In fact, the researchers believe that PinMe could be used as an alternative to GPS in situations where GPS cannot be trusted due to possible signal spoofing. “Our experimental results indicate that, without knowing the initial location, PinMe was able to return a single accurate driving path that is very similar to the trajectory provided by GPS readings,” the researchers noted. The system uses different characteristics to infer the activity of the target (walking, traveling by plane, car or train) and different algorithms for each activity to discover the target’s destination or last location. Transport timetables (available online in various forms and often through various APIs).Trains’ heading databases (The researchers constructed one based on Google Map).Airports’ specifications databases (PinMe uses OpenFlights).Navigational and elevation maps (PinMe uses OpenStreetMap and the Google Map API) The publicly-available auxiliary information includes information from: The researchers used an app that doesn’t have access to GPS and has no permission to query the identity of visible cellular base stations or the service set identifier (SSID) of visible WiFi networks.
The non-sensory and sensory data needed is stored on users’ smartphones and can be easily accessed by any app without the user’s approval, which means that the data can be captured through a malicious app or harvested from databases of many legitimate fitness monitoring apps. As it turns out, turning off location services (e.g., GPS) on your smartphone doesn’t mean an attacker can’t use the device to pinpoint your location.Ī group of Princeton University researchers has devised of a novel user-location mechanism that exploits non-sensory and sensory data stored on the smartphone (the environment’s air pressure, the device’s heading, timezone, network status, IP address, etc.) and publicly-available information to estimate the user’s location.
0 kommentar(er)
