Systems and methods for detecting discrepancies in automobile-network data
First Claim
1. A computer-implemented method for detecting discrepancies in automobile-network data, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- receiving, via a logging device, data that indicates a first state of at least one attribute of an automobile at a moment in time, wherein;
the data has been conveyed via an automobile-network message that was purportedly broadcast over an automobile network of the automobile; and
the logging device is configured to;
connect to the automobile network via a port of the automobile network; and
log automobile-network messages that;
are broadcast over the automobile network; and
convey states of the attribute of the automobile;
receiving, via at least one sensor of a mobile device, additional data that indicates a second state of the same attribute of the automobile at the same moment in time, wherein the mobile device was traveling with the automobile when the automobile-network message was logged by the logging device;
detecting a security incident by determining that a difference between the first state and the second state is indicative of the automobile-network message having been falsified; and
performing a security action by flagging the data as having been falsified.
6 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for detecting discrepancies in automobile-network data may include (1) receiving data that indicates at least one attribute of an automobile and that was conveyed via an automobile-network message that was purportedly broadcast over an automobile network of the automobile, (2) receiving additional data that indicates the same attribute of the automobile and that was not conveyed via any automobile-network message that was broadcast over the automobile network, (3) detecting a discrepancy between the data and the additional data, and (4) performing a security action in response to detecting the discrepancy between the data and the additional data. Various other methods, systems, and computer-readable media are also disclosed.
33 Citations
13 Claims
-
1. A computer-implemented method for detecting discrepancies in automobile-network data, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
receiving, via a logging device, data that indicates a first state of at least one attribute of an automobile at a moment in time, wherein; the data has been conveyed via an automobile-network message that was purportedly broadcast over an automobile network of the automobile; and the logging device is configured to; connect to the automobile network via a port of the automobile network; and log automobile-network messages that; are broadcast over the automobile network; and convey states of the attribute of the automobile; receiving, via at least one sensor of a mobile device, additional data that indicates a second state of the same attribute of the automobile at the same moment in time, wherein the mobile device was traveling with the automobile when the automobile-network message was logged by the logging device; detecting a security incident by determining that a difference between the first state and the second state is indicative of the automobile-network message having been falsified; and performing a security action by flagging the data as having been falsified. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for detecting discrepancies in automobile-network data, the system comprising:
-
at least one receiving module, stored in memory, that; receives, via a logging device, data that indicates a first state of at least one attribute of an automobile at a moment in time, wherein; the data has been conveyed via an automobile-network message that was purportedly broadcast over an automobile network of the automobile; and the logging device is configured to; connect to the automobile network via a port of the automobile network; and log automobile-network messages that;
are broadcast over the automobile network; and
convey states of the attribute of the automobile;receives, via at least one sensor of a mobile device, additional data that indicates a second state of the same attribute of the automobile at the same moment in time, wherein the mobile device was traveling with the automobile when the automobile-network message was logged by the logging device; a detecting module, stored in memory, that detects a security incident by determining that a difference between the first state and the second state is indicative of the automobile-network message having been falsified; a security module, stored in memory, that performs a security action by flagging the data as having been falsified; and at least one physical processor that executes the receiving module, the detecting module, and the security module. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
receive, via a logging device, data that indicates a first state of at least one attribute of an automobile at a moment in time, wherein; the data has been conveyed via an automobile-network message that was purportedly broadcast over an automobile network of the automobile; and the logging device is configured to; connect to the automobile network via a port of the automobile network; and log automobile-network messages that; are broadcast over the automobile network; and convey states of the attribute of the automobile; receive, via at least one sensor of a mobile device, additional data that indicates a second state of the same attribute of the automobile at the same moment in time, wherein the mobile device was traveling with the automobile when the automobile-network message was logged by the logging device; detect a security incident by determining that a difference between the first state and the second state is indicative of the automobile-network message having been falsified; and perform a security action by flagging the data as having been falsified.
-
Specification