Skip to main content
QUICK REVIEW

[Paper Review] Defending against Sybil Devices in Crowdsourced Mapping Services

Gang Wang, Bolun Wang|arXiv (Cornell University)|Aug 4, 2015
Privacy, Security, and Data Protection37 references20 citations
TL;DR

This paper proposes a defense against Sybil devices in crowdsourced mapping services like Waze using co-location edges—authenticated records of physical proximity between devices. By building large-scale proximity graphs from these edges, the system detects virtual vehicles (ghost riders) that cannot physically co-locate with real users, effectively mitigating large-scale attacks on traffic data integrity and user privacy.

ABSTRACT

Real-time crowdsourced maps such as Waze provide timely updates on traffic, congestion, accidents and points of interest. In this paper, we demonstrate how lack of strong location authentication allows creation of software-based {\em Sybil devices} that expose crowdsourced map systems to a variety of security and privacy attacks. Our experiments show that a single Sybil device with limited resources can cause havoc on Waze, reporting false congestion and accidents and automatically rerouting user traffic. More importantly, we describe techniques to generate Sybil devices at scale, creating armies of virtual vehicles capable of remotely tracking precise movements for large user populations while avoiding detection. We propose a new approach to defend against Sybil devices based on {\em co-location edges}, authenticated records that attest to the one-time physical co-location of a pair of devices. Over time, co-location edges combine to form large {\em proximity graphs} that attest to physical interactions between devices, allowing scalable detection of virtual vehicles. We demonstrate the efficacy of this approach using large-scale simulations, and discuss how they can be used to dramatically reduce the impact of attacks against crowdsourced mapping services.

Motivation & Objective

  • To identify and demonstrate the vulnerability of crowdsourced mapping services like Waze to Sybil attacks via software-emulated virtual devices.
  • To show that attackers can create large armies of ghost riders to forge traffic events, manipulate routing, and silently track real users’ movements.
  • To develop a practical, scalable defense mechanism that does not rely on specialized hardware or infrastructure modifications.
  • To enable detection of Sybil devices by leveraging physical co-location evidence to build proximity graphs over time.
  • To validate the approach through large-scale simulations and real-world experimentation with minimal impact on real users.

Proposed method

  • Introduce co-location edges as cryptographically authenticated records of one-time physical proximity between two mobile devices.
  • Use opportunistic triggers—such as Waze’s existing peer-to-peer communication— to generate co-location edges when devices are in close physical proximity.
  • Construct a dynamic proximity graph over time, where nodes represent devices and edges represent verified co-location events.
  • Apply graph-based Sybil detection algorithms to identify subgraphs with high internal connectivity but low external connectivity, indicating potential Sybil clusters.
  • Leverage peer-to-peer trust propagation to extend detection coverage without requiring centralized infrastructure or device modifications.
  • Ensure privacy and scalability by limiting data collection to proximity attestations and avoiding continuous tracking or location logging.

Experimental results

Research questions

  • RQ1Can software-based Sybil devices be created at scale to impersonate real vehicles in crowdsourced mapping services?
  • RQ2To what extent can Sybil devices manipulate traffic data and track real users without detection?
  • RQ3Can co-location edges be used to build scalable proximity graphs that distinguish real devices from virtual Sybil devices?
  • RQ4How effective is the proximity graph-based detection mechanism in identifying large-scale Sybil attacks in real-world conditions?
  • RQ5Can this defense be deployed without requiring hardware modifications or widespread infrastructure changes?

Key findings

  • A single Sybil device can generate false congestion and accident reports, significantly disrupting routing decisions in Waze.
  • Attackers can create armies of ghost riders using reverse-engineered APIs, enabling large-scale manipulation of traffic data with minimal resource cost.
  • Ghost riders can precisely track real users' movements over time, achieving high accuracy in mapping daily travel patterns.
  • The proximity graph built from co-location edges successfully detects Sybil clusters, as ghost riders cannot form direct physical co-location edges with real users.
  • Simulations show that the proposed defense drastically reduces the impact of Sybil attacks by isolating virtual devices through graph-based detection.
  • Experiments were conducted during low-traffic hours and in low-density areas to avoid affecting real users, with real-time monitoring to terminate if any legitimate users entered the test zone.

Better researchstarts right now

From paper design to paper writing, dramatically reduce your research time.

No credit card · Free plan available

This review was created by AI and reviewed by human editors.