Digital Forensic Analysis for Vehicle Infotainment Systems based on Packet Fingerprinting

Abstract With the increasing number of in-vehicle computing systems and rapid development of technologies, such as autonomous driving technology, various IoT technologies are being incorporated into vehicles. In these scenarios, a vehicle is typically connected to a smartphone or various sensors to exchange information based on wireless communication. While this is convenient for the driver, from a security standpoint, it means exposing the vehicle to a new cyberattack surface: wireless communication attacks. Therefore, active research on security inspection and improvement for wireless communication in vehicular environments is required. Some studies in this regard have raised security issues, but little digital forensic research has been conducted on the issues raised. Against this background, we conducted a case study based on packet fingerprinting to improve the level of security in wireless communication in a vehicular environment (i.e., in-vehicle wireless communications). Packet fingerprinting was applied to 11 in-vehicle infotainment systems. Consequently, devices and services in use were identified from wireless network packets. Images of internal storage data were acquired from three in-vehicle infotainment systems, and a file system-based analysis was performed on the images to derive digital forensic artifacts related to the packets stored in the vehicle systems. Further analysis was conducted by combining the derived artifacts with the packet fingerprinting results. Our findings indicate that the security level of wireless communication in various in-vehicle infotainment system environments can be evaluated and improved. Moreover, we provide various identification information and digital forensic artifacts derived from various in-vehicle infotainment systems.