Ghost Riders: Sybil Attacks on Crowdsourced Mobile Mapping Services

Wang, Gang; Wang, Bolun; Wang, Tianyi; Nika, Ana; Zheng, Haitao; Zhao, Ben Y.

doi:10.1109/tnet.2018.2818073

Cited by 42 publications

(16 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Those selected for full review were perceived to potentially include all these areas. However, only one paper was found to address vulnerabilities of a modern travel/navigation service [22] in which the authors explored security vulnerabilities of the Waze app. They were able to spoof vehicles to manipulate congestion predictions and affect routing and were also able to track individual users through unique identifiers used by Waze.…”

Section: Resultsmentioning

confidence: 99%

Towards an Understanding of Emerging Cyber Security Threats in Mapping the IoT

Shaw

Mikusz

Trotter

et al. 2019

Living in the Internet of Things (IoT 2019)

View full text Add to dashboard Cite

The increase in IoT sensing and actuating devices that are seamlessly integrated into the environment is often leading to a mistrust of users as it becomes impossible to spot deployed IoT devices and understand their purposes and capabilities. One approach is to provide an appropriate mechanism of mapping the IoT and address stakeholder requirements. However, providing comprehensive maps of the IoT may expose a number of vulnerabilities that need to be addressed. We conducted a comprehensive literature survey outlining the limitations of the existing body of work regarding the mapping of the IoT and conducting an appropriate threat analysis. We subsequently applied the STRIDE model to two case studies (smart campus and urban environment) to identify a set of potential vulnerabilities and approaches at addressing these issues in the context of IoT maps.

show abstract

Section: Resultsmentioning

confidence: 99%

Towards an Understanding of Emerging Cyber Security Threats in Mapping the IoT

Shaw

Mikusz

Trotter

et al. 2019

Living in the Internet of Things (IoT 2019)

View full text Add to dashboard Cite

show abstract

“…The key idea is to let nodes vouch for each other's presence, form a graph of evidence of which nodes can attest to the physical presence of which other nodes, and perform Sybil detection on this graph. Techniques for doing this have been proposed in [7,19] which we detail next, as they are most similar to our proposed approach.…”

Section: Current State Of Countermeasuresmentioning

confidence: 99%

“…Unfortunately, this anonymity allows an adversary to participate in the network and employ deliberate disinformation, corrupting the Server's data and misguiding its decision-making. While this problem is fundamental to anonymous systems, it is greatly exacerbated in this case by the fact that messages do not even have to originate from physical devices [7]. An adversary in possession of multiple sensors may forge fake messages and inject them into the network at a purely-software level.…”

mentioning

confidence: 99%

Hunting Sybils in Participatory Mobile Consensus-Based Networks

Verchok

Orailoğlu

2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

We focus on detecting adversarial non-existent nodes, Sybils, in anonymized participatory mobile networks where nodes support both a node-to-server and peer-to-peer connection capabilities. As data-driven decisions within such networks typically rely on local consensuses, they are susceptible to adversarial injection attacks which impersonate honest nodes and overpower local data through forgery. First, we propose a scheme wherein nodes validate each other's presence through local peer-to-peer communication. We then observe a fundamental information asymmetry between Sybils and honest nodes, and argue that conventional Sybil detection techniques fail to exploit it. Thereupon, we propose a novel Sybil detection technique tailored to utilizing claimed location data, introduce a probabilistic framework for the problem, and design the statistical approach for finding Sybils. Finally, we compare our detection algorithm with existing methods through complex simulated Sybil scenarios. CCS CONCEPTS • Security and privacy → Intrusion detection systems; • Hardware → Sensor devices and platforms;

show abstract

“…These could be, of course, rooted smartphones, a smartphone emulator or a botnet. This way, the Mapping Services [32] has introduced and performed the sybil attack on Waze, a popular crowdsourced map service, by using an emulator to create the number of virtual devices and to use these virtual devices for reporting false congestion and accidents, and automatically rerouting user traffic.…”

Section: Hardened Registration Processmentioning

confidence: 99%

Hardened Registration Process for Participatory Sensing

Borsub

Papadimitratos

2018

Proceedings of the 11th ACM Conference on Security &Amp; Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

I would like to give special thanks to my examiner, Panos Papadimitratos, and my supervisor, Hongyu Jin, for all their support be it understanding, suggestions or guidance during all the phases of this work from the beginning until the end of the work. I would also like to thank people in Networked Systems Security Group at KTH who gave me commends and ideas to improve my work. Last but not least, I would like to thank Tattaton Mettaphun, Boonyakiat Rungsiwothinan, Wichapong Kua-Arun, Surapat Somsri, Nonthawun Junsrisuk, my family and my girlfriend who supported me during my endeavour of studying. Without their support, my Master's degree could not have been successfully completed.

show abstract

Ghost Riders: Sybil Attacks on Crowdsourced Mobile Mapping Services

Cited by 42 publications

References 33 publications

Towards an Understanding of Emerging Cyber Security Threats in Mapping the IoT

Towards an Understanding of Emerging Cyber Security Threats in Mapping the IoT

Hunting Sybils in Participatory Mobile Consensus-Based Networks

Hardened Registration Process for Participatory Sensing

Contact Info

Product

Resources

About