All news with #cgnat tag

Detecting CGNAT to Reduce Collateral Damage Globally

🔎Cloudflare describes a supervised approach to detect large-scale IP sharing — especially CGNAT — to reduce collateral damage from IP-based security controls. They build labeled training data using distributed traceroutes (RIPE Atlas), PTR/WHOIS scraping, and lists of known VPN/proxy exit IPs, then extract per-IP and per-/24 behavioral features. An XGBoost model trained on these features achieves high accuracy, enabling operators to tune rate limits and blocklists with less harm to innocent users, particularly in regions with heavy IP sharing.