Refreshments are available starting at 10:30 a.m. The seminar will begin at 10:45 a.m.
Abstract
Bluetooth Low Energy (BLE) stands at the forefront of near-range wireless communication technology, integral to a myriad of Internet of Things devices (spanning health care, fitness, wearables, and smart home applications), primarily due to its significantly low energy consumption. However, the past few years have unveiled numerous security flaws, placing billions of Bluetooth devices at risk. While luckily these flaws have been discovered (some of which have been fixed), there is no reason to believe that current BLE protocols and implementations are free from other flaws.
In this talk, Zhiqiang Lin will present a line of recent efforts aimed at enhancing BLE security and privacy. In particular, he will first present the protocol-level downgrade attack, an attack that can force the secure BLE channels into insecure ones to break the data integrity and confidentiality of BLE traffic. Then, he will introduce the Bluetooth Address Tracking (BAT) attack, a novel protocol-level attack, which can track randomized Bluetooth MAC addresses by using an innovative allowlist-based side channel. Next, he will talk about the lessons learned, root causes of the attacks, and their countermeasures. Finally, he will conclude his talk by discussing future directions in Bluetooth security and privacy.
Speaker Biography
Zhiqiang Lin is a Distinguished Professor of Engineering at the Ohio State University. His research interests center around systems and software security, with a key focus on (1) developing automated binary analysis techniques for vulnerability discovery and malware analysis, (2) hardening the systems and software from binary code rewriting, virtualization, and trusted execution environment, and (3) the applications of these techniques in mobile, Internet of Things, Bluetooth, and connected and autonomous vehicles. Lin has published over 150 papers, many of which appeared in the top venues in cybersecurity. He is an Institute of Electrical and Electronics Engineers Fellow, an ACM Distinguished Member, and a a recipient of the Harrison Faculty Award for Excellence in Engineering Education, an NSF CAREER Award, an Air Force Office of Scientific Research Young Investigator Award, and an Outstanding Faculty Teaching Award. He received his PhD in computer science from Purdue University.