4 research outputs found
Recommended from our members
A COMPARATIVE ANALYSIS OF DEVICES VIA THE BLUETOOTH PROTOCOL IN A TIME SERIES ANALYSIS
The utilization of the Bluetooth protocol has provided many with the seamless transmission of data to multiple devices. Given its versatility and being an efficient process of connectivity, it has become one of the preferred methods of wireless connections. Despite this, an aspect of the Bluetooth function is still vulnerable to being exploited by having the data transmission stolen. This project answered the following questions: “How does one reduce the vulnerability by comparing normal and abnormal Bluetooth data?”, “How does one identify outlying variables within the data?” and “How can we improve the Bluetooth function?”. This project relied on previous research based on establishing patterns of life in Bluetooth devices in order to categorize such devices using their data. By applying a similar approach, this research is focused on creating a methodology of capturing, detecting, and analyzing normal and abnormal Bluetooth data. By creating two scenarios involving Bluetooth devices, one where a normal transmission happens and another where a Bluetooth Hijacking occurs, comparable scans were made and then compared. The findings were as follows: The analysis shows it is possible to categorize the Bluetooth devices and attribute their data to create a pattern of life. By comparing normal and abnormal Bluetooth data, vulnerability can be reduced by detecting abnormal data much sooner and thus alerting the user of any attacks. To identify the outlying variables, certain characteristics within the Bluetooth packet in Wireshark can be selected and shown in the RStudio graph. Having these variables displayed creates a better visual to further analyze the data captured and identify any outlying variables. This project also introduced methods that the Bluetooth function can be improved on by including the introduction of more pin inputs when entering Bluetooth networks, as well as the idea to introduce a feature that authenticates the termination of a Bluetooth connection. The conclusion of this project revealed that these captures and analysis allow for establishing a pattern of life of what would be considered normal and abnormal data within the Bluetooth IoT and can be expanded into other Bluetooth devices
Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy
Bluetooth (BR/EDR) and Bluetooth Low Energy (BLE) are pervasive wireless technologies specified in the Bluetooth standard. The standard includes key negotiation protocols used to generate long term keys (during pairing) and session keys (during secure connection establishment). In this work, we demonstrate that the key negotiation protocols of Bluetooth and BLE are vulnerable to standard-compliant entropy downgrade attacks. In particular, we show how an attacker can downgrade the entropy of any Bluetooth session key to 1 byte, and of any BLE long term key and session key to 7 bytes. Such low entropy values enable the attacker to brute force Bluetooth long term keys and BLE long term and session keys, and to break all the security guarantees promised by Bluetooth and BLE. As a result of our attacks, an attacker can decrypt all the ciphertext and inject valid ciphertext in any Bluetooth and BLE network.
Our key negotiation downgrade attacks are conducted remotely, do not require access to the victims’ devices and are stealthy to the victims. As the attacks are standard-compliant, they are effective regardless of the usage of the strongest Bluetooth and BLE security modes (including Secure Connections), the Bluetooth version, and the implementation details of the devices used by the victims. We successfully attack 38 Bluetooth devices (32 unique Bluetooth chips) and 19 BLE devices from different vendors, using all the major versions of the Bluetooth standard. Finally, we present effective legacy compliant and non-legacy compliant countermeasures to mitigate our key negotiation downgrade attacks