How an IP address can reveal your location

Researchers can pinpoint a user's location within a half-mile

A team of researchers from Northwestern University and Microsoft Research recently announced a new method by which a computer’s IP address can be used to pinpoint a user’s location within a half-mile, a geolocation accuracy that is 50 times more accurate than current systems used.

The paper,“Towards Street-Level Client-Independent IP Geolocation” was presented at USENIX Networked Systems Design and Implementation conference at the beginning of April, reported Ars Technica.

Terrorists and foreign governments, in theory, could use the collected geographical information to target physical government locations. Or the situation could be reversed — government officials could use the data to target terrorists and criminals or improve response times for emergencies.

The report comes at the same time as researchers announced that Apple and Google are tracking and storing location information from cell phones. Individuals and government officials are expressing privacy concerns over possible location data usage.

Related story:

Researchers debate iPhone tracking, as a jailbreak solution appears

In the report, the researchers state that their new geolocation method can be used to track individuals in real time, returning information within one to two seconds. More important, the technique is client-independent, requiring neither permission nor software from the targeted computer.

The new method uses a three-step process, combining statistical analysis, location data already available on the Internet, and known signal travel times to narrow the location radius of a computer. Unlike previous methods, the new process uses landmarks to improve geolocation accuracy.

In the first step, the researchers ping multiple servers, converting the response time to a geographical distance. Where all server responses overlap is the general area where the computer is located.

In the second step, the researchers narrowed the area by mapping nearby IP addresses at known physical locations within the potential radius — sites that host their own websites and post their address online— using a commercial mapping service such as Google Maps. Using a traceroute program, the researchers then determined which routers are potentially connected to both the known locations and the unknown IP. The researchers also used methodologies and analysis to eliminate potential location false positives.

In the third and final step, the researchers used the combined information, together with distance and time data between known locations, to determine possible IP locations relative to the nearby mapped landmarks. They then associated the nearest landmark to the IP address to develop an estimate of the IP address within a half-mile.

How the data could and would be used the future, as well as its accuracy in actual practice, is unknown. The researchers stated in the report that the geographical location data could be used by online retailers, for example, to more specifically target customers.

Comments to the Ars Technica story pointed out several possible shortcomings with the methodology, including:

  • Firewalls used today by personal computers typically block pings from unknown sources.
  • For law enforcement, it could be much faster and easier to simply obtain a warrant for the actual IP address.
  • The process is the most accurate in dense locations – cities – where there are high numbers of landmarks. However, cities also have the highest number of potential IP locations.
  • Many companies today are moving their servers offsite, creating fewer local landmarks to use as geographical markers.
  • Internet service providers and companies such as Google already have anonymized IP geographic data they can sell.
  • Individuals can create random ping delays, distorting estimated distances.
  • Technology is available to mask an IP address.

About the Author

Kathleen Hickey is a freelance writer for GCN.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Mon, Aug 12, 2013 Reece

will this software be available to the public? for instance i help run a suicide prevention blog and having this software would mean being able to call the emergency services if someone was in immediate danger please write back to me when you know Reece

Thu, Apr 28, 2011 Clarence Indiana

This hype over "geolocation" via IP or even cell phone triangulation/GPS is nothing more than "birth certificate" fishing! I'm pretty sure my home land line phone has a street address attached to the number! You mean if I call someone and make a threat or a misguided rant over a political issue I'm unhappy with someone from the government could find out where I live!!?! The horrors!!

Wed, Apr 27, 2011 The Shrimper

Another great illustration of our collective stupidity in the misguided interest of the public "right to know". Let's be sure we continue to telegraph to terrorists and others who wish us harm and destruction our abilities to track and find them. Maddening.

Wed, Apr 27, 2011 Tennessee

Mr. Friedman's comments are correct. The locational information obtained by warrant is infinitely more accurate than the estimating methods reportedly employed by the two techniques mentioned in his comments. However, the general approach developed by the researchers as outlined in the article could be used to narrow serveillance areas for improved collection of "probable cause" evidence to aid in obtaining the warrent for the more exacting location. So I think it is still a useful tool, though not as accurate. Commercial applications can still consider it useful as it could make referral to local retail establishments possible - thereby boosting sales.

Wed, Apr 27, 2011 Rob Friedman Norcross, GA

It's great to see an article covering the advancements in IP geotargeting. Importantly, this really doesn't represent anything new in IP targeting. Digital Element announced NetAcuity Edge a couple of years ago: Edge is highly accurate worldwide at a very granular level, using most of the methods described in the article, as well as anonymous permission-based user-supplied data to confirm locations. Used correctly, IP targeting can help track down attacks, target content, analyze suspicious traffic patterns...but importantly, as mentioned above it IS NOT a substitute for a warrant by law enforcement (which will get you exact locations--and will always be better than this type of targeting). Rob

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group