Cybersecurity Assessment of the Polar Bluetooth Low Energy Heart-Rate Sensor

  • S. SoderiEmail author
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 297)


Wireless communications among wearable and implantable devices implement the information exchange around the human body. Wireless body area network (WBAN) technology enables non-invasive applications in our daily lives. Wireless connected devices improve the quality of many services, and they make procedures easier. On the other hand, they open up large attack surfaces and introduces potential security vulnerabilities. Bluetooth low energy (BLE) is a low-power protocol widely used in wireless personal area networks (WPANs). This paper analyzes the security vulnerabilities of a BLE heart-rate sensor. By observing the received signal strength indicator (RSSI) variations, it is possible to detect anomalies in the BLE connection. The case-study shows that an attacker can easily intercept and manipulate the data transmitted between the mobile app and the BLE device. With this research, the author would raise awareness about the security of the heart-rate information that we can receive from our wireless body sensors.


Bluetooth BLE Security Sensor MitM Heart-rate WBAN Privacy 


  1. 1.
  2. 2.
    Apple iPhone SE - Technical Specifications.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
  7. 7.
  8. 8.
  9. 9.
  10. 10.
    BlueZ: An Official Linux Bluetooth protocol stack.
  11. 11.
    BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework.
  12. 12.
  13. 13.
    Polar Beat Free Fitness and Training App.
  14. 14.
    SysML Open Source Project - What is SysML?
  15. 15.
    IEEE Standard for Local and metropolitan area networks - Part 15.6: Wireless Body Area Networks, February 2012.
  16. 16.
    NIST 800–30. Guide for Conducting Risk Assessments Revision 1 (2012)Google Scholar
  17. 17.
  18. 18.
    Smart body area networks (smartban): system description, January 2018.
  19. 19.
    Cyr, B.S., Horn, W., Miao, D., Specter, M.: Security analysis of wearable fitness devices ( fitbit ) (2014).
  20. 20.
    Das, A.K., Pathak, P.H., Chuah, C.N., Mohapatra, P.: Uncovering privacy leakage in BLE network traffic of wearable fitness trackers. In: Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications, HotMobile 2016, pp. 99–104. ACM, New York (2016).
  21. 21.
    Filizzola, D., Fraser, S., Samsonau, N.: Security analysis of Bluetooth technology (2018).
  22. 22.
    Karani, R., Dhote, S., Khanduri, N., Srinivasan, A., Sawant, R., Gore, G., Joshi, J.: Implementation and design issues for using Bluetooth low energy in passive keyless entry systems. In: 2016 IEEE Annual India Conference (INDICON), pp. 1–6, December 2016.
  23. 23.
    Melamed, T.: An active man-in-the-middle attack on Bluetooth smart devices. Int. J. Saf. Secur. Eng. 8, 200–211 (2018). Scholar
  24. 24.
    Mucchi, L., Jayousi, S., Martinelli, A., Caputo, S., Marcocci, P.: An overview of security threats, solutions and challenges in WBANs for healthcare. In: 2019 13th International Symposium on Medical Information and Communication Technology (ISMICT), pp. 1–6, May 2019.
  25. 25.
    Partala, J., et al.: Security threats against the transmission chain of a medical health monitoring system. In: 2013 IEEE 15th International Conference on e-Health Networking, Applications Services (Healthcom), pp. 243–248, October 2013.
  26. 26.
    Pycroft, L., Aziz, T.Z.: Security of implantable medical devices with wireless connections: the dangers of cyber-attacks. Expert Rev. Med. Devices 15(6), 403–406 (2018). pMID: 29860880CrossRefGoogle Scholar
  27. 27.
    Scarfone, K.A., Padgette, J.: NIST SP 800–121. Guide to Bluetooth Security (2008)Google Scholar
  28. 28.
    Tosi, J., Taffoni, F., Santacatterina, M., Sannino, R., Formica, D.: Performance evaluation of bluetooth low energy: a systematic review. Sensors 17, 2898 (2017). Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  1. 1.FlorenceItaly

Personalised recommendations