| Presentation | 2021-03-04 A Real-Time Bluetooth Protocol Fuzzing System Bo Wang, Suzuki Ako, Yuichi Kaji, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In recent years, with the practical use and spread of Bluetooth IoT (Internet of Things) devices, there are concerns about security threats to Bluetooth IoT devices, many of which are caused by software vulnerabilities. Fuzzing test is one of the software testing methods for finding software vulnerabilities in the devices and is used as a technology for finding unknown security vulnerabilities as a black-box test. Although many fuzzing methods have been investigated, they cannot grasp the real-time status of communication protocol. Moreover, there are still some serious challenges to be solved. For example, conventional fuzzing tools cannot perform real-time fuzzing test on the communication protocol of the target device, such that we have to prepare massive fuzzing data in advance. It is difficult to prepare that these test data with sufficient numbers and variations, and parameters such as design thresholds, cannot be set appropriately. Another concern is that the preparation of fuzzing data is costly, and efficient test cannot be achieved, and also that during the fuzzing operation, there are problems such as false positive, the omission of detection, and undetectability. To address the challenges, we propose an approach on a real-time Bluetooth protocol fuzzing system. By using the real-time protocol fuzzing system, packet elements of communication, such as header ID, connect ID, length, and contents of operations in communication protocol fields, are tested by fuzzing data in real-time, without preparing massive fuzzing data in advance by monitoring the communication status, and thus to the achievement of efficient Bluetooth protocol fuzzing test. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | real-time / fuzzing / Bluetooth / protocol |
| Paper # | IT2020-137,ISEC2020-67,WBS2020-56 |
| Date of Issue | 2021-02-25 (IT, ISEC, WBS) |
| Conference Information | |
| Committee | WBS / IT / ISEC |
|---|---|
| Conference Date | 2021/3/4(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Joint Meeting of WBS, IT, and ISEC |
| Chair | Masanori Hamamura(Kochi Univ. of Tech.) / Tadashi Wadayama(Nagoya Inst. of Tech.) / Shoichi Hirose(Univ. of Fukui) |
| Vice Chair | Takashi Shono(INTEL) / Masahiro Fujii(Utsunomiya Univ.) / Tetsuya Kojima(Tokyo Kosen) / Tetsuya Izu(Fujitsu Labs.) / Noboru Kunihiro(Tsukuba Univ.) |
| Secretary | Takashi Shono(Okayama Univ. of Science) / Masahiro Fujii(National Defence Academy) / Tetsuya Kojima(Yamaguchi Univ.) / Tetsuya Izu(Saga Univ.) / Noboru Kunihiro(Tsukuba Univ.) |
| Assistant | Duong Quang Thang(NAIST) / Masafumi Moriyama(NICT) / Masayuki Kinoshita(Chiba Univ. of Tech.) / Takahiro Ohta(Senshu Univ.) / Kazuki Yoneyama(Ibaraki Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Wideband System / Technical Committee on Information Theory / Technical Committee on Information Security |
|---|---|
| Language | ENG-JTITLE |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Real-Time Bluetooth Protocol Fuzzing System |
| Sub Title (in English) | |
| Keyword(1) | real-time |
| Keyword(2) | fuzzing |
| Keyword(3) | Bluetooth |
| Keyword(4) | protocol |
| 1st Author's Name | Bo Wang |
| 1st Author's Affiliation | JVCKENWOOD(JVCKW) |
| 2nd Author's Name | Suzuki Ako |
| 2nd Author's Affiliation | JVCKENWOOD(JVCKW) |
| 3rd Author's Name | Yuichi Kaji |
| 3rd Author's Affiliation | Nagoya University(NU) |
| Date | 2021-03-04 |
| Paper # | IT2020-137,ISEC2020-67,WBS2020-56 |
| Volume (vol) | vol.120 |
| Number (no) | IT-410,ISEC-411,WBS-412 |
| Page | pp.pp.152-159(IT), pp.152-159(ISEC), pp.152-159(WBS), |
| #Pages | 8 |
| Date of Issue | 2021-02-25 (IT, ISEC, WBS) |