Introduction
The growth in the volume of Bluetooth-enabled devices demonstrates that this technology has become a standard strategy for remote interconnections for exchanging information. Bluetooth technology has turned into an essential element of our society. The accessibility of mobile phones, digital controllers, Personal Digital Assistants (PDAs), and PCs has made Bluetooth an excellent approach to short-range remote communications (Albahar, Olawumi, Haataja, & Toivanen, 2017).
Nevertheless, as the use of Bluetooth grows, vulnerabilities in its security conventions are also growing, which can be present risks to the protection and integrity of customer’s personal information. Data transmission attacks include pin theft attacks, eavesdropping attacks, victim device cloning attacks, treacherous attacks, DoS attacks, surveillance attacks, miscellaneous attacks, and Bluetooth malware. Particularly Bluetooth devices suffer from a range of vulnerabilities that must be understood in order to secure data transfer.
The objective of Bluetooth is to provide a convention for exchanging information over a remote network. The technology integrates the application circumstances of voice, information protocols, and ad hoc servers. Many wired and remote devices are Bluetooth compatible, including office devices, printers, projectors, PCs, PDAs, speakers, phones, pagers, devices for home use, modern cameras, cooking equipment, clothes washers, coolers, and home controllers. Bluetooth is appropriate for a broad range of uses, including remote office and social environments, home use, in-vehicle use, and payment devices (Lalis, Gerardo, & Byun, 2014).
Bluetooth is an acknowledged standard for devices to achieve the necessary peering through low-control, short-transmission, and negligible exertion radio. The ordinary transmitting power is 1mw (0dbm) with a range from at least 10m up to an optional range of 100m, while power usage ranges from 20ma to 30ma. Bluetooth comprises a master-slave design to structure a designated remote framework, referred to as a piconet.
A master device in a piconet can link with up to seven powerful slaves. Additionally, a pair of joined piconets can create a dispersed net. The Bluetooth architecture includes radio frequency layers, the baseband layer, link 2 manager protocol, radio frequency communication protocol, application layer, service discovery protocol, telephony control, and signaling layer (Yeh, Peng, Wang, & Hsu, 2012).
Bluetooth Data Transmission Security
Bluetooth technology provides security at both the application layer and the connection layer. Although Bluetooth data transmission vulnerabilities persist, it would be difficult to penetrate a device with a hop range of 1600 hops/second. A programmed output adjustment design is incorporated into the standard for low power utilization of lightweight devices, which can diminish the radio coverage range of information transmission as required by the signal strength (Albahar, Olawumi, Haataja, & Toivanen, 2018).
It is important to note that each Bluetooth security measure has its own characteristic features. For example, link authentication can be secured with a third-party architecture and digital signature. The security controller helps with link authentication by using a third-party protocol and private keys. The security controller creates hash functions during data transmission to ensure data integrity (Lonzetta, Cope, Campbell, Mohd, & Hayajneh, 2018).
It is important to understand the techniques of data transmission attacks and their processes. The attacks could target plaintext passwords or take the form of DoS attacks, Man-in-the-Middle attacks, or brute force attacks, to mention a few. Through a complete understanding of the technology and its existing weaknesses, it might be conceivable to create secure methods to preserve Bluetooth’s convenience while also guaranteeing data integrity (Mana, Feham & Bensaber, 2011).
Plaintext Passwords
The potential for a plaintext password attack exists when a decoded secret word crosses a decoded channel. The secret word is in a coherent configuration and offers no security to the client or device. This threat is common among many devices and enables attackers to spy on the transmission by using specialized equipment or programs that screen for HCI activity (Minar & Tarique, 2012). Plaintext password attacks can be utilized to gain access to central offices, change master passwords, or acquire network logs.
Secret Phrase Obfuscation
Password obfuscation offers enhanced security over plaintext passwords. However, it leaves a noteworthy security hazard for the client. An obfuscated secret phrase utilizes hashing to decrease the danger of exposure. The challenge of utilizing an obfuscated secret phrase is that it can be recorded and replayed to the Bluetooth lock. Replaying the secret word enables an attacker to access the lock, although the secret key remains obfuscated. An attacker can access any point they need with the sniffed secret key if the device utilizes the equivalent hashing algorithm for the secret phrase (Rijah et al., 2016).
Brute Forcing
Brute forcing is an attack where various cycles of a secret word or hash are sent to a target with the goal of gaining access. This attack on a target requires a plaintext secret phrase or an obfuscated secret key. If certifications are conflicting, then this kind of attack is not practical.
Command Fuzzing
Command fuzzing occurs when an application accepts an invalid command that has been changed to imitate an authentic instruction, with the expectation that the device will enter another state. The alteration consists of changing individual bytes of a protocol until the application acknowledges the wrong order. The aim of fuzzing a device is to force it into a volatile state where it will perform in a way that was not planned.
Hard-Coded Passwords
Hard-coded passwords occur due to poor programming practices where software programmers leave passwords in applications. This weakness affects over 38% of Android applications (Rijah et al., 2016). These passwords are difficult to decode and require decompiling the application into meaningful code. Another attack vector for securing the secret word is installing a keystroke logger on the device through malware. Hard-coded passwords offer an attacker the ability to access programmer options within an application or bypass its security protocols.
Man-in-the-Middle Attack
A Man-in-the-Middle attack (MitM) happens when two devices are associated with a third device that transfers data between the two transmitting devices. This is because many Bluetooth devices use an authenticated link, enabling an attacker to observe both the client and the device. An attacker does not require passive spying when utilizing this attack method, giving attackers the ability to affect the input prompts.
Rogue Device Attack
This kind of attack depends on a MitM attack where the attacker imitates the device with the goal of persuading the client that the attacker is the target device. Most Bluetooth applications do not validate a device before sending instructions, enabling an attacker to clone the device. The client application starts the transmission once it receives the cloned device protocol. As a result, the application sends different commands to the cloned device as though it was the real device. These messages incorporate passwords or nonces, which are utilized to access the target device. Nonces are arbitrary numbers that are utilized once, and they secure links against a replay attack.
Relay Attack
A relay attack is a frequent approach in situations where the nonces are arbitrary, and a rogue device attack is not possible. The attacker mimics the target device and commands the client to transfer data using an extension. Utilizing an extended link enables the client and device to transfer data. This enables the attacker to mimic the target device and trick the client into communicating and transferring secured data.
Securing Bluetooth Data Transfers
Paring and Bonding
One of the methods of securing Bluetooth data transmission is paring and bonding. Two security protocols occur with an underlying association. The initial step is paring, which is an interchange of security features and capabilities. The exchange link starts with the client and launches specific algorithms to determine the input and output protocols before initiating the bonding process. Bonding occurs after pairing, and encrypted values have been generated and transmitted. Thus bonding is a more stable encryption strategy used to secure Bluetooth data transmission. After bonding, the user can encode the link without the command keys. The pairing techniques include Just Works, passkey entry, and numeric encryption.
Hybrid Paring Protocol
This technique depends on Diffie-Hellman key design, MD5, and Hummingbird-2 (Lalis et al., 2014). The pairing convention adopts the DH key to process the shared key. An MD5 hash is utilized to address the threats resulting from having a short PIN. This component is coordinated with the Hummingbird-2 protocol to reinforce the system and make it suitable for devices that have limited memory and power. This security protocol for Bluetooth data transmission is required to enhance the security of the Bluetooth device against attacks.
Application Layer Encryption
This security measure does not require new devices to be paired but depends on the client and device to set up keys that will be utilized to code and decode certifications. Application layer encryption is difficult because of its key management issues. However, the challenge of application-layer encryption creates strong security when it is joined with link encryption. Application layer encryption secures devices against plaintext, secret key obfuscation, and other attacks (Singla & Singh, 2016).
Two-way Authentication
Two-way confirmation secures a device against a rogue device attack by compelling the client and device not to trust a link. This strategy does not utilize connection layer encryption. Optimally, an public/private key model is utilized between the devices to confirm and create access. Two-way verification secures devices against plaintext attacks, secret key obfuscation, and fuzzing.
Geofencing
This technique shields clients against unauthorized access by requiring a client to be in a particular GPS range to request or create authorization from a web server. A virtual fence is made around a device so that a client must be within the coverage distance to gain access. Geofencing keeps cloned devices from tricking clients into granting authorization. This method is best combined with other secured systems because it is vulnerable when the attacker is within the GPS range. Network incorporation is itself a significant security issue. Due to the non-incorporated security issue in ad-hoc systems, securing Bluetooth data transmissions is a growing concern. Security logs should be inspected, monitored, and managed.
Most users neglect to turn off devices when they are disconnected or even overlook making a device invisible (Suresh, Vidhya, Shamli, Muthulakshimi, & Menaka, 2016). To upgrade security in Bluetooth devices, clients ought to be instructed and educated about security dangers and rules for device usage. It is important to note that threat assessment is a method of mitigating attacks. Consequently, Bluetooth manufacturers could secure their products by installing instructions to issue warning notices that a device is vulnerable and exposed. Thus, the client can choose to protect their device or disregard the warning. Security coding encryption is a method for future implementation in video communication (Suresh et al., 2016).
General Security
- The first general security measure is threat assessment and education. Most users are ignorant of the vulnerabilities of Bluetooth devices.
- Update the security settings of the Bluetooth device to reflect appropriate countermeasures.
- Change the Bluetooth device to an adequate connectivity level to protect the service range.
- Select PIN codes that are irregular and long.
- Do not use static and weak unit keys and PINs for authentication.
- Certify that connection keys depend on pairing keys as opposed to unit keys.
- If the user decides to use the multi-hop remote protocol, it is essential to guarantee that encryption is enabled on each connection in the chain.
- The user should enable encryption for all data transmissions.
- Select encryption key values for the most suitable point of confinement.
- Guarantee that Bluetooth devices are disconnected when they are not in use.
- Configure devices as rarely as is prudent and in a protected location where attackers cannot spy on the passkey selection and capture Bluetooth pairing messages.
- Users should never react to any messages asking for a PIN except if the client has started a pairing procedure.
- If a Bluetooth device is lost, users should un-pair the lost device from all other Bluetooth devices paired to it. This strategy will prevent an attacker from utilizing the lost device to gain access to another Bluetooth device possessed by the client.
References
Albahar, M., Olawumi, O., Haataja, K., & Toivanen, P. (2017). A novel method for Bluetooth pairing using steganography. International Journal on Information Technologies & Security, 9(1). 52-66.
Albahar, M., Olawumi, O., Haataja, K., & Toivanen, P. (2018). Novel hybrid encryption algorithm based on Aes, RSA, and Twofish for Bluetooth encryption. Journal of Information Security, 9(1), 168-176.
Lalis, J., Gerardo, B., & Byun, Y. (2014). Securing Bluetooth communication with hybrid pairing protocol. International Journal of Security and Its Applications, 8(4), 219-228. Web.
Lonzetta, A., Cope, P., Campbell, J. Mohd, B., & Hayajneh, T. (2018). Security vulnerabilities in Bluetooth technology as used in IoT. Journal of Sensor and Actuator Networks, 7(28), 1-26. Web.
Mana, M., Feham., & Bensaber, B. (2011). A lightweight protocol to provide location privacy in wireless body area networks. International Journal of Network Security & Its Applications, 3(2). 1-11.
Minar, N., & Tarique, M. (2012). Bluetooth security threats and solutions: A survey. International Journal of Distributed and Parallel Systems, 3(1), 1-22.
Rijah, U., Mosharani, S., Amuthapriya, S., Mufthas, M., Hezretov, M., & Dhammearatchi, D. (2016). Bluetooth security analysis and solution. International Journal of Scientific and Research Publications, 6(4), 333-338.
Singla, B., & Singh, V. (2016). Bluetooth technology: Functionalities & security issues. International Journal of Computer Networks and Wireless Communications, 6(5), 50-57.
Suresh, C., Vidhya, V., Shamli, E., Muthulakshimi, R., & Menaka, S. (2016). A design approach for wireless communication security in Bluetooth network. International Journal of Computer Science Trends and Technology, 4(1), 106-112.
Yeh, T., Peng, J., Wang, S., & Hsu, J. (2012). Securing Bluetooth communications. International Journal of Network Security, 14(4), 229-235.