=Paper=
{{Paper
|id=Vol-3925/short03
|storemode=property
|title=The method of increasing the security of IoT devices by implementing the dynamic change of the bluetooth address (short paper)
|pdfUrl=https://ceur-ws.org/Vol-3925/short03.pdf
|volume=Vol-3925
|authors=Inna Mykhalchuk,Yurii Shcheblanin,Oleksandr Toroshanko,Hanna Martyniuk
|dblpUrl=https://dblp.org/rec/conf/cmigin/MykhalchukSTM24
}}
==The method of increasing the security of IoT devices by implementing the dynamic change of the bluetooth address (short paper)==
https://ceur-ws.org/Vol-3925/short03.pdf
The method of increasing the security of IoT devices by
implementing the dynamic change of the Bluetooth
address
Inna Mykhalchuk1,∗,†, Yurii Shcheblanin1, Oleksandr Toroshanko1,† and Hanna
Martyniuk2,3,†
1
Taras Shevchenko National University of Kyiv, Volodymyrska Str., 60, Kyiv, 01601, Ukraine
2
Mariupol State University, Preobrazhenska Str., 6, Kyiv, 03037, Ukraine
3
State Scientific and Research Institute of Cybersecurity Technologies and Information Protection, Maksym Zalizniak Str., 3/6,
Kyiv, 03142, Ukraine
Abstract
The paper examines the possibilities of use and vulnerability of devices that, according to the concept of
construction and use, belong to the Internet of Things. Modern technological solutions for collecting and
transmitting primary data mostly focus on Internet of Things devices. They are actively used in various
spheres of industry and everyday life. At the same time, the low price, technological limitations and the
lack of uniform standards affected their security level. There are known cases when attackers, exploiting
the vulnerabilities of Internet of Things devices, launched an attack on the company's information system
and caused financial and reputational damage. Typical solutions for the construction of IoT systems, in
most cases, allow attackers to implement attacks on vital components of such systems and create a threat
to the lives of users, causing reputational and financial losses. Such devices are connected to the control
unit with Bluetooth technology and are identified by the name of the device and its Bluetooth address.
These parameters are the main vector of the intruder's attack on Internet of Things devices. The paper
proposes a method of increasing the level of security of IoT devices by introducing a dynamic change of
the Bluetooth address. The central control unit of the Internet of Things devices will initiate the process of
dynamic, random over time, change of the Bluetooth address of the devices, which will limit the time
interval of possible influence of the attacker on the device.
Keywords
ІоТ, protection methods, data analysis, attack vector, network security, Bluetooth, access control systems,
attack classification, information security 1
1. Introduction
Privacy and security issues become especially relevant when it comes to the Internet of Things (IoT).
IoT is a concept that defines the connection of various physical objects to the Internet for data
exchange and interaction [1]. These objects can include any devices or sensors that can receive,
transmit and process data. IoT allows data to be collected in real-time, providing the opportunity for
optimal management and monitoring of various systems. This technology is used in various fields,
such as industry, agriculture, medicine, transport, home automation ("Smart Home" technology) and
others. At the same time, IoT technology is one of the main attack vectors, attackers can use these
systems for various purposes, such as collecting information about users, affecting network
resources or the process of managing connections of IoT devices, affecting vital end devices IoT, etc.
[2, 3, 4], which requires increased attention to IoT security issues. Security mechanisms of IoT
CH&CMiGIN’24: Third International Conference on Cyber Hygiene & Conflict Management in Global Information Networks,
January 24–27, 2024, Kyiv, Ukraine
∗
Corresponding author.
†
These authors contributed equally.
inna.mykhalchuk@knu.ua (I. Mykhalchuk); shcheblanin.yurii@knu.ua (Y. Shcheblanin);
oleksandr.toroshanko@knu.ua (O. Toroshanko); ganna.martyniuk@gmail.com (H. Martyniuk)
0000-0002-1802-7653 (I. Mykhalchuk); 0000-0002-3231-6750 (Y. Shcheblanin); 0000-0002-2354-0187 (O. Toroshanko);
0000-0003-4234-025X (H. Martyniuk)
© 2025 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR
ceur-ws.org
Workshop ISSN 1613-0073
Proceedings
�systems are aimed at ensuring the protection of devices from unauthorized access, protection of
network connections from attacks and detection of possible threats.
This includes the use of various techniques such as encryption, authentication, authorization,
buffer overflow protection, and others [5]. It is also important to take into account the technological
features of the functioning of IoT devices, monitor potential threats and use a comprehensive
approach to their protection, including technical and organizational measures, such as compliance
with security protocols, conducting training and raising awareness among users.
2. Formulation of the research task
Ensuring cybersecurity in IoT systems requires the development and implementation of a
comprehensive protection system that includes both technical and organizational mechanisms.
Technical protection mechanisms include encryption, authentication and authorization, access
control, monitoring and analysis of security events and other methods that allow you to protect
devices and their data from cyber criminals [6].
Organizational security mechanisms include security policies, security audit procedures, training,
and user awareness of safe practices. For example, educating users about password security and
prohibiting them from using the same password on multiple devices can reduce the risks of a hack.
In addition, security mechanisms in IoT systems are important from the point of view of protection
against cyber terrorism. In today's world, cyber terrorists can use different methods to attack IoT
systems, such as DDoS attacks, malware distribution, phishing and social engineering [7].
These attacks can paralyze the functioning of IoT devices, significantly reduce their reliability
and resilience, and lead to data loss and leakage of confidential information. Another aspect of
relevance is the rapid growth in the number of IoT devices used in various industries such as
transportation, industry, healthcare, and others. These devices collect and process large amounts of
data, which can lead to serious problems related to the protection of confidential information and
ensuring the safety of users in case of compromise.
Therefore, the development and implementation of effective protection mechanisms in IoT
systems is an extremely important task that will reduce the risks of hacking and cyber-attacks, ensure
the safety and confidentiality of devices and the information stored on them, as well as ensure the
stability and reliability of devices in various fields of use. One of the main problems in IoT systems
is the lack of safety and security standards and regulations. This means that device manufacturers
can take different approaches to securing and protecting their devices, which can create
vulnerabilities and risks for users [8, 9].
In addition, software updates and patches that contain fixes for identified vulnerabilities are not
always distributed to users in a timely and efficient manner. Another challenge is the complexity of
securing IoT systems, as they can contain a large number of different components and devices that
communicate with each other over wireless networks. This leads to an increase in attack vectors and
a decrease in the effectiveness of protection. In this regard, the development and implementation of
effective protection mechanisms in IoT systems is an extremely difficult task that requires a
comprehensive approach. To ensure the security of IoT systems, it is necessary to consider all
elements of the system as a whole structure and ensure their interaction from the point of view of
security and protection [10]. To do this, it is necessary to develop and use new technologies and
standards that allow protection against various types of attacks, as well as increase the efficiency of
updating and patching software.
3. A method of increasing the security of IoT devices
Technologically, IoT devices can be combined into specialized subsystems that, with the help of a
central control unit, interact with each other and solve certain tasks. As an example, consider the
"smart home" system shown in Figure 1 [11].
The main elements of the IoT system are [12–15]:
� • Connected devices - are physical devices or sensors capable of collecting and transmitting
data over the network (for example, temperature, humidity and motion sensors that connect
to the information transmission network).
• Data collection tools - are components that provide collection, aggregation and processing of
data received from connected devices (for example, cloud platforms, local servers or
embedded data collection systems).
• Communication networks - are network resources that provide data transfer between
connected devices and data collection devices (for example, Wi-Fi, Bluetooth, ZigBee, Z-
Wave, LTE, NB-IoT, and others).
• Cloud services - сloud platforms provide resources to store, process and analyze the large
amount of data received from connected devices, and they can also provide tools for IoT
application development and system management.
• Analytics and artificial intelligence - these components provide processing and analysis of
information from a large volume of data collected from connected devices, and can use
machine learning algorithms and other artificial intelligence techniques to obtain valuable
information and predict future events. For example, data analysis can help predict technical
problems with devices before they occur, as well as optimize energy consumption and ensure
high efficiency of systems built using IoT devices.
• Management systems - are components that provide management of connected IoT devices
and applications. They can provide interfaces for monitoring and controlling devices using
mobile applications or web interfaces.
• Security blocks - the components that protect connected IoT devices and data from malicious
attacks. These may include cryptographic protocols, remote authentication methods and
other security methods.
Figure 1: Smart home system.
Because the concept of a "smart house", to increase capabilities, involves the connection of
additional IoT devices, the probability of implementing attacks on the system as a whole, due to the
vulnerabilities of individual IoT devices, also increases.
To develop a method of increasing the security of IoT devices in the "smart home" system, we
will classify threats according to their origin and methods of implementation [16]:
1. By origin:
� • Internal threats: These are threats arising from the actions of service company employees
who have access to IoT devices. Such threats may include abuse of privileges, misuse of data
or intentional distortion of the functions of devices and the "smart home" system as a whole.
• External threats: these are threats that come from outside the boundaries of the "smart home"
system and are aimed at its components. Such threats may include hacker attacks, phishing
attacks, viruses, and more.
2. By methods of implementation:
• Security attacks: These are threats used to hack IoT devices and gain unauthorized access to
them and the system in which they function. Such threats are implemented by intercepting
the technological data of IoT devices, making changes to the functioning of the system,
disclosing confidential data, etc.
• Privacy attacks: These are threats used to violate the privacy of IoT users. Such threats may
include location tracking, interception of messages, collection of user information, etc.
• Availability attacks: These are threats used to interfere with the normal functioning of IoT
devices and smart home subsystems. Such threats may include DDoS attacks on the device,
jamming the data transmission channels between the IoT device and the control unit, making
changes to the settings of IoT devices and subsystems, etc.
3. By type of IoT devices:
• Threats to Home IoT Devices: These are threats arising from connecting home devices to the
Internet, such as routers, routers, home security systems, etc. Such devices can become the
target of attacks due to their vulnerabilities and lack of protection.
• Threats to industrial IoT devices: These are threats arising from connecting industrial devices
to the Internet, such as manufacturing process sensors, medical equipment, access control
systems, etc. Such devices can be the target of hacker attacks or be used as entry points to
hack other systems on the network.
4. By the scale of influence:
• Local threats: These are threats that affect individual IoT devices or small groups of devices,
such as home networks.
• Global threats: These are threats that have a large-scale impact on IoT systems, such as large-
scale hacking attacks on the critical network infrastructure or energy and transport
management systems.
One of the most common threats to IoT systems are attacks on the network layer. These attacks
can include various methods such as intercepting traffic, modifying data packets, injecting forged
packets into the network, sending fake requests, and more. Another type of threat to IoT systems is
application layer attacks. These attacks can include exploits, software hacking, phishing attacks, and
other methods. Another type of threat to IoT systems is hardware-level attacks. These attacks may
include exploits that exploit vulnerabilities in physical access to IoT devices [17].
Most often, Bluetooth technology is used to connect IoT devices to the "smart home" control unit
and the Internet. Bluetooth is a wireless data transmission standard designed to provide short-range
connections between various electronic devices, allowing information to be exchanged between
various devices without the need for cables. Bluetooth works over short distances, usually within a
few meters, and uses radio waves to exchange data wirelessly. This technology is widely used for
transmission, establishing connections between devices, as well as connecting IoT devices to the
network. Bluetooth supports different versions with different capabilities and data rates.
� The use of wireless technologies allows to reduce the risk of system hacking due to physical
access to IoT devices, at the same time, Bluetooth technology has several potential security
disadvantages that must be taken into account when using it [18].
A Bluetooth connection can be vulnerable to data interception attacks, especially over open or
weakly secured connections. To reduce the likelihood of this, it is recommended to use Bluetooth 4.0
and above technology, which involves the use of the Bluetooth LE Privacy function. This feature
implements the process of generating "advertisement packets" with random MAC addresses, which
prevents an attacker from identifying and affecting the device.
But how do surrounding devices see that the device has a different address? When first connected,
a special trusted relationship is established between the devices, after the connection, the two devices
will have different encryption keys, one of which is for privacy. This key is called the Identity
Resolution Key (IRK). IRK allows the first device to translate these random MAC addresses that
appear in "advertisement packets" from the second device into the real MAC address of the second
device. This feature is available to devices that you trust. Privacy Bluetooth Smart operates with
Bluetooth version 4.0 of the core specification [19, 20].
But not all devices of the IoT system can support Bluetooth version 4.0, the following types of
threats are relevant for such devices [21]:
• Bluejacking and Bluesnarfing: Bluejacking involves sending unknown messages or contacts
on other users' Bluetooth devices without their proper consent. Bluesnarfing is an attack in
which an attacker can gain unauthorized access to data on a Bluetooth device.
• Pairing attacks: The pairing process of Bluetooth devices can be vulnerable to attacks,
especially if weak or common PIN codes are used. Using Authorized Devices: Attacks that
use devices that are already authorized to connect to the system.
Each Bluetooth device has a unique address. This address consists of 6 bytes and is similar to a
MAC address, in the format MM:MM:MM:XX:XX:XX, where the upper three bytes, labelled M,
contain information about the manufacturer of the chip. By the remaining three lower X bytes, an
attacker can determine the device model, which significantly reduces the device's security [19].
To reduce the vulnerability of IoT devices implemented using Bluetooth technology, it is possible
to implement dynamic replacement of the Bluetooth address of IoT devices, this will ensure the
anonymity of the devices, and reduce the risk of their tracking and identification.
The main idea of this method is to initiate the process of dynamically changing the device's
Bluetooth address on the side of the control unit according to a random law.
Since attackers usually discover a device by its Bluetooth address, dynamically changing the
Bluetooth address reduces the likelihood of hacking attacks or interception of the connection. If a
device consistently uses the same address, it can make it vulnerable to eavesdropping or identifying
its owner. Changing the address allows you to preserve the privacy of the user and makes it difficult
to determine his identity. Changing the Bluetooth address also allows you to exclude prohibited
devices from the network.
The block diagram of the method of dynamic replacement of the Bluetooth address of the "smart
home" IoT devices is shown in Figure 2.
The sender application is a special software deployed in the IoT device network control unit. The
database of which stores the list of IoT devices identified and authenticated in the system and
implements the function of generating the Bluetooth address of the IoT device according to a random
law. The newly generated Bluetooth address is encrypted and transmitted to the recipient's
application. The receiver application, this special software is deployed in the IoT device, where the
generated Bluetooth address of the device is decoded and the process of rewriting the new Bluetooth
address to the IoT device memory is initiated.
The receiving application generates a message about the status of the IoT device and transmits it
to the control unit (sending application), where the technological information is checked and, in the
�case of its confirmation, the Bluetooth address of the IoT device is overwritten (replaced) in the
database of the control unit.
The receiving App
Sender App
exchange messages using a new (IoT device)
Bluetooth address
Control unit command to return to normal Control unit
of IoT system operation mode of IoT device
IoT device status message
Getting all
Bluetooth address
of the devices
IoT systems
(presets)
Generation of a Overwriting the
Bluetooth address Bluetooth address
by an IoT device of the IoT device
according to a to the received
certain law one
Encryption
generated Decryption
Bluetooth received
addresses of the Bluetooth address
IoT device
transmission of the network-generated
Bluetooth address
Figure 2: Structural diagram of the implementation of the method of dynamic replacement of the
Bluetooth address.
The sender application transmits to the IoT device (receiver application) a command to complete
the address replacement cycle and return to normal operation mode to the new Bluetooth address.
The receiver application (IoT device) switches to normal operating mode and transmits data to
the control unit.
4. Conclusions
Enhancing security in an IoT system that uses Bluetooth networking is a critical task because IoT
devices often collect and share critical information. At the same time, the locations of the devices
allow attackers to stay in their area of operation for a long time, and use specialized software and
hardware tools to implement attacks on the IoT device and the IoT system as a whole.
The work analyzed the structure of the "smart home" system implemented using IoT devices,
classified threats and determined that the most vulnerable are those implemented using Bluetooth
technology. A method of dynamically changing the Bluetooth address of IoT devices was proposed,
the implementation of the method will allow to significantly increase the security of IoT devices that
are outside the controlled zone and concerning which an attacker can carry out illegal actions
(collection of network data for their analysis and compromise, etc.).
The directions of further research will be focused on the development of a method of increasing
the security of the central control unit of the IoT system.
Declaration on Generative AI
The author(s) have not employed any Generative AI tools.
�References
[1] S. Greengard, The Internet of Things, The MIT Press, London, England, 2015.
[2] K. Oliynyk, 5 Essential Steps to Ensure Secure Communication with IoT Devices, 2023. URL:
https://webbylab.com/blog/5-essential-steps-to-ensure-secure-communication-with-iot-
devices.
[3] Y. Shcheblanin, B. Oliinyk, O. Kurchenko, O. Toroshanko, N. Korshun, Research of
authentication methods in mobile applications, CEUR Workshop Proceedings 3421 (2023) 266–
271. URL: https://ceur-ws.org/Vol-3421/short14.pdf.
[4] D. Ivanova, V. Diordiev, Means of implementing the concept of "Smart Home", in: Proceeding
of Problems of mechanization and electrification of technological processes, Melitopol, 2019, pp.
51–52. URL: http://elar.tsatu.edu.ua/bitstream/123456789/8228/1/СБОРНИК%20МЕА-2019-51-
52.pdf.
[5] F. Hu, Security and Privacy in Internet of Things (IoTs), CRC Press, Boca Raton, USA, 2016.
[6] F. Chantzis, I. Stais, P. Calderon, E. Deirmentzoglou, B. Woods, The definitive guide to hacking
the world of the Internet of Things (IoT), No Starch Press Inc, San Francisco, USA, 2023.
[7] L. Goeke, Security Challenges of the Internet of Things, 2023. URL
https://www.theseus.fi/bitstream/handle/10024/128420/Goeke_Lisa.pdf?sequence=1.
[8] O. Solomentsev, et al., Data processing through the lifecycle of aviation radio equipment, in:
Proceedings of IEEE 17th International Conference on Computer Sciences and Information
Technologies (CSIT), IEEE, Lviv, Ukraine, 2022, pp. 146–151. doi:
10.1109/CSIT56902.2022.10000844.
[9] M. Zaliskyi, et al., Heteroskedasticity analysis during operational data processing of radio
electronic systems, in: S. Shukla, A. Unal, J. Varghese Kureethara, D.K. Mishra, D.S. Han (Eds.),
Data science and security, volume 290 of Lecture Notes in Networks and Systems, Springer,
Singapore, 2021, pp. 168–175. doi: 10.1007/978-981-16-4486-3_18.
[10] B. Russell, D. Van Duren, Practical Internet of Things Security, Packt Publishing, Great Britain,
2018.
[11] D. Spivey, Home Automation. For Dummies. For Dummies, Wiley, New Jersey, 2014.
[12] M. Kranz, Building the Internet of things: implement new business models, disrupt competitors,
and transform your industry. Wiley, New Jersey, 2017.
[13] A. Bahga, V. Madisetti, Internet of Things (IoT): A Hands-On Approach. URL:
http://www.internet-of-things-book.com.
[14] S. Li, L. D. Xu, Securing the Internet of Things, Syngress is an imprint of Elsevier, Cambridge,
MA, USA, 2022.
[15] I. Ostroumov, et al., A probability estimation of aircraft departures and arrivals delays, In: O.
Gervasi, et al. (Eds.), Computational Science and Its Applications – ICCSA 2021. ICCSA 2021,
volume 12950 of Lecture Notes in Computer Science, Springer, Cham, 2021, pp. 363–377. doi:
10.1007/978-3-030-86960-1_26.
[16] B. Zhurakovskyy, I. Zeniv, Internet of Things technologies, NTU, Kyiv, 2021.
[17] P. Ghole, Attacks on IoT devices using Bluetooth, 2023. URL:
https://www.einfochips.com/blog/attacks-on-iot-devices-using-bluetooth/.
[18] M. Kofler, Hacking and Security: The Comprehensive Guide to Penetration Testing and
Cybersecurity, Wubbeling, Rheinwerk Computing, 2023.
[19] M. Woolley, Bluetooth technology protecting your privacy, 2015. URL:
https://www.bluetooth.com/blog/bluetooth-technology-protecting-your-privacy/.
[20] A.V. Garist, Vulnerability analysis of bluetooth technology, Scientific Notes of the Tavria
National University named after V.I. Vernadsky, Radio engineering and telecommunications,
33(72) (2022) 27–31.
[21] N. Frolova, I. Mykhalchuk, O. Tyshchenko. Protection of public WI-FI access points, Journal of
the National University "Chernihiv Polytechnic", Technical Sciences and Technologies 1 (2022)
123–135.
�