Location verification of wireless internet clients: Evaluation and improvements
Client Presence Verification (CPV) was proposed in previous literature as a delay-based location verification algorithm that iteratively estimates Internet delays to corroborate assertions about a client's geographic presence in a prescribed region, e.g., before granting access to a location-based service. We evaluate CPV's performance in the presence of clients that use 802.11 networks by analyzing the following factors: the number of such clients in the network, how far adversaries are from their true locations, and the number of CPV iterations required to neutralize the effect of wireless networks. We use a mix of real-world traffic measurements from PlanetLab and existing wireless-delay probability models to create the evaluation datasets. The results indicate that, while wireless delays affect CPV's performance (e.g., from 3 to ∼ 4.7 percent false reject/accept rates), CPV can mitigate the impact of such delays by performing more delay measurements prior to location verification. This work highlights the importance of including mitigation capabilities while designing security-sensitive applications and protocols to deal with the effect of wireless delays. This will become increasingly important with the ubiquitous use of mobile devices that is expected to increase with the introduction of new computing and communication paradigms such as the Internet of Things.
|Keywords||Client presence verification (CPV), Location verification, Location-aware authentication, Wireless testing|
|Journal||IEEE Transactions on Emerging Topics in Computing|
Abdou, A. (Abdelrahman), Matrawy, A, & Van Oorschot, P. (2017). Location verification of wireless internet clients: Evaluation and improvements. IEEE Transactions on Emerging Topics in Computing, 5(4), 563–575. doi:10.1109/TETC.2016.2608827