A preliminary investigation of worm infections in a bluetooth environment

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A preliminary investigation of worm infections in a bluetooth environment

Full text

Pdf (877 KB)

Source

Conference on Computer and Communications Security archive
Proceedings of the 4th ACM workshop on Recurring malcode table of contents

Alexandria, Virginia, USA

SESSION: Emerging threats table of contents

Pages: 9 - 16

Year of Publication: 2006

ISBN:1-59593-551-9

Authors

Jing Su	University of Toronto
Kelvin K. W. Chan	University of Toronto
Andrew G. Miklas	University of Toronto
Kenneth Po	University of Toronto
Ali Akhavan	University of Toronto
Stefan Saroiu	University of Toronto
Eyal de Lara	University of Toronto
Ashvin Goel	University of Toronto

Sponsors

ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 20, Downloads (12 Months): 257, Citation Count: 6

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1179542.1179545 What is a DOI?

ABSTRACT

Over the past year, there have been several reports of malicious code exploiting vulnerabilities in the Bluetooth protocol. While the research community has started to investigate a diverse set of Bluetooth security issues, little is known about the feasibility and the propagation dynamics of a worm in a Bluetooth environment. This paper is an initial attempt to remedy this situation.We start by showing that the Bluetooth protocol design and implementation is large and complex. We gather traces and we use controlled experiments to investigate whether a large-scale Bluetooth worm outbreak is viable today. Our data shows that starting a Bluetooth worm infection is easy, once a vulnerability is discovered. Finally, we use trace-drive simulations to examine the propagation dynamics of Bluetooth worms. We find that Bluetooth worms can infect a large population of vulnerable devices relatively quickly, in just a few days.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	F. Armknecht. A Linearization Attack on the Bluetooth Key Stream Generator, 2002. Cryptology ePrint Archive, Report 2002/191.
	2	Bluetooth. Specification of the Bluetooth System, 2006. http://www.bluetooth.org/foundry/adopters/document/Core_v2.0_EDR/en/1/Core_v2.0_EDR.zip.
	3	Bluetooth.com. The Official Bluetooth Wireless Info Site, 2006. http://www.bluetooth.com.
	4	BlueZ. BlueZ -- Official Linux Bluetooth Protocol Stack, 2006. http://www.bluez.org.
	5	T. Bunker. Serious Flaws in Bluetooth Security Lead to Disclosure of Personal Data, 2006. http://www.thebunker.net/security/bluetooth.htm.
	6	R. G. Cole. Initial Studies on Worm Propagation in MANETS for Future Army Combat Systems, 2004. http://stinet.dtic.mil/oai/oai&verb=getRecord&metadataPrefix=html&identifier=ADA431999.
	7	Robert G. Cole , Nam Phamdo , Moheeb A. Rajab , Andreas Terzis, Requirements on Worm Mitigation Technologies in MANETS, Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation, p.207-214, June 01-03, 2005 [doi>10.1109/PADS.2005.21]
	8	ComputerWorld. Cabir Worm Wriggles into U.S. Mobile Phones, 2005. http://www.computerworld.com/securitytopics/security/virus/story/0,108 01,99935,00.html.
	9	CRAWDAD. Crawdad: A Community Resource for Archiving Wireless Data at Dartmouth, 2006. http://crawdad.cs.dartmouth.edu/l.
	10	David Dagon , Tom Martin , Thad Starner, Mobile Phones as Computing Devices: The Viruses are Coming!, IEEE Pervasive Computing, v.3 n.4, p.11-15, October 2004 [doi>10.1109/MPRV.2004.21]
	11	Nathan Eagle , Alex (Sandy) Pentland, Reality mining: sensing complex social systems, Personal and Ubiquitous Computing, v.10 n.4, p.255-268, March 2006 [doi>10.1007/s00779-005-0046-3]
	12	S. R. Fluhrer. Improved Key Recovery of Level 1 of the Bluetooth Encryption System, 2002. Cryptology ePrint Archive, Report 2002/068.
	13	M. Herfurt. Bluetsnarfing @ CeBIT 2004 -- Detecting and Attacking Bluetooth-enabled Cellphones at the Hanover Fairground, 2004. http://trifinite.org/Downloads/BlueSnarf_CeBIT2004.pdf.
	14	Miia Hermelin , Kaisa Nyberg, Correlation Properties of the Bluetooth Combiner Generator, Proceedings of the Second International Conference on Information Security and Cryptology, p.17-29, December 09-10, 1999
	15	B. Hoh and M. Gruteser. Computer Ecology: Responding to Mobile Worms with Location-Based Quarantine Boundaries. In International Workshop on Research Challenges in Security and Privacy for Mobile and Wireless Networks, 2006.
	16	InfoSyncWorld. First Symbian OS Virus to Replicate over MMS Appears, 2005. http://www.infosyncworld.com/news/n/5835.html.
	17	Markus Jakobsson , Susanne Wetzel, Security Weaknesses in Bluetooth, Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA, p.176-191, April 08-12, 2001
	18	A. Laurie, M. Holtmann, and M. Herfurt. Bluetooth Hacking, 2004. http://www.ccc.de/congress/2004/fahrplan/event/66.en.html.
	19	O. Levy and A. Wool. A Uniform Framework for Cryptanalysis of the Bluetooth E0 cipher, 2005. Cryptology ePrint Archive, Report 2005/107.
	20	Y. Lu and S. Vaudenay. Faster Correlation Attack on Bluetooth Keystream Generator E0. In Advances in Cryptology (CRYPTO), Santa Barbara, CA, 2004.
	21	Mobileinfo.com. Bluetooth Technology -- What are the Applications?, 2006. http://www.mobileinfo.com/Bluetooth/applic.htm.
	22	D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver. The Spread of the Sapphire/Slammer Worm. Technical Report CAIDA, ICSI, Sillicon Defense, UC Berkeley EECS and UC San Diego, January 2003.
	23	David Moore , Colleen Shannon , k claffy, Code-Red: a case study on the spread and victims of an internet worm, Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment, November 06-08, 2002, Marseille, France [doi>10.1145/637201.637244]
	24	E. O'Neill, T. Kindberg, A. F. gen Schieck, T. Jones, A. Penn, and D. S. Fraser. Instrumenting the city: developing methods for observing and understanding the digital cityscape. In Proc. of the 8th International Conference on Ubiquitous Computing (UBICOMP), 2006.
	25	Palm. Bluetooth technology: what is it, how does it work, and what can I do with it?, 2006. http://kb.palmone.com/SRVS/CGI-BIN/WEBCGI.EXE New,Kb=PalmSupportKB,ts=Palm_External2001,case=obj(20821).
	26	PCWorld. What's Cooking? Bluetooth Hits the Kitchen, 2002. http://www.pcworld.com/news/article/0,aid,95223,00.asp.
	27	T. Register. Bluetooth to Outship Wi-Fi Five to One, 2003. http://www.theregister.co.uk/2003/06/18/bluetooth_to_outship_wifi_five/
	28	Yaniv Shaked , Avishai Wool, Cracking the Bluetooth PIN, Proceedings of the 3rd international conference on Mobile systems, applications, and services, June 06-08, 2005, Seattle, Washington [doi>10.1145/1067170.1067176]
	29	Stuart Staniford , Vern Paxson , Nicholas Weaver, How to Own the Internet in Your Spare Time, Proceedings of the 11th USENIX Security Symposium, p.149-167, August 05-09, 2002
	30	O. Whitehouse. Bluetooth: Red Fang, Blue Fang, 2004. http://www.cansecwest.com/csw04/csw04-Whitehouse.pdf.
	31	Wikipedia. Compartmental models in epidemiology, 2006. http://en.wikipedia.org/wiki/Compartmental_models_in_epidemiology.

CITED BY 6

	Chris Fleizach , Michael Liljenstam , Per Johansson , Geoffrey M. Voelker , Andras Mehes, Can you infect me now?: malware propagation in mobile phone networks, Proceedings of the 2007 ACM workshop on Recurring malcode, November 02-02, 2007, Alexandria, Virginia, USA
	P. Akritidis , W. Y. Chin , V. T. Lam , S. Sidiroglou , K. G. Anagnostakis, Proximity breeds danger: emerging threats in metro-area wireless networks, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
	Jerry Cheng , Starsky H.Y. Wong , Hao Yang , Songwu Lu, SmartSiren: virus detection and alert for smartphones, Proceedings of the 5th international conference on Mobile systems, applications and services, June 11-13, 2007, San Juan, Puerto Rico
	Dominic Spill , Andrea Bittau, BlueSniff: eve meets alice and bluetooth, Proceedings of the first conference on First USENIX Workshop on Offensive Technologies, p.5-5, August 06, 2007, Boston, MA
	Karthik Channakeshava , Deepti Chafekar , Keith Bisset , V. S. Anil Kumar , Madhav Marathe, EpiNet: a simulation framework to study the spread of malware in wireless networks, Proceedings of the 2nd International Conference on Simulation Tools and Techniques, March 02-06, 2009, Rome, Italy
	Timothy J. Smith , Stefan Saroiu , Alec Wolman, BlueMonarch: a system for evaluating bluetooth applications in the wild, Proceedings of the 7th international conference on Mobile systems, applications, and services, June 22-25, 2009, Kraków, Poland