Bluetooth vulnerabilities on smart phones running in ios and android operating system

Abstract

Bluetooth technology becomes a part of our daily lives. It is built into a many products such as mobile phones, computers, cars, and medical devices. Moreover, it allows sharing music, photos, videos, and other information wirelessly between two paired devices using radio waves. This technology sends information within your own personal space, which is called your Personal Area Network or "PAN" at distances less than 10 meters. The Common Vulnerabilities and Exploits (CVE) and National Vulnerability Database have recorded a sharp increase in reported vulnerabilities for several popular Bluetooth software stacks specially in Symbian and J2ME OS. The objective of this research is to find existing Bluetooth vulnerability in iOS and Android OS by using available tools that claim ability to penetrate mobile phone Bluetooth and to find possible (approximately three) preventive measures to eliminate vulnerabilities. The methodology of this research will be preliminary investigation, analysis, test and evaluation. The scenario of the experiment was by installing all attack tools in Backtrack 5r4 and rnu it against the smartphone devices and observe the devices notification along with possible information that has been gathered. The experiments have proved smart phone devices are more protective against different types of attacks because in most of the scenarios, the user has to accept the connection. However the successful attacks for the devices with low interactivity such as Bluetooth headphones revealed that it is possible to inject or record sounds in these devices without authenticated connection. Thus these devices need to have better security mechanism.