IoT devices used in smart homes are equipped with lightweight communication protocols, e.g., Bluetooth Low Energy (BLE), to support interaction with their users in an energy-efficient manner. However, due to their very limited I/O capabilities, on one hand, BLE devices are vulnerable to attacks including illegal device access and inference of sensitive information; on the other hand, their users are prone to spoofing attacks through which an attacker can feed malicious data to the user’s device (e.g., a smartphone). Defending against such attacks in the real world is extremely difficult, given the fact that BLE devices are manufactured by thousands of vendors and developers with little remote update support. To tackle these challenges, we analyze the BLE protocol and discover new attack surfaces. We also develop device-agnostic defense mechanisms for protecting the BLE networks.
You can watch the following demonstration of one of our research works in this project. This work has been presented at Usenix Workshop on Offensive Technologies (WOOT), 2020.