Smart phones, tablets, and wearable devices are equipped with Global Positioning System (GPS) sensors in order to obtain devices geographical location. Many conventional network-based applications provide the specific content and service to users according to their locations. The correctness of the location provided by the device's GPS module is certainly important to these Location-Based Service (LBS) providers. However, most service providers are unable to effectively authenticate GPS values provided by their users. This becomes an issue because device users can manipulate GPS values with their desired latitude and longitude through installing the specific firmware on their devices. For a popular LBS game like Pokemon GO, fake GPS values bring negative impact on the system stability and the fairness among other service users. This issue is so called "Fake GPS" problem. In this paper, we propose a pure network-based detection solution for the LBS provider who has to verify the correctness of their users' GPS values. Our mechanism is based on Internet Control Message Protocol (ICMP), and is able to provide the detection precision to state/city-level by using location-IP mappings of devices' edge routers. As a server side solution, our approach makes the malicious GPS manipulators more difficult to perform the trick. According to the implementation and experiment, the major contribution of FGDefender is that it does have better detection precision. Its server-side nature of deployment is competitive as well.
展开▼