TY - JOUR
T1 - Enhanced android app-repackaging attack on in-vehicle network
AU - Lee, Yousik
AU - Woo, Samuel
AU - Lee, Jungho
AU - Song, Yunkeun
AU - Moon, Heeseok
AU - Lee, Dong Hoon
AU - Andersson, Karl
N1 - Funding Information:
This research was supported by the Korea Ministry of Land, Infrastructure and Transport. It was also supported by the Korea Agency for Infrastructure Technology Advancement (Project no. 17TLRP-B117133-02).
Publisher Copyright:
© 2019 Yousik Lee et al.
PY - 2019
Y1 - 2019
N2 - The convergence of automobiles and ICT (information and communication technology) has become a new paradigm for the development of next-generation vehicles. In particular, connected cars represent the most in-demand automobile-ICT convergence technology. With the development of 5G technology, communication between vehicle and external device using autonomous driving and Internet of things (IoT) technology has been remarkably developed. Control of vehicles using smart phones has become a routine feature, and over 200 Android apps are in use. However, Android apps are easy to tamper by repackaging and allowing hackers to attack vehicles with using this vulnerability, which can lead to life-critical accidents. In this study, we analyze the vulnerabilities of connected car environments when connecting with IoT technologies and demonstrate the possibility of cyberattack by performing attack experiments using real cars and repackaging for commercial apps. Furthermore, we propose a realistic security technology as a countermeasure to attain safety against cyberattacks. To evaluate the safety of the proposed method, a security module is developed and a performance evaluation is conducted on an actual vehicle.
AB - The convergence of automobiles and ICT (information and communication technology) has become a new paradigm for the development of next-generation vehicles. In particular, connected cars represent the most in-demand automobile-ICT convergence technology. With the development of 5G technology, communication between vehicle and external device using autonomous driving and Internet of things (IoT) technology has been remarkably developed. Control of vehicles using smart phones has become a routine feature, and over 200 Android apps are in use. However, Android apps are easy to tamper by repackaging and allowing hackers to attack vehicles with using this vulnerability, which can lead to life-critical accidents. In this study, we analyze the vulnerabilities of connected car environments when connecting with IoT technologies and demonstrate the possibility of cyberattack by performing attack experiments using real cars and repackaging for commercial apps. Furthermore, we propose a realistic security technology as a countermeasure to attain safety against cyberattacks. To evaluate the safety of the proposed method, a security module is developed and a performance evaluation is conducted on an actual vehicle.
UR - http://www.scopus.com/inward/record.url?scp=85062328805&partnerID=8YFLogxK
U2 - 10.1155/2019/5650245
DO - 10.1155/2019/5650245
M3 - Article
AN - SCOPUS:85062328805
SN - 1530-8669
VL - 2019
JO - Wireless Communications and Mobile Computing
JF - Wireless Communications and Mobile Computing
M1 - 5650245
ER -