Bitdefender Research
Home / Publications / Detecting and preventing Bluetooth Low Energy Attacks
Detecting and preventing Bluetooth Low Energy Attacks
Balint Szente, Cristian Munteanu, Gyula Farkas
June 15, 2020

Publication Date: April 16, 2020


Over the last two years or so a large number of research papers and presentations on security flaws in BLE
devices came out. By far, the most prevalent hacks against BLE involve capturing handshakes, hard-coded keys and replay attacks.
However, these papers and presentations are on the offensive side of this subject, describing different attacks on various devices.
Is it possible to detect such attacks and if so, how to stop them? How can the risk of such attacks be mitigated against when vendors are often careless with security when they implement BLE stacks? How to protect the user’s devices and the users when the BLE protocol fails to do it?
The current paper approaches the defensive angle of this subject, showing different attack models and focusing not only on the victim’s security flaws, but also on the attacker’s shortcomings. The paper presents ways of detecting in real-time various attacks and ultimately shows a new technique aimed to provide a generic defense against MITM and DoS attacks.

Download Paper

Speaking Dyreza protocol. Advantages of ‘learning’ a new language

Can we trust a trustee? An in-depth look into digitally signed malware industry

It’s a file infector… it’s ransomware… it’s Virlock


adaptation schedule adware anonymity identity attacks automated malware detection automatic updating perceptron-based system automatic updating perceptron behavior banker BLE protocol bluetooth boltzmann machine botnet botnets CA certificate cache system clean file detection clean files cluseting clustering communication protocols cryptographic algorithms cryptography data mining data processing decision making deep learning detection detection system automation development devices digitally signed files distributed algorithms encryption end-user license agreement ensembles ensemble system false alarm probability false positives feature selection file infector generic framework hidden markov model icons identity based encryption impact infection vector javascript large data sets large malware dataset large PDF data sets linear classifier machine learning machine learning algorithm machine learning algorithms machine learning techniques malicious PDF documents malware malware database malware detection malware families malware family malware files map reduce paradigm mathematical computation metamorphism mitigate MITM nlp noise reduction one side class algorithm online threats operating system pdf PDF files perceptron algorithm perceptrons performance practical optimization proxy networks pua public-key cryptography ransomware scaling-up process security&privacy shape-shifting malware stolen certificates supervised learning support vector machines training schedule training speed optimization user interaction variable parameters variable training frequency very large databases virus bulletin viruses voting system Win32.Virlock