A Systematic Review of Bluetooth Security Threats, Attacks & Analysis

  IJCTT-book-cover
 
         
 
© 2021 by IJCTT Journal
Volume-69 Issue-7
Year of Publication : 2021
Authors : Tahira Ali, Rashid Baloch, Mohsan Azeem, Dr.Muhammad Farhan, Sana Naseem, Bushra Mohsin
DOI :  10.14445/22312803/IJCTT-V69I7P101

How to Cite?

Tahira Ali, Rashid Baloch, Mohsan Azeem, Dr.Muhammad Farhan, Sana Naseem, Bushra Mohsin, "A Systematic Review of Bluetooth Security Threats, Attacks & Analysis," International Journal of Computer Trends and Technology, vol. 69, no. 7, pp. 1-18, 2021. Crossref, https://doi.org/10.14445/22312803/IJCTT-V69I7P101

Abstract
Bluetooth technology is being used increasingly in electronic devices. Bluetooth is the communication medium that is most frequently used in electronic devices. Security and privacy are important, especially in communications where morbidity can have an impact. Bluetooth technology`s security needs to be evaluated increasingly, particularly with devices that use Bluetooth due to the increasing popularity and use of Bluetooth embedded devices. Bluetooth sensor security has become a focus between vendors and consumers since the introduction of Bluetooth technology. The existing Bluetooth security has been extensively scrutinized and checked in recent years, and several researchers analyzed and tested Bluetooth security and raised concerns about its reliability. This study seeks to the security vulnerabilities and threats in Bluetooth embedded devices. This study addresses the major threat that affects Bluetooth Security, Bluetooth threat taxonomy, and classification and description of Bluetooth threats.

Keywords
Bluetooth, Security, Hacks, Vulnerabilities, Threat, MITM, Taxonomy.

References

[1] Xu, F., Diao, W., Li, Z., Chen, J. and Zhang, K., BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals. In NDSS., (2019).
[2] How Bluetooth works. Retrieved from http://en.kioskea.net/contents/bluetooth/bluetoothfonctionnement.php3.
[3] Lee, C. S. Bluetooth security protocol analysis and improvements., (M.Sc. thesis). San Jose State University. Retrieved from http://www.cs.sjsu.edu/faculty/stamp/students/cs298ReportSteven.pdf., (2006).
[4] Larson, S., Every single Yahoo account was hacked-3 billion in all. CNN Tech, October, 4., (2017).
[5] Thomas, K., Li, F., Zand, A., Barrett, J., Ranieri, J., Invernizzi, L., Markov, Y., Comanescu, O., Eranti, V., Moscicki, A. and Margolis, D., Data breaches, phishing, or malware? Understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security (2017) (14211434). ACM.
[6] Rhodes, C. Bluetooth security. (East Carolina University, (2006) 6-9.
[7] Padgette, J., Scarfone, K. and Chen, L., Guide to Bluetooth security. NIST Special Publication, 800(121) (2012) 25.
[8] Dell, P. and Ghori, K.S.U.H. A simple way to improve the security of Bluetooth devices. In 2008 International Symposium on Applications and the Internet (2008) (444-447). IEEE.
[9] AL BAHAR, M., Dissertations in Forestry and Natural Sciences.
[10] Browning, D. and Kessler, G.C., Bluetooth hacking: A case study., (2009).
[11] Hodjat, A. and Verbauwhede, I., The energy cost of secrets in ad-hoc networks (short paper). In Proc. IEEE Circuits and Systems Workshop (CAS).,(2002).
[12] Candolin, C., Security issues for wearable computing and Bluetooth technology. Telecommunications Software and Multimedia Laboratory, Helsinki University of Technology, Finland., (2000).
[13] Laurie, B. and Laurie, A., Serious flaws in Bluetooth security lead to the disclosure of personal data. AL Digital Ltd. Technical report. http://bluestumbler. Org., (2003).
[14] Jakobsson, M. and Wetzel, S., Security weaknesses in Bluetooth. In Cryptographers’ Track at the RSA Conference (2001) (176-191). Springer, Berlin, Heidelberg.
[15] Gehrmann, C. and Nyberg, K., November. Enhancements to Bluetooth baseband security. , (2001) In Proceedings of Nordsec 191-230).
[16] Kügler, D., 2003, January., Man in the Middle., Attacks on Bluetooth. In International Conference on Financial Cryptography (149-161). Springer, Berlin, Heidelberg.
[17] Singelée, D. and Preneel, B., 2004. Security overview of Bluetooth. COSIC Internal Report, (2004).
[18] Karygiannis, T. and Owens, L., 2002. Wireless network security. NIST special publication, 800 (2004) 48.
[19] Aissi, S., Gehrmann, C. and Nyberg, K.,. Proposal for enhancing Bluetooth security using an improved pairing mechanism. In Bluetooth architecture review board at the Bluetooth all-hands meeting., (2004).
[20] Sayegh, A.A. and El-Hadidi, M.T., September. A modified secure remote password (SRP) protocol for key initialization and exchange in Bluetooth systems. In First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM`05) (2005) (261-269). IEEE.
[21] Giousouf, A. and Lemke, K., Bluetooth Security. Communication Security Department Ruhr University, Bochum.
[22] Shaked, Y. and Wool, A., 2005, June. Cracking the Bluetooth pin. In Proceedings of the 3rd international conference on Mobile systems, applications, and services (2005) (39-50).
[23] Lindell, A.Y., 2008. Attacks on the pairing protocol of Bluetooth v2. 1. Black Hat USA, Las Vegas, Nevada.
[24] Barnickel, J., Wang, J. and Meyer, U., 2012, June. Implementing an attack on Bluetooth 2.1+ secure, simple pairing in passkey entry mode. In 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications ,(2012) (17-24). IEEE.
[25] Haataja, K. and Toivanen, P., 2010. Two practical man-in-the-middle attacks on Bluetooth secure, simple pairing and countermeasures. IEEE Transactions on Wireless Communications, 9(1) (2010) 384-392.
[26] Chang, R. and Shmatikov, V., Formal analysis of authentication in Bluetooth device pairing. FCS-ARSPA07( 2007) 45.
[27] Das, A.K., Pathak, P.H., Chuah, C.N. and Mohapatra, P., 2016, February. Uncovering privacy leakage in ble network traffic of wearable fitness trackers. In Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications., (2016) (99-104).
[28] Levi, A., Çetinta?, E., Aydos, M., Koç, Ç.K. and Ça?layan, M.U., 2004, October. Relay attacks on Bluetooth authentication and solutions. In International Symposium on Computer and Information Sciences (278-288). Springer, Berlin, Heidelberg.
[29] Aissi, S., Gehrmann, C. and Nyberg, K.,. Proposal for enhancing Bluetooth security using an improved pairing mechanism. In Bluetooth architecture review board at the Bluetooth all-hands meeting., (2004).
[30] Ryan, M., 2013. How Smart is Bluetooth Smart? SchmooCon 9.
[31] Mutchukota, T.R., Panigrahy, S.K. and Jena, S.K., 2011, August. Manin-the-middle attack and its countermeasure in Bluetooth secure, simple pairing. In International Conference on Information Processing (367-376). Springer, Berlin, Heidelberg.,
[32] Scarfone, K. and Padgette, J., 2008. Guide to Bluetooth security. NIST Special Publication, 800(2008M).121.
[33] Minar, N.B.N.I. and Tarique, M., Bluetooth security threats and solutions: a survey. International Journal of Distributed and Parallel Systems, 3(1) (2012) 127.
[34] Sandhya, S. and Devi, K.S., 2012, November. Contention for man-inthe-middle attacks in Bluetooth networks. In 2012 Fourth International Conference on Computational Intelligence and Communication Networks (2012) (700-703). IEEE.
[35] Lonzetta, A.M., Cope, P., Campbell, J., Mohd, B.J. and Hayajneh, T., Security vulnerabilities in Bluetooth technology as used in IoT. Journal of Sensor and Actuator Networks, 7(3) (2018) 28.
[36] Browning, D. and Kessler, G.C., Bluetooth hacking: A case study., (2009).
[37] Dhuri, S., Bluetooth Attack and Security. Int. J. Curr. Trends Eng. Res, 3(2017) 76-81.
[38] Hassan, S.S., Bibon, S.D., Hossain, M.S. and Atiquzzaman, M., Security threats in Bluetooth technology. Computers & Security, 74 (2018) 308-322.
[39] Satam, P., Satam, S. and Hariri, S., Bluetooth Intrusion Detection System (BIDS). In 2018 IEEE/ACS 15th International Conference on Computer Systems and Applications (AICCSA) (2018) (1-7). IEEE.
[40] Dubey, V., Vaishali, K., Behar, N. and Vishwavidyalaya, G., A Review on Bluetooth Security Vulnerabilities and a Proposed Prototype Model for Enhancing Security against MITM Attack. Int. J. Res. Stud. Comput. Sci. Eng, (2015) 69-75.
[41] Tsira, V. and Nandi, G., 2014. Bluetooth technology: Security issues and its prevention. Int. J. Comput. Appl. Technol, 5(2014) 1833-1837.
[42] Zeadally, S., Siddiqui, F. and Baig, Z., 25 Years of Bluetooth Technology. Future Internet, 11(9) (2019) 194.
[43] Dunning, J., Taming the blue beast: A survey of Bluetooth based threats. IEEE Security & Privacy, 8(2)(2010) 20-27.
[44] Gostev, A. and Maslennikov, D., Mobile malware evolution: An overview. Kaspersky Labs Report on Mobile Viruses., (2006).
[45] Colleen, R., Bluetooth security. East Carolina University., (2006).
[46] Surendiran,R., and Alagarsamy,K., 2012. "An Extensive Survey on Mobile Security and Issues”. SSRG International Journal of Computer & organization Trends (IJCOT), 2(1), pp.39-46.
[47] Hassan, S.S., Bibon, S.D., Hossain, M.S. and Atiquzzaman, M., 2018. Security threats in Bluetooth technology. Computers & Security, 74 (2018) 308-322.