A Preliminary Investigation of Worm Infections in a Bluetooth Environment PAPER REVIEW ANISH DUTTA- 50133679 RAGAVENDRAN SRINIVASAN-50134639 SABAREESWAR.

Slides:

Advertisements

Similar presentations

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

Advertisements

N ETWORK S YSTEMS 3.02 U NDERSTAND C ONNECTIVITY THROUGH NETWORKS AND THE I NTERNET.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Thank you to IT Training at Indiana University Computer Malware.

Modeling Malware Spreading Dynamics Michele Garetto (Politecnico di Torino – Italy) Weibo Gong (University of Massachusetts – Amherst – MA) Don Towsley.

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Transmission technology William Kemp. Infrared Infrared data travels in shorter (near infrared waves). These waves enable data to be sent and receive.

Threats To A Computer Network

Bluetooth Technology. What is Bluetooth? Bluetooth is a short- range communications technology that allows devices to communicate with each other without.

Communications and Networks

2002 Honours Research Project A Supporting System for The CSSE Video Wall A Supporting System for The CSSE Video Wall Monash University By Shing Kay Pan.

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

Wireless Security.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless & Network Security Lecture 10:

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

McGraw-Hill/Irwin Copyright © 2008 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 9 Communications and Networks.

Sujeeth Narayan1 Smartphones Security CS 691 Sujeeth Narayan.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

A Study on Mobile P2P Systems Hongyu Li. Outline  Introduction  Characteristics of P2P  Architecture  Mobile P2P Applications  Conclusion.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.

Prepared by:-Nirmal Dhruvi

PERSONALLY CUSTOMIZABLE GROUP NAVIGATION SYSTEM USING CELLULAR PHONES AND WIRELESS AD-HOC COMMUNICATION Yoshitaka Nakamura, Guiquan Ren, Masatoshi Nakamura,

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

THREATS TO MOBILE NETWORK SECURITY

Unit 2 - Hardware Computer Security.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

“Security Weakness in Bluetooth” M.Jakobsson, S.Wetzel LNCS 2020, 2001 The introduction of new technology and functionality can provides its users with.

Bluetooth By Richard B. Heisler, Jr. Villanova University Distributed Systems CSC 8530 Fall 2006 Instructor - Dr. Paul A. Schragger.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

INTRODUCTION Bluetooth technology is code name for Personal Area Network (PAN) technology that makes it extremely easy to connect a mobile, computing device.

Bluetooth Presented by Venkateshwar R Gotur CMPT

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.

© 2009 Research In Motion Limited Advanced Java Application Development for the BlackBerry Smartphone Trainer name Date.

1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.

1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.

Types of Electronic Infection

Doc.: IEEE /033r2 Submission July 1999 Simon Baatz, University of BonnSlide 1 Integration of Bluetooth into LAN Environments Simon Baatz, Matthias.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Bluetooth Techniques Chapter 15. Overview of Bluetooth Initially developed by Swedish mobile phone maker in 1994 to let laptop computers make calls over.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

발표자 : 현근수 Bluetooth. Overview wireless protocol short-range communications technology single digital wireless protocol connecting multiple devices mobile.

Topic 5: Basic Security.

Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005.

Wireless Security. Traditional method A computer with network card a cable connecting network card and the network.

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

Network Components By Kagan Strayer. Network Components This presentation will cover various network components and their functions. The components that.

NETWORK SECURITY Definitions and Preventions Toby Wilson.

Communications and Collaboration. Exploring communication methods People with whom you are corresponding and the topic of the correspondence determine.

Communication Methods

Chapter 9 Communications and Networks McGraw-Hill/Irwin Copyright © 2008 by The McGraw-Hill Companies, Inc. All rights reserved.

Automated Data Capture Technologies O It is often necessary or convenient to capture data automatically, for example the delivery of a package by an Cable.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Virus Infections By: Lindsay Bowser. Introduction b What is a “virus”? b Brief history of viruses b Different types of infections b How they spread b.

Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

ICT Unit 4: Network and the effects of using them

Network System Security - Task 2. Russell Johnston.

Chapter 40 Internet Security.

CYBER SECURITY...

Bluetooth History and Uses.

Introduction to Wireless Technology

Malware, Phishing and Network Policies

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Introduction to Internet Worm

Presentation transcript:

A Preliminary Investigation of Worm Infections in a Bluetooth Environment PAPER REVIEW ANISH DUTTA RAGAVENDRAN SRINIVASAN SABAREESWAR GOWRI SHANKAR

Bluetooth- A Short Intro: One of the most popular Wireless Protocols in the recent years Communication Protocol for low-power, wireless devices- Operates in the Unlicensed Band: 2.4 GHz Range: In Theory- 100m, In Practice meters. Discoverable Option in Bluetooth- (Inquiry message) Supports two Link Layer Connections: 1.Synchronous Connection Oriented Link (SCO) 2.Asynchronous Communication Link (ACL)

Bluetooth- A Short Intro: Security Features? Uses Cryptographic Protocols creating a shared Key. This Key is used to encrypt all the exchanging data. Same Key also used in subsequent reconnection- No Re-Authentication necessary! Above process known as Pairing. Uses Per connection Unique PIN- a digit that ranges from 4 to 7 digits.

WORMS in Security Context? Standalone Malware Programs Replicates itself in order to spread to other Systems Different from Computer Virus- How? Unlike Virus it does not need to attach itself to an existing Computer Program Main aim of a virus is to corrupt a file where as main aim of a worm is to damage the network. WORMS heavily relies on Security Loop Holes!

BLUETOOTH Worms any different? Yes!!! Typically when compared to Internet and MANET Worms. Internet worm likely infects a PC that has access to fast bandwidth rich Internet Connection- Once infected the worm can infect any other host in the internet. Bluetooth worm infects a different class of devices: Mobile Power-constrained with Bluetooth Radios. Unlike Internet worms, Bluetooth worms thrive on the vulnerability of the device, how the device moves, interacts and responds. Also when we compare them to MANET worm- in the first glance looks similar, but on careful observation the differences are evident. MANET has nodes that participates in multihop communication! An infected node can cause other nodes in the hop route to be infected unlike Bluetooth where the propagation of one node to another node is slow.

BLUETOOTH ATTACKS- Vulnerabilities Protocol Complexity Cryptographic Vulnerabilities Social Engineering Based Attacks Software Vulnerabilities

Feasibility of a Bluetooth Worm Few questions we should ask so as to know if a large scale Bluetooth worm attack is possible and if so how much damage can be done through such outbreaks? 1. Are discoverable Bluetooth –enabled devices prevalent today? 2. How Heterogeneous is the population of devices? 3. Are typical inter-device contact durations long enough to allow a worm to replicate it? 4. Can a worm replicate between two devices moving in opposite directions at human walking speeds?

Experiments Answered our doubts! Discoverable Bluetooth devices are prevalent today. The Population of Devices is Homogeneous Contact Durations are long enough for a Worm to Replicate Worms can replicate between Devices moving in Opposite Directions

Understanding the Bluetooth Worm Propagation To understand it, a simulation set up was created the data gathered from which proved to be very useful in reaching important conclusions. The simulation captured various important factors such as: Factors for worm infection Number of initial devices infected. Total size of the device population. Fraction of vulnerable devices. Time of the day when the infection occurs. A preliminary model has been created that approximated the behavior of a large device population. This was used as a reference for the Bluetooth worm simulation.

How quickly does a Bluetooth Worm Infects? The simulation model tried to find out how quickly a worm infects vulnerable node- in a population of 10,000 devices. Experiments conducted All devices are Vulnerable Only 25% of the devices are Vulnerable

Whether the Initial number of Infection seeds affects the worm propagation It was found that more seeds make the worm propagate faster. Although the infection speed up rate was modest Conclusion: The number of initial seeds does not strongly affect the worm spread

Whether the Initial time of Outbreak affects the Worm propagation? Potentially all devices are vulnerable. It was found that a worm’s infection rate is initially slow if the outbreak occurs during off-peak hours. Most of the devices are more vulnerable in the night time. Also it was found that the worm spread became slower in weekends and Holidays.

SUMMARIZING the obtained results: 1.Bluetooth worms were found to spread more quickly only in few specific days. If all the devices are Vulnerable nearly 90% of the devices get affected within 24 hours. 2.The rate of spreading of the Bluetooth worms is directly proportional to the number of initial seeds present. 3.Bluetooth worm spreads more quickly during the day than in night.

Common Bluetooth Attacks: Bluejacking: An e-contact is sent by the attacker which when downloaded gives the attacker the permission to access the victims contact book. It is a known Bluetooth spam. Car Whisperer: It’s a software that lets attacker use the car stereo to eavesdrop on our ongoing call. Bluebugging: The most dangerous of all, allows user to access the victim's phone resources and use its features including calling, forwarding incoming calls, sending texts etc. without even the victim getting to know.

What Can be done to improve the Bluetooth security features? As the Bluetooth protocol is complex, it faces already a large set of known security attacks that should be closely monitored and studied. The devices should be kept in Non-discoverable mode when not in use. This is a very useful countermeasure. The Bluetooth should be turned off when not in use. This is a good practice as it prevents any worm to attack the device.

What Can be done to improve the Bluetooth security features? (cont.) Starting a Bluetooth worm attack is easy. Hence more effort should be put to make file exchange cryptographically stronger. The Bluetooth PIN that is used while exchanging information is relatively easy to break. This should be replaced with algorithm with a better sense of confusion, diffusion and linear complexity so as to confuse the attacker. In places such as daily work place, schools, airports etc. where the density of Bluetooth devices are high, a monitoring system can be installed that can warn or prevent the outbreaks of such attacks.

What Can be done to improve the Bluetooth security features? (cont.) Bluetooth attacks thrive on exploiting the permission request/grant process that form the backbone of Bluetooth connectivity. Regardless of the security features on the device, the best possible way to prevent such attacks is to power off the Bluetooth radio whenever not in use.

References 1.A Preliminary Investigation of Worm Infections in a Bluetooth Environment. Department of Computer Science, University of Toronto, Department of Electrical and Computer Engineering, University of Toronto Wikipedia