Leaky Batteries: A Novel Set of Side-Channel Attacks on Electric Vehicles

TL;DR

Electric vehicles generate rich battery data that can unintentionally reveal private user information. The authors present a novel class of side-channel attacks that use only battery consumption data and time-series feature extraction to infer driver identity, driving style, occupancy, vehicle model, and trip origins/destinations, validated on both simulated and real-world datasets with an average success rate around 95%. They evaluate multiple ML classifiers and show random-forest generally provides the strongest performance, with several tasks near or at perfect accuracy. A lightweight time-window aggregation countermeasure is proposed to degrade attack effectiveness, though a privacy-utility trade-off remains. The work highlights the privacy and security implications of EV battery data and provides open-source tooling to enable further research and defenses.

Abstract

Advancements in battery technology have accelerated the adoption of Electric Vehicles (EVs) due to their environmental benefits. However, their growing sophistication introduces security and privacy challenges. Often seen as mere operational data, battery consumption patterns can unintentionally reveal critical information exploitable for malicious purposes. These risks go beyond privacy, impacting vehicle security and regulatory compliance. Despite these concerns, current research has largely overlooked the broader implications of battery consumption data exposure. As EVs integrate further into smart transportation networks, addressing these gaps is crucial to ensure their safety, reliability, and resilience. In this work, we introduce a novel class of side-channel attacks that exploit EV battery data to extract sensitive user information. Leveraging only battery consumption patterns, we demonstrate a methodology to accurately identify the EV driver and their driving style, determine the number of occupants, and infer the vehicle's start and end locations when user habits are known. We utilize several machine learning models and feature extraction techniques to analyze EV power consumption patterns, validating our approach on simulated and real-world datasets collected from actual drivers. Our attacks achieve an average success rate of 95.4% across all attack objectives. Our findings highlight the privacy risks associated with EV battery data, emphasizing the need for stronger protections to safeguard user privacy and vehicle security.

Figures (8)

• Figure 1: Overview of the system model, the data flow, and the attack vectors. We refer to headlights for CAN/ECU access, and conti2022evexchangebrighente2024evscout2 for charging station compromise.
• Figure 2: Schema of the feature extraction process. Driving style and vehicle inference attacks operate by simply extracting samples from the consumption data, while every other presented attack leverage the time-series feature extraction pipeline.
• Figure 3: Statistics for attack targets in the simulated dataset.
• Figure 4: Statistics for attack targets in the real dataset. Counts shown here already take into account the time-window processing overviewed in Section \ref{['subsec:features']}.
• Figure 5: Results for attacks in the simulated dataset leveraging single sample feature correlation.