posted on 2023-11-29, 18:15authored byJianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Ole TippenhauerNils Ole Tippenhauer, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi
The Bluetooth standard is ubiquitously supported by com-
puters, smartphones, and IoT devices. Due to its complex-
ity, implementations require large codebases, that are prone
to security vulnerabilities, such as the recently discovered
BlueBorne and BadBluetooth attacks. While defined by the
standard, most of the Bluetooth functionality, as defined by
different Bluetooth profiles, is not required in the common
usage scenarios.
Starting from this observation, we implement L IGHT B LUE ,
a framework performing automatic, profile-aware debloating
of Bluetooth stacks, allowing users to automatically minimize
their Bluetooth attack surface by removing unneeded Blue-
tooth features. L IGHT B LUE starts with a target Bluetooth
application, detects the associated Bluetooth profiles, and ap-
plies a combination of control-flow and data-flow analysis
to remove unused code within a Bluetooth host code. Fur-
thermore, to debloat the Bluetooth firmware, L IGHT B LUE
extracts the used Host Controller Interface (HCI) commands
and patches the HCI dispatcher in the Bluetooth firmware au-
tomatically, so that the Bluetooth firmware avoids processing
unneeded HCI commands.
We evaluate L IGHT B LUE on four different Bluetooth hosts
and three different Bluetooth controllers. Our evaluation
shows that L IGHT B LUE achieves between 32% and 50% code
reduction in the Bluetooth host code and between 57% and
83% HCI command reduction in the Bluetooth firmware. This
code reduction leads to the prevention of attacks responsible
for at least 20 CVEs, such as BlueBorne and BadBluetooth,
while introducing no performance overhead and without af-
fecting the behavior of the debloated application.
History
Preferred Citation
Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Tippenhauer, Dongyan Xu, Dave Tian and Antonio Bianchi. LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In: Usenix Security Symposium (USENIX-Security). 2021.
Primary Research Area
Secure Connected and Mobile Systems
Name of Conference
Usenix Security Symposium (USENIX-Security)
Legacy Posted Date
2021-01-22
Open Access Type
Gold
BibTeX
@inproceedings{cispa_all_3347,
title = "LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks",
author = "Wu, Jianliang and Wu, Ruoyu and Antonioli, Daniele and Payer, Mathias and Tippenhauer, Nils Ole and Xu, Dongyan and Tian, Dave (Jing) and Bianchi, Antonio",
booktitle="{Usenix Security Symposium (USENIX-Security)}",
year="2021",
}