From physical to cyber: Escalating protection for personalized auto insurance

Le Guan, Jun Xu, Shuai Wang, Xinyu Xing, Lin Lin, Heqing Huang, Peng Liu, Wenke Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

Nowadays, auto insurance companies set personalized insurance rate based on data gathered directly from their customers' cars. In this paper, we show such a personalized insurance mechanism-wildly adopted by many auto insurance companies-is vulnerable to exploit. In particular, we demonstrate that an adversary can leverage o-The-shelf hardware to manipulate the data to the device that collects drivers' habits for insurance rate customization and obtain a fraudulent insurance discount. In response to this type of attack, we also propose a defense mechanism that escalates the protection for insurers' data collection. The main idea of this mechanism is to augment the insurer's data collection device with the ability to gather unforgeable data acquired from the physical world, and then leverage these data to identify manipulated data points. Our defense mechanism leveraged a statistical model built on unmanipulated data and is robust to manipulation methods that are not foreseen previously. We have implemented this defense mechanism as a proof-of-concept prototype and tested its effectiveness in the real world. Our evaluation shows that our defense mechanism exhibits a false positive rate of 0.032 and a false negative rate of 0.013.

Original languageEnglish (US)
Title of host publicationProceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016
PublisherAssociation for Computing Machinery, Inc
Pages42-55
Number of pages14
ISBN (Electronic)9781450342636
DOIs
StatePublished - Nov 14 2016
Event14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016 - Stanford, United States
Duration: Nov 14 2016Nov 16 2016

Publication series

NameProceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016

Other

Other14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016
CountryUnited States
CityStanford
Period11/14/1611/16/16

Fingerprint

Insurance
Industry
Railroad cars
Hardware

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Computer Networks and Communications
  • Control and Systems Engineering
  • Electrical and Electronic Engineering

Cite this

Guan, L., Xu, J., Wang, S., Xing, X., Lin, L., Huang, H., ... Lee, W. (2016). From physical to cyber: Escalating protection for personalized auto insurance. In Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016 (pp. 42-55). (Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016). Association for Computing Machinery, Inc. https://doi.org/10.1145/2994551.2994573
Guan, Le ; Xu, Jun ; Wang, Shuai ; Xing, Xinyu ; Lin, Lin ; Huang, Heqing ; Liu, Peng ; Lee, Wenke. / From physical to cyber : Escalating protection for personalized auto insurance. Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016. Association for Computing Machinery, Inc, 2016. pp. 42-55 (Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016).
@inproceedings{8789174144da44048ca703de3c42919d,
title = "From physical to cyber: Escalating protection for personalized auto insurance",
abstract = "Nowadays, auto insurance companies set personalized insurance rate based on data gathered directly from their customers' cars. In this paper, we show such a personalized insurance mechanism-wildly adopted by many auto insurance companies-is vulnerable to exploit. In particular, we demonstrate that an adversary can leverage o-The-shelf hardware to manipulate the data to the device that collects drivers' habits for insurance rate customization and obtain a fraudulent insurance discount. In response to this type of attack, we also propose a defense mechanism that escalates the protection for insurers' data collection. The main idea of this mechanism is to augment the insurer's data collection device with the ability to gather unforgeable data acquired from the physical world, and then leverage these data to identify manipulated data points. Our defense mechanism leveraged a statistical model built on unmanipulated data and is robust to manipulation methods that are not foreseen previously. We have implemented this defense mechanism as a proof-of-concept prototype and tested its effectiveness in the real world. Our evaluation shows that our defense mechanism exhibits a false positive rate of 0.032 and a false negative rate of 0.013.",
author = "Le Guan and Jun Xu and Shuai Wang and Xinyu Xing and Lin Lin and Heqing Huang and Peng Liu and Wenke Lee",
year = "2016",
month = "11",
day = "14",
doi = "10.1145/2994551.2994573",
language = "English (US)",
series = "Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016",
publisher = "Association for Computing Machinery, Inc",
pages = "42--55",
booktitle = "Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016",

}

Guan, L, Xu, J, Wang, S, Xing, X, Lin, L, Huang, H, Liu, P & Lee, W 2016, From physical to cyber: Escalating protection for personalized auto insurance. in Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016. Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016, Association for Computing Machinery, Inc, pp. 42-55, 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016, Stanford, United States, 11/14/16. https://doi.org/10.1145/2994551.2994573

From physical to cyber : Escalating protection for personalized auto insurance. / Guan, Le; Xu, Jun; Wang, Shuai; Xing, Xinyu; Lin, Lin; Huang, Heqing; Liu, Peng; Lee, Wenke.

Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016. Association for Computing Machinery, Inc, 2016. p. 42-55 (Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - From physical to cyber

T2 - Escalating protection for personalized auto insurance

AU - Guan, Le

AU - Xu, Jun

AU - Wang, Shuai

AU - Xing, Xinyu

AU - Lin, Lin

AU - Huang, Heqing

AU - Liu, Peng

AU - Lee, Wenke

PY - 2016/11/14

Y1 - 2016/11/14

N2 - Nowadays, auto insurance companies set personalized insurance rate based on data gathered directly from their customers' cars. In this paper, we show such a personalized insurance mechanism-wildly adopted by many auto insurance companies-is vulnerable to exploit. In particular, we demonstrate that an adversary can leverage o-The-shelf hardware to manipulate the data to the device that collects drivers' habits for insurance rate customization and obtain a fraudulent insurance discount. In response to this type of attack, we also propose a defense mechanism that escalates the protection for insurers' data collection. The main idea of this mechanism is to augment the insurer's data collection device with the ability to gather unforgeable data acquired from the physical world, and then leverage these data to identify manipulated data points. Our defense mechanism leveraged a statistical model built on unmanipulated data and is robust to manipulation methods that are not foreseen previously. We have implemented this defense mechanism as a proof-of-concept prototype and tested its effectiveness in the real world. Our evaluation shows that our defense mechanism exhibits a false positive rate of 0.032 and a false negative rate of 0.013.

AB - Nowadays, auto insurance companies set personalized insurance rate based on data gathered directly from their customers' cars. In this paper, we show such a personalized insurance mechanism-wildly adopted by many auto insurance companies-is vulnerable to exploit. In particular, we demonstrate that an adversary can leverage o-The-shelf hardware to manipulate the data to the device that collects drivers' habits for insurance rate customization and obtain a fraudulent insurance discount. In response to this type of attack, we also propose a defense mechanism that escalates the protection for insurers' data collection. The main idea of this mechanism is to augment the insurer's data collection device with the ability to gather unforgeable data acquired from the physical world, and then leverage these data to identify manipulated data points. Our defense mechanism leveraged a statistical model built on unmanipulated data and is robust to manipulation methods that are not foreseen previously. We have implemented this defense mechanism as a proof-of-concept prototype and tested its effectiveness in the real world. Our evaluation shows that our defense mechanism exhibits a false positive rate of 0.032 and a false negative rate of 0.013.

UR - http://www.scopus.com/inward/record.url?scp=85007039883&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85007039883&partnerID=8YFLogxK

U2 - 10.1145/2994551.2994573

DO - 10.1145/2994551.2994573

M3 - Conference contribution

AN - SCOPUS:85007039883

T3 - Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016

SP - 42

EP - 55

BT - Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016

PB - Association for Computing Machinery, Inc

ER -

Guan L, Xu J, Wang S, Xing X, Lin L, Huang H et al. From physical to cyber: Escalating protection for personalized auto insurance. In Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016. Association for Computing Machinery, Inc. 2016. p. 42-55. (Proceedings of the 14th ACM Conference on Embedded Networked Sensor Systems, SenSys 2016). https://doi.org/10.1145/2994551.2994573