汽车物联网蓝牙设备调查

2014 IEEE 7th International Conference on Service-Oriented Computing and Applications Pub Date : 2014-11-17 DOI:10.1109/SOCA.2014.20

D. Oka, Takahiro Furue, Lennart Langenhop, Tomohiro Nishimura

{"title":"汽车物联网蓝牙设备调查","authors":"D. Oka, Takahiro Furue, Lennart Langenhop, Tomohiro Nishimura","doi":"10.1109/SOCA.2014.20","DOIUrl":null,"url":null,"abstract":"Modern vehicles equipped with wireless technologies such as Bluetooth can basically be considered mobile IoT devices. Users can connect their smart phones to their cars to for example use the car's speakers and microphones to make phone calls or read out various diagnostics data from the car such as engine speed and coolant temperature. However, to provide high usability and also often due to limitations in physical input/output capabilities of Bluetooth devices, there may be errors in the implementations where Bluetooth security features are not fully utilized for the pairing procedure. For example, attackers can target vehicle IoT devices using fixed unchangeable PINs that are always in discoverable mode and pair with such devices by guessing the PINs. If these devices are connected to the in-vehicle network, an attacker in control of such a device could execute attacks by injecting arbitrary messages into the in-vehicle network. These attacks could have serious consequences on human life as they can affect the safety of the car. Therefore, it is imperative to provide proper security measures for vehicle IoT devices that provide a potential entry point to the in-vehicle network.","PeriodicalId":138805,"journal":{"name":"2014 IEEE 7th International Conference on Service-Oriented Computing and Applications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":"{\"title\":\"Survey of Vehicle IoT Bluetooth Devices\",\"authors\":\"D. Oka, Takahiro Furue, Lennart Langenhop, Tomohiro Nishimura\",\"doi\":\"10.1109/SOCA.2014.20\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern vehicles equipped with wireless technologies such as Bluetooth can basically be considered mobile IoT devices. Users can connect their smart phones to their cars to for example use the car's speakers and microphones to make phone calls or read out various diagnostics data from the car such as engine speed and coolant temperature. However, to provide high usability and also often due to limitations in physical input/output capabilities of Bluetooth devices, there may be errors in the implementations where Bluetooth security features are not fully utilized for the pairing procedure. For example, attackers can target vehicle IoT devices using fixed unchangeable PINs that are always in discoverable mode and pair with such devices by guessing the PINs. If these devices are connected to the in-vehicle network, an attacker in control of such a device could execute attacks by injecting arbitrary messages into the in-vehicle network. These attacks could have serious consequences on human life as they can affect the safety of the car. Therefore, it is imperative to provide proper security measures for vehicle IoT devices that provide a potential entry point to the in-vehicle network.\",\"PeriodicalId\":138805,\"journal\":{\"name\":\"2014 IEEE 7th International Conference on Service-Oriented Computing and Applications\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"31\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE 7th International Conference on Service-Oriented Computing and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SOCA.2014.20\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 7th International Conference on Service-Oriented Computing and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SOCA.2014.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 31

摘要

配备蓝牙等无线技术的现代车辆基本上可以被视为移动物联网设备。用户可以将他们的智能手机连接到他们的汽车上，例如使用汽车的扬声器和麦克风打电话或读出汽车的各种诊断数据，如发动机转速和冷却剂温度。但是，为了提供高可用性，并且通常由于蓝牙设备的物理输入/输出功能的限制，在没有充分利用蓝牙安全特性进行配对过程的实现中可能会出现错误。例如，攻击者可以使用始终处于可发现模式的固定不可更改的pin来瞄准车辆物联网设备，并通过猜测pin与此类设备配对。如果这些设备连接到车载网络，控制这些设备的攻击者可以通过向车载网络注入任意消息来执行攻击。这些攻击可能会对人类的生命造成严重后果，因为它们会影响汽车的安全。因此，必须为车载物联网设备提供适当的安全措施，这些设备为车载网络提供了潜在的入口点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Survey of Vehicle IoT Bluetooth Devices

Modern vehicles equipped with wireless technologies such as Bluetooth can basically be considered mobile IoT devices. Users can connect their smart phones to their cars to for example use the car's speakers and microphones to make phone calls or read out various diagnostics data from the car such as engine speed and coolant temperature. However, to provide high usability and also often due to limitations in physical input/output capabilities of Bluetooth devices, there may be errors in the implementations where Bluetooth security features are not fully utilized for the pairing procedure. For example, attackers can target vehicle IoT devices using fixed unchangeable PINs that are always in discoverable mode and pair with such devices by guessing the PINs. If these devices are connected to the in-vehicle network, an attacker in control of such a device could execute attacks by injecting arbitrary messages into the in-vehicle network. These attacks could have serious consequences on human life as they can affect the safety of the car. Therefore, it is imperative to provide proper security measures for vehicle IoT devices that provide a potential entry point to the in-vehicle network.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 IEEE 7th International Conference on Service-Oriented Computing and Applications

自引率

0.00%

发文量