Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Defeat VPN Location-Spoofing By Mapping Network Delays (thestack.com)

Posted by timothy on from the tricky-echoes dept.

An anonymous reader writes: An interesting paper from a PhD student in Ontario outlines a system which in initial tests has proved 97% effective at unmasking geo-spoofing VPN users. The Client Presence Verification (CPV) system presented in the paper utilises analysis of delays in network packets in order to determine the user's location, disregarding the IP address geolocation information which currently underpins the efforts of content providers such as Netflix to prevent VPN users accessing content which is not licensed in their country. The detection system was tested at global network laboratory PlanetLab using 80 network nodes based in the U.S. and Canada.

3 of 81 comments (clear)

  1. 97% is not even close to commercially viable by Thanshin · · Score: 4, Insightful

    97% to detect irregular behavior is completely useless unless the rate of regular and irregular behavior is reasonably balanced. In most commercial settings the rate is biased towards regular behavior by several orders of magnitude. In other words, thousands of times more more biased than 97:3.

    Therefore, this system will have orders of magnitude more false positives than positives. So the positives will just disappear inside a mass of angry customers.

    In short; the ratio of success has to be in the same order of magnitude as the ratio of irregular behavior. e.g.: for Netflix you'd need better than 99.99% precision.

    1. Re:97% is not even close to commercially viable by Anonymous Coward · · Score: 3, Insightful

      And even then, you must consider that Netflix doesn't actually give a flying fuck about geospoofing as long as the number of people doing it consistently remains small and those people remain paying customers...

      Netflix has no reason to actually WANT to prevent or disallow these customers from consuming content this way--there's nothing to be gained by winning that fight and lots to lose.

      They're simply playing along so content owners don't start threatening to pull content. They're actually between a rock and a hard place, hence the "we're trying to prevent geospoofers from consuming content where they shouldn't. We won't let it happen again, honest!" thing.

    2. Re:97% is not even close to commercially viable by Some+nick+or+other · · Score: 3, Insightful

      Typical base rate fallacy example. Suppose 1% of the users are VPN users. Suppose the service is 97% accurate at classifying VPNers as VPNers and regular users as regular users. What's the probability that a user is a regular user given that the system says he's a VPNer?

      Out of 10000 users, there are 100 VPN users. 97 of these will be recognized, 3 not.
      There are 9900 ordinary users. 9900*0.03=297 of these will be falsely flagged.

      So the probability of a positive being true is 97/(97+297) = 24.6%. The probability that he's a regular user is 75.4% which is not nearly good enough for Netflix.