Security and Privacy Challenges in Upcoming Intelligent Urban

  • Slides: 15
Download presentation
Security and Privacy Challenges in Upcoming Intelligent Urban Micromobility Transportation Systems Nisha Vinayaga Sureshkanth

Security and Privacy Challenges in Upcoming Intelligent Urban Micromobility Transportation Systems Nisha Vinayaga Sureshkanth Raveen Wijewickrama Anindya Maiti Murtuza Jadliwala [email protected] org raveen. [email protected] org a. [email protected] org murtuza. [email protected] edu University of Texas at San Antonio

Urban Micromobility • Small, portable, often self-powered, transportation vehicles • Enables last-mile or short-distance

Urban Micromobility • Small, portable, often self-powered, transportation vehicles • Enables last-mile or short-distance commutes in urban communities • Personal (owned) or Shared (rentable) • Popular urban micromobility transportation modes • Electric scooters Our focus in this work • Electric bikes • Self-balancing electric transport 3/10/2021 SPri. TELab @ UTSA E-Bike E-Skateboard E-Scooter E-Skates Self-Balancing Transport 2

E-Scooter Transportation Ecosystem Smartphone • E-scooter • Embedded controller • Sensors and other hardware

E-Scooter Transportation Ecosystem Smartphone • E-scooter • Embedded controller • Sensors and other hardware • User’s Smartphone • Application Service Provider Electronic Throttle Dashboard & Power Button Brake Lever Headlight Brake Light Rear Brake Front Brake Battery Compartment Embedded Controller • Service Provider • Cloud and database 3/10/2021 E-scooter SPri. TELab @ UTSA 3

Our Position & Paper Contributions • Position: The e-scooter ecosystem has become extremely popular,

Our Position & Paper Contributions • Position: The e-scooter ecosystem has become extremely popular, however it also exposes several critical attack surfaces that need to be systematically studied • This paper makes a first attempt in this direction! • Contributions of this paper: • Expose the various attack surfaces in the dockless e-scooter ecosystem • Identify adversaries that can exploit these surfaces and outline specific attack scenarios • Discuss impact on the community and potential countermeasures • Overarching Goal: • Promote community awareness on this upcoming threat modality 3/10/2021 SPri. TELab @ UTSA 4

Attack Surfaces and Vulnerabilities Smartphone • The scooter • • • Service Provider Physical

Attack Surfaces and Vulnerabilities Smartphone • The scooter • • • Service Provider Physical Damage Safety Hazard Man-in-the-Middle Attack Replay Attack Spoofing • The application • • Man-in-the-Middle Attack Replay Attack Spoofing User Data Inference • The cloud service • User Data Sharing • User Data Inference • Surrounding Inference 3/10/2021 E-scooter SPri. TELab @ UTSA 5

Adversaries User – rider or charger • Rider – one who rides the e-scooter

Adversaries User – rider or charger • Rider – one who rides the e-scooter • Charger – one who recharges the e-scooter • Capabilities: may or may not have knowledge of the ecosystem Outsider • A non-user or passerby • Capabilities: may or may not have knowledge of the ecosystem Service Provider • Company provider the shared (or rental) e-scooter service • Capabilities: knowledgeable about the ecosystem, but may only have limited knowledge of the user and his/her surroundings and context 3/10/2021 SPri. TELab @ UTSA 6

Adversary: User • Scenarios: • Hide the scooter from other chargers • Breaking geo-fencing

Adversary: User • Scenarios: • Hide the scooter from other chargers • Breaking geo-fencing (park in a “No Parking” zone) • Share fake location to service provider • Goal: • Spoof location of the scooter and smartphone • Procedure: 1. Generate GNSS signal 2. Broadcast signal near targets • Outcome: • Fake location(s) on provider database • Impact: • Public nuisance – illegal parking or riding (in congested roads) • Provider loss – hidden (missing) scooters Smartphone Service Provider Real GNSS Signal Spoofer E-scooter 3/10/2021 SPri. TELab @ UTSA 7

Adversary: User • Scenarios: • Access scooter features without authorized access • Learn about

Adversary: User • Scenarios: • Access scooter features without authorized access • Learn about the scooter ecosystem • Bypass application and remote unlock scooters • Goal: • Control the communication medium • Procedure: 1. Infer API operation and communication protocols used 2. Generate, modify or save API requests 3. Send spoofed or replayed requests/responses • Outcome: • Ability to manipulate ecosystem via authorized requests • Impact: • Security threat – ecosystem manipulation • Privacy threat – scooter information hidden to the user • Public nuisance – multiple alarms triggered at once Smartphone Service Provider E-scooter 3/10/2021 SPri. TELab @ UTSA 8

Adversary: User/Outsider • Scenarios: • Access hidden scooter features • Unlock maximum speed limit

Adversary: User/Outsider • Scenarios: • Access hidden scooter features • Unlock maximum speed limit restriction • Know about devices that connect to a scooter • Goal: • Manipulate the scooter • Procedure: 1. Inject malicious code into firmware 2. Generate requests or modify hijacked packets 3. Send new or modified requests • Outcome: • Ability to use scooter or gather information without authorization • Impact: • Safety hazard – driving at an unsafe speed • Security threat – malicious code injection • Privacy threat – information on connected devices 3/10/2021 SPri. TELab @ UTSA Smartphone Service Provider E-scooter 9

Adversary: Outsider Smartphone Service Provider • Scenario: • Control the scooter remotely • Steal

Adversary: Outsider Smartphone Service Provider • Scenario: • Control the scooter remotely • Steal the scooter • Deter authorized users from the scooter • Goal: • Access to ecosystem for entities not using the scooter services • Procedure: 1. Compromise scooter – replace firmware 2. Hijack network requests 3. Replace with malicious or intended requests • Outcome: • Ability to control scooter and manipulate the ecosystem • Impact: • Safety hazard – unexpected stop mid-ride • Security threat – ecosystem operation compromised 3/10/2021 SPri. TELab @ UTSA E-scooter 10

Adversary: Outsider • Scenario: • Spy on authorized users • Collect information on scooter

Adversary: Outsider • Scenario: • Spy on authorized users • Collect information on scooter usage • Spread malware via compromised scooters • Goal: • Gather unauthorized intel about users or scooters • Procedure: 1. Gain control of the scooter 2. Create and spread malicious packets 3. Spy on network and users • Outcome: • Knowledge of users and backdoor via smartphone • Impact: • Privacy threat – scooter users • Security threat – scooter user and connected devices Smartphone Service Provider E-scooter 3/10/2021 SPri. TELab @ UTSA 11

Adversary: Service Provider • Scenarios: • Find where the user (rider/charger) travelled on a

Adversary: Service Provider • Scenarios: • Find where the user (rider/charger) travelled on a day • Find where a user was at a particular time • Identify the roads frequented by the user • Goal: • Gather intel on user whereabouts • Process: • Design application to periodically collect user location in background • Outcome: • Collective knowledge of frequented places or paths • Impact: • Privacy loss – user behavior and activities inferred from location patterns • Provider gain – strategic placement of scooters • Safety hazard – if intel sold to malicious entities meaning physical harm 3/10/2021 SPri. TELab @ UTSA Shopping Mall Restaurant Work Home 12

Adversary: Service Provider • Scenarios: • Aggregate information about the user activities • Create

Adversary: Service Provider • Scenarios: • Aggregate information about the user activities • Create or access the user’s advertising profiles • Deduce the devices owned/used by the user • Goal: • Gather intel on user’s devices and activities • Process: • Design application to extract user activity and device information and collaborate with third parties • Outcome: • Deduce user preferences and interests • Impact: • Privacy loss – collecting information unrelated to use the service • Provider gain – generating and selling user profiles 3/10/2021 SPri. TELab @ UTSA 13

Adversary: Service Provider • Scenarios: • Information about the surroundings • Collude with third

Adversary: Service Provider • Scenarios: • Information about the surroundings • Collude with third parties and send targeted ads • Improve financial gain or promote services • Goal: • Gather other intel on user surroundings • Process: • Design application to collect information, collude with third party entities, and eavesdrop on user connected networks • Outcome: • Collective knowledge of entities in vicinity • Impact: • Privacy loss – for non-associated entities near the users • Security threat – for nearby devices broadcasting sensitive information • Public nuisance – for non-associated entities bombarded with ads 3/10/2021 SPri. TELab @ UTSA User Roommate Passerby 14

Conclusion Who are affected? • The users • The community How are they affected?

Conclusion Who are affected? • The users • The community How are they affected? • Safety hazards • Privacy threats • Ecosystem manipulation What can we do about it? • Threat awareness • Secure software and hardware system design • Privacy-preserving data collection and sharing policies 3/10/2021 SPri. TELab @ UTSA 15