Case Study on the Bluetooth Vulnerabilities in Mobile Devices

Research output: Contribution to journalArticlepeer-review

308 Downloads (Pure)

Abstract

As the widespread use and acceptance of Bluetooth continues concerns are being raised related to security vulnerabilities and privacy issues inherent in the use of this technology. Inadequate device resources and lack of user awareness has compounded this issue where the emphasis on design constraints, functionality and ease of use sometimes outweigh security concerns. Recently some concerns have being highlighted relating to the possible security vulnerabilities in commonly used devices, and also the possibility of the imperceptible tracking of device users through the use of distributed and connected Bluetooth sensor nodes. This paper discusses some of these issues and highlights a number of vulnerabilities in the current generation of Bluetooth enabled devices. In particular, the current methods being used to exploit these vulnerabilities are discussed and the results from a case study are presented which identify the percentage of popular devices susceptible to this type of misuse.
Original languageEnglish
Pages (from-to)125-129
JournalIJCSNS International Journal of Computer Science and Network Security
Volume6
Issue number4
Publication statusPublished (in print/issue) - 1 Apr 2006

Bibliographical note

Reference text: 1] Official Bluetooth Website, http://www.bluetooth.com/, Site
visited 02/12/05.
[2] B. L. & A. Laurie, “Serious flaws in Bluetooth security lead
to disclosure of personal data”, A.L. Digital Ltd. Technical
report, http://bluestumbler.org/, Site visited 02/12/05.
[3] Herfurt, M., “Bluesnarf @ CeBIT 2004”, Technical Report,
Salzburg Research Forschungsgesellschaft mbH
http://www.trifinite.org/Downloads/BlueSnarf_CeBIT2004.pdf.
[4] Haase, M., Handy, M., and D. Timmermann, “Bluetrack-
Imperceptible Tracking of Bluetooth devices”, UbiComp 2004,
Nottingham, Great Britain, UK, September 2004.
[5] Bluetrack Project Homepage, http://www-md.e-technik.unirostock.
de/forschung/projekte/BlueTrack, Site visited 02/12/05.
[6] RedFang Bluetooth Discovery Tool,
http://www.securiteam.com/tools/5JP0I1FAAE.html, Site visited
02/12/05.
[7] Gnokii Toolkit Homepage, http://www.gnokii.org, Site
visited 02/12/05.
[8] Haase, M., Nickel, T., Esins, S., and R. Möckel, “Bluetrack-
Imperceptible Tracking of Bluetooth devices”, CeBIT 2004
Poster presentation, http://www-md.e-technik.unirostock.
de/ma/hm27/bluetrack-eng.pdf.
[9] IEEE Bluetooth OUI listing, Site visited 02/12/05.
http://standards.ieee.org/regauth/oui/index.shtml,
[10] PhpMyAdmin Project Homepage,
http://www.phpmyadmin.net, Site visited 02/12/05.
[11] IDC Western Europe Second Quarter Mobile Phone Report,
http://www.idc.com, Site visited 02/12/05.
[12] Mulliner, C., and M. Herfurt, “Blueprinting - Remote
Device Identification Techniques”, 21st Chaos Communication
Congress (21C3), Berlin, Germany, December 2004.
[13] ZDNet Technology News Homepage,
http://news.zdnet.co.uk, Site visited 02/12/05.

Keywords

  • Bluetooth Security
  • Bluesnarfing
  • Bluebug
  • Privacy.

Fingerprint

Dive into the research topics of 'Case Study on the Bluetooth Vulnerabilities in Mobile Devices'. Together they form a unique fingerprint.

Cite this