Bluetooth security
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Bluetooth security

on

  • 3,351 views

A Presentation

A Presentation

Statistics

Views

Total Views
3,351
Views on SlideShare
3,236
Embed Views
115

Actions

Likes
0
Downloads
146
Comments
0

2 Embeds 115

http://www.ustudy.in 95
http://ustudy.in 20

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Bluetooth security Presentation Transcript

  • 1. Bluetooth Security
    • By
    • Mohammed A. Ahmed
    • Amjad M. Musleh
    • Asmat K. Marouf
    • Advisors
    • Dr. Ashraf S. H. Mahmoud
    • Dr. Marwan H. Abu-Amara
  • 2. Project Description
    • Study Bluetooth security aspects
    • Blue-attacks mechanism analysis
    • Implementation of Java Bluetooth Applications
  • 3. Agenda
    • Introduction
    • Security Mechanism
    • Bluesnarfing Attack
    • Bluetooth Programming Environment
    • J2ME into J2SE
    • Bluetooth Application Programming
    • Difficulties Faced
    • Conclusion
  • 4. Introduction
    • What is Bluetooth?
    • - Short area wireless technology
    • - Developed by SIG (Special Interest Group)
    • Properties
    • - 2.4 GHz ISM (industrial,scientific,medical) band
    • - Spread frequency hopping
    • - Point to Multipoint
  • 5. Introduction
    • Bluetooth Stack
    -Bluetooth host (software) -Bluetooth controller (hardware) -HCI (host controller interface)
  • 6. Introduction
    • Bluetooth attacks examples
      • Blue-snarf attack  get personal information
      • Blue-jack attack  send unwanted messages
      • Blue-bug attack  full access (AT command)
  • 7. Security Mechanism
    • Looking for Blue-attacks causes
      • Searching on security mechanism
        • Holes in security architecture or Bluetooth spec.
      • Searching on security implementation
        • Holes in vendor’s implementation
  • 8. Security Mechanism
    • Bluetooth security: service-dependent
      • What service  What security level required
    • Bluetooth link level security
      • Not always enforced
      • Device Authentication
      • Link Encryption ( pairing )
    • Bluetooth higher-level security
      • Up to vendors implementation
  • 9. Security Mechanism
    • Analysis of link level security
  • 10.  
  • 11. Security Mechanism
    • Results
      • Weakness in link level : PIN
        • Solution: Long & random PIN
      • Key exchange
        • Solution: Do it in private !!
      • BUT
        • Other wireless protocols ~ same problem
        • Even if I got the PIN,
        • ATTACKS SHOULD NOT HAPPEN!!
  • 12. Bluesnarfing Attack
    • Why Bluesnarfing attack happens ?
    • - vendors implementation of OBEX protocol
    • Three profiles use the OBEX protocol:
    • - Synchronization Profile (secure)
    • - File Transfer Profile (secure)
    • - Object Push (insecure)
  • 13. Bluesnarfing Attack
    • What is OBEX protocol ?
    • - Exchange objects between devices
    • The main four operations used in OBEX:
      • Connect Operation
      • Put Operation
      • Get Operation
      • Disconnect Operation
    • OBEX protocol Layers
  • 14. Bluesnarfing Attack
    • Normal OBEX session
  • 15. Bluesnarfing Attack
    • How Bluesnarfing
    • Attack Happens :
  • 16. Bluetooth Programming Environment
    • Why Java ?
      • Platform independent
      • Multiple vendors (choices!)
      • Widespread industry acceptance
    • Java Platforms:
      • J2SE  for desktop applications
      • J2ME  for resource-constrained computing devices
  • 17. Bluetooth Programming Environment
    • What is J2ME ?
      • Configuration
      • -core classes
      • Profile
      • - example :MIDP (Mobile Information Device Profile)
      • Optional Packages
      • - To include additional technologies
      • - Example Bluetooth Package:
      • 1. Javax.bluetooth 2. Javax.obex
    J2ME Configuration Host Operating System Profile Optional Packages
  • 18. Bluetooth Programming Environment
    • J2ME toolkit ( compile & emulate)
  • 19. Bluetooth Programming Environment
    • Working in a Real Environment
    • To discover and communicate with other devices
    • To run our Bluetooth applications in a real environment:
      • Using a Bluetooth mobile device
      • Using our desktop with a Bluetooth adapter
    • For the first approach:
      • NOKIA 6810 mobile phone
        • It did not work (Java Bluetooth API is missing )!
  • 20. J2ME into J2SE
    • To support J2ME features:
      • javax.microedition.io
    • To support Bluetooth:
      • javax.bluetooth
    • Is it enough?
      • Other classes are missed
  • 21. J2ME into J2SE
    • Ready Solution (GCF)
      • GCF ( Generic Connection Framework)
      • Define ALL packages to migrate J2ME to J2SE
      • Different implementations
        • Example: aveLink Bluetooth for java
  • 22. Bluetooth Application Programming
    • Short-term goal
      • Bluetooth programming & attack preparation
    • Long-term goal
      • Bluetooth attacks implementation
    • Application components
      • Bluetooth Controller
      • Connection Controller
      • Attack Executor
  • 23. Bluetooth Application Programming
    • General scenario
  • 24. Bluetooth Application Programming
    • Bluetooth Controller
      • Job
        • Device discovery
        • Service discovery
      • Implementation
        • javax.bluetooth built-in methods
  • 25. Bluetooth Application Programming: Bluetooth Controller
  • 26. Bluetooth Application Programming
    • Connection Controller
      • Connect to what service (service inquiry)
      • URL of the service (service record as response)
      • Establish appropriate connection
    • Connection to service: 2-parties operation
      • Server mobile may respond differently
  • 27. Bluetooth Application Programming
    • Attack executor
      • Message Advertiser
        • Advertise messages to mobiles in range
        • Use OBEX
      • Infinite SMS sender
        • Send SMS from one victim to another
        • Use AT commands over serial port profile
  • 28. Bluetooth Application Programming: Message Advertiser
  • 29. Bluetooth Application Programming: Infinite SMS sender
  • 30. Difficulties Faced
    • Lack of resources
      • Cost
      • Non-Vulnerability
    • Pre-work: environment adaptation
      • Software & hardware requirements
    • Illegality of hacking  limited guidance
  • 31. Conclusion
    • General wireless programming sense
    • Theoretical Experience
      • Bluetooth in general
      • Bluetooth security issues
    • Practical experience
      • Different java platforms programming
      • Bluetooth programming in particular
    • Finally
      • Knowledge-based hacking =
      • Knowledge + Time + effort + KEEP TRYING
  • 32. MORE INFORMATION
    • http://student.kfupm.edu.sa/s208675
  • 33. THANK YOU Q & A