RSSI-Based Fingerprinting of Bluetooth Low Energy Devices

Guillaume Gagnon; Sébastien Gambs; Mathieu Cunche

doi:10.5220/0012139600003555

RSSI-Based Fingerprinting of Bluetooth Low Energy Devices

Guillaume Gagnon, Sébastien Gambs, Mathieu Cunche

2023

Abstract

To prevent tracking, the Bluetooth Low Energy protocol integrates privacy mechanisms such as address randomization. However, as highlighted by previous researches address randomization is not a silver bullet and can be circumvented by exploiting other types of information disclosed by the protocol such as counters or timing. In this work, we propose a novel attack to break address randomization in BLE exploiting side information that has not been considered before: Received Signal Strength Indication (RSSI). More precisely, we demonstrate how RSSI measurements, extracted from received BLE advertising packets, can be used to link together the traces emitted by the same device or re-identify it despite address randomization. The proposed attack leverages the distribution of RSSI to create a fingerprint of devices. An empirical evaluation of the attack on various scenarios demonstrate its effectiveness. For instance in the static context, in which devices remain at the same position, the proposed approach yields a re-identification accuracy of up to 99%, which can even be boosted by increasing the number of receivers controlled by the adversary.

Download

Paper Citation

in Harvard Style

Gagnon G., Gambs S. and Cunche M. (2023). RSSI-Based Fingerprinting of Bluetooth Low Energy Devices. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 242-253. DOI: 10.5220/0012139600003555

in Bibtex Style

@conference{secrypt23,
author={Guillaume Gagnon and Sébastien Gambs and Mathieu Cunche},
title={RSSI-Based Fingerprinting of Bluetooth Low Energy Devices},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={242-253},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012139600003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - RSSI-Based Fingerprinting of Bluetooth Low Energy Devices
SN - 978-989-758-666-8
AU - Gagnon G.
AU - Gambs S.
AU - Cunche M.
PY - 2023
SP - 242
EP - 253
DO - 10.5220/0012139600003555
PB - SciTePress