Where's Wally?: Precise User Discovery Attacks in Location Proximity Services

Location proximity schemes have been adopted by social networks and other smartphone apps as a means of balancing user privacy with utility. However, misconceptions about the privacy offered by proximity services have rendered users vulnerable to trilateration attacks that can expose their location. Such attacks have received major publicity. and, as a result, popular service providers have deployed countermeasures for preventing user discovery attacks. In this paper, we systematically assess the effectiveness of the defenses that proximity services have deployed against adversaries attempting to identify a user's location. We provide the theoretical foundation for formalizing the problem under different proximity models, design practical attacks for each case, and prove tight bounds on the number of queries required for carrying out the attacks. To evaluate the completeness of our approach, we conduct extensive experiments against popular services. While we identify a diverse set of defense techniques that prevent trilateration attacks, we demonstrate their inefficiency against more elaborate attacks. In fact, we pinpoint Facebook users within 5 meters of their exact location, and 90% of Foursquare users within 15 meters. Our attacks are extremely efficient and complete within 3-7 seconds. The severity of our attacks was acknowledged by Facebook and Foursquare, both of which have followed our recommendations and adopted spatial cloaking to protect their users. Furthermore, our findings have wide implications as numerous popular apps with a massive user base remain vulnerable to this significant threat.

[1]  Yunhao Liu,et al.  Human Mobility Enhances Global Positioning Accuracy for Mobile Phone Localization , 2015, IEEE Transactions on Parallel and Distributed Systems.

[2]  Tanzima Hashem,et al.  Countering overlapping rectangle privacy attack for moving kNN queries , 2013, Inf. Syst..

[3]  Sushil Jajodia,et al.  Privacy-Aware Proximity Based Services , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[4]  Harry B. Hunt,et al.  Simple heuristics for unit disk graphs , 1995, Networks.

[5]  Claudio Soriente,et al.  Smartphones as Practical and Secure Location Verification Tokens for Payments , 2014, NDSS.

[6]  T. Ibaraki,et al.  The Computational Complexity of the m -Center Problems on the Plane , 1981 .

[7]  Constantinos Patsakis,et al.  Playing Hide and Seek with Mobile Dating Applications , 2014, SEC.

[8]  Stephen P. Boyd,et al.  Convex Optimization , 2004, Algorithms and Theory of Computation Handbook.

[9]  Zhenkai Liang,et al.  I Know Where You've Been: Geo-Inference Attacks via the Browser Cache , 2015, IEEE Internet Computing.

[10]  Ben Y. Zhao,et al.  Preserving privacy in location-based mobile social applications , 2010, HotMobile '10.

[11]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[12]  Carmela Troncoso,et al.  Prolonging the Hide-and-Seek Game: Optimal Trajectory Privacy for Location-Based Services , 2014, WPES.

[13]  Ove Andersen,et al.  A Location Privacy Aware Friend Locator , 2009, SSTD.

[14]  Ram M. Narayanan,et al.  Trilateration-Based Localization Algorithm Using the Lemoine Point Formulation , 2014 .

[15]  Claudio Bettini,et al.  A Practical Location Privacy Attack in Proximity Services , 2013, 2013 IEEE 14th International Conference on Mobile Data Management.

[16]  Trevor Hastie,et al.  The Elements of Statistical Learning , 2001 .

[17]  Yu-Chee Tseng,et al.  Efficient deployment algorithms for ensuring coverage and connectivity of wireless sensor networks , 2005, First International Conference on Wireless Internet (WICON'05).

[18]  Ian Goldberg,et al.  Louis, Lester and Pierre: Three Protocols for Location Privacy , 2007, Privacy Enhancing Technologies.

[19]  Subhas C. Nandy,et al.  Approximation Algorithms for the Discrete Piercing Set Problem for Unit Disks , 2011, CCCG.

[20]  Evangelos P. Markatos,et al.  The man who was there: validating check-ins in location-based services , 2013, ACSAC.

[21]  Charles J. Colbourn,et al.  Unit disk graphs , 1991, Discret. Math..

[22]  Marco Gruteser,et al.  USENIX Association , 1992 .

[23]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[24]  Huaiyu Zhu On Information and Sufficiency , 1997 .

[25]  Kang G. Shin,et al.  Location Privacy Protection for Smartphone Users , 2014, CCS.

[26]  Nikita Borisov,et al.  Protecting location privacy against inference attacks , 2010, WPES '10.

[27]  Catuscia Palamidessi,et al.  Geo-indistinguishability: differential privacy for location-based systems , 2012, CCS.

[28]  Nicholas Hopper,et al.  Efficient Private Proximity Testing with GSM Location Sketches , 2012, Financial Cryptography.

[29]  Mohamed Ali Kâafar,et al.  You are what you like! Information leakage through users' Interests , 2012, NDSS.

[30]  Johann Hurink,et al.  A PTAS for the Minimum Dominating Set Problem in Unit Disk Graphs , 2005, WAOA.

[31]  Dan Boneh,et al.  Location Privacy via Private Proximity Testing , 2011, NDSS.

[32]  Elisa Bertino,et al.  Preventing velocity-based linkage attacks in location-aware applications , 2009, GIS.

[33]  Haojin Zhu,et al.  All your location are belong to us: breaking mobile social networks for automated user location tracking , 2013, MobiHoc '14.

[34]  Carmela Troncoso,et al.  Protecting location privacy: optimal strategy against localization attacks , 2012, CCS.

[35]  Guoliang Xue,et al.  Checking in without worries: Location privacy in location based social networks , 2013, 2013 Proceedings IEEE INFOCOM.

[36]  D. Marquardt An Algorithm for Least-Squares Estimation of Nonlinear Parameters , 1963 .