Threat Category: Network Threats: Bluetooth
ID: LPN-8
Threat Description: Adversaries can execute a denial of service attack over a Bluetooth connection to render Bluetooth unusable and rapidly drain the device battery.
Threat Origin
Guide to Bluetooth Security (SP 800-121) 1
Exploit Examples
Studying Bluetooth Malware Propagation: The BlueBag Project 2
CVE Examples
Not Applicable
Possible Countermeasures
To limit opportunity for this threat, disable Bluetooth when that feature is not in use
To prevent this threat from being realized, operate Bluetooth on devices in a secure location away from windows and doors, to which an attacker is unlikely to have physical access.
To limit opporunity for this threat, protect devices with a case that blocks Bluetooth signals.
References
J. Padgette, K. Scarfone and L. Chen, Guide to Bluetooth Security, SP 800-121 rev. 1, National Institute of Standards and Technology, 2012; http://csrc.nist.gov/publications/nistpubs/800-121-rev1/sp800-121_rev1.pdf [accessed 8/24/2016] ↩
L. Carettoni, C. Merloni and S. Zanero, “Studying Bluetooth Malware Propagation: The BlueBag Project”, Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 17-25, 2007; http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=4140986 [accessed 8/24/2016] ↩