Romain Cayre, Florent Galtier, G. Auriol, V. Nicomette, M. Kaâniche, G. Marconato
{"title":"InjectaBLE:向已建立的低功耗蓝牙连接注入恶意流量","authors":"Romain Cayre, Florent Galtier, G. Auriol, V. Nicomette, M. Kaâniche, G. Marconato","doi":"10.1109/DSN48987.2021.00050","DOIUrl":null,"url":null,"abstract":"Bluetooth Low Energy (BLE) is nowadays one of the most popular wireless communication protocols for Internet of Things (IoT) devices. As a result, several attacks have targeted this protocol or its implementations in recent years, illustrating the growing interest for this technology. However, some major challenges remain from an offensive perspective, such as injecting arbitrary frames, hijacking the Slave role or performing a Manin-The-Middle in an already established connection. In this paper, we describe a novel attack called InjectaBLE, allowing to inject malicious traffic into an existing connection. This attack is highly critical as the vulnerability exploited is inherent to the BLE specification itself, which means that any BLE connection can be possibly vulnerable, regardless of the BLE devices involved in the connection. We describe the theoretical foundations of the attack, how to implement it in practice, and we explore four critical attack scenarios allowing to maliciously trigger a specific feature of the target device, hijack the Slave and Master role or to perform a Man-in-the-Middle attack. Finally, we discuss the impact of this attack and outline some mitigation measures.","PeriodicalId":222512,"journal":{"name":"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"87 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections\",\"authors\":\"Romain Cayre, Florent Galtier, G. Auriol, V. Nicomette, M. Kaâniche, G. Marconato\",\"doi\":\"10.1109/DSN48987.2021.00050\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Bluetooth Low Energy (BLE) is nowadays one of the most popular wireless communication protocols for Internet of Things (IoT) devices. As a result, several attacks have targeted this protocol or its implementations in recent years, illustrating the growing interest for this technology. However, some major challenges remain from an offensive perspective, such as injecting arbitrary frames, hijacking the Slave role or performing a Manin-The-Middle in an already established connection. In this paper, we describe a novel attack called InjectaBLE, allowing to inject malicious traffic into an existing connection. This attack is highly critical as the vulnerability exploited is inherent to the BLE specification itself, which means that any BLE connection can be possibly vulnerable, regardless of the BLE devices involved in the connection. We describe the theoretical foundations of the attack, how to implement it in practice, and we explore four critical attack scenarios allowing to maliciously trigger a specific feature of the target device, hijack the Slave and Master role or to perform a Man-in-the-Middle attack. Finally, we discuss the impact of this attack and outline some mitigation measures.\",\"PeriodicalId\":222512,\"journal\":{\"name\":\"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"volume\":\"87 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN48987.2021.00050\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN48987.2021.00050","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections
Bluetooth Low Energy (BLE) is nowadays one of the most popular wireless communication protocols for Internet of Things (IoT) devices. As a result, several attacks have targeted this protocol or its implementations in recent years, illustrating the growing interest for this technology. However, some major challenges remain from an offensive perspective, such as injecting arbitrary frames, hijacking the Slave role or performing a Manin-The-Middle in an already established connection. In this paper, we describe a novel attack called InjectaBLE, allowing to inject malicious traffic into an existing connection. This attack is highly critical as the vulnerability exploited is inherent to the BLE specification itself, which means that any BLE connection can be possibly vulnerable, regardless of the BLE devices involved in the connection. We describe the theoretical foundations of the attack, how to implement it in practice, and we explore four critical attack scenarios allowing to maliciously trigger a specific feature of the target device, hijack the Slave and Master role or to perform a Man-in-the-Middle attack. Finally, we discuss the impact of this attack and outline some mitigation measures.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
