I know where you have been last summer: Extracting privacy-sensitive information via forensic analysis of the Mercedes-Benz NTG52 infotainment system

Modern vehicles are equipped with In-Vehicle Infotainment (IVI) systems that offers different functions, such as typical radio and multimedia services, navigation and internet browsing. To operate properly, IVI systems have to store locally different types of data, reflecting user preferences and be...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Forensic science international. Digital investigation (Online) Ročník 53; s. 301909
Hlavní autori: Stabili, Dario, Valgimigli, Filip, Marchetti, Mirco
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Elsevier Ltd 01.06.2025
Predmet:
Privacy analysis of infotainment systems
Privacy exposure
SQL database carving
Privacy exposure
SQL database carving
Privacy analysis of infotainment systems
ISSN:2666-2817
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Modern vehicles are equipped with In-Vehicle Infotainment (IVI) systems that offers different functions, such as typical radio and multimedia services, navigation and internet browsing. To operate properly, IVI systems have to store locally different types of data, reflecting user preferences and behaviors. If stored and managed insecurely, these data might expose sensitive information and represent a privacy risk. In this paper we address this issue by presenting a methodology for the extraction of privacy-sensitive information from the popular NTG5 COMMAND IVI system (specifically, the NTG5⁎2 version by Harman), deployed in some Mercedes-Benz vehicles from 2013 to 2019. We show that it is possible to extract information related to geographic locations and various vehicles events (such as ignition and doors opening and closing) dating back to the previous 8 months, and that these data can be cross-referenced to precisely identify the activities and habits of the driver. Moreover, we develop a novel forensic tool to automate this task.1 Given the past usage of the NTG5 system, our work might have real life implications for the privacy of millions of drivers, owners and passengers. As a final contribution, we develop a novel technique for SQLite data carving specifically designed to identify deleted data. Comparison with existing state-of-the-art tools for SQLite3 data recovery demonstrates that our approach is more effective in recovering deleted traces than general purpose tools. •Unencrypted disks used in IVI systems allow the extraction of privacy-sensitive information from GPS logs.•Proprietary formats used to encode GPS trails in IVI systems can be reverse engineered with some initial assumptions.•Cross-referencing extracted GPS trails with OSINT sources enable detailed reconstruction of daily usage of a vehicle.
ISSN:2666-2817
DOI:10.1016/j.fsidi.2025.301909