December 4, 2020
11:00am - 12:00pm
Hacking Bluetooth with Automated Binary Analysis
Being a near range wireless communication technology, Bluetooth, particularly its Low Energy version, is ubiquitous in the Internet-of-Things (IoT) devices today because of its extremely lower energy consumption. However, the security and privacy implication of these Bluetooth devices is not well understood. In this talk, Dr. Lin will present how to use binary analysis and wireless traffic inspection, to identify the security vulnerabilities of Bluetooth protocols and implementations in the real devices. In particular, he will first talk about BLEScope, a tool developed from his research group to automatically fingerprint vulnerable Bluetooth devices from Google Play and then locate them in reality with a long range Bluetooth sniffer. Then, he will talk about FirmXRay, another tool developed from his group to automatically analyze the bare-metal firmware of Bluetooth devices to identify the link-layer vulnerabilities such as insecure pairing and unauthorized read/write. Finally, he will conclude his talk by discussing future directions in Bluetooth security.
Dr. Zhiqiang Lin is an Associate Professor of Computer Science and Engineering at The Ohio State University. His primary research interests are systems and software security, with an emphasis on developing automated program analysis and reverse engineering techniques for the applications of vulnerability discovery and security hardening. Dr. Lin is a recipient of both NSF CAREER award and AFOSR YIP award.