Users are Closer than they Appear: Protecting User Location from WiFi APs

TL;DR

This paper introduces MIRAGE, a system that leverages WiFi beamforming to protect user location privacy by obfuscating it from malicious access points without degrading communication performance.

Contribution

MIRAGE is the first system to use WiFi beamforming for user location obfuscation, enhancing privacy without impacting throughput.

Findings

Reduces attacker location accuracy from 2.3m to over 10m

No throughput degradation observed

Effective in real-world WiFi environments

Abstract

WiFi-based indoor localization has now matured for over a decade. Most of the current localization algorithms rely on the WiFi access points (APs) in the enterprise network to localize the WiFi user accurately. Thus, the WiFi user's location information could be easily snooped by an attacker listening through a compromised WiFi AP. With indoor localization and navigation being the next step towards automation, it is important to give users the capability to defend against such attacks. In this paper, we present MIRAGE, a system that can utilize the downlink physical layer information to create a defense against an attacker snooping on a WiFi user's location information. MIRAGE achieves this by utilizing the beamforming capability of the transmitter that is already part of the WiFi protocols. With this initial idea, we have demonstrated that the user can obfuscate his/her location from the WiFi AP always with no compromise to the throughput of the existing WiFi communication system and reduce the user location accuracy of the attacker from 2.3m to more than 10m.