论文信息 - DEMO: Far Away and Yet Nearby - A Framework for Practical Distance Fraud on Proximity Services for Mobile Devices

DEMO: Far Away and Yet Nearby - A Framework for Practical Distance Fraud on Proximity Services for Mobile Devices

Proximity services are widely used in mobile applications for fast and easy data transfer and control of various systems within a defined range. Authorization is achieved by proximity detection mechanisms that surrogate extensive pairing processes. In this work, we present our Nearby Distance Fraud Framework (NeDiFF) to investigate distance fraud on various proximity services. NeDiFF cheats on proximity checks in services as Google Nearby Messages, Chromecast guest mode and Android device location. Our results emphasize that proximity services currently used for mobile devices are prone to relay attacks and should not be used in security-sensitive applications.

Matthias Hollick | Daniel Steinmetzer | Markus Grau | Tobias Schultes

[1] Markus G. Kuhn,et al. So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[2] Srdjan Capkun,et al. Attacks on public WLAN-based positioning systems , 2009, MobiSys '09.

[3] Max Maass,et al. NFCGate: an NFC relay application for Android , 2015, WISEC.