Exploiting Social Navigation
Meital Ben Sinai, Nimrod Partush, Shir Yadid, Eran Yahav
TL;DR
This paper demonstrates a Sybil attack on social navigation apps like Waze, showing how fake location reports can manipulate traffic data and routing, and discusses potential defenses involving additional carrier information.
Contribution
The paper introduces a novel Sybil attack method on social navigation systems and proposes mitigation strategies using extra carrier data.
Findings
The attack can successfully fake traffic jams and alter routing decisions.
Mitigation requires integrating additional carrier information.
The attack affects over 50 million users of Waze.
Abstract
We present an effective Sybil attack against social location based services. Our attack is based on creating a large number of reputed "bot drivers", and controlling their reported locations using fake GPS reports. We show how this attack can be used to influence social navigation systems by applying it to Waze - a prominent social navigation application used by over 50 million drivers. We show that our attack can fake traffic jams and dramatically influence routing decisions. We present several techniques for preventing the attack, and show that effective mitigation likely requires the use of additional carrier information.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Spam and Phishing Detection · Opportunistic and Delay-Tolerant Networks