SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
Random Key Predistribution Schemes for Sensor Networks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
Mobile Networks and Applications - Special issue: Wireless mobile wireless applications and services on WLAN hotspots
Preserving location privacy in wireless lans
Proceedings of the 5th international conference on Mobile systems, applications and services
Devices that tell on you: privacy trends in consumer ubiquitous computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Improving wireless privacy with an identifier-free link layer protocol
Proceedings of the 6th international conference on Mobile systems, applications, and services
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Wireless device identification with radiometric signatures
Proceedings of the 14th ACM international conference on Mobile computing and networking
A spotlight on security and privacy risks with future household robots: attacks and lessons
Proceedings of the 11th international conference on Ubiquitous computing
EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond
Proceedings of the 16th ACM conference on Computer and communications security
Experimental Security Analysis of a Modern Automobile
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Secure vehicular communication systems: design and architecture
IEEE Communications Magazine
Towards standardization of in-car sensors
Nets4Cars/Nets4Trains'11 Proceedings of the Third international conference on Communication technologies for vehicles
Efficient and secure threshold-based event validation for VANETs
Proceedings of the fourth ACM conference on Wireless network security
Communications of the ACM
Comprehensive experimental analyses of automotive attack surfaces
SEC'11 Proceedings of the 20th USENIX conference on Security
Flooding-resilient broadcast authentication for VANETs
MobiCom '11 Proceedings of the 17th annual international conference on Mobile computing and networking
EDA for secure and dependable cybercars: challenges and opportunities
Proceedings of the 49th Annual Design Automation Conference
Effective and efficient security policy engines for automotive on-board networks
Nets4Cars/Nets4Trains'12 Proceedings of the 4th international conference on Communication Technologies for Vehicles
The research value of publishing attacks
Communications of the ACM
Neighborhood watch: security and privacy analysis of automatic meter reading systems
Proceedings of the 2012 ACM conference on Computer and communications security
Proceedings of the 4th International Conference on Automotive User Interfaces and Interactive Vehicular Applications
Tracking unmodified smartphones using wi-fi monitors
Proceedings of the 10th ACM Conference on Embedded Network Sensor Systems
Lightweight secure communication protocols for in-vehicle sensor networks
Proceedings of the 2013 ACM workshop on Security, privacy & dependability for cyber vehicles
Trust assurance levels of cybercars in v2x communication
Proceedings of the 2013 ACM workshop on Security, privacy & dependability for cyber vehicles
FIE on firmware: finding vulnerabilities in embedded systems using symbolic execution
SEC'13 Proceedings of the 22nd USENIX conference on Security
Security-aware mapping for CAN-based real-time distributed automotive systems
Proceedings of the International Conference on Computer-Aided Design
Hi-index | 0.03 |
Wireless networks are being integrated into the modern automobile. The security and privacy implications of such in-car networks, however, have are not well understood as their transmissions propagate beyond the confines of a car's body. To understand the risks associated with these wireless systems, this paper presents a privacy and security evaluation of wireless Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system. We show that eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle. Further, reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers. Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages. We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle. Finally, the paper concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems and other forthcoming in-car wireless sensor networks.