CISPA
Browse
cispa_all_2660.pdf (5.68 MB)

You Are Where You APP: An Assessment on Location Privacy of Social APPs

Download (5.68 MB)
conference contribution
posted on 2023-11-29, 18:08 authored by Fanghua Zhao, Linan Gao, Yang ZhangYang Zhang, Zeyu Wang, Bo Wang, Shanqing Guo
The development of positioning technologies has digitalized people's mobility traces for the first time in history. GPS sensors resided in people's mobile devices allow smart apps to access location data. This large amount of mobility data can help to build appealing applications. Meanwhile, location privacy has become a major concern. In this paper, we design a general system to assess whether an app is vulnerable to location inference attacks. We utilize a series of automatic testing mechanisms including UI match and API analysis to extract the location information an app provides. According to different characteristics of these apps, we classify them into two categories corresponding to two kinds of attacks, namely attack with distance limitation (AWDL) and attack without distance limitation (AWODL). After evaluating 800 apps, of which 109 passed automated testing, we found that 24.7% of the passing apps are vulnerable to AWDL and 11.0% to AWODL. Moreover, some apps even allow us to modify the parameters in http requests which largely increases the scope of the attacks. Our system demonstrates the severity of location privacy leakage to mobile devices and can serve as an auditing tool for future smart apps.

History

Preferred Citation

Fanghua Zhao, Linan Gao, Yang Zhang, Zeyu Wang, Bo Wang and Shanqing Guo. You Are Where You APP: An Assessment on Location Privacy of Social APPs. In: International Symposium on Software Reliability Engineering (ISSRE). 2018.

Primary Research Area

  • Secure Connected and Mobile Systems

Secondary Research Area

  • Secure Connected and Mobile Systems

Name of Conference

International Symposium on Software Reliability Engineering (ISSRE)

Legacy Posted Date

2018-09-28

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_2660, title = "You Are Where You APP: An Assessment on Location Privacy of Social APPs", author = "Zhao, Fanghua and Gao, Linan and Zhang, Yang and Wang, Zeyu and Wang, Bo and Guo, Shanqing", booktitle="{International Symposium on Software Reliability Engineering (ISSRE)}", year="2018", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC