(2020) ≪ I Know Where You Parked Last Summer ≫ Automated Reverse Engineering and Privacy Analysis of Modern Cars.
Abstract
Nowadays, cars are equipped with hundreds of sensors and dozens of computers that process data. Unfortunately, due to the very secret nature of the automotive industry, there is no official nor objective source of information as to what data exactly their vehicles collect. Anecdotal evidence suggests that OEMs are collecting huge amounts of personal data about their drivers, which they suddenly reveal when requested in court. In this paper, we present our tool AutoCAN for privacy and security analysis of cars that reveals what data cars collect by tapping into in-vehicle networks and extracting time series of data and automatically making sense of them by establishing relationships based on laws of physics. These algorithms work irrespective of make, model or used protocols. Our results show that car makers track the GPS position, the number of occupants, their weight, usage statistics of doors, lights, and AC. We also reveal that OEMs embed functions to remotely disable the car or get an alert when the driver is speeding.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Unspecified |
| Conference: | SP IEEE Symposium on Security and Privacy |
| Depositing User: | Stefan Nürnberger |
| Date Deposited: | 27 Feb 2020 13:07 |
| Last Modified: | 27 Feb 2020 13:07 |
| Primary Research Area: | NRA3: Threat Detection and Defenses |
| URI: | https://publications.cispa.saarland/id/eprint/3025 |
Actions
Actions (login required)
 |
View Item |