From an IP address to a street address: Using wireless signals to locate a target

Craig A. Shue, Nathanael Paul, Curtis R. Taylor

Research output: Contribution to conferencePaperpeer-review

10 Scopus citations

Abstract

How quickly can somebody convert an IP address of a target into a real-word street address? Law enforcement regularly has need to determine a suspect’s exact location when investigating crimes on the Internet. They first use geolocation software and databases to determine the suspect’s rough location. Recent research has been able to scope a targeted IP address to within a 690m (0.43 mile) radius circle, which is enough to determine the relevant law enforcement department that has jurisdiction. Unfortunately, investigators face a “last half mile” problem: their only mechanism to determine the exact address of the suspect is to subpoena the suspect’s Internet Service Provider, a process that can take weeks. Instead, law enforcement would rather locate the suspect within the hour with the hope of catching the suspect while the crime is still on-going, which leads to stronger evidence and straightforward prosecution. Given these time constraints, we investigate how quickly an adversary can locate a target without any special law enforcement powers. Instead, we leverage the use of ubiquitous wireless networks and a mobile physical observer that performs wireless monitoring (akin to “wardriving,” which seeks to search for wireless networks). We develop an approach that allows an adversary to send traffic to the target’s address that can be detected by the observer, even if wireless encryption is in use. We evaluated the approach in two common real-world settings. In one of these, a residential neighborhood, we used a single-blind trial in which an observer located a target network to within three houses in less than 40 minutes (with potential for more exact results using hardware such as directional antennas). This approach had only a 0.38% false positive rate, despite 24,000 observed unrelated packets and many unrelated networks. These results show significant promise for the geolocation strategy and demonstrate that adversaries with multiple potential observation points, such as law enforcement personnel, could quickly locate a target.

Original languageEnglish
StatePublished - 2013
Externally publishedYes
Event7th USENIX Workshop on Offensive Technologies, WOOT 2013 - Washington, United States
Duration: Aug 13 2013 → …

Conference

Conference7th USENIX Workshop on Offensive Technologies, WOOT 2013
Country/TerritoryUnited States
CityWashington
Period08/13/13 → …

Fingerprint

Dive into the research topics of 'From an IP address to a street address: Using wireless signals to locate a target'. Together they form a unique fingerprint.

Cite this