Abstract
Recently, a wide range of dating applications has emerged for users of smart mobile devices. Besides allowing people to socialize with others who share the same interests, these applications use the location services of these devices to provide localized mapping of users. A user is given an approximation of his proximity to other users, making the application more attractive by increasing the chances of local interactions. While many applications provide an obfuscated location of the user, several others prefer to provide quantifiable results.
This paper illustrates that the user’s location can be disclosed, with various degree of approximation, despite the obfuscation attempts. Experimenting with four of these applications, namely MoMo, WeChat, SKOUT and Plenty of Fish, we show that an attacker can easily bypass the fuzziness of the results provided, resulting in the full disclosure of a victim’s location, whenever it is connected.
Chapter PDF
References
Zickuhr, K.: Location-based services. Pew Internet and American Life Project (2013)
Madden, M., Lenhart, A., Cortesi, S., Gasser, U.: Teens and mobile apps privacy. Pew Internet and American Life Project (2013)
Gedik, B., Liu, L.: Protecting location privacy with personalized k-anonymity: Architecture and algorithms. IEEE Transactions on Mobile Computing 7(1), 1–18 (2008)
Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. IEEE Pervasive Computing 2(1), 46–55 (2003)
Cheng, R., Zhang, Y., Bertino, E., Prabhakar, S.: Preserving user location privacy in mobile data management infrastructures. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 393–412. Springer, Heidelberg (2006)
Damiani, M.L., Silvestri, C., Bertino, E.: Fine-grained cloaking of sensitive positions in location-sharing applications. IEEE Pervasive Computing 10(4), 64–72 (2011)
Smith, A., Duggan, M.: Online dating and relationships. Pew Internet and American Life Project (2013)
Patsakis, C., Asthenidis, A., Chatzidimitriou, A.: Social networks as an attack platform: Facebook case study. In: ICN, 245–247 (2009)
Brown, G., Howe, T., Ihbe, M., Prakash, A., Borders, K.: Social networks and context-aware spam. In: Proceedings of the 2008 ACM Conference on Computer Supported Cooperative Work CSCW 2008, pp. 403–412 (2008)
Huber, M., Mulazzani, M., Weippl, E., Kitzler, G., Goluch, S.: Friend-in-the-middle attacks: Exploiting social networking sites for spam. IEEE Internet Computing 15(3), 28–34 (2011)
Abu-Nimeh, S., Chen, T., Alzubi, O.: Malicious and spam posts in online social networks. Computer 44(9), 23–28 (2011)
Huber, M., Mulazzani, M., Weippl, E., Kitzler, G., Goluch, S.: Exploiting social networking sites for spam. In: Proceedings of the 17th ACM Conference on Computer and Communications Security CCS 2010, pp. 693–695 (2010)
Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Communications of the ACM 50(10), 94–100 (2007)
Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)
Backstrom, L., Dwork, C., Kleinberg, J.: Wherefore art thou r3579x?: Anonymized social networks, hidden patterns, and structural steganography. In: Proceedings of the 16th International Conference on World Wide Web, pp. 181–190. ACM (2007)
Hoffman, K., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Computing Surveys (CSUR) 42(1), 1 (2009)
Krumm, J.: Inference attacks on location tracks. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds.) Pervasive 2007. LNCS, vol. 4480, pp. 127–143. Springer, Heidelberg (2007)
Gambs, S., Killijian, M.O., del Prado Cortez, M.N.: Show me how you move and i will tell you who you are. Transactions on Data Privacy 4(2), 103–126 (2011)
Gambs, S., Killijian, M.O., del Prado Cortez, M.N.: De-anonymization attack on geolocated data. In: TrustCom/ISPA/IUCC, pp. 789–797 (2013)
Golle, P., Partridge, K.: On the anonymity of home/Work location pairs. In: Tokuda, H., Beigl, M., Friday, A., Brush, A.J.B., Tobe, Y. (eds.) Pervasive 2009. LNCS, vol. 5538, pp. 390–397. Springer, Heidelberg (2009)
Pontes, T., Vasconcelos, M.A., Almeida, J.M., Kumaraguru, P., Almeida, V.: We know where you live: privacy characterization of foursquare behavior. In: UbiComp, pp. 898–905 (2012)
Kostakos, V., Venkatanathan, J., Reynolds, B., Sadeh, N., Toch, E., Shaikh, S.A., Jones, S.: Who’s your best friend?: Targeted privacy attacks in location-sharing social networks. In: Proceedings of the 13th International Conference on Ubiquitous Computing, UbiComp 2011 pp. 177–186 (2011)
He, W., Liu, X., Ren, M.: Location cheating: A security challenge to location-based social network services. In: 2011 31st International Conference on Distributed Computing Systems (ICDCS), pp. 740–749. IEEE (2011)
Mascetti, S., Freni, D., Bettini, C., Wang, X.S., Jajodia, S.: Privacy in geo-social networks: Proximity notification with untrusted service providers and curious buddies. The VLDB Journal 20(4), 541–566 (2011)
Zheleva, E., Getoor, L.: To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In: Proceedings of the 18th International Conference on World Wide Web, pp. 531–540. ACM (2009)
Carbunar, B., Rahman, M., Pissinou, N., Vasilakos, A.: A survey of privacy vulnerabilities and defenses in geosocial networks. IEEE Communications Magazine 51(11), 114–119 (2013)
Ruiz Vicente, C., Freni, D., Bettini, C., Jensen, C.S.: Location-related privacy in geo-social networks. IEEE Internet Computing 15(3), 20–27 (2011)
Narayanan, A., Thiagarajan, N., Lakhani, M., Hamburg, M., Boneh, D.: Location privacy via private proximity testing. In: Network & Distributed System Security Symposium (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Qin, G., Patsakis, C., Bouroche, M. (2014). Playing Hide and Seek with Mobile Dating Applications. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds) ICT Systems Security and Privacy Protection. SEC 2014. IFIP Advances in Information and Communication Technology, vol 428. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55415-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-55415-5_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55414-8
Online ISBN: 978-3-642-55415-5
eBook Packages: Computer ScienceComputer Science (R0)