{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T05:24:22Z","timestamp":1774329862442,"version":"3.50.1"},"reference-count":62,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2022,10,4]],"date-time":"2022-10-04T00:00:00Z","timestamp":1664841600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,10,4]],"date-time":"2022-10-04T00:00:00Z","timestamp":1664841600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"Abstract<\/jats:title>Modern automobiles are equipped with connectivity features to enhance the user\u2019s comfort. Bluetooth is one such communication technology that is used to pair a personal device with an automotive infotainment unit. Upon pairing, the user could access the personal information on the phone through the automotive head unit with minimum distraction while driving. However, such connectivity introduces a possibility for privacy attacks. Hence, performing an in-depth analysis of the system with privacy constraints is extremely important to prevent unauthorized access to personal information. In this work, we perform a systematic analysis of the Bluetooth network of an automotive infotainment unit to exploit security and privacy-related vulnerabilities. We model the identified threat with respect to privacy constraints of the system, emphasize the severity of attacks through a standardized rating metric and then provide potential countermeasures to prevent the attack. We perform System Theoretic Process Analysis for Privacy as a part of the systematic analysis and use the Common Vulnerability Scoring System to derive attack severity. The identified vulnerabilities are due to design flaws and assumptions on Bluetooth protocol implementation on automotive infotainment systems. We then elicit the vulnerability by performing a privacy attack on the Automotive system in an actual vehicle. We use Android Open-Source Project to report our findings and propose defense strategies.<\/jats:p>","DOI":"10.1186\/s42400-022-00132-x","type":"journal-article","created":{"date-parts":[[2022,10,4]],"date-time":"2022-10-04T00:02:41Z","timestamp":1664841761000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":24,"title":["Valet attack on privacy: a cybersecurity threat in automotive Bluetooth infotainment systems"],"prefix":"10.1186","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5786-6302","authenticated-orcid":false,"given":"Vishnu","family":"Renganathan","sequence":"first","affiliation":[]},{"given":"Ekim","family":"Yurtsever","sequence":"additional","affiliation":[]},{"given":"Qadeer","family":"Ahmed","sequence":"additional","affiliation":[]},{"given":"Aylin","family":"Yener","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,10,4]]},"reference":[{"key":"132_CR1","unstructured":"Android (2021a) Automotive: android open source project [Online]. Available: https:\/\/source.android.com\/devices\/automotive"},{"key":"132_CR2","unstructured":"Android (2021b) Bluetooth [Online]. Available: https:\/\/source.android.com\/devices\/bluetooth"},{"key":"132_CR3","unstructured":"Android (2021c) Automotive: android open source project\u2014power management [Online]. Available: https:\/\/source.android.com\/devices\/automotive\/power\/power"},{"key":"132_CR4","unstructured":"Android (2021d) Automotive: android open source project\u2014what is android automotive? [Online]. Available: https:\/\/source.android.com\/devices\/automotive\/start\/what_automotive."},{"key":"132_CR5","unstructured":"Android (2021e) Configure on-device developer options [Online]. Available: https:\/\/developer.android.com\/studio\/debug\/dev-options."},{"key":"132_CR6","doi-asserted-by":"crossref","unstructured":"Antonioli D, Payer M (2022) On the insecurity of vehicles against protocol-level bluetooth threats. In 2022 IEEE Security and Privacy Workshops (SPW) (pp. 353-362). IEEE.","DOI":"10.1109\/SPW54247.2022.9833886"},{"key":"132_CR7","unstructured":"Antonioli D, Tippenhauer NO, Rasmussen KB (2019) The KNOB is broken: exploiting low entropy in the encryption key negotiation of bluetooth BR\/EDR. In: 28th USENIX security symposium (USENIX security 19)"},{"key":"132_CR8","doi-asserted-by":"crossref","unstructured":"Antonioli D, Tippenhauer NO, Rasmussen K (2020) BIAS: bluetooth impersonation attacks. In: 2020 IEEE symposium on security and privacy (SP)","DOI":"10.1109\/SP40000.2020.00093"},{"key":"132_CR9","doi-asserted-by":"crossref","unstructured":"Antonioli D, Tippenhauer NO, Rasmussen K, Payer M (2022) BLURtooth: exploiting cross-transport key derivation in bluetooth classic and bluetooth low energy. In: Proceedings of the 2022 ACM on Asia conference on computer and communications security","DOI":"10.1145\/3488932.3523258"},{"key":"132_CR10","doi-asserted-by":"crossref","unstructured":"Ballmann B (2021) Feeling bluetooth on the tooth. In: Understanding network hacks: attack and defense with Python 3, Springer Berlin, Heidelberg, p 139\u2013162","DOI":"10.1007\/978-3-662-62157-8_9"},{"key":"132_CR11","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1016\/j.tele.2019.03.003","volume":"41","author":"S Barth","year":"2019","unstructured":"Barth S, de Jong MDT, Junger M, Hartel PH, Roppelt JC (2019) Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources. Telematics Inform 41:55\u201369","journal-title":"Telematics Inform"},{"key":"132_CR12","doi-asserted-by":"crossref","unstructured":"Benton K, Camp LJ, Garg V (2013) Studying the effectiveness of android application permissions requests. In: 2013 IEEE international conference on pervasive computing and communications workshops (PERCOM Workshops)","DOI":"10.1109\/PerComW.2013.6529497"},{"key":"132_CR13","unstructured":"Bhat A (2015) HMI Architecture and bluetooth phonebook design in car infotainment, vol. 2, p 257903"},{"key":"132_CR14","unstructured":"BluetoothSIG (2019a) Bluetooth qualification process overview [Online]. Available: https:\/\/www.bluetooth.com\/develop-with-bluetooth\/qualification-listing\/"},{"key":"132_CR15","unstructured":"BluetoothSIG (2019b) Phone book access profile [Online]. Available: https:\/\/www.bluetooth.org\/docman\/handlers\/downloaddoc.ashx?doc_id=457095"},{"key":"132_CR16","unstructured":"BluetoothSIG (2019c) Message access profile [Online]. Available: https:\/\/www.bluetooth.org\/docman\/handlers\/downloaddoc.ashx?doc_id=457095"},{"key":"132_CR17","unstructured":"Boddie D (2017) PyOBEX. [Online]. Available: https:\/\/gitlab.com\/dboddie\/pyobex."},{"key":"132_CR18","doi-asserted-by":"crossref","unstructured":"Cheah M, Shaikh SA, Bryans J, Nguyen HN (2016) Combining third party components securely in automotive systems. In: Information security theory and practice, Cham","DOI":"10.1007\/978-3-319-45931-8_18"},{"key":"132_CR19","first-page":"8","volume":"9","author":"M Cheah","year":"2017","unstructured":"Cheah M, Shaikh SA, Haas O, Ruddle A (2017) Towards a systematic security evaluation of the automotive Bluetooth interface. Veh Commun 9:8\u201318","journal-title":"Veh Commun"},{"key":"132_CR20","doi-asserted-by":"publisher","first-page":"360","DOI":"10.1016\/j.cose.2018.04.008","volume":"77","author":"M Cheah","year":"2018","unstructured":"Cheah M, Shaikh SA, Bryans J, Wooderson P (2018) Building an automotive security assurance case using systematic security evaluations. Comput Secur 77:360\u2013379","journal-title":"Comput Secur"},{"key":"132_CR21","unstructured":"Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H, Savage S, Koscher K, Czeskis A, Roesner F, Kohno T (2011) Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of the 20th USENIX conference on security, USA"},{"key":"132_CR22","doi-asserted-by":"crossref","unstructured":"Claverie T, Teves JL (2021) BlueMirror: reflections on bluetooth pairing and provisioning protocols. In: 2021 IEEE security and privacy workshops (SPW)","DOI":"10.1109\/SPW53761.2021.00054"},{"key":"132_CR23","doi-asserted-by":"crossref","unstructured":"Cope P, Campbell J, Hayajneh T (2017) An investigation of Bluetooth security vulnerabilities. In: 2017 IEEE 7th annual computing and communication workshop and conference (CCWC)","DOI":"10.1109\/CCWC.2017.7868416"},{"key":"132_CR24","doi-asserted-by":"crossref","unstructured":"Costantino G, Matteucci I (2022) Reversing Kia motors head unit to discover and exploit software vulnerabilities, J Comput Virol Hacking Techniques","DOI":"10.1007\/s11416-022-00430-5"},{"key":"132_CR25","doi-asserted-by":"crossref","unstructured":"Costantino G, Vincenzi MD, Matteucci I (2022) A comparative analysis of UNECE WP. 29 R155 and ISO\/SAE 21434. In: IEEE European symposium on security and privacy workshops (EuroS&PW), Genoa","DOI":"10.1109\/EuroSPW55150.2022.00041"},{"key":"132_CR26","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1109\/LES.2013.2264594","volume":"5","author":"A Dardanelli","year":"2013","unstructured":"Dardanelli A, Maggi F, Tanelli M, Zanero S, Savaresi SM, Kochanek R, Holz T (2013) A security layer for smartphone-to-vehicle communication over Bluetooth. IEEE Embed Syst Lett 5:34\u201337","journal-title":"IEEE Embed Syst Lett"},{"key":"132_CR27","doi-asserted-by":"crossref","unstructured":"Deuker A (2009) Addressing the privacy paradox by expanded privacy awareness\u2013the example of context-aware services. In: IFIP PrimeLife international summer school on privacy and identity management for life","DOI":"10.1007\/978-3-642-14282-6_23"},{"key":"132_CR28","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MSP.2010.3","volume":"8","author":"J Dunning","year":"2010","unstructured":"Dunning J (2010) Taming the blue beast: a survey of bluetooth based threats. IEEE Secur Priv 8:20\u201327","journal-title":"IEEE Secur Priv"},{"key":"132_CR29","unstructured":"Egele M, Kruegel C, Kirda E, Vigna G (2011) PiOS: detecting privacy leaks in iOS applications. In: NDSS"},{"key":"132_CR30","doi-asserted-by":"crossref","unstructured":"Enck W, Gilbert P, Han S, Tendulkar V, Chun B-G, Cox LP, Jung J, McDaniel P, Sheth AN (2014) TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans Comput Syst, 32","DOI":"10.1145\/2619091"},{"key":"132_CR31","doi-asserted-by":"crossref","unstructured":"Felt AP, Ha E, Egelman S, Haney A, Chin E, Wagner D (2012) Android permissions: user attention, comprehension, and behavior. In: Proceedings of the eighth symposium on usable privacy and security","DOI":"10.1145\/2335356.2335360"},{"issue":"2","key":"132_CR32","first-page":"183","volume":"34","author":"I Friedberg","year":"2017","unstructured":"Friedberg I, McLaughlin K, Smith P, Laverty D, Sezer S (2017) STPA-SafeSec: safety and security analysis for cyber-physical systems. J Inf Secur Appli 34(2):183\u2013196","journal-title":"J Inf Secur Appli"},{"key":"132_CR33","doi-asserted-by":"crossref","unstructured":"Garakani HG, Moshiri B, Safavi-Naeini S (2018) Cyber security challenges in autonomous vehicle: their impact on RF sensor and wireless technologies. In: 2018 18th international symposium on antenna technology and applied electromagnetics (ANTEM)","DOI":"10.1109\/ANTEM.2018.8572847"},{"key":"132_CR34","unstructured":"Gessler P. Muller T, Mailat M (2020) Android automotive OS whitepaper: android automotive OS book"},{"key":"132_CR35","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1016\/j.cose.2017.03.008","volume":"74","author":"SS Hassan","year":"2018","unstructured":"Hassan SS, Bibon SD, Hossain MS, Atiquzzaman M (2018) Security threats in Bluetooth technology. Comput Secur 74:308\u2013322","journal-title":"Comput Secur"},{"key":"132_CR36","unstructured":"Honda (2021) Hondanews. [Online]. Available: https:\/\/hondanews.com\/en-US\/releases\/honda-and-google-collaborate-on-in-vehicle-connected-services."},{"key":"132_CR37","first-page":"1","volume":"23","author":"SU Hussain","year":"2018","unstructured":"Hussain SU, Koushanfar F (2018) P3: Privacy preserving positioning for smart automotive systems. ACM Trans Des Autom Electron Syst (TODAES) 23:1\u201319","journal-title":"ACM Trans Des Autom Electron Syst (TODAES)"},{"key":"132_CR38","doi-asserted-by":"publisher","first-page":"541","DOI":"10.1007\/s11235-018-00544-6","volume":"70","author":"V Kaplun","year":"2019","unstructured":"Kaplun V, Segal M (2019) Breaching the privacy of connected vehicles network. Telecommun Syst 70:541\u2013555","journal-title":"Telecommun Syst"},{"key":"132_CR39","unstructured":"Kaur G, Jain B (2013) Data communication via bluetooth-a trusted device, Atharva, p 4"},{"key":"132_CR40","volume-title":"Privacy indexes: a survey of Westin's studies","author":"P Kumaraguru","year":"2005","unstructured":"Kumaraguru P, Cranor LF (2005) Privacy indexes: a survey of Westin\u2019s studies. Carnegie Mellon University, School of Computer Science, US"},{"key":"132_CR41","doi-asserted-by":"crossref","unstructured":"Lu K, Li Z, Kemerlis VP, Wu Z, Lu L, Zheng C, Qian Z, Lee W, Jiang G (2015) Checking more and alerting less: Detecting privacy leakages via enhanced data-flow analysis and peer voting. In: 22nd annual network and distributed system security symposium, NDSS 2015, San Diego, California, USA, February 8\u201311, 2014","DOI":"10.14722\/ndss.2015.23287"},{"key":"132_CR42","unstructured":"Megowan P, Suvak D, Kogan D (2003) Object exchange protocol. [Online]. Available: https:\/\/www.irda.org\/standards\/pubs\/OBEX13.pdf"},{"key":"132_CR43","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1109\/MSP.2006.145","volume":"4","author":"P Mell","year":"2006","unstructured":"Mell P, Scarfone K, Romanosky S (2006) Common vulnerability scoring system. IEEE Secur Priv 4:85\u201389","journal-title":"IEEE Secur Priv"},{"key":"132_CR44","doi-asserted-by":"crossref","unstructured":"Mindermann K, Riedel F, Abdulkhaleq A. Stach C, Wagner S (2017) Exploratory study of the privacy extension for system theoretic process analysis (STPA-Priv) to elicit privacy risks in eHealth. In: 2017 IEEE 25th International requirements engineering conference workshops (REW)","DOI":"10.1109\/REW.2017.30"},{"key":"132_CR45","doi-asserted-by":"crossref","unstructured":"Nasim R (2012) Security threats analysis in Bluetooth-enabled mobile devices. Preprint http:\/\/arxiv.org\/abs\/1206.1482","DOI":"10.5121\/ijnsa.2012.4303"},{"key":"132_CR46","unstructured":"nOBEX (2016) nOBEX. [Online]. Available: https:\/\/github.com\/nccgroup\/nOBEX."},{"key":"132_CR47","doi-asserted-by":"crossref","unstructured":"Oka DK, Furue T, Langenhop L, Nishimura T (2014) Survey of vehicle IoT Bluetooth devices. In: 2014 IEEE 7th international conference on service-oriented computing and applications","DOI":"10.1109\/SOCA.2014.20"},{"key":"132_CR48","doi-asserted-by":"publisher","first-page":"1","DOI":"10.20485\/jsaeijae.8.1_1","volume":"8","author":"H Onishi","year":"2017","unstructured":"Onishi H, Wu K, Yoshida K, Kato T (2017) Approaches for vehicle cyber-security in the US: vulnerabilities of carry-in devices, GNSS, & vehicle-to-vehicle communication. Int J Automot Eng 8:1\u20136","journal-title":"Int J Automot Eng"},{"key":"132_CR49","unstructured":"PK (2019) Challenges in android based in-vehicle- infotainment (IVI). [Online]. Available: https:\/\/medium.com\/@pkurumbudel\/challenges-in-android-based-in-vehicle-infotainment-ivi-93819acc650a"},{"key":"132_CR50","unstructured":"Popa B (2021) Autoevolution. [Online]. Available: https:\/\/www.autoevolution.com\/news\/heres-the-full-list-of-cars-powered-by-android-automotive-169169.html"},{"key":"132_CR51","doi-asserted-by":"crossref","unstructured":"Shapiro SS (2016) Privacy risk analysis based on system control structures: adapting system-theoretic process analysis for privacy Engineering. In: 2016 IEEE security and privacy workshops (SPW)","DOI":"10.1109\/SPW.2016.15"},{"key":"132_CR52","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/s12525-015-0191-0","volume":"25","author":"S Spiekermann","year":"2015","unstructured":"Spiekermann S, Acquisti A, B\u00f6hme R, Hui K-L (2015) The challenges of personal data markets and privacy. Electron Mark 25:161\u2013167","journal-title":"Electron Mark"},{"key":"132_CR53","unstructured":"Sutton A (2021) Android automotive OS 11 on a raspberry Pi. [Online]. Available: https:\/\/medium.com\/snapp-automotive\/android-automotive-os-11-on-a-raspberry-pi-2abaa133f468."},{"key":"132_CR54","doi-asserted-by":"crossref","unstructured":"Tanaka T, Skoglund M, Sandberg H, Johansson KH (2017) Directed information and privacy loss in cloud-based control. In: 2017 American control conference (ACC)","DOI":"10.23919\/ACC.2017.7963192"},{"key":"132_CR55","doi-asserted-by":"crossref","unstructured":"von Tschirschnitz M, Peuckert L, Franzen F, Grossklags J (2021) Method confusion attack on bluetooth pairing. In: 2021 IEEE symposium on security and privacy (SP)","DOI":"10.1109\/SP40001.2021.00013"},{"key":"132_CR56","unstructured":"Wuyts K, Scandariato R, Joosen W (2014) LIND (D) UN privacy threat tree catalog, vol. 675, Department of Computer Science, KU Leuven"},{"key":"132_CR57","first-page":"405","volume":"10","author":"A Yadav","year":"2016","unstructured":"Yadav A, Bose G, Bhange R, Kapoor K, Iyenger NCSN, Caytiles R (2016) Security, vulnerability and protection of vehicular on-board diagnostics. Int J Secur Appl 10:405\u2013422","journal-title":"Int J Secur Appl"},{"key":"132_CR58","doi-asserted-by":"crossref","unstructured":"Yee K-P (2002) User interaction design for secure systems. In: Information and communications security, Berlin","DOI":"10.1007\/3-540-36159-6_24"},{"key":"132_CR59","doi-asserted-by":"crossref","unstructured":"Young W, Leveson N (2013) Systems thinking for safety and security. In: Association for computing machinery, New York","DOI":"10.1145\/2523649.2530277"},{"key":"132_CR60","unstructured":"Zelle D, Krauss D, von Pape T (2017) A privacy-aware data access system for automotive applications. In: 15th ESCAR embedded security in cars conference"},{"key":"132_CR61","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1016\/j.jnca.2018.07.017","volume":"122","author":"Y Zhang","year":"2018","unstructured":"Zhang Y, Li J, Zheng D, Li P, Tian Y (2018) Privacy-preserving communication and power injection over vehicle networks and 5G smart grid slice. J Netw Comput Appl 122:50\u201360","journal-title":"J Netw Comput Appl"},{"key":"132_CR62","unstructured":"Zhou X (2014) The security and privacy of mobile platforms in a rapidly evolving world"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-022-00132-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-022-00132-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-022-00132-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,4]],"date-time":"2022-10-04T00:11:49Z","timestamp":1664842309000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-022-00132-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,4]]},"references-count":62,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2022,12]]}},"alternative-id":["132"],"URL":"https:\/\/doi.org\/10.1186\/s42400-022-00132-x","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,4]]},"assertion":[{"value":"6 May 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"6 September 2022","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 October 2022","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"30"}}