Threat Intelligence for Bluetooth-Enabled Systems with Automotive Applications: An Empirical Study

Madeline Cheah, Jeremy Bryans, Daniel S. Fowler, Siraj Ahmed Shaikh

Research output: Chapter in Book/Report/Conference proceedingConference proceeding

1 Citation (Scopus)

Abstract

Modern vehicles are opening up, with wireless interfaces such as Bluetooth integrated in order to enable comfort and safety features. Furthermore a plethora of aftermarket devices introduce additional connectivity which contributes to the driving experience. This connectivity opens the vehicle to potentially malicious attacks, which could have negative consequences with regards to safety. In this paper, we survey vehicles with Bluetooth connectivity from a threat intelligence perspective to gain insight into conditions during real world driving. We do this in two ways: Firstly, by examining Bluetooth implementation in vehicles and gathering information from inside the cabin, and secondly, using war-nibbling (general monitoring and scanning for nearby devices). We find that as the vehicle age decreases, the security (relatively speaking) of the Bluetooth implementation increases, but that there is still some technological lag with regards to Bluetooth implementation in vehicles. We also find that a large proportion of vehicles and aftermarket devices still use legacy pairing (and are therefore more insecure), and that these vehicles remain visible for sufficient time to mount an attack (assuming some premeditation and preparation). We demonstrate a real-world threat scenario as an example of the latter. Finally, we provide some recommendations on how the security risks we discover could be mitigated.

Original languageEnglish
Title of host publication2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W)
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages36-43
Number of pages8
ISBN (Electronic)978-1-5386-2272-8, 978-1-5386-2271-1
ISBN (Print)978-1-5386-2273-5
DOIs
Publication statusPublished - 30 Aug 2017
Event47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops - Denver, United States
Duration: 26 Jun 201729 Jun 2017

Conference

Conference47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops
Abbreviated titleDSN-W 2017
CountryUnited States
CityDenver
Period26/06/1729/06/17

Keywords

  • automotive
  • Bluetooth
  • cybersecurity
  • infotainment

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Threat Intelligence for Bluetooth-Enabled Systems with Automotive Applications: An Empirical Study'. Together they form a unique fingerprint.

  • Cite this

    Cheah, M., Bryans, J., Fowler, D. S., & Shaikh, S. A. (2017). Threat Intelligence for Bluetooth-Enabled Systems with Automotive Applications: An Empirical Study. In 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W) (pp. 36-43). [8023695] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSN-W.2017.22