Shuang Zhao,Xiapu Luo,Xiaobo Ma,Bo Bai,Yankang Zhao,Wei Zou,Zeming Yang,Man Ho Au,Xinliang Qiu

DOI: https://doi.org/10.1155/2018/3182402

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:Proximity-based apps have been changing the way people interact with each other in the physical world. To help people extend their social networks, proximity-based nearby-stranger (NS) apps that encourage people to make friends with nearby strangers have gained popularity recently. As another typical type of proximity-based apps, some ridesharing (RS) apps allowing drivers to search nearby passengers and get their ridesharing requests also become popular due to their contribution to economy and emission reduction. In this paper, we concentrate on the location privacy of proximity-based mobile apps. By analyzing the communication mechanism, we find that many apps of this type are vulnerable to large-scale location spoofing attack (LLSA). We accordingly propose three approaches to performing LLSA. To evaluate the threat of LLSA posed to proximity-based mobile apps, we perform real-world case studies against an NS app named Weibo and an RS app called Didi. The results show that our approaches can effectively and automatically collect a huge volume of users’ locations or travel records, thereby demonstrating the severity of LLSA. We apply the LLSA approaches against nine popular proximity-based apps with millions of installations to evaluate the defense strength. We finally suggest possible countermeasures for the proposed attacks.

Muyuan Li,Haojin Zhu,Zhaoyu Gao,Si Chen,Kui Ren,Le Yu,Shangqian Hu

DOI: https://doi.org/10.1145/2632951.2632953

2013-01-01

Abstract:Location-based social networks (LBSNs) feature friend discovery by location proximity that has attracted hundreds of millions of users world-wide. While leading LBSN providers claim the well-protection of their users' location privacy, for the first time we show through real world attacks that these claims do not hold. In our identified attacks, a malicious individual with the capability of no more than a regular LBSN user can easily break most LBSNs by manipulating location information fed to LBSN client apps and running them as location oracles. We further develop an automated user location tracking system and test it on leading LBSNs including Wechat, Skout, and Momo. We demonstrate its effectiveness and efficiency via a 3 week real-world experiment on 30 volunteers and show that we could geo-locate any target with high accuracy and readily recover his/her top 5 locations. Finally, we also develop a framework that explores a grid reference system and location classifications to mitigate the attacks. Our result serves as a critical security reminder of the current LBSNs pertaining to a vast number of users.

Huaxin Li,Haojin Zhu,Suguo Du,Xiaohui Liang,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/tdsc.2016.2604383

2018-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Along with the popularity of mobile social networks (MSNs) is the increasing danger of privacy breaches due to user location exposures. In this work, we take an initial step towards quantifying location privacy leakage from MSNs by matching the users' shared locations with their real mobility traces. We conduct a three-week real-world experiment with 30 participants and discover that both direct location sharing (e.g., Weibo or Renren) and indirect location sharing (e.g., Wechat or Skout) can reveal a small percentage of users' real points of interests (POIs). We further propose a novel attack to allow an external adversary to infer the demographics (e.g., age, gender, education) after observing users' exposed location profiles. We implement such an attack in a large real-world dataset involving 22,843 mobile users. The experimental results show that the attacker can effectively predict demographic attributes about users with some shared locations. To resist such attacks, we propose SmartMask, a context-based system-level privacy protection solution, designed to automatically learn users' privacy preferences under different contexts and provide a transparent privacy control for MSN users. The effectiveness and efficiency of SmartMask have been well validated by extensive experiments.

Yanzhe Che,Kevin Chiew,Xiaoyan Hong,Qinming He

DOI: https://doi.org/10.1145/2442810.2442820

2012-01-01

Abstract:ABSTRACTThere is a potential privacy breach when users access various location-based social applications on a mobile social network (MSN), e.g., sharing locations with friends. To preserve location privacy, one of the most common methods is to use a coarse or fake location instead of a user's exact location. However, most of these previous approaches only provide geometric strategies without considering the semantic context of the geographical locations. For example, if a cloaked region contains a part of a lake, where no boats are allowed, an adversary can easily prune the cloaked region to a smaller range covering a user's actual location. In this paper, we propose SALS, a semantics-aware location sharing framework based on cloaking zone for an MSN environment. By considering a user's social relations and activities which are available in an MSN environment, SALS does not assume any trustworthy entities, including strangers, friends or any third parties. As a solution, SALS enables users to cooperate with each other, in a Peer-to-Peer (P2P) way, to generate the cloaking zones, which will be used instead of the actual locations. Different from the previous cloaking techniques, SALS considers the semantic location which can influence the distribution probability of a user's locations. We also propose metrics for measuring the quality of the cloaking zone. The evaluation shows that our method can well defend the semantic-location attack.

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Fanghua Zhao,Linan Gao,Yang Zhang,Zeyu Wang,Bo Wang,Shanqing Guo

DOI: https://doi.org/10.1109/issre.2018.00033

2018-01-01

Abstract:The development of positioning technologies has digitalized people's mobility traces for the first time in history. GPS sensors resided in people's mobile devices allow smart apps to access location data. This large amount of mobility data can help to build appealing applications. Meanwhile, location privacy has become a major concern. In this paper, we design a general system to assess whether an app is vulnerable to location inference attacks. We utilize a series of automatic testing mechanisms including UI match and API analysis to extract the location information an app provides. According to different characteristics of these apps, we classify them into two categories corresponding to two kinds of attacks, namely attack with distance limitation (AWDL) and attack without distance limitation (AWODL). After evaluating 800 apps, of which 109 passed automated testing, we found that 24.7% of the passing apps are vulnerable to AWDL and 11.0% to AWODL. Moreover, some apps even allow us to modify the parameters in http requests which largely increases the scope of the attacks. Our system demonstrates the severity of location privacy leakage to mobile devices and can serve as an auditing tool for future smart apps

Hao Zhou,Yingjie Wu,Sisi Zhong,Zhao Luo,Xiaodong Wang

DOI: https://doi.org/10.1109/icicee.2012.418

2012-01-01

Abstract:The query privacy issue in location-based services (LBS) has recently received considerable attention. To protect the query privacy of users, current state-of-the-art techniques adopt cloaking which cloaks the sender's location to k-anonymized spatial region (ASR), such that an attack based on the sender's location cannot identify the query source with probability larger than 1/k, among other k-1 users. However, these techniques do not consider that these k-1 additional mobile users with different privacy requirements may send request at the same time. In this paper, we propose a new attack model that an adversary who observes all the ASRs at one time can identify the query source with probability larger than 1/k based on prior knowledge of the locations of all users. And we propose our two algorithms, namely, Basic and Adaptive Algorithms, which strengthen the privacy guarantee to defend such inference attack while still support personalized user privacy requirements. We verify the effectiveness of the proposed algorithms by experiments on location data which synthetically generated on real road maps.

Jian Ding,Xiao-Ze Gong,Yong-Li Wang

DOI: https://doi.org/10.1109/icites59818.2023.10356863

2023-01-01

Abstract:With the development of smart handheld devices and location technology, users can use location-based services (LBS) to search for nearby friends and strangers to enjoy a better social experience. However, the disclosure of sensitive personal information may hinder the further development of LBS social services. Although many scholars have proposed privacy protection methods for LBS social services, there are challenges in the flexibility of privacy protection and the efficiency of location retrieval in the friend location query. Therefore, this paper proposed an efficient privacy protection method for location retrieval, which not only protects the privacy of users, but also provides a method named association grid to improve the location retrieval efficiency of LBS social services. In addition, by setting the user-defined access control policy proposed by this method, the flexible privacy protection requirements of users can be met. Finally, the effectiveness of the proposed method is verified by simulation experiments.

Chen Wang,Chuyu Wang,Yingying Chen,Lei Xie,Sanglu Lu

DOI: https://doi.org/10.1109/icdcs.2017.139

2017-01-01

Abstract:While the mobile users enjoy the anytime anywhere Internet access by connecting their mobile devices through Wi-Fi services, the increasing deployment of access points (APs) have raised a number of privacy concerns. This paper explores the potential of smartphone privacy leakage caused by surrounding APs. In particular, we study to what extent the users' personal information such as social relationships and demographics could be revealed leveraging simple signal information from APs without examining the Wi-Fi traffic. Our approach utilizes users' activities at daily visited places derived from the surrounding APs to infer users' social interactions and individual behaviors. Furthermore, we develop two new mechanisms: the Closeness-based Social Relationships Inference algorithm captures how closely people interact with each other by evaluating their physical closeness and derives fine-grained social relationships, whereas the Behavior-based Demographics Inference method differentiates various individual behaviors via the extracted activity features (e.g., activeness and time slots) at each daily place to reveal users' demographics. Extensive experiments conducted with 21 participants' real daily life including 257 different places in three cities over a 6-month period demonstrate that the simple signal information from surrounding APs have a high potential to reveal people's social relationships and infer demographics with an over 90% accuracy when using our approach.

Fengwei Wang,Hui Zhu,Rongxing Lu,Fen Liu,Cheng Huang,Hui Li

DOI: https://doi.org/10.1109/jiot.2017.2766701

2018-01-01

Abstract:With the pervasiveness of location-aware mobile terminals and the popularity of social applications, location-based social networking service (LBSNS) has brought great convenience to people's life. Meanwhile, proximity detection, which makes LBSNS more flexible, has aroused widespread concern. However, the prosperity of LBSNS still faces many severe challenges on account of users' location privacy and data security. In this paper, we propose two efficient and privacy-preserving proximity detection schemes, named arbitrary geometric range query for polygons (AGRQ-P) and arbitrary geometric range query for circles (AGRQ-C), for location-based social applications. With proposed schemes, a user can choose any area on the map, and query whether her/his friends are within the region without divulging the query information to both social application servers and other users, meanwhile, the accurate locations of her/his friends are also confidential for the servers and the query user. Specifically, with algorithms based on ciphertext of geometric range query, users' query and location information is blurred into ciphertext in client, thus no one but the user knows her/his own sensitive information. Detailed security analysis shows that various security threats can be defended. In addition, the proposed schemes are implemented in an IM APP with a real LBS dataset, and extensive simulation results over smart phones further demonstrate that AGRQ-P and AGRQ-C are highly efficient and can be implemented effectively.

Dong-zi YAN,Yi-jun WANG,Zhi XUE,Ling HU

DOI: https://doi.org/10.3969/j.issn.1002-0802.2016.12.024

2016-01-01

Abstract:With the increasingly powerful mobile terminal, a variety of APP applications have seeped into every aspect of people's daily lives. Especially with the rapid development of location-based service (Location Based Service, referred to as LBS), the people with share thinking usually ignore the security risk of privacy breach in APP application while sharing their own state and conveniently acguiring others, information. For those reasons, the security risk analysis is done on the application based on LBS. And aiming at access to personal information and the location information of the user via reverse engineering, code location and function reconstruction, and further analysis on acguired private data of the user, some suggestions are proposed for security strengthening in prevention of data leakage risk.

Wenbo He,Xue Liu,Mai Ren

DOI: https://doi.org/10.48550/arXiv.1102.4135

2011-02-21

Abstract:Location-based mobile social network services such as foursquare and Gowalla have grown exponentially over the past several years. These location-based services utilize the geographical position to enrich user experiences in a variety of contexts, including location-based searching and location-based mobile advertising. To attract more users, the location-based mobile social network services provide real-world rewards to the user, when a user checks in at a certain venue or location. This gives incentives for users to cheat on their locations. In this report, we investigate the threat of location cheating attacks, find the root cause of the vulnerability, and outline the possible defending mechanisms. We use foursquare as an example to introduce a novel location cheating attack, which can easily pass the current location verification mechanism (e.g., cheater code of foursquare). We also crawl the foursquare website. By analyzing the crawled data, we show that automated large scale cheating is possible. Through this work, we aim to call attention to location cheating in mobile social network services and provide insights into the defending mechanisms.

Social and Information Networks,Cryptography and Security

Jody Farnden,Ben Martini,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.48550/arXiv.1505.02906

2015-05-12

Abstract:Dating apps for mobile devices, one popular GeoSocial app category, are growing increasingly popular. These apps encourage the sharing of more personal information than conventional social media apps, including continuous location data. However, recent high profile incidents have highlighted the privacy risks inherent in using these apps. In this paper, we present a case study utilizing forensic techniques on nine popular proximity-based dating apps in order to determine the types of data that can be recovered from user devices. We recover a number of data types from these apps that raise concerns about user privacy. For example, we determine that chat messages could be recovered in at least half of the apps examined and, in some cases, the details of any users that had been discovered nearby could also be extracted.

Computers and Society

Chang Xu,Xuan Xie,Liehuang Zhu,Kashif Sharif,Chuan Zhang,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.1007/s11432-019-1508-6

2020-01-01

Science China Information Sciences

Abstract:The recent proliferation of mobile devices has given rise to mobile online social networks(m OSNs), an emerging network paradigm that uses social networks as its main design element. As one of the most critical components in m OSNs, location sharing plays an important role in helping users share information and strengthen their social bonds, which however may compromise users’ privacy, including location information and social relationship details. To address these challenges, some solutions have been proposed. However, none of them considers the privacy of inter-user threshold distance, which effectively can be used to identify users, their friends, and location information, by malicious or undesired elements of the system. To overcome this limitation, we propose a secure distance comparison protocol. Furthermore,we present a privacy-preserving location-sharing scheme(PPLS), which allows users to build more complex access control policies. The safety of our scheme is validated by the security analysis and the experimental results demonstrate the efficiency of PPLS scheme.

Yuwei Yao,Xinpeng Zhang,Hanzhou Wu,Zichi Wang,Jiangfeng Wang

DOI: https://doi.org/10.1080/02564602.2020.1737586

2020-01-01

Abstract:With the development of smartphones and mobile wireless network, social discovery applications are becoming more and more popular now. These applications help users to chat with nearby people and make friends. However, the location of a user could be exploited by attackers in some situations. This paper concentrates on the protection of location privacy in social discovery application. Firstly, we formalize the location attack problem using probability theory. Then we propose a new distance obfuscation method to defend the location inference attack. Guided by entropy theory, we obfuscate the distance between two users with a specific probability instead of random obfuscation to make the inference attack more difficult. To keep the balance between the privacy level and the service quality, we resolve the optimal mechanism. Experimental results show that the proposed method performs well in protecting the users' locations without significantly compromising the quality-of-service of social discovery applications.

Zhikai Xu,Hongli Zhang,Xiangzhan Yu,Shen Su

DOI: https://doi.org/10.1587/transinf.2015inp0001

2016-01-01

IEICE Transactions on Information and Systems

Abstract:Location-based services (LBSs) are useful for many applications in internet of things(IoT). However, LBSs has raised serious concerns about users' location privacy. In this paper, we propose a new location privacy attack in LBSs called hidden location inference attack, in which the adversary infers users' hidden locations based on the users' check-in histories. We discover three factors that influence individual check-in behaviors: geographic information, human mobility patterns and user preferences. We first separately evaluate the effects of each of these three factors on users' check-in behaviors. Next, we propose a novel algorithm that integrates the above heterogeneous factors and captures the probability of hidden location privacy leakage. Then, we design a novel privacy alert framework to warn users when their sharing behavior does not match their sharing rules. Finally, we use our experimental results to demonstrate the validity and practicality of the proposed strategy.

Shuai Li,Zhemin Yang,Yunteng Yang,Dingyi Liu,Min Yang

DOI: https://doi.org/10.1109/tifs.2024.3356197

IF: 7.231

2024-02-14

IEEE Transactions on Information Forensics and Security

Abstract:With the characteristics of free installation and rich functionalities, mobile mini-apps have become more and more popular in people's daily life. A large amount of sensitive personal data is thus involved in them and shared across users for providing various services, which raises great privacy concerns. However, few researchers have paid attention to the potential privacy risks that may exist when user data is shared across users in mobile mini-apps. In this paper, we introduce a novel privacy risk that is brought forward by cross-user personal data over-delivery (denoted as XPO) in mobile mini-apps. Such a discovered privacy risk is demonstrated to be able to cause serious leakage of diverse user data. To detect XPO risk, a dynamic and lightweight mini-app analysis framework – XPOScope is proposed. XPOScope is able to automatically identify XPO risk at a large scale. By applying it to 4,273 mini-apps hosted on three popular platforms, i.e., WeChat, Baidu and Alipay, XPOScope reported 71 vulnerable ones, with a precision of 92.21% and a recall of 80.68%. In addition to the mere exposure of diverse private user data, case studies performed show that XPO in mini-apps can further lead to impersonation attacks, the infringement of employees' privacy, economic loss and even the leakage of sensitive business secrets. The results call for the awareness and actions of mobile mini-app developers to secure cross-user personal data delivery. The code of this work is available at https://github.com/ppflower/XPOScope.

computer science, theory & methods,engineering, electrical & electronic

Zhuo Ma,Shuai Xu,Bo Liu,Jiuxin Cao

DOI: https://doi.org/10.1109/tcss.2022.3142078

2023-01-01

IEEE Transactions on Computational Social Systems

Abstract:When user-centric location privacy protections are used by the public (e.g., published as a mobile application to Mac app store), they are found to be vulnerable to a novel kind of potential inference attacks. These attacks can utilize the open-use protection’s input–output pairs to closely study the protection’s structure and mechanism. We name this kind of attacks as knowing-and-learning (KL) attacks. Targeted at such potential but threatening deep learning-based KL attacks in local search services, we propose a novel location privacy protection framework LPP2KL. LPP2KL aims to generate an obfuscated location, which is robust to the aforementioned attacks, so that the user’s current location (real) can be replaced by the generated location (pseudo) when submitted to the untrusted search server. To achieve this, we first depict a feasible net structure to implement the deep KL attack and verify its power with extensive experiments. Second, to simulate the attack-and-defense process, we develop a novel network structure with an adversary net and a protection net. These nets play a mini–max game toward privacy inference in an adversarial manner until an equilibrium is reached. Meanwhile, the protection net also achieves the balance between preserved privacy and quality of service through utility-constrained privacy optimization. We introduce a novel penalty function to handle the utility-constrained privacy optimization problem. Extensive experiments are conducted on Yelp and FoursSwarm datasets, which validate the generality of our proposed LPP2KL in protection handling and illustrate its effectiveness in utility control under the acceptable quality of service.

Jiacheng Shang,Si Chen,Jie Wu,Shu Yin

DOI: https://doi.org/10.1109/tmc.2020.3007740

IF: 6.075

2022-02-01

IEEE Transactions on Mobile Computing

Abstract:Augmented reality (AR) applications that overlay the perception of the real world with digitally generated information are on the cusp of commercial viability. AR has appeared in several commercial platforms like Microsoft HoloLens and smartphones. They extend the user experience beyond two dimensions and supplement the normal 3D world of a user. A typical location-based multi-player AR application works through a three-step process, wherein the system collects sensory data from the real world, identifies objects based on their context, and finally, renders information on top of senses of a user. However, because these AR applications frequently exchange data with users, they have exposed new individual and public safety issues. In this paper, we develop ARSpy, a user location tracking system solely based on network traffic information of the user, and we test it on location-based multi-player AR applications. We demonstrate the effectiveness and efficiency of the proposed scheme via real-world experiments on 12 volunteers and show that we could obtain the geolocation of any target with high accuracy. We also propose three mitigation methods to mitigate these side channel attacks. Our results reveal a potential security threat in current location-based multi-player AR applications and serve as a critical security reminder to a vast number of AR users.

computer science, information systems,telecommunications

Hao Wu,Yih-Chun Hu

DOI: https://doi.org/10.1515/popets-2016-0029

2016-01-01

Abstract:Abstract Location-Based Social Network (LBSN) applications that support geo-location-based posting and queries to provide location-relevant information to mobile users are increasingly popular, but pose a location-privacy risk to posts. We investigated existing LBSNs and location privacy mechanisms, and found a powerful potential attack that can accurately locate users with relatively few queries, even when location data is well secured and location noise is applied. Our technique defeats previously proposed solutions including fake-location detection and query rate limits. To protect systems from this attack, we propose a simple, scalable, yet effective defense that quantizes the map into squares using hierarchical subdivision, consistently returns the same random result to multiple queries from the same square for posts from the same user, and responds to queries with different distance thresholds in a correlated manner, limiting the information gained by attackers, and ensuring that an attacker can never accurately know the quantized square containing a user. Finally, we verify the performance of our defense and analyze the trade-offs through comprehensive simulation in realistic settings. Surprisingly, our results show that in many environments, privacy level and user accuracy can be tuned using two independent parameters; in the remaining environments, a single parameter adjusts the tradeoff between privacy level and user accuracy. We also thoroughly explore the parameter space to provide guidance for actual deployments.