Why Choose This Project

In today’s interconnected world, users often access accounts from multiple locations. However, sudden or unexpected changes in login geolocation can indicate compromised accounts or unauthorized access. Traditional security systems rarely provide real-time alerts for such location anomalies. This project creates a web-based platform that tracks login geolocations and generates drift alerts when login activity deviates significantly from a user’s normal pattern, enhancing account security.

What You Get

A system that monitors user login locations, detects abnormal geographical patterns, and alerts administrators of suspicious activity. Users and admins can review historical login locations, receive alerts for unusual logins, and take action to secure accounts before a potential breach occurs.

Key Features

Technology Stack

Frontend Layer

• HTML, CSS, JavaScript

• Bootstrap for responsive UI

• Optional: React.js for dynamic dashboards

Backend Layer

• Node.js (Express) / Java Spring Boot / Python Flask

• Handles login data processing, geolocation detection, and alerts

Database Layer

• MongoDB / MySQL / PostgreSQL for storing login data and alerts

Security Layer

• HTTPS for secure portal access

• JWT / OAuth2 for admin authentication

Optional Libraries & APIs

• GeoIP API (MaxMind GeoIP, IPinfo) for IP-to-location mapping

• Email/SMS API (Nodemailer, Twilio) for alerts

• Chart.js / D3.js for visual geolocation dashboards

Working Flow

1. User Login Attempt

   • Users log in normally, and their IP address is captured.

2. Geolocation Lookup

   • IP is mapped to latitude, longitude, city, and country using GeoIP API.

3. Login Drift Analysis

   • Compare the current login location against historical login patterns.

   • Detect abnormal distances, impossible travel speeds, or new regions.

4. Anomaly Detection & Risk Scoring

   • Assign risk scores based on deviation magnitude and historical data.

5. Alerts & Notifications

   • Notify admins and optionally users of suspicious geolocation drift.

6. Dashboard & Reporting

   • Visualize login drift paths on a map.

   • Generate reports summarizing alerts, risk scores, and affected accounts.

Main Modules

• Authentication Module → Secure admin login and role management

• Login Capture Module → Track all login attempts with IP and timestamp

• Geolocation Module → Convert IP to physical location

• Drift Detection Engine → Identify abnormal geolocation deviations

• Alert Module → Notify admin or user in real time

• Dashboard Module → Visualize login locations and drift trends

• Reporting Module → Export login and alert data for audits

• API Module → Provide drift alert results to external systems

Security Features

• HTTPS-secured portal and API endpoints

• JWT/OAuth2 authentication for admin access

• Role-based access control for sensitive modules

• Real-time alerts for unusual login geolocations

• Audit logs for all login events and alerts

• IP and geolocation verification for early threat detection