Presentation is loading. Please wait.

Presentation is loading. Please wait.

Agenda BLE in IoT devices Bluetooth Low Energy Protocol Stack

Published byBrendan Williamson Modified over 6 years ago

Similar presentations

Presentation on theme: "Agenda BLE in IoT devices Bluetooth Low Energy Protocol Stack"— Presentation transcript:

1 Attacking and Crashing IoT devices via Bluetooth LE Protocol Ajay Pratap Singh & Pratap Chandra

2 Agenda BLE in IoT devices Bluetooth Low Energy Protocol Stack
Functionality of Protocol Layers in BLE BLE Pairing Mechanisms Attacking IoT Devices – Case Studies

3 Internet of Things What
The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data. Source : Wikipedia

4 IOT Devices Smart Homes
Connected Camera Wearable devices Tooth brush Automobile Industry More devices can be found at:

5 Bluetooth Low Energy Broadcaster
Wireless protocol operating in 2.4 GHz band with GFSK modulation. Observer Device Observer Device Bluetooth Low Energy Broadcaster Observer Device Observer Device

6 BLE Packet Preamble Access Address PDU CRC Preamble – 1 byte
Access Address – 4 bytes PDU – 0-20 bytes CRC – 3 bytes Add color to the images

7 Bluetooth Device Address
48 bit unique number, which identifies the device among its peers. Device Address = Manufacture ID + Device ID Manufacture ID= NAP (2 bytes) + UAP (1 byte) DEVICE ID= LAP NAP – non-significant address part UAP – Upper Address part LAP – Lower Address part

8 Bluetooth Core Specification
Applications Logical Link control & Adaption Protocol(L2CAP) Attribute Protocol Security manager Generic Attribute Profile (GATT) Generic Access Profile (GATT) Host control Interface Key generation in LE is done by host (key generation can be upgraded without the need to change the controller) & in classic by controller. PHY - Contains the analog communications circuitry, capable of modulating and demodulating analog signals and transform them into digital symbols. Link layer Physical layer Direct test mode Source:

9 Generic Attribute Profile - GATT
GATT is the backbone of the BLE data transfer as it defines how data is organized and exchanged GATT server Service characteristic Characteristics are defined attribute types that contain a single logical value. characteristic Services are collections of characteristics and relationships to other services that encapsulate the behavior of part of a device. Service characteristic

10 Example Handle UUID Permission Value Service 0x0021 Service READ HRS
Characteristic CHAR READ 0x0026 0x0024 Characteristic 0x0027 CHAR READ bpm

11 Bluetooth LE Pairing Process
Phase-1  Information required for generating the temporary key is exchanged between the master and the slave. Phase-2  The short term key is generated independently on both the ends and the process of encryption is started. Phase-3 Once the connection is secured by encryption and only if bonding is performed, the permanent keys can be distributed for storage and reuse at a later time.

12 CASE STUDIES

13 Case Study 1 – Sniffing traffic
BLE Device Mobile Device

14 Case Study 2 – GATT Misconfiguration
BLE Device GATTTOOL Initial value - 0a 18 Changed Value – 0b 17

15 Real-Time Example

16 Case Study 3 - MiTM 0A:0B:0C:0D:0E:0F Cloning Mac address BLE Device
Mobile Device 0A:0B:0C:0D:0E:0F

17 Case Study 4 – Denial of Service attack
l2cap Packets BLE Device Connection request Mobile Device

18 Thank you Michael Mcneil Ben Kokx Minatee Mishra Maheshan Neelesh swami Anirudh Duggal Pardhiv Reddy Sanjog Panda Archita Sagar Popat Jiggyasu Sharma Narendra Makkena Swaroop Yermalkar Kartik Lalan Abhishikt Chandrakant Nial Audience

19 QUESTIONS

Download ppt "Agenda BLE in IoT devices Bluetooth Low Energy Protocol Stack"

Similar presentations

A Comparison of Bluetooth and competing technologies

A Comparison of Bluetooth and competing technologies
Bluetooth 4.0: Low Energy.

Bluetooth 4.0: Low Energy.
IP Network Basics. For Internal Use Only ▲ Internal Use Only ▲ Course Objectives Grasp the basic knowledge of network Understand network evolution history.

IP Network Basics. For Internal Use Only ▲ Internal Use Only ▲ Course Objectives Grasp the basic knowledge of network Understand network evolution history.
BLUETOOTH. Introduction Bluetooth technology discussed here aims at so-called ad- hoc piconets, which are local area networks with a very limited coverage.

BLUETOOTH. Introduction Bluetooth technology discussed here aims at so-called ad- hoc piconets, which are local area networks with a very limited coverage.
Distributed systems – Part 2  Bluetooth – 2 nd set of slides Anila Mjeda.

Distributed systems – Part 2  Bluetooth – 2 nd set of slides Anila Mjeda.
ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.

ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.
Bluetooth Kirthika Parmeswaran Telcordia Technologies OOPSLA’2000.

Bluetooth Kirthika Parmeswaran Telcordia Technologies OOPSLA’2000.
Distributed systems – Part 2  Bluetooth 4 Anila Mjeda.

Distributed systems – Part 2  Bluetooth 4 Anila Mjeda.
King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.

King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.
Wireless Networks Instructor: Fatima Naseem Computer Engineering Department, University of Engineering and Technology, Taxila.

Wireless Networks Instructor: Fatima Naseem Computer Engineering Department, University of Engineering and Technology, Taxila.
Bluetooth Techniques Chapter 15. Overview of Bluetooth Initially developed by Swedish mobile phone maker in 1994 to let laptop computers make calls over.

Bluetooth Techniques Chapter 15. Overview of Bluetooth Initially developed by Swedish mobile phone maker in 1994 to let laptop computers make calls over.
발표자 : 현근수 Bluetooth. Overview wireless protocol short-range communications technology single digital wireless protocol connecting multiple devices mobile.

발표자 : 현근수 Bluetooth. Overview wireless protocol short-range communications technology single digital wireless protocol connecting multiple devices mobile.
Team Topic Presentation Team 6 BLUETOOTH What is Bluetooth? Cable Replacement Automatic Connectivity Hidden Computing Few Examples: 1.Automatic Door.

Team Topic Presentation Team 6 BLUETOOTH What is Bluetooth? Cable Replacement Automatic Connectivity Hidden Computing Few Examples: 1.Automatic Door.
Lectured By: Vivek Dimri Asst Professor CSE Deptt. SET.

Lectured By: Vivek Dimri Asst Professor CSE Deptt. SET.
Azam Supervisor : Prof. Raj Jain

Azam Supervisor : Prof. Raj Jain
Wikipedia Edit. Internet of Things It is the idea of enabling everyday objects with software, sensors and network connectivity. The connectivity would.

Wikipedia Edit. Internet of Things It is the idea of enabling everyday objects with software, sensors and network connectivity. The connectivity would.
Bluetooth Low Energy Security Manager CSOS 홍성화. content Security Manager Introduction Security Properties Cryptographic Functions Security Manager Protocol.

Bluetooth Low Energy Security Manager CSOS 홍성화. content Security Manager Introduction Security Properties Cryptographic Functions Security Manager Protocol.
IEEE Wireless LAN Standard

IEEE Wireless LAN Standard
KyungPook National University CSOS Hye Youn Kang.

KyungPook National University CSOS Hye Youn Kang.
Wireless Communication David Kopczyk. AM/FM Most current wireless tech utilizes FM Radio Transmission.

Wireless Communication David Kopczyk. AM/FM Most current wireless tech utilizes FM Radio Transmission.

Similar presentations

Ads by Google