https://arxiv.org/abs/2306.07695

Skip to main content
Cornell University
We are hiring

We gratefully acknowledge support from
the Simons Foundation and member institutions.
 
arxiv logo > cs > arXiv:2306.07695
[                    ]

Help | Advanced Search

[All fields        ]
Search
arXiv logo
Cornell University Logo
[                    ] GO
quick links

  * Login
  * Help Pages
  * About

Computer Science > Cryptography and Security

arXiv:2306.07695 (cs)
[Submitted on 13 Jun 2023]

Title:Freaky Leaky SMS: Extracting User Locations by Analyzing SMS
Timings

Authors:Evangelos Bitsikas, Theodor Schnitzler, Christina Popper,
Aanjhan Ranganathan
Download a PDF of the paper titled Freaky Leaky SMS: Extracting User
Locations by Analyzing SMS Timings, by Evangelos Bitsikas and 3 other
authors
Download PDF

    Abstract: Short Message Service (SMS) remains one of the most
    popular communication channels since its introduction in 2G
    cellular networks. In this paper, we demonstrate that merely
    receiving silent SMS messages regularly opens a stealthy
    side-channel that allows other regular network users to infer the
    whereabouts of the SMS recipient. The core idea is that receiving
    an SMS inevitably generates Delivery Reports whose reception
    bestows a timing attack vector at the sender. We conducted
    experiments across various countries, operators, and devices to
    show that an attacker can deduce the location of an SMS recipient
    by analyzing timing measurements from typical receiver locations.
    Our results show that, after training an ML model, the SMS sender
    can accurately determine multiple locations of the recipient. For
    example, our model achieves up to 96% accuracy for locations
    across different countries, and 86% for two locations within
    Belgium. Due to the way cellular networks are designed, it is
    difficult to prevent Delivery Reports from being returned to the
    originator making it challenging to thwart this covert attack
    without making fundamental changes to the network architecture.

Subjects: Cryptography and Security (cs.CR)
Cite as:  arXiv:2306.07695 [cs.CR]
          (or arXiv:2306.07695v1 [cs.CR] for this version)
          https://doi.org/10.48550/arXiv.2306.07695
          Focus to learn more
          arXiv-issued DOI via DataCite

Submission history

From: Evangelos Bitsikas [view email]
[v1] Tue, 13 Jun 2023 11:20:18 UTC (14,838 KB)
Full-text links:

Download:

  * Download a PDF of the paper titled Freaky Leaky SMS: Extracting
    User Locations by Analyzing SMS Timings, by Evangelos Bitsikas
    and 3 other authors
    PDF
  * Other formats

[by-4]
Current browse context:
cs.CR
< prev   |   next >
new | recent | 2306
Change to browse by:
cs

References & Citations

  * NASA ADS
  * Google Scholar
  * Semantic Scholar

a export BibTeX citation Loading...

BibTeX formatted citation

x
[loading...          ]
Data provided by:

Bookmark

BibSonomy logo Reddit logo
(*) Bibliographic Tools

Bibliographic and Citation Tools

[ ] Bibliographic Explorer Toggle
Bibliographic Explorer (What is the Explorer?)
[ ] Litmaps Toggle
Litmaps (What is Litmaps?)
[ ] scite.ai Toggle
scite Smart Citations (What are Smart Citations?)
( ) Code, Data, Media

Code, Data and Media Associated with this Article

[ ] DagsHub Toggle
DagsHub (What is DagsHub?)
[ ] Links to Code Toggle
Papers with Code (What is Papers with Code?)
[ ] ScienceCast Toggle
ScienceCast (What is ScienceCast?)
( ) Demos

Demos

[ ] Replicate Toggle
Replicate (What is Replicate?)
[ ] Spaces Toggle
Hugging Face Spaces (What is Spaces?)
( ) Related Papers

Recommenders and Search Tools

[ ] Link to Influence Flower
Influence Flower (What are Influence Flowers?)
[ ] Connected Papers Toggle
Connected Papers (What is Connected Papers?)
[ ] Core recommender toggle
CORE Recommender (What is CORE?)

  * Author
  * Venue
  * Institution
  * Topic

( ) About arXivLabs

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and
share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have
embraced and accepted our values of openness, community, excellence,
and user data privacy. arXiv is committed to these values and only
works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community?
Learn more about arXivLabs.

Which authors of this paper are endorsers? | Disable MathJax (What is
MathJax?)

  * About
  * Help

  * Click here to contact arXiv Contact
  * Click here to subscribe Subscribe

  * Copyright
  * Privacy Policy

  * Web Accessibility Assistance
  * arXiv Operational Status
    Get status notifications via email or slack