Do we provide a confidence score for our IP to Privacy data?

We provide detection methodology information through our IP to Privacy Detection Extended database that can be used to build an accuracy score

We offer the Privacy Extended database that opens up the methodology of our anonymous IP detection method. However, we don’t provide an accuracy metric as we do for our IP to Geolocation extended database.

The reason for this is that anonymous IP detection involves using multiple methods. We urge the user to understand the nuances of each detection method so that they can fine-tune the anonymous IP detection based on their cybersecurity models and needs.

If you have a malicious IP data log, you can write a regression/statistical model based on our dataset(s). You can even incorporate malicious IP logs, IPinfo geolocation data, ASN or Company data, abuse data, DNSBL data, etc., to create your privacy detection accuracy score.

:link: Documentation for IP to Privacy Extended Database

IPinfo IP to Privacy Detection Methodology

Let’s explore the different data methodologies we employ in detecting an anonymous IP address. Each methodology comes with its own nuances and should be considered carefully if you are trying to build an accuracy score metric.

Detection Methodology Explanation Caveat
anycast If IP is identified as being any anycast IP, that could map to multiple physical servers in different locations Reasonable indicator. Not all anycast IPs are linked with IP privacy solutions.
census If we’ve identified VPN software running on this IP as part of our internet-wide scan (successful openvpn or ipsec handshake) Strong indicator.
device_activity If we’ve seen VPN-like behavior (multiple devices, multiple locations etc.) Reasonable indicator. If a device is using organization/company VPN software, we might recognize that IP as a VPN.
whois If we’ve seen VPN provider attributes in the IP whois data (e.g. provider name) Weak indicator. As IP information in the WHOIS records tends to be comparatively static. AS209854 Cyberzone S.A. details -
vpn_config If we’ve identified this IP in a VPN config file Strong indicator.

Why we don’t provide an accuracy score

The reason we do not provide a single-digit indicator for our Privacy extended database is that it limits the potential for detection modeling of IP addresses. The more data points you have, the more effective your IP labeling models will be. You might have policies to accept some VPN traffic or some hosting traffic. Therefore, the custom modeling approach helps you fine-tune and personalize your access policies based on our multi-dimensional data.

Moreover, if you build your own IP privacy confidence score system, you can use our IP to Geolocation, ASN, and Company database to create a more robust cybersecurity threat detection policy.

IPinfo services referenced:

Request your IP to Privacy Detection Extended Database by contacting our sales team.