Managing Cybersecurity Break-ins Using Bluetooth Low Energy Devices to Verify Attackers: A Practical Study

Wong, Kenneth C. K.; Hunter, Aaron

doi:10.1007/978-3-030-25109-3_11

Managing Cybersecurity Break-ins Using Bluetooth Low Energy Devices to Verify Attackers: A Practical Study

Kenneth C. K. Wong¹⁰ &
Aaron Hunter¹⁰

Conference paper
First Online: 05 July 2019

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 977))

Abstract

We present a novel solution in tracking the behaviour of an attacker and limiting their ability to compromise a cybersecurity system. The solution is based on combining a decoy with a real system, in which a BLE controller will be embedded in the middle of the system, thereby acting like a fob that opens and closes the access of the server’s BLE. If the first server wants to communicate with the second server, the BLE must be activated by the BLE controller in order for both servers to communicate with one another. This is a relatively low-cost solution and our aim is to lower the interruption to the live system, capture the attacker’s position, and limit the damages the attacker can do to a live system. A second related goal is to lower the attacker’s opportunity to detect that they are being monitored. A third goal is to gather evidence of the attacker’s actions that can be used for further investigation. This work is significant in that it is implemented within a real physical system for testing and evaluation using Raspberry PI and Arduino boards to replicate servers that communicate wirelessly. Adding a specifically-designed Encryption Block Cycle Cipher can protect legitimate users and redirect attackers to a honeypot system. Several custom programs were written from scratch to monitor the attacker’s behaviour and Bluetooth Low Energy is enlisted to verify users. When the device was disassembled, all of the Raspberry PI, which run the Linux servers, were discontinued and unable to communicate with other devices.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Brown, A., Andel, T.: What’s in your honeypot? In: The 11th International Conference on Cyber Warfare and Security, Boston, USA, pp. 370–377 (2016)
Google Scholar
Cho, K., et al.: Analysis of latency performance of Bluetooth Energy (BLE) networks. Nat. Cent. Biotechnol. Inform. 15(1), 59–78 (2015)
Google Scholar
Fawaz, K.: Protecting privacy of BLE device users. In: The 25th USNIX Security Symposium, Austin, USA, pp. 1205–1221 (2016)
Google Scholar
Gogic, A., Mujcic, A., Ibric, S., Suljanovic, N.: Performance analysis of Bluetooth low energy mesh routing algorithms in case of disaster prediction. Int. J. Comput. Electr. Autom. Control Inform. Eng. 10(6), 929–935 (2016). World Academy of Science, Engineering and Technology
Google Scholar
Hiller, J., Russell, R.: Modalities for cyber security and privacy resilience: the NIST approach. Int. J. Disaster Risk Reduct. 10, 213–215 (2015)
Google Scholar
Hunter, A., Wong, K.: Decoy systems with low energy Bluetooth communication. In: Proceedings of the 4th International Conference on Information Security and Privacy (ICISSP), Madeira, Portugal, pp. 404–409 (2018)
Google Scholar
Lazar, D., Chen, H., Wang, X., Zeldovich, N.: Why does crypto-graphic software fail? A case study and open problems. In: The 5th Asia-Pacific Workshop on Systems, New York, USA, pp. 1–7 (2014)
Google Scholar
Nam, J., Choo, K-K.R., Paik, J., Won, D.: Two-round password-only authenticated key exchange in the three party setting. In: Multidisciplinary Digital Publishing Institute (MDPI), pp. 393–396 (2014)
Google Scholar
Rutherford, J., White, G.: Using as improved cybersecurity kill chain to develop an improved honey community. In: 49th Hawaii International Conference on System Science, pp. 2624–2632 (2016)
Google Scholar
Kapoor, V., Yadav, R.: A hybrid cryptography technique to support cyber security infrastructure. Int. J. Adv. Res. Comput. Eng. Technol. 4(11), 3995–4002 (2015)
Google Scholar

Download references

Author information

Authors and Affiliations

British Columbia Institute of Technology, Burnaby, Canada
Kenneth C. K. Wong & Aaron Hunter

Authors

Kenneth C. K. Wong
View author publications
You can also search for this author in PubMed Google Scholar
Aaron Hunter
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aaron Hunter .

Editor information

Editors and Affiliations

IIT-CNR, Pisa, Italy
Paolo Mori
Plymouth University, Plymouth, UK
Steven Furnell
MODESTE/ESEO, Angers Cedex 02, France
Olivier Camp

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wong, K.C.K., Hunter, A. (2019). Managing Cybersecurity Break-ins Using Bluetooth Low Energy Devices to Verify Attackers: A Practical Study. In: Mori, P., Furnell, S., Camp, O. (eds) Information Systems Security and Privacy. ICISSP 2018. Communications in Computer and Information Science, vol 977. Springer, Cham. https://doi.org/10.1007/978-3-030-25109-3_11

Download citation

DOI: https://doi.org/10.1007/978-3-030-25109-3_11
Published: 05 July 2019
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25108-6
Online ISBN: 978-3-030-25109-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics