TY - GEN
T1 - Attacks on public WLAN-based positioning systems
AU - Tippenhauer, Nils Ole
AU - Rasmussen, Kasper Bonne
AU - Pöpper, Christina
AU - Čapkun, Srdjan
PY - 2009
Y1 - 2009
N2 - In this work, we study the security of public WLAN-based positioning systems. Specifically, we investigate the Skyhook positioning system, available on PCs and used on a number of mobile platforms, including Apple's iPod touch and iPhone. By implementing and analyzing several kinds of attacks, we demonstrate that this system is vulnerable to location spoofing and location database manipulation. In both, the attacker can arbitrarily change the result of the localization at the victim device, by either impersonating remote infrastructure or by tampering with the service database. Our attacks can easily be replicated and we conjecture that - without appropriate countermeasures - public WLAN-based positioning should therefore be used with caution in safety-critical contexts. We further discuss several approaches for securing WLAN-based positioning systems.
AB - In this work, we study the security of public WLAN-based positioning systems. Specifically, we investigate the Skyhook positioning system, available on PCs and used on a number of mobile platforms, including Apple's iPod touch and iPhone. By implementing and analyzing several kinds of attacks, we demonstrate that this system is vulnerable to location spoofing and location database manipulation. In both, the attacker can arbitrarily change the result of the localization at the victim device, by either impersonating remote infrastructure or by tampering with the service database. Our attacks can easily be replicated and we conjecture that - without appropriate countermeasures - public WLAN-based positioning should therefore be used with caution in safety-critical contexts. We further discuss several approaches for securing WLAN-based positioning systems.
KW - Localization attacks
KW - Public WLAN localization
UR - http://www.scopus.com/inward/record.url?scp=70450252080&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=70450252080&partnerID=8YFLogxK
U2 - 10.1145/1555816.1555820
DO - 10.1145/1555816.1555820
M3 - Conference contribution
AN - SCOPUS:70450252080
SN - 9781605585666
T3 - MobiSys'09 - Proceedings of the 7th ACM International Conference on Mobile Systems, Applications, and Services
SP - 29
EP - 39
BT - MobiSys'09 - Proceedings of the 7th ACM International Conference on Mobile Systems, Applications, and Services
T2 - 7th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys'09
Y2 - 22 June 2009 through 25 June 2009
ER -