Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Identification of Wearable Devices with Bluetooth

Hidayet Aksu, A. Selcuk Uluagac, Elizabeth S. Bentley

TL;DR

This work addresses the security of wearable devices by shifting focus from user authentication to device identity. It introduces a non-intrusive, timing-based fingerprinting framework for Bluetooth classic that extracts inter-arrival-time distributions from wearable traffic and generates histograms as signatures. The framework trains 20 ML algorithms and automatically selects the best classifier for testing, achieving average identification accuracy around 98% with high precision and recall on real smartwatches. The approach provides cyber threat intelligence to augment existing authentication and network access controls, enabling detection of unauthorized, counterfeit, or information-leaking wearables without modifying the devices themselves. Overall, the method demonstrates feasibility and practical utility for securing IoT wearables in dynamic networks.

Abstract

With wearable devices such as smartwatches on the rise in the consumer electronics market, securing these wearables is vital. However, the current security mechanisms only focus on validating the user not the device itself. Indeed, wearables can be (1) unauthorized wearable devices with correct credentials accessing valuable systems and networks, (2) passive insiders or outsider wearable devices, or (3) information-leaking wearables devices. Fingerprinting via machine learning can provide necessary cyber threat intelligence to address all these cyber attacks. In this work, we introduce a wearable fingerprinting technique focusing on Bluetooth classic protocol, which is a common protocol used by the wearables and other IoT devices. Specifically, we propose a non-intrusive wearable device identification framework which utilizes 20 different Machine Learning (ML) algorithms in the training phase of the classification process and selects the best performing algorithm for the testing phase. Furthermore, we evaluate the performance of proposed wearable fingerprinting technique on real wearable devices, including various off-the-shelf smartwatches. Our evaluation demonstrates the feasibility of the proposed technique to provide reliable cyber threat intelligence. Specifically, our detailed accuracy results show on average 98.5%, 98.3% precision and recall for identifying wearables using the Bluetooth classic protocol.

Identification of Wearable Devices with Bluetooth

TL;DR

This work addresses the security of wearable devices by shifting focus from user authentication to device identity. It introduces a non-intrusive, timing-based fingerprinting framework for Bluetooth classic that extracts inter-arrival-time distributions from wearable traffic and generates histograms as signatures. The framework trains 20 ML algorithms and automatically selects the best classifier for testing, achieving average identification accuracy around 98% with high precision and recall on real smartwatches. The approach provides cyber threat intelligence to augment existing authentication and network access controls, enabling detection of unauthorized, counterfeit, or information-leaking wearables without modifying the devices themselves. Overall, the method demonstrates feasibility and practical utility for securing IoT wearables in dynamic networks.

Abstract

With wearable devices such as smartwatches on the rise in the consumer electronics market, securing these wearables is vital. However, the current security mechanisms only focus on validating the user not the device itself. Indeed, wearables can be (1) unauthorized wearable devices with correct credentials accessing valuable systems and networks, (2) passive insiders or outsider wearable devices, or (3) information-leaking wearables devices. Fingerprinting via machine learning can provide necessary cyber threat intelligence to address all these cyber attacks. In this work, we introduce a wearable fingerprinting technique focusing on Bluetooth classic protocol, which is a common protocol used by the wearables and other IoT devices. Specifically, we propose a non-intrusive wearable device identification framework which utilizes 20 different Machine Learning (ML) algorithms in the training phase of the classification process and selects the best performing algorithm for the testing phase. Furthermore, we evaluate the performance of proposed wearable fingerprinting technique on real wearable devices, including various off-the-shelf smartwatches. Our evaluation demonstrates the feasibility of the proposed technique to provide reliable cyber threat intelligence. Specifically, our detailed accuracy results show on average 98.5%, 98.3% precision and recall for identifying wearables using the Bluetooth classic protocol.

Paper Structure

This paper contains 14 sections, 10 figures, 5 tables, 2 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. Background
  4. Wearables
  5. Wearables with Bluetooth Classic
  6. Fingerprinting Wearables
  7. Wearable Fingerprinting Framework
  8. Performance Evaluation
  9. Testbed and Experiment Methodology
  10. Experiments and Results
  11. Security Impact: Threats & Use Cases
  12. Threats
  13. Use Cases for Security
  14. Conclusion

Figures (10)

  • Figure 1: Overall Sync Architecture between the Phone and Wearable.
  • Figure 2: Bluetooth classic protocol stack
  • Figure 3: Fingerprinting wearables
  • Figure 4: Wearable fingerprinting framework.
  • Figure 5: Bluetooth classic testbed with wearables
  • ...and 5 more figures