Bluetooth-protocol Vulnerability Mining System Based On Fuzzy Testing

With the development of the Internet of things,Bluetooth technology,as a common short-range wireless communication technology of the Internet of things,is constantly updated.At the same time,the information security problems brought to users are becoming more and more prominent.In recent years,Trojans and viruses for Bluetooth communication emerge in endlessly,and have a more and more serious trend.As the basis of Bluetooth communication,Bluetooth protocol ensures the reliable transmission of data.Therefore,it is of great significance to mine the vulnerability of Bluetooth protocol and improve the information security level of Bluetooth communication.As an efficient protocol vulnerability mining technology,fuzzy testing has been widely used and achieved a lot of excellent results.Through the research of Bluetooth protocol and fuzzy test,a method of generating fuzzy test message for Bluetooth protocol is proposed,and a Bluetooth Protocol Fuzzing System(BTPFuzz)based on fuzzy test is implemented.Firstly,in order to generate effective test cases,according to the field characteristics of Bluetooth protocol,the protocol field corresponding relationship between request and response message is analyzed to obtain the generation order.Then,the system needs to generate and mutate each field,and proposes four methods to obtain the original data and two mutation strategies to construct the data of the protocol field.Then,an improved Bluetooth protocol fuzzy test method based on state machine is proposed.Compared with stateless fuzzy test,it focuses on the transfer of protocol state.After sending fuzzy test message,it can automatically recover the state and improve the effectiveness of test cases.According to the above Bluetooth protocol fuzzy test method,BTPFuzz is divided into four modules: Bluetooth communication module,data generation and mutation module,protocol test case generation module,monitoring module and a fuzzy test controller for coordinating each module to promote the fuzzy test.The system is developed by using Blue Z protocol stack under Linux.In the process of fuzzy test on Service Discovery Protocol(SDP),Logical Link Control and Adaptation Protocol(L2CAP)and Bluetooth Network Encapsulation Protocol(BNEP),anomalies and vulnerabilities of the device under test are captured,As a result,the Bluetooth connection between the system and the device under test is interrupted,and even the Bluetooth process crashes,which proves the effectiveness of the system.After that,the two vulnerabilities of SDP and BNEP are analyzed and reproduced in detail,which shows that Bluetooth protocol has security defects in the application process.