WebGeoInfer: A Structure-Free and Multi-Stage Framework for Geolocation Inference of Devices Exposing Information

Remote management devices facilitate critical infrastructure monitoring for administrators but simultaneously increase asset exposure. Sensitive geographical information overlooked in exposed device management pages poses substantial security risks. Therefore, identifying devices that reveal location information due to administrator negligence is crucial for cybersecurity regulation. Despite the rich information exposed by web interfaces of remote management devices, automatically discovering geographical locations remains challenging due to unstructured formats, varying styles, and incomplete geographical details.This study introduces WebGeoInfer, a structure-free geolocation inference framework utilizing multi-stage information enhancement. WebGeoInfer clusters similar device web pages and analyzes inter-cluster differences to extract potential geographical information, bypassing structural limitations. Through search engine enhancement and Large Language Models mining, the framework extracts geographical coordinates from identified information. WebGeoInfer successfully inferred locations for 5,435 devices across 94 countries and 2,056 cities, achieving accuracy rates of 96.96\%, 88.05\%, and 79.70\% at country, city, and street levels, respectively.