Institutional Repository
| bind your phone number with caution: automated user profiling through address book matching on smartphone | |
| Cheng Yao; Ying Lingyun; Jiao Sibei; Su Purui; Feng Dengguo | |
| 2013 | |
| Conference Name | 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013 |
| Source | ASIA CCS 2013 - Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security |
| Pages | 335-340 |
| Conference Date | May 8, 2013 - May 10, 2013 |
| Conference Place | Hangzhou, China |
| Indexed Type | EI |
| ISBN | 9781450317672 |
| Department | (1) Institute of Software Chinese Academy of Sciences Beijing 100190 China |
| English Abstract | Due to the cost-efficient communicating manner and attractive user experience, messenger applications have dominated every smartphone in recent years. Nowadays, Address Book Matching, a new feature that helps people keep in touch with real world contacts, has been loaded in many popular messenger applications, which unfortunately as well brings severe privacy issues to users. In this paper, we propose a novel method to abuse such feature to automatically collect user profiles. This method can be applied to any application equipped with Address Book Matching independent of mobile platforms. We also build a prototype on Android to verify the effectiveness of our method. Moreover, we integrate profiles gathered from different messenger applications and provide insights by performing a consistency and authenticity analysis on user profile fields. As our experiments show, the abuse of Address Book Matching can cause severe user privacy leakage. Finally, we provide some countermeasures for developers to avoid this issue when designing messenger applications. © 2013 ACM.; Due to the cost-efficient communicating manner and attractive user experience, messenger applications have dominated every smartphone in recent years. Nowadays, Address Book Matching, a new feature that helps people keep in touch with real world contacts, has been loaded in many popular messenger applications, which unfortunately as well brings severe privacy issues to users. In this paper, we propose a novel method to abuse such feature to automatically collect user profiles. This method can be applied to any application equipped with Address Book Matching independent of mobile platforms. We also build a prototype on Android to verify the effectiveness of our method. Moreover, we integrate profiles gathered from different messenger applications and provide insights by performing a consistency and authenticity analysis on user profile fields. As our experiments show, the abuse of Address Book Matching can cause severe user privacy leakage. Finally, we provide some countermeasures for developers to avoid this issue when designing messenger applications. © 2013 ACM. |
| Keyword | Data Privacy Signal Encoding Smartphones |
| Sponsorship | ACM SIGSAC; Hangzhou Normal University; Shanghai Jiaotong University |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/15978 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Cheng Yao,Ying Lingyun,Jiao Sibei,et al. bind your phone number with caution: automated user profiling through address book matching on smartphone[C],2013:335-340. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment