Simon Ebbers , Stefan Gense , Mouad Bakkouch , Felix Freiling , Sebastian Schinzel
{"title":"Grand theft API: A forensic analysis of vehicle cloud data","authors":"Simon Ebbers , Stefan Gense , Mouad Bakkouch , Felix Freiling , Sebastian Schinzel","doi":"10.1016/j.fsidi.2023.301691","DOIUrl":null,"url":null,"abstract":"<div><p>Modern vehicles such as cars, trucks and motorcycles contain an increasing number of embedded computers that continuously exchange telemetry data like current mileage, tire pressure, expected range and geolocation to the manufacturer's cloud. Vehicle owners can access this data via Vehicle Assistant Apps (VAA). Naturally, this data is of increasing interest to law enforcement in criminal investigations. While manufacturers must comply with local laws requiring them to hand over the data of suspects upon the issuance of a warrant, this process can be time-consuming and cause an additional delay in a case. Making use of novel API-based access methods in cloud forensic investigations, we present a method to get permanent access to a vehicle's cloud data by directly accessing cloud servers given suspects' credentials. We analysed a set of 23 different VAAs and pointed out the potentially accessible data categories. With our proof of concept tool <span>gta.py</span> in combination with six provided vehicles from BMW, Dacia, Ford, Hyundai, Mercedes and Tesla, we verified the accessibility of the data categories. Our findings demonstrate that the API-based forensic acquisition and analysis of vehicle cloud data provides important insights to be considered in future digital forensic investigations of vehicles.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2024-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S266628172300210X/pdfft?md5=8e1636b6793dec184feeca7cf3b0ff1b&pid=1-s2.0-S266628172300210X-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S266628172300210X","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Modern vehicles such as cars, trucks and motorcycles contain an increasing number of embedded computers that continuously exchange telemetry data like current mileage, tire pressure, expected range and geolocation to the manufacturer's cloud. Vehicle owners can access this data via Vehicle Assistant Apps (VAA). Naturally, this data is of increasing interest to law enforcement in criminal investigations. While manufacturers must comply with local laws requiring them to hand over the data of suspects upon the issuance of a warrant, this process can be time-consuming and cause an additional delay in a case. Making use of novel API-based access methods in cloud forensic investigations, we present a method to get permanent access to a vehicle's cloud data by directly accessing cloud servers given suspects' credentials. We analysed a set of 23 different VAAs and pointed out the potentially accessible data categories. With our proof of concept tool gta.py in combination with six provided vehicles from BMW, Dacia, Ford, Hyundai, Mercedes and Tesla, we verified the accessibility of the data categories. Our findings demonstrate that the API-based forensic acquisition and analysis of vehicle cloud data provides important insights to be considered in future digital forensic investigations of vehicles.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
