IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Secure verification of location claims
WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Enabling new mobile applications with location proofs
Proceedings of the 10th workshop on Mobile Computing Systems and Applications
I am a sensor, and I approve this message
Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
Proceedings of the ACM SIGCOMM 2010 conference
VeriPlace: a privacy-aware location proof architecture
Proceedings of the 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems
Realization of RF distance bounding
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
The case for ubiquitous transport-level encryption
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
SSLShader: cheap SSL acceleration with commodity processors
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Location Cheating: A Security Challenge to Location-Based Social Network Services
ICDCS '11 Proceedings of the 2011 31st International Conference on Distributed Computing Systems
Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and Services
On the requirements for successful GPS spoofing attacks
Proceedings of the 18th ACM conference on Computer and communications security
Reasons, rewards, regrets: privacy considerations in location sharing as an interactive practice
Proceedings of the Eighth Symposium on Usable Privacy and Security
The shy mayor: private badges in geosocial networks
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
You unlocked the Mt. Everest badge on foursquare! Countering location fraud in Geosocial Networks
MASS '12 Proceedings of the 2012 IEEE 9th International Conference on Mobile Ad-Hoc and Sensor Systems (MASS)
| Hi-index | 0.00 |
The growing popularity of location-based services (LBS) has led to the emergence of an economy where users announce their location to their peers, indirectly advertising certain businesses. Venues attract customers through offers and discounts for users of such services. Unfortunately, this economy can become a target of attackers with the intent of disrupting the system for fun and, possibly, profit. This threat has raised the attention of LBS, which have invested efforts in preventing fake check-ins. In this paper, we create a platform for testing the feasibility of fake-location attacks, and present our case study of two popular services, namely Foursquare and Facebook Places. We discover their detection mechanisms and demonstrate that both services are still vulnerable. We implement an adaptive attack algorithm that takes our findings into account and uses information from the LBS at run-time, to maximize its impact. This strategy can effectively sustain mayorship in all Foursquare venues and, thus, deter legitimate users from participating. Furthermore, our experimental results validate that detection-based mechanisms are not effective against fake check-ins, and new directions should be taken for designing countermeasures. Hence, we implement a system that employs near field communication (NFC) hardware and a check-in protocol that is based on delegation and asymmetric cryptography, to eliminate fake-location attacks.