VnutZ Domain
Copyright © 1996 - 2024 [Matthew Vea] - All Rights Reserved

2013-04-06
Featured Article

Manipulating Traffic Data

[index] [1,972 page views]
Tagged As: Automotive, GPS, Hacking, and Security

The first GPS navigation devices for cars were strictly "dumb" in the sense of picking optimal routes on speed or distance. The past few years have seen models incorporate traffic information to perform on-the-fly route optimization. That information used to come through inaudible frequencies through FM radio but the prevalence of smartphone GPS navigation applications is shifting that to a direct pull via the Internet. But how has that data been derived? Many of those smartphones in cars are transmitting speed and location information back to central servers that aggregate the data to determine flow rates on traffic routes. However, due to users demanding privacy, the traffic aggregators cannot guarantee authenticity of the originating source. What does this mean? Well, a BlackHat presentation shows a proof-of-concept for falsifying traffic data in order to "control" the information passed back to drivers. (pdf)

An attacker could send false location information to Google without being detected and therefore affect the traffic flow analysis. If, for example, an attacker drives a route and collects the data packets sent to Google, he can replay them later with a modified cookie, platform key and time stamps. The attack can be intensified by carrying out several delayed transmissions with different cookies and platform keys to simulate multiple cars. If the attacker adds noise to the measured values (e.g. to the signal strengths of wireless access points), uses different source IP addresses, a distinction between real and fake location information is no longer possible.


More site content that might interest you:

A rootkit is the apex of modern malware, eclipsing both viruses and worms, yet their function are the least publicly understood.


Try your hand at fate and use the site's continuously updating statistical analysis of the MegaMillions and PowerBall lotteries to choose "smarter" number. Remember, you don't have to win the jackpot to win money from the lottery!


Tired of social media sites mining all your data? Try a private, auto-deleting message bulletin board.


paypal coinbase marcus