Visible to the public Practical Bluetooth Traffic Sniffing: Systems and Privacy Implications

TitlePractical Bluetooth Traffic Sniffing: Systems and Privacy Implications
Publication TypeConference Paper
Year of Publication2016
AuthorsAlbazrqaoe, Wahhab, Huang, Jun, Xing, Guoliang
Conference NameProceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4269-8
Keywordsbluetooth channel classification, bluetooth security, bluetooth security and privacy, bluetooth traffic sniffing, composability, Human Behavior, pubcrawl, Resiliency, selective jamming

With the prevalence of personal Bluetooth devices, potential breach of user privacy has been an increasing concern. To date, sniffing Bluetooth traffic has been widely considered an extremely intricate task due to Bluetooth's indiscoverable mode, vendor-dependent adaptive hopping behavior, and the interference in the open 2.4 GHz band. In this paper, we present BlueEar -a practical Bluetooth traffic sniffer. BlueEar features a novel dual-radio architecture where two Bluetooth-compliant radios coordinate with each other on learning the hopping sequence of indiscoverable Bluetooth networks, predicting adaptive hopping behavior, and mitigating the impacts of RF interference. Experiment results show that BlueEar can maintain a packet capture rate higher than 90% consistently in real-world environments, where the target Bluetooth network exhibits diverse hopping behaviors in the presence of dynamic interference from coexisting Wi-Fi devices. In addition, we discuss the privacy implications of the BlueEar system, and present a practical countermeasure that effectively reduces the packet capture rate of the sniffer to 20%. The proposed countermeasure can be easily implemented on the Bluetooth master device while requiring no modification to slave devices like keyboards and headsets.

Citation Keyalbazrqaoe_practical_2016