Information Technology Assignment: Eavesdropping In Bluetooth Networks
Task: Present a detailed information technology assignment discussing about the eavesdropping attack that occurs in Bluetooth network.
Eavesdropping In Bluetooth Networks
Abstract: As evident in this information technology assignment, on-growing technology plays an important role in modern society. There is a lot of real-world application that have wireless technology as the core functionality. Due to the demand for wireless technology other domains like health care, finance, IT is adapting to the change. One integral part of that technology is Bluetooth technology which has more benefits and some drawbacks related to its security. Bluetooth technology provides a wide range of advantages. The availability of blue tooth technology in-game controllers, phones, personal digital assistants and personal computers will enable those devices for short-range to establish communication via wireless mode. This short-range wireless communication will help to share information quickly and effectively. This sharing of information is done by pairing one device with the other. The pairing of the device will be success full only when the exchange of secret code which is referred to as PINs is entered in each device. Even-though Bluetooth technology has a wide range of advantages it also faces many vulnerabilities related to its security protocols. These security-related problems in blue-tooth technology will lead to theft of personal information which is very dangerous for the users. In this paper, the eavesdropping attacks that occurs in Bluetooth network is discussed.
Index terms- Bluetooth technology, Eavesdropping, vulnerabilities
One of the major issues which played during theinvention of Bluetooth technology is its security. To make Bluetooth a secured technology Bluetooth SIG has made many efforts. Even after implementing all those efforts made by Bluetooth SIG, the security configuration in Bluetooth always depend upon the user’s Bluetooth device so in general the various option in connecting and discovering of Bluetooth device is divided into four security modes of operation .
Following are some additional four different security modes. These four different modes include non-secure security mode, service-level enforced security mode, link-level enforced security mode, and service-level enforced security mode .
Non-secure security mode:
Any sort of security measure in the Bluetooth device is not initiated by this security model.
Service-level enforced security mode:
A non-secure ACL can be established by the two Bluetooth devices with the help of this security mode. If the L2CAP initiates the request with connection-less channel then security events are commenced by this mode.
Link-Level Enforced Security Mode:
As the name suggests after the establishment of the ACL link security procedures were initiated by this type of security mode.
Service-Level Enforced Security Mode:
This type of model is similar to that of security mode 2 but the only difference between these two modes is only secured and paired Bluetooth devices can send information securely.
II. Literature Review
Bluetooth Security and its Vulnerabilities
Bluetooth technology is used as a wireless technology that was used to replace the cable that was an old-fashioned way to send the data from one device to another device. Blue tooth uses radio frequency to send the data to nearby devices with out any complex wires. This technology was created to make an open standard to make different types of devices from other manufactures to communicate with other devices so more technology can use these open standard communications to collaborate. These wireless technologies are good if they are used in a controlled environment but there are security threats and vulnerabilities that can be used to compromise the network  & .
There more than billions of newer devices are manufactured daily so there can be a lot of vulnerabilities and security risks. Therefore, the architecture for securing bluetoothnetwork needs to be stable and developers need to concentrate on platform development and improve the efficiency and security of the platform. The key feature of using Bluetooth is that it creates a secured network with any infrastructure needed by sharing a key. The key is used for the authentication and algorithms are used for encrypting the data which is sent. To maintain the security standards discoverability and connect ability are very important for connecting the devices. When trying to connect to other devices is seen by the list of devices that are in the range which are not connected so authorization is used for an additional layer of protection.
Bluetooth technology uses peer to peer communication where the technology can be used for input and output devices. For example, headphone, keyboard and mouse where the programmer can modify the chipsets for discoverability, connection preference and security.
Eavesdropping is the process of overhearing the communication that happens between two individuals.in terms of cybersecurity, it is known as an eavesdropping attack. it can be also called a sniffing attack or snooping attack where happens when an unauthorized person tries to modify or steal any sensitive information that is sent between the devices. for example, if an employee communicates with the other person via any open network and sends sensitive information the unauthorized person will be watching silently in the network traffic. to prevent the network from eavesdropping attack, the employee can use a virtual private network for communication. this attack is very difficult to identify. when the user is connected to the network the sensitive information such as passwords, email messages, accounts numbers, etc can be compromised.
Eavesdropping attacks occur due to the following reasons:
By setting the weak password, the network can be compromised easily so the communication should be done using a strong network password so that attackers will find it difficult to join the network.
Working in a remote location
Employees who are working should communicate the business information only with the office network. in case if the employees use an insecure network from a remote location then this will lead to an eavesdropping attack.
Impact Of Eavesdropping Attack
The impact of the eavesdropping attack are as follows:
Every organization consists of sensitive information that becomes public data when privacy fails. eavesdroppers will try to retrieve the business information, conversations that occur between the users.
Suppose if two users are communicating to access the sensitive information, one of the users will say the password for the application as "5666". if the attacker is watching the conversation then the credential will be open to him so that he can gain all the sensitive information.
When the attack wants to communicate with the users the password will be used for accessing it. it is an advantage for sending the data to the competitors and earn money out of it. so this causes a serious impact on it.
III. Vulnerability Background
Nowadays the usage of Bluetooth devices are vast so the security issues are also high. Bluetooth architecture should be upgraded with the detection and prevention of threats. security vulnerabilities are classified into Disclosure threats, integrity threats and Denial of Service (DoS) attack .
Information will be leaked from the target system to the eavesdropper for accessing the information without authorization.
The data will be changed and forwarded to the receiver.
Denial of Service threat
Consumers will not get access from the system or making the service unavailable. this is more active in academics and organizations.
Disclosure threats and integrity attacks retrieve the information where Denial of services is making the services un available so when compared to the threats, disclosure and integrity threats are more dangerous. there should be a powerful scanner to stop the eavesdropping.
Vulnerabilities To Eavesdropping Attack
This is the most important weakness that is identified in Bluetooth where 128-bit encryption is not used. the key length is restricted. also, Passkey Entry is used for generating the key links. it can be brute-forced by the passive eavesdropping attacker.
Bluetooth is configured with a less security mechanism so it is easy for the attacker to discover and perform attacks.
IV. Risk Assessment Of Eavesdropping
The vulnerability chosen for the risk assessment is eavesdropping. Due to the type of communication used, the eavesdropper is not easily detected in the network. the transmissions are occurred by not encrypting so the eavesdropper can view the content of any data transmission. the transmission should occur within the range. it consists of access codes, the header of the packet, and payload. using this the eavesdropper could not be found. There are two types of attacks. Active eavesdropper attack and passive eavesdropper attack. Active eavesdropper attack is a mechanism that does not offer any security to the MITM attacks so the eavesdropper can access the information without any issues. Passive eavesdropping attack is a mechanism where the third party member views the data that is communicated between the devices. To access the risk associated with the passive eavesdropping attack following security measures should be used .
The risk associated with eavesdropping is the encryption mechanism and configuration of devices.
Configuration of devices
It is found that the encryption mechanism used in the Bluetooth network is with high risk and configuration of devices with medium risk.
b. Risk assessment
Authentication, Authorization and Optional Encryption are the three main steps which is involved in risk assessment.
Determination of the client’s authorization level is the main objective of the authentication procedure. Checking of link keys will help to verify authentication. The address of the receiver's Bluetooth device is encrypted by the sender. This encryption is done through a link key and a random number which help to generatewith signed response. The receiver will receive a signed response authentication result and when the link keys with both sender and receiver are equal connection is made.
Granting and denying access to a network resource is the process involved in the authorization.
One of the essential parts of Bluetooth security is encryption. Between 8 and 128 bits encryption key may vary. According to country regulations Size of the key is specified only by the manufacturer whereas the user of the device doesn’t have any authority to change encryption key size. The information which is exchanged between the Bluetooth devices is encoded. This encoded information cannot be decoded. When two Bluetooth devices request to communicate with each other.Anunsystematic number will be sent between the devices. The pin sent from the sending device should be known to the receiving device also which will generate the link on both devices.
When these procedures are performed earlier then the risk can be accessed.
C.Risk mitigation and recommendation
We know that even though many devices use the latest technology the users should know about working with these devices. There should be enough documentation on the device to understand the workflow. Using a strong password will improve the security standards where most of the user’s just leave the default password as it is which is not a healthy network standard. Traditional security measures can be very difficult to implement in Bluetooth devices and security measures. It always depends on the range, distance, and power of the expected connectivity of the devices. it is recommended to combine the older architecture with the new architecture to provide a better security mechanism.
Cyber attacks are common nowadays. it does not matter that the person is having the latest tech devices in the hand. the user who is using the devices must have knowledge of the device and the limitation of the device. even though the use of the blue tooth is commercialized. there are a lot of threats that can be performed under certain conditions. The analysis shows that new versions of the Bluetooth devices are more efficient and highly secured but there are a lot of devices in the existing infrastructure that cannot be updated to the new version of the device. Not all the companies and organizations can afford so these old tech devices are vulnerable to attacks. In future, a single platform should be designed for devices that are running older architecture and support should be provided for older devices too.
 Cope, Peter, Joseph Campbell, and ThaierHayajneh. "An investigation of Bluetooth security vulnerabilities." In 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), pp. 1-7. IEEE, 2017.
 Dai, Hong-Ning, Hao Wang, Hong Xiao, Xuran Li, and Qiu Wang. "On eavesdropping attacks in wireless networks." In 2016 IEEE Intl Conference on Computational Science and Engineering (CSE) and IEEE Intl Conference on Embedded and Ubiquitous Computing (EUC) and 15th Intl Symposium on Distributed Computing and Applications for Business Engineering (DCABES), pp. 138-141. IEEE, 2016.
 Filizzola, Daniel, Sean Fraser, and Nikita Samsonau. "Security Analysis of Bluetooth Technology."
 Humayun, Mamoona, MahmoodNiazi, N. Z. Jhanjhi, Mohammad Alshayeb, and Sajjad Mahmood. "Cyber Security Threats and Vulnerabilities: A Systematic Mapping Study." Arabian Journal for Science and Engineering (2020): 1-19.
 Li, Xuran, Hao Wang, Hong-Ning Dai, Yuanyuan Wang, and Qinglin Zhao. "An analytical study on eavesdropping attacks in wireless nets of things." Mobile Information Systems 2016 (2016).
 Minar, Nateq Be-NazirIbn, and Mohammed Tarique. "Bluetooth security threats and solutions: a survey." International Journal of Distributed and Parallel Systems 3, no. 1 (2012): 127.
 Rijah, UL Muhammed, S. Mosharani, S. Amuthapriya, M. M. M. Mufthas, MalikberdiHezretov, and DhishanDhammearatchi. "Bluetooth security analysis and solution." International Journal of Scientific and Research Publications 6, no. 4 (2016): 333-338.
 Tsira, Vikethozo, and Gypsy Nandi. "Bluetooth technology: Security issues and its prevention." Int. J. Comput. Appl. Technol 5 (2014): 1833-1837.