Go to SPACCS 2017 homepageRevisiting Localization Attacks in Mobile App People-Nearby Services
Abstract: The widespread use of people-nearby services has spawned the development of social discovery applications that help users make new friends with nearby users (such as WeChat). Unfortunately, malicious third-parties can often deploy trilateration attacks to exploit people-nearby applications to determine the exact locations of target users, therefore compromising their privacy. In this paper, we revisit these localization attacks and propose a new two-step localization method that boosts the accuracy of the state of the art for the contemporary location-based social network (LBSN) services which have adopted the band-distance obfuscation to blur the location information. The basic idea is to first locate the target in a small circle with the radius of the band distance; then, refine the estimated location with sufficient queries which is driven by the required localization accuracy. We theoretically prove that our method is able to converge to pinpoint users with an upper bound of the complexity of our design. We also evaluate the performance of our model when considering different distribution errors, and finally show our localization method is robust with exciting accuracy and limited complexity through extensive simulation experiments. This attack can locate target users within 20 m with over $$95\%$$ accuracy in most cases while the query-time is a limited value and can be roughly computed.
0 Replies
Loading