Advancements in battery technology have accelerated the adoption of Electric Vehicles (EVs) due to their environmental benefits. However, their growing sophistication introduces security and privacy challenges. Often seen as mere operational data, battery consumption patterns can unintentionally reveal critical information exploitable for malicious purposes. These risks go beyond privacy, impacting vehicle security and regulatory compliance. Despite these concerns, current research has largely overlooked the broader implications of battery consumption data exposure. As EVs integrate further into smart transportation networks, addressing these gaps is crucial to ensure their safety, reliability, and resilience. In this work, we introduce a novel class of side-channel attacks that exploit EV battery data to extract sensitive user information. Leveraging only battery consumption patterns, we demonstrate a methodology to accurately identify the EV driver and their driving style, determine the number of occupants, and infer the vehicle's start and end locations when user habits are known. We utilize several machine learning models and feature extraction techniques to analyze EV power consumption patterns, validating our approach on simulated and real-world datasets collected from actual drivers. Our attacks achieve an average success rate of 95.4% across all attack objectives. Our findings highlight the privacy risks associated with EV battery data, emphasizing the need for stronger protections to safeguard user privacy and vehicle security.

翻译：电池技术的进步因其环境效益而加速了电动汽车的普及。然而，日益复杂的系统也带来了安全与隐私挑战。通常被视为单纯运行数据的电池消耗模式，可能无意中泄露可用于恶意目的的关键信息。这些风险不仅限于隐私，还影响车辆安全与法规遵从性。尽管存在这些担忧，当前研究大多忽视了电池消耗数据暴露的更广泛影响。随着电动汽车进一步融入智能交通网络，解决这些缺口对于确保其安全性、可靠性与韧性至关重要。本文提出了一类新型侧信道攻击，利用电动汽车电池数据提取敏感用户信息。仅基于电池消耗模式，我们展示了一种方法，能够准确识别电动汽车驾驶员及其驾驶风格，确定乘员数量，并在已知用户习惯的情况下推断车辆的起始与终止位置。我们采用多种机器学习模型与特征提取技术分析电动汽车功耗模式，并在从真实驾驶员收集的模拟和实际数据集上验证了我们的方法。我们的攻击在所有攻击目标上平均成功率达到了95.4%。研究结果揭示了与电动汽车电池数据相关的隐私风险，强调了加强保护以保障用户隐私和车辆安全的必要性。