NORMA eResearch @NCI Library

Detection and Prevention of data transfer through Bluetooth by unauthorized devices on Android OS 8,9 & 10

John, Nash Jacob (2022) Detection and Prevention of data transfer through Bluetooth by unauthorized devices on Android OS 8,9 & 10. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (505kB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (330kB) | Preview

Abstract

Bluetooth is a device that is short-range and could be used to transfer data between devices and can also be used to create a local area network with other users. In our present world, we use Bluetooth to connect to the Internet of Things devices, which helps in the communication and transfer of data with ease. Bluetooth is a widely adopted technology due to benefits such as it uses very less battery consumption to send and receive data between devices and there is a very extensive range for this device compared to the previous version. However, one of the main problems is that it is vulnerable to certain attacks. One of these is remote code execution (CVE-2020-0022). Bluetooth has two versions one is called the classic Bluetooth and another one is called the Bluetooth low energy. As Bluetooth technology is being used by most smartphone users, there tends to be a serious remote code execution security flaw in android versions 8, 9, and 10. On this specific android OS version, an attacker could get access to the android device's root privilege by sending improper packet data. In this paper, we focus on Bluetooth zero-click RCE – BlueFrag attack, this is a type of attack in which the attacker can gain a reverse shell on android OS without the user’s permission, to prevent this attack we will be monitoring the packet and advertising signals sent and received by our device. This approach should help prevent the remote code execution attack on these devices. This security flaw was first discovered by the fuzzing technique using the tool called Frankenstein.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Ayala-Rivera, Vanessa
UNSPECIFIED
Uncontrolled Keywords: Bluetooth; Bluetooth low energy; advertising; packet; GATT
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunications > Computer networks
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 28 Apr 2023 15:39
Last Modified: 28 Apr 2023 15:39
URI: https://norma.ncirl.ie/id/eprint/6525

Actions (login required)

View Item View Item