摘要(英) |
Nowadays, not merely smart phones, but also IoT devices are usually equipped with GPS sensors in order to obtain devices’ geo-location. This brings more and more network service based on GPS location to us. For instance, detect traffic jams by obtaining devices′ velocity, or some well-known real world location-based games like Pokémon GO, etc. However, most of those services lack the integrity check for GPS values they get. This leaves a good chance for attackers to manipulate GPS information results before sending it to server, affecting stability and fairness of the system, and cause so called "Fake GPS" problem.
In this paper, we design a pure network-based detection for the LBS provider. Compared with previous solutions, our mechanism is based on Internet control message, which can verify the correctness of the data in upper layer, and solve the signal interference problem happened on hardware. In addition, most of the existing detection methods today can only effectively work for country-scale detection. The mechanism we purposed can effectively narrow down the scope of detection by using to the location of other normal users. Our mechanism successfully provides a more accurate detection method, and makes the attacker more difficult to launch the attack. The study further analysis situations which may probably cause false positive and negative, and give possible solutions for each corresponding issue. Finally, we propose some aspects where Fake GPS Defender can be improved, and also the potential advantages and benefits when cooperating with other existing detection systems. |
參考文獻 |
[1] "Pokémon GO Official Website," Niantic, Inc, http://www.pokemongo.com/.
[2] "LineageOS Android Distribution," https://lineageos.org/.
[3] "Xposed framework," http://repo.xposed.info/.
[4] hiking93, "PokeX: an Xposed module to control Pokémon GO player location with accelerometer.," https://github.com/hiking93/PokeX.
[5] "Reverse engineering and hacking radio with SDR," AIS3, https://ais3.org/class.html.
[6] "HackRF One," https://greatscottgadgets.com/hackrf/.
[7] "GeoIPTool," https://geoiptool.com/.
[8] Sashank Narain, Triet D. Vo-Huu, Kenneth Block and Guevara Noubir, "Inferring User Routes and Locations using Zero-Permission Mobile Sensors," in 2016 IEEE Symposium on Security and Privacy (SP), San Jose, California , 2016.
[9] Francesco Restuccia, Andrea Saracino, Sajal K. Das, and Fabio Martinelli, "LVS: A WiFi-based system to tackle Location Spoofing in location-based services," in 2016 IEEE 17th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2016.
[10] James F. Kurose , Keith W. Ross, "Internet Control Message Protocol," in COMPUTER NETWORKING A Top-Down Approach, 2013, pp. 353-355.
[11] V. Jacobson, "Traceroute Manual," http://www.zytek.com/traceroute.man.html.
[12] "WITCH - detects OpenVPN via MSS values," WITCH, http://witch.valdikss.org.ru/.
[13] "getIPIntel - machine learning proxy / VPN detection," getIPIntel, https://getipintel.net/.
[14] G. J. Kerns, "Outliers," in Introduction to Probability and Statistics Using R, p. 44.
[15] "Tukey′s range test," https://en.wikipedia.org/wiki/Tukey%27s_range_test.
[16] James F. Kurose , Keith W. Ross , "Mobile IP," in COMPUTER NETWORKING A Top-Down Approach , 2013, pp. 564-569.
[17] C. Perkins, "rfc 2003 IP Encapsulation within IP," 9 1996. https://tools.ietf.org/html/rfc2003.
[18] C. Perkins, "RFC 2004 Minimal Encapsulation within IP," 9 1996. https://tools.ietf.org/html/rfc2004.
[19] "3rd Generation Partnership Project (3GPP)," http://www.3gpp.org/.
[20] "GeoIP2 Databases," MaxMind, https://www.maxmind.com/en/geoip-demo. |