DOLOS: Tricking the Wi-Fi APs with Incorrect User Locations
0
Sign in to get full access
Overview
- This paper proposes DOLOS, a system that can trick Wi-Fi access points (APs) into believing a user is located at a different position than their actual location.
- DOLOS works by exploiting the indoor positioning algorithms used by Wi-Fi APs to estimate user locations.
- The researchers show that DOLOS can successfully deceive APs in both simulated and real-world experiments.
Plain English Explanation
The paper presents a system called DOLOS that can fool Wi-Fi access points (APs) into thinking a user is at a different location than where they actually are. This is done by taking advantage of the algorithms used by Wi-Fi APs to estimate the positions of users based on the wireless signals they receive.
The key idea behind DOLOS is to manipulate the wireless signals that the APs receive from a user's device in a way that makes the APs believe the user is somewhere else. This could be useful for privacy-conscious users who want to hide their true location, or for attackers who want to mislead the APs for malicious purposes.
The researchers demonstrate that DOLOS can successfully deceive the APs in both simulated and real-world experiments, causing the APs to incorrectly estimate the user's location. This highlights a potential vulnerability in the indoor positioning systems used by many Wi-Fi-based location tracking applications.
Technical Explanation
The paper presents DOLOS, a system that can trick Wi-Fi access points (APs) into believing a user is located at a different position than their actual location. DOLOS works by exploiting the indoor positioning algorithms used by Wi-Fi APs to estimate user locations based on the received wireless signal strength (RSSI) and other measurements.
The researchers first analyze the typical indoor positioning algorithms used by Wi-Fi APs, which often rely on techniques like trilateration or fingerprinting to determine user locations. They then develop a model to understand how DOLOS can manipulate the RSSI and other signal characteristics to mislead the APs' positioning algorithms.
In their experiments, the researchers show that DOLOS can successfully deceive APs in both simulated and real-world environments. By strategically modifying the wireless signals from a user's device, DOLOS causes the APs to estimate the user's location to be at a different position than their true location.
The paper includes a detailed description of the DOLOS system architecture and the techniques used to generate the spoofed wireless signals. The researchers also discuss the limitations of their approach and potential countermeasures that could be used to detect and mitigate DOLOS attacks.
Critical Analysis
The paper provides a thorough technical explanation of the DOLOS system and its ability to trick Wi-Fi APs into incorrectly estimating user locations. The researchers have demonstrated the feasibility of their approach through both simulations and real-world experiments, which is a strength of the work.
However, the paper does not fully address the potential ethical and privacy concerns associated with DOLOS. While the researchers acknowledge that DOLOS could be used for privacy-preserving purposes, they also note that it could be exploited by attackers for malicious ends, such as surveillance or location tracking. The paper could have benefited from a more in-depth discussion of these ethical implications and potential countermeasures.
Additionally, the paper does not explore the limitations and robustness of the DOLOS system in depth. For example, it is unclear how DOLOS would perform in more complex indoor environments with multiple APs, or how it would fare against more advanced positioning algorithms that incorporate additional sensor data or contextual information.
Further research could investigate these areas and provide a more comprehensive understanding of the strengths and weaknesses of the DOLOS approach. Overall, the paper presents an intriguing technical advance, but more work is needed to fully address the broader implications and limitations of this type of location spoofing technology.
Conclusion
The DOLOS system proposed in this paper demonstrates a novel way to trick Wi-Fi access points into incorrectly estimating user locations. By manipulating the wireless signals received by the APs, DOLOS can cause them to believe a user is situated at a different position than their actual location.
This research highlights a potential vulnerability in the indoor positioning algorithms used by many Wi-Fi-based location tracking systems. While DOLOS could be used for privacy-preserving purposes, the paper also acknowledges that it could be exploited by attackers for malicious ends, such as surveillance or location tracking.
Further research is needed to fully understand the limitations and broader implications of this type of location spoofing technology. Addressing the ethical concerns and exploring more advanced countermeasures will be important steps in ensuring the responsible development and deployment of such systems.
This summary was produced with help from an AI and may contain inaccuracies - check out the links to read the original source documents!
Related Papers
0
DOLOS: Tricking the Wi-Fi APs with Incorrect User Locations
Aditya Arun, Vaibhav Anand, Wei Sun, Roshan Ayyalasomayajula, Dinesh Bharadia
Wi-Fi-based indoor localization has been extensively studied for context-aware services. As a result, the accurate Wi-Fi-based indoor localization introduces a great location privacy threat. However, the existing solutions for location privacy protection are hard to implement on current devices. They require extra hardware deployment in the environment or hardware modifications at the transmitter or receiver side. To this end, we propose DOLOS, a system that can protect the location privacy of the Wi-Fi user with a novel signal obfuscation approach. DOLOSis a software-only solution that can be deployed on existing protocol-compliant Wi-Fi user devices. We provide this obfuscation by invalidating a simple assumption made by most localization systems -- direct path signal arrives earlier than all the reflections to distinguish this direct path prior to estimating the location. However, DOLOS creates a novel software fix that allows the user to transmit the signal wherein this direct path arrives later, creating ambiguity in the location estimates. Our experimental results demonstrate DOLOS can degrade the localization accuracy of state-of-art systems by 6x for a single AP and 2.5x for multiple AP scenarios, thereby protecting the Wi-Fi user's location privacy without compromising the Wi-Fi communication performance.
Read more7/24/2024
🧠
0
SENTINEL: Securing Indoor Localization against Adversarial Attacks with Capsule Neural Networks
Danish Gufran, Pooja Anandathirtha, Sudeep Pasricha
With the increasing demand for edge device powered location-based services in indoor environments, Wi-Fi received signal strength (RSS) fingerprinting has become popular, given the unavailability of GPS indoors. However, achieving robust and efficient indoor localization faces several challenges, due to RSS fluctuations from dynamic changes in indoor environments and heterogeneity of edge devices, leading to diminished localization accuracy. While advances in machine learning (ML) have shown promise in mitigating these phenomena, it remains an open problem. Additionally, emerging threats from adversarial attacks on ML-enhanced indoor localization systems, especially those introduced by malicious or rogue access points (APs), can deceive ML models to further increase localization errors. To address these challenges, we present SENTINEL, a novel embedded ML framework utilizing modified capsule neural networks to bolster the resilience of indoor localization solutions against adversarial attacks, device heterogeneity, and dynamic RSS fluctuations. We also introduce RSSRogueLoc, a novel dataset capturing the effects of rogue APs from several real-world indoor environments. Experimental evaluations demonstrate that SENTINEL achieves significant improvements, with up to 3.5x reduction in mean error and 3.4x reduction in worst-case error compared to state-of-the-art frameworks using simulated adversarial attacks. SENTINEL also achieves improvements of up to 2.8x in mean error and 2.7x in worst-case error compared to state-of-the-art frameworks when evaluated with the real-world RSSRogueLoc dataset.
Read more7/17/2024
310
Surveilling the Masses with Wi-Fi-Based Positioning Systems
Erik Rye, Dave Levin
Wi-Fi-based Positioning Systems (WPSes) are used by modern mobile devices to learn their position using nearby Wi-Fi access points as landmarks. In this work, we show that Apple's WPS can be abused to create a privacy threat on a global scale. We present an attack that allows an unprivileged attacker to amass a worldwide snapshot of Wi-Fi BSSID geolocations in only a matter of days. Our attack makes few assumptions, merely exploiting the fact that there are relatively few dense regions of allocated MAC address space. Applying this technique over the course of a year, we learned the precise locations of over 2 billion BSSIDs around the world. The privacy implications of such massive datasets become more stark when taken longitudinally, allowing the attacker to track devices' movements. While most Wi-Fi access points do not move for long periods of time, many devices -- like compact travel routers -- are specifically designed to be mobile. We present several case studies that demonstrate the types of attacks on privacy that Apple's WPS enables: We track devices moving in and out of war zones (specifically Ukraine and Gaza), the effects of natural disasters (specifically the fires in Maui), and the possibility of targeted individual tracking by proxy -- all by remotely geolocating wireless access points. We provide recommendations to WPS operators and Wi-Fi access point manufacturers to enhance the privacy of hundreds of millions of users worldwide. Finally, we detail our efforts at responsibly disclosing this privacy vulnerability, and outline some mitigations that Apple and Wi-Fi access point manufacturers have implemented both independently and as a result of our work.
Read more5/27/2024
0
Wireless Channel Aware Data Augmentation Methods for Deep Leaning-Based Indoor Localization
Omer Gokalp Serbetci, Daoud Burghal, Andreas F. Molisch
Indoor localization is a challenging problem that - unlike outdoor localization - lacks a universal and robust solution. Machine Learning (ML), particularly Deep Learning (DL), methods have been investigated as a promising approach. Although such methods bring remarkable localization accuracy, they heavily depend on the training data collected from the environment. The data collection is usually a laborious and time-consuming task, but Data Augmentation (DA) can be used to alleviate this issue. In this paper, different from previously used DA, we propose methods that utilize the domain knowledge about wireless propagation channels and devices. The methods exploit the typical hardware component drift in the transceivers and/or the statistical behavior of the channel, in combination with the measured Power Delay Profile (PDP). We comprehensively evaluate the proposed methods to demonstrate their effectiveness. This investigation mainly focuses on the impact of factors such as the number of measurements, augmentation proportion, and the environment of interest impact the effectiveness of the different DA methods. We show that in the low-data regime (few actual measurements available), localization accuracy increases up to 50%, matching non-augmented results in the high-data regime. In addition, the proposed methods may outperform the measurement-only high-data performance by up to 33% using only 1/4 of the amount of measured data. We also exhibit the effect of different training data distribution and quality on the effectiveness of DA. Finally, we demonstrate the power of the proposed methods when employed along with Transfer Learning (TL) to address the data scarcity in target and/or source environments.
Read more8/29/2024