11-18, 09:30–10:00 (Europe/Vienna), Badeschiff
This talk investigates security vulnerabilities of the wireless communication protocol Bluetooth Low Energy. The discovered vulnerabilities are united into a threat model using the STRIDE threat modeling approach. The vulnerabilities examined in this thesis range from packet sniffing on the physical layer to sophisticated Machine-in-the-Middle attacks that are built upon address spoofing and jamming attacks. The proposed threat model also identifies the optional and mandatory dependencies between the attack vectors.
Christopher Skallak is currently an IT-Security masters student at FH Campus Vienna with high interest in Capture The Flag and Pentesting. His studies focus on embedded security, especially on the wireless communication protocols Bluetooth and Bluetooth Low Energy. He deepened his knowledge in his master's thesis by creating a Threat Model of Bluetooth Low Energy, which is based on the STRIDE model to categorize various vulnerabilities.