Demonstração Experimental de Vulnerabilidades em Dispositivos Internet das Coisas
Abstract
This paper presents the BLE technology and protocols, as well, vulnerabilities and attacks performed in BLE devices. Attacks were performed in two BLE devices to demonstrate the use of technology sweyntooth and vulnerabilities of BLE devices. In these devices, sweyntooth was used, which in turn, could capture between 12 to 18 different vulnerabilities. This security testing exposed flaws, ranging from the mildest to the most serious.
References
Aellison C. T. Santos, José L Soares Filho, S. S. V. N. and Fonseca, I. E. (2019). BLE Injection-free Attack: a Novel Attack on Bluetooth Low Energy Devices. Elsevier Journal of Ambient Intelligence and Humanized Computing.
Barua, A., Al Alamin, M. A., Hossain, M. S., and Hossain, E. (2022). Security and privacy threats for bluetooth low energy in iot and wearable devices: A comprehensive survey. IEEE Open Journal of the Communications Society.
Cauquil, D. Btlejuice: the bluetooth smart mitm framework, def con 24 internet of things village, 2016.
dos Santos, A. C. T. (2017). Ameaças à Internet das Coisas: Explorando Vulnerabilidades do Bluetooth Low Energy e Suas Defesas. Universidade Federal da Paraíba.
Faragher, R. and Harle, R. (2015). Location fingerprinting with bluetooth low energy beacons. IEEE journal on Selected Areas in Communications, 33(11):2418–2428.
Kwon, G., Kim, J., Noh, J., and Cho, S. (2016). Bluetooth low energy security vulnerability and improvement method. In 2016 IEEE International Conference on Consumer Electronics-Asia (ICCE-Asia), pages 1–4. IEEE.
Matheus E. Garbelini; Chundong Wang, S. C. S. S. and A*Star, E. K. (2020). SweynTooth: Unleashing Mayhem over Bluetooth Low Energy. usenix the advanced computing systems association.
Prakash, Y., Biradar, V., Vincent, S., Martin, M., and Jadhav, A. (2017). Smart bluetooth low energy security system. In 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pages 2141–2146. IEEE.
Ryan, M. (2013). Bluetooth: With Low Energy comes Low Security. usenix the advanced computing systems association.
SILVA, Ávilla I. S.; SANTOS, A. C. T. M. M. A. F. G. P. H. R. S. R. M. N. V. F. I. E. (2020). Segurança em Aplicações de Internet das Coisas: Bluetooth Low Energy, casos de uso e vulnerabilidades. Livro de minicursos SBRT 2020.
Zegeye, W. K. (2015). Exploiting bluetooth low energy pairing vulnerability in telemedicine. In International Telemetering Conference Proceedings. International Foundation for Telemetering.
Barua, A., Al Alamin, M. A., Hossain, M. S., and Hossain, E. (2022). Security and privacy threats for bluetooth low energy in iot and wearable devices: A comprehensive survey. IEEE Open Journal of the Communications Society.
Cauquil, D. Btlejuice: the bluetooth smart mitm framework, def con 24 internet of things village, 2016.
dos Santos, A. C. T. (2017). Ameaças à Internet das Coisas: Explorando Vulnerabilidades do Bluetooth Low Energy e Suas Defesas. Universidade Federal da Paraíba.
Faragher, R. and Harle, R. (2015). Location fingerprinting with bluetooth low energy beacons. IEEE journal on Selected Areas in Communications, 33(11):2418–2428.
Kwon, G., Kim, J., Noh, J., and Cho, S. (2016). Bluetooth low energy security vulnerability and improvement method. In 2016 IEEE International Conference on Consumer Electronics-Asia (ICCE-Asia), pages 1–4. IEEE.
Matheus E. Garbelini; Chundong Wang, S. C. S. S. and A*Star, E. K. (2020). SweynTooth: Unleashing Mayhem over Bluetooth Low Energy. usenix the advanced computing systems association.
Prakash, Y., Biradar, V., Vincent, S., Martin, M., and Jadhav, A. (2017). Smart bluetooth low energy security system. In 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pages 2141–2146. IEEE.
Ryan, M. (2013). Bluetooth: With Low Energy comes Low Security. usenix the advanced computing systems association.
SILVA, Ávilla I. S.; SANTOS, A. C. T. M. M. A. F. G. P. H. R. S. R. M. N. V. F. I. E. (2020). Segurança em Aplicações de Internet das Coisas: Bluetooth Low Energy, casos de uso e vulnerabilidades. Livro de minicursos SBRT 2020.
Zegeye, W. K. (2015). Exploiting bluetooth low energy pairing vulnerability in telemedicine. In International Telemetering Conference Proceedings. International Foundation for Telemetering.
Published
2022-09-12
How to Cite
NASCIMENTO, Raphael L. C.; LEAL, Ryan M. S.; FONSECA, Iguatemi E..
Demonstração Experimental de Vulnerabilidades em Dispositivos Internet das Coisas. In: WORKSHOP ON SCIENTIFIC INITIATION AND UNDERGRADUATE WORKS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 22. , 2022, Santa Maria.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 298-303.
DOI: https://doi.org/10.5753/sbseg_estendido.2022.225608.
