際際滷

際際滷Share a Scribd company logo

Connected cars - the security challenge: Vehicles, Networks & Protocols

Ofer Rivlin, CISSP
Ofer Rivlin, CISSP

This document discusses the security challenges of connected cars. It covers several topics: the use of mobile apps and keyless entry which can be hacked; issues with computer vision and radars including how slight image alterations can change machine learning interpretations and concerns over radar accuracy, interference, and privacy fingerprinting; current security protocols for VANET/V2X communications; using cooperative intelligent transportation systems to detect insider attacks; revocation protocols to remove misbehaving vehicles from V2X networks; and suggestions for improving security through formal methods and a secure-by-design approach.

1 of 37
Download to read offline
1 Connected cars - the security challenge: Vehicles, Networks & Protocols Ofer Rivlin Product Security Lead @ Cyberark
2
3
4
5
6
7
8
9
10 Mobile apps & Keyless entry
11
12
13
14 Radars & Vision
15
16
17
18 Computer Vision - Slight alterations to an image, invisible to humans can result in wildly different interpretations from a machine learning algorithm
19 RADARs Accuracy (size & cost)
20 RADARs Accuracy (size & cost) Interference (returning signals?)
21 RADARs Accuracy (size & cost) Interference (returning signals?) 鐃 Mitigation: Uniqueness by different frequency/encoding
22 RADARs Accuracy (size & cost) Interference (returning signals?) 鐃 Mitigation: Uniqueness by different frequency/encoding Privacy Fingerprinting
23 RADARs Accuracy (size & cost) Interference (returning signals?) 鐃 Mitigation: Unique frequency/encoding Privacy Fingerprinting 鐃 Mitigation: Non-Unique properties
24 RADARs Accuracy (size & cost) Interference (returning signals?) 鐃 Mitigation: Unique frequency/encoding Privacy Fingerprinting 鐃 Mitigation: Non-Unique properties
25 VANET/V2X Current Security State V2X Revocation Protocol
26
27 Cooperative Intelligent Transportation Systems (cITS) detect insider attacks based on attacker behavior
28 V2X Revocation Protocol Revocation of misbehaving vehicles in a V2X network Vehicles that perform harmful cyber security activities messages with spoofed positions, incorrect speeds, etc.
29 Suggested Latest Solutions OSR (Order for Self-Revocation)
30 Identified issues with latest protocols
31 Secure By Design using formal methods
32 Connected Cars Security in Future
33 https://zerodium.com/program.html
34
35
36
37 Thank You!

More Related Content

Connected cars - the security challenge: Vehicles, Networks & Protocols