Publication at FM 2021

A new publication has been presented at the FM 2021.

Andrea Pferscher and Bernhard K. Aichernig: “Fingerprinting Bluetooth Low Energy Devices via Active Automata Learning”, In Huisman, M., Pasareanu, C.S., Zhan, N. (eds.) Formal Methods – 24th International Symposium, FM 2021, Virtual Event, November 20-26, 2021. Lecture Notes in Computer Science, vol. 13047, pp. 524–542. Springer (2021).(PDF)(doi:10.1007/978-3-030-90870-6_28)

Abstract:

Active automata learning is a technique to automatically infer behavioral models of black-box systems. Today’s learning algorithms enable the deduction of models that describe complex system properties, e.g., timed or stochastic behavior. Despite recent improvements in the scalability of learning algorithms, their practical applicability is still an open issue. Little work exists that actually learns models of physical black-box systems. To fill this gap in the literature, we present a case study on applying automata learning on the Bluetooth Low Energy (BLE) protocol. It shows that not the size of the system limits the applicability of automata learning. Instead, the interaction with the system under learning, is a major bottleneck that is rarely discussed. In this paper, we propose a general automata learning architecture for learning a behavioral model of the BLE protocol implemented by a physical device. With this framework, we can successfully learn the behavior of five investigated BLE devices. The learned models reveal several behavioral differences. This shows that automata learning can be used for fingerprinting black-box devices, i.e., identifying systems via their specific learned models. Based on the fingerprint, an attacker may exploit vulnerabilities specific to a device.