Building a dark piconet upon bluetooth interfaces of computers

Authors:
Rodney Owens;Weichao Wang
Affiliations:
Department of Software and Information Systems, University of North Carolina at Charlotte, NC;Department of Software and Information Systems, University of North Carolina at Charlotte, NC
Venue:
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Year:
2009

Citing 16
Cited 0

Bluetooth: Operation and Use

Bluetooth: Operation and Use
Security Weaknesses in Bluetooth

CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
WarDriving: Drive, Detect, Defend, A Guide to Wireless Security

WarDriving: Drive, Detect, Defend, A Guide to Wireless Security
Cracking the Bluetooth PIN

Proceedings of the 3rd international conference on Mobile systems, applications, and services
SubVirt: Implementing malware with virtual machines

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Polymorphic worm detection and defense: system design, experimental methodology, and data resources

Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
A preliminary investigation of worm infections in a bluetooth environment

Proceedings of the 4th ACM workshop on Recurring malcode
Diversify sensor nodes to improve resilience against node compromise

Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Bluetooth Worms: Models, Dynamics, and Defense Implications

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Collapsar: a VM-based architecture for network attack detention center

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Improving sensor network immunity under worm attacks: a software diversity approach

Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing
Multi-hop scatternet formation and routing for large scale Bluetooth networks

International Journal of Ad Hoc and Ubiquitous Computing
Repairing the bluetooth pairing protocol

Proceedings of the 13th international conference on Security protocols
Polymorphic worm detection using structural information of executables

RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Bluetooth cavities

IEEE Spectrum
Reliable identification of bounded-length viruses is NP-complete

IEEE Transactions on Information Theory

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we demonstrate an attack scenario in which Bluetooth enabled computers are remotely controlled by an attacker without any security software detecting the connection. We describe in detail the methods to deliver malware, evade detection, elevate permissions, and transport critical information out of the network via Bluetooth connections. A prototype system using state-of-the-art operating systems and security software is built to show the practicability of the attack. We also study different mitigation strategies along with their downside. Security improvements for similar scenarios are also discussed.