Enhanced Android App-Repackaging Attack on In-Vehicle Network-Reference-Cited by-同舟云学术

Enhanced Android App-Repackaging Attack on In-Vehicle Network

Published:2019-02-03 Issue: Volume:2019 Page:1-13
ISSN:1530-8669
Container-title:Wireless Communications and Mobile Computing
language:en
Short-container-title:Wireless Communications and Mobile Computing

Author:

Lee Yousik¹,Woo Samuel²,Lee Jungho³,Song Yunkeun¹,Moon Heeseok⁴,Lee Dong Hoon⁵^ORCID

Affiliation:

1. ESCRYPT, 4F, ABN Tower, 331 Pangyo-ro, Bundang-gu, Seongnam-si, Gyeonggi-do 13488, Republic of Korea

2. Electronics and Telecommunications Research Institute, 218 Gajeong-ro, Yuseong-gu, Daejeon 34129, Republic of Korea

3. Korea Information Certificate Authority Inc., 5th Fl C-dong, PDC, 242, Pangyo-ro, Bundang-gu, Seongnam-si, Gyeonggi-do 13487, Republic of Korea

4. KATECH, 74 Yongjeong-ri, Pungse-myeon, Dongnam-gu, Cheonan, Chungcheongnam-do, Republic of Korea

5. Korea University, Anam-ro, Seongbuk-gu, Seoul 02841, Republic of Korea

Abstract

The convergence of automobiles and ICT (information and communication technology) has become a new paradigm for the development of next-generation vehicles. In particular, connected cars represent the most in-demand automobile-ICT convergence technology. With the development of 5G technology, communication between vehicle and external device using autonomous driving and Internet of things (IoT) technology has been remarkably developed. Control of vehicles using smart phones has become a routine feature, and over 200 Android apps are in use. However, Android apps are easy to tamper by repackaging and allowing hackers to attack vehicles with using this vulnerability, which can lead to life-critical accidents. In this study, we analyze the vulnerabilities of connected car environments when connecting with IoT technologies and demonstrate the possibility of cyberattack by performing attack experiments using real cars and repackaging for commercial apps. Furthermore, we propose a realistic security technology as a countermeasure to attain safety against cyberattacks. To evaluate the safety of the proposed method, a security module is developed and a performance evaluation is conducted on an actual vehicle.

Funder

Ministry of Land, Infrastructure and Transport

Publisher

Hindawi Limited

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Information Systems

Link

http://downloads.hindawi.com/journals/wcmc/2019/5650245.pdf

Reference9 articles.

1. Efficient and Secure Service-Oriented Authentication Supporting Network Slicing for 5G-Enabled IoT

2. A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN

3. A Practical Attack on In-Vehicle Network Using Repacked Android Applications

Cited by 10 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Graph-Based Strategy for Intrusion Detection in Connected Vehicles;Lecture Notes in Networks and Systems;2024

2. Security assessment of in-vehicle communication protocols;Vehicular Communications;2023-12

3. Security Vulnerability in the Automotive Sector with Modernization;2023 IEEE 11th Region 10 Humanitarian Technology Conference (R10-HTC);2023-10-16

4. Task-Aware Meta Learning-Based Siamese Neural Network for Classifying Control Flow Obfuscated Malware;Future Internet;2023-06-14

5. A Survey on Controller Area Network Reverse Engineering;IEEE Communications Surveys & Tutorials;2023