The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - March/April (2010 vol.8)
pp: 20-27
John Paul Dunning , Virginia Tech
ABSTRACT
Bluetooth has become a prominent technology since its public debut in 1998, finding its way into everything from Blackberry smart phones to Samsung home theaters to the Toyota Prius and millions of other devices worldwide. This growth has also made Bluetooth a prime target for hackers. This article presents a taxonomy for threats against Bluetooth-enabled devices, a discussion of several of these threats, and steps for threat mitigation.
INDEX TERMS
Bluetooth, wireless communications, mobile computing, hacking, security taxonomy
CITATION
John Paul Dunning, "Taming the Blue Beast: A Survey of Bluetooth-Based Threats", IEEE Security & Privacy, vol.8, no. 2, pp. 20-27, March/April 2010, doi:10.1109/MSP.2010.82
REFERENCES
1. Bluetooth Specification, v. 3.0 + HS, Bluetooth SIG, Apr. 2009; www.bluetooth.com/Bluetooth/Technology/Building/ SpecificationsDefault.htm.
2. O. Whitehouse, "War Nibbling: Bluetooth Insecurity," white paper, @stake Inc., Oct. 2003; www.wardriving.ch/hpneu/blue/dokuatstake_war_nibbling.pdf .
3. A. Reiter, "Bluefish Software Finds Bluetooth Devices, Takes Photo of Area," blog entry, 6 Jan. 2005; www.cameraphonereport.com/2005/01bluefish_softwa.html .
4. P. Betouin, "[Infratech − release] version 0.6 of Bluetooth Stack Smasher," secuobs.com, 2 May 2006; www.secuobs.com/newsprint05022006-bluetooth10.shtml .
5. G. Me, "Exploiting Buffer Overflows over Bluetooth: The BluePAss Tool," Proc. 2nd IFIP Int'l Conf. Wireless and Optical Communications Networks (WOCN 05), IEEE Press, 2005, pp. 66–70.
6. "FTS4BT Bluetooth Protocol Analyzer and Packet Sniffer," product data sheet, Frontline Test Equipment, 2010; www.fte.com/productsFTS4BT.aspx.
7. "CATC Merlin II," product data sheet, LeCroy, 3 Nov. 3 2003; www.lecroy.com/files/pdfLeCroy_MerlinII_Datasheet.pdf .
8. D. Spill and A. Bittau, "BlueSniff: Eve Meets Alice and Bluetooth," Proc. Usenix Workshop on Offensive Technologies (WOOT 07); www.usenix.org/event/woot07/tech/full_papers/ spillspill.pdf.
9. A. Becker, "Bluetooth Security & Hacks," unpublished paper, 16 Aug. 2007; http://gsyc.es/~anto/ubicuos2bluetooth_security_and_hacks.pdf .
10. "Cabir," F-Secure Corporation, 2004; www.f-secure.com/v-descscabir.shtml.
11. M. Hines, "CommWarrior Guns for Nokias," CNET News.com, 8 Mar. 2005; news.zdnet.co.uk/security/0,1000000189,39190552,00.htm.
12. T. Karygiannis and L. Owens, Wireless Network Security 802.11, Bluetooth and Handheld Devices, special publication 800 48, US Nat'l Inst. of Standards and Technology, 2002.
13. K. Haataja and K. Hypponen, "Man-in-the-Middle Attacks on Bluetooth: A Comparative Analysis, a Novel Attack, and Countermeasures," Proc. 3rd Int'l Symp. Communications, Control, and Signal Processing (ISCCSP 08), IEEE Press, 2008, pp. 1096–1102.
26 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool