The basic concept of Bluetooth Low Energy (BLE) is short packet transmission and transient connection. It can quickly establish a connection, send data, and quickly disconnect, so that neighbor discovery is frequent a...The basic concept of Bluetooth Low Energy (BLE) is short packet transmission and transient connection. It can quickly establish a connection, send data, and quickly disconnect, so that neighbor discovery is frequent and becomes an important issue. In the neighbor discovery which includes advertising and scanning, the BLE specification defines several important parameters. The parameters on the advertiser side include advertising interval, advertising duration, etc. On the scanner side, there are scan interval, scan window, etc. How to configure these parameters for quick neighbor discovery has been troublesome for BLE implementers. Prior analyses on BLE discovery process also showed some disagreements or made some incorrect assumptions. In this paper, we use rigorous probability-theory based derivations to obtain different kinds of successful discovery probabilities. We clarify disagreements in prior works and also provide insights on how to configure parameters for maximizing discovery probability. In particular, we prove that the discovery probabilities on each of the three channels are correlated. We also find that, when the advertising duration is set close to some multiples of the scan interval, an ill-fated synchronization problem will occur. To have a high discovery probability, both scan window and scan interval should be set at a large value, though it might not be good for energy saving.展开更多
Wearable devices are becoming more popular in our daily life.They are usually used to monitor health status,track fitness data,or even do medical tests,etc.Since the wearable devices can obtain a lot of personal data,...Wearable devices are becoming more popular in our daily life.They are usually used to monitor health status,track fitness data,or even do medical tests,etc.Since the wearable devices can obtain a lot of personal data,their security issues are very important.Motivated by the consideration that the current pairing mechanisms of Bluetooth Low Energy(BLE)are commonly impractical or insecure for many BLE based wearable devices nowadays,we design and implement a security framework in order to protect the communication between these devices.The security framework is a supplement to the Bluetooth pairing mechanisms and is compatible with all BLE based wearable devices.The framework is a module between the application layer and the GATT(Generic Attribute Profile)layer in the BLE architecture stack.When the framework starts,a client and a server can automatically and securely establish shared fresh keys following a designed protocol;the services of encrypting and decrypting messages are provided to the applications conveniently by two functions;application data are securely transmitted following another protocol using the generated keys.Prudential principles are followed by the design of the framework for security purposes.It can protect BLE based wearable devices from replay attacks,Man-in-The-Middle attacks,data tampering,and passive eavesdropping.We conduct experiments to show that the framework can be conveniently deployed with practical operational cost of power consumption.The protocols in this framework have been formally verified that the designed security goals are satisfied.展开更多
In the era of the Internet of Things,Bluetooth low energy(BLE/BTLE)plays an important role as a wellknown wireless communication technology.While the security and privacy of BLE have been analyzed and fixed several ti...In the era of the Internet of Things,Bluetooth low energy(BLE/BTLE)plays an important role as a wellknown wireless communication technology.While the security and privacy of BLE have been analyzed and fixed several times,the threat of side-channel attacks to BLE devices is still not well understood.In this work,we highlight a side-channel threat to the re-keying protocol of BLE.This protocol uses a fixed long term key for generating session keys,and the leakage of the long term key could render the encryption of all the following(and previous)connections useless.Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices.In particular,we present successful correlation electromagnetic analysis and deep learning based profiled analysis that recover long term keys of BLE devices.We evaluate our attack on an ARM Cortex-M4 processor(Nordic Semiconductor nRF52840)running Nimble,a popular open-source BLE stack.Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces.Further,we summarize the features and limitations of our attack,and suggest a range of countermeasures to prevent it.展开更多
With the rapid development of the Internet of Things(IoT),wireless technology has become an indispensable part of modern computing platforms and embedded systems.Wireless device fingerprint identification is deemed as...With the rapid development of the Internet of Things(IoT),wireless technology has become an indispensable part of modern computing platforms and embedded systems.Wireless device fingerprint identification is deemed as a promising solution towards enhancing the security of device access authentication and communication process in the IoT scenario.However,the extraction of features from the network layer and its upper layers often confront restrictions from specific devices:the association with a certain wireless network and the access to the plaintext of the payload.Meanwhile,Bluetooth Low Energy(BLE)packets have been encrypted above the link layer,which makes those features difficult to extract.To tackle these problems,we introduce a novel method to identify BLE devices based on the fingerprint features in the data link layer.Initially,the BLE packets are collected through a receiver based on software-defined radio technology.Then,fields that reflect device differences in BLE broadcast packets are extracted through traffic analysis.Finally,a MultiLayer Perceptron(MLP)model is employed to recognize the category of BLE devices.An experimental result on a dataset with 15 types of BLE devices shows that the identification accuracy of the proposed method can reach 99.8%,which accomplishes better performance over previous work.展开更多
In the era of the Internet of Things(IoT),the ever-increasing number of devices connected to the IoT networks also increases the energy consumption on the edge.This is prohibitive since the devices living on the edge ...In the era of the Internet of Things(IoT),the ever-increasing number of devices connected to the IoT networks also increases the energy consumption on the edge.This is prohibitive since the devices living on the edge are generally resource constrained devices in terms of energy consumption and computational power.Thus,trying to tackle this issue,in this paper,a fully automated end-to-end IoT system for real time monitoring of the status of a moving vehicle is proposed.The IoT system consists mainly of three components:(1)the ultra-lowpower consumptionWireless SensorNode(WSN),(2)the IoT gateway and(3)the IoT platform.In this scope,a selfpoweredWSN having ultra-low energy consumption(less than 10 mJ),which can be produced by environmental harvesting systems,is developed.WSN is used for collecting sensors’measurements from the vehicle and transmitting them to the IoT gateway,by exploiting a low energy communication protocol(i.e.,BLE).A powerful IoT gateway gathers the sensors’measurements,harmonizes,stores temporary and transmits them wirelessly,to a backend server(i.e.,LTE).And finally,the IoT platform,which in essence is a web application user interface(UI),used mainly for almost real time visualization of sensors’measurements,but also for sending alerts and control signals to enable actuators,installed in the vehicle near to the sensors field.The proposed system is scalable and it can be adopted for monitoring a large number of vehicles,thus providing a fully automatic IoT solution for vehicle fleet management.Moreover,it can be extended for simultaneous monitoring of additional parameters,supporting other low energy communication protocols and producing various kinds of alerts and control signals.展开更多
Indoor organization user activity’s (UA) direction detection monitoring system and also emergency prediction are major challenging tasks in the field of the typical body sensor and indoor fixed sensor networks. ...Indoor organization user activity’s (UA) direction detection monitoring system and also emergency prediction are major challenging tasks in the field of the typical body sensor and indoor fixed sensor networks. In this paper, indoor UA based direction detection monitoring system is achieved by the combination of both the orientation sensor and Bluetooth Low Energy (BLE) in user’s smartphones belonging to the Internet of Things (IoT). The orientation sensor senses the actual orientation of the user and BLE transmits the sensed BLE signals to monitoring system using star topology in IoT. In monitoring system, classification algorithm is used to identify the directions of the smartphone users. The emergency situation of the user is also predicted based on signal variation instantly in real time. The user activity’s signals are captured using LabVIEW toolkit then applied to various classification algorithms such asRF—91.42%, Ibk—90.55%, j48— 85.61%, K*—73.54% are the results obtained. An average of 85% was obtained in all the classifi- cation algorithims indicating the consistency and accuracy in detecting the directions of the users. RF was found to be the best among all the classification algorithms. IoT enabled devices have high demand in near coming future, moreover smartphones users increase day by day, hence implementing and maintaining the above said system would be much easier and cheaper compared to other conventional networks.展开更多
This article presents an indoor infant monitoring system based on Android system which employs a low-cost Bluetooth Low Energy(BLE)pseudolite to accurately locate the infants in the activity indoors and timely remind ...This article presents an indoor infant monitoring system based on Android system which employs a low-cost Bluetooth Low Energy(BLE)pseudolite to accurately locate the infants in the activity indoors and timely remind the parents.It can achieve a positioning accuracy better than 2 m and effectively reduce the risk of injury to infants and young children.The performance of the proposed system,using false negative rate,false alarm rate,and alarm response time as indicators,is compared with that of the system using Quuppa as a positioning source.The experiment results show that both BLE pseudolite and Quuppa as a positioning source can basically meet the positioning accuracy for the infant monitoring system,but the BLE-pseudolite-based system provides a more cost-efficient solution.展开更多
Owing to advanced storage and communication capabilities today, smart devices have become the basic interface between individuals and their surrounding environment. In particular, massive devices connect to one other ...Owing to advanced storage and communication capabilities today, smart devices have become the basic interface between individuals and their surrounding environment. In particular, massive devices connect to one other directly in a proximity area, thereby enabling abundant Proximity Services(Pro Se), which can be classified into two categories: public safety communication and social discovery. However, two challenges impede the quick development and deployment of Pro Se applications. From the viewpoint of networking, no multi-hop connectivity functionality component can be directly operated on commercially off-the-shelf devices, and from the programming viewpoint, an easily reusable development framework is lacking for developers with minimal knowledge of the underlying communication technologies and connectivity. Considering these two issues, this paper makes a twofold contribution. First, a multi-hop mesh networking based on Bluetooth Low Energy(BLE) is implemented,in which a proactive routing mechanism with link-quality(i.e., received signal strength indication) assistance is designed. Second, a Pro Se development framework called BLE Mesh is designed and implemented, which can provide significant benefits for application developers, framework maintenance professionals, and end users. Rich application programming interfaces can help developers to build Pro Se apps easily and quickly. Dependency inversion principle and template method pattern allow modules in BLE Mesh to be loosely coupled and easy to maintain and update. Callback mechanism enables modules to work smoothly together and automation processes such as registration, node discovery, and messaging are employed to offer nearly zero-configuration for end users.Finally, based on the designed Pro Se development kit, a public safety communications app called Quote Send App is built to distribute emergency information in close area without Internet access. The process illustrates the easy usability of BLE Mesh to develop Pro Se apps.展开更多
文摘The basic concept of Bluetooth Low Energy (BLE) is short packet transmission and transient connection. It can quickly establish a connection, send data, and quickly disconnect, so that neighbor discovery is frequent and becomes an important issue. In the neighbor discovery which includes advertising and scanning, the BLE specification defines several important parameters. The parameters on the advertiser side include advertising interval, advertising duration, etc. On the scanner side, there are scan interval, scan window, etc. How to configure these parameters for quick neighbor discovery has been troublesome for BLE implementers. Prior analyses on BLE discovery process also showed some disagreements or made some incorrect assumptions. In this paper, we use rigorous probability-theory based derivations to obtain different kinds of successful discovery probabilities. We clarify disagreements in prior works and also provide insights on how to configure parameters for maximizing discovery probability. In particular, we prove that the discovery probabilities on each of the three channels are correlated. We also find that, when the advertising duration is set close to some multiples of the scan interval, an ill-fated synchronization problem will occur. To have a high discovery probability, both scan window and scan interval should be set at a large value, though it might not be good for energy saving.
文摘Wearable devices are becoming more popular in our daily life.They are usually used to monitor health status,track fitness data,or even do medical tests,etc.Since the wearable devices can obtain a lot of personal data,their security issues are very important.Motivated by the consideration that the current pairing mechanisms of Bluetooth Low Energy(BLE)are commonly impractical or insecure for many BLE based wearable devices nowadays,we design and implement a security framework in order to protect the communication between these devices.The security framework is a supplement to the Bluetooth pairing mechanisms and is compatible with all BLE based wearable devices.The framework is a module between the application layer and the GATT(Generic Attribute Profile)layer in the BLE architecture stack.When the framework starts,a client and a server can automatically and securely establish shared fresh keys following a designed protocol;the services of encrypting and decrypting messages are provided to the applications conveniently by two functions;application data are securely transmitted following another protocol using the generated keys.Prudential principles are followed by the design of the framework for security purposes.It can protect BLE based wearable devices from replay attacks,Man-in-The-Middle attacks,data tampering,and passive eavesdropping.We conduct experiments to show that the framework can be conveniently deployed with practical operational cost of power consumption.The protocols in this framework have been formally verified that the designed security goals are satisfied.
基金supported by the National Natural Science Foundation of China under Grant No.62072307。
文摘In the era of the Internet of Things,Bluetooth low energy(BLE/BTLE)plays an important role as a wellknown wireless communication technology.While the security and privacy of BLE have been analyzed and fixed several times,the threat of side-channel attacks to BLE devices is still not well understood.In this work,we highlight a side-channel threat to the re-keying protocol of BLE.This protocol uses a fixed long term key for generating session keys,and the leakage of the long term key could render the encryption of all the following(and previous)connections useless.Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices.In particular,we present successful correlation electromagnetic analysis and deep learning based profiled analysis that recover long term keys of BLE devices.We evaluate our attack on an ARM Cortex-M4 processor(Nordic Semiconductor nRF52840)running Nimble,a popular open-source BLE stack.Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces.Further,we summarize the features and limitations of our attack,and suggest a range of countermeasures to prevent it.
基金supported by the National Natural Science Foundation of China(Nos.61972085,62072103,62232004)the Jiangsu Provincial Key R&D Program(Nos.BE2021729,BE2022680,BE2022065-4)+3 种基金the Jiangsu Provincial Key Laboratory of Network and Information Security(No.BM2003201)the Key Laboratory of Computer Network and Information Integration of Ministry of Education of China(No.93K-9)the Collaborative Innovation Center of Novel Software Technology and Industrialization,the Fundamental Research Funds for the Central Universities,the CCF-Baidu Open Fund(No.2021PP15002000)the Future Network Scientific Research Fund Project(No.FNSRFP-2021-YB-02).
文摘With the rapid development of the Internet of Things(IoT),wireless technology has become an indispensable part of modern computing platforms and embedded systems.Wireless device fingerprint identification is deemed as a promising solution towards enhancing the security of device access authentication and communication process in the IoT scenario.However,the extraction of features from the network layer and its upper layers often confront restrictions from specific devices:the association with a certain wireless network and the access to the plaintext of the payload.Meanwhile,Bluetooth Low Energy(BLE)packets have been encrypted above the link layer,which makes those features difficult to extract.To tackle these problems,we introduce a novel method to identify BLE devices based on the fingerprint features in the data link layer.Initially,the BLE packets are collected through a receiver based on software-defined radio technology.Then,fields that reflect device differences in BLE broadcast packets are extracted through traffic analysis.Finally,a MultiLayer Perceptron(MLP)model is employed to recognize the category of BLE devices.An experimental result on a dataset with 15 types of BLE devices shows that the identification accuracy of the proposed method can reach 99.8%,which accomplishes better performance over previous work.
基金support from the European Union’s Horizon 2020 Research and Innovation Programme for project InComEss under Grant Agreement Number 862597.
文摘In the era of the Internet of Things(IoT),the ever-increasing number of devices connected to the IoT networks also increases the energy consumption on the edge.This is prohibitive since the devices living on the edge are generally resource constrained devices in terms of energy consumption and computational power.Thus,trying to tackle this issue,in this paper,a fully automated end-to-end IoT system for real time monitoring of the status of a moving vehicle is proposed.The IoT system consists mainly of three components:(1)the ultra-lowpower consumptionWireless SensorNode(WSN),(2)the IoT gateway and(3)the IoT platform.In this scope,a selfpoweredWSN having ultra-low energy consumption(less than 10 mJ),which can be produced by environmental harvesting systems,is developed.WSN is used for collecting sensors’measurements from the vehicle and transmitting them to the IoT gateway,by exploiting a low energy communication protocol(i.e.,BLE).A powerful IoT gateway gathers the sensors’measurements,harmonizes,stores temporary and transmits them wirelessly,to a backend server(i.e.,LTE).And finally,the IoT platform,which in essence is a web application user interface(UI),used mainly for almost real time visualization of sensors’measurements,but also for sending alerts and control signals to enable actuators,installed in the vehicle near to the sensors field.The proposed system is scalable and it can be adopted for monitoring a large number of vehicles,thus providing a fully automatic IoT solution for vehicle fleet management.Moreover,it can be extended for simultaneous monitoring of additional parameters,supporting other low energy communication protocols and producing various kinds of alerts and control signals.
文摘Indoor organization user activity’s (UA) direction detection monitoring system and also emergency prediction are major challenging tasks in the field of the typical body sensor and indoor fixed sensor networks. In this paper, indoor UA based direction detection monitoring system is achieved by the combination of both the orientation sensor and Bluetooth Low Energy (BLE) in user’s smartphones belonging to the Internet of Things (IoT). The orientation sensor senses the actual orientation of the user and BLE transmits the sensed BLE signals to monitoring system using star topology in IoT. In monitoring system, classification algorithm is used to identify the directions of the smartphone users. The emergency situation of the user is also predicted based on signal variation instantly in real time. The user activity’s signals are captured using LabVIEW toolkit then applied to various classification algorithms such asRF—91.42%, Ibk—90.55%, j48— 85.61%, K*—73.54% are the results obtained. An average of 85% was obtained in all the classifi- cation algorithims indicating the consistency and accuracy in detecting the directions of the users. RF was found to be the best among all the classification algorithms. IoT enabled devices have high demand in near coming future, moreover smartphones users increase day by day, hence implementing and maintaining the above said system would be much easier and cheaper compared to other conventional networks.
文摘This article presents an indoor infant monitoring system based on Android system which employs a low-cost Bluetooth Low Energy(BLE)pseudolite to accurately locate the infants in the activity indoors and timely remind the parents.It can achieve a positioning accuracy better than 2 m and effectively reduce the risk of injury to infants and young children.The performance of the proposed system,using false negative rate,false alarm rate,and alarm response time as indicators,is compared with that of the system using Quuppa as a positioning source.The experiment results show that both BLE pseudolite and Quuppa as a positioning source can basically meet the positioning accuracy for the infant monitoring system,but the BLE-pseudolite-based system provides a more cost-efficient solution.
基金supported by the National Natural Science Foundation of China(No.61171092)Jiangsu Educational Bureau Project(No.14KJA510004)NUPTSFs(Nos.NY215177 and NY217089)
文摘Owing to advanced storage and communication capabilities today, smart devices have become the basic interface between individuals and their surrounding environment. In particular, massive devices connect to one other directly in a proximity area, thereby enabling abundant Proximity Services(Pro Se), which can be classified into two categories: public safety communication and social discovery. However, two challenges impede the quick development and deployment of Pro Se applications. From the viewpoint of networking, no multi-hop connectivity functionality component can be directly operated on commercially off-the-shelf devices, and from the programming viewpoint, an easily reusable development framework is lacking for developers with minimal knowledge of the underlying communication technologies and connectivity. Considering these two issues, this paper makes a twofold contribution. First, a multi-hop mesh networking based on Bluetooth Low Energy(BLE) is implemented,in which a proactive routing mechanism with link-quality(i.e., received signal strength indication) assistance is designed. Second, a Pro Se development framework called BLE Mesh is designed and implemented, which can provide significant benefits for application developers, framework maintenance professionals, and end users. Rich application programming interfaces can help developers to build Pro Se apps easily and quickly. Dependency inversion principle and template method pattern allow modules in BLE Mesh to be loosely coupled and easy to maintain and update. Callback mechanism enables modules to work smoothly together and automation processes such as registration, node discovery, and messaging are employed to offer nearly zero-configuration for end users.Finally, based on the designed Pro Se development kit, a public safety communications app called Quote Send App is built to distribute emergency information in close area without Internet access. The process illustrates the easy usability of BLE Mesh to develop Pro Se apps.