Bluetooth has become critical as many IoT devices are arriving in the market. Most of the current literature focusing on Bluetooth simulation concentrates on the network protocols' performances and completely neglects the privacy protection recommendations introduced in the BLE standard. Indeed, privacy protection is one of the main issues handled in the Bluetooth standard. For instance, the current standard forces devices to change the identifier they embed within the public and private packets, known as MAC address randomization. Although randomizing MAC addresses is intended to preserve device privacy, recent literature shows many challenges that are still present. One of them is the correlation between the public packets and the emitters. Unfortunately, existing evaluation tools such as NS-3 are not designed to reproduce this Bluetooth standard's essential functionality. This makes it impossible to test solutions for different device-fingerprinting strategies as there is a lack of ground truth for large-scale scenarios with the majority of current BLE devices implementing MAC address randomization. In this paper, we first introduce a solution of standard-compliant MAC address randomization in the NS-3 framework, capable of emulating any real BLE device in the simulation and generating real-world Bluetooth traces. In addition, since the simulation run-time for trace-collection grows exponentially with the number of devices, we introduce an optimization to linearize public-packet sniffing. This made the large-scale trace-collection practically feasible. Then, we use the generated traces and associated ground truth to do a case study on the evaluation of a generic MAC address association available in the literature. Our case study reveals that close to 90 percent of randomized addresses could be correctly linked even in highly dense and mobile scenarios.
翻译:蓝牙已经变得至关重要, 因为许多 IOT 设备正在进入市场。 目前以蓝牙模拟为主的文献大多集中在网络协议的性能上, 完全忽略了在 BLOW 标准中引入的隐私保护建议。 事实上, 隐私保护是蓝牙标准处理的主要问题之一。 例如, 当前标准强制装置改变其在公共和私人包中嵌入的识别码, 被称为 MAC 地址随机化。 虽然随机化 MAC 地址是为了保护设备隐私, 但最近的文献显示许多仍然存在的挑战。 其中之一是公共包和排放者之间的关联。 不幸的是, 现有的 NST-3 等评估工具并不是用来复制这个蓝牙标准的基本功能。 这使得无法测试不同设备指纹打印战略的解决方案, 因为目前大多数使用MAC 地址随机化的 MAC 工具都缺乏地面真相。 在本文中, 我们首先推出一个符合标准的 MAC 地址随机化的随机化解决方案。 其中之一是公共包包包和排放者之间的关联性。 不幸的是, NS-3 现有的评估工具没有被设计为复制这个蓝牙标准, 标准化的直径直径直径比 。