Bluetooth Low Energy (BLE) is one of the most promising low-power, short-range wireless technologies, providing a standardized technology for creating mesh networks and enabling devices to communicate with each other with limited impact on the battery. BLE Mesh networks support a variety of features, including broadcast, unicast, and multicast messaging, allowing devices to communicate in a distributed and scalable manner. These networks enable a wide range of applications, from smart homes to industrial automation and asset tracking. In recent years, the BLE standard has introduced a new feature called ”Friendship” that allows nodes with limited battery power to pair with other Bluetooth devices that are responsible for caching their messages while they sleep. In this way, the BLE Friendship allows devices to share data without the need for a continuous connection, preserving the energy-saving capabilities of the network. However, recent literature has shown that this feature can be easily exploited by malicious agents in the network to either deny friendship or establish a permanent link between the attacker and the low-power node. In this paper, we review the current status of the security of the BLE Friendship, discussing what are the most dangerous threats, and analyzing their impact on the battery of low-power nodes. Therefore, we implement one of these threats, namely, the Clear Attack, over a smart sensor scenario to show its potential in affecting the battery life of the devices. Finally, we propose and implement a set of countermeasures and mitigations that can be integrated into the BLE standard to reduce the impact of such an attack and we prove their effectiveness in preserving the energy of low-power devices.

Friendship security analysis in bluetooth low energy networks / Lacava, Andrea; Locatelli, Pierluigi; Cuomo, Francesca. - (2023), pp. 83-92. (Intervento presentato al convegno 2023 21st Mediterranean Communication and Computer Networking Conference (MedComNet) tenutosi a Ponza; Italy) [10.1109/MedComNet58619.2023.10168876].

Friendship security analysis in bluetooth low energy networks

Lacava, Andrea
Primo
;
Locatelli, Pierluigi
Secondo
;
Cuomo, Francesca
Ultimo
2023

Abstract

Bluetooth Low Energy (BLE) is one of the most promising low-power, short-range wireless technologies, providing a standardized technology for creating mesh networks and enabling devices to communicate with each other with limited impact on the battery. BLE Mesh networks support a variety of features, including broadcast, unicast, and multicast messaging, allowing devices to communicate in a distributed and scalable manner. These networks enable a wide range of applications, from smart homes to industrial automation and asset tracking. In recent years, the BLE standard has introduced a new feature called ”Friendship” that allows nodes with limited battery power to pair with other Bluetooth devices that are responsible for caching their messages while they sleep. In this way, the BLE Friendship allows devices to share data without the need for a continuous connection, preserving the energy-saving capabilities of the network. However, recent literature has shown that this feature can be easily exploited by malicious agents in the network to either deny friendship or establish a permanent link between the attacker and the low-power node. In this paper, we review the current status of the security of the BLE Friendship, discussing what are the most dangerous threats, and analyzing their impact on the battery of low-power nodes. Therefore, we implement one of these threats, namely, the Clear Attack, over a smart sensor scenario to show its potential in affecting the battery life of the devices. Finally, we propose and implement a set of countermeasures and mitigations that can be integrated into the BLE standard to reduce the impact of such an attack and we prove their effectiveness in preserving the energy of low-power devices.
2023
2023 21st Mediterranean Communication and Computer Networking Conference (MedComNet)
bluetooth low energy; energy efficiency; mesh networks; network security
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Friendship security analysis in bluetooth low energy networks / Lacava, Andrea; Locatelli, Pierluigi; Cuomo, Francesca. - (2023), pp. 83-92. (Intervento presentato al convegno 2023 21st Mediterranean Communication and Computer Networking Conference (MedComNet) tenutosi a Ponza; Italy) [10.1109/MedComNet58619.2023.10168876].
File allegati a questo prodotto
File Dimensione Formato  
Lacava_Friendship Security Analysis_2023.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.37 MB
Formato Adobe PDF
1.37 MB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1696710
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 1
social impact