Securing bluetooth low energy locks from unauthorizedaccess and surveillance

Anthony Rose, Jason Bindewald, Benjamin Ramsey, Mason Rice, Barry Mullins

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

This chapter describes several vulnerabilities that affect commercial and residential Bluetooth Low Energy security devices and outlines methods for exploiting plaintext, obfuscated and hard-coded passwords, brute forcing passwords and hashes, fuzzing commands and performing man-in-the-middle attacks. Evaluations reveal that 75% of the tested security and access control systems have vulnerabilities that grant unauthorized access. In addition to obtaining access, malicious actors can extract sensitive information that can be used to develop patterns of human behavior. This chapter discusses five solutions for preventing or mitigating Bluetooth Low Energy security breaches, most of which involve minimal implementation overhead on the part of developers.

Original languageEnglish
Title of host publicationCritical Infrastructure Protection XI - 11th IFIP WG 11.10 International Conference, ICCIP 2017, Revised Selected Papers
EditorsSujeet Shenoi, Mason Rice
PublisherSpringer New York LLC
Pages319-338
Number of pages20
ISBN (Print)9783319703947
DOIs
StatePublished - 2017
Externally publishedYes
Event11th IFIP WG 11.10 International Conference on Critical Infrastructure Protection, ICCIP 2017 - Arlington, United States
Duration: Mar 13 2017Mar 15 2017

Publication series

NameIFIP Advances in Information and Communication Technology
Volume512
ISSN (Print)1868-4238

Conference

Conference11th IFIP WG 11.10 International Conference on Critical Infrastructure Protection, ICCIP 2017
Country/TerritoryUnited States
CityArlington
Period03/13/1703/15/17

Keywords

  • Access control
  • Bluetooth low energy
  • Locks
  • Security
  • Vulnerabilities

Fingerprint

Dive into the research topics of 'Securing bluetooth low energy locks from unauthorizedaccess and surveillance'. Together they form a unique fingerprint.

Cite this