Selective Jamming of Bluetooth

The Bluetooth protocol is used in many devices and has therefore become a worthwhile target for attacks. Various attacks on Bluetooth require the attacker to establish a Man-in-the-Middle position. In many cases this is done by interrupting the connection between two devices using a jammer. Therefore, it is vital to understand and examine Bluetooth jammers, as preventing jamming could prevent many attacks on Bluetooth. Currently, most Bluetooth jammers need highly specialised and expensive hardware, which makes research difficult. For this reason, our goal was to implement a selective jammer for Bluetooth Classic using affordable hardware. For this purpose, we attempted to adapt an existing jammer for Bluetooth Low Energy to Bluetooth Classic.

Our work is based on the btlejack software, which uses the BBC micro:bit. The micro:bit is a lightweight Single Board Computer with hardware support for Bluetooth Low Energy. When we attempted to adapt the btlejack jammer, we found that there are several reasons why the BBC micro:bit is not suited for use with Bluetooth Classic. For instance, the Bluetooth Low Energy packet structure supported by the micro:bit was not compatible with the Bluetooth Classic packet structure. Due to this, a jammer implementation which works with real Bluetooth Classic devices was not possible. Instead, we created a model scenario, which we used to test the jammer’s performance and limitations. In most test scenarios, the jammer’s performance was stable and reliable. However, we found that a successful jamming over distance can only be guaranteed if the jammer’s signal strength is sufficiently high. Especially in cases, where the distance between sender and receiver is small, this can be problematic. Therefore, a jammer should be able to transmit with a higher signal strength than most Bluetooth devices. This will probably have implications on the kind of hardware that can be used for jamming Bluetooth.