TY - GEN
T1 - I know where you are
T2 - IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2015
AU - Xue, Minhui
AU - Liu, Yong
AU - Ross, Keith W.
AU - Qian, Haifeng
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2015/8/4
Y1 - 2015/8/4
N2 - Location-based Social Discovery (LBSD) services enable users to discover their geographic neighborhoods to make new friends. Original LBSD services were designed to provide the exact distances to nearby users. It has been shown that it is easy to pinpoint any target user's location by using trilateration based on the exact distances from three fake GPS locations to the target user. To thwart the trilateration attack, contemporary LBSD services then began to report distances of nearby users in concentric bands, e.g., bands of 100 meters. In this paper, we investigate the user location privacy leakage problem in LBSD services reporting distances in discrete bands. Using number theory, we analytically show that by strategically placing multiple virtual probes with contrived fake GPS locations, one can nevertheless pinpoint user locations in band-based LBSD. Our methodology guarantees to pinpoint any reported user within an area bounded by one square meter, even for LBSD services using large bands (such as 100m as used by WeChat). To the best of our knowledge, this is the first work that explicitly exploits and quantifies user location privacy leakage in band-based LBSD services. Our study is expected to draw more public attention to this serious privacy issue and hopefully motivate better privacy-preserving LBSD designs.
AB - Location-based Social Discovery (LBSD) services enable users to discover their geographic neighborhoods to make new friends. Original LBSD services were designed to provide the exact distances to nearby users. It has been shown that it is easy to pinpoint any target user's location by using trilateration based on the exact distances from three fake GPS locations to the target user. To thwart the trilateration attack, contemporary LBSD services then began to report distances of nearby users in concentric bands, e.g., bands of 100 meters. In this paper, we investigate the user location privacy leakage problem in LBSD services reporting distances in discrete bands. Using number theory, we analytically show that by strategically placing multiple virtual probes with contrived fake GPS locations, one can nevertheless pinpoint user locations in band-based LBSD. Our methodology guarantees to pinpoint any reported user within an area bounded by one square meter, even for LBSD services using large bands (such as 100m as used by WeChat). To the best of our knowledge, this is the first work that explicitly exploits and quantifies user location privacy leakage in band-based LBSD services. Our study is expected to draw more public attention to this serious privacy issue and hopefully motivate better privacy-preserving LBSD designs.
UR - http://www.scopus.com/inward/record.url?scp=84943257519&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84943257519&partnerID=8YFLogxK
U2 - 10.1109/INFCOMW.2015.7179381
DO - 10.1109/INFCOMW.2015.7179381
M3 - Conference contribution
AN - SCOPUS:84943257519
T3 - Proceedings - IEEE INFOCOM
SP - 179
EP - 184
BT - 2015 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2015
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 26 April 2015 through 1 May 2015
ER -