With the exponential growth of the Internet of Things (IoT) and the convenience of the Bluetooth Low Energy (BLE) connection protocol, there is a need to find defensive strategies to protect IoT BLE sensors. While literature exists for conducting qualitative studies for IoT, there is unfinished work in quantitative experiments with IoT BLE sensors. The purpose of this quantitative experiment was to determine if current NIST Bluetooth security controls and best practices would protect an IoT BLE sensor. The research question asked whether it was possible to mitigate the success of well-known Bluetooth attack vectors for IoT BLE. The common threats used Bluetooth administration tools such as BlueZ utilities, Gatttool, and HCI tools to complete the experiment. The experimental process consisted of a pre-test post-test method using a Repeated Measure – Analysis of Variance (RM-ANOVA). A comparison between pre-test without treatment and post-test with Bluetooth security controls applied as the treatment variable was conducted to determine if the results were statistically significant. Using the testing tools and experimental design, the researcher showed two threat categories out of seven had any level of protection against well-known vulnerabilities; however, the null hypothesis was rejected stating NIST controls would provide a level of protection against well-known attacks. The experimental work provides a methodology to evaluate a larger population of IoT BLE sensors and suggests a qualitative case study to evaluate new advancements in defensive strategies that may address findings in this study.
|Advisor:||McAndrews, Ian, Kulp, Philip|
|School:||Capitol Technology University|
|School Location:||United States -- Maryland|
|Source:||DAI-B 82/9(E), Dissertation Abstracts International|
|Subjects:||Information Technology, Computer science|
|Keywords:||Bluetooth Low Energy, Experimental design, Internet of Things, Nation Institute of Standards and Technology, Security controls|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be