A method of Improving the Security of Information and Telecommunications Network Using the Means of Determining Intruder's Geolocation

 Known methods of ensuring information security of information and telecommunication networks with the use in modern conditions are not effective enough, since not all means of detecting external threats are used. In this article, the authors raise the issue of the possibility of using the procedure for determining IP geolocation in the framework of ensuring the information security of the network. Purpose: to ensure the level of security of the information and telecommunications network above the required value by effectively detecting external intruders through the use of tools for determining the geolocation of the intruder in the process of ensuring information security. Result: a method is proposed for improving the security of an information and telecommunication network, taking into account the introduction of software for determining the geolocation of an intruder after intrusion detection.

1. Morkovkin Ye.A., Novichikhina A.A., Zamulin I.S. IP-addressing and information security. Bulletin of the Khakass State University. N.F. Katanov. 2022;1(39):9‒12.

2. Ivanov M., Polunin A. Improving the accuracy of IP geolocation based on public ip geoservices data. Informatics and Automation. 2022;21(4):758‒785. DOI:10.15622/ia.21.4.5

3. Lipatnikov V.A., Shevchenko A.A., Melekhov K.V., Zadboev V.A. Method of detecting the geographical location of the information security intruder in the data network. Proceedings of the IInd All-Russian Scientific and Technical Conference on State and Prospects of Development of Modern Science in the Direction of "IT-Technologies", 23‒24 March 2023, Anapa, Russia, vol.2. Anapa: Military Innovation Technopolis "ERA" Publ.; 2023. PP. 178‒183.

4. Aljumaily M. Content Delivery Networks Architecture, Features, and Benefits. 2016. DOI:10.13140/RG.2.1.1762.0722

5. Arif M.J., Karunasekera S., Kulkarni S., Gunatilaka A., Ristic B. Internet Host Geolocation Using Maximum Likelihood Estimation Technique. Proceedings of the 24th IEEE International Conference on Advanced Information Networking and Appli-cations, 20‒23 April 2010, Perth, Australia. IEEE; 2010. p.422‒429. DOI:10.1109/AINA.2010.139

6. Lipatnikov V.A., Shevchenko A.A. The Vulnerability Control Method Applying While Automated Integrated Structure Organization Management System Scaling. Information Systems and Technologies. 2016;2(94):128‒140.

7. Williams J. Identification of IP address using fraudulent geolocation data. 2020. URL: https://www.imperial.ac.uk/media/ imperial-college/faculty-of-engineering/computing/public/1920-ug-projects/Williams,-James-%28jw1317%29.pdf [Accessed 13.09.2023]

8. Wang Z., Li H., Li Q., Li W., Zhu H., Sun L. Towards IP geolocation with intermediate routers based on topology discovery. Cybersecurity. 2019;2:13. DOI:10.1186/s42400-019-0030-2

9. Hufaker B., Fomenkov M., Claffy K. Geocompare: a comparison of public and commercial geolocation databases. 2011. URL: https://api.semanticscholar.org/CorpusID:13521646 [Accessed 13.09.2023]

10. Pratap U., Canudas-de-Wit C., Garin F. Average state estimation in presence of outliers. Proceedings of the 59th IEEE Conference on Decision and Control, CDC, 14‒18 December 2020, Jeju, South Korea. IEEE; 2020. p.6058‒6063. DOI:10.1109/CDC42340.2020.9303809

11. Shevchenko A.A. Mathematical model of information confrontation of two systems in information and telecommunication space. Proceedings of the All-Army Scientific and Practical Conference on Innovative Activity in the Armed Forces of the Russian Federation, 14–15 October 2020, St. Petersburg, Russia. St. Petersburg: Military Academy of Communications Publ.; 2020. p.237‒241.

12. Zhao F., Luo X., Gan Y., Zu S., Cheng Q., Liu F. IP Geolocation based on identification routers and local delay distribution similarity. Concurrency and Computation: Practice and Experience. 2018;31(22). DOI:10.1002/cpe.4722

13. Lipatnikov V.A., Shevchenko A.A., Yatskin A.D., Semenova E.G. Information Security Management of Integrated Structure Organization Based on a Dedicated Server with Container Virtualization. Information and Control Systems. 2017;4:67–76. DOI:10.15217/issn1684-8853.2017.4.67

14. Top 10 Best IP Geolocation APIs (in 2022). URL: https://rapidapi.com/blog/ip-geolocation-api [Accessed 13.09.2023]

15. Semiu O.A. Migration of IPv4 to IPv6; Translation Method. 2018. URL: https://www.researchgate.net/publication/345727747_Migration_of_IPv4_to_IPv6_Translation_Method [Accessed 13.09.2023]

16. Taylor J., Devlin J., Curran K. Bringing location to IP Addresses with IP Geolocation. Journal of Emerging Technologies in Web Intelligence. 2012;4(3):273‒277.

17. Lipatnikov V.A., Chepelev K.V., Shevchenko A.A. Method of Protecting an Information Network from Intrusions. Patent RF. 2705773 C1, 11.11.2019.

18. Padmanabhan V.N., Subramanian L. An investigation of geographic mapping techniques for internet hosts. Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM, 24‒26 October 2023, San Diego, USA. p.173–185. New York: ACM; 2001. DOI:10.1145/383059.383073

19. Luckie M., Dhamdhere A., Huffaker B., Clark D., claffy kc. bdrmap: Inference of Borders between IP Networks. Proceedings of the 2016 Internet Measurement Conference, IMC '16, 14‒16 November 2016, Santa Monica, USA. New York: ACM; 2016. PP. 381‒396. DOI:10.1145/2987443.2987467

20. Lipatnikov V.A., Melekhov K.V., Zadboev V.A. A Method of Detection of an Intruder's Location in the Data Network of the Network Infrastructure. Proceedings of the International Scientific and Practical Conference on Transport of Russia: Problems and Prospects, 09‒10 November 2022, St. Petersburg, Russia, vol.2. St. Petersburg: N.S. Solomenko Institute of Transport Problems RAS; 2022. p.215‒220.

21. Kunashev D.A., Alakulov A.A., Rakhaev A.Kh. Address space IPV4 – IP-geolocation. Proceedings of the International Scientific Conference of Students, Graduate Students and Young Scientists «Perspektiva–2021», 23–30 April 2021, Elbrus, Russia. Elbrus, 2021. vol.III. p.295‒297.

22. Hufaker B., Fomenkov M., claffy kc. Geocompare: a comparison of public and commercial geolocation databases. 2011. URL: https://www.caida.org/catalog/papers/2011_geocompare_tr/geocompare-tr.pdf [Accessed 13.09.2023]

23. Lizneva Ju. S., Kokoreva E.V., Kostyukovich A.E. Predicting the location of a mobile subscriber in the network. The Herald of the Siberian State University of Telecommunications and Information Science. 2022;3(59):101‒111. DOI:10.55648/1998-6920-2022-16-3-101-111

24. Gouel M., Vermeulen K., Fourmaux O., Friedman T., Beverly R. IP Geolocation Database Stability and Implications for Network Research. 2021. URL: https://hal.science/hal-03419874 [Accessed 13.09.2023]

25. iPapi AP. URL: https://ipapi.com [Accessed 12.04.2023]

26. Sorokin M.A., Kurilo A.A., Kuzin P.I. Service Traffic Analysis Process Model for Information Network Security Management. Military Energy. Scientific and Technical Journal. Counter-terrorism technical devices.Issue 16. 2021;1-2(151-152):67‒73.

27. Medvedev Yu.S., Terekhov V.V. Features of building a distributed corporate network of an enterprise to provide information and computing resources. Proceedings of the XII International Scientific and Practical Conference “Scientific readings named after Professor N.E. Zhukovsky”, 22–23 December 2021, Krasnodar, Russia. Krasnodar: Publishing House ‒ South, 2022. p.258‒260.

28. Measures of distance between samples: Euclidean. URL: http://www.econ.upf.edu/~michael/stanford/maeb4.pdf [Accessed 20.05.2023]

29. Li Z., Levin D., Spring N., Bhattacharjee B. Internet anycast: performance, problems, & potential. Proceedings of the Conference of the ACM Special Interest Group on Data Communication, SIGCOMM '18, 20‒25 August 2018, Budapest, Hungary. New York: ACM; 2018. p.59–73. DOI:10.1145/3230543.3230547

30. Shevchenko A.A. A model of the process of protecting an information and telecommunications network from unauthorized influence. Proceedings of the All-Army Scientific and Practical Conference on Innovative Activity in the Armed Forces of the Russian Federation, 10‒11 October 2019, St. Petersburg, Russia. St. Petersburg: Military Academy of Communications Publ.; 2019. p.166‒173.

31. Zadboev V.A., Melekhov K.V., Petrenko M.I., Komov A.A., Lipatnikov V.A., Parfirov V.A., et al. Means of Determining the Chain of Routes in the Data Transmission Network to the Geographical Location of the Offender. Patent RF, no 2023614029, 01.03.2023.