This study addresses the vulnerability of k-nearest neighbor queries (kNNQ) in location-based services to location inference attacks, which can lead to severe user privacy breaches. The work is the first to expose this risk and introduces two novel attack strategies—GI-LIA and ZO-LIA—to systematically evaluate the fragility of existing privacy-preserving mechanisms. To mitigate this threat, the authors propose DPRS, a differentially private framework that innovatively integrates constrained perturbation intervals with a rejection sampling mechanism, effectively reducing distance distortion while providing rigorous privacy guarantees. Experimental results on real-world spatial datasets demonstrate that DPRS significantly outperforms state-of-the-art approaches, achieving a superior trade-off between privacy protection strength and query utility.

The k-nearest neighbor query (kNNQ) is a core component of modern location-based services (LBS) and has been widely adopted in popular features such as ``people nearby''. However, its potential privacy risks have long been overlooked. In this work, we present the first two attacks against kNNQ, namely the geometric intersection location inference attack (GI-LIA) and the zero-order optimization location inference attack (ZO-LIA), revealing the inherent location privacy risks posed by kNNQ. To mitigate these privacy risks, we further propose DPRS, a differential privacy framework for kNNQ protection. The core idea of DPRS is to incorporate a rejection sampling mechanism within a constrained perturbation interval, thereby mitigating the distance distortion caused by excessive noise injection. In addition, we design a private interval construction algorithm to construct the perturbation interval, enabling the rejection sampling mechanism to achieve a more favorable trade-off between privacy protection and query utility in kNNQ. Extensive experiments on real-world spatial datasets demonstrate that DPRS outperforms existing methods in both privacy protection and query utility. Our code is available at https://github.com/reanatom/DPRS.