Traffic Analysis And Security Research Based On Bluetooth Protocol

With the opening of Internet of Things era,Industrial Internet of Things(IIoT)and Industrial sensor network has sprung up.They constitute a cross-domain network layer type with computer network,and also,they combine personal network and traditional Internet perfectly.Further more,with the application and deployment of IIoT and smart home network,this kind of cross-domain network has started to build and generalize.It has promoted popularity of industrial short-range wireless communication protocol,at the same time,plenty of sensors has been producted and applied.Bluetooth protocol is a kind of Internet of Things communication protocol.Based on bluetooth protocol,short range data switching can be achieved among sensor node,smart device and industrial control end.On the other hand,with the rising of software defined radio(SDR)and the driving of machine learning and data flow analysis,the attack that aiming to Internet of Things has not been restricted to traditional ways such as data capturing and sniffer cracking.The attack that aiming to communication channel has been a kind of new security threat.In the condition of capturing communication packets sequence,with analytical processing,there is an opportunity to explore current users' possible communication behavior,as well,it is unnecessary to decode data package.And then,the results that can be used on behavior identity,object identification and prediction of action plan.In a particular situation,it can even get some information that only can be get through docoding data.This paper will analyze four versions of bluetooth protocol and research their communication security mechanism respectively.And also,it will associate microcomputer Raspberry Pi and radio apparatus BladeRF,write radio programs for PC,make an analysis platform about bluetooth,track bluetooth frequency hopping and gather bluetooth communication packets.Further more,this paper will coordinate with the prediction model of machine learning.Through contrastive and analysis the traffic characteristic among encrypted communication packets,cracked clear information and SDR platform,the paper will explore their connection and possible threat of information leakage to show the security risks.Through analyzing and studying about bluetooth communication,this paper has made the following achievements:1.In data listening and capturing.By building a radio analysis platform,programming SDR code,combining frequency hopping mechanism features of traditonal bluetooth protocol(bluetooth protocol versions 1-3)and low-power dissipation bluetooth protocol(bluetooth protocol version 4),designing track program in 2400MHz-2480MHz,it can switch the center frequency of RF front-end rapidly to modify the frequency range which data can be captured.Then,it can track the frequency hopping and capture bluetooth communication data packages.So far,it can solve the problem that RF front-end cannot listening wide and full frequency band with limited band width,which will lead to lost frequency hopping data.2.In data processing.Although it is unnecessary to decode detailed information,the data that uploading by RF board from USB to PC should be demodulated.So far,most of the bluetooth chips on the market provide API using interfaces only.It cannot process user-defined cut frequency and track.Neither firmware or dirver is open source,which results in that we cannot finish the follow-up security research of traffic analysis by develop board of bluetooth.However,the peculiarity of SDR platform is to make traditional hardware radio equipments capture the data only,at the same time,we can programming the operating frequency,the modulated demodulation type,the data format,communication protocol and so on.Based on this kind of peculiarity,this paper will solve the problem that traditional chips cannot process data tracking,capturing and decoding by contrasting the requirement of bluetooth protocol manual and programming custom demodulation and separation of datagram.The previous preparation of traffic analysis has been finished.3.In traffic flow analysis.,This paper will build the core algorithm of predictive parsing with the technique of machine learning.After processing the feature engineering of previous data,the author will set training targets and imtate related mechine learning model preliminarily.Then,the author will modulate the feature set and improve its performances by checking it again and again.Finally,the final model's performances on testing data will be assessed.In comparison with the encrypted communication data,the clear information and traffic characteristic,it solves the problem that identification and determination of current users' behaviors without decoding bluetooth communication datas.And also,this paper will explore the possible threats of information leakage that can be brought by the model.