A preliminary investigation of worm infections in a bluetooth environment

Over the past year, there have been several reports of malicious code exploiting vulnerabilities in the Bluetooth protocol. While the research community has started to investigate a diverse set of Bluetooth security issues, little is known about the feasibility and the propagation dynamics of a worm in a Bluetooth environment. This paper is an initial attempt to remedy this situation.We start by showing that the Bluetooth protocol design and implementation is large and complex. We gather traces and we use controlled experiments to investigate whether a large-scale Bluetooth worm outbreak is viable today. Our data shows that starting a Bluetooth worm infection is easy, once a vulnerability is discovered. Finally, we use trace-drive simulations to examine the propagation dynamics of Bluetooth worms. We find that Bluetooth worms can infect a large population of vulnerable devices relatively quickly, in just a few days.

[1]  Paula Fikkert,et al.  Specification of the Bluetooth System , 2003 .

[2]  Nam C. Phamdo,et al.  Requirements on worm mitigation technologies in MANETS , 2005, Workshop on Principles of Advanced and Distributed Simulation (PADS'05).

[3]  Fred Brauer,et al.  Compartmental Models in Epidemiology , 2008, Mathematical Epidemiology.

[4]  Tristan Henderson,et al.  CRAWDAD: a community resource for archiving wireless data at Dartmouth , 2005, CCRV.

[5]  Frederik Armknecht A Linearization Attack on the Bluetooth Key Stream Generator , 2002, IACR Cryptol. ePrint Arch..

[6]  Scott R. Fluhrer Improved key recovery of level 1 of the Bluetooth Encryption System , 2002, IACR Cryptol. ePrint Arch..

[7]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[8]  Avishai Wool,et al.  Uniform Framework for Cryptanalysis of the Bluetooth E₀ Cipher , 2005, SecureComm.

[9]  Kaisa Nyberg,et al.  Correlation Properties of the Bluetooth Combiner Generator , 1999, ICISC.

[10]  Robert G. Cole Initial Studies on Worm Propagation in Manets for Future Army Combat Systems , 2004 .

[11]  Stefan Savage,et al.  The Spread of the Sapphire/Slammer Worm , 2003 .

[12]  Avishai Wool,et al.  Cracking the Bluetooth PIN , 2005, MobiSys '05.

[13]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[14]  Markus Jakobsson,et al.  Security Weaknesses in Bluetooth , 2001, CT-RSA.

[15]  Marco Gruteser,et al.  Computer Ecology: Responding to Mobile Worms with Location-Based Quarantine Boundaries , 2007 .

[16]  Serge Vaudenay,et al.  Faster Correlation Attack on Bluetooth Keystream Generator E0 , 2004, CRYPTO.

[17]  Tom Martin,et al.  Mobile phones as computing devices: the viruses are coming! , 2004, IEEE Pervasive Computing.

[18]  Vassilis Kostakos,et al.  Instrumenting the City: Developing Methods for Observing and Understanding the Digital Cityscape , 2006, UbiComp.

[19]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.