Skip to Main content Skip to Navigation
Conference papers

InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections

Abstract : Bluetooth Low Energy (BLE) is nowadays one of the most popular wireless communication protocols for Internet of Things (IoT) devices. As a result, several attacks have targeted this protocol or its implementations in recent years, illustrating the growing interest for this technology. However, some major challenges remain from an offensive perspective, such as injecting arbitrary frames, hijacking the Slave role or performing a Man-in-The-Middle in an already established connection. In this paper, we describe a novel attack called InjectaBLE, allowing to inject malicious traffic into an existing connection. This attack is highly critical as the vulnerability exploited is inherent to the BLE specification itself, which means that any BLE connection can be possibly vulnerable, regardless of the BLE devices involved in the connection. We describe the theoretical foundations of the attack, how to implement it in practice, and we explore four critical attack scenarios allowing to maliciously trigger a specific feature of the target device, hijack the Slave and Master role or to perform a Man-in-the-Middle attack. Finally, we discuss the impact of this attack and outline some mitigation measures.
Complete list of metadata
Contributor : Romain Cayre <>
Submitted on : Monday, April 12, 2021 - 6:14:05 PM
Last modification on : Friday, September 17, 2021 - 3:23:40 PM


Files produced by the author(s)



Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche, et al.. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Jun 2021, Taipei (virtual), Taiwan. ⟨10.1109/DSN48987.2021.00050⟩. ⟨hal-03193297v2⟩



Record views


Files downloads