基于抖音共同联系人的群体用户关系分析

乐洪舟; 何水龙; 王敬

doi:10.7544/issn1000-1239.20200779

基于抖音共同联系人的群体用户关系分析

¹(信阳师范学院计算机与信息技术学院河南信阳 464000)
²(河南省教育大数据分析与应用重点实验室(信阳师范学院) 河南信阳 464000) (yuehz@xynu.edu.cn)

基金项目: 国家自然科学基金项目(31900710)；河南省自然科学基金项目(212300410236)

详细信息

中图分类号: TP309
计量
- 文章访问数: 625
- HTML全文浏览量: 11
- PDF下载量: 256
出版历程
- 发布日期: 2022-03-31

Analysis of Group Users’ Relationship Based on TikTok Mutual Contacts

¹(School of Computer and Information Technology, Xinyang Normal University, Xinyang, Henan 464000)
²(Henan Key Laboratory of Analysis and Applications of Education Big Data(Xinyang Normal University), Xinyang, Henan 464000)

Funds: This work was supported by the National Natural Science Foundation of China (31900710) and the Natural Science Foundation of Henan Province(212300410236).

摘要

摘要: 很多流行的社交App都有展示用户之间的共同关系的功能，然而，共同关系的暴露也可能导致用户隐私安全问题的发生.以中国最知名的短视频软件抖音为研究对象，分析了其共同联系人功能存在的用户隐私泄露的安全漏洞.提出了一种针对群体用户的漏洞利用和攻击方式，该攻击方式可以达到的效果是，即使群体中某些用户设置了不允许通过手机号找到自己，攻击者仍然可以利用已知的群体用户的手机号码和群体用户之间的内在联系获得这些用户的抖音账号.攻击者在获得群体中尽可能多的用户的抖音账号后，可以对这些用户相互之间的关注信息、通信录信息、视频点赞和评论信息进行收集，并利用这些信息计算群体用户之间的关系，为发起进一步的有效攻击提供一定的辅助.提出了描述用户关系的2个指标——亲密度和群体活跃度，并给出了这2个指标的计算方法.通过对现实社会中3个真实群体的实验，验证了用户关系计算的有效性，分析了对用户所造成的安全威胁，并给出了安全防范建议.
- 抖音 /
- 共同关系 /
- 隐私泄露 /
- 安全漏洞 /
- 用户关系
Abstract: Many popular social apps have the function of showing mutual relationship between users. However, the exposure of mutual relationship may lead to the occurrence of user privacy security problems. Taking China’s most famous short video software TikTok as the research object, a privacy disclosure security vulnerability in the mutual contacts function of TikTok is analyzed. A method of vulnerability exploiting and attacking for group users is proposed. The attack effect is that even if some users are not allowed to find themselves through their mobile phone numbers by some settings, an attacker can still use the known mobile phone numbers of group users and the internal connections among group users to get these users’ TikTok accounts. After getting as many TikTok accounts of the group users as possible, attackers can collect the following, contacts, video likes and comments information among group users, and use this information to calculate users’ relationship, which can provide some assistance for launching further effective attacks. Two indexes—intimacy and group-activeness—are proposed to describe users’ relationship, and the calculation method of these two indexes is given. Through the experiment of three real groups in society, the effectiveness of user relationship calculation is verified. In the end, the security threats to users are analyzed and the security prevention suggestions are given.
- TikTok /
- mutual relationship /
- privacy disclosure /
- security vulnerability /
- user relationship

HTML全文

参考文献(0)

施引文献(28)

期刊类型引用(7)

1.	Ke SHANG，Weizhen HE，Shuai ZHANG. Review on Security Defense Technology Research in Edge Computing Environment. Chinese Journal of Electronics. 2024(01): 1-18 . 必应学术
2.	郑嘉诚，何亨，陈月佳，肖天哲. 边缘计算中基于区块链的轻量级密文访问控制方案. 计算机系统应用. 2024(04): 69-81 . 百度学术
3.	叶文慧，王金花，张文政，周宇，刘妍妍. 移动边缘计算场景下基于身份的安全认证密钥协商协议. 通信技术. 2024(04): 400-408 . 百度学术
4.	孙剑明，赵梦鑫. 边缘计算下差分隐私的应用研究综述. 计算机科学. 2024(S1): 896-904 . 百度学术
5.	常敬超，汤红波，游伟. 基于信誉反馈的边缘设备信任评估算法. 信息工程大学学报. 2024(04): 485-491 . 百度学术
6.	陈珍珠，周纯毅，苏铓，高艳松，付安民. 面向机器学习的安全外包计算研究进展. 计算机研究与发展. 2023(07): 1450-1466 . 本站查看
7.	何勇，张航宇，郭智鸿，苏桐桐，李虎，王凯乐. 基于区块链的分布式无人机数据安全模型. 计算机测量与控制. 2023(10): 153-159 . 百度学术