Chapter

Critical Infrastructure Protection

Volume 253 of the series IFIP International Federation for Information Processing pp 281-293

Detecting Non-Discoverable Bluetooth Devices

  • Daniel CrossAffiliated withInformation Security Institute, Hopkins University
  • , Justin HoeckleAffiliated withInformation Security Institute, Hopkins University
  • , Michael LavineAffiliated withInformation Security Institute, Hopkins University
  • , Jason RubinAffiliated withInformation Security Institute, Hopkins University
  • , Kevin SnowAffiliated withInformation Security Institute, Hopkins University

Mobile communication technologies such as Bluetooth are becoming ubiquitous, but they must provide satisfactory levels of security and privacy. Concerns about Bluetooth device security have led the specification of the “non-discoverable” mode, which prevents devices from being listed during a Bluetooth device search process. However, a nondiscoverable Bluetooth device is visible to devices that know its address or can discover its address. This paper discusses the detection of non-discoverable Bluetooth devices using an enhanced brute force search attack. Our results indicate that the average time to attack a non-discoverable Bluetooth device using multiple search devices and condensed packet timing can be reduced to well under 24 hours.

Keywords: Bluetooth security, device discovery, non-discoverable mode