Protecting Connected Cars Against API Driven Attacks

Application Level Anomaly Management for Connected Cars

Fleet-wide Cybersecurity Protection

GDPR Compliance

Anti Fraud Protection

Policy Violation Detection

Automated API Behavior Modeling

AI based Analytics

Vehicle-level and Fleet-level Insights​

Non Intrusive,  Cloud based Deployment

Montoring millions of devices to date

 

The Connected Car is Vulnerable

Most operational systems in a car or truck -- brakes, transmission, etc. -- have long adopted digital controls, largely interconnected within the vehicle. A vehicle today is increasingly understood as a computer system on wheels, ultimately trending toward comprehensive "self-driving" capabilities.

 

The current revolution to connect the new generation of computer-cars to central servers (and to each other) over wireless mobile networks promises enormous but introduces potentially catastrophic cyber-risks from hackers capable of attacking a connected car or entire fleets of vehicles sharing a communications network through common software, hardware or operating systems. Attacks can spread directly from one vehicle to another, and well as through a common backend.

 

APIs are the Future of the Connected Car Ecosystem

The connected car industry's global revenue is projected to reach $141 billion by 2020. Car manufacturers rely on an ecosystem of players to deliver next-generation services. In fact, the connected car is a use case of a colossal ecosystem of vehicle-centric IoT devices. Connecting them all together will be connected car APIs .

 

Connected cars report private data to OEM cloud and receive commands from the OEM cloud to enable advanced services. Multiple APIs exist between the following entities:

* The car and the OEM cloud

* User installed applications and the OEM cloud

* Advanced services and the OEM cloud

 

Each of these API types can be exploited to hack into the car or the OEM cloud and can lead to:
 

           * Massive private data leakage                                             * Fleet-wide ransomware attack   
                         *
Fleet-wide loss of control attack                                                          * Denial of Service attack 

Anomaly Management Platform

Automated Protection Against  API Driven Attacks

The answer to the rapidly-evolving and high-value threats in a complex system of connected vehicles (and related mobile applications) can only be achieved through AI-driven anomaly-detection systems capable of sifting through all of the data streams in a network -- in real time -- to identify conditions at variance with normal behavior and demanding instantaneous attention.

imVision's powerful cloud-based anomaly detection software is capable of rapidly and flexibly "learning" what data may be at variance with norms, and therefore an indication of possible security threats, fraudulent activity or data privacy breaches

 Continuously Analyze Internal and External APIs   

Protocol and Application Level Analysis

•Privileged Access

•Unexpected/Unsupported messages

•Code Execution

Procedural Flow Analysis 

•End to end procedure integrity

•Procedure  messages validation

Context analysis

•State of the car

•Multi-entity interactions

•Multi-entity event analysis

Behavior patterns analysis

•Car behavior patterns

•Volumetric messages & events analysis  

Contact Us

What to hear more? Contact us now!