通过基于蓝牙的定时攻击检测智能手机状态的变化

Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2018-06-18 DOI:10.1145/3212480.3212494

Guillaume Celosia, M. Cunche

{"title":"通过基于蓝牙的定时攻击检测智能手机状态的变化","authors":"Guillaume Celosia, M. Cunche","doi":"10.1145/3212480.3212494","DOIUrl":null,"url":null,"abstract":"Bluetooth is a popular wireless communication technology that is available on most mobile devices. Although Bluetooth includes security and privacy preserving mechanisms, we show that a Bluetooth harmless inherent request-response mechanism can taint users privacy. More specifically, we introduce a timing attack that can be triggered by a remote attacker in order to infer information about a Bluetooth device state. By observing the L2CAP layer ping mechanism timing variations, it is possible to detect device state changes, for instance when the device goes in or out of the locked state. Our experimental results show that change point detection analysis of the timing allows to detect device state changes with a high accuracy. Finally, we discuss applications and countermeasures.","PeriodicalId":267134,"journal":{"name":"Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Detecting smartphone state changes through a Bluetooth based timing attack\",\"authors\":\"Guillaume Celosia, M. Cunche\",\"doi\":\"10.1145/3212480.3212494\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Bluetooth is a popular wireless communication technology that is available on most mobile devices. Although Bluetooth includes security and privacy preserving mechanisms, we show that a Bluetooth harmless inherent request-response mechanism can taint users privacy. More specifically, we introduce a timing attack that can be triggered by a remote attacker in order to infer information about a Bluetooth device state. By observing the L2CAP layer ping mechanism timing variations, it is possible to detect device state changes, for instance when the device goes in or out of the locked state. Our experimental results show that change point detection analysis of the timing allows to detect device state changes with a high accuracy. Finally, we discuss applications and countermeasures.\",\"PeriodicalId\":267134,\"journal\":{\"name\":\"Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3212480.3212494\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3212480.3212494","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

蓝牙是一种流行的无线通信技术，可以在大多数移动设备上使用。虽然蓝牙包含安全和隐私保护机制，但我们表明蓝牙无害的固有请求-响应机制可能会损害用户的隐私。更具体地说，我们引入了一种定时攻击，可以由远程攻击者触发，以推断有关蓝牙设备状态的信息。通过观察L2CAP层ping机制的时间变化，可以检测设备状态的变化，例如，当设备进入或退出锁定状态时。实验结果表明，时序变化点检测分析能够以较高的精度检测器件状态变化。最后，讨论了应用及对策。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detecting smartphone state changes through a Bluetooth based timing attack

Bluetooth is a popular wireless communication technology that is available on most mobile devices. Although Bluetooth includes security and privacy preserving mechanisms, we show that a Bluetooth harmless inherent request-response mechanism can taint users privacy. More specifically, we introduce a timing attack that can be triggered by a remote attacker in order to infer information about a Bluetooth device state. By observing the L2CAP layer ping mechanism timing variations, it is possible to detect device state changes, for instance when the device goes in or out of the locked state. Our experimental results show that change point detection analysis of the timing allows to detect device state changes with a high accuracy. Finally, we discuss applications and countermeasures.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks

自引率

0.00%

发文量