Important: Use custom search function to get better results from our thousands of pages

Use " " for compulsory search eg:"electronics seminar" , use -" " for filter something eg: "electronics seminar" -"/tag/" (used for exclude results from tag pages)


Tags: Security, Network, Bluetooth, Bluetooth Network Security,
 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Bluetooth Network Security
Post: #1

Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. Wireless local area network (WLAN) devices, for instance, allow users to move their laptops from place to place within their offices without the need for wires and without losing network connectivity.

Ad hoc networks, such as those enabled by Bluetooth, allow users to:

 Data synchronization with network systems and application sharing between devices.

 Eliminates cables for printer and other peripheral device connections.

 Synchronize personal databases.

 Provide access to network services such as wireless e-mail, Web browsing, and Internet access.

However, risks are inherent in any wireless technology. The loss of confidentiality and integrity and the threat of denial of service (DoS) attacks are risks typically associated with wireless communications. Specific threats and vulnerabilities to wireless networks and handheld devices include the following:

 All the vulnerabilities that exist in a conventional wired network apply to wireless technologies.

 Malicious entities may gain unauthorized access to an agency‟s computer network through wireless connections, bypassing any firewall protections.

 Sensitive information that is not encrypted (or that is encrypted with poor cryptographic techniques) and that is transmitted between two wireless devices may be intercepted and disclosed.

 Sensitive data may be corrupted during improper synchronization.

 Data may be extracted without detection from improperly configured devices.

Security Aspects in Bluetooth

The Bluetooth-system provide security at two level-
 At Link layer
 At Application layer

Link layer security



Four different entities are used for maintaining security at the link layer: a Bluetooth device address, two secret, keys, and a pseudo-random number that shall be regenerated for each new transaction.

The four entities and their sizes are summarized in Table-





L2CAP: enforce security for cordless telephony.

RFCOMM: enforce security for Dial-up networking.

OBEX: files transfer and synchronization.

The encryption key in Bluetooth changes every time the encryption is activated, the authentication key depends on the running application to change the key or not. Another fact regarding the keys is that the encryption key is derived from the authentication key during the authentication process. The time required to refresh the encryption key is 228 Bluetooth clocks which is equal to approx. 23 hours. RAND or the random number generator is used for generating the encryption and authentication key. Each device should have its own random number generator. It is used in pairing (the process of authentication by entering two PIN-codes) for passed keys in the authentication process.

Security modes in Bluetooth

In Bluetooth there are three security modes which are:

 Mode 1: Non-secure.
 Mode 2: Service level security

Trusted device
Un-trusted devices
Unknown devices
 Mode 3: Link level.

The trusted device is a device that has been connected before, its link key is stored and it‟s flagged as a trusted device in the device database. The un-trusted devices are devices that have also previously connected and authenticated, link key is stored but they are not flagged as a trusted devices.

The unknown devices are the devices that have not connected before. In Bluetooth service level we have three type of service in regard to the security:

 Services that need authentication and authorization: this is automatically granted to the trusted devices but for the un-trusted devices manual authentication is required.

 Services that need authentication only: in this case the authorization process is not necessary.

Attack Tools & Programs

 Hardware Used: Dell XPS, Nokia N95, Nokia 6150, Hp IPAQ HX2790b.

 Operating Systems: Ubuntu, Backtrack, Windows Vista, Symbian OS, windows mobile.

 Software used: Bluebugger, Bluediving, Bluescanner, Bluesnarfer, BTscanner, Redfang, Blooover2, Ftp_bt.

 Dell laptop with windows vista to be broken into and for scanning then with Linux to attempt attacks. Pocket pc for being attacked, and one mobile for attacking one for being attacked.
Post: #2
Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity and lower installation costs. Wireless local area network (WLAN) devices for example, allow users to move their laptops from one place to another within their offices without the need for cables and without losing network connectivity.

Ad hoc networks, such as those enabled by Bluetooth, allow users to:

 Data synchronization with network systems and application sharing between devices.

 Eliminates cables for printers and other peripheral device connections.

 Synchronize personal databases.

 Provide access to network services such as wireless e-mail, web browsing and Internet access.

However, the risks are inherent in any wireless technology. Loss of confidentiality and the integrity and threat of Denial of Service (DoS) attacks are the risks typically associated with wireless communications. The specific threats and vulnerabilities for wireless networks and handheld devices are as follows:

 All vulnerabilities that exist in a conventional wired network apply to wireless technologies.

 Malicious entities can gain unauthorized access to an agency's computer network through wireless connections, avoiding any firewall protection.

 Sensitive information that is not encrypted (or encrypted with poor cryptographic techniques) and transmitted between two wireless devices may be intercepted and reported.

 Confidential data may be corrupted during incorrect synchronization.

 Data can be extracted without detection of incorrectly configured devices.
 


[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  microcontroller based locker security system with auto alerting and punishment system Guest 0 0 26-03-2019 02:56 AM
Last Post: Guest
  INFORMATION SECURITY PRINCIPLESANDPRACTICE project uploader 5 2,547 24-11-2018 10:51 PM
Last Post: Guest
  network analysis book engineering 3rd semester by pm chandrashekaraiah pdf Guest 0 0 21-10-2018 06:37 AM
Last Post: Guest
  download full seminar report and ppt on quadrics interconnection network Guest 0 0 10-08-2018 07:30 PM
Last Post: Guest
  quadrics interconnection network ppt Guest 0 0 30-07-2018 03:12 PM
Last Post: Guest
  quorum a 160 security monitor manual Guest 0 0 08-04-2018 04:54 AM
Last Post: Guest
  multiple routing configuration for fast ip network recovery ppt Guest 0 0 03-04-2018 11:41 AM
Last Post: Guest
  Biometrics Security System Full Download Seminar Report and Paper Presentation computer science crazy 29 170,217,894 08-01-2018 05:23 PM
Last Post: Raymondnof
  ATM network implementation based controlling of cac connection admission pdf Guest 1 0 08-01-2018 11:38 AM
Last Post: dhanabhagya
  iscsi future of network storage abstract ppt doc Guest 1 0 08-01-2018 10:32 AM
Last Post: dhanabhagya
This Page May Contain What is Bluetooth Network Security And Latest Information/News About Bluetooth Network Security,If Not ...Use Search to get more info about Bluetooth Network Security Or Ask Here

Options: