| HAL-Inria | Publications, software ... of Inria's scientists |
Fingerprinting Bluetooth-Low-Energy Devices Based on the Generic Attribute Profile
Abstract : Bluetooth Low Energy (BLE) is a short range wireless technology included in many consumer devices such as smartphones, earphones and wristbands. As part of the Attribute (ATT) protocol, discover-able BLE devices expose a data structure called Generic Attribute (GATT) profile that describes supported features using concepts of services and characteristics. This profile can be accessed by any device in range and can expose users to privacy issues. In this paper, we discuss how the GATT profile can be used to create a fingerprint that can be exploited to circumvent anti-tracking features of the BLE standard (i.e. MAC address randomization). Leveraging a dataset of more than 13000 profiles, we analyze the potential of this fingerprint and show that it can be used to uniquely identify a number of devices. We also shed light on several issues where GATT profiles can be mined to infer sensitive information that can impact privacy of users. Finally, we suggest solutions to mitigate those issues.
Cited literature [28 references]
https://hal.inria.fr/hal-02359914
Contributor : Mathieu Cunche <>
Submitted on : Monday, December 16, 2019 - 9:09:39 AM
Last modification on : Monday, December 16, 2019 - 9:55:13 AM
Document(s) archivé(s) le : Tuesday, March 17, 2020 - 3:36:52 PM
Contributor : Mathieu Cunche <>
Submitted on : Monday, December 16, 2019 - 9:09:39 AM
Last modification on : Monday, December 16, 2019 - 9:55:13 AM
Document(s) archivé(s) le : Tuesday, March 17, 2020 - 3:36:52 PM
File
paper.pdf
Files produced by the author(s)