BlueLock una herramienta para prevenir ataques en Bluetooth

Digital devices are presented several vulnerabilities because when making a connection your information can be compromised. Bluetooth is a means of wireless communication that allows you to transfer files with distances of up to 100 meters, but its security has been seen as malicious users, attacking special cell phones. The Bluetooth manufacturers have improved their security but it has not been enough to control the vulnerabilities. The security of the Bluetooth connection has been directed by the manufacturers, but the user has not been able to carry out a control of this security.Los dispositivos digitales presentan vulnerabilidades ya que al realizar una conexión su información puede verse comprometida. Bluetooth es un medio de comunicación inalámbrico muy reconocido ya que permite transferencia de archivos con distancias de hasta 100 metros, pero su seguridad se ha visto afectada por usuarios maliciosos, atentando en especial dispositivos celulares. Los fabricantes de bluetooth han mejorado su seguridad, pero no ha sido suficiente para controlar las vulnerabilidades. La seguridad de conexión de bluetooth ha sido gestionada por los fabricantes, pero el usuario final no puede llevar un control de esta seguridad

On the Security of Bluetooth Low Energy in Two Consumer Wearable Heart Rate Monitors/Sensing Devices

Since its inception in 2013, Bluetooth Low Energy (BLE) has become the standard for short-distance wireless communication in many consumer devices, as well as special-purpose devices. In this study, we analyze the security features available in Bluetooth LE standards and evaluate the features implemented in two BLE wearable devices (a Fitbit heart rate wristband and a Polar heart rate chest wearable) and a BLE keyboard to explore which security features in the BLE standards are implemented in the devices. In this study, we used the ComProbe Bluetooth Protocol Analyzer, along with the ComProbe software to capture the BLE traffic of these three devices. We found that even though the standards provide security mechanisms, because the Bluetooth Special Interest Group does not require that manufacturers fully comply with the standards, some manufacturers fail to implement proper security mechanisms. The circumvention of security in Bluetooth devices could leak private data that could be exploited by rogue actors/hackers, thus creating security, privacy, and, possibly, safety issues for consumers and the public. We propose the design of a Bluetooth Security Facts Label (BSFL) to be included on a Bluetooth/BLE enabled device’s commercial packaging and conclude that there should be better mechanisms for informing users about the security and privacy provisions of the devices they acquire and use and to educate the public on protection of their privacy when buying a connected device

A Test Environment for Wireless Hacking in Domestic IoT Scenarios

Security is gaining importance in the daily life of every citizen. The advent of Internet of Things devices in our lives is changing our conception of being connected through a single device to a multiple connection in which the centre of connection is becoming the devices themselves. This conveys the attack vector for a potential attacker is exponentially increased. This paper presents how the concatenation of several attacks on communication protocols (WiFi, Bluetooth LE, GPS, 433 Mhz and NFC) can lead to undesired situations in a domestic environment. A comprehensive analysis of the protocols with the identification of their weaknesses is provided. Some relevant aspects of the whole attacking procedure have been presented to provide some relevant tips and countermeasures.This work has been partially supported by the Spanish Ministry of Science and Innovation through the SecureEDGE project (PID2019-110565RB-I00), and by the by the Andalusian FEDER 2014-2020 Program through the SAVE project (PY18-3724). // Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. // Funding for open access charge: Universidad de Málaga / CBU

Smart homes under siege: Assessing the robustness of physical security against wireless network attacks

© 2024 The Authors. Published by Elsevier Ltd. This is an open access article distributed under the terms of the Creative Commons Attribution License (CC BY), https://creativecommons.org/licenses/by/4.0/Nowadays domestic smart security devices, such as smart locks, smart doorbells, and security cameras, are becoming increasingly popular with users, due to their ease of use, convenience, and declining prices. Unlike conventional non-smart security devices, such as alarms and locks, performance standards for smart security devices, such as the British TS 621, are not easily understandable by end users due to the technical language employed. Users also have very few sources of unbiased information regarding product performance in real world conditions and protection against attacks from cyber attacker-burglars and, as a result, tend to take manufacturer claims at face value. This means that, as this work proves, users may be exposed to threats, such as theft, impersonation (should an attacker steal their credentials), and even physical injury, if the device fails and is used to prevent access to hazardous environments. As such, this paper deploys several attacks using popular wireless attack vectors (i.e., 433MHz radio, Bluetooth, and RFID) against domestic smart security devices to assess the protection offered against a cyber attacker-burglar. Our results suggest that users are open to considerable cyber physical attacks, irrespective if they use lesser known (i.e., no name) or branded smart security devices, due to the poor security offered by these devices.Peer reviewe

A Systematic Review of LPWAN and Short-Range Network using AI to Enhance Internet of Things

Artificial intelligence (AI) has recently been used frequently, especially concerning the Internet of Things (IoT). However, IoT devices cannot work alone, assisted by Low Power Wide Area Network (LPWAN) for long-distance communication and Short-Range Network for a short distance. However, few reviews about AI can help LPWAN and Short-Range Network. Therefore, the author took the opportunity to do this review. This study aims to review LPWAN and Short-Range Networks AI papers in systematically enhancing IoT performance. Reviews are also used to systematically maximize LPWAN systems and Short-Range networks to enhance IoT quality and discuss results that can be applied to a specific scope. The author utilizes selected reporting items for systematic review and meta-analysis (PRISMA). The authors conducted a systematic review of all study results in support of the authors' objectives. Also, the authors identify development and related study opportunities. The author found 79 suitable papers in this systematic review, so a discussion of the presented papers was carried out. Several technologies are widely used, such as LPWAN in general, with several papers originating from China. Many reports from conferences last year and papers related to this matter were from 2020-2021. The study is expected to inspire experimental studies in finding relevant scientific papers and become another review

Simultaneous wireless power and data transfer for electric vehicle charging: a review

Wireless charging of Electric Vehicles (EVs) has become an important research topic in recent years. During the wireless charging process, wireless data exchange must take place between the EV and the charging station. Battery status, current and voltage of the charger or the EV identification may be required on the primary side in order for the system to operate properly. This data exchange can be carried out through commercial wireless communication solutions such as Bluetooth, 802.11 or ZigBee. However, these technologies introduce cybersecurity problems, high and variable transmission delays and possible connection losses during communication. To address these issues, numerous solutions have been proposed based on wireless data transmission through the wireless power transfer circuit. This paper gives a comprehensive review of the different issues that need to be considered for simultaneous wireless power and data transmission (SWPDT) for wireless EV charging applications. This context represents a challenge for SWPDT due to the power levels and the high probability of operating with notable misalignments or even with the EV on move. Specifically, a classification of SWPDT systems is described, and six different criteria to consider when designing a SWPDT system are analysed for EVs. The suitability of different system configurations is evaluated according to three representative use cases: (i) providing maximum efficiency, (ii) synchronisation for bidirectional wireless chargers and (iii) dynamic charging. We have also analysed the feasibility of using the Open Charge Point Protocol (OCPP) together with ISO 15118, which is the most popular communication protocol used in EV charging infrastructures.Funding for open access charge: Universidad de Málaga/CBUA. Funding for this project was partially provided by the Spanish Ministerio de Educación, Cultura y Deporte, José de Castillejo programme (Mobility Grant CAS 17-00318), the Spanish Ministerio de Ciencia e Innovacion (MICINN) project PID2019-110531-RA-I00/AEI/10.13039/501100011033 of the ”Proyectos de I+D+i - RTI Tipo A” and by the University of Malaga (project D5-2021-09)

How Physicality Enables Trust: A New Era of Trust-Centered Cyberphysical Systems

Multi-agent cyberphysical systems enable new capabilities in efficiency, resilience, and security. The unique characteristics of these systems prompt a reevaluation of their security concepts, including their vulnerabilities, and mechanisms to mitigate these vulnerabilities. This survey paper examines how advancement in wireless networking, coupled with the sensing and computing in cyberphysical systems, can foster novel security capabilities. This study delves into three main themes related to securing multi-agent cyberphysical systems. First, we discuss the threats that are particularly relevant to multi-agent cyberphysical systems given the potential lack of trust between agents. Second, we present prospects for sensing, contextual awareness, and authentication, enabling the inference and measurement of ``inter-agent trust" for these systems. Third, we elaborate on the application of quantifiable trust notions to enable ``resilient coordination," where ``resilient" signifies sustained functionality amid attacks on multiagent cyberphysical systems. We refer to the capability of cyberphysical systems to self-organize, and coordinate to achieve a task as autonomy. This survey unveils the cyberphysical character of future interconnected systems as a pivotal catalyst for realizing robust, trust-centered autonomy in tomorrow's world