AndroCon: Conning Location Services in Android
Soham Nag, Smruti R. Sarangi
TL;DR
AndroCon demonstrates that semi-processed GPS data, available to Android apps with location permissions, can serve as a powerful covert ambient-sensing channel. By preprocessing with an Unscented Kalman Filter, reducing features with Linear Discriminant Analysis, and applying six ML classifiers to fused GPS parameters, the approach achieves ambient-class accuracies above 90% across diverse settings and HAR accuracies up to 87%, with indoor-floor layout estimation errors typically under 4 meters. The study encompasses year-long, large-area data collection from multiple devices and real-world environments, supplemented by synthetic datasets, confirming robustness and cross-device generalizability. These findings reveal a substantial privacy risk: even when devices are in flight mode and other sensors are disabled, adversaries can infer ambience, activities, and indoor layouts, underscoring the need for privacy-aware design and stricter data-access disclosures. AndroCon thus provides a comprehensive, end-to-end demonstration of GPS-based covert sensing, highlighting practical implications for Android permissions, defense strategies, and future research on mitigating semi-processed GNSS leakage.
Abstract
Mobile device hackers often target ambient sensing, human activity identification, and interior floor mapping. In addition to overt signals like microphones and cameras, covert channels like WiFi, Bluetooth, and augmented GPS signal strengths have been employed to gather this information. Until date, passive, receive-only satellite GPS sensing relied solely on signal strength and location information. This paper demonstrates that semi-processed GPS data (39 features) accessible to apps since Android 7 with precise location permissions can be used as a highly accurate leaky channel for sensing ambient, recognising human activity, and mapping indoor spaces (99%+ accuracy). This report describes a longitudinal research that used semi-processed GPS readings from mobile devices throughout a 40,000 sq. km region for a year. Data was acquired from aeroplanes, cruise ships, and high-altitude places. To retain crucial information, we analyse all satellite GPS signals and select the best characteristics using cross-correlation analysis. Our work, AndroCon, combines lin-ear discriminant analysis, unscented Kalman filtering, gradient boosting, and random forest learning to provide an accurate ambient and human activity sensor. At AndroCon, basic ML algorithms are used for discreet and somewhat explainable outcomes. We can readily recognise challenging situations, such as being in a subway, when someone is waving a hand in front of a mobile device, in front of a stairway, or with others present (not always carrying phones). This is the most extensive study on satellite GPS-based sensing as of yet.