I know where you all are! exploiting mobile social apps for large-scale location privacy probing

Shuang Zhao, Xiapu Luo, Bo Bai, Xiaobo Ma, Wei Zou, Xinliang Qiu, Man Ho Allen Au

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

5 Citations (Scopus)

Abstract

Mobile social apps have been changing the way people interact with each other in the physical world. To help people extend their social networks, Location-Based Social Network (LBSN) apps (e.g., Wechat, SayHi, Momo) that encourage people to make friends with nearby strangers have gained their popularity recently. They provide a “Nearby” feature for a user to find other users near him/her. While seeing other users, the user, as well as his/her coarse-grained relative location, will also be visible in the “Nearby” feature of other users. Leveraging this observation, in this paper, we model the location probing attacks, and propose three approaches to perform large-scale such attacks on LBSN apps. Moreover, we apply the new approaches in the risk assessment of eight popular LBSN apps, each of which has millions of installation. The results demonstrate the severity of such attacks. More precisely, our approaches can collect a huge volume of users’ location information effectively and automatically, which can be exploited to invade users’ privacy. This study sheds light on the research of protecting users’ private location information.
Original languageEnglish
Title of host publicationInformation Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings
PublisherSpringer Verlag
Pages3-19
Number of pages17
ISBN (Print)9783319402529
DOIs
Publication statusPublished - 1 Jan 2016
Event21st Australasian Conference on Information Security and Privacy, ACISP 2016 - Melbourne, Australia
Duration: 4 Jul 20166 Jul 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9722
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st Australasian Conference on Information Security and Privacy, ACISP 2016
Country/TerritoryAustralia
CityMelbourne
Period4/07/166/07/16

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this