SummaryIP geolocation is usually used in fog computing to avoid high latency and discriminate malicious requests by judging the location of users. Existing delay measurement-based IP geolocation approaches are not applicable to the network that has hierarchical topology and weak connectivity, and the precision of the classical Street-Level Geolocation (SLG) method will decrease dramatically when the common routers are anonymous. In this paper, an IP geolocation method based on identification routers and local delay distribution similarity is proposed. The target IP's location at city-level is firstly derived by matching its routing path with the identification routers that only forward packets to the same city. After that, the target IP's local delay between the nearest common router and the target IP is gathered, and the landmarks' are obtained at the same time. Finally, the location of the landmark that has the most similar local delay distribution with the target IP is taken as the geolocation result. Theoretical analysis and experimental results show that the proposed method can derive reliably geolocation results at city-level for the target IP in the network with hierarchical architecture. Moreover, the geolocation accuracy of classical SLG method is improved obviously when the common routers are anonymous. KEYWORDS anonymous router, city-level geolocation, identification router, IP geolocation, local delay distribution similarity, street-level geolocation
INTRODUCTIONFog computing is proposed to enable computing directly at the edge of the network, which can provide elastic resources and services to end users through fog nodes. 1,2 IP geolocation technology, which aims to obtain a network device's location only with its IP address, has attracted extensive attention of researchers, 3 and it plays an important role in fog computing. For example, judging the geographical locations of users using IP geolocation technology could help the fog computing service providers to select nearby fog nodes for users such as to improve the quality of service. 4With IP geolocation technology, the service providers can authenticate users and identify malicious requests based on their location. In addition, with the continuous improvement of IP geolocation technology, it is expected that it will play a role in geolocating hidden servers in Tor networks 5,6 and data in Cloud Computing. 7,8 In recent decade years, many methods have been proposed in IP geolocation. Existing IP geolocation methods can be divided into two categories according to the granularity of geolocation results: city-level geolocation and street-level geolocation.The city-level geolocation methods aim to obtain the location of target IP at city-level granularity and can be further categorized into two types: measurement-based and database-based. The measurement-based geolocation method is the focus of current research in IP geolocation.They usually geolocate the target IP based on delay, topology, or both, simultaneously. These methods include GeoPing, 3 CB...