Smartphone Location Spoofing Attack in Wireless Networks

GPS-free outdoor localization becomes popular because of the expanding scale of WiFi deployments in metropolitan areas. As a substitution or complement to the Global Positioning System (GPS), WiFi localization systems provide very accurate results in WiFi-rich area. However, the current WiFi localization systems are not robust to WiFi external signal attack. In this study, we implement a reverse engineering model to decode the Android WiFi localization system output. With the aid of reverse engineering mode, we implement both static and dynamic external signal attacks to make the smartphone believing it is located in another location or moving along the attacker's designed route using a portable programmed IoT device ESP8266. We also demonstrate that the WiFi based localization and navigation are vulnerable to external signal attacks by testing this attack on Android smartphone. Finally, we discuss the possible defense solutions and the future work. Our study indicates the smartphone is vulnerable to external signal attacks and there is an urgent need for defense solutions.