Date of Award

3-22-2019

Document Type

Thesis

Degree Name

Master of Science in Computer Engineering

Department

Department of Electrical and Computer Engineering

First Advisor

Scott R. Graham, PhD

Abstract

The automotive industry is moving towards a more connected ecosystem, with connectivity achieved through multiple wireless systems. However, in the pursuit of these technological advances and to quickly satisfy requirements imposed on manufacturers, the security of these systems is often an afterthought. It has been shown that systems in a standard new automobile that one would not expect to be vulnerable can be exploited for a variety of harmful effects. This thesis considers a seemingly benign, but government mandated, safety feature of modern vehicles; the Tire Pressure Monitoring System (TPMS). Typical implementations have no security-oriented features, leaking data that can be used for reliable tracking by a determined attacker, and being completely open to spoofing attacks. This research investigates potential privacy concerns of TPMS, first by demonstrating the feasibility of both identifying vehicles and reconstructing their routes without prohibitive cost or expertise. Then, an ID obfuscating scheme is proposed, called TPMS Obfuscation through Rolling ID (TORI), to mitigate these privacy threats while remaining true to the design requirements of TPMS. Various conditions are tested using a modified traffic simulator, which validate the ability to reconstruct the identities of vehicles even from sparse detections.

AFIT Designator

AFIT-ENG-MS-19-M-031

DTIC Accession Number

AD1075156

Share

COinS