Advertisement

Analysis of Privacy and Security Exposure in Mobile Dating Applications

  • Constantinos PatsakisEmail author
  • Athanasios Zigomitros
  • Agusti Solanas
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9395)

Abstract

Millions of people around the globe try to find their other half using Information and Communication Technologies. Although this goal could be partially sought in social networks, specialized applications have been developed for this very purpose. Dating applications and more precisely mobile dating applications are experiencing a continuous growth in the number of registered users worldwide. Thanks to the GPS and other sensors embedded in off-the-shelves mobile devices, dating mobile apps can provide location aware content, not only about the surroundings, but also about nearby users. Even if these applications have millions of registered users, it can hardly be said that they are using the best standards of security and privacy protection.

In this work we study some of the major dating applications and we report some of the risks to which their users are exposed to. Our findings indicate that a malicious user could easily obtain significant amounts of fine-grained personal information about users.

Keywords

User profiling Location privacy Online social networks Security and privacy exposure 

Notes

Acknowledgments

This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and is based upon work from COST Action CRYPTACUS, supported by COST (European Cooperation in Science and Technology).

Dr. Solanas is partly funded by La Caixa Foundation through project “SIMPATIC” RECERCAIXA’12, by the Government of Catalonia under grant 2014 SGR 537, and by the Spanish Ministry of Economy and Competitiveness under project “Co-Privacy”, TIN2011-27076-C03-01.

References

  1. 1.
    Cenzic, Application vulnerability trends report, Technical report (2014). http://www.cenzic.com/downloads/Cenzic_Vulnerability_Report_2014.pdf
  2. 2.
    Grace, M.C., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock android smartphones. In: 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, 5–8 February 2012Google Scholar
  3. 3.
    Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: Pscout: analyzing the android permission specification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 217–228. ACM (2012)Google Scholar
  4. 4.
    Beresford, A.R., Rice, A., Skehin, N., Sohan, R.: Mockdroid: trading privacy for application functionality on smartphones. In: Proceedings of the 12th Workshop on Mobile Computing Systems and Applications, pp. 49–54. ACM (2011)Google Scholar
  5. 5.
    Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on Android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  6. 6.
    Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information flow tracking system for real-time privacy monitoring on smartphones. Commun. ACM 57(3), 99–106 (2014)CrossRefGoogle Scholar
  7. 7.
    Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 21. USENIX Association, Berkeley (2011). http://dl.acm.org/citation.cfm?id=2028067.2028088
  8. 8.
    Egele, M., Kruegel, C., Kirda, E., Vigna, G.: Pios: detecting privacy leaks in iOS applications. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2011. The Internet Society, San Diego, 6th–9th February 2011Google Scholar
  9. 9.
    Wetherall, D., Choffnes, D., Greenstein, B., Han, S., Hornyack, P., Jung, J., Schechter, S., Wang, X.: Privacy revelations for web and mobile apps, p. 21 (2011)Google Scholar
  10. 10.
    Burattin, A., Cascavilla, G., Conti, M.: Socialspy: browsing (supposedly) hidden information in online social networks, CoRR abs/1406.3216. http://arxiv.org/abs/1406.3216
  11. 11.
    Qin, G., Patsakis, C., Bouroche, M.: Playing hide and seek with mobile dating applications. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IFIP AICT, vol. 428, pp. 185–196. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  12. 12.
    Narayanan, A., Thiagarajan, N., Lakhani, M., Hamburg, M., Boneh, D.: Location privacy via private proximity testing. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2011. The Internet Society, San Diego, 6th–9th February 2011Google Scholar
  13. 13.
    Fahl, S., Harbach, M., Muders, T., Baumgärtner, L., Freisleben, B., Smith, M.: Why eve and mallory love android: an analysis of android SSL (in)security. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 50–61. ACM, New York (2012)Google Scholar
  14. 14.
    Patsakis, C., Zigomitros, A., Papageorgiou, A., Solanas, A.: Privacy and security for multimedia content shared on OSNs: issues and countermeasures. Comput. J. 58, 518–535 (2015). doi: 10.1093/comjnl/bxu066 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Constantinos Patsakis
    • 1
    Email author
  • Athanasios Zigomitros
    • 1
  • Agusti Solanas
    • 2
  1. 1.Department of InformaticsUniversity of PiraeusPiraeusGreece
  2. 2.Smart Health Research Group, Department of Computer Engineering and MathematicsUniversitat Rovira i VirgiliCataloniaSpain

Personalised recommendations