TY - GEN
T1 - I know where you all are! exploiting mobile social apps for large-scale location privacy probing
AU - Zhao, Shuang
AU - Luo, Xiapu
AU - Bai, Bo
AU - Ma, Xiaobo
AU - Zou, Wei
AU - Qiu, Xinliang
AU - Au, Man Ho Allen
PY - 2016/1/1
Y1 - 2016/1/1
N2 - Mobile social apps have been changing the way people interact with each other in the physical world. To help people extend their social networks, Location-Based Social Network (LBSN) apps (e.g., Wechat, SayHi, Momo) that encourage people to make friends with nearby strangers have gained their popularity recently. They provide a “Nearby” feature for a user to find other users near him/her. While seeing other users, the user, as well as his/her coarse-grained relative location, will also be visible in the “Nearby” feature of other users. Leveraging this observation, in this paper, we model the location probing attacks, and propose three approaches to perform large-scale such attacks on LBSN apps. Moreover, we apply the new approaches in the risk assessment of eight popular LBSN apps, each of which has millions of installation. The results demonstrate the severity of such attacks. More precisely, our approaches can collect a huge volume of users’ location information effectively and automatically, which can be exploited to invade users’ privacy. This study sheds light on the research of protecting users’ private location information.
AB - Mobile social apps have been changing the way people interact with each other in the physical world. To help people extend their social networks, Location-Based Social Network (LBSN) apps (e.g., Wechat, SayHi, Momo) that encourage people to make friends with nearby strangers have gained their popularity recently. They provide a “Nearby” feature for a user to find other users near him/her. While seeing other users, the user, as well as his/her coarse-grained relative location, will also be visible in the “Nearby” feature of other users. Leveraging this observation, in this paper, we model the location probing attacks, and propose three approaches to perform large-scale such attacks on LBSN apps. Moreover, we apply the new approaches in the risk assessment of eight popular LBSN apps, each of which has millions of installation. The results demonstrate the severity of such attacks. More precisely, our approaches can collect a huge volume of users’ location information effectively and automatically, which can be exploited to invade users’ privacy. This study sheds light on the research of protecting users’ private location information.
UR - http://www.scopus.com/inward/record.url?scp=84978216578&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-40253-6_1
DO - 10.1007/978-3-319-40253-6_1
M3 - Conference article published in proceeding or book
SN - 9783319402529
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 3
EP - 19
BT - Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings
PB - Springer Verlag
T2 - 21st Australasian Conference on Information Security and Privacy, ACISP 2016
Y2 - 4 July 2016 through 6 July 2016
ER -