Automotive digital forensics through data and log analysis of vehicle diagnosis Android apps

IF 2 4区 医学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS Forensic Science International-Digital Investigation Pub Date : 2024-05-03 DOI:10.1016/j.fsidi.2024.301752
Jiheon Jung , Sangchul Han , Minkyu Park , Seong-je Cho
{"title":"Automotive digital forensics through data and log analysis of vehicle diagnosis Android apps","authors":"Jiheon Jung ,&nbsp;Sangchul Han ,&nbsp;Minkyu Park ,&nbsp;Seong-je Cho","doi":"10.1016/j.fsidi.2024.301752","DOIUrl":null,"url":null,"abstract":"<div><p>Modern vehicles including smart cars have been equipped with many electronic devices such as electronic control units (ECUs), on-board diagnostics (OBD) systems, telematics and infotainment systems, gateways, sensors, etc. Because these devices create, transmit, and store a lot of digital data, modern vehicles are becoming key source of digital evidence in vehicular forensics. In addition, some dedicated mobile apps can capture driving and diagnostic data from a vehicle via a Bluetooth-enabled OBD-II scanner. In this paper, we propose a new process for effective automotive forensics. It collects and analyzes three different types of data left on an Android phone which has been connected to the OBD-II port of a vehicle via Bluetooth communication. The three types of data are OBD-II Android apps' data, Bluetooth HCI snoop log, and the <em>main</em> log buffer of the Android logging system. By analyzing them individually and integratedly, we find Bluetooth connection time, vehicle information, MAC address of the OBD-II scanner, vehicle velocity, sharp speeding event, sudden braking event, refueling event, and so on. We also construct a timeline of Bluetooth traffic and driving events through the timeline analysis, which can be used to determine the driver's behaviors in terms of vehicle forensics.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2024-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2666281724000714","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Modern vehicles including smart cars have been equipped with many electronic devices such as electronic control units (ECUs), on-board diagnostics (OBD) systems, telematics and infotainment systems, gateways, sensors, etc. Because these devices create, transmit, and store a lot of digital data, modern vehicles are becoming key source of digital evidence in vehicular forensics. In addition, some dedicated mobile apps can capture driving and diagnostic data from a vehicle via a Bluetooth-enabled OBD-II scanner. In this paper, we propose a new process for effective automotive forensics. It collects and analyzes three different types of data left on an Android phone which has been connected to the OBD-II port of a vehicle via Bluetooth communication. The three types of data are OBD-II Android apps' data, Bluetooth HCI snoop log, and the main log buffer of the Android logging system. By analyzing them individually and integratedly, we find Bluetooth connection time, vehicle information, MAC address of the OBD-II scanner, vehicle velocity, sharp speeding event, sudden braking event, refueling event, and so on. We also construct a timeline of Bluetooth traffic and driving events through the timeline analysis, which can be used to determine the driver's behaviors in terms of vehicle forensics.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
通过对车辆诊断 Android 应用程序的数据和日志分析进行汽车数字取证
包括智能汽车在内的现代汽车配备了许多电子设备,如电子控制单元 (ECU)、车载诊断 (OBD) 系统、远程信息处理和信息娱乐系统、网关、传感器等。由于这些设备创建、传输和存储了大量数字数据,现代车辆正成为车辆取证中数字证据的关键来源。此外,一些专用移动应用程序可以通过支持蓝牙的 OBD-II 扫描仪获取车辆的驾驶和诊断数据。在本文中,我们提出了一种有效的汽车取证新流程。它收集并分析通过蓝牙通信连接到车辆 OBD-II 端口的安卓手机上留下的三种不同类型的数据。这三类数据分别是 OBD-II 安卓应用程序数据、蓝牙人机交互窥探日志和安卓日志系统的主日志缓冲区。通过对它们进行单独分析和综合分析,我们可以发现蓝牙连接时间、车辆信息、OBD-II 扫描仪的 MAC 地址、车辆速度、急加速事件、急刹车事件、加油事件等。我们还通过时间轴分析构建了蓝牙流量和驾驶事件的时间轴,可用于在车辆取证方面确定驾驶员的行为。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
5.90
自引率
15.00%
发文量
87
审稿时长
76 days
期刊最新文献
Commentary:- Can I use that tool? Temporal metadata analysis: A learning classifier system approach Uncertainty and error in location traces Competence in digital forensics “What you say in the lab, stays in the lab”: A reflexive thematic analysis of current challenges and future directions of digital forensic investigations in the UK
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1