AndroCon: Conning Location Services in Android

Abstract: Mobile device hackers often target ambient sensing, human activity identification, and interior floor mapping. In addition to overt signals like microphones and cameras, covert channels like WiFi, Bluetooth, and augmented GPS signal strengths have been employed to gather this information. Until date, passive, receive-only satellite GPS sensing relied solely on signal strength and location information. This paper demonstrates that semi-processed GPS data (39 features) accessible to apps since Android 7 with precise location permissions can be used as a highly accurate leaky channel for sensing ambient, recognising human activity, and mapping indoor spaces (99%+ accuracy). This report describes a longitudinal research that used semi-processed GPS readings from mobile devices throughout a 40,000 sq. km region for a year. Data was acquired from aeroplanes, cruise ships, and high-altitude places. To retain crucial information, we analyse all satellite GPS signals and select the best characteristics using cross-correlation analysis. Our work, AndroCon, combines lin-ear discriminant analysis, unscented Kalman filtering, gradient boosting, and random forest learning to provide an accurate ambient and human activity sensor. At AndroCon, basic ML algorithms are used for discreet and somewhat explainable outcomes. We can readily recognise challenging situations, such as being in a subway, when someone is waving a hand in front of a mobile device, in front of a stairway, or with others present (not always carrying phones). This is the most extensive study on satellite GPS-based sensing as of yet.

• The paper demonstrates that semi-processed GPS data can be exploited using ML techniques for ambient sensing and activity recognition.
• It employs ML models including Random Forests, KNN, and SVM, achieving accuracies up to 99.6% for environment sensing and 87% for activity classification.
• The study reveals critical privacy vulnerabilities affecting up to 90% of Android users, urging enhanced data security and permission protocols.

Overview of "AndroCon: Conning Location Services in Android"

The paper "AndroCon: Conning Location Services in Android" by Soham Nag and Smruti R. Sarangi elaborates on the significant privacy risks posed by location-based services (LBS) through the largely unexplored potential of exploiting semi-processed Global Positioning System (GPS) data on Android devices. The authors propose a novel methodology, termed AndroCon, which employs ML techniques to utilize the GPS data for ambient sensing, human activity recognition (HAR), and indoor floor mapping without the user’s consent or awareness, thereby posing substantial privacy concerns.

Methodology

AndroCon is predicated on leveraging semi-processed GPS data introduced with Android 7, which, when manipulated skillfully, can reveal a user’s surroundings and activities. The authors employed basic ML techniques such as random forests and linear boosting to enable the extraction of these insights from features derived from semi-processed GPS data. The study identifies relevant features through cross-correlation analyses and employs feature reduction techniques to enhance the model's efficacy.

Data Collection and Noise Mitigation

Data was logged using various Android phones across a range of environments, including large open spaces and indoor settings, utilizing semi-processed GPS data to collect signal characteristics like Doppler shifts, signal-to-noise ratio (SNR), and pseudorange measurements. To account for the noise inherent in such data due to multi-path effects and interference, the study makes use of an Unscented Kalman Filter (UKF). This approach maintains the critical elements of the signal necessary for accurate characterization and ambient sensing.

ML Models and Classification

The core of the AndroCon model involves various ML algorithms such as Random Forest, K-Nearest Neighbors (KNN), and Support Vector Machines (SVM), focusing on optimizing parameters for high accuracy in diverse settings. Through rigorous cross-validation and testing on both real-world and synthetic datasets, the study achieves remarkable accuracy rates: 99.6% for sensing user environment and 87% for user activities.

Results and Implications

The findings demonstrate that semi-processed GPS data alone suffices to discern between activities such as sitting, standing, or being in transit, and further to map indoor environments with acceptable error margins. This implies the potential for malicious exploitation of these data channels, given that such analysis can occur without requiring additional permissions beyond those typically granted for convenience applications like location-based services.

Privacy Concerns

The paper emphasizes the pressing issue of privacy, as Android applications can misuse GPS data, potentially exploiting the ACCESS_FINE_LOCATION permission to surreptitiously gather semi-processed GPS data. This vulnerability currently affects up to 90% of Android users, providing an opportunity for applications to jeopardize user privacy significantly through unauthorized ambient sensing and activity routing.

Future Research Directions

The implications of this study suggest a need for further research into secure handling of semi-processed GPS data, alongside investigation into more sophisticated noise-reduction techniques to refine ambient and activity recognition models. The continued evolution of AI and ML models offers opportunities to perhaps counter such privacy risks by developing advanced anomaly-detection frameworks that could alert users to suspicious app behaviors utilizing Bluetooth, WiFi, or GPS permissions in unforeseen ways.

Conclusion

Overall, the research presented exemplifies the nuanced and potentially intrusive applications of seemingly innocuous data access permissions in Android systems. It calls upon researchers, software developers, and privacy advocates to engage in developing comprehensive security protocols and user education strategies aimed at mitigating these emergent risks, without necessarily hindering the advancements in LBS technology and the concomitant user convenience they offer.