A Location-Privacy Threat Stemming from the Use of Shared Public IP AddressesReportar como inadecuado

A Location-Privacy Threat Stemming from the Use of Shared Public IP Addresses - Descarga este documento en PDF. Documentación en PDF para descargar gratis. Disponible también para leer online.

* Corresponding author 1 LCA - Laboratory for Computer Communications and Applications 2 Kudelski Security 3 UIUC - Department of Computer Science UIUC

Abstract : This paper presents a concrete and widespread example of situation where a user-s location privacy is unintentionally compromised by others, specifically the location-privacy threat that exists at access points public hotspots, FON, home routers, etc. that have a single public IP and make use of network address translation NAT. As users connected to the same hotspot share a unique public IP address, a single user-s making a location-based request is enough to enable a service provider to map the IP address of the hotspot to its geographic coordinates, thus compromising the location privacy of all the other connected users. When successful, the service provider can locate users within a few hundreds of meters, thus improving over existing IP-location databases. Even in the case where IPs change periodically e.g., by using DHCP, the service provider is still able to update a previous IP, Location mapping by inferring IP changes from authenticated communications e.g., cookies. The contribution of this paper is three-fold: i We identify a novel location-privacy threat caused by shared public IPs in combination with NAT. ii We formalize and analyze the threat theoretically. In particular we derive and provide expressions of the probability that the service provider will learn the mapping and of the expected proportion of victims. iii We experimentally assess the state in practice by using real traces collected from deployed hotspots over a period of 23 days of users who accessed Google services. We also discuss how existing countermeasures can thwart the threat.

Keywords : Network Address Translation NAT IP-Geolocation Location Privacy

Autor: Nevena Vratonjic - Kévin Huguenin - Vincent Bindschaedler - Jean-Pierre Hubaux -

Fuente: https://hal.archives-ouvertes.fr/


Documentos relacionados