Research On Information Delivery Technology For Vehicular Screen System

The emergence of Internet of Vehicles(Io V)has changed the concept of traditional automobiles and transportation.It has effectively improved the efficiency of the use of automobiles and is considered as an important part of the smart city in the future.Combining the feature of intellectualization and networking,Intelligent Connected Vehicle(ICV)will be the development trend of automobiles.With its maturity and application,ICV is playing an increasingly important role in reducing traffic accidents,improving traffic efficiency and driving comfort.The application with new technologies such as mobile Internet,AI and big data has greatly changed the way of travelling and driving.ICV has brought great comfort and convenience to our daily life,however,the information security problem that it faces is seldom concerned.In-Vehicle Infotainment(IVI)is the core module of ICV,which uses the specific CPU based on vehicular CAN bus system and Internet service.It is the link between the in-vehicle network and the external network.IVI provides a wider attack surface than any other vehicle component,and the information security problem caused by this component is particularly important.Virus software,remote attack,unauthorized APP,phishing websites,etc.,in addition to bringing security risks to the vehicle itself,can also result in loss of owner property,disclosure of privacy,and even the serious consequences of car destruction.From the perspective of attackers,this paper studies the particular security issues of IVI.Through the analysis of the security threats of the IVI based on the Android operating system which is used by most ICV in the market,we propose an effective and universal attack scheme for the ICV,and develop a complete set of information delivery attack software for vehicular screen system.This attack software consists of client software running on target IVI and server software running on our Web server.Analyzing the upgrade process of pre-installed software on the vehicular screen from the application layer is the first step.Then we analyze the parsing process of the target client to server response from source code.Next,exploiting the vulnerabilities of this process,we design a false response construction algorithm and generate a spurious server response.Then,it induces users to install the client software locally,thus realizing the function of batch-delivering information to the vehicular screen remotely.Finally,using the method of black box testing,our attack software is tested in multiple angles and is even extended to multiple smartphones.As far as we know,this is the first work to apply information delivery technology to the field of the Io V.It prepares for the rapid,widespread and reliable dissemination of information in specific areas by using the Io V in information warfare,and also provides theoretical and technical supporting for the development of the Io V and the security of the ICV.