The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Kui Ren - University at Buffalo

Students: Fall 2024, unless noted otherwise, sessions will be virtual on Zoom.

Breaking Mobile Social Networks for Automated User Location Tracking

Apr 01, 2015

Download: Video Icon MP4 Video Size: 109.5MB  
Watch on Youtube Watch on YouTube

Abstract

Location-based social networks (LBSNs) feature location-based friend discovery services attracting hundreds of millions of active users world-wide. While leading LBSN providers claim the well-protection of their users' location privacy, in this talk we show for the first time through real world attacks that these claims do not hold after summarizing the existing practices from the industry. In our identified attacks, a malicious individual with the capability of no more than a regular LBSN user can easily break most LBSNs by manipulating location information fed to LBSN client apps and running them as location oracles. I will further talk about the development of an automated user location tracking system based on the proposed attack and its test on leading LBSNs including Wechat, Skout, and Momo. Real-world experiments on 30 volunteers and the defense approaches will also be discussed. These findings serve as a critical security reminder of the current LBSNs pertaining to a vast number of users.

About the Speaker

Kui Ren
Kui Ren is an associate professor of Computer Science and Engineering and the director of UbiSeC Lab at State University of New York at Buffalo. He received his PhD degree from Worcester Polytechnic Institute. Kui's current research interest spans Cloud & Outsourcing Security, Wireless & Wearable System Security, and Human-centered Computing. His research has been supported by NSF, DoE, AFRL, MSR, and Amazon. He is a recipient of NSF CAREER Award in 2011 and Sigma Xi/IIT Research Excellence Award in 2012. Kui received several Best Paper Awards including IEEE ICNP 2011. He currently serves as an associate editor for IEEE TMC, IEEE TIFS, IEEE IoT, IEEE TSG, etc. Kui is a senior member of IEEE, a member of ACM, a Distinguished Lecturer of IEEE, and a past board member of Internet Privacy Task Force, State of Illinois.



Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!