device to identity linking attack using targeted
play

Device-to-Identity linking attack using targeted I T A N Wi-Fi - PowerPoint PPT Presentation

Aug 13, 2023 •487 likes •702 views

RECHERCHE N O Y L E D S E E U Q I L P P A S E C N E I C S S E D L A N O Device-to-Identity linking attack using targeted I T A N Wi-Fi geolocation spoofing T U T I T S N I C elestin Matte -

  1. RECHERCHE N O Y L E D S E ´ E U Q I L P P A S E C N E I C S S E D L A N O Device-to-Identity linking attack using targeted I T A N Wi-Fi geolocation spoofing T U T I T S N I C´ elestin Matte - Jagdish Achara - Mathieu Cunche ACM WiSec 2015

  2. Outline of the talk 1 Introduction 2 Background 3 Description of the attack 4 Tests and results 5 Conclusion 2 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  3. Introduction ◮ Mobile devices are trackable because they emit probe requests [2] ◮ But only through an “anonymous” identifier: the MAC address ◮ Is it really anonymous? ◮ Problem: given a mobile device identified by a Wi-Fi MAC address, find the identity of the owner of this device. ◮ Solution: attack on Wi-Fi-based Positioning Systems (WPS) ◮ Outcome: get personal information: identity of the device’s owner → account on geotagged services (example with Twitter) 3 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  4. Background ◮ Wi-Fi service discovery ◮ Wi-Fi based geolocation ◮ Spoofing geolocation 4 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  5. Background - Wi-Fi service discovery ◮ How do devices know which Wi-Fi access points (APs) are present? ◮ Two methods: ◮ passive discovery: APs broadcast beacons ◮ active discovery: devices send probe requests (with or without SSIDs), APs respond with probe responses 5 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  6. Background - Wi-Fi based geolocation ◮ One geolocation method uses visible access points to locate devices ◮ Mainly used when GPS is not available or not available yet (i.e., inside building), or to save battery Figure: Geolocation via trilateration based on visible Wi-Fi access points. 6 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  7. Background - spoofing geolocation Based on a previous work [3] 7 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  8. Description of the attack ◮ Targeted spoofing ◮ Description ◮ Testing WPS ◮ Implementation 8 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  9. Targeted spoofing ◮ Problem: original attack supposes that there is only one device in range. What if we want to target only one device among other ones? ◮ Passive discovery: ◮ Beacons are broadcast (destination address = ff:ff:ff:ff:ff:ff) ◮ Can it simply work without broadcast? (targeted destination address) ◮ Active discovery: ◮ simply reply to broadcast probe requests from only one device 9 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  10. Targeted spoofing ◮ Problem: original attack supposes that there is only one device in range. What if we want to target only one device among other ones? ◮ Passive discovery: ◮ Beacons are broadcast (destination address = ff:ff:ff:ff:ff:ff) ◮ Can it simply work without broadcast? (targeted destination address) ◮ Yes. ◮ Active discovery: ◮ simply reply to broadcast probe requests from only one device 10 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  11. Attacker model ◮ Two kind attackers: ◮ simple: physically close to the target, can only access public information ◮ powerful: also close to the target, but can access private information (no need to be “friend” with the target) 11 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  12. Description of the attack 7 WPS 8 3 2 6 4 victim 1 9 5 attacker 10 Figure: Description of the attack (dotted lines: optional) 12 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  13. Tests and results ◮ Testing geolocation spoofing on WPS ◮ Implementation ◮ Results - Example ◮ Results - discussion ◮ Testing the attack on different Android apps 13 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  14. Testing geolocation spoofing on WPS ◮ Can we avoid jamming? How do WPS react if we send AP from different locations? ◮ Evaluation on multiple WPS: GoogleGeoloc, Navizon, Skyhook ◮ Navizon takes history into account Fraction of successful attacks locations (%) Fraction of successful attacks locations (%) 100 100 80 80 60 60 40 40 20 20 0 0 0.0 0.5 1.0 1.5 2.0 2.5 0.0 0.5 1.0 1.5 2.0 Fake AP ratio R Fake AP ratio R Figure: Fraction of successful attacks: number of AP from original location over number of AP from destination location (left: Google geolocation API; right: Skyhook) 14 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  15. Implementation ◮ Some bash + perl + php scripts ◮ Does everything automatically ◮ Available on github [1] 15 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  16. Results - example Figure: The Twitter application, before and during the attack. 16 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  17. Results - discussion ◮ Tested on Android and iOS ◮ Never worked on iOS ◮ No need to jam legitimate APs ◮ ...But: does not always work, mainly depending on the number of real access points, and the distance of the fake location 17 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  18. Testing the attack on different Android apps Figure: Result of the Wi-Fi geolocation spoofing on selected Android applications 18 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  19. Conclusion ◮ Attack on Wi-Fi-based positioning systems ◮ Contributions: jamming not necessary, targeted attack → allow full attack ◮ Generate a fake Wi-Fi environment ◮ Get user information: account name on applications publishing location ◮ Evaluated the attack on various WPS and Android apps 19 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

  20. Bibliography Public repository of the test script. https://github.com/Perdu/geoloc_attack , consulted on 2014.04.07. M. Cunche, M. A. Kaafar, and R. Boreli. I know who you will meet this evening! linking wireless devices using wi-fi probe requests. In World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2012 IEEE International Symposium on a , pages 1–9. IEEE, 2012. N. O. Tippenhauer, K. B. Rasmussen, C. P¨ opper, and S. ˇ Capkun. Attacks on public wlan-based positioning systems. In Proceedings of the 7th international conference on Mobile systems, applications, and services , pages 29–40. ACM, 2009. 20 / 20 Matte C´ elestin - APVP 2014 - 2014.12.05

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Identity Linking Identity Linking An Alternative to Merging An Alternative to Merging A

Identity Linking Identity Linking An Alternative to Merging An Alternative to Merging A

Identity Linking Identity Linking An Alternative to Merging An Alternative to Merging A comprehensive model for A comprehensive model for sharing genealogical evidence sharing genealogical evidence extracts and extracts and

166 views • 12 slides
Heat-ray: Combating Identity Snowball Attacks Using Machine Learning, Combinatorial Optimization

Heat-ray: Combating Identity Snowball Attacks Using Machine Learning, Combinatorial Optimization

Heat-ray: Combating Identity Snowball Attacks Using Machine Learning, Combinatorial Optimization and Attack Graphs John Dunagan, Alice Zheng Microsoft Research Dan Simon Microsoft 1 Outline Problem Define identity snowball attack

374 views • 24 slides
Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux 1 , 2 ,

Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux 1 , 2 ,

Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux 1 , 2 , Damian Vizr 1 1 EPFL, Switzerland 2 Kudelski Security Wednesday 8 th March, 2017 This work was partially supported by Microsoft Research. G.

1.02k views • 45 slides
Mobile Device Attributes Validation MDAV International Identity Summit University of

Mobile Device Attributes Validation MDAV International Identity Summit University of

Mobile Device Attributes Validation MDAV International Identity Summit University of Washington 6-7 August 2018 Steve Wilson ValidIDy Acknowledgement Information in this presentation and/or video is based on research funded by the U.S.

443 views • 13 slides
Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux, Damian

Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux, Damian

Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux, Damian Vizr EPFL, Switzerland Wednesday 8 th March, 2017 This work was partially supported by Microsoft Research. G. Endignoux, D. Vizr (EPFL)

819 views • 45 slides
BOOM! BOOM! BOOM! BOOM! Linking Technology to RTI & PBS PBS RTI Connection 3-

BOOM! BOOM! BOOM! BOOM! Linking Technology to RTI & PBS PBS RTI Connection 3-

BOOM! BOOM! BOOM! BOOM! Linking Technology to RTI & PBS PBS RTI Connection 3- Intensive Individual Intervention 2 Targeted Small Group Instruction 1 Core Classroom Instruction PBS Implementation - 2006 Building-wide

785 views • 16 slides

About Us Focus on targeted attack investigation, incident response, and threat solution research for more than 15 years

1.03k views • 59 slides
User & Device Identity For Microservices @ Netflix Scale Satyajit Thadeshwar QCon San

User & Device Identity For Microservices @ Netflix Scale Satyajit Thadeshwar QCon San

User & Device Identity For Microservices @ Netflix Scale Satyajit Thadeshwar QCon San Francisco 2019 Logged out? #$%&! User & Device Identity for Microservices @ Netflix Scale Satyajit Thadeshwar Logged out? #$%&! User

1.28k views • 109 slides
Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes Identity theft can cost you time and money. Tips for Preventing Identity Theft

322 views • 10 slides
Threats to Mobile Devices Possible attack threats to mobile devices Network exploit

Threats to Mobile Devices Possible attack threats to mobile devices Network exploit

Threats to Mobile Devices Possible attack threats to mobile devices Network exploit Hackers takes advantage of vulnerability or flaw of users web browser on mobile device in WiFi communication to attack victims. Hackers send

464 views • 30 slides
Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase Automation and Security. Identity Management (IAM, IdM) defining and managing the roles and access privileges of individual network users, and the

2.89k views • 13 slides
Protecting Vulnerable Communities from Targeted Violence and Mass Casualty Attacks Cole Bligh,

Protecting Vulnerable Communities from Targeted Violence and Mass Casualty Attacks Cole Bligh,

Protecting Vulnerable Communities from Targeted Violence and Mass Casualty Attacks Cole Bligh, Elisavet Gallou, James N. Robinson III, Yuqing Zhou Importance May 2014 : A lethal terrorist attack on the Jewish Museum in Brussels denotes a

629 views • 9 slides
IDENTITY What is the Relationship Between Identity and the College Experience? What Role

IDENTITY What is the Relationship Between Identity and the College Experience? What Role

2/15/2019 Jordan Truex Agenda or Summary Layout The Road to SelfAuthorship NonTraditional Students Effective Interview Strategies Meeting the Student Where They Are IDENTITY What is the Relationship Between Identity and the

367 views • 10 slides
Fo Four on Embedded Device ces with Strong Co Counter ermea measures es Ag Against S t

Fo Four on Embedded Device ces with Strong Co Counter ermea measures es Ag Against S t

Fo Four on Embedded Device ces with Strong Co Counter ermea measures es Ag Against S t Side-Channel Attack cks CHES 2017 September 26-28, Taipei, Taiwan Zhe Liu Patrick Longa Geovandro C. C. F. Pereira Oscar Reparaz

853 views • 49 slides
Nquire ask anything Anis Abboud, Chris Snyder, Mario Finelli Device 1 Device 2 Device 1

Nquire ask anything Anis Abboud, Chris Snyder, Mario Finelli Device 1 Device 2 Device 1

Nquire ask anything Anis Abboud, Chris Snyder, Mario Finelli Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2

821 views • 49 slides
Felicitt` a: Mussa, C. Bosco, V. Patti Visualizing and Estimating Happiness in and G. Ruffo

Felicitt` a: Mussa, C. Bosco, V. Patti Visualizing and Estimating Happiness in and G. Ruffo

Felicitt` a: Visualizing and Estimating Happiness in Italian Cities from Geotagged Tweets L. Allisio, V. Felicitt` a: Mussa, C. Bosco, V. Patti Visualizing and Estimating Happiness in and G. Ruffo Italian Cities from Geotagged Tweets

455 views • 24 slides
xBGP : When You Cant Wait for the IETF and Vendors Thomas Wirtgen , Quentin De Coninck, Randy

xBGP : When You Cant Wait for the IETF and Vendors Thomas Wirtgen , Quentin De Coninck, Randy

xBGP : When You Cant Wait for the IETF and Vendors Thomas Wirtgen , Quentin De Coninck, Randy Bush, Laurent Vanbever and Olivier Bonaventure 1 BGP enables routing on the Internet iBGP iBGP AS 3 iBGP eBGP iBGP AS 2 iBGP eBGP eBGP

684 views • 50 slides
Sharing with Parents on Helping Your Children Protect Their Personal Data Online Outline of

Sharing with Parents on Helping Your Children Protect Their Personal Data Online Outline of

Sharing with Parents on Helping Your Children Protect Their Personal Data Online Outline of Presentation Online Trends Online Opportunities and Potential Risks Protecting Personal Data Online MOEs Cyber Wellness Education

290 views • 27 slides
L I N K E D O P E N D ATA F O R E N E L E L E C T R I F I E D V E H I C L E C H A R G I N G

L I N K E D O P E N D ATA F O R E N E L E L E C T R I F I E D V E H I C L E C H A R G I N G

O P E N C O M PA N Y L I N K E D O P E N D ATA F O R E N E L E L E C T R I F I E D V E H I C L E C H A R G I N G N E T W O R K D E S I G N E D B Y R U N N I N G O N Read and Write Linked Data Triple Store with

600 views • 26 slides
From Smart Cities to Smart Neighbourhoods: Detecting Local Events from Social Media Yang Li and

From Smart Cities to Smart Neighbourhoods: Detecting Local Events from Social Media Yang Li and

From Smart Cities to Smart Neighbourhoods: Detecting Local Events from Social Media Yang Li and Alan F. Smeaton Insight Centre for Data Analytics Dublin City University Event Detection Research topic across many application areas Early work

607 views • 24 slides
Audience and the Use of Minority Languages on Twitter Dong Nguyen, D. Trieschnigg, and L.

Audience and the Use of Minority Languages on Twitter Dong Nguyen, D. Trieschnigg, and L.

Audience and the Use of Minority Languages on Twitter Dong Nguyen, D. Trieschnigg, and L. Cornips 1 Minority languages in social media 2 Minority languages in social media 3 Minority languages in social media the influence

303 views • 29 slides
2PM - 5PM Santa Barbara Room Outline Welcome & Introductions About EERI & The

2PM - 5PM Santa Barbara Room Outline Welcome & Introductions About EERI & The

LFE Post-Earthquake Reconnaissance Training Workshop Beki McElvain, Maggie Ortiz, and Omar Plata Earthquake Engineering Research Institute (EERI) Friday, June 29 2PM - 5PM Santa Barbara Room Outline Welcome & Introductions About

615 views • 49 slides
For audio, please make sure to also join the call. To view a copy of this license, visit

For audio, please make sure to also join the call. To view a copy of this license, visit

This work is licensed under the Creative Commons Attribution-Non Commercial 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain

818 views • 60 slides

More recommend