Article

An effective localization attack in locationbased social network

  • WANG Rong-Rong ,
  • XUE Min-Hui ,
  • LI Xiang-Xue ,
  • QIAN Hai-Feng
Expand

Received date: 2015-02-13

  Online published: 2016-07-25

Abstract

Locationbased social network (LBSN) services enable users to discover nearby people. Original LBSN services provide the exact distances for nearby users. Existing studies have shown that it is easy to localize target users by using trilateration methodology. To defend against the trilateration attack, current LBSN services adopt the concentric bandbased approach when reporting distances. In this paper, by using number theory, we analytically show that by strategically placing multiple virtual probes as fake GPS, one can accurately pinpoint user locations with either accurate or coarse bandbased distances. As a proof of this concept, WeChat is examplified to validate that our attack methodology is effective in a realworld deployment. Our study is expected to draw more public attention to this serious privacy issue and hopefully motivate better privacypreserving LBSN designs.

Cite this article

WANG Rong-Rong , XUE Min-Hui , LI Xiang-Xue , QIAN Hai-Feng . An effective localization attack in locationbased social network[J]. Journal of East China Normal University(Natural Science), 2016 , 2016(2) : 62 -72 . DOI: 10.3969/j.issn.1000-5641.2016.02.009

References

[1]CIW TEAM. Tencent: 438M Wechat users and 645M QZone users by Q2 2014 [EB/OL]. China Internet Watch, 2014 [2015125]. http:∥www.chinainternetwatch.com/8229/tencentq22014/.

[2]XIANG T. Momo: China’s next social conglomerate? [EB/OL]. TechNode, 2014 [2015125]. http:∥technode.com/2014/10/13/momochinanextsocialconglomerate/.

[3]ZANG H, BOLOT J. Anonymization of location data does not work: A largescale measurement study[C]∥Proceedings of the 17th Annual International Conference on Mobile Computing and Networking. ACM, 2011: 145156.

[4]CHEN T, KAAFAR M, BORELI R.The where and when of finding new friends: Analysis of a locationbased social discovery network[C]∥Proceedings of the International AAAI Conference on Weblogs and Social Media. 2013.

[5]XUE M, LIU Y, ROSS K W, et al. I know where you are: Thwarting privacy protection in locationbased social discovery services[C]∥Proceedings of the 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 2015:179184.

[6]WANG G, WANG B, WANG T, et al. Whispers in the dark: Analysis of an anonymous social network[C]∥Proceedings of the 2014 Conference on Internet Measurement Conference. ACM, 2014: 137150.

[7]LI M, ZHU H, GAO Z, et al. All your location are belong to us: Breaking mobile social networks for automated user location tracking[C]∥Proceedings of the 15th ACM International Symposium on Mobile ad Hoc Networking and Computing. ACM, 2014: 4352.

[8]RUTHS D, PFEFFER J. Social media for large studies of behavior[J]. Science, 2014, (6213)346: 10631064.

[9]BINDSCHAEDLER L, JADLIWALA M, BILOGREVIC I, et al. Track me if you can: On the effectiveness of contextbased identifier changes in deployed mobile networks[C/OL].NDSS, 2012[2015125].http: ∥www.internetsociety.org.

[10]SHOKRI R, THEODORAKOPOULOS G,  BOUDEC J Y L, et al. Quantifying location privacy[J].  IEEE Symposium on Security and Privacy (SP), 2011,42(12): 247262.

[11]XU T, CAI Y. Feelingbased location privacy protection for locationbased services[C]∥Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009: 348357.

[12]ALMUHIMEDI H, SCHAUB F, SADEH N, et al. Your location has been shared 5 398 times! [C]∥Proceedings of the 33rd Annual ACM Conference on Factors in Computing System.ACM, 2015: 787796.

[13]FAWAZ K, SHIN K G. Location privacy protection for smartphone users[C]∥Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014: 239250.

[14]ED N, QUN L. Nearpri: Private, proximity based location sharing[C]∥Proceedings of the IEEE INFOCOM 2014IEEE Conference on Computer Communications. IEEE, 2014: 4352.

[15]SHOUP V. A Computational Introduction to Number Theory and Algebra[M]. London: Cambridge University Press, 2009.

[16]DING Y, PEDDINTI S T, ROSS K W. Stalking Beijing from Timbuktu: A generic measurement approach for exploiting locationbased social discovery[C]∥Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones  and Mobile Devices. ACM, 2014: 7580.
Outlines

/