Bluebugging allows skilled individuals to access the mobile
phone commands using Bluetooth wireless technology without notifying or alerting the phones user. This vulnerability allows the hacker to initiate phone calls, send and receive text messages, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. As with all the attacks, without specialied e!uipment, the hacker must be within a "#$meter range of the phone. This is a separate vulnerability from bluesnarfing and does not affect all of the same phones as bluesnarfing. Bluesnarfing Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone using Bluetooth wireless technology without alerting the phones user of the connection made to the device. The information that can be accessed in this manner includes the phonebook and associated images, calendar, and I%&I 'international mobile e!uipment identity(. By setting the device in non$ discoverable, it becomes significantly more difficult to find and attack the device. )ithout specialied e!uipment the hacker must be within a "# meter range of the device while running a device with specialied software. *nly specific older Bluetooth enabled phones are susceptible to bluesnarfing. Car Whisperer The car whisperer is a software tool developed by security researchers to connect to and send or receive audio to and from Bluetooth car$kits with a specific implementation. An individual using the tool could potentially remotely connect to and communicate with a car from an unauthoried remote device, sending audio to the speakers and receiving audio from the microphone in the remote device. )ithout specialied e!uipment, someone using the tool must be within a "# meter range of the targeted car while running a laptop with the car whisperer tool. The security researchers goal was to highlight an implementation weakness in a select number of Bluetooth enabled car$kits and pressure manufacturers to better secure Bluetooth enabled devices. Cabir Worm The cabir worm is malicious software, also known as malware. )hen installed on a phone, it uses Bluetooth technology to send itself to other similarly vulnerable devices. +ue to this self$replicating behaviour, it is classified as a worm. The cabir worm currently only affects mobile phones that use the ,ymbian series -# user interface platform and feature Bluetooth wireless technology. .urthermore, the user has to manually accept the worm and install the malware in order to infect the phone. *ne of the best ways to avoid these threats is to have a secure /I0 number. The personal identification number '/I0( is a four or more digit alphanumeric code that is temporarily associated with one1s products for the purposes of a one time secure pairing. It is recommended that users employ at minimum an eight character or more alphanumeric /I0 when possible. /roduct owners must share that /I0 number only with trusted individuals and trusted products for pairing. )ithout this /I0 number, pairing cannot occur. It is always advisable to pair products in areas with relative privacy. Avoid pairing your Bluetooth enabled devices in public. If, for some reason, your devices become unpaired, wait until you are in a secure, private location before repairing your devices. Theoretically a hacker can monitor and record activities in the fre!uency spectrum and then use a computer to regenerate the /I0 codes being exchanged. This re!uires specially built hardware and thorough knowledge of Bluetooth systems. By using a /I0 code with eight or more alphanumeric characters it would take the hacker years to discover the /I0. By using a four digit numeric /I0 code, the hacker could discover the /I0 in a matter of a few hours. ,till advanced software is re!uired. 7.Conclusion )e have now examined Bluetooth in general, some of the security properties of distributed systems and ad hoc networks and the Bluetooth security mechanisms. As was seen, the Bluetooth1s security seemed to be ade!uate only for small ad hoc networks, such as a network of the participants in a meeting. 2onnecting a /+A to a mobile phone using Bluetooth may also be secure enough, but is Bluetooth secure enough for larger ad hoc networks, money transfers and transferring other sensitive information3 In the light of this study, it seems that the security of Bluetooth is still inade!uate for any serious, security sensitive work. After the basic problems have been corrected, the more sophisticated security methods may be implemented on the upper levels. The security specification only considers simple issues and the more functional security has to be built above it. This includes the better security authoriation systems with possible 4+2s and distributed secret schemes. The secure routing protocols for larger ad hoc networks must also be implemented separately. 8.Reference 5"6. http788www.bluetooth.com 596. http788www.bluetooth.org 5:6. http788www.howstuffworks.com8bluetooth.htm 5;6. http788www.wirelessdevnet.com 5<6. http788www.sysopt.com 5-6. http788hotbot.com8 5=6. http788www.bluelon.com 5>6. http788news.dnet.co.uk 5?6. http788www.pcworld.com 5"#6.@uha T. Aainio, BBluetooth ,ecurityC, Article, Delsinki Eniversity of Technology, 9<$#<$9### 5""6. Taub and ,helling, B/rinciples of 2ommunicationC T%D 5"96. ,ham ,hanmugan, Analog an +igital 2ommunication, &dition 9. 5":6. )illiam ,tarling, 2ryptography BLUETOOTH SECURITY 4.+hanraF +epartment of &lectronics and 2ommunication VIGNANA BHARATHI INSTITUTE OF TECHNOLOGY Affiliated to @0TE Abstract Bluetooth is a way of connecting machines to each other without cables or any other physical medium. It uses radio waves to transfer information, so it is very susceptible to attacks. This paper first gives some background information about Bluetooth system. It then concentrates on its operation, features, comparison with other technologies, its network topology and security issues in Bluetooth enabled devices with possible solution. 1. Introduction Bluetooth, the new technology named after the "#th 2entury +anish 4ing Darold Bluetooth, is a hot topic among wireless developers. This article will provide an introduction to the technology. Bluetooth was designed to allow low bandwidth wireless connections to become so simple to use that they seamlessly integrate into your daily life. A simple example of a Bluetooth application is updating the phone directory of your mobile phone. Today, you would have to either manually enter the names and phone numbers of all your contacts or use a cable or IG link between your phone and your /2 and start an application to synchronie the contact information. )ith Bluetooth, this could all happen automatically and without any user involvement as soon as the phone comes within range of the /2H *f course, you can easily see this expanding to include your calendar, to do list, memos, email, etc.. This is Fust one of many exciting applications for this new technologyH 2an you imagine walking into a store and having all the sale items automatically available on your cell phone or /+A3 It is a definite possibility with Bluetooth. Bluetooth communication occurs in the unlicensed I,% 'Industrial, ,cientific, %edical( band at 9.;ID. The transceiver utilies fre!uency hopping to reduce interference and fading. A typical Bluetooth device has a range of about "# meters. The communication channel can support both data 'asynchronous( and voice 'synchronous( communications with a total bandwidth of " %b8sec. Bluetooth wireless technology is a short$range communications technology intended to replace the cables connecting portable and8or fixed devices while maintaining high levels of security. The key features of Bluetooth Bluetooth wireless technology can be used for these applications7 .ile transfer. /eripheral connectivity. Ad$hoc networking7 2ommunicating devices can spontaneously form a community of networks that persists only as long as it1s needed +evice synchroniation7 ,eamless connectivity among /+As, computers, and mobile phones allows applications to update information on multiple devices automatically when data on any one device changes. 2ar kits7 Dands$free packages enable users to access phones and other devices without taking their hands off the steering wheel %obile payments7 Jour Bluetooth$enabled phone can communicate with a Bluetooth$enabled vending machine to buy a can of +iet /epsi, and put the charge on your phone bill. Bluetooth defines provisions for three low$power operating modes in order to conserve battery life7 ,niff %ode Dold %ode /ark %ode 2.Bluetooth Oeration Bluetooth networking transmits data via low$power radio waves. It communicates on a fre!uency of 9.;< gigahert 'actually between 9.;#9 ID and 9.;># ID, to be exact(. This fre!uency band has been set aside by international agreement for the use of industrial, scientific and medical devices 'I,%(. A number of devices that you may already use take advantage of this same band. *ne of the ways Bluetooth devices avoid interfering with other systems is by sending out very weak signals of about " milliwatt. The low power limits the range of a Bluetooth device to about "# meters ':9 feet(, cutting the chances of interference between your computer system and your portable telephone or television. &ven with the low power, Bluetooth doesn1t re!uire line of sight between communicating devices. The walls in your house won1t stop a Bluetooth signal, making the standard useful for controlling several devices in different rooms. technology are robustness, low power, and low cost. The Bluetooth specification defines a uniform structure for a wide range of devices to connect and communicate with each other. A fundamental Bluetooth wireless technology strength is the ability to simultaneously handle both data and voice transmissions. Bluetooth can connect up to eight devices simultaneously. )ith all of those devices in the same "#$meter ':9$foot( radius, you might think they1d interfere with one another, but it1s unlikely. Bluetooth uses a techni!ue called spread$ spectrum fre!uency hopping that makes it rare for more than one device to be transmitting on the same fre!uency at the same time. In this techni!ue, a device will use =? individual, randomly chosen fre!uencies within a designated range, changing from one to another on a regular basis. In the case of Bluetooth, the transmitters change fre!uencies ",-## times every second, meaning that more devices can make full use of a limited slice of the radio spectrum. ,ince every Bluetooth transmitter uses spread$spectrum transmitting automatically, its unlikely that two transmitters will be on the same fre!uency at the same time. This same techni!ue minimies the risk that portable phones or baby monitors will disrupt Bluetooth devices, since any interference on a particular fre!uency will last only a tiny fraction of a second. )hen Bluetooth$capable devices come within range of one another, an electronic conversation takes place to determine whether they have data to share or whether one needs to control the other. The user doesn1t have to press a button or give a command $$ the electronic conversation happens automatically. *nce the conversation has occurred, the devices $$ whether they1re part of a computer system or a stereo $$ form a network. Bluetooth systems create a personal$area network '/A0(, or piconet, that may fill a room or may encompass no more distance than that between the cell phone on a belt$clip and the headset on your head. *nce a piconet is established, the members randomly hop fre!uencies in unison so they stay in touch with one another and avoid other piconets that may be operating in the same room. !."eatures o# Bluetooth Technolo$% &very technology has its own advantages or features. These advantages or features are one which if are strong can dominate its drawbacks or loop holes. This simple and fascinating technology has dominated its few drawbacks and is now widely used public. Bluetooth wireless technology is the simple choice for convenient, wire$free, short$range communication between devices The Bluetooth wireless technology specification is available free$of$charge to our member companies around the globe Bluetooth technology operates in the 9.; ID, one of the unlicensed industrial, scientific, medical 'I,%( radio bands Bluetooth wireless technology is the most widely supported, versatile, and secure wireless standard on the market today Bluetooth technology has built$in security such as "9>bit encryption and /I0 code authentication. *nce connected, always securely connected. &.Co'arison (ith Other Technolo$% )hen we compare Bluetooth with the other wireless technologies like Eltra$)ideband, 2ertified )ireless E,B, )i$.i '>#9.""(, KigBee 'I&&& >#9."<.;(, DI/&G%A0, DiperLA0, 0ear$.ield %agnetic 2ommunication, 0ear .ield 2ommunication '0.2(, Infrared 'Ir+A( Bluetooth makes itself distinguished and efficient from others based on its following features Bluetooth wireless technology is geared towards voice and data applications Bluetooth wireless technology operates in the unlicensed 9.; ID spectrum Bluetooth wireless technology can operate over a distance of "# meters or "## meters depending on the Bluetooth device class. The peak data rate with &+G is : %bps Bluetooth wireless technology is able to penetrate solid obFects Bluetooth technology is omni$directional and does not re!uire line$of$sight positioning of connected devices ,ecurity has always been and continues to be a priority in the development of the Bluetooth specification. The Bluetooth specification allows for three modes of security To get more clear view about Bluetooth feature lets compare it with Ir+A and >#9.""b. Bluetooth Vs IrDA: Dome electronics devices like TAs and A2Gs communicate using beams of light in the infrared spectrum. Infrared is fairly reliable and doesn1t cost much to build into devices. It does have drawbacks7 It1s line$of$sight, so a sender must align with its receiver. It1s one$to$one, so a device can1t send to multiple receivers at the same time. Infrared1s advantages are conse!uences of its disadvantages7 Because it1s line$of$sight, interference is uncommon. Because it1s one$to$one, message delivery is reliable7 each message sent goes to the intended recipient no matter how many infrared receivers are in the room. Bluetooth vs. 8!.""b )hile both Bluetooth and I&&& >#9.""b are wireless communication protocols and both operate in the 9.;ID band, it is important not to visualie Bluetooth as a replacement for >#9."" wireless LA0 technology. They1re +ue the above magnificent features of Bluetooth this technology which was firstly used in mobiles has now emerged in development of it different fields. designed to accomplish different goals. The >#9.""b protocol is designed to connect relatively large devices with lots of power and speed, such as desktops and laptops. +evices communicate at up to "" %bit8sec, at greater distances 'up to :## feet, or "## meters(. By contrast, Bluetooth is designed to connect small devices like /+As, mobile phones, and peripherals at slower speeds '" %bit8sec(, within a shorter range ':# feet, or "# meters(, which reduces power re!uirements. ).Bluetooth *et+or, Toolo$% Bluetooth$enabled devices are organied in groups called piconets. A piconet consists of a master and up to seven active slaves. A master and a single slave use point$to$point communicationM if there are multiple slaves, point$to$ multipoint communication is used. A master unit is the device that initiates the communication. A device in one piconet can communicate to another device in another piconet, forming a scatternet, as depicted in .igure ". 0otice that a master in one piconet may be a slave in another piconet7 Scatternet Comprising Three Piconets The normal duration of transmission is one slot, and a packet can last up to five time slots in length. In order to support full$duplex communications, Bluetooth uses a time$ division multiplexing 'T+%( scheme, in which a master device always uses an even$numbered slot when it transmits, and a slave uses an odd$numbered slot. Internally the Bluetooth operation follows certain protocol, which is as follows in se!uence of operation. This se!uence is called as Bluetooth protocol stack. -.Securit% In any wireless networking setup, security is a concern. +evices can easily grab radio waves out of the air. Bluetooth technology is no different $$ it1s wireless and therefore susceptible to spying and remote access. Bluetooth wireless technology is no exception. /roduct developers that use Bluetooth wireless technology in their products have several options for implementing security. There are three modes of security for Bluetooth access between two devices. ,ecurity %ode "7 0on$,ecure ,ecurity %ode 97 ,ervice Level &nforced ,ecurity ,ecurity %ode :7 Link Level &nforced ,ecurity .or devices, normally there are two levels7 %ode " and %ode 9 which is normally enabled by the manufacturer. Bluetooth has few threats which are listed below 7 Blue#ac$ing
BlueFacking allows phone users to send business cards anonymously using Bluetooth wireless technology. BlueFacking does 0*T involve the removal or alteration of any data from the device. These business cards often have a clever or flirtatious message rather than the typical name and phone number. BlueFackers often look for the receiving phone to ping or the user to react. They then send another, more personal message to that device. *nce again, in order to carry out a blueFacking, the sending and receiving devices must be within "# meters of one another. /hone owners who receive blueFack messages should refuse to add the contacts to their address book. +evices that are set in non$ discoverable mode are not susceptible to blueFacking.