Related papers: Surveilling the Masses with Wi-Fi-Based Positioning Systems

Surveilling the Masses with Wi-Fi-Based Positioning Systems

URL: http://arxiv.org/abs/2405.14975v1
Date: Thu, 23 May 2024 18:22:12 GMT
Title: Surveilling the Masses with Wi-Fi-Based Positioning Systems
Authors: Erik Rye, Dave Levin,
Abstract summary: We show that Apple's WPS can be abused to create a privacy threat on a global scale. We present an attack that allows an unprivileged attacker to amass a worldwide snapshot of Wi-Fi BSSID geolocations. We present several case studies that demonstrate the types of attacks on privacy that Apple's WPS enables.
Score: 7.1251088452879285
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Wi-Fi-based Positioning Systems (WPSes) are used by modern mobile devices to learn their position using nearby Wi-Fi access points as landmarks. In this work, we show that Apple's WPS can be abused to create a privacy threat on a global scale. We present an attack that allows an unprivileged attacker to amass a worldwide snapshot of Wi-Fi BSSID geolocations in only a matter of days. Our attack makes few assumptions, merely exploiting the fact that there are relatively few dense regions of allocated MAC address space. Applying this technique over the course of a year, we learned the precise locations of over 2 billion BSSIDs around the world. The privacy implications of such massive datasets become more stark when taken longitudinally, allowing the attacker to track devices' movements. While most Wi-Fi access points do not move for long periods of time, many devices -- like compact travel routers -- are specifically designed to be mobile. We present several case studies that demonstrate the types of attacks on privacy that Apple's WPS enables: We track devices moving in and out of war zones (specifically Ukraine and Gaza), the effects of natural disasters (specifically the fires in Maui), and the possibility of targeted individual tracking by proxy -- all by remotely geolocating wireless access points. We provide recommendations to WPS operators and Wi-Fi access point manufacturers to enhance the privacy of hundreds of millions of users worldwide. Finally, we detail our efforts at responsibly disclosing this privacy vulnerability, and outline some mitigations that Apple and Wi-Fi access point manufacturers have implemented both independently and as a result of our work.

Related papers

Obfuscated Location Disclosure for Remote ID Enabled Drones [57.66235862432006]
We propose Obfuscated Location disclOsure for RID-enabled drones (OLO-RID) Instead of disclosing the actual drone's location, drones equipped with OLO-RID disclose a differentially private obfuscated location in a mobile scenario. OLO-RID also extends RID messages with encrypted location information, accessible only by authorized entities.
arXiv Detail & Related papers (2024-07-19T12:35:49Z)
Your Car Tells Me Where You Drove: A Novel Path Inference Attack via CAN Bus and OBD-II Data [57.22545280370174]
On Path Diagnostic - Intrusion & Inference (OPD-II) is a novel path inference attack leveraging a physical car model and a map matching algorithm. We implement our attack on a set of four different cars and a total number of 41 tracks in different road and traffic scenarios.
arXiv Detail & Related papers (2024-06-30T04:21:46Z)
Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces [20.406776153173176]
We propose a novel approach that allows for environment-adaptive spatial control of wireless jamming signals. We demonstrate complete denial-of-service of a Wi-Fi device while a second device located at a distance as close as 5 mm remains unaffected.
arXiv Detail & Related papers (2024-02-21T12:50:44Z)
DensePose From WiFi [86.61881052177228]
We develop a deep neural network that maps the phase and amplitude of WiFi signals to UV coordinates within 24 human regions. Our model can estimate the dense pose of multiple subjects, with comparable performance to image-based approaches.
arXiv Detail & Related papers (2022-12-31T16:48:43Z)
WiFi-based Spatiotemporal Human Action Perception [53.41825941088989]
An end-to-end WiFi signal neural network (SNN) is proposed to enable WiFi-only sensing in both line-of-sight and non-line-of-sight scenarios. Especially, the 3D convolution module is able to explore thetemporal continuity of WiFi signals, and the feature self-attention module can explicitly maintain dominant features.
arXiv Detail & Related papers (2022-06-20T16:03:45Z)
AirGuard -- Protecting Android Users From Stalking Attacks By Apple Find My Devices [78.08346367878578]
We reverse engineer Apple's tracking protection in iOS and discuss its features regarding stalking detection. We design "AirGuard" and release it as an Android app to protect against abuse by Apple tracking devices.
arXiv Detail & Related papers (2022-02-23T22:31:28Z)
Topological Indoor Mapping through WiFi Signals [0.09668407688201358]
WiFi access points and mobile devices capable of measuring WiFi signal strengths allow for real-world applications in localization and mapping. Previous approaches were hindered by problems such as effortful map-building processes, changing environments and hardware differences. We tackle these problems focussing on topological maps. In our unsupervised method, we employ WiFi signal strength distributions, dimension reduction and clustering.
arXiv Detail & Related papers (2021-06-17T20:06:09Z)
WiFi Fingerprint Clustering for Urban Mobility Analysis [20.190366137684205]
We present an unsupervised learning approach to identify user points of interest (POI) by exploiting WiFi measurements from smartphone application data. Due to the lack of GPS positioning accuracy in indoor, sheltered, and high rise building environments, we rely on widely available WiFi access points (AP) in contemporary urban areas. We propose a system architecture to scan the surrounding WiFi AP, and perform unsupervised learning to demonstrate that it is possible to identify three major insights.
arXiv Detail & Related papers (2021-05-04T03:46:14Z)
The Dark (and Bright) Side of IoT: Attacks and Countermeasures for Identifying Smart Home Devices and Services [4.568911586155096]
We build up a model describing the traffic patterns characterizing three popular IoT smart home devices. We prove that it is possible to detect and identify with overwhelming probability their presence and the services running by the aforementioned devices.
arXiv Detail & Related papers (2020-09-16T13:28:59Z)
Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
arXiv Detail & Related papers (2020-06-10T16:05:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.