Bluetooth: Operation and Use
Security Weaknesses in Bluetooth
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
WarDriving: Drive, Detect, Defend, A Guide to Wireless Security
WarDriving: Drive, Detect, Defend, A Guide to Wireless Security
Proceedings of the 3rd international conference on Mobile systems, applications, and services
SubVirt: Implementing malware with virtual machines
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Polymorphic worm detection and defense: system design, experimental methodology, and data resources
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
A preliminary investigation of worm infections in a bluetooth environment
Proceedings of the 4th ACM workshop on Recurring malcode
Diversify sensor nodes to improve resilience against node compromise
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Bluetooth Worms: Models, Dynamics, and Defense Implications
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Collapsar: a VM-based architecture for network attack detention center
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Improving sensor network immunity under worm attacks: a software diversity approach
Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing
Multi-hop scatternet formation and routing for large scale Bluetooth networks
International Journal of Ad Hoc and Ubiquitous Computing
Repairing the bluetooth pairing protocol
Proceedings of the 13th international conference on Security protocols
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
IEEE Spectrum
Reliable identification of bounded-length viruses is NP-complete
IEEE Transactions on Information Theory
Hi-index | 0.00 |
In this paper we demonstrate an attack scenario in which Bluetooth enabled computers are remotely controlled by an attacker without any security software detecting the connection. We describe in detail the methods to deliver malware, evade detection, elevate permissions, and transport critical information out of the network via Bluetooth connections. A prototype system using state-of-the-art operating systems and security software is built to show the practicability of the attack. We also study different mitigation strategies along with their downside. Security improvements for similar scenarios are also discussed.