Attacks on public WLAN-based positioning systems

Nils Ole Tippenhauer, Kasper Bonne Rasmussen, Christina Pöpper, Srdjan Čapkun

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this work, we study the security of public WLAN-based positioning systems. Specifically, we investigate the Skyhook positioning system, available on PCs and used on a number of mobile platforms, including Apple's iPod touch and iPhone. By implementing and analyzing several kinds of attacks, we demonstrate that this system is vulnerable to location spoofing and location database manipulation. In both, the attacker can arbitrarily change the result of the localization at the victim device, by either impersonating remote infrastructure or by tampering with the service database. Our attacks can easily be replicated and we conjecture that - without appropriate countermeasures - public WLAN-based positioning should therefore be used with caution in safety-critical contexts. We further discuss several approaches for securing WLAN-based positioning systems.

Original languageEnglish (US)
Title of host publicationMobiSys'09 - Proceedings of the 7th ACM International Conference on Mobile Systems, Applications, and Services
Pages29-39
Number of pages11
DOIs
StatePublished - Nov 30 2009
Event7th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys'09 - Krakow, Poland
Duration: Jun 22 2009Jun 25 2009

Publication series

NameMobiSys'09 - Proceedings of the 7th ACM International Conference on Mobile Systems, Applications, and Services

Other

Other7th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys'09
CountryPoland
CityKrakow
Period6/22/096/25/09

Keywords

  • Localization attacks
  • Public WLAN localization

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Attacks on public WLAN-based positioning systems'. Together they form a unique fingerprint.

  • Cite this

    Tippenhauer, N. O., Rasmussen, K. B., Pöpper, C., & Čapkun, S. (2009). Attacks on public WLAN-based positioning systems. In MobiSys'09 - Proceedings of the 7th ACM International Conference on Mobile Systems, Applications, and Services (pp. 29-39). (MobiSys'09 - Proceedings of the 7th ACM International Conference on Mobile Systems, Applications, and Services). https://doi.org/10.1145/1555816.1555820