Extracting user locations by analysing SMS timings
This post is references an external article or page. Consider it a bookmark, and in no way an endorsement of the article, author, or website. I frequently bookmark content I disagree with.
🔗 via arXiv.
Highlights
The core idea is that receiving an SMS inevitably generates Delivery Reports whose reception bestows a timing attack vector at the sender. We conducted experiments across various countries, operators, and devices to show that an attacker can deduce the location of an SMS recipient by analyzing timing measurements from typical receiver locations.
Our results show that, after training an ML model, the SMS sender can accurately determine multiple locations of the recipient. For example, our model achieves up to 96% accuracy for locations across different countries
Due to the way cellular networks are designed, it is difficult to prevent Delivery Reports from being returned to the originator making it challenging to thwart this covert attack without making fundamental changes to the network architecture
- This paper demonstrates an attack where the regular receipt of SMS messages allows an attacker to infer the recipient’s location using the timing of the message send and receipt.
- Through experiments conducted in various countries and on different devices, the paper shows that, after training a machine learning model, the sender can accurately determine the recipient’s multiple locations with up to 96% accuracy across countries.