Ishtiaq Rouf,Robert D. Miller,Hossen A. Mustafa,Travis Taylor,Sangho Oh,Wenyuan Xu,Marco Gruteser,Wade Trappe,Ivan Seskar

2010-01-01

Abstract:Wireless networks are being integrated into the modern automobile. The security and privacy implications of such in-car networks, however, have are not well understood as their transmissions propagate beyond the confines of a car's body. To understand the risks associated with these wireless systems, this paper presents a privacy and security evaluation of wireless Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system. We show that eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle. Further, reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers. Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages. We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle. Finally, the paper concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems and other forthcoming in-car wireless sensor networks.

Arup Barua,Abdullah Al Alamin,Shohrab Hossain,Ekram Hossain,Md Abdullah Al Alamin,Md. Shohrab Hossain

DOI: https://doi.org/10.1109/ojcoms.2022.3149732

2022-01-01

IEEE Open Journal of the Communications Society

Abstract:Bluetooth Low Energy (BLE) has become the de facto communication protocol for the Internet of Things (IoT) and smart wearable devices for its ultra-low energy consumption, ease of development, good enough network coverage, and data transfer speed. Due to the simplified design of this protocol, there have been lots of security and privacy vulnerabilities. As billions of health care, personal fitness wearable, smart lock, industrial automation devices adopt this technology for communication, its vulnerabilities should be dealt with high priority. Some segregated works on BLE were performed focusing on various vulnerabilities, such as the insecure implementation of encryption, device authentication, user privacy, etc. However, there has been no comprehensive survey on the security vulnerabilities of this protocol. In this survey paper, we present a comprehensive taxonomy for the security and privacy issues of BLE. We present possible attack scenarios for different types of vulnerabilities, classify them according to their severity, and list possible mitigation techniques. We also provide case studies regarding how different vulnerabilities can be exploited in real BLE devices.

Alejandra Guadalupe Silva-Trujillo,Mauricio Jacobo González González,Luis Pablo Rocha Pérez,Luis Javier García Villalba

DOI: https://doi.org/10.3390/s23125438

2023-06-08

Abstract:Wearable devices are starting to gain popularity, which means that a large portion of the population is starting to acquire these products. This kind of technology comes with a lot of advantages, as it simplifies different tasks people do daily. However, as they recollect sensitive data, they are starting to be targets for cybercriminals. The number of attacks on wearable devices forces manufacturers to improve the security of these devices to protect them. Many vulnerabilities have appeared in communication protocols, specifically Bluetooth. We focus on understanding the Bluetooth protocol and what countermeasures have been applied during their updated versions to solve the most common security problems. We have performed a passive attack on six different smartwatches to discover their vulnerabilities during the pairing process. Furthermore, we have developed a proposal of requirements needed for maximum security of wearable devices, as well as the minimum requirements needed to have a secure pairing process between two devices via Bluetooth.

Jun Liu,Fei Xie,Yaqi Zhou,Qian Zou,Jianfeng Wu

DOI: https://doi.org/10.1109/bmei.2013.6746958

2013-01-01

Abstract:A novel wearable health monitoring system with multi-parameters and its applications for long term monitoring are presented in this paper. The system provides continuous monitoring of the user's electrocardiogram (ECG), respiratory status and activity, as well as the local temperature. A belt-type data acquisition and communication module worn around the chest includes ECG and respiratory module ADS1292R, six axis motion sensor MPU6050, high precision digital temperature sensor Tsic506 and bluetooth 4.0 module CC2541. The collected data is sent to the mobile device via bluetooth and the mobile device gives a heart health index of measuring the body status which includes heart rate, QRS wave, and ST segment. A remote interactive way is constructed by the mobile device communicating with the customer management center via WIFI.

Tushar Nagrare,Faruk Kazi,Parul Sindhewad

DOI: https://doi.org/10.48550/arXiv.2301.03852

2023-01-10

Cryptography and Security

Abstract:Bluetooth Low Energy (BLE) has become the primary transmission media due to its extremely low energy consumption, good network scope, and data transfer speed for the Internet of Things (IoT) and smart wearable devices. With the exponential boom of the Internet of Things (IoT) and the Bluetooth Low Energy (BLE) connection protocol, a requirement to discover defensive techniques to protect it with practical security analysis. Unfortunately, IoT-BLE is at risk of spoofing assaults where an attacker can pose as a gadget and provide its users a harmful information. Furthermore, due to the simplified strategy of this protocol, there were many security and privacy vulnerabilities. Justifying this quantitative security analysis with STRIDE Methodology change to create a framework to deal with protection issues for the IoT-BLE sensors. Therefore, providing probable attack scenarios for various exposures in this analysis, and offer mitigating strategies. In light of this authors performed STRIDE threat modeling to understand the attack surface for smart wearable devices supporting BLE. The study evaluates different exploitation scenarios Denial of Service (DoS), Elevation of privilege, Information disclosure, spoofing, Tampering, and repudiation on MI Band, One plus Band, Boat Storm smartwatch, and Fire Bolt Invincible.

Stephen Cook,Maryam Mehrnezhad,Ehsan Toreini

DOI: https://doi.org/10.1007/s10207-024-00883-3

2024-08-19

International Journal of Information Security

Abstract:The number of digital health products is increasing faster than ever. These technologies (e.g. mobile apps and connected devices) collect massive amounts of data about their users, including health, medical, sex life, and other intimate data. In this paper, we study a set of 21 Internet of Things (IoT) devices advertised for general and intimate health purposes of female bodies (aka female-oriented technologies or FemTech). We focus on the security of the Bluetooth connection and communications between the IoT device and the mobile app. Our results highlight serious security issues in the current off-the-shelf FemTech devices. These include unencrypted Bluetooth traffic, unknown Bluetooth services and insecure Bluetooth authentication when connecting to the app. We implement Bluetooth attacks on the communication between these devices and apps, resulting in malfunctioning of the device and app. We discuss our results and provide recommendations for different stakeholders to improve the security practices of Bluetooth-enabled IoT devices in such a sensitive and intimate domain.

computer science, information systems, theory & methods, software engineering

Zhe Wang

2024-02-25

Abstract:Bluetooth Low Energy (BLE) technology, operating within the widely used 2.4 GHz ISM band, stands as a cornerstone in modern wireless communication frameworks alongside its classic Bluetooth counterpart. This paper delves into the foundational aspects of BLE, excluding niche components, to explore its core functionalities and pivotal role in diverse connectivity needs. BLE's specialization in catering to low-power devices ensures optimal energy utilization, making it indispensable in IoT applications where energy efficiency is paramount. Its versatility finds applications across consumer electronics, industrial automation, and healthcare, ensuring reliability and efficiency in safety-critical systems and enhancing user convenience through remote control capabilities. However, the wireless nature of BLE interfaces exposes them to cybersecurity threats, necessitating robust security measures for mitigating risks such as sniffing, DoS attacks, and message injection. Continuous research and development efforts are essential to stay ahead of emerging threats and safeguard BLE-enabled systems and data.

Cryptography and Security

Alexander M Chan,Nandakumar Selvaraj,Nima Ferdosi,Ravi Narasimhan

DOI: https://doi.org/10.1109/EMBC.2013.6610948

Abstract:Unobtrusive continuous monitoring of important vital signs and activity metrics has the potential to provide remote health monitoring, at-home screening, and rapid notification of critical events such as heart attacks, falls, or respiratory distress. This paper contains validation results of a wireless Bluetooth Low Energy (BLE) patch sensor consisting of two electrocardiography (ECG) electrodes, a microcontroller, a tri-axial accelerometer, and a BLE transceiver. The sensor measures heart rate, heart rate variability (HRV), respiratory rate, posture, steps, and falls and was evaluated on a total of 25 adult participants who performed breathing exercises, activities of daily living (ADLs), various stretches, stationary cycling, walking/running, and simulated falls. Compared to reference devices, the heart rate measurement had a mean absolute error (MAE) of less than 2 bpm, time-domain HRV measurements had an RMS error of less than 15 ms, respiratory rate had an MAE of 1.1 breaths per minute during metronome breathing, posture detection had an accuracy of over 95% in two of the three patch locations, steps were counted with an absolute error of less than 5%, and falls were detected with a sensitivity of 95.2% and specificity of 100%.

Maria Bada,Basie von Solms

DOI: https://doi.org/10.48550/arXiv.2105.02933

2021-05-07

Abstract:The popularity of wearable devices is growing exponentially, with consumers using these for a variety of services. Fitness devices are currently offering new services such as shopping or buying train tickets using contactless payment. In addition, fitness devices are collecting a number of personal information such as body temperature, pulse rate, food habits and body weight, steps-distance travelled, calories burned and sleep stage. Although these devices can offer convenience to consumers, more and more reports are warning of the cybersecurity risks of such devices, and the possibilities for such devices to be hacked and used as springboards to other systems. Due to their wireless transmissions, these devices can potentially be vulnerable to a malicious attack allowing the data collected to be exposed. The vulnerabilities of these devices stem from lack of authentication, disadvantages of Bluetooth connections, location tracking as well as third party vulnerabilities. Guidelines do exist for securing such devices, but most of such guidance is directed towards device manufacturers or IoT providers, while consumers are often unaware of potential risks. The aim of this paper is to provide cybersecurity guidelines for users in order to take measures to avoid risks when using fitness devices.

Cryptography and Security,Computers and Society,Human-Computer Interaction

Feiba Chang,Jun Yin,Lexian Yan,Run Peng

DOI: https://doi.org/10.4028/www.scientific.net/amm.433-435.161

2013-01-01

Applied Mechanics and Materials

Abstract:Designed a Bluetooth-based wearable SAHS (sleep apnea hypopnea syndrome) monitoring device, the device can be real-time monitoring in the SAHS patient's respiratory state. Meanwhile, wearable technology achieves basic respiratory signal acquisition for low physiological and psychological load; Bluetooth achieves short-distance wireless transmission of respiration data and convenient communication with the handheld terminal such as PDA or smart phone, to ensure the continuous real-time monitoring of the patient.

Jiliang Wang,Feng Hu,Ye Zhou,Yunhao Liu,Hanyi Zhang,Zhe Liu

DOI: https://doi.org/10.1145/3386901.3389025

2020-01-01

Abstract:Today's smart devices like fitness tracker, smartwatch, etc., often employ Bluetooth Low Energy (BLE) for data transmission. Such devices thus become our information portal, e.g., SMS message and notifications are delivered to those devices through BLE. In this study, we present BlueDoor, which can obtain unauthorized information from smart devices via BLE vulnerability. We thoroughly examine the BLE protocol, and leverage its intrinsic properties designed for low-cost embedded and wearable devices to bypass the encryption and authentication in BLE. By mimicking a low capacity device to downgrade the process of encryption key negotiation and authentication, BlueDoor can enforce a new key with the peripheral BLE device and pass the authentication without user participation. As a result, BlueDoor can extract BLE packets as well as read/write stored data on BLE devices. We show that BlueDoor works well on the fundamental design tradeoff of using BLE on diverse embedded and wearable devices, and thus can be generalized to various BLE devices. We implement the BlueDoor design and examine its performance on 15 COTS BLE enabled smart devices, including fitness trackers, smartwatch, smart bulb, etc. The results show that BlueDoor can break the information flow and obtain different types of information (e.g., SMS message, notifications) delivered to BLE devices. In addition to privacy threats, this further means traditional operations such as using SMS for verification in widely adopted authentication, are insecure.

Xijia Che,Yi He,Xuewei Feng,Kun Sun,Ke Xu,Qi Li

2024-05-28

Abstract:Bluetooth Low Energy (BLE) is a short-range wireless communication technology for resource-constrained IoT devices. Unfortunately, BLE is vulnerable to session-based attacks, where previous packets construct exploitable conditions for subsequent packets to compromise connections. Defending against session-based attacks is challenging because each step in the attack sequence is legitimate when inspected individually. In this paper, we present BlueSWAT, a lightweight state-aware security framework for protecting BLE devices. To perform inspection on the session level rather than individual packets, BlueSWAT leverages a finite state machine (FSM) to monitor sequential actions of connections at runtime. Patterns of session-based attacks are modeled as malicious transition paths in the FSM. To overcome the heterogeneous IoT environment, we develop a lightweight eBPF framework to facilitate universal patch distribution across different BLE architectures and stacks, without requiring device reboot. We implement BlueSWAT on 5 real-world devices with different chips and stacks to demonstrate its cross-device adaptability. On our dataset with 101 real-world BLE vulnerabilities, BlueSWAT can mitigate 76.1% of session-based attacks, outperforming other defense frameworks. In our end-to-end application evaluation, BlueSWAT patches introduce an average of 0.073% memory overhead and negligible latency.

Cryptography and Security

Sandeep Pirbhulal,Wanqing Wu,Guanglin Li,Arun Kumar Sangaiah

DOI: https://doi.org/10.1109/mce.2019.2923925

2019-09-01

IEEE Consumer Electronics Magazine

Abstract:Advancement in medical devices and communication technologies has allowed transmission of medical information using wireless body sensor networks. One of the severe challenges to smart healthcare is that patient's data is sensitive, so its secure transmission is important. This paper aims to discuss secure and safe communications in smart and connected healthcare.

telecommunications,engineering, electrical & electronic,computer science, hardware & architecture

Jianliang Wu,Yuhong Nan,Vireshwar Kumar,Dave (Jing) Tian,Antonio Bianchi,Mathias Payer,Dongyan Xu

2020-01-01

Abstract:The Bluetooth Low Energy (BLE) protocol ubiquitously enables energy-efficient wireless communication among resource-constrained devices. To ease its adoption, BLE requires limited or no user interaction to establish a connection between two devices. Unfortunately, this simplicity is the root cause of several security issues. In this paper, we analyze the security of the BLE link-layer, focusing on the scenario in which two previously-connected devices reconnect. Based on a formal analysis of the reconnection procedure defined by the BLE specification, we highlight two critical security weaknesses in the specification. As a result, even a device implementing the BLE protocol correctly may be vulnerable to spoofing attacks. To demonstrate these design weaknesses, and further study their security implications, we develop BLE Spoofing Attacks (BLESA). These attacks enable an attacker to impersonate a BLE device and to provide spoofed data to another previously-paired device. BLESA can be easily carried out against some implementations of the BLE protocol, such as the one used in Linux. Additionally, for the BLE stack implementations used by Android and iOS, we found a logic bug enabling BLESA. We reported this security issue to the affected parties (Google and Apple), and they acknowledged our findings.

Hidayet Aksu,A. Selcuk Uluagac,Elizabeth S. Bentley

DOI: https://doi.org/10.1109/TSUSC.2018.2808455

2018-09-27

Abstract:With wearable devices such as smartwatches on the rise in the consumer electronics market, securing these wearables is vital. However, the current security mechanisms only focus on validating the user not the device itself. Indeed, wearables can be (1) unauthorized wearable devices with correct credentials accessing valuable systems and networks, (2) passive insiders or outsider wearable devices, or (3) information-leaking wearables devices. Fingerprinting via machine learning can provide necessary cyber threat intelligence to address all these cyber attacks. In this work, we introduce a wearable fingerprinting technique focusing on Bluetooth classic protocol, which is a common protocol used by the wearables and other IoT devices. Specifically, we propose a non-intrusive wearable device identification framework which utilizes 20 different Machine Learning (ML) algorithms in the training phase of the classification process and selects the best performing algorithm for the testing phase. Furthermore, we evaluate the performance of proposed wearable fingerprinting technique on real wearable devices, including various off-the-shelf smartwatches. Our evaluation demonstrates the feasibility of the proposed technique to provide reliable cyber threat intelligence. Specifically, our detailed accuracy results show on average 98.5%, 98.3% precision and recall for identifying wearables using the Bluetooth classic protocol.

Cryptography and Security

Moshaddique Al Ameen,Jingwei Liu,Kyungsup Kwak

DOI: https://doi.org/10.1007/s10916-010-9449-4

IF: 4.92

2010-03-12

Journal of Medical Systems

Abstract:The use of wireless sensor networks (WSN) in healthcare applications is growing in a fast pace. Numerous applications such as heart rate monitor, blood pressure monitor and endoscopic capsule are already in use. To address the growing use of sensor technology in this area, a new field known as wireless body area networks (WBAN or simply BAN) has emerged. As most devices and their applications are wireless in nature, security and privacy concerns are among major areas of concern. Due to direct involvement of humans also increases the sensitivity. Whether the data gathered from patients or individuals are obtained with the consent of the person or without it due to the need by the system, misuse or privacy concerns may restrict people from taking advantage of the full benefits from the system. People may not see these devices safe for daily use. There may also possibility of serious social unrest due to the fear that such devices may be used for monitoring and tracking individuals by government agencies or other private organizations. In this paper we discuss these issues and analyze in detail the problems and their possible measures.

health care sciences & services,medical informatics

Chao Chen,Carlos Pomalaza-Raez

DOI: https://doi.org/10.5121/ijcsit.2010.2303

2010-06-07

Abstract:Advances in embedded devices and wireless sensor networks have resulted in new and inexpensive health care solutions. This paper describes the implementation and the evaluation of a wireless body sensor system that monitors human physiological data at home. Specifically, a waist-mounted triaxial accelerometer unit is used to record human movements. Sampled data are transmitted using an IEEE 802.15.4 wireless transceiver to a data logger unit. The wearable sensor unit is light, small, and consumes low energy, which allows for inexpensive and unobtrusive monitoring during normal daily activities at home. The acceleration measurement tests show that it is possible to classify different human motion through the acceleration reading. The 802.15.4 wireless signal quality is also tested in typical home scenarios. Measurement results show that even with interference from nearby IEEE 802.11 signals and microwave ovens, the data delivery performance is satisfactory and can be improved by selecting an appropriate channel. Moreover, we found that the wireless signal can be attenuated by housing materials, home appliances, and even plants. Therefore, the deployment of wireless body sensor systems at home needs to take all these factors into consideration.

Other Computer Science

Pei Cao,Chi Zhang,Xiang-Jun Lu,Hai-Ning Lu,Da-Wu Gu

DOI: https://doi.org/10.1007/s11390-022-1229-3

IF: 1.871

2023-01-01

Journal of Computer Science and Technology

Abstract:In the era of the Internet of Things, Bluetooth low energy (BLE/BTLE) plays an important role as a well-known wireless communication technology. While the security and privacy of BLE have been analyzed and fixed several times, the threat of side-channel attacks to BLE devices is still not well understood. In this work, we highlight a side-channel threat to the re-keying protocol of BLE. This protocol uses a fixed long term key for generating session keys, and the leakage of the long term key could render the encryption of all the following (and previous) connections useless. Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices. In particular, we present successful correlation electromagnetic analysis and deep learning based profiled analysis that recover long term keys of BLE devices. We evaluate our attack on an ARM Cortex-M4 processor (Nordic Semiconductor nRF52840) running Nimble, a popular open-source BLE stack. Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces. Further, we summarize the features and limitations of our attack, and suggest a range of countermeasures to prevent it.

Veer Chandra Kamati

DOI: https://doi.org/10.22214/ijraset.2024.64133

2024-09-30

International Journal for Research in Applied Science and Engineering Technology

Abstract:With the increasing need for continuous health monitoring, this study presents the development of an Arduinopowered remote monitoring system for real-time heart rate detection via Bluetooth. The system uses an Arduino microcontroller connected to a pulse sensor to measure heart rate, with data wirelessly transmitted via Bluetooth to a remote device, enabling continuous monitoring without direct patient interaction. Initial self-monitoring trials showed consistent heart rate detection within the normal range of 62-70 beats per minute (BPM), suggesting proper functionality for preliminary use. The system also maintained a stable Bluetooth connection with no noticeable data loss. This cost-effective and efficient system is a valuable tool for telemedicine and remote patient care. Future enhancements may include integrating advanced microcontrollers and developing a more sophisticated mobile app with expanded health monitoring features.

Bruno M. G. Rosa,Guang Z. Yang

DOI: https://doi.org/10.1109/bsn.2017.7936011

2017-01-01

Abstract:Wearable technology has become ubiquitous in recent years due to the miniaturization of circuit electronics and advances in smart materials that can conform to the requirements posed by the human body, behaviour and experience. Sensors of this type are found attached almost to every body segment, capable of delivering signals even in harsh activity scenarios. The reliability and relevance of the physiological data retrieved by wearables have yet to surpass the conventional technologies in the healthcare system today. In this paper we present a small device incorporated inside an headphone set that continuously monitors the ECG, impedance and acceleration of the head. As opposed to most biometric sensors, ECG measurement relies on non-optical methods by capturing the electrical potential around the ear in both sides of the head, whereas impedance monitoring involves AC stimulation instead of DC, the latter commonly involved in skin galvanic response estimation. Signal processing of impedance parameters is performed in situ using a fast variant of the Discrete Fourier Transform in order to save computational resources and power expenditure from a microcontroller equipped with Bluetooth Low Energy. Applications that can benefit from this device include cardiovascular and stress level assessment of individuals for whom an hearable is a requirement for work or leisure.