Important: Use custom search function to get better results from our thousands of pages

Use " " for compulsory search eg:"electronics seminar" , use -" " for filter something eg: "electronics seminar" -"/tag/" (used for exclude results from tag pages)


Tags: Security, Network, Bluetooth, Bluetooth Network Security,
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Bluetooth Network Security
#1

Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. Wireless local area network (WLAN) devices, for instance, allow users to move their laptops from place to place within their offices without the need for wires and without losing network connectivity.

Ad hoc networks, such as those enabled by Bluetooth, allow users to:

 Data synchronization with network systems and application sharing between devices.

 Eliminates cables for printer and other peripheral device connections.

 Synchronize personal databases.

 Provide access to network services such as wireless e-mail, Web browsing, and Internet access.

However, risks are inherent in any wireless technology. The loss of confidentiality and integrity and the threat of denial of service (DoS) attacks are risks typically associated with wireless communications. Specific threats and vulnerabilities to wireless networks and handheld devices include the following:

 All the vulnerabilities that exist in a conventional wired network apply to wireless technologies.

 Malicious entities may gain unauthorized access to an agency‟s computer network through wireless connections, bypassing any firewall protections.

 Sensitive information that is not encrypted (or that is encrypted with poor cryptographic techniques) and that is transmitted between two wireless devices may be intercepted and disclosed.

 Sensitive data may be corrupted during improper synchronization.

 Data may be extracted without detection from improperly configured devices.

Security Aspects in Bluetooth

The Bluetooth-system provide security at two level-
 At Link layer
 At Application layer

Link layer security



Four different entities are used for maintaining security at the link layer: a Bluetooth device address, two secret, keys, and a pseudo-random number that shall be regenerated for each new transaction.

The four entities and their sizes are summarized in Table-





L2CAP: enforce security for cordless telephony.

RFCOMM: enforce security for Dial-up networking.

OBEX: files transfer and synchronization.

The encryption key in Bluetooth changes every time the encryption is activated, the authentication key depends on the running application to change the key or not. Another fact regarding the keys is that the encryption key is derived from the authentication key during the authentication process. The time required to refresh the encryption key is 228 Bluetooth clocks which is equal to approx. 23 hours. RAND or the random number generator is used for generating the encryption and authentication key. Each device should have its own random number generator. It is used in pairing (the process of authentication by entering two PIN-codes) for passed keys in the authentication process.

Security modes in Bluetooth

In Bluetooth there are three security modes which are:

 Mode 1: Non-secure.
 Mode 2: Service level security

Trusted device
Un-trusted devices
Unknown devices
 Mode 3: Link level.

The trusted device is a device that has been connected before, its link key is stored and it‟s flagged as a trusted device in the device database. The un-trusted devices are devices that have also previously connected and authenticated, link key is stored but they are not flagged as a trusted devices.

The unknown devices are the devices that have not connected before. In Bluetooth service level we have three type of service in regard to the security:

 Services that need authentication and authorization: this is automatically granted to the trusted devices but for the un-trusted devices manual authentication is required.

 Services that need authentication only: in this case the authorization process is not necessary.

Attack Tools & Programs

 Hardware Used: Dell XPS, Nokia N95, Nokia 6150, Hp IPAQ HX2790b.

 Operating Systems: Ubuntu, Backtrack, Windows Vista, Symbian OS, windows mobile.

 Software used: Bluebugger, Bluediving, Bluescanner, Bluesnarfer, BTscanner, Redfang, Blooover2, Ftp_bt.

 Dell laptop with windows vista to be broken into and for scanning then with Linux to attempt attacks. Pocket pc for being attacked, and one mobile for attacking one for being attacked.
Reply
#2
Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity and lower installation costs. Wireless local area network (WLAN) devices for example, allow users to move their laptops from one place to another within their offices without the need for cables and without losing network connectivity.

Ad hoc networks, such as those enabled by Bluetooth, allow users to:

 Data synchronization with network systems and application sharing between devices.

 Eliminates cables for printers and other peripheral device connections.

 Synchronize personal databases.

 Provide access to network services such as wireless e-mail, web browsing and Internet access.

However, the risks are inherent in any wireless technology. Loss of confidentiality and the integrity and threat of Denial of Service (DoS) attacks are the risks typically associated with wireless communications. The specific threats and vulnerabilities for wireless networks and handheld devices are as follows:

 All vulnerabilities that exist in a conventional wired network apply to wireless technologies.

 Malicious entities can gain unauthorized access to an agency's computer network through wireless connections, avoiding any firewall protection.

 Sensitive information that is not encrypted (or encrypted with poor cryptographic techniques) and transmitted between two wireless devices may be intercepted and reported.

 Confidential data may be corrupted during incorrect synchronization.

 Data can be extracted without detection of incorrectly configured devices.
Reply


[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Advance Data Communication network seminar surveyer 1 4,875,557 20-09-2017, 03:59 PM
Last Post: jaseela123
  ATM Security ppt project girl 1 831 20-09-2017, 12:10 PM
Last Post: jaseela123
  Generations of Network: 1G, 2G, 3G, 4G, 5G project uploader 1 5,732 19-09-2017, 10:15 AM
Last Post: jaseela123
  Network Interface Cards PPT seminar flower 1 1,236 18-09-2017, 04:58 PM
Last Post: jaseela123
  Link Estimation and Routing in Sensor Network Backbones: Beacon-based or Data-driven uploader 1 3,244 15-09-2017, 03:06 PM
Last Post: jaseela123
  Transport Layer Security (TLS) Extensions seminar ideas 1 1,335 14-09-2017, 12:17 PM
Last Post: jaseela123
  Bluetooth Security Report study tips 1 689 12-09-2017, 12:40 PM
Last Post: jaseela123
  Seminar Report on Bluetooth seminar flower 1 10,551 07-09-2017, 10:24 AM
Last Post: jaseela123
  Radio Network Controller presentation Abstract 1 261 06-09-2017, 11:03 AM
Last Post: jaseela123
  Bluetooth Technology project uploader 1 3,259 06-09-2017, 09:55 AM
Last Post: jaseela123
This Page May Contain What is Bluetooth Network Security And Latest Information/News About Bluetooth Network Security,If Not ...Use Search to get more info about Bluetooth Network Security Or Ask Here

Options: