Abstract | ||
---|---|---|
Bluetooth is among the dominant standards for wireless short-range communication with multi-billion Bluetooth devices shipped each year. Basic Bluetooth analysis inside consumer hardware such as smartphones can be accomplished observing the Host Controller Interface (HCI) between the operating system's driver and the Bluetooth chip. However, the HCI does not provide insights to tasks running inside a Bluetooth chip or Link Layer (LL) packets exchanged over the air. As of today, consumer hardware internal behavior can only be observed with external, and often expensive tools, that need to be present during initial device pairing. In this paper, we leverage standard smartphones for on-device Bluetooth analysis and reverse engineer a diagnostic protocol that resides inside Broadcom chips. Diagnostic features include sniffing lower layers such as LL for Classic Bluetooth and Bluetooth Low Energy (BLE), transmission and reception statistics, test mode, and memory peek and poke.
|
Year | DOI | Venue |
---|---|---|
2019 | 10.1145/3317549.3319727 | Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks |
Field | DocType | ISBN |
Wireless,Computer science,Reverse engineering,Network packet,Computer network,Chip,Link layer,PEEK and POKE,Bluetooth,Host controller interface,Embedded system | Conference | 978-1-4503-6726-4 |
Citations | PageRank | References |
2 | 0.42 | 0 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jiska Classen | 1 | 33 | 9.10 |
Matthias Hollick | 2 | 750 | 97.29 |