1 / 65

TULIP Trilateration Utility for Locating IP addresses

Presented By Faran Javed BIT-5. TULIP Trilateration Utility for Locating IP addresses. Project Committee. Advisor: Prof. Dr. Arshad Ali. 1. Co-Advisor: Mr. Umar Kalim. 2. Member: Mr. Azhar Maqsood. 3. Member: Mr. Imran Daud. 4. External Advisor: Dr R. Les Cottrell. 5. Motivation.

lou
Download Presentation

TULIP Trilateration Utility for Locating IP addresses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Presented By Faran Javed BIT-5 TULIPTrilateration Utility for Locating IP addresses

  2. Project Committee Advisor: Prof. Dr. Arshad Ali 1 Co-Advisor: Mr. Umar Kalim 2 Member: Mr. Azhar Maqsood 3 Member: Mr. Imran Daud 4 External Advisor: Dr R. Les Cottrell 5

  3. Motivation • Dynamic Geolocation solely based on delay measurements. • Help identify hosts that have proxies • To help determine from where to get a replicated service • Useful for security to pin-point the location of a suspicious host • Identify anomalies in the PingER database

  4. PingER • PingER – Ping end-to-End Reporting • Name given to IEPM project • Used to monitor end-to-end performance of Internet links pingER historical graphs

  5. PingER Architecture

  6. Aim/Problem Statement • To geolocate a specified target host (identified by domain name or public IP address) using only ping RTT delay measurements to the target from reference landmark hosts whose positions are well known.

  7. Related Work / Literature Survey

  8. Geo IP • Mainly realize on end users input. • Data acquired from various websites that offer end users membership. • Further applies various techniques including triangulation. • Conflicts are resolved manually.

  9. Literature Review 1/3 • CBG – Constraint Based Geolocation [bamba] • Works only within US • Uses 90 reference landmarks • Marks a possible region where the host may be located • Currently not available • NetGeo • Stores location of each AS in a plain text file • Database based approach. Prone to get outdated • Needs updating every Saturday

  10. Literature Review 2/3 • Octant • Efficient within US only • Similar to CBG • DNS LOC • Rarely available • Info provided by the network administrators themselves

  11. Literature Review 3/3 • Whois • Gets outdated • Database needs to be updated regularly

  12. Proposed Solution Take Min RTT Delay to Distance Conversion Final (Lat , Lon) Apply Trilateration Iterative Correction

  13. Delay To Distance Conversion

  14. Adjusted Alpha values • Methodology • Plotted a scatter plot between distance in km & minRTT (ms) • The data set were the landmarks • Drew the tightest upper bound on distances

  15. Adjusting Alpha

  16. Equation for the line representing the tightest upper bound • Two points on the line are • i- origin & ii- the point with highest value of ratio Dist / minRTT • Line is represented by the equation • Y = mx + b • Y intercept is zero hence b = 0 • M = y2-y1 / x2-x1; y1 = 0 & x1 = 0 [origin] • M = y2 / x2; y2=Distance(km);x2=minRTT(ms) • Y = m*x ; Distance = m * minRTT • Distance = alpha * minRTT • M = suggested alpha

  17. Iterrative Correction

  18. Iterative correction of the location • minRTT = propagation delay + extra delay (due to extra circular routes) • ∆T measured= ∆t + ∆t0 • (Pseudo -distance) • PD = ∆Tmeasured.α • (Actual distance) • D = ∆T.α • PD = (∆T+∆T0).α • PD = D+∆T0. α …. (1)

  19. Iterative correction • D = actual distance from the landmark. • C = speed of light • a = X(c) i.e. Speed of digital info in fiber optic cable • X = factor of c with which digital info travels in fiber optic cable. • ∆T = actual propagation delay along the greater circle router/paths. • ∆T0 = the extra delay causing overestimation. • PD = pseudo distance

  20. Graphically:

  21. Landmarks • H: host • L1: Landmark 1 • L2: landmark 2 • L3: landmark 3 • D1=√ (XL1-Xh) 2 + (YL1-Yh) 2 ….. (2) • FROM (1) & (2) • PD1=√ (XL1-Xh) 2 + (YL1-Yh) 2 + α.∆t0….. (A) • Similarly for other 2 landmarks: • PD2=√ (XL2-Xh) 2 + (YL2-Yh) 2 + α.∆t0.. (B) • PD3=√ (XL3-Xh) 2 + (YL3-Yh) 2 + α.∆t0..(C)

  22. Linearize the equation

  23. Contd … • Considering the simplified first part • F(x) = f(x0) + f`(x0) (x-x0) • Put (x-x0=∆X) • F(x) = f(x0) + f`(x0) ∆X………… (3) • Hence to compute the original value of X an arbitrary value x0 is required, this is done by simple Trilateration. • We know that • Hx =Xest+∆X……. (D) • HY =Yest+∆Y…….. (D) • Also • EstDi=√ (Lhi-Xest+ (Hy-Yest) 2……….. (4)

  24. Contd …

  25. Contd …

  26. Solution from (4) is put in eq(D) to get new estimations. • Hx, HY becomes the new estimated position.

  27. Design and Implementation

  28. System Architecture

  29. Results, Evaluations and Analysis

  30. Error Estimation Using Alpha

  31. For each point calculate alpha =distance/minRTT • then calculate the median and Inter-quartile Range of the alphas. • In the following case study we got 46.61=median and IQR=15.31. • For this data median alpha ~ 46.5km/ms and IQR ~15.6km/ms or IQR/Median~ 33% or ~ +-16%.

  32. Alpha vs Distance

  33. Alpha Vs min RTT

  34. Hence if we can calculate error in alpha we can calculate error in distance estimation and hence in the location estimate.

  35. Feasability for Teiring

  36. Tiering Approach • The purpose of this study is to investigate the effectiveness of tiering for TULIP • i.e we have a set of primary landmarks tier0 which will narrow down the target location to being in a particular region and then a denser set of secondary tier1 landmarks in the discovered region that can be used to get more accurate results.

  37. Benefits • The use of tiering should enable us to reduce the network traffic (number of landmarks pinging a target) while retaining the accuracy of using all landmarks.

  38. Alpha vs Distance (SLAC)

  39. Alpha vs MinRTT (SLAC)

  40. Accuracy Analysis

  41. TULIP Results

  42. Cumulative Distribution

  43. Conclusions • TULIP offers coarse grain accuracy and can confirm location up to city level. • Total of 14 differences ranging from 5,000 to 13,000 were inaccuracies in PingER database. • Further accuracy can be increase by increasing location data of landmark and a much careful landmark selection

More Related