Abstract
The widespread use of people-nearby services has spawned the development of social discovery applications that help users make new friends with nearby users (such as WeChat). Unfortunately, malicious third-parties can often deploy trilateration attacks to exploit people-nearby applications to determine the exact locations of target users, therefore compromising their privacy. In this paper, we revisit these localization attacks and propose a new two-step localization method that boosts the accuracy of the state of the art for the contemporary location-based social network (LBSN) services which have adopted the band-distance obfuscation to blur the location information. The basic idea is to first locate the target in a small circle with the radius of the band distance; then, refine the estimated location with sufficient queries which is driven by the required localization accuracy. We theoretically prove that our method is able to converge to pinpoint users with an upper bound of the complexity of our design. We also evaluate the performance of our model when considering different distribution errors, and finally show our localization method is robust with exciting accuracy and limited complexity through extensive simulation experiments. This attack can locate target users within 20 m with over \(95\%\) accuracy in most cases while the query-time is a limited value and can be roughly computed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Noack, R.: Could using gay dating app Grindr get you arrested in Egypt? The Washington Post, 12 September 2014
Paton, C.: Grindr urges LGBT community to hide their identities as Egypt persecutes nation’s gay community. The Independent, 26 September 2014
Li, M., Zhu, H., Gao, Z., Chen, S., Yu, L., Hu, S., Ren, K.: All your location are belong to us: breaking mobile social networks for automated user location tracking. In: 15th ACM International Symposium on Mobile Ad Hoc Networking and Computing, pp. 43–52 (2014)
Polakis, I., Argyros, G., Petsios, T., Sivakorn, S., Keromytis, A.D.: Where’s wally?: Precise user discovery attacks in location proximity services. In: ACM SIGSAC CCS, pp. 817–828 (2015)
Wang, G., Wang, B., Wang, T., Nika, A., Zheng, H., Zhao, B.Y.: Whispers in the dark: analysis of an anonymous social network. In: ACM Internet Measurement Conference, pp. 137–150 (2014)
Ding, Y., Peddinti, S.T., Ross, K.W.: Stalking Beijing from Timbuktu: a generic measurement approach for exploiting location-based social discovery. In: ACM Workshop on Security and Privacy in Smartphones & Mobile Devices (2014)
Xue, M., Liu, Y., Ross, K.W., Qian, H.: I know where you are: thwarting privacy protection in location-based social discovery services. In: IEEE Conference on Computer Communications Workshops (2015)
Xue, M., Liu, Y., Ross, K., Qian, H.: Thwarting location privacy protection in location-based social discovery services. Secur. Commun. Netw. 9(11), 1496–1508 (2016)
Peng, J., Meng, Y., Xue, M., Hei, X., Ross, K.W.: Attacks and defenses in location-based social networks: a heuristic number theory approach. In: International Symposium on Security and Privacy in Social Networks and Big Data (SocialSec), pp. 64–71 (2015)
Cheng, H., Mao, S., Xue, M., Hei, X.: On the impact of location errors on localization attacks in location-based social network services. In: Wang, G., Ray, I., Alcaraz Calero, J.M., Thampi, S.M. (eds.) SpaCCS 2016. LNCS, vol. 10066, pp. 343–357. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49148-6_29
Liu, J., Zhang, Y., Zhao, F.: Robust distributed node localization with error management. In: Proceedings of the 7th ACM International Symposium on Mobile Ad Hoc Networking and Computing, pp. 250–261 (2006)
Qin, G., Patsakis, C., Bouroche, M.: Playing hide and seek with mobile dating applications. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 185–196. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_15
Mascetti, S., Bertolaja, L., Bettini, C.: A practical location privacy attack in proximity services. In: IEEE 14th International Conference on Mobile Data Management (MDM), vol. 1, pp. 87–96 (2013)
Correa, D., Silva, L.A., Mondal, M., Benevenuto, F., Gummadi, K.P.: The many shades of anonymity: characterizing anonymous social media content. In: International AAAI Conference on Web and Social Media (2015)
Xue, M., Yang, L., Ross, K.W., Qian, H.: Characterizing user behaviors in location-based find-and-flirt services: anonymity and demographics. Peer-to-Peer Netw. Appl. 10(2), 357–367 (2017)
Wang, R., Xue, M., Liu, K., Qian, H.: Data-driven privacy analytics: a WeChat case study in location-based social networks. In: Xu, K., Zhu, H. (eds.) WASA 2015. LNCS, vol. 9204, pp. 561–570. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21837-3_55
Xue, M., Ballard, C., Liu, K., Nemelka, C., Wu, Y., Ross, K., Qian, H.: You can yak but you can’t hide: localizing anonymous social network users. In: ACM IMC, pp. 25–31 (2016)
Chen, Z., Fu, D., Gao, Y., Hei, X.: Performance evaluation for software defined WiFi DCF networks from theory to testbed. In: 16th IEEE International Conference on Ubiquitous Computing and Communications (IUCC) (2017)
Acknowledgments
This work was supported in part by the National Natural Science Foundation of China (No. 61370231), and in part by the Fundamental Research Funds for the Central Universities (No. HUST:2016YXMS303).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Wang, J., Cheng, H., Xue, M., Hei, X. (2017). Revisiting Localization Attacks in Mobile App People-Nearby Services. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, KK. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2017. Lecture Notes in Computer Science(), vol 10656. Springer, Cham. https://doi.org/10.1007/978-3-319-72389-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-72389-1_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72388-4
Online ISBN: 978-3-319-72389-1
eBook Packages: Computer ScienceComputer Science (R0)