cispa_all_2748.pdf (557.37 kB)

Nearby Threats: Reversing, Analyzing, and Attacking Google's 'Nearby Connections' on Android

Download (557.37 kB)
conference contribution
posted on 2023-11-29, 18:09 authored by Daniele Antonioli, Nils Ole TippenhauerNils Ole Tippenhauer, Kasper Rasmussen
Google’s Nearby Connections API enables any An-droid (and Android Things) application to provide proximity-based services to its users, regardless of their network connectivity.The API uses Bluetooth BR/EDR, Bluetooth LE and Wi-Fi to let“nearby” clients (discoverers) and servers (advertisers) connectand exchange different types of payloads. The implementation ofthe API is proprietary, closed-source and obfuscated. The updatesof the API are automatically installed by Google across differentversions of Android, without user interaction. Little is knownpublicly about the security guarantees offered by the API, eventhough it presents a significant attack surface.In this work we present the first security analysis of theGoogle’s Nearby Connections API, based on reverse-engineeringof its Android implementation. We discover and implement sev-eral attacks grouped into two families: connection manipulation(CMA) and range extension attacks (REA). CMA-attacks allow anattacker to insert himself as a man-in-the-middle and manipulateconnections (even unrelated to nearby), and to tamper withthe victim’s interface and network configuration. REA-attacksallow an attacker to tunnel any nearby connection to remotelocations, even between two honest devices. Our attacks areenabled by REArby, a toolkit we developed while reversingthe API implementation. REArby includes a dynamic binaryinstrumenter, a packet dissector, and the implementations ofcustom Nearby Connections client and server. We plan to open-source REArby after a responsible disclosure period.


Preferred Citation

Daniele Antonioli, Nils Tippenhauer and Kasper Rasmussen. Nearby Threats: Reversing, Analyzing, and Attacking Google's 'Nearby Connections' on Android. In: Network and Distributed System Security Symposium (NDSS). 2019.

Primary Research Area

  • Secure Connected and Mobile Systems

Name of Conference

Network and Distributed System Security Symposium (NDSS)

Legacy Posted Date


Open Access Type

  • Unknown


@inproceedings{cispa_all_2748, title = "Nearby Threats: Reversing, Analyzing, and Attacking Google's 'Nearby Connections' on Android", author = "Antonioli, Daniele and Tippenhauer, Nils Ole and Rasmussen, Kasper", booktitle="{Network and Distributed System Security Symposium (NDSS)}", year="2019", }

Usage metrics


    No categories selected


    Ref. manager