Bluetooth Security: Vulnerabilities And Mitigation Techniques
Bluetooth Technology and Its Security Concerns
The security is always a concern in all the network setup that includes wireless connection. Since, the devices have the ability to grab the radio waves from the air, it is essential for people to take extra precautions or measures when they use any wireless connections. It is to be ensured that the signals do not intercept. The Bluetooth connection also involves wireless connection and is very much susceptible to security concerns and issues like spying and remote access (Zhang et al . 2014) .It is similar to the fact how Wi-Fi is susceptible if the network is not secured . The Bluetooth is a wireless technology that is used for short-range communication. It make use of the radio waves instead of the wires or cables .The Bluetooth technology finds its application in millions of products that are being used in our daily life that includes smart phones ,laptops ,headsets and several other devices(Tao and Dai Javad 2013 ).There are several security concerns pertaining to the use of the Bluetooth technology . Some of the concerns or issues that are related to the Bluetooth security includes Blue jacking, Blue Bugging, car whisperer Bluetooth attack and Blue Snarfing (Wang, Wei and Vangury 2014).
The objective of this project is to discus in details about the most widely recognized and most commonly used assault pertaining to the use of Bluetooth technology, which is Blue Snarfing (Zhao, Zhang and Zhang 2014). The Blue Snarf are the people who are mostly responsible for the lack of secrecy while using Bluetooth technology in the most of the products that we use in our daily life .This shortcoming in the use of Bluetooth technology ,which is the BlueSnarfing, will be emphasized and discussed in details.
From the project, the readers would be able to get the details of the vulnerabilities that are associated with the use of Bluetooth in the present era (Cope, Campbell and Hayajneh 2017). The project will also give the opportunity to the readers to understand the occurrence of these different vulnerabilities and also propose the solutions pertaining to the vulnerabilities of the Bluetooth technology. The Bluetooth technology is widely used by all the people in all parts of the world. Almost all the products used in our daily life, make use of the Bluetooth technology. It is foreseeable that in the future the more and more products would utilize the technology of Bluetooth for the benefit of the people. So it is necessary for everyone to be aware of the various security concern that are related to the Bluetooth technology usage and also it is important ne aware of the various ways to solve the vulnerabilities associated with Bluetooth usage .
Blue Snarfing – The Most Commonly Used Assault
In the earlier assignment the it was highlighted that the security of the Bluetooth devices can be enhanced by using simple ways .In the profiles like Advanced Auto Distribution Profile (A2DP) , there is very little scope so for security breaches to take place (Dell and Ghori 2008) . On the other hand for the profiles like Dial Up Network (DUN) or Sim Access Profile (SAP), the hackers have a fair chance to breach the security of the Bluetooth devices (Yang and Wang 2014) . Thus, by using more secure profiles the breach in Bluetooth security can be avoided.
Some authors used the methodology of VERDICT in order to analyze the vulnerabilities that re present in the usage of the Bluetooth technology and the vulnerabilities associated with it . The VERDICT includes the validation, Exposure, Randomness, Deallocation, improper, conditions and taxonomy (Hager and MidKiff 2003). The VERDICT methodology is used in order to find the weakness in the authentication, encryption and key generation. From the VERDICT analysis it can be concluded that the Bluetooth system that are used has vulnerabilities in terms of the validation, unnecessary exposure and randomness. However , the research gap has identified and raised question over the VERDICT methodology as it fails to affirm that whether it will be able to provide solution to all the all the significant threats that are generated from, the use of Bluetooth technology in devices .
There have been some researches that suggests that the Bluetooth connections can be secured over wireless connection in Scatternets ,The use of the scatternets arrangements was emphasized and highlighted .The research suggests that the scatternets are the threat which cannot be stopped from occurring pertaining to Bluetooth security and thus they cannot be neglected (Persson and Manivannan 2003). The scatternets are formed after the accumulation of piconets . Several investigations have been done that assesses the situation during the assault of Bluetooth technology usage in the devices. It was confirmed that the usage of Private Area Network (PAN) that involves the connection of gadgets or devices within the similar arrangement and they are known as entity in the Private Area Network (Martini and Guichard 2014). It was recommended that for creation of shared connection keys ,new calculations arte to be done .However , the research gap in the research persists as these calculations have not be executed so the outcome of the calculations and its implementation is highly questionable .
Vulnerabilities Associated with Bluetooth Usage
To overcome and prevent the threat to the usage of the Bluetooth technology in devices , two latest techniques can be used . These techniques include, Intrusion Detection and Prevention System (Patel, Taghavi, Bakhtiyari and JúNior 2013). These two broad terms are used for the mitigation of attacks and block new threats emerging in the Bluetooth connection of devices (Haataja 2008). The intrusion detection system uses a reactive measure to mitigate the incoming attacks or threats by eliminating malware and also by detecting assaults pertaining to social engineering which manipulates the users to reveal important and confidential information (Liao, Lin, Lin and Tung 2013). The Prevention system is proactive, method that is used for blocking application attacks. However, the research gap persists in the research as the researcher did not provide the comparison about the affectivity in comparison to the other frameworks or how productive would be this method in comparison to other alternative systems.
It has been found that even in renowned and technologically advanced mobile brands like Apple ,Samsung, LG ,Motorola and Nokia , the cell phones can be hacked by the assault of the BlueSnarfs (Ballmann 2015) .Certain shortcomings have been identified in the Bluetooth protocol that suggests that these Bluetooth protocols arte vulnerable to attacks (Herfurt 2004). However the research gap persists in the research did not clearly state whether the hack was done with authorization of the clients or without their consent, which is an unethical issue.
Then research questions, which have identified from the research, can be divided into two parts. The first part consists of the primary question, which is the first research question. The second part consists of the secondary research questions, which includes the question, numbered second and third. The research questions for the research pertaining to the blue tooth security are as follows:
Primary Question
1) What are the different Bluetooth Security modes?
Secondary Questions
- What are the common Bluetooth security issues?
- How has BlueSnarfing become the most commonly used Bluetooth assault?
The research methodology is the method and process in which a particular research is conducted in a particular way. It is of utmost importance to decide on the research methodology even before the research takes place. This is the process of setting how the whole research will be conducted by the researcher. The data which will be used in this research will be qualitative secondary data. Secondary data are the information that can be found in existing researches done by other credible researchers published in peer reviewed journals.
Solutions to Bluetooth Vulnerabilities
Research Philosophy
The research philosophy that is taken in this particular case is positivism (Ormston, Spencer, Barnard and Snape 2014) . This theory is based on the idea that positive knowledge is based on the phenomenon that are natural and the various relations and properties.
Research Approach
The approach of the researcher in which he conducts the whole research and handles every part of it is known as the research approach. The reasoning which is also known as logical reasoning usually has two parts known as inductive approach and deductive approach. The approach taken in this case is the deductive approach. In this particular case the research begins with a phase of a general information and slowly it becomes concentrated into specific information. This is known as the research approach.
Research Design
In this particular research the design will be exploratory. The exploratory research design is particularly followed and utilized in areas where the existing researches are not very much detailed to the core and there is a need of further exploration into the subject. where the best and most relevant research approach, data collection methods are used this particular design of exploratory research is utilized.
The data collection method is the method in which the information is collected from various sources which are to be utilized in the research. Secondary data will be collected in this particular case secondary qualitative data will be collected from the existing researches, articles, and credible write ups about this particular topic of Bluetooth security.
Data Analysis
The collected raw information or data must be analyzed properly so that the desired results can be got. The data analysis will be done in a thematic method, therefore thematic data analysis will be followed in this case.
During conducting the research, several limitations are faced by the researcher, which depends on several factors. There are bound to be limitation in the research even it is well planned and well organized. The first instance that comes with very research is that the, time frame always becomes a hindrance and creates a problem or limitation in every research. Even while conducting this research , the time frame has turned out to be the major problem or limitation in this research . The other limitation that can be encountered is that few resources can remain unavailable or inaccessible while collecting the secondary data sources required for the research, which includes the peer viewed articles, books and journals. The other problem that may arise while conducting the surveys in order to obtain the quantitative data is that the response that arte obtained from the respondents might not be adequate for coming to a particular conclusion or outcome as a result the research outcome may remain faulty or ambiguous. However, it should be ensured that despite these limitations, the research should be planned well and should be done in a most appropriate way so that the research is collected in a most appropriate way.
|
Activities |
Month 1 |
Month 2 |
Month 3 |
Month 4 |
Month 5 |
|
Introduction and Literature Review |
|||||
|
Methodology |
|||||
|
Data collection |
|||||
|
Thematic Analysis |
|||||
|
Conclusion and Recommendation |
Limitations of Research and Research Questions
Conclusion
The research proposal discusses various aspects pertaining to the Bluetooth Security, which are used very commonly in most of the devices that are used in our daily lives. Several researches have been done related to the security issues of the Bluetooth technology in various devices. However there are several research gap in the previous researches that have been done related to Bluetooth security .The paper identifies both primary and secondary questions that are needed to be addressed related to the Bluetooth security. The paper also discusses in details about the research designs and methods that have been used for the research.
References
Ballmann, B., 2015. Feeling Bluetooth on the Tooth. In Understanding Network Hacks (pp. 137-148). Springer, Berlin, Heidelberg.
Cope, P., Campbell, J. and Hayajneh, T., 2017, January. An investigation of Bluetooth security vulnerabilities. In Computing and Communication Workshop and Conference (CCWC), 2017 IEEE 7th Annual (pp. 1-7). IEEE.
Dell, P. and Ghori, K.S.U.H., 2008, July. A simple way to improve the security of bluetooth devices. In Applications and the Internet, 2008. SAINT 2008. International Symposium on(pp. 444-447). IEEE.
Haataja, K.M., 2008, February. New efficient intrusion detection and prevention system for Bluetooth networks. In Proceedings of the 1st international conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications(p. 16). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering).
Hager, C.T. and MidKiff, S.F., 2003, March. An analysis of Bluetooth security vulnerabilities. In Wireless Communications and Networking, 2003. WCNC 2003. 2003 IEEE (Vol. 3, pp. 1825-1831). IEEE.
Herfurt, M., 2004. Detecting and Attacking bluetooth-enabled Cellphones at the Hannover Fairground. CeBIT 2004.
Liao, H.J., Lin, C.H.R., Lin, Y.C. and Tung, K.Y., 2013. Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), pp.16-24.
Martini, L. and Guichard, J.N., Cisco Technology Inc, 2014. Regulation of network traffic in virtual private networks. U.S. Patent 8,867,349.
Ormston, R., Spencer, L., Barnard, M. and Snape, D., 2014. The foundations of qualitative research. Qualitative research practice: A guide for social science students and researchers, 2, pp.52-55.
Patel, A., Taghavi, M., Bakhtiyari, K. and JúNior, J.C., 2013. An intrusion detection and prevention system in cloud computing: A systematic review. Journal of network and computer applications, 36(1), pp.25-41.
Persson, K.E. and Manivannan, D., 2003, January. Secure connections in bluetooth scatternets. In System Sciences, 2003. Proceedings of the 36th Annual Hawaii International Conference on (pp. 10-pp). IEEE.
Tao, X.J. and Dai Javad, P., Sony Mobile Communications AB, 2013. Methods, electronic devices, and computer program products for coordinating bluetooth and wireless local area network communication. U.S. Patent 8,412,097.
Wang, Y., Wei, J. and Vangury, K., 2014, January. Bring your own device security issues and challenges. In Consumer Communications and Networking Conference (CCNC), 2014 IEEE 11th (pp. 80-85). IEEE.
Yang, L.H. and Wang, Y., MediaTek Inc, 2014. Method of configuring bluetooth SIM access profile of communication device. U.S. Patent 8,768,324.
Zhang, Z., Jan, J., Yuan, S., Zhou, C. and Lee, G., Marvell World Trade Ltd, 2014. Systems and methods for providing collaborative coexistence between Bluetooth and Wi-Fi. U.S. Patent 8,706,032.
Zhao, T., Zhang, G. and Zhang, L., 2014, December. An overview of mobile devices security issues and countermeasures. In Wireless Communication and Sensor Network (WCSN), 2014 International Conference on (pp. 439-443). IEEE.