A wireless LAN-based indoor positioning technology
IBM Journal of Research and Development
Distance enlargement and reduction attacks on ultrasound ranging
Proceedings of the 3rd international conference on Embedded networked sensor systems
Proximity Based Access Control in Smart-Emergency Departments
PERCOMW '06 Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops
Attacks on time-of-flight distance bounding channels
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Proximity-based access control for implantable medical devices
Proceedings of the 16th ACM conference on Computer and communications security
Location and Navigation Support for Emergency Responders: A Survey
IEEE Pervasive Computing
Effectiveness of distance-decreasing attacks against impulse radio ranging
Proceedings of the third ACM conference on Wireless network security
ID-based secure distance bounding and localization
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
On the security issues of NFC enabled mobile phones
International Journal of Internet Technology and Secured Transactions
Realization of RF distance bounding
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Experimental analysis of IEEE 802.15.4a CSS ranging and its implications
Computer Communications
So near and yet so far: distance-bounding attacks in wireless networks
ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Survey of Wireless Indoor Positioning Techniques and Systems
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
IEEE 802.15.4a CSS-based mobile object locating system using sequential Monte Carlo method
Computer Communications
| Hi-index | 0.00 |
Chirp signals have been extensively used in radar and sonar systems to determine distance, velocity and angular position of objects and in wireless communications as a spread spectrum technique to provide robustness and high processing gain. Recently, several standards have adopted chirp spread spectrum (CSS) as an underlying physical-layer scheme for precise, low-power and low-complexity real-time localization. While CSS-based ranging and localization solutions have been implemented and deployed, their security has so far not been analyzed. In this work, we analyze CSS-based ranging and localization systems. We focus on distance decreasing relay attacks that have proven detrimental for the security of proximity-based access control systems (e.g., passive vehicle keyless entry and start systems). We describe a set of distance decreasing attacks realizations and verify their feasibility by simulations and experiments on a commercial ranging system. Our results demonstrate that an attacker is able to effectively reduce the distance measured by chirp-based ranging systems from 150 m to 600 m depending on chirp configuration. Finally, we discuss possible countermeasures against these attacks.