Yue Hongzhou, He Shuilong, Wang Jing. Analysis of Group Users’ Relationship Based on TikTok Mutual Contacts[J]. Journal of Computer Research and Development, 2022, 59(4): 796-812. DOI: 10.7544/issn1000-1239.20200779
Citation:
Yue Hongzhou, He Shuilong, Wang Jing. Analysis of Group Users’ Relationship Based on TikTok Mutual Contacts[J]. Journal of Computer Research and Development, 2022, 59(4): 796-812. DOI: 10.7544/issn1000-1239.20200779
Yue Hongzhou, He Shuilong, Wang Jing. Analysis of Group Users’ Relationship Based on TikTok Mutual Contacts[J]. Journal of Computer Research and Development, 2022, 59(4): 796-812. DOI: 10.7544/issn1000-1239.20200779
Citation:
Yue Hongzhou, He Shuilong, Wang Jing. Analysis of Group Users’ Relationship Based on TikTok Mutual Contacts[J]. Journal of Computer Research and Development, 2022, 59(4): 796-812. DOI: 10.7544/issn1000-1239.20200779
1(School of Computer and Information Technology, Xinyang Normal University, Xinyang, Henan 464000)
2(Henan Key Laboratory of Analysis and Applications of Education Big Data(Xinyang Normal University), Xinyang, Henan 464000)
Funds: This work was supported by the National Natural Science Foundation of China (31900710) and the Natural Science Foundation of Henan Province(212300410236).
Many popular social apps have the function of showing mutual relationship between users. However, the exposure of mutual relationship may lead to the occurrence of user privacy security problems. Taking China’s most famous short video software TikTok as the research object, a privacy disclosure security vulnerability in the mutual contacts function of TikTok is analyzed. A method of vulnerability exploiting and attacking for group users is proposed. The attack effect is that even if some users are not allowed to find themselves through their mobile phone numbers by some settings, an attacker can still use the known mobile phone numbers of group users and the internal connections among group users to get these users’ TikTok accounts. After getting as many TikTok accounts of the group users as possible, attackers can collect the following, contacts, video likes and comments information among group users, and use this information to calculate users’ relationship, which can provide some assistance for launching further effective attacks. Two indexes—intimacy and group-activeness—are proposed to describe users’ relationship, and the calculation method of these two indexes is given. Through the experiment of three real groups in society, the effectiveness of user relationship calculation is verified. In the end, the security threats to users are analyzed and the security prevention suggestions are given.