) of n intersection part and face
Product Ar;
It is respectively g_x and g_y that x-axis and the granularity of y-axis, which is arranged, in Step.1;
And set constraint condition set as s=(x, y) | i=1,2 ... n, (x-xi)2-(y-yi)2≤ri 2}。
Step.2 is by section rectangular area { mix≤x≤max,miy≤y≤mayWith x-axis granularity g_x and y-axis granularity g_y
Discrete processes are carried out, wherein mix=min1≤i≤n{xi-ri, max=max1≤i≤n{xi+ri, miy=min1≤i≤n{yi-ri, may
=max1≤i≤n{yi+ri};That is, the collection of discretization coordinate points be combined into DS=(x, y) | x=mix+ j.g_x, y=miy+ k.g_y },
Wherein 0≤j≤fix ((max-mix)/g_x,0≤k≤fix((may-miy)/g_y) and fix () function representation remove integer;
The collection that Step.3 then justifies the discrete coordinates of intersection areas more is combined into DS ∩ S;Center-of-mass coordinate c_x, c_ are calculated below
Y:
Wherein | | | | the gesture of function representation set;
Step 4:IP geo-location error analysis module:
IP geo-location module based on multi-point cooperative is the physics using the center-of-mass coordinate of overlapping region as measurement target
Address, since the actual physical address of target is the geographical coordinate of overlapping region any point, the IP based on multi-point cooperative
There are errors for geo-location, carry out precision analysis as geo-location error in the area of this overlapping region;Overlapping region face
Long-pending solution carries out discretization to overlapping region with the granularity set, solves overlapping region area again on this basis;
It is a convex set that Step.4, which is based on more circle intersection areas, calculates its area Ar: calculating
If n=(xmax-xmin)/g_x, being apparent from n is integer;
Then obtain:
ymin(xmin+(i-1)·g_x)-ymin(xmin+i·g_x))·g_x/2。
Step 5: the IP geo-positioning system general frame based on DoS attack
The general frame of IP geo-positioning system solution based on DoS attack are as follows: destination host IP passes through IP geography
Positioning scheduler module is connected with network path measurement module, DoS attack module respectively;Network path measurement module, DoS attack mould
The output end of block passes through target network module respectively and is connected with neighbouring datum node search module;Neighbouring datum node search module
Output end is connected by IP geo-location blending algorithm module with IP geo-location error analysis module;Wherein, IP geo-location
The data output end of scheduler module is connected by the geographical location IP pattern library with neighbouring datum node search module;IP geo-location
Blending algorithm module data end is connected with the data terminal of IP geo-location scheduler module.
IP geo-positioning system solution workflow based on DoS attack is as follows:
According to measured destination host IP, network path measurement module measures network road warp, passes through neighbouring datum node
Search module compares the geographical location IP pattern library, obtains network measure road neighbouring datum node nearest away from Target IP on, and
Destination host is measured to this adjacent to the distance of datum node;
To known neighbouring datum node, DoS attack is implemented by DoS attack module, measurement network road warp obtains target
The new neighbouring datum node of IP, and measure destination host to neighbouring datum node newly distance;
The distance range of all neighbouring datum nodes to destination host forms an overlapping region, and with the mass center of overlapping region
Actual physical address of the coordinate as measurement target, obtains its geographical location;
IP geo-location module based on multi-point cooperative is the physics using the center-of-mass coordinate of overlapping region as measurement target
Address, the actual physical address of the target are the geographical coordinates of overlapping region any point, therefore based on multi-point cooperative
There are errors for IP geo-location, and the area of overlapping region is as geo-location error.
Due to the adoption of the above technical scheme, the present invention has the following advantages:
The present invention is geographical for the IP that cannot be accurately positioned network target node existing for existing IP geographic positioning technology
Position problems are tested by DoS attack, on the basis of the multiple neighbouring datum nodes for obtaining destination node, are proposed based on more
The IP geo-location module of point collaboration, establishes the IP geo-location blending algorithm module based on multi-point cooperative, and construct base
In the IP geo-location error analysis module of multi-point cooperative, IP geo-positioning system of the design with realization based on DoS attack is overall
Solution improves the accuracy of IP Geographic mapping, and the geographical location IP for solving network target node is accurately positioned
Problem.On civilian, the IP geo-positioning system conceptual solutions based on DoS attack can help network application improvement property
It can, improve safety and new service be provided;Militarily, the IP geo-location fusion method based on multi-point cooperative can be
The cross-domain cooperation of network provides technical support.
To solve the problems, such as that the geographical location IP of network target node is accurately positioned, the present invention is searched in the neighbouring datum node of foundation
On the basis of rope is theoretical, the IP geo-location theory based on multi-point cooperative is proposed, it is geographical to establish the IP based on multi-point cooperative
Blending algorithm is positioned, and constructs the IP geo-location error analysis method based on multi-point cooperative, design is attacked with realization based on DoS
The IP geo-positioning system conceptual solutions hit, improve the accuracy of IP Geographic mapping, can be the cross-domain collaboration of network
It fights and technical support is provided.
IP geo-positioning system conceptual solutions based on DoS attack are using the center-of-mass coordinate of overlapping region as measurement
The physical address of target, but the actual physical address of target may be the geographical coordinate of overlapping region any point, therefore be based on
There is a certain error for the IP geo-location of multi-point cooperative, and the area of overlapping region can be used as geo-location error.
The present invention is geographical for the IP that cannot be accurately positioned network target node existing for existing IP geographic positioning technology
Position problems are tested by DoS attack, on the basis of the multiple neighbouring datum nodes for obtaining destination node, are proposed based on more
The IP geo-location of point collaboration is theoretical, establishes the IP geo-location blending algorithm based on multi-point cooperative, and constructs based on more
The IP geo-location error analysis method of point collaboration, design are totally solved with the IP geo-positioning system based on DoS attack is realized
Scheme improves the accuracy of IP Geographic mapping, solves the problems, such as that the geographical location IP of network target node is accurately positioned.
On civilian, the IP geo-positioning system conceptual solutions based on DoS attack can help network application to improve performance, improve
Safety and provide new service;Militarily, the IP geo-location fusion method based on multi-point cooperative can for network across
Domain cooperation provides technical support
Detailed description of the invention book
Fig. 1 is IP geo-positioning system block diagram of the present invention.
Fig. 2 is IP geo-positioning system general frame figure.
Fig. 3 is the implementation flow chart of network IP geo-positioning system overall process;
Fig. 4 is the network measure path profile of neighbouring datum node B1;
Fig. 5 is the network measure path profile of neighbouring datum node B2;
Fig. 6 is the network measure path profile of neighbouring datum node B3;
Fig. 7 is the network measure path profile of neighbouring datum node B4;
Fig. 8 is the IP geo-location module map based on multi-point cooperative.
Specific embodiment
As shown in Fig. 1,2,3,4,5,6,7,8, a kind of network IP geo-positioning system overall process method is based on multiple spot
The IP geo-location module of collaboration establishes the IP geo-location blending algorithm module based on multi-point cooperative, and constructs and be based on
The IP geo-location error analysis method module of multi-point cooperative, design and IP geo-positioning system of the realization based on DoS attack are total
Body solution improves the accuracy of IP Geographic mapping, can provide technical support for the cross-domain cooperation of network.
The processing method is that the position of tested host is determined using a kind of method similar to triangulation location.It is all neighbouring
The distance range of datum node to destination host forms an overlapping region, and using the center-of-mass coordinate of overlapping region as measurement mesh
Target actual physical address obtains its geographical location.IP geo-positioning system conceptual solutions based on DoS attack are to hand over
Physical address of the center-of-mass coordinate in folded region as measurement target, but the actual physical address of target may be that overlapping region is any
The geographical coordinate of a bit, therefore there is a certain error for the IP geo-location based on multi-point cooperative, the area of overlapping region can be made
For geo-location error.
A kind of network IP geo-positioning system overall process method, tested master is determined using a kind of method of triangulation location
The distance range of the position of machine, all neighbouring datum nodes to destination host forms an overlapping region, and with overlapping region
Actual physical address of the center-of-mass coordinate as measurement target, obtains its geographical location;The specific steps of which are as follows:
Step 1:IP geo-location is used for adjacent to datum node search module:
STEP.1 is searched for adjacent to datum node
The network measure path of neighbouring datum node B1: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1 is the geographical location IP a reference value nearest away from destination node on network measure path;A is
Network attack node;
According to measured destination host IP, network road warp is measured, the geographical location IP pattern library is compared, obtains network measure
Road neighbouring datum node nearest away from Target IP on, and measure distance of the destination host to this adjacent to datum node;
STEP.2DoS attack test
It attacks host and implements DoS attack, Denial of Service attack to known neighbouring datum node;The known neighbouring base of obstruction
Quasi- node prevents it from normally routing, so that reaching the network measure road of destination node by known neighbouring datum node
Diameter is obstructed;
STEP.3 is searched for based on the neighbouring datum node of DoS attack
DoS attack is implemented to known neighbouring datum node, measurement network road warp obtains the new neighbouring benchmark of Target IP
Node, and measure destination host to new neighbouring datum node distance;
The network measure path of neighbouring datum node B2: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1 is known neighbouring datum node, B2 on network measure path away from destination node most
The close geographical location IP a reference value;A is network attack node, sends DoS data packet to known neighbouring datum node;
The network measure path of neighbouring datum node B3: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1 and B2 is known neighbouring datum node, and B3 is on network measure path away from target section
The nearest geographical location the IP a reference value of point;A is network attack node, sends DoS data packet to known neighbouring datum node;
The network measure path of neighbouring datum node B4: T is destination node;M1 and M2 is measuring node, to destination node
Send network measure path data packet;B1, B2 and B3 are known neighbouring datum node, and B4 is on network measure path away from target
The nearest geographical location the IP a reference value of node;A is network attack node, sends DoS data packet to known neighbouring datum node;
Step 2:IP geo-location module, the IP geo-location module based on multi-point cooperative is using a kind of fixed similar to triangle
The method of position determines the position of tested host;Assuming that there are a kind of linear relationships between time delay and geographic distance, such as formula (1)
It is shown:
di=m.c. (xi-bi) (1)
Wherein, diRepresent datum node BiTo the geographic distance of tested node T, xiRepresent the time delay between two kinds of nodes, bi
Certain local time delay for representing datum node, such as congestion time delay;M is conversion factor, and m:0 < m < 1, c are the light velocity;By probability
Estimate that tested host arrives the distance of datum node, when the number of datum node is greater than 2, then one overlapping region of formation, and with
Actual physical address of the center-of-mass coordinate of overlapping region as measurement target, so that it is determined that the position of tested host;
Step 3:IP geo-location blending algorithm module
Input: n intersection is not empty border circular areas { (xi,yi,ri) i=1,2 ... n, wherein xi,yiFor central coordinate of circle
And riFor round radius;
Output: n border circular areas { (xi,yi,ri) i=1,2 ... the center-of-mass coordinate (c_x, c_y) of n intersection part and face
Product Ar;
It is respectively g_x and g_y that x-axis and the granularity of y-axis, which is arranged, in Step.1;
And set constraint condition set as s=(x, y) | i=1,2 ... n, (x-xi)2-(y-yi)2≤ri 2}。
Step.2 is by section rectangular area { mix≤x≤max,miy≤y≤mayWith x-axis granularity g_x and y-axis granularity g_y
Discrete processes are carried out, wherein mix=min1≤i≤n{xi-ri, max=max1≤i≤n{xi+ri, miy=min1≤i≤n{yi-ri, may
=max1≤i≤n{yi+ri};That is, the collection of discretization coordinate points be combined into DS=(x, y) | x=mix+ j.g_x, y=miy+ k.g_y },
Wherein 0≤j≤fix ((max-mix)/g_x,0≤k≤fix((may-miy)/g_y) and fix () function representation remove integer;
The collection that Step.3 then justifies the discrete coordinates of intersection areas more is combined into DS ∩ S;Center-of-mass coordinate c_x, c_ are calculated below
Y:
Wherein | | | | the gesture of function representation set;
Step 4:IP geo-location error analysis module:
IP geo-location module based on multi-point cooperative is the physics using the center-of-mass coordinate of overlapping region as measurement target
Address, since the actual physical address of target is the geographical coordinate of overlapping region any point, the IP based on multi-point cooperative
There are errors for geo-location, carry out precision analysis as geo-location error in the area of this overlapping region;Overlapping region face
Long-pending solution carries out discretization to overlapping region with the granularity set, solves overlapping region area again on this basis;
It is a convex set that Step.4, which is based on more circle intersection areas, calculates its area Ar: calculating
If n=(xmax-xmin)/g_x, being apparent from n is integer;
Then obtain:
ymin(xmin+(i-1)·g_x)-ymin(xmin+i·g_x))·g_x/2。
Step 5: the IP geo-positioning system general frame based on DoS attack, as shown in Figure 2.
The general frame of IP geo-positioning system solution based on DoS attack are as follows: destination host IP passes through IP geography
Positioning scheduler module is connected with network path measurement module, DoS attack module respectively;Network path measurement module, DoS attack mould
The output end of block passes through target network module respectively and is connected with neighbouring datum node search module;Neighbouring datum node search module
Output end is connected by IP geo-location blending algorithm module with IP geo-location error analysis module;Wherein, IP geo-location
The data output end of scheduler module is connected by the geographical location IP pattern library with neighbouring datum node search module;IP geo-location
Blending algorithm module data end is connected with the data terminal of IP geo-location scheduler module.
IP geo-positioning system solution workflow based on DoS attack, as shown in Figure 3.
According to measured destination host IP, network path measurement module measures network road warp, passes through neighbouring datum node
Search module compares the geographical location IP pattern library, obtains network measure road neighbouring datum node nearest away from Target IP on, and
Destination host is measured to this adjacent to the distance of datum node;
To known neighbouring datum node, DoS attack is implemented by DoS attack module, measurement network road warp obtains target
The new neighbouring datum node of IP, and measure destination host to neighbouring datum node newly distance;
The distance range of all neighbouring datum nodes to destination host forms an overlapping region, and with the mass center of overlapping region
Actual physical address of the coordinate as measurement target, obtains its geographical location;
IP geo-location module based on multi-point cooperative is the physics using the center-of-mass coordinate of overlapping region as measurement target
Address, the actual physical address of the target are the geographical coordinates of overlapping region any point, therefore based on multi-point cooperative
There are errors for IP geo-location, and the area of overlapping region is as geo-location error.
Claims (1)
1. a kind of network IP geo-positioning system overall process method, it is characterized in that: using a kind of method of triangulation location come really
Surely the position of tested host, the distance range of all neighbouring datum nodes to destination host form an overlapping region, and to hand over
Actual physical address of the center-of-mass coordinate in folded region as measurement target, obtains its geographical location;The specific steps of which are as follows:
Step 1:IP geo-location is used for adjacent to datum node search module:
STEP.1 is searched for adjacent to datum node
The network measure path of neighbouring datum node B1: T is destination node;M1 and M2 is measuring node, is sent to destination node
Network measure path data packet;B1 is the geographical location IP a reference value nearest away from destination node on network measure path;A is network
Attack node;
According to measured destination host IP, network road warp is measured, the geographical location IP pattern library is compared, obtains network measure road warp
On the neighbouring datum node nearest away from Target IP, and measure distance of the destination host to this adjacent to datum node;
The test of STEP.2 DoS attack
It attacks host and implements DoS attack, Denial of Service attack to known neighbouring datum node;The known neighbouring benchmark section of obstruction
Point prevents it from normally routing, so that reaching the network measure path of destination node not by known neighbouring datum node
It is logical;
STEP.3 is searched for based on the neighbouring datum node of DoS attack
DoS attack is implemented to known neighbouring datum node, measurement network road warp obtains the new neighbouring benchmark section of Target IP
Point, and measure destination host to new neighbouring datum node distance;
The network measure path of neighbouring datum node B2: T is destination node;M1 and M2 is measuring node, is sent to destination node
Network measure path data packet;B1 is known neighbouring datum node, and B2 is nearest away from destination node on network measure path
The geographical location IP a reference value;A is network attack node, sends DoS data packet to known neighbouring datum node;
The network measure path of neighbouring datum node B3: T is destination node;M1 and M2 is measuring node, is sent to destination node
Network measure path data packet;B1 and B2 is known neighbouring datum node, B3 on network measure path away from destination node most
The close geographical location IP a reference value;A is network attack node, sends DoS data packet to known neighbouring datum node;
The network measure path of neighbouring datum node B4: T is destination node;M1 and M2 is measuring node, is sent to destination node
Network measure path data packet;B1, B2 and B3 are known neighbouring datum node, and B4 is on network measure path away from destination node
The nearest geographical location IP a reference value;A is network attack node, sends DoS data packet to known neighbouring datum node;
Step 2:IP geo-location module, the IP geo-location module based on multi-point cooperative is using a kind of similar to triangulation location
Method determines the position of tested host;Assuming that there are a kind of linear relationships between time delay and geographic distance, such as formula (1) institute
Show:
di=m.c. (xi-bi) (1)
Wherein, diRepresent datum node BiTo the geographic distance of tested node T, xiRepresent the time delay between two kinds of nodes, biIt represents
Certain local time delay of datum node, such as congestion time delay;M is conversion factor, and m:0 < m < 1, c are the light velocity;By probability estimate
The distance of tested host to datum node forms an overlapping region, and then when the number of datum node is greater than 2 with overlapping
Actual physical address of the center-of-mass coordinate in region as measurement target, so that it is determined that the position of tested host;
Step 3:IP geo-location blending algorithm module
Input: n intersection is not empty border circular areas { (xi,yi,ri) i=1,2 ... n, wherein xi,yiFor central coordinate of circle and ri
For round radius;
Output: n border circular areas { (xi,yi,ri) i=1,2 ... the center-of-mass coordinate (c_x, c_y) and area of n intersection part
Ar;
It is respectively g_x and g_y that x-axis and the granularity of y-axis, which is arranged, in Step.1;
And set constraint condition set as s=(x, y) | i=1,2 ... n, (x-xi)2-(y-yi)2≤ri 2};
Step.2 is by section rectangular area { mix≤x≤max,miy≤y≤mayWith x-axis granularity g_x and y-axis granularity g_y carry out from
Processing is dissipated, wherein mix=min1≤i≤n{xi-ri, max=max1≤i≤n{xi+ri, miy=min1≤i≤n{yi-ri, may=
max1≤i≤n{yi+ri};That is, the collection of discretization coordinate points be combined into DS=(x, y) | x=mix+ j.g_x, y=miy+ k.g_y },
In 0≤j≤fix ((max-mix)/g_x,0≤k≤fix((may-miy)/g_y) and fix () function representation remove integer;
The collection that Step.3 then justifies the discrete coordinates of intersection areas more is combined into DS ∩ S;Center-of-mass coordinate c_x, c_y are calculated below:
Wherein | | | | the gesture of function representation set;
Step 4:IP geo-location error analysis module:
IP geo-location module based on multi-point cooperative is the physical address using the center-of-mass coordinate of overlapping region as measurement target,
Since the actual physical address of target is the geographical coordinate of overlapping region any point, the IP geography based on multi-point cooperative is fixed
There are errors for position, carry out precision analysis as geo-location error in the area of this overlapping region;Overlapping region area is asked
Solution carries out discretization to overlapping region with the granularity set, solves overlapping region area again on this basis;
It is a convex set that Step.4, which is based on more circle intersection areas, calculates its area Ar: calculating
If n=(xmax-xmin)/g_x, being apparent from n is integer;
Then obtain:
Step 5: the IP geo-positioning system general frame based on DoS attack
The general frame of IP geo-positioning system solution based on DoS attack are as follows: destination host IP passes through IP geo-location
Scheduler module is connected with network path measurement module, DoS attack module respectively;Network path measurement module, DoS attack module
Output end passes through target network module respectively and is connected with neighbouring datum node search module;Neighbouring datum node search module exports
End is connected by IP geo-location blending algorithm module with IP geo-location error analysis module;Wherein, IP geo-location is dispatched
The data output end of module is connected by the geographical location IP pattern library with neighbouring datum node search module;The fusion of IP geo-location
Algoritic module data terminal is connected with the data terminal of IP geo-location scheduler module;
IP geo-positioning system solution workflow based on DoS attack is as follows:
According to measured destination host IP, network path measurement module measures network road warp, is searched for by neighbouring datum node
Module compares the geographical location IP pattern library, obtains network measure road neighbouring datum node nearest away from Target IP on, and measure
Destination host is to this adjacent to the distance of datum node;
To known neighbouring datum node, DoS attack is implemented by DoS attack module, measurement network road warp obtains Target IP
New neighbouring datum node, and measure destination host to new neighbouring datum node distance;
The distance range of all neighbouring datum nodes to destination host forms an overlapping region, and with the center-of-mass coordinate of overlapping region
As the actual physical address of measurement target, its geographical location is obtained;IP geo-location module based on multi-point cooperative is to hand over
Physical address of the center-of-mass coordinate in folded region as measurement target, the actual physical address of the target is that overlapping region is any
The geographical coordinate of a bit, therefore there are errors for the IP geo-location based on multi-point cooperative, the area of overlapping region is as geographical
Position error.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910436919.8A CN110300368B (en) | 2019-05-24 | 2019-05-24 | IP geographical positioning system overall processing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910436919.8A CN110300368B (en) | 2019-05-24 | 2019-05-24 | IP geographical positioning system overall processing method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110300368A true CN110300368A (en) | 2019-10-01 |
CN110300368B CN110300368B (en) | 2021-01-01 |
Family
ID=68027131
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910436919.8A Active CN110300368B (en) | 2019-05-24 | 2019-05-24 | IP geographical positioning system overall processing method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110300368B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113824810A (en) * | 2021-08-23 | 2021-12-21 | 南京莱克贝尔信息技术有限公司 | Target-driven IP address geographic position inference method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050252957A1 (en) * | 2004-05-13 | 2005-11-17 | Cisco Technology, Inc. | Methods and devices for locating and uniquely provisioning RFID devices |
CN101222317A (en) * | 2007-11-29 | 2008-07-16 | 哈尔滨工程大学 | Depth-first attack drawing generating method |
CN105245627A (en) * | 2015-08-31 | 2016-01-13 | 罗向阳 | IP positioning method based on network coordinate system |
CN105991639A (en) * | 2015-07-08 | 2016-10-05 | 北京匡恩网络科技有限责任公司 | Network attack path analysis method |
CN106453417A (en) * | 2016-12-05 | 2017-02-22 | 国网浙江省电力公司电力科学研究院 | Network attack target prediction method based on neighbor similarity |
CN109688107A (en) * | 2018-11-20 | 2019-04-26 | 西安电子科技大学 | Cloud data safety localization method based on integrality audit and communication delay |
-
2019
- 2019-05-24 CN CN201910436919.8A patent/CN110300368B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050252957A1 (en) * | 2004-05-13 | 2005-11-17 | Cisco Technology, Inc. | Methods and devices for locating and uniquely provisioning RFID devices |
CN101222317A (en) * | 2007-11-29 | 2008-07-16 | 哈尔滨工程大学 | Depth-first attack drawing generating method |
CN105991639A (en) * | 2015-07-08 | 2016-10-05 | 北京匡恩网络科技有限责任公司 | Network attack path analysis method |
CN105245627A (en) * | 2015-08-31 | 2016-01-13 | 罗向阳 | IP positioning method based on network coordinate system |
CN106453417A (en) * | 2016-12-05 | 2017-02-22 | 国网浙江省电力公司电力科学研究院 | Network attack target prediction method based on neighbor similarity |
CN109688107A (en) * | 2018-11-20 | 2019-04-26 | 西安电子科技大学 | Cloud data safety localization method based on integrality audit and communication delay |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113824810A (en) * | 2021-08-23 | 2021-12-21 | 南京莱克贝尔信息技术有限公司 | Target-driven IP address geographic position inference method |
Also Published As
Publication number | Publication date |
---|---|
CN110300368B (en) | 2021-01-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Shu et al. | Gradient-based fingerprinting for indoor localization and tracking | |
EP3139196B1 (en) | System and method for positioning, mapping and data management by using crowdsourcing | |
Xiao et al. | Reliable anchor-based sensor localization in irregular areas | |
CN110474843B (en) | IP positioning method based on route hop count | |
Li et al. | Rendered path: Range-free localization in anisotropic sensor networks with holes | |
CN104506591A (en) | Target IP (Internet protocol) geographic position locating method based on nearest common router | |
Youn et al. | Statistical geolocation of internet hosts | |
US8589459B1 (en) | Privacy and security enhanced internet geolocation | |
Huang et al. | Dynamic coverage in ad-hoc sensor networks | |
Liu et al. | Node localization algorithm for wireless sensor networks based on static anchor node location selection strategy | |
CN110300368A (en) | A kind of IP geo-positioning system overall process method | |
Chen et al. | Towards IP location estimation using the nearest common router | |
US10015627B1 (en) | System and method for reliable wireless device location mapping | |
Hillmann et al. | On the path to high precise ip geolocation: A self-optimizing model | |
Laki et al. | A detailed path-latency model for router geolocation | |
CN111711707A (en) | IP address positioning method based on neighbor relation | |
CN113824810A (en) | Target-driven IP address geographic position inference method | |
St | Reconstructing trajectories from sparse call detail records | |
Hillmann et al. | Dragoon: advanced modelling of IP geolocation by use of latency measurements | |
CN106937298B (en) | A kind of improved wireless sensor network 3-D positioning method | |
Komosny et al. | Estimation of Internet Node Location by Latency Measurements-The Underestimation Problem | |
Jinxia et al. | Ip geolocation technology research based on network measurement | |
Candela et al. | Dissecting the speed-of-internet of Middle East | |
Wang et al. | Target driven IP Geolocation Algorithm | |
Ciavarrini et al. | Geolocation of internet hosts using smartphones and crowdsourcing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |