{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T07:06:25Z","timestamp":1763535985086,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,5,16]],"date-time":"2022-05-16T00:00:00Z","timestamp":1652659200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["ATHENE"],"award-info":[{"award-number":["ATHENE"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,5,16]]},"DOI":"10.1145\/3507657.3528547","type":"proceedings-article","created":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T11:30:36Z","timestamp":1651923036000},"page":"146-156","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Evil Never Sleeps"],"prefix":"10.1145","author":[{"given":"Jiska","family":"Classen","sequence":"first","affiliation":[{"name":"TU Darmstadt, Darmstadt, Germany"}]},{"given":"Alexander","family":"Heinrich","sequence":"additional","affiliation":[{"name":"TU Darmstadt, Darmstadt, Germany"}]},{"given":"Robert","family":"Reith","sequence":"additional","affiliation":[{"name":"TU Darmstadt, Darmstadt, Germany"}]},{"given":"Matthias","family":"Hollick","sequence":"additional","affiliation":[{"name":"TU Darmstadt, Darmstadt, Germany"}]}],"member":"320","published-online":{"date-parts":[[2022,5,16]]},"reference":[{"volume-title":"Kasper Rasmussen. 2020 BIAS: Bluetooth Impersonation AttackS. In IEEE Symposium on Security and Privacy.","author":"Antonioli Daniele","key":"e_1_3_2_1_1_1","unstructured":"Daniele Antonioli , Nils Ole Tippenhauer , and Kasper Rasmussen. 2020 BIAS: Bluetooth Impersonation AttackS. In IEEE Symposium on Security and Privacy. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen. 2020 BIAS: Bluetooth Impersonation AttackS. In IEEE Symposium on Security and Privacy."},{"volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Antonioli Daniele","key":"e_1_3_2_1_2_1","unstructured":"Daniele Antonioli , Nils Ole Tippenhauer , and Kasper B. Rasmussen . 2019. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR\/EDR. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/antonioli . In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 1047--1061. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen. 2019. The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR\/EDR. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/antonioli. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1047--1061."},{"key":"e_1_3_2_1_3_1","unstructured":"Apple. 2021 a. Apple Platform Security. https:\/\/manuals.info.apple.com\/MANUALS\/1000\/MA1902\/en_US\/apple-platform-security-guide.pdf.  Apple. 2021 a. Apple Platform Security. https:\/\/manuals.info.apple.com\/MANUALS\/1000\/MA1902\/en_US\/apple-platform-security-guide.pdf."},{"key":"e_1_3_2_1_4_1","unstructured":"Apple. 2021 b. Explore UWB-based car keys. https:\/\/developer.apple.com\/videos\/play\/wwdc2021\/10084\/.  Apple. 2021 b. Explore UWB-based car keys. https:\/\/developer.apple.com\/videos\/play\/wwdc2021\/10084\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Apple. 2022 a. Core Bluetoot | Apple Developer Documentation. https:\/\/developer.apple.com\/documentation\/corebluetooth.  Apple. 2022 a. Core Bluetoot | Apple Developer Documentation. https:\/\/developer.apple.com\/documentation\/corebluetooth."},{"key":"e_1_3_2_1_6_1","unstructured":"Apple. 2022 b. Bug Reporting--Profiles and Logs. https:\/\/developer.apple.com\/bug-reporting\/profiles-and-logs\/.  Apple. 2022 b. Bug Reporting--Profiles and Logs. https:\/\/developer.apple.com\/bug-reporting\/profiles-and-logs\/."},{"key":"e_1_3_2_1_7_1","unstructured":"Apple. 2022 c. Overview of Dynamic Libraries. https:\/\/developer.apple.com\/library\/archive\/documentation\/DeveloperTools\/Conceptual\/DynamicLibraries\/100-Articles\/OverviewOfDynamicLibraries.html.  Apple. 2022 c. Overview of Dynamic Libraries. https:\/\/developer.apple.com\/library\/archive\/documentation\/DeveloperTools\/Conceptual\/DynamicLibraries\/100-Articles\/OverviewOfDynamicLibraries.html."},{"volume-title":"2022 d","key":"e_1_3_2_1_8_1","unstructured":"Apple. 2022 d . Use Express Mode with cards, passes, and keys in Apple Wallet . https:\/\/support.apple.com\/en-us\/HT212171. Apple. 2022 d. Use Express Mode with cards, passes, and keys in Apple Wallet. https:\/\/support.apple.com\/en-us\/HT212171."},{"key":"e_1_3_2_1_9_1","unstructured":"Binary Ninja. 2022. A New Type of Reversing Platform. https:\/\/binary.ninja.  Binary Ninja. 2022. A New Type of Reversing Platform. https:\/\/binary.ninja."},{"key":"e_1_3_2_1_10_1","unstructured":"BMW. 2022. https:\/\/www.bmw.de\/de\/topics\/service-zubehoer\/bmw-connecteddrive\/digital-key.html.  BMW. 2022. https:\/\/www.bmw.de\/de\/topics\/service-zubehoer\/bmw-connecteddrive\/digital-key.html."},{"key":"e_1_3_2_1_11_1","unstructured":"Car Connectivity Consortium. 2020. Digital Key -- The Future of Vehicle Access Whitepaper. https:\/\/global-carconnectivity.org\/wp-content\/uploads\/2020\/04\/CCC_Digital_Key_2.0.pdf.  Car Connectivity Consortium. 2020. Digital Key -- The Future of Vehicle Access Whitepaper. https:\/\/global-carconnectivity.org\/wp-content\/uploads\/2020\/04\/CCC_Digital_Key_2.0.pdf."},{"key":"e_1_3_2_1_12_1","unstructured":"Car Connectivity Consortium. 2021. Car Connectivity Consortium Publishes Digital Key Release 3.0. https:\/\/carconnectivity.org\/press-release\/car-connectivity-consortium-publishes-digital-key-release-3-0\/.  Car Connectivity Consortium. 2021. Car Connectivity Consortium Publishes Digital Key Release 3.0. https:\/\/carconnectivity.org\/press-release\/car-connectivity-consortium-publishes-digital-key-release-3-0\/."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN48987.2021.00049"},{"key":"e_1_3_2_1_14_1","unstructured":"Christopher Wade. 2021. https:\/\/www.pentestpartners.com\/security-blog\/breaking-the-nfc-chips-in-tens-of-millions-of-smart-phones-and-a-few-pos-systems\/.  Christopher Wade. 2021. https:\/\/www.pentestpartners.com\/security-blog\/breaking-the-nfc-chips-in-tens-of-millions-of-smart-phones-and-a-few-pos-systems\/."},{"key":"e_1_3_2_1_15_1","unstructured":"Jiska Classen. 2021. https:\/\/naehrdine.blogspot.com\/2021\/01\/broadcom-bluetooth-unpatching.html.  Jiska Classen. 2021. https:\/\/naehrdine.blogspot.com\/2021\/01\/broadcom-bluetooth-unpatching.html."},{"key":"e_1_3_2_1_16_1","volume-title":"Over the Air-Tag: shenanigans with the most over-engineered keyfinder. Presentation at hardwear.io Netherlands","author":"Classen Jiska","year":"2021","unstructured":"Jiska Classen , Fabian Freyer , and Thomas Roth . 2021. Over the Air-Tag: shenanigans with the most over-engineered keyfinder. Presentation at hardwear.io Netherlands 2021 , https:\/\/hardwear.io\/netherlands-2021\/speakers\/jiska-and-fabian-and-stacksmashing.php. Jiska Classen, Fabian Freyer, and Thomas Roth. 2021. Over the Air-Tag: shenanigans with the most over-engineered keyfinder. Presentation at hardwear.io Netherlands 2021, https:\/\/hardwear.io\/netherlands-2021\/speakers\/jiska-and-fabian-and-stacksmashing.php."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Jiska Classen Francesco Gringoli Michael Hermann and Matthias Hollick. 2022. Attacks on Wireless Coexistence: Exploiting Cross-Technology Performance Features for Inter-Chip Privilege Escalation. (2022).  Jiska Classen Francesco Gringoli Michael Hermann and Matthias Hollick. 2022. Attacks on Wireless Coexistence: Exploiting Cross-Technology Performance Features for Inter-Chip Privilege Escalation. (2022).","DOI":"10.1109\/SP46214.2022.9833639"},{"key":"e_1_3_2_1_18_1","volume-title":"Timey Wimey -- What's Really Inside Apple's U1 Chip. Presentation at Black Hat USA","author":"Classen Jiska","year":"2021","unstructured":"Jiska Classen and Alexander Heinrich . 2021. Wibbly Wobbly , Timey Wimey -- What's Really Inside Apple's U1 Chip. Presentation at Black Hat USA 2021 . Jiska Classen and Alexander Heinrich. 2021. Wibbly Wobbly, Timey Wimey -- What's Really Inside Apple's U1 Chip. Presentation at Black Hat USA 2021."},{"key":"e_1_3_2_1_19_1","unstructured":"Corellium. 2022. Device configuration features. https:\/\/www.corellium.com\/platform\/features.  Corellium. 2022. Device configuration features. https:\/\/www.corellium.com\/platform\/features."},{"key":"e_1_3_2_1_20_1","unstructured":"Cypress Semiconductor Corporation. 2022. WICED Software. https:\/\/www.cypress.com\/products\/wiced-software.  Cypress Semiconductor Corporation. 2022. WICED Software. https:\/\/www.cypress.com\/products\/wiced-software."},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, NDSS 2011","author":"Francillon Aur\u00e9lien","year":"2011","unstructured":"Aur\u00e9lien Francillon , Boris Danev , and Srdjan Capkun . 2011 . Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars . In Proceedings of the Network and Distributed System Security Symposium, NDSS 2011 , San Diego, California, USA, 6th February - 9th February 2011. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss2011\/relay-attacks-on-passive-keyless-entry-and-start-systems-in-modern-cars Aur\u00e9lien Francillon, Boris Danev, and Srdjan Capkun. 2011. Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February - 9th February 2011. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss2011\/relay-attacks-on-passive-keyless-entry-and-start-systems-in-modern-cars"},{"key":"e_1_3_2_1_22_1","unstructured":"Lishoy Francis Gerhard P. Hancke Keith Mayes and Konstantinos Markantonakis. 2011. Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones. IACR Cryptol. ePrint Arch. (2011) 618. http:\/\/eprint.iacr.org\/2011\/618  Lishoy Francis Gerhard P. Hancke Keith Mayes and Konstantinos Markantonakis. 2011. Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones. IACR Cryptol. ePrint Arch. (2011) 618. http:\/\/eprint.iacr.org\/2011\/618"},{"key":"e_1_3_2_1_23_1","volume-title":"Polypyus--The Firmware Historian. Workshop on Binary Analysis Research (BAR) 2021 (Feb","author":"Friebertsh\u00e4user Jan","year":"2021","unstructured":"Jan Friebertsh\u00e4user , Florian Kosterhon , Jiska Classen , and Matthias Hollick . 2021 . Polypyus--The Firmware Historian. Workshop on Binary Analysis Research (BAR) 2021 (Feb 2021). Jan Friebertsh\u00e4user, Florian Kosterhon, Jiska Classen, and Matthias Hollick. 2021. Polypyus--The Firmware Historian. Workshop on Binary Analysis Research (BAR) 2021 (Feb 2021)."},{"key":"e_1_3_2_1_24_1","unstructured":"Matheus E Garbelini Sudipta Chattopadhyay Vaibhav Bedi Sumei Sun and Ernest Kurniawan. 2021. BrakTooth: Causing Havoc on Bluetooth Link Manager. https:\/\/asset-group.github.io\/disclosures\/braktooth\/.  Matheus E Garbelini Sudipta Chattopadhyay Vaibhav Bedi Sumei Sun and Ernest Kurniawan. 2021. BrakTooth: Causing Havoc on Bluetooth Link Manager. https:\/\/asset-group.github.io\/disclosures\/braktooth\/."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3507657.3528546"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2021-0045"},{"key":"e_1_3_2_1_27_1","volume-title":"14th USENIX Workshop on Offensive Technologies (WOOT 20)","author":"Heinze Dennis","year":"2020","unstructured":"Dennis Heinze , Jiska Classen , and Matthias Hollick . 2020 a. ToothPicker: Apple Picking in the iOS Bluetooth Stack . In 14th USENIX Workshop on Offensive Technologies (WOOT 20) . USENIX Association. https:\/\/www.usenix.org\/conference\/woot20\/presentation\/heinze Dennis Heinze, Jiska Classen, and Matthias Hollick. 2020 a. ToothPicker: Apple Picking in the iOS Bluetooth Stack. In 14th USENIX Workshop on Offensive Technologies (WOOT 20). USENIX Association. https:\/\/www.usenix.org\/conference\/woot20\/presentation\/heinze"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395351.3399343"},{"key":"e_1_3_2_1_29_1","unstructured":"Hex-Rays. 2022. IDA Pro. https:\/\/hex-rays.com\/ida-pro\/.  Hex-Rays. 2022. IDA Pro. https:\/\/hex-rays.com\/ida-pro\/."},{"key":"e_1_3_2_1_30_1","article-title":"Against the Law: Countering Lawful Abuses of Digital Surveillance. https:\/\/www.tjoe.org\/pub\/direct-radio-introspection","volume":"7","author":"Edward Snowden Huang","year":"2016","unstructured":"bunnie Huang and Edward Snowden . 2016 . Against the Law: Countering Lawful Abuses of Digital Surveillance. https:\/\/www.tjoe.org\/pub\/direct-radio-introspection . The Journal of Open Engineering (21 7 2016). https:\/\/doi.org\/10.21428\/12268 https:\/\/www.tjoe.org\/pub\/direct-radio-introspection. 10.21428\/12268 bunnie Huang and Edward Snowden. 2016. Against the Law: Countering Lawful Abuses of Digital Surveillance. https:\/\/www.tjoe.org\/pub\/direct-radio-introspection. The Journal of Open Engineering (21 7 2016). https:\/\/doi.org\/10.21428\/12268 https:\/\/www.tjoe.org\/pub\/direct-radio-introspection.","journal-title":"The Journal of Open Engineering (21"},{"key":"e_1_3_2_1_31_1","unstructured":"Iceman. 2022. Proxmark3. https:\/\/github.com\/RfidResearchGroup\/proxmark3.  Iceman. 2022. Proxmark3. https:\/\/github.com\/RfidResearchGroup\/proxmark3."},{"key":"e_1_3_2_1_32_1","unstructured":"iFixit. 2019. iPhone 11 Teardown. https:\/\/www.ifixit.com\/Teardown\/iPhone+11+ Teardown\/126192.  iFixit. 2019. iPhone 11 Teardown. https:\/\/www.ifixit.com\/Teardown\/iPhone+11+ Teardown\/126192."},{"key":"e_1_3_2_1_33_1","unstructured":"Just a Penguin. 2022. IPSW Downloads. https:\/\/ipsw.me.  Just a Penguin. 2022. IPSW Downloads. https:\/\/ipsw.me."},{"key":"e_1_3_2_1_34_1","unstructured":"Kim Jong Cracks. 2022. checkra1n--iPhone 5s -- iPhone X iOS 12.3 and up. https:\/\/checkra.in\/.  Kim Jong Cracks. 2022. checkra1n--iPhone 5s -- iPhone X iOS 12.3 and up. https:\/\/checkra.in\/."},{"key":"e_1_3_2_1_35_1","volume-title":"14th USENIX Workshop on Offensive Technologies (WOOT 20)","author":"Klee Steffen","year":"2020","unstructured":"Steffen Klee , Alexandros Roussos , Max Maass , and Matthias Hollick . 2020 . NFCGate: Opening the Door for NFC Security Research with a Smartphone-Based Toolkit . In 14th USENIX Workshop on Offensive Technologies (WOOT 20) . USENIX Association. https:\/\/www.usenix.org\/conference\/woot20\/presentation\/klee Steffen Klee, Alexandros Roussos, Max Maass, and Matthias Hollick. 2020. NFCGate: Opening the Door for NFC Security Research with a Smartphone-Based Toolkit. In 14th USENIX Workshop on Offensive Technologies (WOOT 20). USENIX Association. https:\/\/www.usenix.org\/conference\/woot20\/presentation\/klee"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-88418-5_7"},{"key":"e_1_3_2_1_37_1","volume-title":"Ghost Peak: Practical Distance Reduction Attacks Against HRP UWB Ranging. https:\/\/securepositioning.com\/ghost-peak\/.","author":"Leu Patrick","year":"2021","unstructured":"Patrick Leu , Giovanni Camurati , Alexander Heinrich , Marc Roeschlin , Claudio Anliker , Matthias Hollick , Srdjan Capkun , and Jiska Classen . 2021 . Ghost Peak: Practical Distance Reduction Attacks Against HRP UWB Ranging. https:\/\/securepositioning.com\/ghost-peak\/. Patrick Leu, Giovanni Camurati, Alexander Heinrich, Marc Roeschlin, Claudio Anliker, Matthias Hollick, Srdjan Capkun, and Jiska Classen. 2021. Ghost Peak: Practical Distance Reduction Attacks Against HRP UWB Ranging. https:\/\/securepositioning.com\/ghost-peak\/."},{"key":"e_1_3_2_1_38_1","unstructured":"Jonathan Levin. 2020. *OS Internals Volume II Kernel Mode. North Castle NY.  Jonathan Levin. 2020. *OS Internals Volume II Kernel Mode. North Castle NY."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Dennis Mantz. 2018. InternalBlue - A Bluetooth Experimentation Framework Based on Mobile Device Reverse Engineering. Master thesis. TU Darmstadt. Supervised by Matthias Schu\u00adlz and Jiska Classen.  Dennis Mantz. 2018. InternalBlue - A Bluetooth Experimentation Framework Based on Mobile Device Reverse Engineering. Master thesis. TU Darmstadt. Supervised by Matthias Schu\u00adlz and Jiska Classen.","DOI":"10.1145\/3307334.3326089"},{"key":"e_1_3_2_1_40_1","volume-title":"InternalBlue - Bluetooth Binary Patching and Experimentation Framework. In The 17th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys '19)","author":"Mantz Dennis","year":"2019","unstructured":"Dennis Mantz , Jiska Classen , Matthias Schulz , and Matthias Hollick . 2019 . InternalBlue - Bluetooth Binary Patching and Experimentation Framework. In The 17th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys '19) . https:\/\/doi.org\/10.1145\/3307334.3326089 10.1145\/3307334.3326089 Dennis Mantz, Jiska Classen, Matthias Schulz, and Matthias Hollick. 2019. InternalBlue - Bluetooth Binary Patching and Experimentation Framework. In The 17th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys '19). https:\/\/doi.org\/10.1145\/3307334.3326089"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3463676.3485616"},{"key":"e_1_3_2_1_42_1","unstructured":"National Security Agency. 2022. Ghidra. https:\/\/ghidra-sre.org\/.  National Security Agency. 2022. Ghidra. https:\/\/ghidra-sre.org\/."},{"key":"e_1_3_2_1_43_1","unstructured":"NXP Semiconductors. 2020. NXP JCOP6.x on SN200.C04 Secure Element Product Evaluation Document. https:\/\/www.commoncriteriaportal.org\/files\/epfiles\/nscib-cc-235773_2-st-lite.pdf.  NXP Semiconductors. 2020. NXP JCOP6.x on SN200.C04 Secure Element Product Evaluation Document. https:\/\/www.commoncriteriaportal.org\/files\/epfiles\/nscib-cc-235773_2-st-lite.pdf."},{"volume-title":"Relay Attacks on Secure Element-Enabled Mobile Devices","author":"Roland Michael","key":"e_1_3_2_1_44_1","unstructured":"Michael Roland , Josef Langer , and Josef Scharinger . 2012. Relay Attacks on Secure Element-Enabled Mobile Devices . In Information Security and Privacy Research, Dimitris Gritzalis, Steven Furnell, and Marianthi Theoharidou (Eds.). Springer Berlin Heidelberg , Berlin, Heidelberg , 1--12. Michael Roland, Josef Langer, and Josef Scharinger. 2012. Relay Attacks on Secure Element-Enabled Mobile Devices. In Information Security and Privacy Research, Dimitris Gritzalis, Steven Furnell, and Marianthi Theoharidou (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 1--12."},{"key":"e_1_3_2_1_45_1","volume-title":"AirTag of the Clones: Shenanigans with Liberated Item Finders. (Aug","author":"Roth Thomas","year":"2022","unstructured":"Thomas Roth , Fabian Freyer , Matthias Hollick , and Jiska Classen . 2022. AirTag of the Clones: Shenanigans with Liberated Item Finders. (Aug . 2022 ). Thomas Roth, Fabian Freyer, Matthias Hollick, and Jiska Classen. 2022. AirTag of the Clones: Shenanigans with Liberated Item Finders. (Aug. 2022)."},{"key":"e_1_3_2_1_46_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Ruge Jan","year":"2020","unstructured":"Jan Ruge , Jiska Classen , Francesco Gringoli , and Matthias Hollick . 2020 . Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets . In 29th USENIX Security Symposium (USENIX Security 20) . USENIX Association, 19--36. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/ruge Jan Ruge, Jiska Classen, Francesco Gringoli, and Matthias Hollick. 2020. Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 19--36. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/ruge"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3448300.3467831"},{"key":"e_1_3_2_1_48_1","volume-title":"Matthias Hollick, and Kay R\u00f6mer.","author":"Sp\u00f6rk Michael","year":"2020","unstructured":"Michael Sp\u00f6rk , Jiska Classen , Carlo Alberto Boano , Matthias Hollick, and Kay R\u00f6mer. 2020 . Improving the Reliability of Bluetooth Low Energy Connections.. In EWSN. 144--155. Michael Sp\u00f6rk, Jiska Classen, Carlo Alberto Boano, Matthias Hollick, and Kay R\u00f6mer. 2020. Improving the Reliability of Bluetooth Low Energy Connections.. In EWSN. 144--155."},{"key":"e_1_3_2_1_49_1","unstructured":"Markus Staeblein. 2021. 3 Reasons Why CCC Digital Key Release 3.0 Is Cause for Excitement. https:\/\/www.nxp.com\/company\/blog\/3-reasons-why-ccc-digital-key-release-3-0-is-cause-for-excitement:BL-CCC-DIGITAL-KEY.  Markus Staeblein. 2021. 3 Reasons Why CCC Digital Key Release 3.0 Is Cause for Excitement. https:\/\/www.nxp.com\/company\/blog\/3-reasons-why-ccc-digital-key-release-3-0-is-cause-for-excitement:BL-CCC-DIGITAL-KEY."},{"key":"e_1_3_2_1_50_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Stute Milan","year":"2021","unstructured":"Milan Stute , Alexander Heinrich , Jannik Lorenz , and Matthias Hollick . 2021 . Disrupting Continuity of Appletextquoterights Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi . In 30th USENIX Security Symposium (USENIX Security 21) . USENIX Association, 3917--3934. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/stute Milan Stute, Alexander Heinrich, Jannik Lorenz, and Matthias Hollick. 2021. Disrupting Continuity of Appletextquoterights Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3917--3934. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/stute"},{"key":"e_1_3_2_1_51_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Stute Milan","year":"2019","unstructured":"Milan Stute , Sashank Narain , Alex Mariotto , Alexander Heinrich , David Kreitschmann , Guevara Noubir , and Matthias Hollick . 2019 . A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link . In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 37--54. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/stute Milan Stute, Sashank Narain, Alex Mariotto, Alexander Heinrich, David Kreitschmann, Guevara Noubir, and Matthias Hollick. 2019. A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 37--54. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/stute"},{"key":"e_1_3_2_1_52_1","unstructured":"The iPhone Wiki. 2022. OTA Updates. https:\/\/www.theiphonewiki.com\/wiki\/OTA_Updates.  The iPhone Wiki. 2022. OTA Updates. https:\/\/www.theiphonewiki.com\/wiki\/OTA_Updates."},{"key":"e_1_3_2_1_53_1","unstructured":"tihmstar. 2022. textttimg4tool. https:\/\/github.com\/tihmstar\/img4tool.  tihmstar. 2022. textttimg4tool. https:\/\/github.com\/tihmstar\/img4tool."},{"key":"e_1_3_2_1_54_1","unstructured":"T\u00dcV Rheinland Nederland B.V. 2019. Certification Report SN200 Series - Secure Element with Crypto Library SN200_SE B1.1 C04. https:\/\/commoncriteriaportal.org\/files\/epfiles\/NSCIB-CC-217812-CR.pdf.  T\u00dcV Rheinland Nederland B.V. 2019. Certification Report SN200 Series - Secure Element with Crypto Library SN200_SE B1.1 C04. https:\/\/commoncriteriaportal.org\/files\/epfiles\/NSCIB-CC-217812-CR.pdf."},{"issue":"2","key":"e_1_3_2_1_55_1","first-page":"N100","article-title":"Certification Report","volume":"5","author":"Rheinland T\u00dcV","year":"2021","unstructured":"T\u00dcV Rheinland Nederland B.V. 2021 . Certification Report , NXP JCOP 5 . 2 on S N100 .C58 Secure Element. https:\/\/www.commoncriteriaportal.org\/files\/epfiles\/NSCIB-CC-0023577-CR3.pdf. T\u00dcV Rheinland Nederland B.V. 2021. Certification Report, NXP JCOP 5.2 on SN100.C58 Secure Element. https:\/\/www.commoncriteriaportal.org\/files\/epfiles\/NSCIB-CC-0023577-CR3.pdf.","journal-title":"NXP JCOP"},{"key":"e_1_3_2_1_56_1","unstructured":"unc0ver. 2022. The moast advanced jailbreak tool. https:\/\/unc0ver.dev.  unc0ver. 2022. The moast advanced jailbreak tool. https:\/\/unc0ver.dev."},{"key":"e_1_3_2_1_57_1","unstructured":"Wikileaks. 2014. Weeping Angel (Extending) Engineering Notes. https:\/\/wikileaks.org\/ciav7p1\/cms\/page_12353643.html.  Wikileaks. 2014. Weeping Angel (Extending) Engineering Notes. https:\/\/wikileaks.org\/ciav7p1\/cms\/page_12353643.html."},{"key":"e_1_3_2_1_58_1","volume-title":"LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Wu Jianliang","year":"2021","unstructured":"Jianliang Wu , Ruoyu Wu , Daniele Antonioli , Mathias Payer , Nils Ole Tippenhauer , Dongyan Xu , Dave (Jing) Tian , and Antonio Bianchi . 2021 . LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security 21) . USENIX Association, 339--356. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/wu-jianliang Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Ole Tippenhauer, Dongyan Xu, Dave (Jing) Tian, and Antonio Bianchi. 2021. LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 339--356. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/wu-jianliang"}],"event":{"name":"WiSec '22: 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing"],"location":"San Antonio TX USA","acronym":"WiSec '22"},"container-title":["Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3507657.3528547","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3507657.3528547","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:12:27Z","timestamp":1750191147000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3507657.3528547"}},"subtitle":["When Wireless Malware Stays On after Turning Off iPhones"],"short-title":[],"issued":{"date-parts":[[2022,5,16]]},"references-count":58,"alternative-id":["10.1145\/3507657.3528547","10.1145\/3507657"],"URL":"https:\/\/doi.org\/10.1145\/3507657.3528547","relation":{},"subject":[],"published":{"date-parts":[[2022,5,16]]},"assertion":[{"value":"2022-05-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}