Abstract
The increasing equipment of cars with smart systems and their networking with other devices is leading to a growing network of connected vehicles. Connected cars are Internet of Things (IoT) devices that communicate bidirectionally with other systems, enabling internet access and data exchange. Artificial Intelligence (AI) offers benefits such as autonomous driving, driver assistance programs, and monitoring. The increasing connectivity of cars also brings new risks to users' privacy. Our study focuses on privacy threats in connected cars from a user perspective. Our study provides a comprehensive threat model analysis based on a combination of STRIDE and LINDDUN. We analyze the various threats and vulnerabilities that arise from connecting cars to the internet and other devices, including Vehicle-to-Vehicle (V2V), Vehicle-to-Vloud (V2C), and Vehicle-to-Device (V2D). We conduct our study based on a theoretical model of a modern-day connected vehicle of another study. Our study shows that several types of threats can negatively impact the privacy of connected car users. This encapsulates the potential risks, such as the inadvertent disclosure of personal data due to the vehicle's interconnectedness with other devices, including smartphones, and the subsequent susceptibility to unauthorized access, while also highlighting the need for robust security measures indicated by our comprehensive threat modeling, to safeguard against a wide array of identified cybersecurity threats.
Originalsprache | Englisch |
---|---|
Titel des Sammelwerks | 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) |
Untertitel des Sammelwerks | Abu Dhabi, United Arab Emirates : 14-17 Nov. 2023 |
Erscheinungsort | New York |
Verlag | IEEE |
Seiten | 0690-0697 |
ISBN (elektronisch) | 979-8-3503-0460-2 |
ISBN (Print) | 979-8-3503-0461-9 |
DOIs | |
Publikationsstatus | Veröffentlicht - 25 Dez. 2023 |
Österreichische Systematik der Wissenschaftszweige (ÖFOS)
- 102015 Informationssysteme