Location Privacy Violation via GPS-agnostic Smart Phone Car Tracking

Abstract

Smart phones nowadays are equipped with global positioning systems (GPS) chips to enable navigation and location-based services. A malicious app with the access to GPS data can easily track the person who carries the smart phone. People may disable the GPS module and turn it on only when necessary to protect their location privacy. However, in this paper, we demonstrate that an attacker is still able to track a person by using the embedded magnetometer sensor in victim's smart phone, even when the GPS module is disabled all the time. Moreover, this attack neither requests user permissions related to locations for installation, nor does its operation rely on wireless signals like WiFi positioning or suffer from signal propagation loss. Only the angles of a car's turning measured by the magnetometer sensor of a driver's smart phone are utilized. Without loss of generality, we focus on car tracking, since cars are popular transportation tools in developed countries, where smart phones are commonly used. Inspired by the intuition that a car may exhibit different turning angles at different road intersections, we find that an attacker can match car turning angles to a map to infer the actual path that the driver takes. We address technical challenges about car turn angle extraction, map database construction, and path matching algorithm design to make this attack practical and efficient. We also perform an evaluation using real-world driving paths to verify the relationship between the numbers of turns and the time cost of the matching algorithm. The results show that it is possible for attacker to precisely pinpoint the actual path when the driving path includes 11 turns or more. More simulations are performed to demonstrate the attack with lager selected local areas.