TY - GEN
T1 - You can yak but you can't hide
T2 - 2016 ACM Internet Measurement Conference, IMC 2016
AU - Xue, Minhui
AU - Ballard, Cameron
AU - Liu, Kelvin
AU - Nemelka, Carson
AU - Wu, Yanqiu
AU - Ross, Keith
AU - Qian, Haifeng
PY - 2016/11/14
Y1 - 2016/11/14
N2 - The recent growth of anonymous social network services - such as 4chan, Whisper, and Yik Yak - has brought online anonymity into the spotlight. For these services to function properly, the integrity of user anonymity must be preserved. If an attacker can determine the physical location from where an anonymous message was sent, then the attacker can potentially use side information (for example, knowledge of who lives at the location) to de-Anonymize the sender of the message. In this paper, we investigate whether the popular anonymous social media application Yik Yak is susceptible to localization attacks, thereby putting user anonymity at risk. The problem is challenging because Yik Yak application does not provide information about distances between user and message origins or any other message location information. We provide a comprehensive data collection and supervised machine learning methodology that does not require any reverse engineering of the Yik Yak protocol, is fully automated, and can be remotely run from anywhere. We show that we can accurately predict the locations of messages up to a small average error of 106 meters. We also devise an experiment where each message emanates from one of nine dorm colleges on the University of California Santa Cruz campus. We are able to determine the correct dorm college that generated each message 100% of the time.
AB - The recent growth of anonymous social network services - such as 4chan, Whisper, and Yik Yak - has brought online anonymity into the spotlight. For these services to function properly, the integrity of user anonymity must be preserved. If an attacker can determine the physical location from where an anonymous message was sent, then the attacker can potentially use side information (for example, knowledge of who lives at the location) to de-Anonymize the sender of the message. In this paper, we investigate whether the popular anonymous social media application Yik Yak is susceptible to localization attacks, thereby putting user anonymity at risk. The problem is challenging because Yik Yak application does not provide information about distances between user and message origins or any other message location information. We provide a comprehensive data collection and supervised machine learning methodology that does not require any reverse engineering of the Yik Yak protocol, is fully automated, and can be remotely run from anywhere. We show that we can accurately predict the locations of messages up to a small average error of 106 meters. We also devise an experiment where each message emanates from one of nine dorm colleges on the University of California Santa Cruz campus. We are able to determine the correct dorm college that generated each message 100% of the time.
KW - Anonymous Social Networks
KW - Localization Attack
KW - Machine Learning Inference
KW - Yik Yak
UR - http://www.scopus.com/inward/record.url?scp=85000384325&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85000384325&partnerID=8YFLogxK
U2 - 10.1145/2987443.2987449
DO - 10.1145/2987443.2987449
M3 - Conference contribution
AN - SCOPUS:85000384325
T3 - Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC
SP - 25
EP - 31
BT - IMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference
PB - Association for Computing Machinery
Y2 - 14 November 2016 through 16 November 2016
ER -