9,070 research outputs found
Методика аналізу безпеки BLE пристроїв на прикладі фітнес-трекера
Актуальність роботи. З кожним роком на ринку з’являється все більше пристроїв що використовують технологію Bluetooth Low Energy. Ці пристрої все більше стають пов’язаними із нашим повсякденним життям. На базі BLE працюють пристрої екосистеми розумного дому, різноманітні носимі пристрої типу навушників чи фітнес трекерів. BLE навіть використовується в керуванні мобільним електротранспортом (електро самокати та електро скейтборди). Саме тому, перевірка та можливість вдосконалення безпеки пристроїв що нас оточують є, по суті, підвищенням рівня своєї захищеності. Адже завжди існує загроза витоку даних, або ж їх підміна. А якщо зловмисник перехопить контроль над транспортом, то це вже становитиме ще й небезпеку для нашого життя.
Об’єктом дослідження є пристрої Bluetooth Low Energy.
Предметом дослідження є безпека пристроїв Bluetooth Low Energy.
Метою роботи є розробка методики аналізу безпеки пристроїв Bluetooth Low Energy, на основі проведеного дослідження фітнес трекера та опрацьованих теоретичних матеріалів щодо безпеки BLE.
Завдання роботи:
1. Дослідити принципи роботи технології Bluetooth Low Energy.
2. Ознайомитися з існуючими дослідженнями, методами дослідження та рекомендаціями щодо безпеки BLE.
3. Здійснити аналіз безпеки пристрою BLE - фітнес трекера.
4. На основі проаналізованого теоретичного матеріалу та проведеного дослідження розробити та запропонувати методику аналізу безпеки пристроїв BLE.
Методи дослідження - ознайомлення та опрацювання літератури, що представлено монографічними та журнальними матеріалами, електронними ресурсами, які стосуються досліджуваної теми, аналіз існуючих шляхів вирішення проблеми, проведення власного дослідження.
Наукова новизна полягає в тому, що розроблена методика є повним рішенням, в якому викладено основні аспекти перевірки безпеки пристроїв Bluetooth Low Energy, описані важливість кожного з аспектів та методи перевірки.
Результати роботи викладені у третьому розділі, що демонструють практичну роботу нової методики.
Практична значущість результатів. Результати даної роботи можуть бути використані при розробці або ж вдосконаленні пристроїв BLE.The object of study is Bluetooth Low Energy devices.
The subject of the study is the security of Bluetooth Low Energy devices.
The purpose of this work is to develop a methodology for analyzing the security of Bluetooth devices Low Energy, based on a study of fitness trackers and processed theoretical material on BLE security
InternalBlue - Bluetooth Binary Patching and Experimentation Framework
Bluetooth is one of the most established technologies for short range digital
wireless data transmission. With the advent of wearables and the Internet of
Things (IoT), Bluetooth has again gained importance, which makes security
research and protocol optimizations imperative. Surprisingly, there is a lack
of openly available tools and experimental platforms to scrutinize Bluetooth.
In particular, system aspects and close to hardware protocol layers are mostly
uncovered.
We reverse engineer multiple Broadcom Bluetooth chipsets that are widespread
in off-the-shelf devices. Thus, we offer deep insights into the internal
architecture of a popular commercial family of Bluetooth controllers used in
smartphones, wearables, and IoT platforms. Reverse engineered functions can
then be altered with our InternalBlue Python framework---outperforming
evaluation kits, which are limited to documented and vendor-defined functions.
The modified Bluetooth stack remains fully functional and high-performance.
Hence, it provides a portable low-cost research platform.
InternalBlue is a versatile framework and we demonstrate its abilities by
implementing tests and demos for known Bluetooth vulnerabilities. Moreover, we
discover a novel critical security issue affecting a large selection of
Broadcom chipsets that allows executing code within the attacked Bluetooth
firmware. We further show how to use our framework to fix bugs in chipsets out
of vendor support and how to add new security features to Bluetooth firmware
MagicPairing: Apple's Take on Securing Bluetooth Peripherals
Device pairing in large Internet of Things (IoT) deployments is a challenge
for device manufacturers and users. Bluetooth offers a comparably smooth trust
on first use pairing experience. Bluetooth, though, is well-known for security
flaws in the pairing process. In this paper, we analyze how Apple improves the
security of Bluetooth pairing while still maintaining its usability and
specification compliance. The proprietary protocol that resides on top of
Bluetooth is called MagicPairing. It enables the user to pair a device once
with Apple's ecosystem and then seamlessly use it with all their other Apple
devices. We analyze both, the security properties provided by this protocol, as
well as its implementations. In general, MagicPairing could be adapted by other
IoT vendors to improve Bluetooth security. Even though the overall protocol is
well-designed, we identified multiple vulnerabilities within Apple's
implementations with over-the-air and in-process fuzzing
Wireless Medical Sensor Networks: Design Requirements and Enabling Technologies
This article analyzes wireless communication protocols that could be used in healthcare environments (e.g., hospitals and small clinics) to transfer real-time medical information obtained from noninvasive sensors. For this purpose the features of the three currently most widely used protocols—namely, Bluetooth® (IEEE 802.15.1), ZigBee (IEEE 802.15.4), and Wi-Fi (IEEE 802.11)—are evaluated and compared. The important features under consideration include data bandwidth, frequency band, maximum transmission distance, encryption and authentication methods, power consumption, and current applications. In addition, an overview of network requirements with respect to medical sensor features, patient safety and patient data privacy, quality of service, and interoperability between other sensors is briefly presented. Sensor power consumption is also discussed because it is considered one of the main obstacles for wider adoption of wireless networks in medical applications. The outcome of this assessment will be a useful tool in the hands of biomedical engineering researchers. It will provide parameters to select the most effective combination of protocols to implement a specific wireless network of noninvasive medical sensors to monitor patients remotely in the hospital or at home
Software for Wearable Devices: Challenges and Opportunities
Wearable devices are a new form of mobile computer system that provides
exclusive and user-personalized services. Wearable devices bring new issues and
challenges to computer science and technology. This paper summarizes the
development process and the categories of wearable devices. In addition, we
present new key issues arising in aspects of wearable devices, including
operating systems, database management system, network communication protocol,
application development platform, privacy and security, energy consumption,
human-computer interaction, software engineering, and big data.Comment: 6 pages, 1 figure, for Compsac 201
Internet of Things-aided Smart Grid: Technologies, Architectures, Applications, Prototypes, and Future Research Directions
Traditional power grids are being transformed into Smart Grids (SGs) to
address the issues in existing power system due to uni-directional information
flow, energy wastage, growing energy demand, reliability and security. SGs
offer bi-directional energy flow between service providers and consumers,
involving power generation, transmission, distribution and utilization systems.
SGs employ various devices for the monitoring, analysis and control of the
grid, deployed at power plants, distribution centers and in consumers' premises
in a very large number. Hence, an SG requires connectivity, automation and the
tracking of such devices. This is achieved with the help of Internet of Things
(IoT). IoT helps SG systems to support various network functions throughout the
generation, transmission, distribution and consumption of energy by
incorporating IoT devices (such as sensors, actuators and smart meters), as
well as by providing the connectivity, automation and tracking for such
devices. In this paper, we provide a comprehensive survey on IoT-aided SG
systems, which includes the existing architectures, applications and prototypes
of IoT-aided SG systems. This survey also highlights the open issues,
challenges and future research directions for IoT-aided SG systems
Wireless body sensor networks for health-monitoring applications
This is an author-created, un-copyedited version of an article accepted for publication in
Physiological Measurement. The publisher is
not responsible for any errors or omissions in this version of the manuscript or any version
derived from it. The Version of Record is available online at http://dx.doi.org/10.1088/0967-3334/29/11/R01
Developing a Mini Smart House model
The work is devoted to designing a smart home educational model. The authors analyzed the literature in the field of the Internet of Things and identified the basic requirements for the training model. It contains the following levels: command, communication, management. The authors identify the main subsystems of the training model: communication, signaling, control of lighting, temperature, filling of the garbage container, monitoring of sensor data. The proposed smart home educational model takes into account the economic indicators of resource utilization, which gives the opportunity to save on payment for their consumption.
The hardware components for the implementation of the Mini Smart House were selected in the article. It uses a variety of technologies to conveniently manage it and use renewable energy to power it. The model was produced in-dependently by students involved in the STEM project. Research includes sketching, making construction parts, sensor assembly and Arduino boards, programming in the Arduino IDE environment, testing the functioning of the system. Research includes sketching, making some parts, assembly sensor and Arduino boards, programming in the Arduino IDE environment, testing the functioning of the system. Approbation Mini Smart House researches were conducted within activity the STEM-center of Physics and Mathematics Faculty of Ternopil Volodymyr Hnatiuk National Pedagogical University, in particular during the educational process and during numerous trainings and seminars for pupils and teachers of computer science
- …