DEMO: Venom: a Visual and Experimental Bluetooth Low Energy Tracking System

International audienceThe Bluetooth Low Energy (BLE) protocol is being included in mobile devices such as smartphones, headphones and smartwatches. As part of the BLE service discovery mechanism, devices announce their presences by broadcasting radio signals called advertisement packets that can be collected with off-the-shelf hardware and software. To avoid the risk of tracking based on those messages, BLE features an address randomization mechanism substituting the device MAC address with random temporary pseudonyms. However, the payload of advertisement packets still contains fields that can negate the randomization mechanism by exposing static identifiers. In this paper, we present Venom (Visual and ExperimeNtal BluetOoth Low Energy tracking systeM), an experimental tracking platform aiming to raise public awareness about physical tracking technologies and experiment privacy-preserving mechanisms. Venom tracks users by collecting advertisement packets broadcasted by their BLE-enabled devices, and displays related information

МЕТОД ВИЗНАЧЕННЯ ПОТЕНЦІЙНО НЕБЕЗПЕЧНИХ ОСІБ ПО ДАНИХ BLUETOOTH

In today's technologically advanced era, the ubiquitous use of smart mobile devices has become a significant aspect of daily life, thereby presenting a valuable opportunity for investigative purposes. These devices, when equipped with the right tools and subjected to thorough inspection methodologies, can yield a treasure trove of concealed information, which can be crucial in various investigative scenarios. Among these devices, the Apple iPhone stands out due to its widespread popularity and adoption across a diverse global user base. Its advanced features and user-friendly characteristics have made it a preferred choice for a wide array of individuals, ranging from students and teachers to business professionals and individuals from various other fields. This widespread usage underscores the importance of understanding the nuances of iPhone data in investigative contexts. This article delves into the intricate concept of identifying a potentially dangerous person by leveraging the data available on these smart devices. It meticulously discusses the importance of context in categorizing an individual as potentially dangerous and sheds light on the various factors that play a pivotal role in this classification process. To aid in this endeavor, the article introduces a comprehensive diagram that outlines the step-by-step procedure for assessing the potential danger posed by an individual. Furthermore, the article explores the fundamental techniques of mobile device forensics, particularly focusing on devices operating on the iOS platform. It presents the findings from practical research, offering insights into the type of data that can be extracted during a forensic investigation of these devices. A novel approach is proposed for classifying individuals as potentially dangerous based on the analysis of Bluetooth data obtained from their mobile devices. This method is elucidated through the presentation of pseudocode, which details the algorithmic steps involved in this classification process. To enhance the effectiveness of this method, the article suggests incorporating additional data sources. These include information pertaining to saved Wi-Fi networks that the device has connected to and GPS coordinates that have been logged during the operation of various system applications inherent to the iOS operating system. Finally, the article emphasizes the critical need for the practical implementation and rigorous testing of this proposed method. It underscores the importance of validating and refining the approach to ensure its effectiveness and reliability in identifying potentially dangerous individuals through the forensic analysis of mobile device data. This comprehensive approach not only broadens the scope of mobile device forensics but also contributes significantly to the field of security and investigative research.Розумні мобільні пристрої сьогодні використовуються все частіше, що робить їх справжньою знахідкою для слідчих. Відповідне обладнання та методи інспекції можуть допомогти виявити та відновити велику кількість прихованої інформації на цих пристроях. Apple iPhone використовується великою кількістю людей по всьому світу завдяки своїм функціям та характеристикам. iPhone використовують багато різних типів людей, включаючи студентів, вчителів, бізнесменів та людей інших професій.  В даній статті вводи­ться  концепція потенційно небезпечної особи, описуються особливості врахування контексту при класифікації особи як потенційно небезпечної, описуються фактори, які можуть впливати на процес класифікації. Пропонується діаграма, яка описує процес класифікації особи на потенційну небезпечність. Розглядаються базові методи криміналістики мобільних пристроїв та показуються результати практичного дослідження. Аналізуються дані, виявлені в результаті криміналістичного дослідження мобільного пристрою на базі операційної системи iOS. Пропонується метод класифікації потенційно небезпечних осіб на основі Bluetooth-даних мобільного пристрою. Представляється псевдокод який описує алгоритм роботи запропонованого методу. Пропонуються додаткові джерела даних для покращення методу, а саме використання інформації про збережені Wi-Fi мережі до яких підключався пристрій та GPS координати збережені під час роботи системних застосунків операційної системи iOS. Підкреслюється необхідність практичної реалізації запропонованого методу та необхідність його апробації

How Low Can You Go? Performance Trade-offs in Low-Resolution Thermal Sensors for Occupancy Detection: A Systematic Evaluation

We contribute by systematically analysing the performance trade-offs, costs (privacy loss and deployment cost) and limits of low-resolution thermal array sensors for occupancy detection. First, to assess performance limits, we manipulate the frame rate and resolution of images to establish the lowest possible values where reliable occupancy information can be captured. We also assess the effect of different viewing angles on the performance. We analyse performance using two datasets, an open-source dataset of thermal array sensor measurements (TIDOS) and a proprietary dataset that is used to validate the generality of the findings and to study the effect of different viewing angles. Our results show that even cameras with a 4x2 resolution - significantly lower than what has been used in previous research - can support reliable detection, as long as the frame rate is at least 4 frames per second. The lowest tested resolution, 2x2, can also offer reliable detection rates but requires higher frame rates (at least 16 frames per second) and careful adjustment of the camera viewing angle. We also show that the performance is sensitive to the viewing angle of the sensor, suggesting that the camera's field-of-view needs to be carefully adjusted to maximize the performance of low-resolution cameras. Second, in terms of costs, using a camera with only 4x2 resolution reveals very few insights about the occupants' identity or  behaviour, and thus helps to preserve their privacy. Besides privacy, lowering the resolution and frame rate decreases manufacturing and operating costs and helps to make the solution easier to adopt. Based on our results, we derive guidelines on how to choose sensor resolution in real-world deployments by carrying out a small-scale trade-off analysis that considers two representative buildings as potential deployment areas and compares the cost, privacy and accuracy trade-offs of different resolutions.Peer reviewe

Ré-identification d'adresses dans les réseaux LoRaWAN

LoRaWAN is a long range, low energy and low throughput network technology used to provide connectivity to all kind of devices. Encryption ensure the confidentiality of the conveyed data but do not protects metadata, including the DevAddress which is the device identifier allocated by the LoRa network. Because of the long range of the radio signals and the open nature of the wireless medium, this metadata can be easily collected and can leak potentially sensitive information about a system communicating through LoRa.In addition to the DevAddress, a device is also identified by a DevEUI, a globally unique and permanent identifier. As opposed to the DevAddress, the DevEUIis a static identifier and it can generally be linked to the device manufacturer or the device type. The DevEUI is thus a source of additional information that could be combined with the traffic metadata to gain additional knowledge on a device. However, on the wireless link the DevEUIis only exposed during the join procedure and is never directly associated with other identifiers, and in particular not with the DevAddress.In this documente, focus on this problem and present a method to link a DevEUI to a DevAddress and thus to the associated metadata. Our method relies on the time correlation between messages exchanged during the device activation and registration on the LoRa network. The proposed method is tested on two sets of LoRa traces: a real-world dataset and a synthetic one. The corresponding simulation results shows that a significant fraction of the DevEUI can be matched to a DevAddress. Finally we discuss a number of measures that could be adopted to reduce the efficiency of the presented address linking attack.LoRaWAN est une technologie réseau à longue portée, faible débit et basse consommation d’énergie utilisée pour fournir une connectivité à toutes sortes d’appareils. Le chiffrement assure la confidentialité des données mais ne protège pas les métadonnées, en particulier la DevAddress qui est l’identifiant de l’appareil alloué par le réseau LoRa. A cause de la longue portée des signaux radio et de la nature ouverte du medium sans-fil, ces métadonnées peuvent être aisément collectées et peuvent exposer des informations potentiellement sensibles à propos d’un système.En plus de la DevAddress, un appareil est aussi identifié par un DevEUI, un identifiant unique. Contrairement au DevAddress, le DevEUIest statique et il peut être rattaché à un constructeur ou au type de l’appareil. Le DevEUIest donc une source d’information qui pourrait être combiné avec d’autres métadonnées. Cependant, sur le canal radio, le DevEUIest seulement exposé durant la procédure d’association et n’est jamais directement associé à d’autres identifiant, et en particulier jamais avec le DevAddress.Dans ce document, nous traitons ce problème et présentons une méthode permettant de lier un DevEUI à un DevAddress, et ainsi aux métadonnées associées. Notre méthode repose sur une corrélation temporelle entre les messages échangés durant la phase d’activation et d’association au réseau LoRa. Cette méthode est testée sur un jeu de traces réel et un jeu de traces synthétique. Les résultats de simulation obtenus montrent qu’une fraction significative des DevEUI peuventêtre associé à un DevAddress. Nous terminons en proposant des mesures qui pourraient être adoptées pour empêcher cette attaque

Recent Advances in Wearable Sensing Technologies

Wearable sensing technologies are having a worldwide impact on the creation of novel business opportunities and application services that are benefiting the common citizen. By using these technologies, people have transformed the way they live, interact with each other and their surroundings, their daily routines, and how they monitor their health conditions. We review recent advances in the area of wearable sensing technologies, focusing on aspects such as sensor technologies, communication infrastructures, service infrastructures, security, and privacy. We also review the use of consumer wearables during the coronavirus disease 19 (COVID-19) pandemic caused by the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2), and we discuss open challenges that must be addressed to further improve the efficacy of wearable sensing systems in the future

Demystifying COVID-19 digital contact tracing: A survey on frameworks and mobile apps

The coronavirus pandemic is a new reality and it severely affects the modus vivendi of the international community. In this context, governments are rushing to devise or embrace novel surveillance mechanisms and monitoring systems to fight the outbreak. The development of digital tracing apps, which among others are aimed at automatising and globalising the prompt alerting of individuals at risk in a privacy-preserving manner is a prominent example of this ongoing effort. Very promptly, a number of digital contact tracing architectures has been sprouted, followed by relevant app implementations adopted by governments worldwide. Bluetooth, and specifically its Low Energy (BLE) power-conserving variant has emerged as the most promising short-range wireless network technology to implement the contact tracing service. This work offers the first to our knowledge, full-fledged review of the most concrete contact tracing architectures proposed so far in a global scale. This endeavour does not only embrace the diverse types of architectures and systems, namely centralised, decentralised, or hybrid, but it equally addresses the client side, i.e., the apps that have been already deployed in Europe by each country. There is also a full-spectrum adversary model section, which does not only amalgamate the previous work in the topic, but also brings new insights and angles to contemplate upon.Comment: 34 pages, 3 figure

A Survey of COVID-19 Contact Tracing Apps

The recent outbreak of COVID-19 has taken the world by surprise, forcing lockdowns and straining public health care systems. COVID-19 is known to be a highly infectious virus, and infected individuals do not initially exhibit symptoms, while some remain asymptomatic. Thus, a non-negligible fraction of the population can, at any given time, be a hidden source of transmissions. In response, many governments have shown great interest in smartphone contact tracing apps that help automate the difficult task of tracing all recent contacts of newly identified infected individuals. However, tracing apps have generated much discussion around their key attributes, including system architecture, data management, privacy, security, proximity estimation, and attack vulnerability. In this article, we provide the first comprehensive review of these much-discussed tracing app attributes. We also present an overview of many proposed tracing app examples, some of which have been deployed countrywide, and discuss the concerns users have reported regarding their usage. We close by outlining potential research directions for next-generation app design, which would facilitate improved tracing and security performance, as well as wide adoption by the population at large.Comment: Paper has been accepted for publication in IEEE Access. Currently available on IEEE ACCESS early access (see DOI