The k-nearest neighbor query (kNNQ) is a core component of modern location-based services (LBS) and has been widely adopted in popular features such as ``people nearby''. However, its potential privacy risks have long been overlooked. In this work, we present the first two attacks against kNNQ, namely the geometric intersection location inference attack (GI-LIA) and the zero-order optimization location inference attack (ZO-LIA), revealing the inherent location privacy risks posed by kNNQ. To mitigate these privacy risks, we further propose DPRS, a differential privacy framework for kNNQ protection. The core idea of DPRS is to incorporate a rejection sampling mechanism within a constrained perturbation interval, thereby mitigating the distance distortion caused by excessive noise injection. In addition, we design a private interval construction algorithm to construct the perturbation interval, enabling the rejection sampling mechanism to achieve a more favorable trade-off between privacy protection and query utility in kNNQ. Extensive experiments on real-world spatial datasets demonstrate that DPRS outperforms existing methods in both privacy protection and query utility. Our code is available at https://github.com/reanatom/DPRS.

翻译：K最近邻查询（kNNQ）是现代基于位置服务（LBS）的核心组件，已被广泛应用于"附近的人"等流行功能中。然而，其潜在隐私风险长期以来一直被忽视。本文首次提出针对kNNQ的两种攻击方法，即几何交集位置推断攻击（GI-LIA）和零阶优化位置推断攻击（ZO-LIA），揭示了kNNQ固有的位置隐私风险。为缓解这些隐私风险，我们进一步提出DPRS，一种针对kNNQ保护的差分隐私框架。DPRS的核心思想是在受限扰动区间内引入拒绝采样机制，从而减轻过量噪声注入导致的距离扭曲。此外，我们设计了一种私有区间构建算法来构建扰动区间，使拒绝采样机制能够在kNNQ中实现隐私保护与查询效用之间更优的权衡。在真实空间数据集上的大量实验表明，DPRS在隐私保护和查询效用方面均优于现有方法。我们的代码可在https://github.com/reanatom/DPRS获取。