• Like
Bluetooth security
Upcoming SlideShare
Loading in...5
×

Bluetooth security

  • 2,779 views
Uploaded on

A Presentation

A Presentation

More in: Education , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
2,779
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
155
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Bluetooth Security
    • By
    • Mohammed A. Ahmed
    • Amjad M. Musleh
    • Asmat K. Marouf
    • Advisors
    • Dr. Ashraf S. H. Mahmoud
    • Dr. Marwan H. Abu-Amara
  • 2. Project Description
    • Study Bluetooth security aspects
    • Blue-attacks mechanism analysis
    • Implementation of Java Bluetooth Applications
  • 3. Agenda
    • Introduction
    • Security Mechanism
    • Bluesnarfing Attack
    • Bluetooth Programming Environment
    • J2ME into J2SE
    • Bluetooth Application Programming
    • Difficulties Faced
    • Conclusion
  • 4. Introduction
    • What is Bluetooth?
    • - Short area wireless technology
    • - Developed by SIG (Special Interest Group)
    • Properties
    • - 2.4 GHz ISM (industrial,scientific,medical) band
    • - Spread frequency hopping
    • - Point to Multipoint
  • 5. Introduction
    • Bluetooth Stack
    -Bluetooth host (software) -Bluetooth controller (hardware) -HCI (host controller interface)
  • 6. Introduction
    • Bluetooth attacks examples
      • Blue-snarf attack  get personal information
      • Blue-jack attack  send unwanted messages
      • Blue-bug attack  full access (AT command)
  • 7. Security Mechanism
    • Looking for Blue-attacks causes
      • Searching on security mechanism
        • Holes in security architecture or Bluetooth spec.
      • Searching on security implementation
        • Holes in vendor’s implementation
  • 8. Security Mechanism
    • Bluetooth security: service-dependent
      • What service  What security level required
    • Bluetooth link level security
      • Not always enforced
      • Device Authentication
      • Link Encryption ( pairing )
    • Bluetooth higher-level security
      • Up to vendors implementation
  • 9. Security Mechanism
    • Analysis of link level security
  • 10.  
  • 11. Security Mechanism
    • Results
      • Weakness in link level : PIN
        • Solution: Long & random PIN
      • Key exchange
        • Solution: Do it in private !!
      • BUT
        • Other wireless protocols ~ same problem
        • Even if I got the PIN,
        • ATTACKS SHOULD NOT HAPPEN!!
  • 12. Bluesnarfing Attack
    • Why Bluesnarfing attack happens ?
    • - vendors implementation of OBEX protocol
    • Three profiles use the OBEX protocol:
    • - Synchronization Profile (secure)
    • - File Transfer Profile (secure)
    • - Object Push (insecure)
  • 13. Bluesnarfing Attack
    • What is OBEX protocol ?
    • - Exchange objects between devices
    • The main four operations used in OBEX:
      • Connect Operation
      • Put Operation
      • Get Operation
      • Disconnect Operation
    • OBEX protocol Layers
  • 14. Bluesnarfing Attack
    • Normal OBEX session
  • 15. Bluesnarfing Attack
    • How Bluesnarfing
    • Attack Happens :
  • 16. Bluetooth Programming Environment
    • Why Java ?
      • Platform independent
      • Multiple vendors (choices!)
      • Widespread industry acceptance
    • Java Platforms:
      • J2SE  for desktop applications
      • J2ME  for resource-constrained computing devices
  • 17. Bluetooth Programming Environment
    • What is J2ME ?
      • Configuration
      • -core classes
      • Profile
      • - example :MIDP (Mobile Information Device Profile)
      • Optional Packages
      • - To include additional technologies
      • - Example Bluetooth Package:
      • 1. Javax.bluetooth 2. Javax.obex
    J2ME Configuration Host Operating System Profile Optional Packages
  • 18. Bluetooth Programming Environment
    • J2ME toolkit ( compile & emulate)
  • 19. Bluetooth Programming Environment
    • Working in a Real Environment
    • To discover and communicate with other devices
    • To run our Bluetooth applications in a real environment:
      • Using a Bluetooth mobile device
      • Using our desktop with a Bluetooth adapter
    • For the first approach:
      • NOKIA 6810 mobile phone
        • It did not work (Java Bluetooth API is missing )!
  • 20. J2ME into J2SE
    • To support J2ME features:
      • javax.microedition.io
    • To support Bluetooth:
      • javax.bluetooth
    • Is it enough?
      • Other classes are missed
  • 21. J2ME into J2SE
    • Ready Solution (GCF)
      • GCF ( Generic Connection Framework)
      • Define ALL packages to migrate J2ME to J2SE
      • Different implementations
        • Example: aveLink Bluetooth for java
  • 22. Bluetooth Application Programming
    • Short-term goal
      • Bluetooth programming & attack preparation
    • Long-term goal
      • Bluetooth attacks implementation
    • Application components
      • Bluetooth Controller
      • Connection Controller
      • Attack Executor
  • 23. Bluetooth Application Programming
    • General scenario
  • 24. Bluetooth Application Programming
    • Bluetooth Controller
      • Job
        • Device discovery
        • Service discovery
      • Implementation
        • javax.bluetooth built-in methods
  • 25. Bluetooth Application Programming: Bluetooth Controller
  • 26. Bluetooth Application Programming
    • Connection Controller
      • Connect to what service (service inquiry)
      • URL of the service (service record as response)
      • Establish appropriate connection
    • Connection to service: 2-parties operation
      • Server mobile may respond differently
  • 27. Bluetooth Application Programming
    • Attack executor
      • Message Advertiser
        • Advertise messages to mobiles in range
        • Use OBEX
      • Infinite SMS sender
        • Send SMS from one victim to another
        • Use AT commands over serial port profile
  • 28. Bluetooth Application Programming: Message Advertiser
  • 29. Bluetooth Application Programming: Infinite SMS sender
  • 30. Difficulties Faced
    • Lack of resources
      • Cost
      • Non-Vulnerability
    • Pre-work: environment adaptation
      • Software & hardware requirements
    • Illegality of hacking  limited guidance
  • 31. Conclusion
    • General wireless programming sense
    • Theoretical Experience
      • Bluetooth in general
      • Bluetooth security issues
    • Practical experience
      • Different java platforms programming
      • Bluetooth programming in particular
    • Finally
      • Knowledge-based hacking =
      • Knowledge + Time + effort + KEEP TRYING
  • 32. MORE INFORMATION
    • http://student.kfupm.edu.sa/s208675
  • 33. THANK YOU Q & A