BlueSWAT: A Lightweight State-Aware Security Framework for Bluetooth Low Energy
Xijia Che, Yi He, Xuewei Feng, Kun Sun, Ke Xu, Qi Li
TL;DR
BlueSWAT is a lightweight, state-aware security framework that detects session-based attacks on BLE devices by monitoring connection states, effectively mitigating most attacks with minimal performance impact across various IoT devices.
Contribution
It introduces a novel state machine-based inspection method combined with a lightweight eBPF framework for cross-device BLE security without rebooting.
Findings
Mitigates 76.1% of session-based BLE attacks
Works across diverse devices and stacks
Imposes negligible memory and latency overhead
Abstract
Bluetooth Low Energy (BLE) is a short-range wireless communication technology for resource-constrained IoT devices. Unfortunately, BLE is vulnerable to session-based attacks, where previous packets construct exploitable conditions for subsequent packets to compromise connections. Defending against session-based attacks is challenging because each step in the attack sequence is legitimate when inspected individually. In this paper, we present BlueSWAT, a lightweight state-aware security framework for protecting BLE devices. To perform inspection on the session level rather than individual packets, BlueSWAT leverages a finite state machine (FSM) to monitor sequential actions of connections at runtime. Patterns of session-based attacks are modeled as malicious transition paths in the FSM. To overcome the heterogeneous IoT environment, we develop a lightweight eBPF framework to facilitate…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsBluetooth and Wireless Communication Technologies · Opportunistic and Delay-Tolerant Networks