TY - JOUR
T1 - Improving compliance with bluetooth device detection
AU - Davies, Martin
AU - Furey, Eoghan
AU - Curran, Kevin
N1 - Publisher Copyright:
© 2019 Universitas Ahmad Dahlan.
PY - 2019/10
Y1 - 2019/10
N2 - The number of devices containing Bluetooth chipsets is continuing to rise and there exists a need to stem the tidal wave of vulnerabilities brought by the Bring Your Own Device (BYOD) and Internet of Things (IoT) phenomena. With Bluetooth enabled but discovery mode turned off, auditing for Bluetooth devices, or creating an accurate Bluetooth device hardware log is limited. The software tools and hardware devices to monitor WiFi networking signals have long been a part of the security auditor's arsenal, but similar tools for Bluetooth are bespoke, expensive, and not adopted by most security pentesters. However, this has changed with the introduction of the Ubertooth One, a low-cost and open-source platform for monitoring Bluetooth Classic signals. Using a combination of the Ubertooth One, and other high-power Bluetooth devices, an auditor should now be able to actively scan for rogue devices that may otherwise have been missed. This research examines various hardware combinations that can be used to achieve this functionality, and the possible implications from a compliance point of view, with a focus on the standards used by the Payment Card Industry Data Security Standard (PCI-DSS), and the guidelines offered by the National Institute of Standards and Technology (NIST). We compare the results of scanning with traditional Bluetooth devices as opposed to an Ubertooth/Bluetooth combination. We show how the ability to monitor a larger portion of Bluetooth traffic can highlight serious implications in the compliance landscape of many organisations and companies. We demonstrate that identifying non-discoverable devices with Bluetooth enabled is a crucial element in holistic security monitoring of threats.
AB - The number of devices containing Bluetooth chipsets is continuing to rise and there exists a need to stem the tidal wave of vulnerabilities brought by the Bring Your Own Device (BYOD) and Internet of Things (IoT) phenomena. With Bluetooth enabled but discovery mode turned off, auditing for Bluetooth devices, or creating an accurate Bluetooth device hardware log is limited. The software tools and hardware devices to monitor WiFi networking signals have long been a part of the security auditor's arsenal, but similar tools for Bluetooth are bespoke, expensive, and not adopted by most security pentesters. However, this has changed with the introduction of the Ubertooth One, a low-cost and open-source platform for monitoring Bluetooth Classic signals. Using a combination of the Ubertooth One, and other high-power Bluetooth devices, an auditor should now be able to actively scan for rogue devices that may otherwise have been missed. This research examines various hardware combinations that can be used to achieve this functionality, and the possible implications from a compliance point of view, with a focus on the standards used by the Payment Card Industry Data Security Standard (PCI-DSS), and the guidelines offered by the National Institute of Standards and Technology (NIST). We compare the results of scanning with traditional Bluetooth devices as opposed to an Ubertooth/Bluetooth combination. We show how the ability to monitor a larger portion of Bluetooth traffic can highlight serious implications in the compliance landscape of many organisations and companies. We demonstrate that identifying non-discoverable devices with Bluetooth enabled is a crucial element in holistic security monitoring of threats.
KW - Bluetooth hacking
KW - Hacking
KW - Network security
KW - Wireless security
KW - Wireless sniffing
UR - http://www.scopus.com/inward/record.url?scp=85081887262&partnerID=8YFLogxK
U2 - 10.12928/TELKOMNIKA.v17i5.12929
DO - 10.12928/TELKOMNIKA.v17i5.12929
M3 - Article
AN - SCOPUS:85081887262
SN - 1693-6930
VL - 17
SP - 2355
EP - 2369
JO - Telkomnika (Telecommunication Computing Electronics and Control)
JF - Telkomnika (Telecommunication Computing Electronics and Control)
IS - 5
ER -