However, such differences do not affect the way an attacker perform LLSA. Specifically, if an attacker [u.sub.A] (whose friend list [U.sub.fA] is empty) can send a fake location [l.sub.0] to the server in Step 1, he will get a response containing the passenger p around [l.sub.0] within the distance [mathematical expression not reproducible] in Step 4.
Besides NS apps, some ridesharing apps may also be vulnerable to LLSA. In ridesharing apps, there are two communication styles for the drivers to receive orders of nearby passengers.
However, for push-style ridesharing apps, it would be ineffective for the attacker to perform LLSA, because the driver can only get one (rather than all) ridesharing request at a time at any place.
We focus on the ridesharing service because it uses a pull-style communication mechanism, which is much makes it easier for us to perform LLSA.
So, we can use request forgery method similar to what is described in Section 3.2 to perform LLSA via Didi.
(i) As described above, Uber is a push-style ridesharing app, so the attacker has to register many Uber accounts for large-scale LLSA. We do not have many driver licenses to register Uber's driver accounts.
As for data leakage, if an app will leak people's geocoordinate or location with high accuracy (e.g., within 10 m) in LLSA, it has a high risk of data leakage because the attacker can get people's precise locations directly.
From the perspective of the app operator who owns all users request data, the abnormal users that may be an attacker conducting LLSA need to be detected.
In order to verify the feasibility of such anomaly detection, we collect location data of the NS app Weibo users who look for nearby strangers and meanwhile generate synthetic data simulating the behavior of an attacker conducting LLSA. The Weibo location data, consisting of 59,793,831 locations records of 526,533 unique users in the city area of a large metropolis Beijing, was collected from March 9, 2015, for 90 days.
First, the attacker conducts LLSA with random intervals t uniformly distributed between 0 and T, and we vary the values of T (e.g., from 10 seconds to 86,400 seconds with a step of 10 seconds) to simulate different attackers.
All these studies cannot fully address the privacy threat posed by LLSA, because their focus is obfuscating the locations rather than securing the communication to prevent LLSA.