Peifu Yang,Yuhong Nan,Lei Xue,Yuliang Zhang,Juan Zhai,Zibin Zheng

DOI: https://doi.org/10.1109/jiot.2024.3432778

2024-01-01

Abstract:The rapid advancement of intelligent connected vehicles (ICVs) in the automotive sector has significantly intensified security and privacy issues. Particularly, the previous studies have indicated that the ICV users (owners) are deeply concerned about the extensive data gathered by these vehicles. However, current research into vehicle security predominantly concentrates on the analysis and discussion of sensitive data from ICVs of specific brands or models. There is a notable lack of studies that conduct a comprehensive, large-scale investigation into the sensitive data collected by ICVs and assess the privacy implications of such data collection. In this article, we undertake an extensive investigation to comprehend the privacy risks associated with Internet-connected vehicles (ICVs) through their companion mobile apps. To accomplish this, we have devised a semi-automatic pipeline leveraging program analysis and large language model (LLM) to identify and track sensitive data across these apps. Specifically, we begin by constructing a detailed knowledge base of ICV sensitive data extracted from the privacy policies of companion apps. Subsequently, we conduct static analysis on the car companion apps, pinpointing instances of sensitive data usage within the app code and analysing their potential privacy risks. Our analysis, covering 401 car companion apps spanning 271 unique vehicle brands, unveils several noteworthy findings concerning the usage of user sensitive data in the ICV ecosystem. For instance, various entities within the ICV ecosystem collect a wide array of sensitive data, including brake status, passenger occupancy, and insurance details. Alarmingly, we discover that 37.91% of car companion apps fail to adequately disclose their data usage practices. Moreover, we observe extensive involvement of entities beyond vehicle manufacturers in the handling of vehicle sensitive data, including data analytics companies, charging service providers, and cloud service vendors.

Ishtiaq Rouf,Robert D. Miller,Hossen A. Mustafa,Travis Taylor,Sangho Oh,Wenyuan Xu,Marco Gruteser,Wade Trappe,Ivan Seskar

2010-01-01

Abstract:Wireless networks are being integrated into the modern automobile. The security and privacy implications of such in-car networks, however, have are not well understood as their transmissions propagate beyond the confines of a car's body. To understand the risks associated with these wireless systems, this paper presents a privacy and security evaluation of wireless Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system. We show that eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle. Further, reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers. Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages. We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle. Finally, the paper concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems and other forthcoming in-car wireless sensor networks.

Weili Han,Chang Cao,Hao Chen,Dong Li,Zheran Fang,Wenyuan Xu,X. Sean Wang

DOI: https://doi.org/10.1109/tdsc.2017.2768536

2020-01-01

Abstract:Sensors are widely used in modern mobile devices (e.g., smartphones, watches) and may gather abundant information from environments as well as about users, e.g., photos, sounds and locations. The rich set of sensor data enables various applications (e.g., health monitoring) and personalized apps as well. However, the powerful sensing abilities provide opportunities for attackers to steal both personal sensitive data and commercial secrets like never before. Unfortunately, the current design of smart devices only provides a coarse access control on sensors and does not have the capability to audit sensing. We argue that knowing how often the sensors are accessed and how much sensor data are collected is the first-line defense against sensor data breach. Such an ability is yet to be designed. In this paper, we propose a framework that allows users to acquire sensor data usages. In particular, we leverage a hook-based track method to track sensor accesses. Thus, with no need to change the source codes of the Android system and applications, we can intercept sensing operations to graphic sensors, audio sensors, location sensors, and standard sensors, and audit them from four aspects: flow audit, frequency audit, duration audit and invoker audit. Then, we implement a prototype, referred to as senDroid, which visually shows the quantitative usages of these sensors in real time at a performance overhead of [0.04-8.05] percent. senDroid allows Android users to audit the applications even when they bypass the Android framework via JNI invocations or when the malicious codes are dynamically loaded from the server side. Our empirical study on 1,489 popular apps in three well-known Android app markets shows that 26.32 percent apps access sensors when the apps are launched, and 11.01 percent apps access sensors while the apps run in the background. Furthermore, we analyze the relevance between sensor usage patterns and third-party libraries, and reverse-engineering on suspicious third-party libraries shows that 77.27 percent apps access sensors via third-party libraries. Our results call attentions to address the users' privacy concerns caused by sensor access.

Haoyu Liu,Paul Patras,Douglas J Leith

DOI: https://doi.org/10.1371/journal.pone.0279942

IF: 3.7

2023-01-18

PLoS ONE

Abstract:In this paper we present the first in-depth measurement study looking at the data privacy practices of the proprietary variants of the Android OS produced by Samsung, Xiaomi, Huawei and Realme. We address two questions: how are identifiers used in network connections and what types of data are transmitted. To answer these, we decrypt and decode the network traffic transmitted by a range of Android handsets. We find that all of the OEMs make undue use of long-lived hardware identifiers such as the hardware serial number, handset IMEI and so fail to follow best privacy practice. Hardware identifiers are also linked to the handset user's real identity when they sign in to an OEM account on the handset. All of the OEMs collect the list of apps installed in a handset. This is a privacy concern since the list of installed apps can be used to profile user traits and preferences. All of the OEMs collect analytics/telemetry data, raising obvious privacy concerns.

Jennifer Dukarski,

DOI: https://doi.org/10.4271/epr2021019

2021-09-13

Abstract:Modern automobiles collect around 25 gigabytes of data per hour and autonomous vehicles are expected to generate more than 100 times that number. In comparison, the Apollo Guidance Computer assisting in the moon launches had only a 32-kilobtye hard disk. Without question, the breadth of in-vehicle data has opened new possibilities and challenges. The potential for accessing this data has led many entrepreneurs to claim that data is more valuable than even the vehicle itself. These intrepid data-miners seek to explore business opportunities in predictive maintenance, pay-as-you-drive features, and infrastructure services. Yet, the use of data comes with inherent challenges: accessibility, ownership, security, and privacy. Unsettled Legal Issues Facing Data in Autonomous, Connected, Electric, and Shared Vehicles examines some of the pressing questions on the minds of both industry and consumers. Who owns the data and how can it be used? What are the regulatory regimes that impact vehicular data use? Is the US close to harmonizing with other nations in the automotive data privacy? And will the risks of hackers lead to the “zombie car apocalypse” or to another avenue for ransomware? This report explores a number of these legal challenges and the unsettled aspects that arise in the world of automotive data

Giampaolo Bella,Pietro Biondi,Marco De Vincenzi,Giuseppe Tudisco

DOI: https://doi.org/10.48550/arXiv.2111.12027

2021-11-20

Cryptography and Security

Abstract:Modern cars technologies are evolving quickly. They collect a variety of personal data and treat it on behalf of the car manufacturer to improve the drivers' experience. The precise terms of such a treatment are stated within the privacy policies accepted by the user when buying a car or through the infotainment system when it is first started. This paper uses a double lens to assess people's privacy while they drive a car. The first approach is objective and studies the readability of privacy policies that comes with cars. We analyse the privacy policies of twelve car brands and apply well-known readability indices to evaluate the extent to which privacy policies are comprehensible by all drivers. The second approach targets drivers' opinions to extrapolate their privacy concerns and trust perceptions. We design a questionnaire to collect the opinions of 88 participants and draw essential statistics about them. Our combined findings indicate that privacy is insufficiently understood at present as an issue deriving from driving a car, hence future technologies should be tailored to make people more aware of the issue and to enable them to express their preferences.

Mark Quinlan,Jun Zhao,Andrew Simpson

DOI: https://doi.org/10.48550/arXiv.2207.06182

2022-07-13

Cryptography and Security

Abstract:Just as the world of consumer devices was forever changed by the introduction of computer controlled solutions, the introduction of the engine control unit (ECU) gave rise to the automobile's transformation from a transportation product to a technology platform. A modern car is capable of processing, analysing and transmitting data in ways that could not have been foreseen only a few years ago. These cars often incorporate telematics systems, which are used to provide navigation and internet connectivity over cellular networks, as well as data-recording devices for insurance and product development purposes. We examine the telematics system of a production vehicle, and aim to ascertain some of the associated privacy-related threats. We also consider how this analysis might underpin further research.

Abdul Moiz,Manar H. Alalfi

DOI: https://doi.org/10.48550/arXiv.2011.04066

2020-11-09

Abstract:The advancements in the digitization world has revolutionized the automotive industry. Today's modern cars are equipped with internet, computers that can provide autonomous driving functionalities as well as infotainment systems that can run mobile operating systems, like Android Auto and Apple CarPlay. Android Automotive is Google's android operating system tailored to run natively on vehicle's infotainment systems, it allows third party apps to be installed and run on vehicle's infotainment systems. Such apps may raise security concerns related to user's safety, security and privacy. This paper investigates security concerns of in-vehicle apps, specifically, those related to inter component communication (ICC) among these apps. ICC allows apps to share information via inter or intra apps components through a messaging object called intent. In case of insecure communication, Intent can be hijacked or spoofed by malicious apps and user's sensitive information can be leaked to hacker's database. We investigate the attack surface and vulnerabilities in these apps and provide a static analysis approach and a tool to find data leakage vulnerabilities. The approach can also provide hints to mitigate these leaks. We evaluate our approach by analyzing a set of Android Auto apps downloaded from Google Play store, and we report our validated results on vulnerabilities identified on those apps.

Cryptography and Security,Software Engineering

Shah Khalid Khan,Nirajan Shiwakoti,Peter Stasinopoulos,Yilun Chen,Matthew Warren

DOI: https://doi.org/10.1016/j.trip.2024.101084

2024-01-01

Transportation Research Interdisciplinary Perspectives

Abstract:No study has systematically investigated the public's perceptions of cybersecurity regulation, data generated by Autonomous Vehicles (AVs), and their relationship with the acceptance of AVs. To fill this knowledge gap, we conducted an exploratory study on public perceptions of cybersecurity regulation and consumer data in AVs acceptance by surveying nationally representative individuals from four OECD countries (US, UK, Australia, and New Zealand). A total of 2062 responses collected from the survey underwent Exploratory Factor Analysis (EFA) to examine constructs such as Cybersecurity Regulation, Data Sharing, Data Usage, Data Concerns, and intention to use AVs. Correlation analysis further explored the relationships between these constructs, while Mann-Whitney U and Kruskal-Wallis H tests assessed the significance of differences across participant groups.The empirical findings indicate that 80% of respondents agreed on the necessity of cybersecurity regulation for AV operations, with 67% perceiving it as a means to enhance AV safety. Surprisingly, 66% supported cybersecurity regulation despite the potential risk of exposing their personal information. Individuals who are more willing to share AV data also expressed a higher likelihood of using AVs. Furthermore, those who agreed more with cybersecurity regulations were more inclined to be compensated for their data transmission while expressing concerns about data storage and processing. Moreover, around 53% of participants feel they should be compensated for sharing their AV data, with 68% expressing concern about AVs' data storage and processing and 71% supporting the destruction of AV data post-sale. Regarding data privacy concerns, “In-vehicle Private Conversation” draws notable attention, rated very important or extremely important by 64% of the participants. The findings highlight the importance of cybersecurity regulation, data sharing, and data concerns in shaping individuals' intentions to use AVs, as well as the influence of socio-technological attributes.

Chulin Xie,Zhong Cao,Yunhui Long,Diange Yang,Ding Zhao,Bo Li

DOI: https://doi.org/10.48550/arXiv.2209.04022

2022-09-09

Abstract:Recent advances in machine learning have enabled its wide application in different domains, and one of the most exciting applications is autonomous vehicles (AVs), which have encouraged the development of a number of ML algorithms from perception to prediction to planning. However, training AVs usually requires a large amount of training data collected from different driving environments (e.g., cities) as well as different types of personal information (e.g., working hours and routes). Such collected large data, treated as the new oil for ML in the data-centric AI era, usually contains a large amount of privacy-sensitive information which is hard to remove or even audit. Although existing privacy protection approaches have achieved certain theoretical and empirical success, there is still a gap when applying them to real-world applications such as autonomous vehicles. For instance, when training AVs, not only can individually identifiable information reveal privacy-sensitive information, but also population-level information such as road construction within a city, and proprietary-level commercial secrets of AVs. Thus, it is critical to revisit the frontier of privacy risks and corresponding protection approaches in AVs to bridge this gap. Following this goal, in this work, we provide a new taxonomy for privacy risks and protection methods in AVs, and we categorize privacy in AVs into three levels: individual, population, and proprietary. We explicitly list out recent challenges to protect each of these levels of privacy, summarize existing solutions to these challenges, discuss the lessons and conclusions, and provide potential future directions and opportunities for both researchers and practitioners. We believe this work will help to shape the privacy research in AV and guide the privacy protection technology design.

Artificial Intelligence

Haoyu Liu,Douglas J. Leith,Paul Patras

DOI: https://doi.org/10.48550/arXiv.2302.01890

2023-02-04

Abstract:China is currently the country with the largest number of Android smartphone users. We use a combination of static and dynamic code analysis techniques to study the data transmitted by the preinstalled system apps on Android smartphones from three of the most popular vendors in China. We find that an alarming number of preinstalled system, vendor and third-party apps are granted dangerous privileges. Through traffic analysis, we find these packages transmit to many third-party domains privacy sensitive information related to the user's device (persistent identifiers), geolocation (GPS coordinates, network-related identifiers), user profile (phone number, app usage) and social relationships (e.g., call history), without consent or even notification. This poses serious deanonymization and tracking risks that extend outside China when the user leaves the country, and calls for a more rigorous enforcement of the recently adopted data privacy legislation.

Cryptography and Security

Giampaolo Bella,Pietro Biondi,Giuseppe Tudisco

DOI: https://doi.org/10.48550/arXiv.2111.15467

2021-11-20

Cryptography and Security

Abstract:Modern cars are evolving in many ways. Technologies such as infotainment systems and companion mobile applications collect a variety of personal data from drivers to enhance the user experience. This paper investigates the extent to which car drivers understand the implications for their privacy, including that car manufacturers must treat that data in compliance with the relevant regulations. It does so by distilling out drivers' concerns on privacy and relating them to their perceptions of trust on car cyber-security. A questionnaire is designed for such purposes to collect answers from a set of 1101 participants, so that the results are statistically relevant. In short, privacy concerns are modest, perhaps because there still is insufficient general awareness on the personal data that are involved, both for in-vehicle treatment and for transmission over the Internet. Trust perceptions on cyber-security are modest too (lower than those on car safety), a surprising contradiction to our research hypothesis that privacy concerns and trust perceptions on car cyber-security are opponent. We interpret this as a clear demand for information and awareness-building campaigns for car drivers, as well as for technical cyber-security and privacy measures that are truly considerate of the human factor.

Giampaolo Bella,Pietro Biondi,Giuseppe Tudisco

DOI: https://doi.org/10.1007/s42154-022-00203-2

2023-01-06

Automotive Innovation

Abstract:Abstract The advanced and personalised experience that modern cars offer makes them more and more data-hungry. For example, the cabin preferences of the possible drivers must be recorded and associated to some identity, while such data could be exploited to deduce sensitive information about the driver’s health. Therefore, drivers’ privacy must be taken seriously, requiring a dedicated risk assessment framework, as presented in this paper through a double assessment combining the asset-oriented ISO approach with the threat-oriented STRIDE approach. The framework is tailored to the level of specific car brand and demonstrated on the ten top-selling brands as well as, due to its innovative character, Tesla. The two approaches yield different, but complementary findings, demonstrating the additional insights gained through their parallel adoption.

engineering, mechanical, electrical & electronic,transportation science & technology

Haiyue Yuan,Ali Raza,Nikolay Matyunin,Jibesh Patra,Shujun Li

2024-10-30

Abstract:The development of technologies has prompted a paradigm shift in the automotive industry, with an increasing focus on connected services and autonomous driving capabilities. This transformation allows vehicles to collect and share vast amounts of vehicle-specific and personal data. While these technological advancements offer enhanced user experiences, they also raise privacy concerns. To understand the ecosystem of data collection and sharing in modern vehicles, we adopted the ontology 101 methodology to incorporate information extracted from different sources, including analysis of privacy policies using GPT-4, a small-scale systematic literature review, and an existing ontology, to develop a high-level conceptual graph-based model, aiming to get insights into how modern vehicles handle data exchange among different parties. This serves as a foundational model with the flexibility and scalability to further expand for modelling and analysing data sharing practices across diverse contexts. Two realistic examples were developed to demonstrate the usefulness and effectiveness of discovering insights into privacy regarding vehicle-related data sharing. We also recommend several future research directions, such as exploring advanced ontology languages for reasoning tasks, supporting topological analysis for discovering data privacy risks/concerns, and developing useful tools for comparative analysis, to strengthen the understanding of the vehicle-centric data sharing ecosystem.

Social and Information Networks,Computers and Society

Miro Enev,Alex Takakuwa,Karl Koscher,Tadayoshi Kohno

DOI: https://doi.org/10.1515/popets-2015-0029

2015-09-08

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract Today’s automobiles leverage powerful sensors and embedded computers to optimize efficiency, safety, and driver engagement. However the complexity of possible inferences using in-car sensor data is not well understood. While we do not know of attempts by automotive manufacturers or makers of after-market components (like insurance dongles) to violate privacy, a key question we ask is: could they (or their collection and later accidental leaks of data) violate a driver’s privacy? In the present study, we experimentally investigate the potential to identify individuals using sensor data snippets of their natural driving behavior. More specifically we record the in-vehicle sensor data on the controllerarea- network (CAN) of a typical modern vehicle (popular 2009 sedan) as each of 15 participants (a) performed a series of maneuvers in an isolated parking lot, and (b) drove the vehicle in traffic along a defined ~ 50 mile loop through the Seattle metropolitan area. We then split the data into training and testing sets, train an ensemble of classifiers, and evaluate identification accuracy of test data queries by looking at the highest voted candidate when considering all possible one-vs-one comparisons. Our results indicate that, at least among small sets, drivers are indeed distinguishable using only incar sensors. In particular, we find that it is possible to differentiate our 15 drivers with 100% accuracy when training with all of the available sensors using 90% of driving data from each person. Furthermore, it is possible to reach high identification rates using less than 8 minutes of training data. When more training data is available it is possible to reach very high identification using only a single sensor (e.g., the brake pedal). As an extension, we also demonstrate the feasibility of performing driver identification across multiple days of data collection

Davide Caputo,Francesco Pagano,Giovanni Bottino,Luca Verderame,Alessio Merlo

DOI: https://doi.org/10.1109/TDSC.2022.3146020

2022-01-30

Abstract:Mobile applications (hereafter, apps) collect a plethora of information regarding the user behavior and his device through third-party analytics libraries. However, the collection and usage of such data raised several privacy concerns, mainly because the end-user - i.e., the actual owner of the data - is out of the loop in this collection process. Also, the existing privacy-enhanced solutions that emerged in the last years follow an "all or nothing" approach, leaving the user the sole option to accept or completely deny the access to privacy-related data. This work has the two-fold objective of assessing the privacy implications on the usage of analytics libraries in mobile apps and proposing a data anonymization methodology that enables a trade-off between the utility and privacy of the collected data and gives the user complete control over the sharing process. To achieve that, we present an empirical privacy assessment on the analytics libraries contained in the 4500 most-used Android apps of the Google Play Store between November 2020 and January 2021. Then, we propose an empowered anonymization methodology, based on MobHide, that gives the end-user complete control over the collection and anonymization process. Finally, we empirically demonstrate the applicability and effectiveness of such anonymization methodology thanks to HideDroid, a fully-fledged anonymization app for the Android ecosystem.

Cryptography and Security

Hong Li,Huarui Zhang,Lei Huang,Kailai Shao,Guoqing Yang,Nenggan Zheng,Xufeng Jiang

DOI: https://doi.org/10.1109/cybermatics_2018.2018.00139

2018-01-01

Abstract:Automotive electronics have been developing fast since it came up. It is very common to apply Android system to automotive electronics because its functionality is becoming more and more complicated. However, the open-source nature of Android can cause many safety issues, especially in this area which has very high requirements for system safety and stability. This paper presents a novel methodology which can help to evaluate the performance, stability and safety of Android system used in automotive electronics. It also provides a demonstration show how to use this methodology and how to optimize the Android system based on the evaluation results.

Hans-Martin Heyn,Khan Mohammad Habibullah,Eric Knauss,Jennifer Horkoff,Markus Borg,Alessia Knauss,Polly Jing Li

DOI: https://doi.org/10.48550/arXiv.2303.05947

2023-03-10

Abstract:Software that contains machine learning algorithms is an integral part of automotive perception, for example, in driving automation systems. The development of such software, specifically the training and validation of the machine learning components, require large annotated datasets. An industry of data and annotation services has emerged to serve the development of such data-intensive automotive software components. Wide-spread difficulties to specify data and annotation needs challenge collaborations between OEMs (Original Equipment Manufacturers) and their suppliers of software components, data, and annotations. This paper investigates the reasons for these difficulties for practitioners in the Swedish automotive industry to arrive at clear specifications for data and annotations. The results from an interview study show that a lack of effective metrics for data quality aspects, ambiguities in the way of working, unclear definitions of annotation quality, and deficits in the business ecosystems are causes for the difficulty in deriving the specifications. We provide a list of recommendations that can mitigate challenges when deriving specifications and we propose future research opportunities to overcome these challenges. Our work contributes towards the on-going research on accountability of machine learning as applied to complex software systems, especially for high-stake applications such as automated driving.

Software Engineering,Machine Learning

Abdul Rahman Sani,Muneeb Ul Hassan,Jinjun Chen

DOI: https://doi.org/10.48550/arXiv.2205.08462

2022-05-17

Cryptography and Security

Abstract:In the recent years, the interest of individual users in modern electric vehicles (EVs) has grown exponentially. An EV has two major components, which make it different from traditional vehicles, first is its environment friendly nature because of being electric, and second is the interconnection ability of these vehicles because of modern information and communication technologies (ICTs). Both of these features are playing a key role in the development of EVs, and both academia and industry personals are working towards development of modern protocols for EV networks. All these interactions, whether from energy perspective or from communication perspective, both are generating a tremendous amount of data every day. In order to get most out of this data collected from EVs, research works have highlighted the use of machine/deep learning techniques for various EV applications. This interaction is quite fruitful, but it also comes with a critical concern of privacy leakage during collection, storage, and training of vehicular data. Therefore, alongside developing machine/deep learning techniques for EVs, it is also critical to ensure that they are resilient to private information leakage and attacks. In this paper, we begin with the discussion about essential background on EVs and privacy preservation techniques, followed by a brief overview of privacy preservation in EVs using machine learning techniques. Particularly, we also focus on an in-depth review of the integration of privacy techniques in EVs and highlighted different application scenarios in EVs. Alongside this, we provide a a very detailed survey of current works on privacy preserving machine/deep learning techniques used for modern EVs. Finally, we present the certain research issues, critical challenges, and future directions of research for researchers working in privacy preservation in EVs.

Stylianos Monogios,Konstantinos Limniotis,Nicholas Kolokotronis,Stavros Shiaeles

DOI: https://doi.org/10.1007/978-3-030-37545-4_3

2021-09-08

Abstract:The Android unrestricted application market, being of open source nature, has made it a popular platform for third-party applications reaching millions of smart devices in the world. This tremendous increase in applications with an extensive API that includes access to phone hardware, settings, and user data raises concerns regarding users privacy, as the information collected from the apps could be used for profiling purposes. In this respect, this paper focuses on the geolocation data and analyses five GPS applications to identify the privacy risks if no appropriate safeguards are present. Our results show that GPS navigation apps have access to several types of device data, while they may allow for personal data leakage towards third parties such as library providers or tracking services without providing adequate or precise information to the users. Moreover, as they are using third-party libraries, they suffer from the intra-library collusion issue, that could be exploited from advertising and analytics companies through apps and gather large amount of personal information without the explicit consent of the user.

Cryptography and Security