Sybil-Based Attacks on Google Maps or How to Forge the Image of City Life

Abstract

Location-based services (LBS) increasingly rely on participatory or crowd-sensed data: users voluntarily contribute data about their whereabouts and points of interest (POIs) and allow the LBS to capture the dynamically changing environment, e.g., how crowded specific places, streets, or public transportation are. Popular LBS applications do not offer strong security, less so for their participatory sensing (PS) and data contribution part. Openness favors participation and increases data, but it also makes attacks easier. Sporadic misbehavior incidents and the presumed user honesty should not be reassuring: an attacker could exploit the PS components and submit a large volume of forged data to dominate the PS-collected LBS data, locally or at a large scale. Individuals, organizations, or entire areas could be targeted, e.g., having customers diverted or causing public transportation routes or roads to appear congested. The lingering open question is whether such attacks can be perpetrated against well-established popular LBS with PS components. This paper affirms this: we investigate Google Maps, the single most popular application in this domain, and show a range of effective and scalable attacks based on very modest adversarial assumptions. We reverse-engineer the data submission process and automate attacks that craft and submit false data in volume and a targeted fashion. We collect evidence that our attacks work on POI crowdedness, traffic congestion levels, and public transportation crowdedness with extreme caution. We responsibly disclosed the attacks to Google, acknowledged them and awarded recognition. The attack methodology carries over to other LBS applications but, most importantly, raises awareness and motivates countermeasures, which we also outline here, for stronger LBS and PS security overall.