• Corpus ID: 195347447

Attacks Against BLE Devices by Co-located Mobile Applications

@article{Sivakumaran2018AttacksAB,
  title={Attacks Against BLE Devices by Co-located Mobile Applications},
  author={Pallavi Sivakumaran and Jorge Blasco},
  journal={ArXiv},
  year={2018},
  volume={abs/1808.03778}
}
Bluetooth Low Energy (BLE) is a fast-growing wireless technology with a large number of potential use cases, particularly in the IoT domain. With many of these use cases, the BLE device stores sensitive user data or critical device controls, which may be accessed by an augmentative Android or iOS application. Uncontrolled access to such data could violate a user's privacy, cause a device to malfunction, or even endanger lives. The BLE specification aims to solve this with network layer security… 
BLESS: A BLE Application Security Scanning Framework
TLDR
A BLE Security Scan (BLESS) framework is designed and implemented to identify those BLE apps that do not implement encryption or authentication at the application layer and proposes and implements an application-level defense with a low-cost $0.55 crypto co-processor using public key cryptography.
On the (In)security of Bluetooth Low Energy One-Way Secure Connections Only Mode
TLDR
This work examines the life cycle of a BLE pairing process in Android and identifies four severe design flaws that can be exploited by attackers to perform downgrading attacks, forcing the BLE Pairing protocols to run in the insecure mode without the users' awareness.
SAAC: Secure Android Application Context a Runtime Based Policy and its Architecture
TLDR
This paper presents a novel approach allowing a standard Android user to launch its applications in a configurable secure execution context and a performance assessment of the solution is provided.
Contrôle d'accès dynamique et architecture de sécurité pour la protection des applications sous Androïd. (Dynamic access control and security architecture to protect Android applications)
TLDR
La derniere contribution of cette these consiste en the realisation d'un prototype de cette architecture sur une carte de developpement, associee a the presentation of tests permettant de montrer l'efficacite and the pertinence of l'approche.

References

SHOWING 1-10 OF 28 REFERENCES
Protecting Privacy of BLE Device Users
TLDR
This paper proposes a new device-agnostic system, called BLE-Guardian, that protects the privacy of the users/environments equipped with BLE devices/IoTs and enables the users and administrators to control those who discover, scan and connect to their devices.
Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android
TLDR
The first study on external Device Mis-Bonding or DMB under the context of Bluetooth-enabled Android devices is presented, and the first OS-level protection, called Dabinder, is developed, which automatically generates secure bonding policies between a device and its official app and enforces them when an app attempts to establish Bluetooth connections with a devices and unpair the phone from the device.
Cross-App Tracking via Nearby Bluetooth Low Energy Devices
TLDR
This work shows that by listening to advertising packets broadcasted by nearby BLE-enabled devices and recording information contained in them, app developers can derive fairly unique "fingerprints" for their users, which can be used for cross-app tracking, i.e., linking pseudonymous users of different apps to each other.
Implementation and design issues for using Bluetooth low energy in passive keyless entry systems
TLDR
The focus of this research is to investigate keyless entry systems using the Bluetooth Low Energy (BLE) technology, with a considerable number of design issues and tradeoffs that needed to be considered were and looked into.
Security Analysis of Wearable Fitness Devices ( Fitbit )
TLDR
It is discovered that MAC addresses on Fitbit devices are never changed, enabling usercorrelation attacks, and BTLE credentials are also exposed on the network during device pairing over TLS, which might be intercepted by MITM attacks.
Overview and Evaluation of Bluetooth Low Energy: An Emerging Low-Power Wireless Technology
TLDR
Experimental results are provided that complement the theoretical and simulation findings, and implementation constraints that may reduce BLE performance are indicated.
Uncovering Privacy Leakage in BLE Network Traffic of Wearable Fitness Trackers
TLDR
It is shown that majority of the fitness trackers use unchanged BLE address while advertising, making it feasible to track them and it is demonstrated that the BLE traffic can represent user's gait which is known to be distinct from user to user.
An empirical study of cryptographic misuse in android applications
TLDR
This paper develops program analysis techniques to automatically check programs on the Google Play marketplace, and finds that applications do not use cryptographic APIs in a fashion that maximizes overall security.
Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
TLDR
This paper developed a static analysis tool to automatically detect attempts to load external code using static analysis techniques, and performed a large-scale study of popular applications from the Google Play store, showing that loading external code in an insecure way is a problem in as much as 9.25% of those applications and even 16% of the top 50 free applications.
...
...