> To aid reproducibility, we open source our entire approach.<p>Probably because it's a draft but I was not able to find any source code (looked up the authors github repos and websites)<p>Also the end of the conclusion is pretty interesting:<p>> Our future work will focus on combining reverse
DNS hostname information with WHOIS databases and network
delay to form a geolocation database across the entire IP space
> IP Geolocation databases are widely used in online services to map end user IP addresses to their geographical locations. However, they use proprietary geolocation methods and in some cases they have poor accuracy. We propose a systematic approach to use publicly accessible reverse DNS hostnames for geolocating IP addresses. Our method is designed to be combined with other geolocation data sources. We cast the task as a machine learning problem where for a given hostname, we generate and rank a list of potential location candidates. We evaluate our approach against three state of the art academic baselines and two state of the art commercial IP geolocation databases. We show that our work significantly outperforms the academic baselines, and is complementary and competitive with commercial databases. To aid reproducibility, we open source our entire approach.<p>(abstract from the linked article)
We use rdns hostname data as one of the data sources for our geolocation database at <a href="https://ipinfo.io" rel="nofollow">https://ipinfo.io</a>, but some of the ML stuff here is definitely interesting, and we'll be looking integrating some of the more novel techniques covered here!
Trying to say "we can do IP geolocation through rDNS" is a really bad idea. I control several /16 chunks of IP space that through their ARIN WHOIS entry and rDNS could be located anywhere from northwest montana, to the NW corner of WA state, to Eugene OR, to Boise ID, or anywhere in between.<p>Maxmind and other geolocation services are also famously bad.<p><a href="https://www.google.com/search?client=ubuntu&channel=fs&q=maxmind+kansas+farm&ie=utf-8&oe=utf-8" rel="nofollow">https://www.google.com/search?client=ubuntu&channel=fs&q=max...</a>
Ideally, a geolocation system should also work in an adversarial setting, when somebody is trying to spoof their geolocation. We recently learned that some VPN providers do that, to appear to have proxies in more countries:
<a href="https://research.owlfolio.org/pubs/2018-catch-proxies-lie.pdf" rel="nofollow">https://research.owlfolio.org/pubs/2018-catch-proxies-lie.pd...</a><p>Obviously, people can lie in their reverse DNS record but active measurements from distributed vantage points (e.g., by using the RIPE Atlas network) could expose that.