Location, Location, Location: Revisiting Modeling and Exploitation for Location-Based Side Channel Leakages.

We demonstrate and compare three co-location detection methods namely, cooperative Last-Level Cache (LLC) covert channel, software profiling on the LLC and memory bus locking. ... Finally, we show that both cooperative and non-cooperative co-location to specific targets on cloud is still possible on major cloud services. ... Acknowledgments This work is supported by the National Science Foundation, under grants CNS-1318919 and CNS-1314770. ...

doi:10.1007/978-3-319-43283-0_2 fatcat:yebd452h35bcpmo63aqbklvdqm

Many popular location-based social networks (LBSNs) support built-in location-based social discovery with hundreds of millions of users around the world. ... These techniques are assumed to be secure and are exercised on the daily base. In this paper, we question the safety of these location-obfuscation techniques used by existing LBSNs. ... Note that, a tracking attacker may start with a target person in mind and exploit certain side-channel information of the target to help obtain the corresponding UID or user number. ...

arXiv:1310.2547v2 fatcat:czdocfimabhb5ej27to6oeksau

Multiple Versions

Inspired by the literature on side-channel attacks against cryptographic implementations, we describe a framework for the analysis of location privacy. ... It allows us to revisit (continuous) re-identification attacks with a combination of information theoretic and security metrics. ... François-Xavier Standaert is a Senior Research Associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). ...

dblp:journals/iacr/MassartS19 fatcat:uptyskemy5bqnpuzktgqe3bknu

Trilateration has recently become one of the well-known threat models to the user's location privacy in location-based applications (aka: location-based services or LBS), especially those containing highly ... and Grindr. ... Additionally, we introduce a side channel attack fashion that can be conducted due to current design of Jack'd. ...

arXiv:1604.07850v1 fatcat:ztf7ewqa4refrbwr64tzgxzrqq

Multiple Versions

Since APs are often named after the location, business, or affiliation of the host, an attacker can learn about nearby users and infer social connections. ... We demonstrate how LAPWiN can be implemented by modifying a widely used network manager and evaluate the performance and achievable privacy gains. ... Whenever C revisits this area and determines that it is located in l 3 , it will probe with the SSID of A. ...

doi:10.1109/cns.2014.6997512 dblp:conf/cns/KimTNT14 fatcat:c7mmr62jh5gwxhn4mtnug4cv4y

All people rely upon water for life. Indigenous peoples are especially vulnerable to water conflicts and yet lack recognition in international water law. ... ) a proposal for the reconstruction of transboundary water law in a manner that recognizes the internationally affirmed rights of Indigenous peoples. ... It is personal, spiritual and political. It is derived from harmonious relations and exploited for domination and oppression. ...

doi:10.2139/ssrn.1997539 fatcat:g52sl73nhbahfdghm5r74khgjy

A comparison of binaural reflectograms for locations within each room were also made. ... For most measurements, no statistically significant differences were found between octave band IACC values for the two microphone locations. ... These data suggest that the auditory system is able to group vowel formants based on expected spectral location and use that for echo suppression. ...

doi:10.1121/1.406637 fatcat:qm3xseekvjgtpaucjdpbkm3o2y

The threat model mainly bases on the publicly shown distance from a targeted victim to the adversary to pinpoint the victim's location. ... Trilateration is one of the well-known threat models to the user's location privacy in location-based apps, especially those contain highly sensitive information such as dating apps. ... ACKNOWLEDGMENT This work was supported by JSPS KAKENHI Grant Number 15K00423 and the Kayamori Foundation of Informational Science Advancement. ...

doi:10.13140/rg.2.1.3584.8081 arXiv:1604.08235v1 fatcat:zdk7yium6nggfkayfskz3f2ejy

However, this research looks beyond a solely technology-based solution. For example, the ethical implications of the use of GPS data in pricing models have not been fully understood. ... This thesis also evaluates the existing and potential inferential threats and vulnerabilities to develop security and privacy recommendations for privacy-aware pricing designs for tolls and insurance. ... This concept of postpaid anonymity CcUi also l)e taken one step further by exploiting developments in the field of telematics and rechux^ costs associated with maintaining road-side toll infrastructure ...

doi:10.4018/978-1-4666-2038-4.ch024 fatcat:acymtmmblndr5hpts65nthe3pu

Prior privacy techniques for location data such as spatial cloaking techniques based on k-anonymity and best-effort algorithms do not meet both data quality and privacy requirements at the same time. ... In the first solution, we propose an uncertainty-aware path cloaking algorithm in a trustworthy privacy server that determines the release of user location updates based on tracking uncertainty and maximum ... , figure 8.9, and figure 8 .12 for the purposes of this study. ...

doi:10.7282/t3hh6kc5 fatcat:zwi4f6yjinhxbflfm3s3o25gzm

We thank Brigitte Sonderegger for the recruitment of participants, our student assistants for support in the data collection and above all, our participants for their time and willingness to take part ... The research reported is based on the "Mobility, Activity, and Social Interactions Study" (MOASIS) conducted in cooperation between the URPP "Dynamics of Healthy Aging" and the Department of Geography, ... For example, users may search locations or check the current weather of tourist spots appeared on a travel channel using smartphones or tablets. ...

doi:10.5167/uzh-127276 fatcat:pq4zj44ta5cq7gx6lhvosh75ny

The latency gap between caches and main memory has been successfully exploited for recovering sensitive input to programs, such as cryptographic keys from implementation of AES and RSA. ... At the heart of our approach is a novel technique for efficient counting of concretizations of abstract cache states that enables us to connect state-of-the-art techniques for static cache analysis and ... for his help in exploring the Ab-sInt TimingExplorer, and Daniel Bernstein, Pierre Ganty, and Andrew Myers for helpful feedback and suggestions. ...

doi:10.1007/978-3-642-31424-7_40 fatcat:7lanj2x6hvcmbba57txgmucrq4

In this paper, we demonstrate that such geolocation leakage channels are widely open in popular web applications today, including 62% of Alexa Top 100 websites. ... We also discuss whether existing defenses can effectively prevent such attacks and additional support required for a better defense deployment. ... We thank Chunwang Zhang, Hong Hu, and Shweta Shinde for their comments on an early presentation of this work. This work is supported by the Ministry of Education, Singapore under Grant No. ...

doi:10.1109/mic.2014.103 fatcat:p66nbov6tngcljbinymanr3jx4

Leakage-Resilient Pseudo-Random Functions (LR-PRFs) aim at solving this by bounding side-channel leakage to non-exploitable levels through frequent re-keying. ... Achieving side-channel resistance through Leakage Resilience (LR) is highly relevant for embedded devices where requirements of other countermeasures such as e.g. high quality random numbers are hard to ... The work presented in this contribution was supported by the German Federal Ministry of Education and Research in the project ALESSIO through grant number 16KIS0629. ...

dblp:journals/iacr/UntersteinHSSS18 fatcat:fskgry2g6fby3cvqr7oqrv7k7e

General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications ... that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study ... We would also like to thank the anonymous reviewers for their valuable feedback. ...

doi:10.1145/3372297.3417289 dblp:conf/ccs/GoktasRPBG20 fatcat:kxva6hqskbdktamnlo7d7qyflu

Co-location Detection on the Cloud [chapter]

Preserved Fulltext

All Your Location are Belong to Us: Breaking Mobile Social Networks for Automated User Location Tracking [article]

Preserved Fulltext

Revisiting Location Privacy from a Side-Channel Analysis Viewpoint (Extended Version) [article]

Preserved Fulltext

Your Neighbors Are My Spies: Location and other Privacy Concerns in Dating Apps [article]

Preserved Fulltext

Other Versions

LAPWiN: Location-aided probing for protecting user privacy in Wi-Fi networks

Preserved Fulltext

Transcending Sovereignty: Locating Indigenous Peoples in Transboundary Water Law

Preserved Fulltext

Comparisons of auditorium acoustics measurements as a function of location in halls

Preserved Fulltext

Your Neighbors Are My Spies: Location and other Privacy Concerns in GLBT-focused Location-based Dating Applications [article]

Preserved Fulltext

Location Privacy in Automotive Telematics [chapter]

Preserved Fulltext

Achieving guaranteed anonymity in time-series location data

Preserved Fulltext

Proceedings of the 13th International Conference on Location-Based Services

Preserved Fulltext

Automatic Quantification of Cache Side-Channels [chapter]

Preserved Fulltext

I Know Where You've Been: Geo-Inference Attacks via the Browser Cache

Preserved Fulltext

High-Resolution EM Attacks Against Leakage-Resilient PRFs Explained - And An Improved Construction [article]

Preserved Fulltext

Speculative Probing

Preserved Fulltext