Abstract
Tire pressure monitoring systems have become a mandatory feature of modern automobiles, but their presence opens a new attack vector for a potential adversary.These systems have minimal security features, allowing for eavesdropping and data injection with low technical and financial costs.
This chapter explores the potential for tire pressure monitoring systems to provide inputs to a remote sensing network, which leverages the data broadcast by the systems to identify vehicles and track their movements. A traffic simulation is employed to generate vehicle movements and tire pressure monitoring system packets. Experiments demonstrate that the tire pressure monitoring system data can help identify vehicles and reconstruct vehicle routes. They show that a determined adversary could deploy sensors to detect tire pressure monitoring systems and learn about the movements of individual vehicles without any insider information. Potential solutions to this privacy problem are discussed, focusing on low cost changes with the greatest consumer security benefits.
Chapter PDF
Similar content being viewed by others
References
DLR - Institute of Transportation Systems, Eclipse SUMO - Simulation of Urban Mobility, Berlin, Germany (dlr.de/ts/sumo), 2019
K. Emura, T. Hayashi and S. Moriai, Toward securing tire pressure monitoring systems: A case of PRESENT-based implementation, Proceedings of the International Symposium on Information Theory and its Applications, pp. 403–407, 2016
European Commission, Top News from the European Commission, 23 November to 20 December 2009, AGENDA/09/40, Press Release, Brussels, Belgium, November 20, 2009
D. Kilcoyne, S. Bendelac, J. Ernst and A. Michaels, Tire pressure monitoring system encryption to improve vehicular security, Proceedings of the IEEE Military Communications Conference, pp. 1219–1224, 2016
National Highway Traffic Safety Administration, Federal Motor Vehicle Safety Standards; Tire Pressure Monitoring Systems; Controls and Displays; Final Rule, 49 CFR Part 571, Docket No. NHTSA 2000–8572, RIN 2127-AI33, Washington, DC, 2003
I. Rouf, R. Miller, H. Mustafa, T. Taylor, S. Oh, W. Xu, M. Gruteser, W. Trappe and I. Seskar, Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study, Proceedings of the Nineteenth USENIX Conference on Security, article no. 21, 2010
A. Sanfeliu and K. Fu, A distance measure between attributed relational graphs for pattern recognition, IEEE Transactions on Systems, Man and Cybernetics, vol. SMC-13(3), pp. 353–362, 1983
C. Solomon and B. Groza, LiMon – Lightweight authentication for tire pressure monitoring sensors, in Security of Industrial Control Systems and Cyber Physical Systems, A. Becue, N. Cuppens-Boulahia, F. Cuppens, S. Katsikas and C. Lambrinoudakis (Eds.), Springer, Cham, Switzerland, pp. 95–111, 2016
U.S. Congress, Transportation Recall Enhancement, Accountability and Documentation (TREAD) Act, Public Law 106-414, 106th Congress, Washington, DC, 2000
S. Velupillai and L. Guvenc, Tire pressure monitoring [Applications of Control], IEEE Control Systems, vol. 27(6), pp. 22–25, 2007
M. Xu, W. Xu, J. Walker and B. Moore, Lightweight secure communications protocols for in-vehicle sensor networks, Proceedings of the ACM Workshop on Security, Privacy and Dependability for Cyber Vehicles, pp. 19–30, 2013
S. Yadav, A. Reddy, A. Reddy and S. Ranjan, Detecting algorithmically-generated domain-flux attacks with DNS traffic analysis, IEEE/ACM Transactions on Networking, vol. 20(5), pp. 1663-1677, 2012
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hacker, K., Graham, S., Dunlap, S. (2019). Vehicle Identification and Route Reconstruction via TPMS Data Leakage. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XIII. ICCIP 2019. IFIP Advances in Information and Communication Technology, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-030-34647-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-34647-8_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34646-1
Online ISBN: 978-3-030-34647-8
eBook Packages: Computer ScienceComputer Science (R0)