基于抖音共同联系人的群体用户关系分析

乐洪舟; 何水龙; 王敬

doi:10.7544/issn1000-1239.20200779

基于抖音共同联系人的群体用户关系分析

¹(信阳师范学院计算机与信息技术学院河南信阳 464000)
²(河南省教育大数据分析与应用重点实验室(信阳师范学院) 河南信阳 464000) (yuehz@xynu.edu.cn)

基金项目: 国家自然科学基金项目(31900710)；河南省自然科学基金项目(212300410236)

详细信息

中图分类号: TP309
计量
- 文章访问数: 622
- HTML全文浏览量: 11
- PDF下载量: 256
出版历程
- 发布日期: 2022-03-31

Analysis of Group Users’ Relationship Based on TikTok Mutual Contacts

¹(School of Computer and Information Technology, Xinyang Normal University, Xinyang, Henan 464000)
²(Henan Key Laboratory of Analysis and Applications of Education Big Data(Xinyang Normal University), Xinyang, Henan 464000)

Funds: This work was supported by the National Natural Science Foundation of China (31900710) and the Natural Science Foundation of Henan Province(212300410236).

摘要

摘要: 很多流行的社交App都有展示用户之间的共同关系的功能，然而，共同关系的暴露也可能导致用户隐私安全问题的发生.以中国最知名的短视频软件抖音为研究对象，分析了其共同联系人功能存在的用户隐私泄露的安全漏洞.提出了一种针对群体用户的漏洞利用和攻击方式，该攻击方式可以达到的效果是，即使群体中某些用户设置了不允许通过手机号找到自己，攻击者仍然可以利用已知的群体用户的手机号码和群体用户之间的内在联系获得这些用户的抖音账号.攻击者在获得群体中尽可能多的用户的抖音账号后，可以对这些用户相互之间的关注信息、通信录信息、视频点赞和评论信息进行收集，并利用这些信息计算群体用户之间的关系，为发起进一步的有效攻击提供一定的辅助.提出了描述用户关系的2个指标——亲密度和群体活跃度，并给出了这2个指标的计算方法.通过对现实社会中3个真实群体的实验，验证了用户关系计算的有效性，分析了对用户所造成的安全威胁，并给出了安全防范建议.
- 抖音 /
- 共同关系 /
- 隐私泄露 /
- 安全漏洞 /
- 用户关系
Abstract: Many popular social apps have the function of showing mutual relationship between users. However, the exposure of mutual relationship may lead to the occurrence of user privacy security problems. Taking China’s most famous short video software TikTok as the research object, a privacy disclosure security vulnerability in the mutual contacts function of TikTok is analyzed. A method of vulnerability exploiting and attacking for group users is proposed. The attack effect is that even if some users are not allowed to find themselves through their mobile phone numbers by some settings, an attacker can still use the known mobile phone numbers of group users and the internal connections among group users to get these users’ TikTok accounts. After getting as many TikTok accounts of the group users as possible, attackers can collect the following, contacts, video likes and comments information among group users, and use this information to calculate users’ relationship, which can provide some assistance for launching further effective attacks. Two indexes—intimacy and group-activeness—are proposed to describe users’ relationship, and the calculation method of these two indexes is given. Through the experiment of three real groups in society, the effectiveness of user relationship calculation is verified. In the end, the security threats to users are analyzed and the security prevention suggestions are given.
- TikTok /
- mutual relationship /
- privacy disclosure /
- security vulnerability /
- user relationship

HTML全文

参考文献(0)

施引文献(14)

期刊类型引用(7)

1.	董贤光，孙艳玲，代燕杰，邢宇，翟晓卉，孙凯，吕玉超，吴强，刘琚. 面向电能表检定流水线的轻量化目标检测算法. 数据采集与处理. 2025(02): 545-560 . 百度学术
2.	胡峻峰，李柏聪，朱昊，黄晓文. 改进YOLOv8的轻量化无人机目标检测算法. 计算机工程与应用. 2024(08): 182-191 . 百度学术
3.	孙雨含，朱振华，安宏宇，薛珊. 基于YOLOv5l＿CA的无人机目标检测算法. 长春理工大学学报(自然科学版). 2024(04): 55-60 . 百度学术
4.	井庆龙，闵永智，李成学. 融合贝叶斯优化的轨面缺陷检测模型压缩方法. 兰州交通大学学报. 2024(05): 130-138 . 百度学术
5.	孙仁科，营鹏，李仲年，许新征. 基于轻量化SSD的弱小目标检测. 计算机仿真. 2024(10): 355-361 . 百度学术
6.	廖威，李光辉，代成龙，张飞飞. 引入余弦空间相关性的两阶段滤波器剪枝. 中国图象图形学报. 2024(12): 3628-3643 . 百度学术
7.	崔令飞，郭永红，修全发，史超，张硕阳. 基于国产嵌入式智能计算平台的无人机检测方法. 兵工学报. 2022(S1): 146-154 . 百度学术