Eavesdropping in Bluetooth networks

Abstract
Bluetooth snooping means the unauthorized accessing and monitoring of the communications of
Bluetooth. This usually done via specialized software and hardware tools, which arrest and examine
Bluetooth traffic. Bluetooth snooping can be used to find sensitive information concerning personal
data, user credentials, and financial data, as well as in directing certain attacks on Bluetooth-enabled
devices. Safety measures should be taken to deter Bluetooth eavesdropping, and it is recommended
that the computers must use robust encryption and authentication practices when paired together.
Moreover, Bluetooth-enabled devices must be kept in no discoverable mode when not in use. Besides
that, one must remain cautious about unauthorized devices and their presence around, as well as
never pair up with an unknown device. The study shall conclude how easily the networks are to be
hacked using Bluetooth, after which anyone can then interrupt conversations. This study examines the
vulnerability of Bluetooth networks to hacking, its consequences, and the risks it poses to national and
enterprise networks, with the goal of discussing prevention schemes.

1.Introduction:
Bluetooth is a technical standard that permits electronic devices to wirelessly communicate over a
short distance with other devices. The Bluetooth SIG or Special Interest Group launched the Bluetooth
1.0 standards in 1999. During the first decade of the protocol, around two billion Bluetooth
empowered items were released [1]. However, Bluetooth is the only technology in the market. ZigBee
is a wireless standard introduced in 2005. Its regulation is sustained by the ZigBee Alliance. It permits
for radio transmissions over larger distances-in general, up to 100 meters-and at the same time
decreases power consumption [2]. Bluetooth is utilized in consumer electronics. Without Bluetooth, it
would be very hard to see how a smartphone or tablet, let alone a laptop, would be. Bluetooth
devices can be classified into three classes: Class I, II, and III. Table 1: Breakdown and comparison of
the three major power classes used to describe Bluetooth devices. If two devices each from separate
class paired, then the maximum distance over which the two devices can communicate depends upon
the one that is limited to a shorter range [3].

Table 1: Classes of Bluetooth devices. Source: SANS Technology institute [3]

Bluetooth has attained much popularity, every IoT device and smartphone is utilizing Bluetooth
technology. So, it appeals the hackers to make an attack on Bluetooth devices. Those who want
to share files, audio, and other things create connection to primary devices, and both the
devices send an address known as BD_ADDR. As Bluetooth became trend, it also influenced the
hackers, who wanted to utilize the technology as a means for breaking into devices and
publicize various on-air attacks. A BD_ADDR is an address that is conveyed from a Bluetooth
device during data transmission to another device so that the other device may detect and
connect for file/sharing and other means such as phonebook access. Even today it's easy to
snoop using devices like a Car whisperer. A proper hardware setup is required for a revolution to
appear in the system [4]. Every midway device on a network between a sender and a receiver
does have any possibility of eavesdropping attack. [5].
The facility of Bluetooth to maximize both active and passive eavesdropping makes it a popular
form of network interruption. Masquerading himself, Bluetooth Hacker can eavesdrop. On
passive eavesdropping, the hacker "listens" to Bluetooth data. The network security
administrator advises on encryption of devices, informing, and monitoring malware in the
network. Therefore, in the research paper, I would be studying previous literature on Bluetooth
eavesdropping and other attacks by attackers. After studying, I would formulate some proposals
for risk assessment and mitigation to minimize such susceptibilities. Bluetooth Protocol Stack is
a group of software and hardware that cooperates to carry out unaffected protocols based on
the standard, which explains how numerous devices should communicate with each other.
•Bluetooth Radio: a network of wireless devices that conduct communications through radio
waves and hopping frequencies.
•Baseband: Piconet-related issues include establishment of a connection, addressing, packet
format, timing, and power management.
Link manager protocol (LMP): This protocol is responsible for connection setup and
configuration among Bluetooth devices. It can also control and convey the size of the baseband
packet.
Figure 1. Bluetooth protocol stack [31]

• L2CAP-Logical link control and adaptation protocol: It modifies the protocols from the higher
layers according to the baseband requirements. It provides connectionless services in addition
to connection-oriented services.
• SDP-service discovery protocol: This is the protocol for transferring data between Bluetooth
devices regarding device information, service requests, feature queries.
• Host Controller Interface-HCI: HCI provides a command interface to interconnect with the
Bluetooth device to utilize its functionality. Its command interface is interfaced to the Baseband
controller and to the link manager.
• TCS BIN Telephony Control Service: a binary protocol to control B.T. communications-voice and
data.
• OBEX - OBject Exchange: a source of permitting the transfer of binary objects between devices
using a communications protocol.
• RFCOMM: A simple transport protocol offering simulation of RS232 serial ports using L2CAP
• WAE/WAP: safeguards information against eavesdropping by restricting access to only
authorized devices.
1.1 Bluetooth Protocol:
The Bluetooth protocol, also known as IEEE 802.15.1, is a way of wireless communication that is
intended to work in the ISM band of 2.4 GHz and has a short range up to 100 meters [6, 8]
Bluetooth technology operates in a Master/Slave architecture and uses FHSS to communicate
over 79 different frequencies as we know that FHSS is very effective to counter eavesdropping.
By connecting up to seven slave devices to a single master, a Piconet can be shaped. In figure 1,
it can be seen that a slave device can perform as a component of more than one Piconet to
form a scatter net. The BD ADDR is the physical address used in recognizing each Bluetooth
device in a Piconet.

Figure 2:Piconet[32]

When hardware connects to a Bluetooth network, it instantly starts several types of operation.
These range from low-power state-like park, hold, and sniff to full activity forms like TxRx and
Inquire. Figure 2: State transition machine followed as observed by devices working within the
Bluetooth network.
Figure 3: Bluetooth state transition diagram [32].

1.2 Bluetooth Security Features

There are five critical safety measure described below:
•Authentication:
Connecting Bluetooth devices must utilize their addresses in order to validate the legitimacy of
the said devices. It is notable that Bluetooth does not have any inbuilt authentication
mechanism for the users.
•Confidentiality: Access to sensitive data should not be given to snoopers except to those
cleared for such access: [33].
•Authorization: There should be a check to regulate whether a device is granted permission for
the use of a service before permission is allowed to do said service [33].
•Message Integrity: authentication of a Bluetooth communication to guarantee it has not been
interfered with while in transport [33].
 Pairing/Bonding: To establish one reliable device pair, creating and storing one or more secret
keys is required to do so [33].
3. Literature Review
Deploying Bluetooth is not complicated but there are a few concerns regarding this technology.
The eavesdropping is a security risks which may occur when Bluetooth headsets are used. The
technology has been altered several times, yet hackers know their way to break it [7]. In
eavesdropping, attackers use to listen to the data in transfer across the network. This allows
them to even access credit card numbers, passwords, and personal information [8]. There are
two ways of eavesdropping attacks, one is passive and other is active eavesdropping. In active
eavesdropping, an attacker conceals his identity, thereby imagining to be a site from which
users would normally disclose private information [8]. Passive eavesdropping can easily turn
into an active Man-in-the-Middle attack, in which hacker listen to the transmission and interrupt
and alter its contents [9]. Users still unaware of the security risks of this technology. The
attacker hacks all mobile network services using unauthorized means, including texting,
downloading multimedia, and calling. This may be used to cover up some terrorist attack. The
theft of services empowers hackers to turn the mobile into a hacking device to eavesdrop on
whatever conversations, recording them too [10]. The threat can be minimized, if not using you
should switch it off and stop buying devices using the Bluetooth 1. x,2.0, or 4.0-LE [11]. As cited
by Adam Laurie of A.L. Digital Ltd. discovered the security bug in the Bluetooth-enabled mobile
devices; he launched it "Bluebug." Bluebugging is a form of attack which access through seeing
any susceptibility in Bluetooth connection. "Blue bugging" can permit a hacker to hijack your
calls and read and send messages and steal your contact list. Other one is Pin Cracking method,
which is algebra based where an attacker can locate the P.I.N. during the pairing device process,
with the help of an algebra solution cryptographic primitive SAFER [13].

4.Technical background on the vulnerability

In table 2, I have presented the classification of Bluetooth attacks with the severity. Based on
their severity, these attacks categorized as either "high," "middle," or "low.". In "High" attack
level attacker has full control over the attacked device, and may exfiltrate the data from the
memory or external storage, or edit it, or even delete it. In case of "Medium" severity, attackers
can snip data and get back whatever information they want from the besieged device during
Bluetooth data transmission. Low-severity attacks follow, monitor, or irritate the target.

Table 2: Security Of Bluetooth attacks

4.1Man in the Middle
Attackers create fake access points to gain illegal access. They sniff communication, alter data
as shown in Fig. 6. And interrupt connections, convincing victims nothing is wrong. This "Man in
the middle" attack utilizes pairing defects, allowing attackers to intercept information. Another
importance of defects in pairing is the attack, where one device, although it aims to be paired
with another device, pairs with a different one indeed [16][17].
Figure 4: MITM Attack[14]

4.2Relay Attack: In this kind of attack, an attacker initially interrupts legitimate

communication packets and then, later on, re-communicates those packets to cause harm.
Firstly, the attacker must connect the two fake devices with both victims’ devices and
communicate. The victims think that they are talking to each other but actually not. In this way
the attackers get information from both victims and remain undetected. The term "Relay attack"
is used interchangeably with "Reflection attack." The victim devices are constantly provided
feedback from the attacking devices that listen in on the conversation.
4.3 Bluejacking:
Hacker sends unwanted messages or business cards to nearby Bluetooth-enabled devices. This
is not detrimental but can be used to utilize access to the device for future attacks.
4.4 Bluesnarfing: Hacker uses Bluetooth sniffer to scan and connect to nearby Bluetooth
devices and then tries to exact valued information from the device.
4.5 Bluebugging: this is whereby the hacker has accessed a Bluetooth-enabled device
without authorization and can control it remotely.
5. Risk Assessment
There are many ways that hackers get into the Bluetooth networks and snoop.
In the last section of this paper, we discussed some of the Bluetooth weaknesses that result in
susceptibilities. These can be operated by an attacker to gain control of your smartphone and
use it for information theft. A risk assessment and management plan can be considered while
individuals use the right strategies and measures to curtail threats to Bluetooth networks.
From the earlier chapter, we have originated two types of eavesdropping incidents where a
hacker can go for one-to-one or over a network where numerous users are connected or to
specific apps. During One-to-one connection the hackers may snoop the chat or record if the
user has provided any personal information during communication such as passwords, bank
data, company secrets etc. Now the user is at a defenseless position where a hacker could steal
their money by identity theft. A hacker could impersonate the user if the Hacker matches the
user's behavior or security measures. It is harmfully affecting the network in the areas where
Bluetooth-enabled Internet of Things devices were found. Since the introduction of the
technology Internet of Things, but still issue over gigantic data. All the communication that
occurred between the user and the application is verified for future use to make devices more
operative.
The same way, letting a gadget to fully understand what is demanded from its users by
instructions provided. However, hackers within range can access the data recorded on the
computers and use to fake themselves since the gadget is part of a personal area network and
has Bluetooth enabled. Thus, the device can identify the attackers as the main user and will give
permission to manipulate the security settings connected with the device. Thus, the entire
system connected with same IoT is under the hacker attack but some deployed measures can
make the Bluetooth safe for users.

The most efficient way is secure simple pairing SSP and improved passkey entry protocol [26,
27]. They mostly paired by the earlier way of pin-based pairings. The source device would come
up with a random number and would send it to the destination device by using the conforming
pin. Bluetooth 2.1 standard presented an improvement known as secure, simple pairing SSP.
However, the devices have a static pin that the user or the moderator cannot operate, neither
can they be changed. These PIN's are further transformed to link keys with the help of LMP
pairing key generation technique. This process also has limits. The created PIN usually includes
four to eight numbers. Numerous easily cracked PIN codes may be created from a random
combination of the available options. It is also easy to find the 16-bit random digits used as link
keys to pair the devices. The link key can be used in only 2128 different ways. With this kind of
easy pairing, public key cryptography exchanges the PIN [28].
Another study offered a comparison in security analysis for SSP with their planned protocol SSP-
APKE-DECE (Secure, simple pairing with authenticated public key exchange and delayed
encrypted capability exchange). It presents that SSP-APKE-DECE has far better security levels
[29]. DH key: the new connection key made by the new pairing process. It is composed of a
random number of 192 bits and private and public keys. During pairing, only the public key is
shown; the private key remains concealed. After the primary connection, that will only be
shared between the two devices. Anything based on a public key will not provide for an
allowance in finding the determination of the private key. Communication can happen when all
the keys at the source device match with the keys of the destination device. However, there are
areas where this protocol of passkey entry will disobey. Due to lack of common certification, the
two devices are communicating using the same key. If there is a certificate available, it requires
to be checked online, but Bluetooth is a private network and shall not connect to the internet.
Therefore, the keys might be exposed in a man-in-the-middle exchange. Because of this fact, DH
Key offers four authentication schemes. These devices are proposed by the "Just Works"
principle and do not have display and user input. The "Numerical Comparison" model is for
devices that have displays but not much else; the "Out of Band" model is for devices that can
communicate each other over other wireless channels, and the "Passkey Entry" model is for
devices that don't have displays but can still enter passcodes [9]. These methods include
preventing use of private connections, upgrading the software, disguising device connectivity by
pairing, and keeping the security of your PIN [22]. Even when a device is not on a Bluetooth
connection, you could still be spied upon. Sometimes the attacker may be able to listen all that
is going on around the victim using their tablet or phone microphone. The most direct way of
improving security and preventing eavesdropping are by turning off Bluetooth and making your
devices invisible in search results. Better Business Bureau recommends altering your default
Passcode- most are "0000." Create an eight-character password to protect your account. This
option is positioned differently according to the model and the manufacturer; on the Epson
printers, for example, it is located in the "Bluetooth Settings" section of the "Setup" menu,
under the "Bluetooth" heading. Thirdly, even the manufacturers of Bluetooth technology have
also apprehended the need for added security and are determined to create more effective
means of data protection for their clients [22]. In addition, the "Just Works" security model in
S.S.P should also be prevented as it does not defend against the MITM attacks [23]. The
researcher also recommended a Bluetooth firewall, which can be utilized to block unauthorized
Bluetooth connections in order to protect against eavesdropping [25,30]. As it is shown in
Figure 7, the Bluetooth Firewall has to protect the second protocol layer host-side Bluetooth
protocol stack RFCOMM protocol. By the protection of this protocol, it is possible to filter all the
connections using OBEX or TCP or designed for the conveying of AT commands.

Figure 5: Bluetooth protocol stack with firewall[25]

7. Recommendation
As mentioned earlier, Bluetooth snooping happened due to some technical flaws. When these
attacks came into the notice of mobile companies or other firms, they tried to fix it by launching
updates of Bluetooth software. When pin verification was induced for the first-time encryption
made communication absolutely secure. As we know, the earlier pairing method of the device
was highly vulnerable, and incidence of eavesdropping by using different devices is easy. The
above-defined process is the Bluetooth device's security level one. Later on, three more pairing
processes were introduced. Following level one, in second level of security P.I.N. is always
required to connect two devices. However, this was not fully perfect but it reduces some of the
risks. The third tier of security is based upon the idea of exchanging of security codes. This is
quite fast process it reduces all the loopholes in the pairing for preventing any breach in security.
However, defective and poorly designed software may make this process insecure. One should
always be active in protection and think one step ahead. In order to protect, default setup is,
needed to be changed to a customized setup. Moreover, i would like to suggest a few proposals
that every user should follow, and they are as follows:

Conclusion
No doubt, Bluetooth now become the most widespread and efficient medium of wireless for
data exchange. In this paper, I have explained the security flows of Bluetooth networks, how
eavesdropping can happen. Most of the users are unaware about this kind of security threat;
hence most Bluetooth attacks remain undetected. The Bluetooth special interest group projects
that by the end of 2023, more than 400 million devices with Bluetooth-enabled location
services will be in use. Therefore, as much area will be under the privilege of wireless data
exchange market, it will require efficient research efforts to secure such devices against
cybercriminals.

References
[1]. Britannica, The Editors of Encyclopaedia. "Bluetooth". Encyclopedia Britannica, 22
Aug.2022,https:// www.britannica.com/technology/Bluetooth.Accessed 11 November 2022.
[2]. Nguyen, Tuan C. "Who Invented Bluetooth?" ThoughtCo, Feb. 13, 2021,
thoughtco.com/who-invented-bluetooth4038864.
[3]. Bluetooth Insight (2008) Bluetooth Power
Classes.http://bluetoothinsight.blogspot.com/2008/01/ bluetooth-power-classes.html
[4]. McMillan, R. (2005) 'car whisperer' puts hackers in the driver's seat, Computerworld. I.D.G.
News Service Available at: https://www.computerworld.com/ article/2557329/-car-whisperer--
puts-hackers-in-thedriver-s-seat.html (Accessed: November 12, 2022).
[5]. Lonzetta, A., Cope, P., Campbell, J., Mohd, B. & Hayajneh, T. (2018). Security Vulnerabilities
in Bluetooth Technology as Used in IoT. Journal of Sensor and Actuator Networks. [Online]. 7
(3). p.p. 28. Available from:http://dx.doi.org/10.3390/jsan7030028.
[6]. Peterson, A. (2021) Yes, terrorists could have hacked Dick Cheney's heart, The Washington
Post. W.P. Company. Available at: https://www.washingtonpost.com/
news/the-switch/wp/2013/10/21/yes-terroristscould-have-hacked-dick-cheneys-heart/
(Accessed: November 12, 2022).
[7]. STEINBERG, J.O.S.E.P.H. (2015) Why your bluetooth devices aren't as secure as you think |
inc.com, Why Your Bluetooth Devices Arenot as Secure as You Think. Available at:
https://www.inc.com/joseph-steinberg/ are-your-bluetooth-devices-secure-maybe-not.html
(Accessed: November 12, 2022).
[8]. Espinosa, C. 2018. The 8 Most Common Cyber Attacks and How to Stop Them. Available at:
https://www.alpinesecurity.com/blog/the-8-mostcommon-cyber-attacks-and-how-to-stop-
them/ [Accessed: 12 November 2022].
[9]. T. Melamed, "An active man-in-the-middle attack on bluetooth smart devices," International
Journal of Safety and Security Engineering, vol. 8, no. 2, pp. 200–211, Feb. 2018, doi:
10.2495/SAFE-V8-N2-200-211.
[10]. Alfred Loo. 2009. Technical opinion Security threats of smart phones and Bluetooth.
Commun. A.C.M. 52, 3 (March 2009), 150–152. https://doi.org/ 10.1145/1467247.1467282
[11]. Bluetooth attacks and how to secure your Mobile Device (no date) Webroot. Available at:
https://www.webroot.com/gb/en/resources/tipsarticles/a-review-of-bluetooth-attacks-and-
how-tosecure-mobile-workforce-devices (Accessed: November 12, 2022).
[12]. Bahar, Z. (2021) How dangerous are bluebugging attacks?, NordVPN. Available at:
https://nordvpn.com/blog/bluebugging/ (Accessed: November 12, 2022).
[13]. Shaked, Yaniv & Wool, Avishai. (2005). Cracking the Bluetooth P.I.N. Proceedings of the 3rd
International Conference on Mobile Systems, Applications, and Services, MobiSys 2005. 39-50.
10.1145/1067170.1067176.
[14]. Hassan, S.S. et al. (2018) "Security threats in bluetooth technology," Computers & Security,
74, pp. 308–322. Available at: https://doi.org/10.1016/ j.cose.2017.03.008.
[15]. Herfurt M, Mulliner C. Bluetooth security vulnerabilities and bluetooth projects,Web page;
2005. Available from: http://trifinite.org/trifinite_stuff.html. [Accessed November 13,2022. [16].
Phan, R.C.W. and Mingard, P., 2012. Analyzing the camp secure simple pairing in Bluetooth v4. 0.
Wireless Personal Communications, 64(4), pp.719-737.
[17]. Sandhya, S. and Devi, K.S., 2012, November. Contention for man-in-the-middle attacks in
Bluetooth networks. In 2012 Fourth International Conference on Computational Intelligence
and Communication
[18]. Syverson, P., 1994, June. A taxonomy of replay attacks [cryptographic protocols]. In
Proceedings The Computer Security Foundations Workshop VII (pp. 187-191). IEEE.
[19]. Nilsson, D.K., Porras, P.A. and Jonsson, E., 2007, September. How to secure bluetooth-
based pico networks. In International Conference on Computer Safety, Reliability, and Security
(pp. 209-223). Springer, Berlin, Heidelberg.
[20]. Carettoni, L., Merloni, C. and Zanero, S., 2007. Studying bluetooth malware propagation:
The bluebag project. IEEE Security & Privacy, 5(2), pp.17-25.
[21]. P. Cope, J. Campbell and T. Hayajneh, "An investigation of Bluetooth security
vulnerabilities," 2017 IEEE 7th Annual Computing and Communication Workshop and
Conference (C.C.W.C.), 2017, pp. 1-7, doi: 10.1109/CCWC.2017.7868416.
[22]. Labib, M., Ghalwash, A., Abdulkader, S. and Elgazzar, M., 2019. Networking solutions for
connecting bluetooth low energy devices-a comparison. In M.A.T.E.C. web of conferences (Vol.
292, p. 02003). EDP Sciences.
[23]. Kaur, S., 2013. How to secure our Bluetooth insecure world! Pushing frontiers with the first
lady of emerging technologies. I.E.T.E. Technical Review, 30(2), pp.95-101.
[24]. Wright, Joshua. "I can hear you now" -eavesdropping on Bluetooth headsets. Joshua. Will
Hack For SUSHI. [Online] 10 8, 2007. [Cited: 7 4,2011.]
http://www.willhackforsushi.com/presentations/icanh earyounow-sansns2007.pdf
[25]. J. Alfaiate and J. Fonseca, "Bluetooth security analysisfor mobile phones," 7th Iberian
Conference on Information Systems and Technologies (C.I.S.T.I. 2012), 2012, pp. 1-6.
[26]. S. S. Madugula, and R. Wei, "An Enhanced Passkey Entry Protocol for Secure Simple
Pairing in Bluetooth," ArXiv, 2021. [Online]. Available: https://arxiv.org/pdf/ 2101.09381.pdf
 [27]. D. Z. Sun, and L. Sun, "On Secure Simple Pairing in Bluetooth Standard v5.0-Part I:
Authenticated Link Key Security and Its Home Automation and Entertainment Applications,"
Sensors, vol. 19, no. 5, pp. 1150, Dec.2019.
[28]. K.. Sairam, N. Gunasekaran and S. Rama Reddy, (2002, June)."Bluetooth in wireless
communication", IEEE Communications Magazine, vol. 40, no. 6, pp. 90-96.
[29]. S. Gajbhiye, S. Karmakar, M. Sharma, and S. Sharma, "Bluetooth Secure Simple Pairing with
enhanced security level," Journal of Information Security and Applications, vol. 44, pp. 170–183,
Feb. 2019, doi: 10.1016/j.jisa.2018.11.009.
[30]. Pandey, T.; Khara, P. Bluetooth Hacking and its Prevention. L & T Technology Services.
Available online: http://www.larsentoubro.com/media/27618/bl uetooth-hacking-and-its-
prevention-2014.pdf (accessed on 19 December 2022).
[31]. Trishna Panse and Prashant Panse, "A Survey on Security Threats and Vulnerability attacks
on Bluetooth Communication" ISSN: 0975-9646.
[32]. S. Satam, P. Satam and S. Hariri, "Multi-level Bluetooth Intrusion Detection System," 2020
IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA), 2020,
pp. 1-8, doi: 10.1109/AICCSA50499.2020.9316514.
[32]. S. Satam, P. Satam and S. Hariri, "Multi-level Bluetooth Intrusion Detection System," 2020
IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA), 2020,
pp. 1-8, doi: 10.1109/AICCSA50499.2020.9316514.
[33]. Padgette, J. , Bahr, J. , Batra, M. , Smithbey, R. , Chen, L. and Scarfone, K. (2022), Guide to
Bluetooth Security, Special Publication (NIST SP), National Institute of Standards and Technology,
Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-121r2-upd1,
https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id =934038 (Accessed December 14,
2022)