Short: Device-to-Identity Linking Attack Using Targeted Wi-Fi Geolocation Spoofing - Centre of Innovation in Telecommunications and Integration of services Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

Short: Device-to-Identity Linking Attack Using Targeted Wi-Fi Geolocation Spoofing

Résumé

Today, almost all mobile devices come equipped with Wi-Fi technology. Therefore, it is essential to thoroughly study the privacy risks associated with this technology. Recent works have shown that some Personally Identifiable Information (PII) can be obtained from the radio signals emitted by Wi-Fi equipped devices. However, most of the times, the identity of the subject of those pieces of information remains unknown and the Wi-Fi MAC address of the device is the only available identifier. In this paper, we show that it is possible for an attacker to get the identity of the subject. The attack presented in this paper leverages the geolocation information published on some geotagged services, such as Twitter, and exploits the fact that geolocation information obtained through Wi-Fi-based Positioning System (WPS) can be easily manipulated. We show that geolocation manipulation can be targeted to a single device, and in most cases, it is not necessary to jam real Wi-Fi access points (APs) to mount a successful attack on WPS.
Fichier principal
Vignette du fichier
wisec15 (1).pdf (414.62 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01176842 , version 1 (16-07-2015)

Identifiants

Citer

Célestin Matte, Jagdish Prasad Achara, Mathieu Cunche. Short: Device-to-Identity Linking Attack Using Targeted Wi-Fi Geolocation Spoofing. ACM WiSec 2015, Jun 2015, New York, United States. ⟨10.1145/2766498.2766521⟩. ⟨hal-01176842⟩
431 Consultations
1012 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More