The Bluetooth Honeypot Project: Measuring and Managing Bluetooth Risks in the Workplace

Bluetooth technology BT and the inherent security vulnerabilities it introduces into business domains are often overlooked when security policies are developed. However, the International Data Corporation IDC projected that global Bluetooth short-wave wire semiconductor revenue will triple from $1.7 billion in 2007, to $3.3 billion in 2012 Reidy, 2008. After a brief history of Bluetooth technology, researchers will examine how Bluetooth works, its vulnerabilities, and how these vulnerabilities can be exploited. Bluetooth malware and its associated risks will also be explored. As a practical approach to monitor Bluetooth threats and malware, the employment of a Bluetooth honeypot will be discussed, including honeypot structure and the legalities of deploying them. Building on Andrew Smith's earlier work developing Bluepot, a functional Bluetooth honeypot Smith, 2011, researchers will test Bluepot and discuss the feasibility of using it as a prototype for developing a functional Bluetooth honeypot to secure corporate data and analyze BT malware.

[1]  Banani Nandi,et al.  Broadband Diffusion and its Driving Forces , 2008 .

[2]  Mauro Brunato,et al.  Hop count based optimization of Bluetooth scatternets , 2007, Ad Hoc Networks.

[3]  Geoffrey M. Voelker,et al.  Defending Mobile Phones from Proximity Malware , 2009, IEEE INFOCOM 2009.

[4]  Wen-Chen Hu Multidisciplinary Perspectives on Telecommunications, Wireless Systems, and Mobile Computing , 2013 .

[5]  Charles D. Knutson,et al.  Rapid heterogeneous ad hoc connection establishment: accelerating Bluetooth inquiry using IrDA , 2002, 2002 IEEE Wireless Communications and Networking Conference Record. WCNC 2002 (Cat. No.02TH8609).

[6]  M. Falch Handbook of Research on Global Diffusion of Broadband Data Transmission , 2008 .

[7]  Steven R. Powell On the Internationalization of the Wireless Telecommunications Industry: A Market-Based Analysis of Six European Service Providers , 2009, Int. J. Interdiscip. Telecommun. Netw..

[8]  Yuh-Shyan Chen,et al.  An overlapping communication protocol using improved time-slot leasing for Bluetooth WPANs , 2009, J. Netw. Comput. Appl..

[9]  Gary C. Kessler,et al.  Bluetooth Hacking: A Case Study , 2009, J. Digit. Forensics Secur. Law.

[10]  Imen Mahjri,et al.  A Performance Evaluation of the Coverage Configuration Protocol and its Applicability to Precision Agriculture , 2014 .

[11]  Stefano Zanero,et al.  Studying Bluetooth Malware Propagation: The BlueBag Project , 2007, IEEE Security & Privacy.

[12]  Hasan Sözer,et al.  Distributed Construction and Maintenance of Bandwidth and Energy Efficient Bluetooth Scatternets , 2006, IEEE Transactions on Parallel and Distributed Systems.

[13]  Angelos D. Keromytis,et al.  Detecting Targeted Attacks Using Shadow Honeypots , 2005, USENIX Security Symposium.

[14]  Guofei Gu,et al.  HoneyStat: Local Worm Detection Using Honeypots , 2004, RAID.

[15]  Takashi Watanabe,et al.  A WIRELESS SYSTEM FOR DISASTER DAMAGE MONITORING IN VULNERABLE ISM BAND , 2002 .

[16]  Thomas M. Chen,et al.  Malicious Software in Mobile Devices , 2009 .

[17]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[18]  Karen A. Scarfone,et al.  Guide to Bluetooth Security: Recommendations of the National Institute of Standards and Technology (Special Publication 800-121 Revision 1) , 2012 .

[19]  Avishai Wool,et al.  Cracking the Bluetooth PIN , 2005, MobiSys '05.

[20]  William Yurcik,et al.  Internet honeypots: protection or entrapment? , 2002, IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293).

[21]  Iyatiti Mokube,et al.  Honeypots: concepts, approaches, and challenges , 2007, ACM-SE 45.

[22]  M. Latha,et al.  Analysis of Malicious Detection in Bluetooth Enabled Devices Exploiting Wireless Personal Area Networks , 2010 .

[23]  Calton Pu,et al.  Social Honeypots: Making Friends With A Spammer Near You , 2008, CEAS.

[24]  Thorsten Holz,et al.  Honeypots and Limitations of Deception , 2005, DFN-Arbeitstagung über Kommunikationsnetze.