AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
PDF (3.9 MB)
Submit Manuscript AI Chat Paper
Show Outline
Show full outline
Hide outline
Show full outline
Hide outline
Open Access

Bluetooth Low Energy Device Identification Based on Link Layer Broadcast Packet Fingerprinting

School of Computer Science and Engineering, Southeast University, Nanjing 211189, China
School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China
Research Institute, State Grid Jiangsu Electric Power Company Ltd., Nanjing 210024, China
Show Author Information


With the rapid development of the Internet of Things (IoT), wireless technology has become an indispensable part of modern computing platforms and embedded systems. Wireless device fingerprint identification is deemed as a promising solution towards enhancing the security of device access authentication and communication process in the IoT scenario. However, the extraction of features from the network layer and its upper layers often confront restrictions from specific devices: the association with a certain wireless network and the access to the plaintext of the payload. Meanwhile, Bluetooth Low Energy (BLE) packets have been encrypted above the link layer, which makes those features difficult to extract. To tackle these problems, we introduce a novel method to identify BLE devices based on the fingerprint features in the data link layer. Initially, the BLE packets are collected through a receiver based on software-defined radio technology. Then, fields that reflect device differences in BLE broadcast packets are extracted through traffic analysis. Finally, a MultiLayer Perceptron (MLP) model is employed to recognize the category of BLE devices. An experimental result on a dataset with 15 types of BLE devices shows that the identification accuracy of the proposed method can reach 99.8%, which accomplishes better performance over previous work.


IDC, Worldwide global DataSphere IoT device and data forecast,, 2019.
WiGLE, Statistics,, 2021.
J. Ren, J. Li, H. Liu, and T. Qin, Task offloading strategy with emergency handling and blockchain security in SDN-empowered and fog-assisted healthcare IoT, Tsinghua Science and Technology, vol. 27, no. 4, pp. 760–776, 2022.
P. Ma, B. Jiang, Z. Lu, N. Li, and Z. Jiang, Cybersecurity named entity recognition using bidirectional long short-term memory with conditional random fields, Tsinghua Science and Technology, vol. 26, no. 3, pp. 259–265, 2021.
M. H. Haghighat and J. Li, Intrusion detection system using voting-based neural network, Tsinghua Science and Technology, vol. 26, no. 4, pp. 484–495, 2021.
L. C. C. Desmond, C. C. Yuan, T. C. Pheng, and R. S. Lee, Identifying unique devices through wireless fingerprinting, in Proc. 1st ACM Conf. on Wireless Network Security, Alexandria, VA, USA, 2008, pp. 46–55.
C. L. Corbett, R. A. Beyah, and J. A. Copeland, Using active scanning to identify wireless NICs, in Proc. IEEE Information Assurance Workshop, West Point, NY, USA, 2006, pp. 239–246.
J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, and J. Van Randwyk, Passive data link layer 802.11 wireless device driver fingerprinting, in Proc. 15th Conf. on USENIX Security Symp., Vancouver, Canada, 2006, p. 12.
F. Guo and T. C. Chiueh, Sequence number-based MAC address spoof detection, in Proc. 8th Int. Workshop on Recent Advances in Intrusion Detection, Seattle, WA, USA, 2005, pp. 309–329.
S. Jana and S. K. Kasera, On fast and accurate detection of unauthorized wireless access points using clock skews, IEEE Trans. Mobile Comput., vol. 9, no. 3, pp. 449–462, 2010.
T. D. Vo-Huu, T. D. Vo-Huu, and G. Noubir, Fingerprinting Wi-Fi devices using software defined radios, in Proc. 9th ACM Conf. on Security & Privacy in Wireless and Mobile Networks, Darmstadt, Germany, 2016, pp. 3–14.
C. Arackaparambil, S. Bratus, A. Shubina, and D. Kotz, On the reliability of wireless fingerprinting using clock skews, in Proc. 3rd ACM Conf. on Wireless Network Security, Hoboken, NJ, USA, 2010, pp. 169–174.
C. L. Corbett, R. A. Beyah, and J. A. Copeland, Passive classification of wireless NICs during rate switching, EURASIP J. Wirel. Commun. Netw., vol. 2008, p. 495070, 2007.
S. Bratus, C. Cornelius, D. Kotz, and D. Peebles, Active behavioral fingerprinting of wireless devices, in Proc. 1st ACM Conf. on Wireless Network Security, Alexandria, VA, USA, 2008, pp. 56–61.
P. Robyns, B. Bonné, P. Quax, and W. Lamotte, Noncooperative 802.11 mac layer fingerprinting and tracking of mobile devices, Secur. Commun. Netw., vol. 2017, p. 6235484, 2017.
J. Huang, W. Albazrqaoe, and G. Xing, BlueID: A practical system for Bluetooth device identification, in Proc. IEEE Conf. on Computer Communications, Toronto, Canada, 2014, pp. 2849–2857.
H. Aksu, A. S. Uluagac, and E. S. Bentley, Identification of wearable devices with Bluetooth, IEEE Trans. Sustainable Comput., vol. 6, no. 2, pp. 221–230, 2021.
L. Peng, A. Hu, J. Zhang, Y. Jiang, J. Yu, and Y. Yan, Design of a hybrid RF fingerprint extraction and device classification scheme, IEEE Internet Things J., vol. 6, no. 1, pp. 349–360, 2019.
K. Merchant, S. Revay, G. Stantchev, and B. Nousain, Deep learning for RF device fingerprinting in cognitive communication networks, IEEE J. Sel. Top. Signal Process., vol. 12, no. 1, pp. 160–167, 2018.
T. J. Bihl, K. W. Bauer, and M. A. Temple, Feature selection for RF fingerprinting with multiple discriminant analysis and using ZigBee device emissions, IEEE Trans. Inf. Forensics Secur., vol. 11, no. 8, pp. 1862–1874, 2016.
P. Scanlon, I. O. Kennedy, and Y. Liu, Feature extraction approaches to RF fingerprinting for device identification in femtocells, Bell Labs Tech. J., vol. 15, no. 3, pp. 141–151, 2010.
C. Dubendorfer, B. Ramsey, and M. Temple, ZigBee device verification for securing industrial control and building automation systems, in Proc. 7th Int. Conf. on Critical Infrastructure Protection, Washington, DC, USA, 2013, pp. 47–62.
T. J. Bihl, K. W. Bauer, M. A. Temple, and B. Ramsey, Dimensional reduction analysis for Physical Layer device fingerprints with application to ZigBee and Z-Wave devices, in Proc. 2015 IEEE Military Communications Conf., Tampa, FL, USA, 2015, pp. 360–365.
O. Ureten and N. Serinken, Wireless security through RF fingerprinting, Can. J. Electr. Comput. Eng., vol. 32, no. 1, pp. 27–33, 2007.
Y. J. Yuan, Z. Huang, and Z. C. Sha, Specific emitter identification based on transient energy trajectory, Prog. Electromagn. Res. C, vol. 44, pp. 67–82, 2013.
B. Chatterjee, D. Das, S. Maity, and S. Sen, RF-PUF: Enhancing IoT security through authentication of wireless nodes using in-situ machine learning, IEEE Internet Things J., vol. 6, no. 1, pp. 388–398, 2019.
V. Brik, S. Banerjee, M. Gruteser, and S. Oh, Wireless device identification with radiometric signatures, in Proc. 14th ACM Int. Conf. on Mobile Computing and Networking, San Francisco, CA, USA, 2008, pp. 116–127.
IEEE 802.11-2016 IEEE standard for information technology–Telecommunications and information exchange between systems local and metropolitan area networks–Specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications,, 2022.
drtyhlpr, SDR Bluetooth LE dumper,, 2016.
Bluetooth SIG, Bluetooth core specification,, 2019.
Bluetooth SIG, 16-bit UUID numbers document,, 2023.
Tsinghua Science and Technology
Pages 862-872
Cite this article:
Zhang J, Li X, Li J, et al. Bluetooth Low Energy Device Identification Based on Link Layer Broadcast Packet Fingerprinting. Tsinghua Science and Technology, 2023, 28(5): 862-872.








Web of Science






Received: 24 November 2022
Accepted: 10 December 2022
Published: 19 May 2023
© The author(s) 2023.

The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (