{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,12,26]],"date-time":"2022-12-26T12:32:06Z","timestamp":1672057926520},"reference-count":90,"publisher":"IGI Global","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,7,1]]},"abstract":"<p>Bluetooth technology (BT) and the inherent security vulnerabilities it introduces into business domains are often overlooked when security policies are developed. However, the International Data Corporation (IDC) projected that global Bluetooth short-wave wire semiconductor revenue will triple from $1.7 billion in 2007, to $3.3 billion in 2012 (Reidy, 2008). After a brief history of Bluetooth technology, researchers will examine how Bluetooth works, its vulnerabilities, and how these vulnerabilities can be exploited. Bluetooth malware and its associated risks will also be explored. As a practical approach to monitor Bluetooth threats and malware, the employment of a Bluetooth honeypot will be discussed, including honeypot structure and the legalities of deploying them. Building on Andrew Smith\u2019s earlier work developing Bluepot, a functional Bluetooth honeypot (Smith, 2011), researchers will test Bluepot and discuss the feasibility of using it as a prototype for developing a functional Bluetooth honeypot to secure corporate data and analyze BT malware.<\/p>","DOI":"10.4018\/jitn.2012070101","type":"journal-article","created":{"date-parts":[[2012,9,6]],"date-time":"2012-09-06T12:51:54Z","timestamp":1346935914000},"page":"1-22","source":"Crossref","is-referenced-by-count":2,"title":["The Bluetooth Honeypot Project"],"prefix":"10.4018","volume":"4","author":[{"given":"Ashley","family":"Podhradsky","sequence":"first","affiliation":[{"name":"Dakota State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cindy","family":"Casey","sequence":"additional","affiliation":[{"name":"Drexel University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peter","family":"Ceretti","sequence":"additional","affiliation":[{"name":"Drexel University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"2432","reference":[{"key":"jitn.2012070101-0","unstructured":"W3Schools. (2011). OS platform statistics. Retrieved August 27, 2011, from http:\/\/www.w3schools.com\/browsers\/browsers_os.asp"},{"key":"jitn.2012070101-1","unstructured":"Ahonen, T. (2006). Bluetooth (IEEE 802.15.1). Retrieved June 20, 2011, from http:\/\/users.tkk.fi\/~virranko\/sensor_networks\/ahonen1.pdf"},{"key":"jitn.2012070101-2","author":"A. F.Alford","year":"2000","journal-title":"When the gods came down"},{"key":"jitn.2012070101-3","unstructured":"Anagnostakisy, K. G., Sidiroglou, S., Akritidis, P., Xinidis, K., Markatos, E., & Keromytis, A. D. (2005). Detecting targeted attacks using shadow honeypots. Retrieved July 16, 2011, from http:\/\/www.ics.forth.gr\/dcs\/Activities\/papers\/replay.pdf"},{"key":"jitn.2012070101-4","unstructured":"Anonymous. (2010). Privacy and civil liberties: Federal statutes. Retrieved July 19, 2011, from http:\/\/it.ojp.gov\/default.aspx?area=privacy&page=1284"},{"key":"jitn.2012070101-5","unstructured":"Anonymous. (2011). Bluetooth tracking. Retrieved September 7, 2011, from http:\/\/bluetoothtracking.org\/"},{"key":"jitn.2012070101-6","unstructured":"Apple. (2012). iPad. Retrieved June 20, 2012, from http:\/\/www.apple.com\/ipad\/features\/"},{"issue":"1","key":"jitn.2012070101-7","first-page":"9","article-title":"Analysis of malicious detection in bluetooth enabled devices exploiting wireless personal area networks.","volume":"10","author":"M. L. S.Arockiasamy","year":"2010","journal-title":"Global Journal of Computer Science and Technology"},{"key":"jitn.2012070101-8","unstructured":"BackTrack Linux. (2011). BackTrack Linux \u2013 Penetration testing distribution. Retrieved September 9, 2011, from http:\/\/www.backtrack-linux.org\/"},{"key":"jitn.2012070101-9","unstructured":"Barnett, R. C. (2004). Open proxy honeypots: If you build it, they will come\u2026. Retrieved July 16, 2011, from http:\/\/honeypots.sourceforge.net\/open_proxy_honeypots.pdf"},{"key":"jitn.2012070101-10","doi-asserted-by":"crossref","unstructured":"Bialoglowy, M. (2010). Bluetooth security review, Part 1. Retrieved July 5, 2011, from http:\/\/www.symantec.com\/connect\/articles\/bluetooth-security-review-part-1","DOI":"10.1016\/S1353-4858(11)70073-3"},{"key":"jitn.2012070101-11","unstructured":"Bies, L. (2011). RS-232 specifications. Retrieved July 27, 2011, from http:\/\/www.lammertbies.nl\/comm\/info\/RS-232_specs.html"},{"key":"jitn.2012070101-12","unstructured":"Blasdel, J., & Pokomy, K. (2004). The future of bluetooth technology. Retrieved June 23, 2011, from http:\/\/faculty.mckendree.edu\/kian_pokorny\/Course_Pages\/CSI490\/Bluetooth.pdf"},{"key":"jitn.2012070101-13","unstructured":"Blue, Z. (2011). Release of bluez-4.96. Retrieved August 14, 2011, from http:\/\/www.bluez.org\/"},{"key":"jitn.2012070101-14","unstructured":"Bluetooth, S. I. G. (2006). Assigned numbers - Bluetooth baseband. Retrieved September 4, 2011, from http:\/\/netlab.cs.ucla.edu\/wiki\/files\/class_of_device.pdf"},{"key":"jitn.2012070101-15","unstructured":"Bluetooth, S. I. G. (2012). Medical and health. Retrieved June 20, 2012, from http:\/\/www.bluetooth.com\/Pages\/Medical.aspx"},{"key":"jitn.2012070101-16","unstructured":"Bray, J. (2001). Masters, slaves, and piconets. Retrieved July 6, 2011, from http:\/\/www.informit.com\/articles\/article.aspx?p=21324&seqNum=4"},{"key":"jitn.2012070101-17","doi-asserted-by":"crossref","unstructured":"Browning, D. (2009). Bluetooth hacking: A case study. Retrieved July 7, 2011, from http:\/\/www.garykessler.net\/library\/bluetooth_hacking_browning_kessler.pdf","DOI":"10.15394\/jdfsl.2009.1058"},{"key":"jitn.2012070101-18","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.43"},{"key":"jitn.2012070101-19","unstructured":"Chang, R., & Shmatikov, V. (2007). Formal analysis of authentication in bluetooth device pairing. Retrieved July 8, 2011, from http:\/\/www.cs.utexas.edu\/~shmat\/shmat_fcs07.pdf"},{"key":"jitn.2012070101-20","doi-asserted-by":"publisher","DOI":"10.4018\/978-1-59904-899-4.ch001"},{"key":"jitn.2012070101-21","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2008.02.007"},{"key":"jitn.2012070101-22","unstructured":"Choney, S. (2008). Bluetooth gets place in the car, not just the ear. Retrieved July 7, 2011, from http:\/\/www.msnbc.msn.com\/id\/26459737\/ns\/technology_and_science-tech_and_gadgets\/t\/bluetooth-gets-place-car-not-just-ear\/#.T-JU2_U_fmc"},{"key":"jitn.2012070101-23","year":"2011","journal-title":"2010\/2011 CSI computer crime and security survey"},{"key":"jitn.2012070101-24","unstructured":"Constantin, L. (2012). Researchers identify Stuxnet-like cyberespionage malware called 'flame.' Retrieved July 20, 2011, from http:\/\/www.pcworld.com\/article\/256370\/researchers_identify_stuxnetlike_cyberespionage_malware_called_flame.html"},{"key":"jitn.2012070101-25","unstructured":"Dagon, D., Qin, X., Gu, G., Lee, W., Grizzard, J., Levine, J., & Owen, H. (2002). HoneyStat: Local worm detection using honeypots. Retrieved August 8, 2011, from http:\/\/www.cc.gatech.edu\/~wenke\/papers\/honeystat.pdf"},{"key":"jitn.2012070101-26","unstructured":"Dornseif, M., Holz, T., & Muller, S. (2005). Honeypots and limitations of deception. Retrieved July 16, 2011, from http:\/\/subs.emis.de\/LNI\/Proceedings\/Proceedings73\/GI-Proceedings.73-14.pdf"},{"key":"jitn.2012070101-27","author":"K.Dunham","year":"2008","journal-title":"Mobile malware attacks and defense"},{"key":"jitn.2012070101-28","unstructured":"European Network of Affined Honeypots. (2006). Honeypot node architecture. Retrieved July 12, 2011, from http:\/\/www.fp6-noah.org\/publications\/deliverables\/D1.1.pdf"},{"key":"jitn.2012070101-29","year":"2011","journal-title":"15th Annual 2010\/2011 computer crime and security survey"},{"key":"jitn.2012070101-30","unstructured":"Ferrie, P. S. (2004). Virus Analysis 1, Cabrin Fever. Retrieved June 20, 2011, from http:\/\/www.virusbtn.com"},{"key":"jitn.2012070101-31","author":"N.Flynn","year":"2009","journal-title":"The e-policy handbook"},{"key":"jitn.2012070101-32","unstructured":"Gonsalves, A. (2012). New android malware is disguised as a security app. Retrieved June 23, 2011, from http:\/\/www.pcworld.com\/article\/257858\/new_android_malware_is_disguised_as_a_security_app.html"},{"key":"jitn.2012070101-33","unstructured":"Hattori, J. (2000). Bluetooth developers aim to usher in a wireless era. Retrieved June 20, 2011, from http:\/\/archives.cnn.com\/2000\/TECH\/computing\/09\/01\/bluetooth\/index.html#2"},{"key":"jitn.2012070101-34","unstructured":"Herfurt, M. (2011). Car whisperer. Retrieved September 2, 2011, from http:\/\/trifinite.org\/trifinite_stuff_carwhisperer.html"},{"key":"jitn.2012070101-35","author":"C.Hodgdon","year":"2003","journal-title":"Adaptive frequency hopping for reduced interference between bluetooth and wireless LAN"},{"issue":"2","key":"jitn.2012070101-36","article-title":"Modified approach of RFCOMM implementation to protect bluetooth technology from bluebug attacks.","volume":"1","author":"H.Hossain","year":"2011","journal-title":"International Journal of Computer and Information Technology"},{"key":"jitn.2012070101-37","unstructured":"HP. (2004). Bluetooth wireless technology basics. Palo Alto, CA: HP."},{"key":"jitn.2012070101-38","unstructured":"Infrared Data Association. (1999). IrDA object exchange protocol OBEX. Retrieved August 18, 2011, from http:\/\/simon.dehartog.nl\/datasheets\/protocols\/OBEX_1.2.pdf"},{"key":"jitn.2012070101-39","unstructured":"International Telecommunications Union. (2010). Report SM.2180. Retrieved July 9, 2011, from http:\/\/www.itu.int\/pub\/R-REP-SM.2180-2010\/en"},{"key":"jitn.2012070101-40","unstructured":"Jiang, X., & Xu, D. (2003). BAIT-TRAP: A catering honeypot framework. Retrieved July 15, 2011, from http:\/\/friends.cs.purdue.edu\/pubs\/BaitTrap.pdf"},{"key":"jitn.2012070101-41","unstructured":"Johnson, H. (2002). Bluetooth: The global technology? Retrieved August 8, 2011, from http:\/\/www.sans.org\/reading_room\/whitepapers\/wireless\/bluetooth-global-technology_170"},{"key":"jitn.2012070101-42","unstructured":"Kabay, M. E. (2010). Honeypots (2): Entrapment? Retrieved July 19, 2011, from http:\/\/www.mekabay.com\/nwf\/206g%20--%20Honeypots%20%282%29.pdf"},{"key":"jitn.2012070101-43","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2005.12.001"},{"key":"jitn.2012070101-44","unstructured":"Kardach, J. (2007). Bluetooth - The naming of a technology. Retrieved June 20, 2011, from http:\/\/www.kardach.com\/bluetooth\/runic_stone_journal\/Entries\/2007\/9\/3_Bluetooth,_the_naming_of_a_technology_files\/How a technology was named.pdf"},{"key":"jitn.2012070101-45","unstructured":"Kaspersky Lab. (2012). Kaspersky Lab and ITU research reveals new advanced cyber threat. Retrieved August 20, 2011, from http:\/\/www.kaspersky.com\/about\/news\/virus\/2012\/Kaspersky_Lab_and_ITU_ Research_ Reveals_New_Advanced_Cyber_Threat"},{"key":"jitn.2012070101-46","unstructured":"Korzeniowski, P. (2002). Bluetooth security threat starting to spread. Retrieved September 10, 2011, from http:\/\/www.technewsworld.com\/story\/40124.html"},{"key":"jitn.2012070101-47","unstructured":"LockDown. (2009). Password recovery speeds. Retrieved July 6, 2011, from http:\/\/www.lockdown.co.uk\/?pg=combi"},{"key":"jitn.2012070101-48","unstructured":"Lucistnik, P. (2011). Advanced networking. In FreeBSD handbook (Ch. 31). The FreeBSD Documentation Project."},{"key":"jitn.2012070101-49","unstructured":"Mills, E. (2012). Google now scanning android apps for malware. Retrieved June 24, 2011, from http:\/\/news.cnet.com\/8301-27080_3-57370650-245\/google-now-scanning-android-apps-for-malware\/"},{"key":"jitn.2012070101-50","unstructured":"Mind Vision Consulting. (2012). XRange2000. Retrieved June 20, 2011, from http:\/\/www.bluemagnet.com\/xrange2000.html"},{"key":"jitn.2012070101-51","doi-asserted-by":"crossref","unstructured":"Mokube, I., & Adams, M. (2007). Honeypots: Concepts, approaches, and challenges. Retrieved July 9, 2011, from http:\/\/cs.millersville.edu\/~csweb\/lib\/userfiles\/honeypot.pdf","DOI":"10.1145\/1233341.1233399"},{"key":"jitn.2012070101-52","unstructured":"Mousa Al-kfairy. S. R. (2008). Bluetooth security. Link\u00f6ping, Sweden: Link\u00f6ping University."},{"key":"jitn.2012070101-53","author":"T.Muller","year":"1999","journal-title":"Bluetooth baseband security concept"},{"key":"jitn.2012070101-54","unstructured":"Mullins, M. (2005). Does your security policy address Bluetooth technology? Retrieved September 10, 2011, from http:\/\/www.techrepublic.com\/article\/does-your-security-policy-address-bluetooth-technology\/5657593"},{"key":"jitn.2012070101-55","unstructured":"NIST. (2008). Guide to bluetooth security, special publication 800-121. Retrieved July 7, 2011, from http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-121\/SP800-121.pdf"},{"key":"jitn.2012070101-56","unstructured":"NIST. (2012). Bluetooth security: Protecting wireless networks and devices. Retrieved July 7, 2011, from http:\/\/csrc.nist.gov\/publications\/nistbul\/Nov2008_Bluetooth-Security.pdf"},{"key":"jitn.2012070101-57","unstructured":"Offensive Security. (2011). Offensive security training. Retrieved September 2, 2011, from http:\/\/www.offensive-security.com\/"},{"key":"jitn.2012070101-58","author":"J.Padgette","year":"2008","journal-title":"Guide to bluetooth security (NIST Special Publication 800-121)"},{"key":"jitn.2012070101-59","unstructured":"Peter, E., & Schiller, T. (2009). A practical guide to honeypots. Retrieved July 13, 2011, from http:\/\/www1.cse.wustl.edu\/~jain\/cse571-09\/ftp\/honey.pdf"},{"key":"jitn.2012070101-60","author":"P.Piazza","year":"2005","journal-title":"From Bluetooth to RedFang: The boom in Bluetooth wireless devices is a boon for those on the move"},{"key":"jitn.2012070101-61","unstructured":"Provos, N., & Holz, T. (2008). How to use honeypots to improve your network security. Retrieved July 17, 2011, from http:\/\/www.eweek.com\/c\/a\/Security\/How-to-Use-Honeypots-to-Improve-Your-Network-Security\/"},{"key":"jitn.2012070101-62","unstructured":"Reidy, C. (2008). IDC: Bluetooth revenue is on pace to nearly double. Retrieved July 10, 2011, from http:\/\/www.boston.com\/business\/ticker\/2008\/12\/idc_bluetooth_r.html"},{"key":"jitn.2012070101-63","author":"R.Rhodes","year":"2009","journal-title":"Hedy's folly"},{"key":"jitn.2012070101-64","unstructured":"Richardson, W. T. G. (2007). Honey pots. Retrieved July 7, 2011, from http:\/\/www.witiger.com\/ecommerce\/honeypots.htm"},{"key":"jitn.2012070101-65","unstructured":"Roche, M. (2007). Wireless hacking tools. Retrieved July 8, 2011, from http:\/\/www1.cse.wustl.edu\/~jain\/cse571-07\/ftp\/wireless_hacking.pdf"},{"key":"jitn.2012070101-66","unstructured":"Sapronov, K. (2006). Bluetooth, bluetooth security and new year war-nibbling. Retrieved July 9, 2011, from http:\/\/www.securelist.com\/en\/analysis?pubid=181198286"},{"key":"jitn.2012070101-67","unstructured":"Scottberg, B., Yurcik, W., & Doss, D. (2002). Internet honeypots: Protection or entrapment? In Proceedings of the International Symposium on Technology and Society (pp. 387-391)."},{"key":"jitn.2012070101-68","unstructured":"Security Tube Tools. (2011). Bluetooth auditing. Retrieved July 2, 2011, from http:\/\/tools.securitytube.net\/index.php?title=BlueMaho"},{"key":"jitn.2012070101-69","doi-asserted-by":"crossref","unstructured":"Shaked, Y., & Wool, A. (2005). Cracking the Bluetooth PIN. Retrieved July 5, 2011, from http:\/\/www.usenix.org\/event\/mobisys05\/tech\/full_papers\/shaked\/shaked.pdf","DOI":"10.1145\/1067170.1067176"},{"key":"jitn.2012070101-70","unstructured":"Shizuoka University. (2002). A wireless system for disaster damage monitoring in vulnerable ISM band. Retrieved July 7, 2011, from http:\/\/www.hakodate-ct.ac.jp\/~tkfujiwr\/tfujiwara\/gyouseki_pdf\/gakkai\/ICWLHN2002\/ICWLHN2002_Final2_TFujiwara.pdf"},{"key":"jitn.2012070101-71","unstructured":"Short-range Wireless SIG. (2007). Bluetooth secure simple pairing usability metric whitepaper. Retrieved July 9, 2011, from https:\/\/www.bluetooth.org\/Technical\/Specifications\/whitepapers.htm"},{"key":"jitn.2012070101-72","unstructured":"Short-range Wireless SIG. (2011). Automotive market. Retrieved July 7, 2011, from http:\/\/www.bluetooth.com\/Pages\/Automotive-Market.aspx"},{"key":"jitn.2012070101-73","unstructured":"Smith, A. (2011). Bluepot. Retrieved August 20, 2011, from http:\/\/code.google.com\/p\/bluepot\/"},{"key":"jitn.2012070101-74","unstructured":"SNAC. (2008). National security agency bluetooth security. Retrieved June 23, 2011, from http:\/\/www.nsa.gov\/ia\/_files\/factsheets\/I732-016R-07.pdf"},{"key":"jitn.2012070101-75","unstructured":"Sorrells v. U.S., 287 U.S. 435 (1932)."},{"key":"jitn.2012070101-76","unstructured":"Spitzner, L. (2003). Honeypots: Are they illegal? Retrieved July 7, 2011, from http:\/\/www.bandwidthco.com\/sf_whitepapers\/honeypots\/Honeypots%20-%20Are%20The20Illegal.pdf"},{"key":"jitn.2012070101-77","author":"L.Spitzner","year":"2003","journal-title":"Tracking hackers"},{"key":"jitn.2012070101-78","unstructured":"Staniford, S., Paxson, V., & Weaver, N. (2002, August). How to own the Internet in your spare time. In Proceedings of the 11th USENIX Security Symposium (pp. 149-167)."},{"key":"jitn.2012070101-79","author":"A. K.Talukder","year":"2005","journal-title":"Mobile computing: Technology, applications, and service creation"},{"key":"jitn.2012070101-80","unstructured":"Tan, L. (2007). Users need refresher on Bluetooth security. Retrieved July 7, 2011, from http:\/\/www.zdnet.com.au\/users-need-refresher-on-bluetooth-security-339282326.htm"},{"key":"jitn.2012070101-81","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2006.121"},{"key":"jitn.2012070101-82","unstructured":"United States Internet Crime Task Force. (2006). Bluetooth security. Retrieved July 6, 2011, from http:\/\/www.usict.org\/docs\/bluetooth.pdf"},{"key":"jitn.2012070101-83","year":"2004","journal-title":"Java bluetooth stack technical documentation version 0.5"},{"key":"jitn.2012070101-84","unstructured":"Verizon. (2011). Data breach investigation report. New York, NY: Verizon."},{"key":"jitn.2012070101-85","unstructured":"Webb, S., Caverlee, J., & Pu, C. (2008). Social honeypots: Making friends with a spammer near you. Retrieved July 7, 2011, from http:\/\/www.ceas.cc\/2008\/papers\/ceas2008-paper-50.pdf"},{"key":"jitn.2012070101-86","unstructured":"Woodings, R., Joos, D., Clifton, T., & Knutson, C. D. (2001). Rapid heterogeneous connection establishment: Accelerating bluetooth inquiry using IrDA. Retrieved July 5, 2011, from http:\/\/faculty.cs.byu.edu\/~knutson\/publications\/IrDA_Assisted_BT_Discovery.pdf"},{"key":"jitn.2012070101-87","unstructured":"Wright, J. (2007). \u201cI can hear you now\u201d - Eavesdropping on bluetooth headsets. Retrieved July 7, 2011, from http:\/\/www.willhackforsushi.com\/presentations\/icanhearyounow-sansns2007.pdf"},{"key":"jitn.2012070101-88","volume":"Vol. 2","author":"J. A. W.Zenneck","year":"1915","journal-title":"Wireless telegraphy"},{"key":"jitn.2012070101-89","doi-asserted-by":"crossref","unstructured":"Zyba, G., Voelker, G. M., Liljenstam, M., M\u00e9hes, A., & Johansson, P. (2009, April). Defending mobile phones from proximity malware. In Proceedings of the IEEE International Conference INFOCOM, Rio de Janeiro, Brazil (pp. 1503-1511).","DOI":"10.1109\/INFCOM.2009.5062067"}],"container-title":["International Journal of Interdisciplinary Telecommunications and Networking"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=70592","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,2]],"date-time":"2022-06-02T03:15:40Z","timestamp":1654139740000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jitn.2012070101"}},"subtitle":["Measuring and Managing Bluetooth Risks in the Workplace"],"short-title":[],"issued":{"date-parts":[[2012,7,1]]},"references-count":90,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2012,7]]}},"URL":"https:\/\/doi.org\/10.4018\/jitn.2012070101","relation":{},"ISSN":["1941-8663","1941-8671"],"issn-type":[{"value":"1941-8663","type":"print"},{"value":"1941-8671","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,7,1]]}}}