A Practical Location Privacy Attack in Proximity Services

The aim of proximity services is to raise alerts based on the distance between moving objects. While distance can be easily computed from the objects´ geographical locations, privacy concerns in revealing these locations exist, especially when proximity among users is being computed. Distance preserving transformations have been proposed to solve this problem by enabling the service provider to acquire pairwise distances while not acquiring the actual objects positions. It is known that distance preserving transformations do not provide formal privacy guarantees in presence of certain background knowledge but it is still unclear which are the practical conditions that make distance preserving transformations “vulnerable”. We study these conditions by designing and testing an attack based on public density information and on partial knowledge of distances between users. A clustering-based technique first discovers the approximate position of users located in the largest cities. Then a technique based on trilateration reduces this approximation and discovers the approximate position of the other users. Our experimental results show that partial distance information, like the one exchanged in a friend-finder service, can be sufficient to locate up to 60% of the users in an area smaller than a city.