Research On The Risk And Detection Mechanism Of Wi-Fi Privacy Leakage In Intelligent Connected Vehicles

With the improvement of the level of intelligence and networking in automobiles,a new generation of Intelligent Connected Vehicles(ICVs)has been developed on the basis of traditional automobiles.In terms of intelligence,ICVs are equipped with a large number of Electronic Control Units(ECUs)and sensors,which can generate thousands of data per second,including a large amount of private data.As in car wireless fidelity(Wi Fi)gradually becomes the basic configuration of vehicles,it may create new ICV privacy leakage channels,such as Evil Twins Attack(ETA)targeting Wi Fi.Therefore,studying the ETA privacy leakage risk and detection mechanism of ICV has profound theoretical significance and extensive practical value.Aiming at the problems of incomplete,subjective and difficult to quantify loss in privacy disclosure risk assessment of intelligent connected vehicles,a privacy risk assessment model combining qualitative and quantitative methods was proposed.Firstly,based on the qualitative risk assessment model,a new privacy classification is proposed,which extends the privacy impact rating of the existing standard.Secondly,a privacy leakage detection scheme based on Wi-Fi is designed to solve the problem of data collection in quantitative evaluation.Finally,the comprehensive value measurement of the leaked privacy data is carried out from the information entropy,influence level,personal identifiable information type and other factors.The privacy data pricing model is introduced to quantify the attack benefits,and the product of attack benefits and probability is taken as the estimated loss value.The feasibility of the privacy leakage detection scheme is proved through the real car experiment of three intelligent connected cars.The qualitative and quantitative risk assessment of privacy data shows that the extended impact rating,privacy measurement and pricing model is superior to the existing scheme,and effectively quantifies the privacy disclosure risk of intelligent connected vehicles.The risk value of quantitative conversion is in good agreement with the risk value of qualitative assessment.Finally,aiming at the ETA threat of ICV,a detection method based on region and path similarity(RPS)is designed.By collecting the nearby AP information in the associated LAP area,the regional location information RLI is constructed.Before the next connection,the area to be connected to the AP is RP calculated to detect ETAs without the ability of RLI forgery.For the type of fully matched RLI attack with low detection rate,the similarity of motion path and direction of ICV is further used for detection.The simulation results show that the ETA detection method based on RPS can effectively detect ETA with the ability of fully matching RLI and avoid ICV automatically connecting to ET.