Three security modes Paper

Published: 2021-09-12 14:30:13
essay essay

Category: Computer Science

Type of paper: Essay

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Hey! We can write a custom essay for you.

All possible types of assignments. Written by academics

Security modes: Three security modes defined by Bluetooth specification [2] [20] [21].
1) Security Mode: – This mode gives no security. The essential security columns, for example, authentication and encryption are avoided in security mode 1, which is the reason this mode is called the non-secure method of security [2].
2) Security Mode2: This mode gives security at administration level that is security functionalities are given after link and before channel establishment [2]. Security mode presented validation and approval [2].
3) Security Mode 3: This mode employs link level enforced security mechanisms [2]. As it is the highest level of security, it protects Bluetooth devices from various attacks. Also, this mode is a most secure method of security among all the three modes [2].
The services provided by Bluetooth uses the default level of security. Some of these services require authentication; others require authorization while some require both. So, it depends on Bluetooth service which security mode is to be used.
Bluetooth security configuration: The Bluetooth security configuration is done with the help of discoverability and connection ability available in the Bluetooth enabled devices. For secure communication, the authentication of Bluetooth enabled devices is necessary [27].
Bluetooth empowered gadgets are split into trust level and administration level.
1) Trust level: This includes trusted, untrusted and unknown devices.
a) Trusted Device:The gadgets are that marked as “TRUSTED” in the device database are authenticated beforehand, and a link key is also kept in the device database.
b) Untrusted Device: These are the devices in which a link is stored in their database yet not set apart as “TRUSTED” by the devices.
c) Unknown Device:These are the “UNTRUSTED” devices for which no security data inaccessible.
2) Service level: It includes:
a) Authentication: The checking of the identity of the client to get access to something is called authentication [22][2].
b) Authorization: Giving access to some resource or something in called authorization [2].
c) Confidentiality: Protection of private data or secret information is called confidentiality[2].

Common Bluetooth Attacks
The pairing process is the main contributor to security issues found in Bluetooth [25][42][45]. Attacks can be performed amid various steps of the pairing process including before the pairing process has completed and after devices are paired [45][25]. Some of the more common attacks on Bluetooth are described below[42][45]:
? MAC Spoofing Attack: The assault is performed before encryption is done and amid the arrangement of the piconet when link keys are being created [26][45]. Devices can validate each other by producing link keys [27][28]. Amid the assault, assailants can copy another client [26]. They additionally can end associations or block/alter information with the utilization of unique instruments [26].
? PIN Cracking Attack: This attack can occur during the device pairing and authentication process[45]. To collect the RAND and the BD_ADDR of the targeted device, an attacker uses a frequency sniffer tool. An algorithm (E22 algorithm) is then used to check all possible permutations of the PIN with the information recently gathered until the point when the right PIN is found [26][45].
? Man-in-the-Middle Attack: It occurs when devices are attempting to pair [29][45]. Amid the attack, messages are handed-off unconsciously between the gadgets [30][45]. This enables authentication without the shared secret keys [9][45]. In a successful attack, the client trusts the matching was sufficient; in any case, this isn’t the situation, as the two gadgets are paired to the attacker [26][45][30].
? Bluejacking: Bluejacking is an assault directed on Bluetooth-empowered wireless gadgets, such as cell phones. An attacker begins blue jacking by exchanging unwanted messages to the client of a Bluetooth-enabled device. The original messages do not cause any damage to the user’s device, but they can entice the user to respond in some way or add the new contact to the device’s contact book. This message-sending ambush looks like spam and phishing assaults led against email clients. Bluejacking can reason harm while a client starts a response to a bluejacking message sent with a harming plan. This attack is commonly used in congested areas [26]. Bluejacking can be restricted by changing settings of a gadget to secreted, unseen or non-discoverable mode.
? Bluesnarfing: When data is stolen from a remote gadget amid a Bluetooth interface It empowers attackers to use a Bluetooth-enabled device by misusing a firmware error in old devices [5]. This assault provides a link to a Bluetooth device, enabling access to data stored on it as well as it’s international mobile equipment identity [5]. It is a unique identification for all devices that using it; an enemy can divert all the incoming calls from the user’s device to the attacker’s device. Bluetooth is an expedient however extremely constrained wireless technology for trading data between the work area and PDA PCs and different gadgets.[26]
? Blue-Bugging Attack: This kind of attack includes the use of mobile phone guidelines using Bluetooth without informing the user, enabling the outsider to access data, placing mobile calls, overhearing phone calls, sending messages, and using other services [31]
? Backdoor Attack: The assault happens while building up a confided in relationship amid pairing [26]. Amid the attack, the enemy does not show up in the register of paired devices on the target device [26]. After a relationship is built up, the attacker has access to the device administration and assets [26]. The device owner does not know this access [26]. For a backdoor attack to be successful, the BD_ADDR of the target device needs to be known [30].
? Denial of Service attacks: There are two types of DoS attacks [32]:
• DDoS (Distributed Denial of Service): A single attacker can make a DDoS attack [32]. A network can be incapacitated by these attacks [32]. A network’s accessibility to a more extensive network can be confined [32]. The target of these attacks is the Physical Layer in the protocol stack or the layers above the Physical Layer.
• Ordinary DoS: In this, the network is crashed, or the system is restarted by sending packets to the targeted system [32 ].
• Examples of Denial of Service (DoS) attacks are BD_ADDR duplication, Blue Smack, blue-chip, L2CAP guaranteed service, battery exhaustion, and Big NAK (Negative Acknowledgement), which is an attack using a continuous retransmission loop [33][45].
The biggest advantage of Bluetooth is that it eliminates the need of wires and cables. With its help, we can share data and voice information between two Bluetooth enabled devices. In past few decades, there is huge growth in Bluetooth devices.
• Bluetooth Headsets: It is the most commonly used Bluetooth device. It enables us to receive and make calls on our cellphone without using hands and without any wires. Headsets have amazing features such as voice identification.
• Stereo Headsets: It works without wires. It can be connected to any Bluetooth-equipped music player, within a short range of player device and allows us to listen music. It also works with Bluetooth-enabled mobile phones.
• In-Car Bluetooth Headset: In this, we can connect our mobile phone to sound system in the car. We can easily make and receive calls, listen to music in car speakers without using our cell phone.
• Bluetooth-Equipped Printer: It receive text documents and pictures from any Bluetooth-enabled device, such as a laptop or PDA, and print the data, wirelessly. The device should be in range of and in synchronization to the printer for the wireless printing functions to work correctly.
• Bluetooth-Enabled Webcam: It works the same way as a traditional webcam, without the use of wires. The wireless abilities add mobility to the device.
• Bluetooth GPS Device:We can speak an address into the GPS; the device will find the address and will provide directions on-screen or through voice dictation.
• Bluetooth Keyboard: The major difference between traditional and Bluetooth keyboard is that the latter works without any wires connected to the computer. It also works with certain smart phone devices.
Applications for Protecting Bluetooth Devices:
(1) Bluetooth firewall: This application protects Bluetooth devices such as Android devices from all kinds of Bluetooth related assaults[45[ [34]. It alerts users regarding any Bluetooth activity [34].
(2) Bluetooth file transfer: It allows only authorized devices to be connected [35][45].
? What’s New?
Worldwide wireless technology keeps on advancing the IoT (Internet Of Things) with the launch of Bluetooth 5. It doubles the speed, enhances broadcast messaging capacity by 800%, and increments range 4 times.
The principal objective of Bluetooth 5 is ” To increase the overall quality of the connections and
the interoperability of these connections.”
Enhanced Features of Bluetooth 5:
1) Adoption of Beacon gadgets: Beacons are little remote gadgets that are fitted into Bluetooth 5 which continually transmit radio waves. Beacons devices decrease the chances of poor connection.
2) Increased number of “Advertising packets”: This expanded number of AP makes Bluetooth 5 more reliable as it asks the name of a device before pairing it. The increased number of packets ought to allow the pairing process to be a quicker, more reliable action, which may also help out with the stability of the connection.
3) Better IOT: It offers the flexibility to make IoT performance better because of double speed, four times range and 8x data capacity.
4) Available Everywhere: To reduce interference of other wireless technologies so that Bluetooth devices could coexist within the increasingly complex global IoT environment, it includes updates[9].
5) Better Audio Quality: With the increased speed, sound quality has also improved as compared to earlier versions.
What is the future of Bluetooth?
The future of Bluetooth seems bright, with all the steps taken for higher output, more universal utilization and connections with Wifi and Ultra Wideband (UWB) communicate innovation.

The Bluetooth SIG accomplices are dealing with empowering Bluetooth information points, enabling advertising models based on clients pulling information from ‘information points,’ rather than ‘pushing’ information out.
Other emerging features incorporate Bluetooth in vehicles(cars); automatic configuration of piconets; and quality of service (QoS) enhancements, for instance, enabling audio and video information to be transmitted at a higher quality.
This paper examines about the remarkable method for using this stunning Bluetooth innovation to accomplish productive methods of communication. It additionally conceals different critical subjects, for example, some foundation data identified with the Bluetooth framework, its merits and multiple applications and different problems related to Bluetooth security. Vulnerabilities in Bluetooth advancements and dangers against those vulnerabilities are likewise talked about[44]. Bluetooth security experts need to give programmed updates to its security conventions and client protection assurance strategies for each new security rupture so that the insurance of the gadget user’s individual data turns into the essential target. The most recent enhancements and advancements are also being discussed in this paper work. Undeniably, it’s an introductory work by us, and we are actively working on multiple areas being discussed in this paper. We believe that the paper will likewise tempt the readers in exploring this rich research area in depth.
[1] Y. Chen, H. Chou, C. Lin, H. Lin and S. Yuan, “A System Implementation of Pushing Advertisement to Handheld Devices via Bluetooth”, in Fourth International Conference on Networked Computing and Advanced Information Management, 2008.
[2] M. Kumar and B. Gupta, “Security for Bluetooth enabled devices using BlipTrack Bluetooth detector”, in 2015 International Conference on Advances in Computer Engineering and Applications (ICACEA), Ghaziabad, India, 2015.
[3] A Novel Bluetooth Man-In-The-Middle Attack Based On SSP using OOB Association model by K.Saravanan, L.Vijayanand and R.K.Negesh.
[4] Man-in-the-Middle Attack and its Countermeasure in Bluetooth Secure Simple Pairing by M Thrinatha Reddy.
[5]K. Kent and J. Padgette, Guide to Bluetooth security. Gaithersburg, MD: U.S. Dept. of Commerce, National Institute of Standards and Technology, 2008.
[6] JariValimaki, ?Bluetooth and Ad Hoc Networking
[7] Simon Duncan, ? Data on Bluetooth: A Guide to its Deploymeny?, Mobile Lifestreams Limited, 2001
[8] Johansson, P., Kazantzidis, M., Kapoor, R. and Gerla, M. (2001). Bluetooth: an enabler for personal area networking. IEEE Network, 15(5), pp.28-37.
[9] (2018). Bluetooth Technology Website. [online] Available at: .
[10]K. Kanagavalli and D. Sankaragomathi, “A BLUETOOTH MOBILE AD HOC NETWORK COMMUNICATION TOPOLOGIES”, Journal of Global Research in Computer Science, vol. 5, no. 2229-371, 2014. [11] ElProCus – Electronic Projects for Engineering Students. (2018). Bluetooth Basics – How Bluetooth Works: Applications and Advantages. [online] Available at: .
[12] (2018). Bluetooth Network Connection and Pairing :: Radio-Electronics.Com. [online] Available at:
[13]Theodoros Salonidis1, Pravin Bhagwat, LeandrosTassiulas, and Richard LaMaire, ?Distributed Topology Construction of Bluetooth Personal Area Networks?, IEEE INFOCOM 2001
[14] Har-Sai, L., Kofman, R., Segall, A. and Zussman, G. (2004). Load-adaptive inter-piconet scheduling in small-scale Bluetooth scatternets. IEEE Communications Magazine, 42(7), pp.136-142.
[15] (2018). Bluetooth protocol stack | Bluetooth protocol layers | tutorials. [online] Available at:
[16] (2018). [online] Available at:
[17] TrishnaPanse and Prashant Panse, “A Survey on Security Threats and Vulnerability attacks on Bluetooth Communication” ISSN: 0975-9646.
[18] Nateq Be-Nazir Ibn Minar and Mohammed Tarique, “Bluetooth Security Threats and Solution” A Survey. In International Journal of Distributed and Parallel Systems (IJDPS) Vol.3, No.1, January 2012
[19] Karen Scarfone and john Padgette, “Guide to Bluetooth Security,” paperback June 30, 2012.
[20][online] Available at:
[21] Karen Scarfone and John Padgette. Guide to Bluetooth Security. Special Publication 800-121, Recommendations of the National Institute of Standards and Technology, 2008.
[26]Nateq Be-Nazir Ibn, M.; Tarique, M. Bluetooth security threats and solutions: A survey. Int. J. Distrib. Parallel Syst. 2012, 3, 127.
[27]National Institute of Standards and Technology. Guide to Bluetooth Security: Recommendations of the National Institute of Standards and Technology; Special Publication 800-121 Revision 1; National Institute of Standards and Technology: Maryland, MD, USA, 2008
[28]Bluetooth Security. Available online: 2003-04/wireless-computing/sec_bluetooth.shtml .
[29]Saravanan, K.; Vijayanand, L.; Negesh, R.K. A Novel Bluetooth Man-In-The-Middle Attack Based on SSP using OOB Association model. arXiv, 2012, arxiv:1203.4649.
[30]Panse, T.; Panse, P. A Survey on Security Threats and Vulnerability attacks on Bluetooth Communication. Int. J. Comput. Sci. Inf. Technol. 2013, 4, 741–746.
[31]Becker, A. Bluetooth Security & Hacks; Seminar ITS Ruhr-Universitat Bochum SS2007; Ruhr University of Bochum: Bochum, Germany, 2007; Available online: security_and_hacks.pdf (
[32] Nawir, M.; Amir, A.; Yaakob, N.; Lynn, O. Internet of Things (IoT): Taxonomy of Security Attacks. In Proceedings of the 2016 3rd International Conference on Electronic Design (ICED), Phuket, Thailand, 11–12 August 2016.
[33] Haataja, K. Security Threats and Countermeasures in Bluetooth-Enabled Systems. Kuopio University Publications H. Business and Information Technology 13. 2009. Page 75. Available online: .
[34] Pandey, T.; Khara, P. Bluetooth Hacking and its Prevention. L & T Technology Services. Available online:
[35]Using MultiBlue to Control Any Mobile Device. Available online:
[36]Naone, E. Taking Control of Cars from Afar. 14 March 2011. Available online:
[37] Markoff, J. Researchers Show How a Car’s Electronics Can Be Taken over Remotely. Available online:
[38] Black, L. (2018). [Black Arch] Linux Distribution with 600 Security Tools.[online] KitPloit – PenTest & Hacking Tools for your Cyber Security Kit. Available at:
[39] Scribd. (2018). Vol_5_English_Is_IT | Project Based Learning | Behavior Modification. [online] Available at:
[40] Naze, J. (2018). Bluetooth Security Help. [online] IT world. Available at:
[41] (2018). Bluetooth 5.0 – About | Feature | Range | Specification | Advantages. [Online] Available at:
[42]JSAN | Free Full-Text | Security Vulnerabilities in
[43]Jang-Ping Sheu, Kuei-Ping Shih, Shin-Chih Tu and Chao-Hsun Cheng, “A traffic-aware scheduling for bluetooth scatternets”, IEEE Transactions on Mobile Computing, vol. 5, no. 7, pp. 872-883, 2006.
[44] V. Tsira and G. Nandi, “Bluetooth Technology: Security Issues and Its Prevention”, Vikethozo Tsira et al, Int.J.Computer Technology & Applications, vol. 55, no. 2229-6093, 2018.
[45] A. Lonzetta, P. Cope, J. Campbell, B. Mohd and T. Hayajneh, “Security Vulnerabilities in Bluetooth Technology as Used in IoT”, Journal of Sensor and Actuator Networks, vol. 7, no. 3, p. 28, 2018.

Warning! This essay is not original. Get 100% unique essay within 45 seconds!


We can write your paper just for 11.99$

i want to copy...

This essay has been submitted by a student and contain not unique content

People also read