My Magnetometer Is Telling You Where I've Been?: A Mobile Device Permissionless Location Attack

Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2018-06-18 DOI:10.1145/3212480.3212502

Kenneth Block, G. Noubir

{"title":"My Magnetometer Is Telling You Where I've Been?: A Mobile Device Permissionless Location Attack","authors":"Kenneth Block, G. Noubir","doi":"10.1145/3212480.3212502","DOIUrl":null,"url":null,"abstract":"Although privacy compromises remain an issue among users and advocacy groups, identification of user location has emerged as another point of concern. Techniques using GPS, Wi-Fi, NFC, Bluetooth tracking and cell tower triangulation are well known. These can typically identify location accurately with meter resolution. Another technique, inferring routes via sensor exploitation, may place a user within a few hundred meters of a general location. Acoustic beacons such as those placed in malls may have more finely grained resolution yet are limited by the sensitivity of the device's microphone to ultrasonic signals and directionality. In this paper we are able to discern user location within commercial GPS resolution by leveraging the ability of mobile device magnetometers to detect externally generated signals in a permissionless attack. We are able to achieve an aggregate location identification success rate of 86% with a bit error rate of 1.5% which is only ten times the stationary error rate. We accomplish this with a signal that is a fraction of the Earth's magnetic field strength. We designed, prototyped, and experimentally evaluated a system where a location ID is transmitted via low power magnetic coil(s) and received by permissionless apps. The system can be located at ingresses and kiosks situated in malls, stores, transportation hubs and other public locations including crosswalks using a location ID that is mapped to the GPS coordinates of the facility hosting the system. We demonstrate that using Android phone magnetometers, we can correctly detect and identify the when and the where of a device when the victim walks at a comfortable pace while their device has all the aforementioned services disabled. In order to address the substantial signal fading effects due to mobility in a very-low power magnetic near field, we developed signal processing and coding techniques and evaluated the prototype on six android devices in an IRB-approved study with six participants.","PeriodicalId":267134,"journal":{"name":"Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"2011 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3212480.3212502","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Although privacy compromises remain an issue among users and advocacy groups, identification of user location has emerged as another point of concern. Techniques using GPS, Wi-Fi, NFC, Bluetooth tracking and cell tower triangulation are well known. These can typically identify location accurately with meter resolution. Another technique, inferring routes via sensor exploitation, may place a user within a few hundred meters of a general location. Acoustic beacons such as those placed in malls may have more finely grained resolution yet are limited by the sensitivity of the device's microphone to ultrasonic signals and directionality. In this paper we are able to discern user location within commercial GPS resolution by leveraging the ability of mobile device magnetometers to detect externally generated signals in a permissionless attack. We are able to achieve an aggregate location identification success rate of 86% with a bit error rate of 1.5% which is only ten times the stationary error rate. We accomplish this with a signal that is a fraction of the Earth's magnetic field strength. We designed, prototyped, and experimentally evaluated a system where a location ID is transmitted via low power magnetic coil(s) and received by permissionless apps. The system can be located at ingresses and kiosks situated in malls, stores, transportation hubs and other public locations including crosswalks using a location ID that is mapped to the GPS coordinates of the facility hosting the system. We demonstrate that using Android phone magnetometers, we can correctly detect and identify the when and the where of a device when the victim walks at a comfortable pace while their device has all the aforementioned services disabled. In order to address the substantial signal fading effects due to mobility in a very-low power magnetic near field, we developed signal processing and coding techniques and evaluated the prototype on six android devices in an IRB-approved study with six participants.

查看原文本刊更多论文

我的磁力计告诉你我去过哪里?:移动设备Permissionless Location攻击

尽管隐私泄露仍然是用户和倡导团体的一个问题，但用户位置的识别已经成为另一个关注点。使用GPS、Wi-Fi、NFC、蓝牙跟踪和手机塔三角测量的技术是众所周知的。这些通常可以准确地识别位置与仪表分辨率。另一种技术是利用传感器推断路线，可以将用户置于距离一般位置几百米的范围内。放置在商场中的声波信标可能具有更精细的分辨率，但受到设备麦克风对超声波信号和方向性的灵敏度的限制。在本文中，我们能够通过利用移动设备磁力计在未经许可的攻击中检测外部生成的信号的能力，在商业GPS分辨率内识别用户位置。我们能够实现总位置识别成功率为86%，误码率为1.5%，仅为平稳误码率的10倍。我们用地球磁场强度的一小部分信号来实现这一点。我们设计、制作原型并实验评估了一个系统，该系统通过低功率磁线圈传输位置ID，并由无需许可的应用程序接收。该系统可以定位在商场、商店、交通枢纽和其他公共场所(包括人行横道)的入口和售货亭，使用映射到承载该系统的设施的GPS坐标的位置ID。我们证明，使用Android手机磁力计，当受害者以舒适的速度行走，而他们的设备禁用了上述所有服务时，我们可以正确地检测和识别设备的时间和地点。为了解决由于极低功率磁场中的移动性而产生的实质性信号衰落影响，我们开发了信号处理和编码技术，并在irb批准的六名参与者的研究中在六个android设备上评估了原型。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks

自引率

0.00%

发文量