Or find which IPs are logging in with >N unrelated Netflix accounts. Where N is sufficiently high to minimize false positives. Cases like Airbnb would still get the boot with this strategy.
They can even let VPN users map the servers for them in the data collection phase. Look at the usage graph and you'll find a cluster of accounts that jump between the same cluster of IPs.
There would be Airbnb traffic would look different from a VPN.
For an Airbnb you’d have the accounts change frequently but seldom multiple account from the same IP. Whereas a BPN would see the same accounts frequently but with many overlapping accounts from the same IP.
Similarly with hotels you’d see the overlapping of accounts per IP but less regularity of the same accounts.
This feels like one of those problems machine learning could help solve. Though there is a lot you can deduce just from
good old fashioned rules. Eg some IP subnets are going to have a higher probability of hosting a VPN (eg those bought for AWS EC2) vs legitimate traffic over other IP subnets.
Couldn't they just buy a subscription to all the largest VPN providers and just run through the server list making a note of each server?