Journal Home > Volume 28 , Issue 5
Tsinghua Science and Technology 2023, 28(5): 862-872 https://doi.org/10.26599/TST.2022.9010059
Open Access | Issue | Published: 19 May 2023

Bluetooth Low Energy Device Identification Based on Link Layer Broadcast Packet Fingerprinting

Show Author's Information Jinghui Zhang1 Xinyang Li1 Junhe Li2 Qiangsheng Dai3 Zhen Ling1 Ming Yang1( )
School of Computer Science and Engineering, Southeast University, Nanjing 211189, China
School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China
Research Institute, State Grid Jiangsu Electric Power Company Ltd., Nanjing 210024, China
Keywords:
link layer fingerprint, software-defined radio, Bluetooth Low Energy (BLE)
Cite this article:
Zhang J, Li X, Li J, et al. Bluetooth Low Energy Device Identification Based on Link Layer Broadcast Packet Fingerprinting. Tsinghua Science and Technology, 2023, 28(5): 862-872. https://doi.org/10.26599/TST.2022.9010059
Download citation
EndNote(RIS)
BibTeX

56

Views

15

Downloads

Citations

0

Crossref

0

WoS

0

Scopus

0

CSCD

Abstract Full text About this article

With the rapid development of the Internet of Things (IoT), wireless technology has become an indispensable part of modern computing platforms and embedded systems. Wireless device fingerprint identification is deemed as a promising solution towards enhancing the security of device access authentication and communication process in the IoT scenario. However, the extraction of features from the network layer and its upper layers often confront restrictions from specific devices: the association with a certain wireless network and the access to the plaintext of the payload. Meanwhile, Bluetooth Low Energy (BLE) packets have been encrypted above the link layer, which makes those features difficult to extract. To tackle these problems, we introduce a novel method to identify BLE devices based on the fingerprint features in the data link layer. Initially, the BLE packets are collected through a receiver based on software-defined radio technology. Then, fields that reflect device differences in BLE broadcast packets are extracted through traffic analysis. Finally, a MultiLayer Perceptron (MLP) model is employed to recognize the category of BLE devices. An experimental result on a dataset with 15 types of BLE devices shows that the identification accuracy of the proposed method can reach 99.8%, which accomplishes better performance over previous work.


menu
Abstract
Full text
Outline
About this article

Bluetooth Low Energy Device Identification Based on Link Layer Broadcast Packet Fingerprinting

Show Author's information Jinghui Zhang1Xinyang Li1Junhe Li2Qiangsheng Dai3Zhen Ling1Ming Yang1( )
School of Computer Science and Engineering, Southeast University, Nanjing 211189, China
School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China
Research Institute, State Grid Jiangsu Electric Power Company Ltd., Nanjing 210024, China

Abstract

With the rapid development of the Internet of Things (IoT), wireless technology has become an indispensable part of modern computing platforms and embedded systems. Wireless device fingerprint identification is deemed as a promising solution towards enhancing the security of device access authentication and communication process in the IoT scenario. However, the extraction of features from the network layer and its upper layers often confront restrictions from specific devices: the association with a certain wireless network and the access to the plaintext of the payload. Meanwhile, Bluetooth Low Energy (BLE) packets have been encrypted above the link layer, which makes those features difficult to extract. To tackle these problems, we introduce a novel method to identify BLE devices based on the fingerprint features in the data link layer. Initially, the BLE packets are collected through a receiver based on software-defined radio technology. Then, fields that reflect device differences in BLE broadcast packets are extracted through traffic analysis. Finally, a MultiLayer Perceptron (MLP) model is employed to recognize the category of BLE devices. An experimental result on a dataset with 15 types of BLE devices shows that the identification accuracy of the proposed method can reach 99.8%, which accomplishes better performance over previous work.

Keywords: link layer fingerprint, software-defined radio, Bluetooth Low Energy (BLE)

References(31)

[1]
IDC, Worldwide global DataSphere IoT device and data forecast, https://www.iotplaybook.com/tags/worldwide-global-datasphere-iot-device-and-data-forecast-2019-2023, 2019.
[2]
WiGLE, Statistics, https://wigle.net/stats, 2021.
[3]
J. Ren, J. Li, H. Liu, and T. Qin, Task offloading strategy with emergency handling and blockchain security in SDN-empowered and fog-assisted healthcare IoT, Tsinghua Science and Technology, vol. 27, no. 4, pp. 760–776, 2022.
DOI Google Scholar
[4]
P. Ma, B. Jiang, Z. Lu, N. Li, and Z. Jiang, Cybersecurity named entity recognition using bidirectional long short-term memory with conditional random fields, Tsinghua Science and Technology, vol. 26, no. 3, pp. 259–265, 2021.
DOI Google Scholar
[5]
M. H. Haghighat and J. Li, Intrusion detection system using voting-based neural network, Tsinghua Science and Technology, vol. 26, no. 4, pp. 484–495, 2021.
DOI Google Scholar
[6]
L. C. C. Desmond, C. C. Yuan, T. C. Pheng, and R. S. Lee, Identifying unique devices through wireless fingerprinting, in Proc. 1st ACM Conf. on Wireless Network Security, Alexandria, VA, USA, 2008, pp. 46–55.
DOI Google Scholar
[7]
C. L. Corbett, R. A. Beyah, and J. A. Copeland, Using active scanning to identify wireless NICs, in Proc. IEEE Information Assurance Workshop, West Point, NY, USA, 2006, pp. 239–246.
Google Scholar
[8]
J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, and J. Van Randwyk, Passive data link layer 802.11 wireless device driver fingerprinting, in Proc. 15th Conf. on USENIX Security Symp., Vancouver, Canada, 2006, p. 12.
Google Scholar
[9]
F. Guo and T. C. Chiueh, Sequence number-based MAC address spoof detection, in Proc. 8th Int. Workshop on Recent Advances in Intrusion Detection, Seattle, WA, USA, 2005, pp. 309–329.
DOI Google Scholar
[10]
S. Jana and S. K. Kasera, On fast and accurate detection of unauthorized wireless access points using clock skews, IEEE Trans. Mobile Comput., vol. 9, no. 3, pp. 449–462, 2010.
DOI Google Scholar
[11]
T. D. Vo-Huu, T. D. Vo-Huu, and G. Noubir, Fingerprinting Wi-Fi devices using software defined radios, in Proc. 9th ACM Conf. on Security & Privacy in Wireless and Mobile Networks, Darmstadt, Germany, 2016, pp. 3–14.
DOI
[12]
C. Arackaparambil, S. Bratus, A. Shubina, and D. Kotz, On the reliability of wireless fingerprinting using clock skews, in Proc. 3rd ACM Conf. on Wireless Network Security, Hoboken, NJ, USA, 2010, pp. 169–174.
DOI Google Scholar
[13]
C. L. Corbett, R. A. Beyah, and J. A. Copeland, Passive classification of wireless NICs during rate switching, EURASIP J. Wirel. Commun. Netw., vol. 2008, p. 495070, 2007.
DOI Google Scholar
[14]
S. Bratus, C. Cornelius, D. Kotz, and D. Peebles, Active behavioral fingerprinting of wireless devices, in Proc. 1st ACM Conf. on Wireless Network Security, Alexandria, VA, USA, 2008, pp. 56–61.
DOI Google Scholar
[15]
P. Robyns, B. Bonné, P. Quax, and W. Lamotte, Noncooperative 802.11 mac layer fingerprinting and tracking of mobile devices, Secur. Commun. Netw., vol. 2017, p. 6235484, 2017.
DOI Google Scholar
[16]
J. Huang, W. Albazrqaoe, and G. Xing, BlueID: A practical system for Bluetooth device identification, in Proc. IEEE Conf. on Computer Communications, Toronto, Canada, 2014, pp. 2849–2857.
DOI Google Scholar
[17]
H. Aksu, A. S. Uluagac, and E. S. Bentley, Identification of wearable devices with Bluetooth, IEEE Trans. Sustainable Comput., vol. 6, no. 2, pp. 221–230, 2021.
DOI Google Scholar
[18]
L. Peng, A. Hu, J. Zhang, Y. Jiang, J. Yu, and Y. Yan, Design of a hybrid RF fingerprint extraction and device classification scheme, IEEE Internet Things J., vol. 6, no. 1, pp. 349–360, 2019.
DOI Google Scholar
[19]
K. Merchant, S. Revay, G. Stantchev, and B. Nousain, Deep learning for RF device fingerprinting in cognitive communication networks, IEEE J. Sel. Top. Signal Process., vol. 12, no. 1, pp. 160–167, 2018.
DOI Google Scholar
[20]
T. J. Bihl, K. W. Bauer, and M. A. Temple, Feature selection for RF fingerprinting with multiple discriminant analysis and using ZigBee device emissions, IEEE Trans. Inf. Forensics Secur., vol. 11, no. 8, pp. 1862–1874, 2016.
DOI Google Scholar
[21]
P. Scanlon, I. O. Kennedy, and Y. Liu, Feature extraction approaches to RF fingerprinting for device identification in femtocells, Bell Labs Tech. J., vol. 15, no. 3, pp. 141–151, 2010.
DOI Google Scholar
[22]
C. Dubendorfer, B. Ramsey, and M. Temple, ZigBee device verification for securing industrial control and building automation systems, in Proc. 7th Int. Conf. on Critical Infrastructure Protection, Washington, DC, USA, 2013, pp. 47–62.
DOI Google Scholar
[23]
T. J. Bihl, K. W. Bauer, M. A. Temple, and B. Ramsey, Dimensional reduction analysis for Physical Layer device fingerprints with application to ZigBee and Z-Wave devices, in Proc. 2015 IEEE Military Communications Conf., Tampa, FL, USA, 2015, pp. 360–365.
DOI Google Scholar
[24]
O. Ureten and N. Serinken, Wireless security through RF fingerprinting, Can. J. Electr. Comput. Eng., vol. 32, no. 1, pp. 27–33, 2007.
DOI Google Scholar
[25]
Y. J. Yuan, Z. Huang, and Z. C. Sha, Specific emitter identification based on transient energy trajectory, Prog. Electromagn. Res. C, vol. 44, pp. 67–82, 2013.
DOI Google Scholar
[26]
B. Chatterjee, D. Das, S. Maity, and S. Sen, RF-PUF: Enhancing IoT security through authentication of wireless nodes using in-situ machine learning, IEEE Internet Things J., vol. 6, no. 1, pp. 388–398, 2019.
DOI Google Scholar
[27]
V. Brik, S. Banerjee, M. Gruteser, and S. Oh, Wireless device identification with radiometric signatures, in Proc. 14th ACM Int. Conf. on Mobile Computing and Networking, San Francisco, CA, USA, 2008, pp. 116–127.
DOI Google Scholar
[28]
IEEE 802.11-2016 IEEE standard for information technology–Telecommunications and information exchange between systems local and metropolitan area networks–Specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications, https://standards.ieee.org/ieee/802.11/5536/, 2022.
[29]
drtyhlpr, SDR Bluetooth LE dumper, https://github.com/drtyhlpr/ble_dump, 2016.
[30]
Bluetooth SIG, Bluetooth core specification, https://www.bluetooth.com/specifications/specs/core-specification-5-2/, 2019.
[31]
Bluetooth SIG, 16-bit UUID numbers document, https://www.bluetooth.com/specifications/assigned-numbers/, 2023.
Publication history
Copyright
Acknowledgements
Rights and permissions

Publication history

Received: 24 November 2022
Accepted: 10 December 2022
Published: 19 May 2023
Issue date: October 2023

Copyright

© The author(s) 2023.

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Nos. 61972085, 62072103, and 62232004), the Jiangsu Provincial Key R&D Program (Nos. BE2021729, BE2022680, and BE2022065-4), the Jiangsu Provincial Key Laboratory of Network and Information Security (No. BM2003201), the Key Laboratory of Computer Network and Information Integration of Ministry of Education of China (No. 93K-9), the Collaborative Innovation Center of Novel Software Technology and Industrialization, the Fundamental Research Funds for the Central Universities, the CCF-Baidu Open Fund (No. 2021PP15002000), and the Future Network Scientific Research Fund Project (No. FNSRFP-2021-YB-02).

Rights and permissions

The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/).

Return