Agenda BLE in IoT devices Bluetooth Low Energy Protocol Stack

Slides:

Advertisements

Similar presentations

A Comparison of Bluetooth and competing technologies

Advertisements

Bluetooth 4.0: Low Energy.

IP Network Basics. For Internal Use Only ▲ Internal Use Only ▲ Course Objectives Grasp the basic knowledge of network Understand network evolution history.

BLUETOOTH. Introduction Bluetooth technology discussed here aims at so-called ad- hoc piconets, which are local area networks with a very limited coverage.

Distributed systems – Part 2  Bluetooth – 2 nd set of slides Anila Mjeda.

ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.

Bluetooth Kirthika Parmeswaran Telcordia Technologies OOPSLA’2000.

Distributed systems – Part 2  Bluetooth 4 Anila Mjeda.

King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.

Wireless Networks Instructor: Fatima Naseem Computer Engineering Department, University of Engineering and Technology, Taxila.

Bluetooth Techniques Chapter 15. Overview of Bluetooth Initially developed by Swedish mobile phone maker in 1994 to let laptop computers make calls over.

발표자 : 현근수 Bluetooth. Overview wireless protocol short-range communications technology single digital wireless protocol connecting multiple devices mobile.

Team Topic Presentation Team 6 BLUETOOTH What is Bluetooth? Cable Replacement Automatic Connectivity Hidden Computing Few Examples: 1.Automatic Door.

Lectured By: Vivek Dimri Asst Professor CSE Deptt. SET.

Azam Supervisor : Prof. Raj Jain

Wikipedia Edit. Internet of Things It is the idea of enabling everyday objects with software, sensors and network connectivity. The connectivity would.

Bluetooth Low Energy Security Manager CSOS 홍성화. content Security Manager Introduction Security Properties Cryptographic Functions Security Manager Protocol.

IEEE Wireless LAN Standard

KyungPook National University CSOS Hye Youn Kang.

Wireless Communication David Kopczyk. AM/FM Most current wireless tech utilizes FM Radio Transmission.

CH9. HOST CONTROLLER INTERFACE AND COMMANDS CH10. LOGICAL LINK AND ADAPTATION PROTOCOL(L2CAP) RTLAB YuJin Park.

BLUETOOTH TECHNOLOGY Submitted by: Kusham Lata Bindu Grover Submitted To: NIIT(Sirsa)

Created by :- prashant more prashant more. INTRODUCTION Bluetooth is wireless high speed data transfer technology over a short range ( meters).

BLUETOOTH LOW ENERGY Kieon Seong. Introduction  Chap 1. What is Bluetooth Low Energy? Difference Between Classic Bluetooth Device Types Design Goals.

Tutorial on Bluetooth Low Energy(BLE)

Bluetooth 4.0: Low Energy.

Internet of Things Amr El Mougy Alaa Gohar.

Communication Devices..

Wireless Measurement Cores Electronic LLC 10/26/2006

SSN College of Engineering

A brief introduction to IoT gateway

Bluetooth Low Energy Overview.

BLUETOOTH THE STANDARD & ISSUES.

Channel Control Interim substates for adding new slaves

Bluetooth Low Energy Bluetooth Smart Nenad Četić – Makers NS.

DT80 range Modbus capability

1st Draft for Defining IoT (1)

Semester 1 Cisco Discovery JEOPADY Chapter 3.

OSI Protocol Stack Given the post man exemple.

Data Networking via LANs Packets and Frames

A Wireless LAN technologies IEEE

Lecture 12: Bluetooth LE Topics: BLE Basics, code example.

network interface card (NIC)

Understanding the OSI Reference Model

Wireless NETWORKS NET 434 Topic No 7 Bluetooth-IEEE802.15

Lec 5 Layers Computer Networks Al-Mustansiryah University

The Web Sensor Gateway Architecture for ZIGBEE

Wireless NETWORKS NET 434 Topic No 7 Bluetooth-IEEE802.15

Protocols and the TCP/IP Suite

Internet of Things (IoT)

Wireless Communication between Android Application and Sensors

Wireless NETWORKS NET 434 Topic No 7 Bluetooth-IEEE802.15

ECEN “Internet Protocols and Modeling”

Network Models, Hardware, Protocols and number systems

RKL Remote key loading.

BLUETOOTH Personal Area Networking [ PAN ] over Bluetooth

Near field communication (NFC)

Chapter 2. Protocols and Architecture

Short-Range Radio Frequency Networking

Short-Range Radio Frequency Networking

Protocols and the TCP/IP Suite

Computer Networking A Top-Down Approach Featuring the Internet

Bluetooth- L2CAP & Baseband Layer

Internet of Things (IoT)

Emilia Nisha D’souza [ ]

Computer Networks ARP and RARP

Lecture 12: Bluetooth LE Topics: BLE Basics, code example.

E-LEARNING SOURCES IN COMPUTER NETWORKS SECURITY

Presentation transcript:

Attacking and Crashing IoT devices via Bluetooth LE Protocol Ajay Pratap Singh & Pratap Chandra

Agenda BLE in IoT devices Bluetooth Low Energy Protocol Stack Functionality of Protocol Layers in BLE BLE Pairing Mechanisms Attacking IoT Devices – Case Studies

Internet of Things What The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data. Source : Wikipedia

IOT Devices Smart Homes Connected Camera Wearable devices Tooth brush Automobile Industry More devices can be found at: http://iotlist.co

Bluetooth Low Energy Broadcaster Wireless protocol operating in 2.4 GHz band with GFSK modulation. Observer Device Observer Device Bluetooth Low Energy Broadcaster Observer Device Observer Device

BLE Packet Preamble Access Address PDU CRC Preamble – 1 byte Access Address – 4 bytes PDU – 0-20 bytes CRC – 3 bytes Add color to the images

Bluetooth Device Address 48 bit unique number, which identifies the device among its peers. Device Address = Manufacture ID + Device ID Manufacture ID= NAP (2 bytes) + UAP (1 byte) DEVICE ID= LAP NAP – non-significant address part UAP – Upper Address part http://standards-oui.ieee.org/oui/oui.txt LAP – Lower Address part

Bluetooth Core Specification Applications Logical Link control & Adaption Protocol(L2CAP) Attribute Protocol Security manager Generic Attribute Profile (GATT) Generic Access Profile (GATT) Host control Interface Key generation in LE is done by host (key generation can be upgraded without the need to change the controller) & in classic by controller. PHY - Contains the analog communications circuitry, capable of modulating and demodulating analog signals and transform them into digital symbols. Link layer Physical layer Direct test mode Source: https://www.bluetooth.com/specifications/bluetooth-core-specification

Generic Attribute Profile - GATT GATT is the backbone of the BLE data transfer as it defines how data is organized and exchanged GATT server Service characteristic Characteristics are defined attribute types that contain a single logical value. characteristic Services are collections of characteristics and relationships to other services that encapsulate the behavior of part of a device. Service characteristic

Example Handle UUID Permission Value Service 0x0021 Service READ HRS Characteristic CHAR READ 0x0026 0x0024 Characteristic 0x0027 CHAR READ bpm

Bluetooth LE Pairing Process Phase-1  Information required for generating the temporary key is exchanged between the master and the slave. Phase-2  The short term key is generated independently on both the ends and the process of encryption is started. Phase-3 Once the connection is secured by encryption and only if bonding is performed, the permanent keys can be distributed for storage and reuse at a later time.

CASE STUDIES

Case Study 1 – Sniffing traffic BLE Device Mobile Device

Case Study 2 – GATT Misconfiguration BLE Device GATTTOOL Initial value - 0a 18 Changed Value – 0b 17

Real-Time Example

Case Study 3 - MiTM 0A:0B:0C:0D:0E:0F Cloning Mac address BLE Device Mobile Device 0A:0B:0C:0D:0E:0F

Case Study 4 – Denial of Service attack l2cap Packets BLE Device Connection request Mobile Device

Thank you Michael Mcneil Ben Kokx Minatee Mishra Maheshan Neelesh swami Anirudh Duggal Pardhiv Reddy Sanjog Panda Archita Sagar Popat Jiggyasu Sharma Narendra Makkena Swaroop Yermalkar Kartik Lalan Abhishikt Chandrakant Nial Audience

QUESTIONS