A Bluetooth file transfer filtering mechanism based on BlueZ′s Bluetooth implementation

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：52

、訪客IP：3.145.84.96

姓名

賴易文(YI-WEN LAI) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

(A Bluetooth file transfer filtering mechanism based on BlueZ′s Bluetooth implementation)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2028-6-30以後開放)

摘要(中)

近年來，物聯網（IoT）裝置大量增加，而藍牙技術在 IoT 裝置
間進行傳輸上至關重要。然而這些藍牙裝置的數量和密度的增長也帶
來了嚴重問題－藍牙蠕蟲。它對藍牙裝置安全構成了嚴重威脅。在本
論文中，我們提出了一種新的方法－Bluetooth OBEX Proxy (BOP)，
能有效地過濾通過 BlueZ 中 OBEX 系統服務所傳輸到裝置上的惡意
檔案。

摘要(英)

In recent years, there has been a significant surge in the proliferation
of active Internet of Things (IoT) devices. Bluetooth technology plays a
crucial role in facilitating seamless data transfer among these IoT devices.
However, the exponential growth in the quantity and density of these
devices has also led to the emergence of a grave concern known as
Bluetooth-worm, which poses a serious threat. In this thesis, we present a
novel approach in the form of a service proxy called BOP that effectively
filters out malicious files that are transferred onto the device via BlueZ′s
implementation of the OBEX service daemon.

關鍵字(中)

★ 藍牙
★ 藍牙蠕蟲
★ 代理
★ 行程間通訊
★ 過濾

關鍵字(英)

★ Bluetooth
★ Bluetooth-worm
★ D-Bus
★ Proxy
★ IPC
★ Filter
★ BlueZ

論文目次

中文摘要..................................................................................................... i
Abstract...................................................................................................... ii
Index ......................................................................................................... iii
Figure Index................................................................................................v
Table Index ............................................................................................... vi
Chapter 1 Introduction and Background ..................................................1
1.1 Bluetooth Worm........................................................................................................ 5
1.2 BlueZ.......................................................................................................................... 6
bluetoothd......................................................................................................................... 7
1.3 Systemd ..................................................................................................................... 9
Service Unit...................................................................................................................... 10
Socket Unit ...................................................................................................................... 11
1.4 D-Bus ....................................................................................................................... 13
Bus Name......................................................................................................................... 14
Object and Interface........................................................................................................ 14
Message........................................................................................................................... 15
D-Bus Service................................................................................................................... 16
1.5 OBEX and Object Push Profile ................................................................................. 17
Chapter 2 System Structures...................................................................21
2.1 Design Goals............................................................................................................ 21
2.2 Design Principles...................................................................................................... 22
2.3 Bluetooth OBEX Proxy (BOP)................................................................................... 23
Asynchronous Message Handling.................................................................................... 23
Message Redirection ....................................................................................................... 24
Object Creation................................................................................................................ 25
Filter Mechanism............................................................................................................. 25
iv
Custom Systemd Service and D-Bus Service.................................................................... 26
Chapter 3 Evaluation ..............................................................................28
3.1 Setup........................................................................................................................ 28
3.2 Functional Testing ................................................................................................... 29
3.3 Accuracy .................................................................................................................. 32
3.4 Performance............................................................................................................ 33
Chapter 4 Related Work .........................................................................34
4.1 BlueBorne................................................................................................................ 34
4.2 Packet Filtering for BlueBorne................................................................................. 35
4.3 LBM.......................................................................................................................... 36
4.4 Avfs.......................................................................................................................... 37
Chapter 5 Discussion ..............................................................................38
5.1 False positives.......................................................................................................... 38
5.2 Attacking Phase vs Replication Phase ..................................................................... 39
5.3 Limitations............................................................................................................... 40
Cannot Stop Attacks from happening ............................................................................. 40
Network Connection ....................................................................................................... 40
Files and Hashes.............................................................................................................. 40
Race Condition................................................................................................................. 40
5.4 Future Work ............................................................................................................ 41
User And Group for OBEX Proxy...................................................................................... 41
Packet Filtering Using Socket Inode ................................................................................ 41
Access Control for System Services................................................................................. 41
Chapter 6 Conclusion .............................................................................42
Reference ..................................................................................................43

參考文獻

[1] J. Marcel, "Now Available: New Bluetooth," Bluetooth SIG, Inc, 3
4 2023. [Online]. Available: https://www.bluetooth.com/blog/nowavailable-new-bluetooth-forecasts-and-trends/.
[2] J. Su, K. K. W. Chan, A. G. Miklas, K. Po, A. Akhavan, S. Saroiu,
E. d. Lara and A. Goel, "A preliminary investigation of worm
infections in a bluetooth environment," in 13th ACM Conference
on Computer and Communications Security, Alexandria Virginia,
2006.
[3] G. Yan, H. D. Flores, L. Cuellar, N. Hengartner, S. Eidenbenz and
V. Vu, "Bluetooth worm propagation: mobility pattern matters!,"
in Asia CCS′07 ACM Symposium on Information, Computer and
Communications Security, Singapore, 2007.
[4] L. Carettoni, C. Merloni and S. Zanero, "Studying Bluetooth
Malware Propagation: The BlueBag Project," IEEE Security &
Privacy, vol. 5, no. 2, pp. 17-25, 2007.
[5] G. Yan and S. Eidenbenz, "Modeling Propagation Dynamics of
Bluetooth Worms (Extended Version)," IEEE Transactions on
Mobile Computing, vol. 8, no. 3, pp. 353-368, 2009.
[6] J. Howarth, "80+ Amazing IoT Statistics (2023-2030)," 16 3 2023.
[Online]. Available: https://explodingtopics.com/blog/iot-stats.
[7] M. Wade, "IoT Developer Survey Results," Eclipse Foundation,
Inc, 2017. [Online]. Available:
https://slideplayer.com/slide/12468007/.
[8] B. Seri and G. Vishnepolsky, "BlueBorne Technical White Paper,"
30 11 2017. [Online]. Available: https://info.armis.com/rs/645-
PDC047/images/BlueBorne%20Technical%20White%20Paper_201711
30.pdf.
[9] M. Almiani, A. Razaque, L. Yimu, M. J. khan, T. Minjie, M.
Alweshah and S. Atiewi, "Bluetooth Application-Layer PacketFiltering For Blueborne Attack Defending," in 2019 Fourth
International Conference on Fog and Mobile Edge Computing
44
(FMEC), Rome, Italy, 2019.
[10] D. J. Tian, G. Hernandez, J. I. Choi, V. Frost, P. C. Johnson and K.
R. B. Butler, "LBM: A Security Framework for Peripherals within
the Linux Kernel," in 2019 IEEE Symposium on Security and
Privacy (SP), San Francisco, CA, USA, 2019.
[11] A. D. C. P. W. a. E. Z. Yevgeniy Miretskiy, "Avfs: An On-Access
Anti-Virus File System," in USENIX Security Symposium, San
Diego, CA, 2004.
[12] "file-hierarchy," [Online]. Available:
https://www.freedesktop.org/software/systemd/man/filehierarchy.html.
[13] T. Crisci, "Python DBus-Next Documentation," [Online].
Available: https://python-dbus-next.readthedocs.io/en/latest/.
[14] "dbus-python," freedesktop.org, [Online]. Available:
https://gitlab.freedesktop.org/dbus/dbus-python.
[15] Bazaar, "Index of /malware-bazaar/daily," abuse.ch, 2023.
[Online]. Available: https://datalake.abuse.ch/malwarebazaar/daily/.
[16] BlueZ, "GitHub - bluez/bluez: Main BlueZ tree," BlueZ.org,
[Online]. Available:
https://github.com/bluez/bluez/archive/refs/heads/master.zip.
[17] "THOR APT Scanner - Nextron Systems," Nextron Systems
GmbH, [Online]. Available: https://www.nextronsystems.com/thor/.
[18] "MalShare," [Online]. Available: https://malshare.com/.
[19] "Automated Malware Analysis - Joe Sandbox Cloud Basic,"
[Online]. Available: https://www.joesandbox.com/.

指導教授

許富皓(Fu-Hau Hsu)

審核日期

2023-7-18

推文