SweynTooth - Unleashing Mayhem over Bluetooth Low Energy
Offered By: USENIX via YouTube
Course Description
Overview
Explore the vulnerabilities in Bluetooth Low Energy (BLE) protocol implementations through this 25-minute conference talk from USENIX ATC '20. Dive into the SweynTooth framework, a systematic and comprehensive testing approach developed to fuzz BLE protocol implementations effectively. Learn about the state machine model incorporated in the framework, the fuzzing process, and how it exposes anomalies in BLE devices. Discover the impact of this research, which led to the discovery of 11 new vulnerabilities and 13 new CVE IDs across 12 devices from eight vendors and four IoT products. Gain insights into BLE security testing, fuzzing techniques, and the importance of protocol compliance in IoT devices.
Syllabus
Sweyn Tooth: Unleashing Mayhem over Bluetooth Low Energy
Why the Mayhem?
A look into Bluetooth flavours - Past Vulnerabilities
Bluetooth Low Energy Overview Can we test BLE security ourselves with off the shelve hardware?
Testing Security by Fuzzing Is it possible to apply fuzzing to lower-level over the air communication?
Introducing a non-compliant controller implementation! Setup
Fuzzer Arquitecture Overview Peripheral Smart Home
Fuzzing BLE Layers - Fields mutation
Fuzzing BLE Layers - Out of order sequences
Validation Strategy - Exemplified
Optimization
Evaluation - Setup
Evaluation - Comparison
Impact - Non-compliance in the wild!
Conclusion
Thank you Questions?
Taught by
USENIX
Related Courses
Bluetooth Low Energy (BLE) From Ground Up™Udemy Building More Reliable Bluetooth LE Products With Memfault
Nordic Semiconductor via YouTube Getting Started with ANT for NRF Connect SDK
Nordic Semiconductor via YouTube Introducing ANT Support to the NRF5340 SoC and NRF Connect SDK
Nordic Semiconductor via YouTube Introduction to the NRF21540 RF FEM for Range Extension
Nordic Semiconductor via YouTube