Defending IoT Devices against Bluetooth Worms with Bluetooth OBEX Proxy
, Min-Hao Wu 2,*, Yan-Ling Hwang 3, Jian-Xin Chen 1, Jian-Hong Huang 1, Hao-Jyun Wang 1 and Yi-Wen Lai 1Round 1
Reviewer 1 Report
The paper presents an architecture with a corresponding workflow to protect the device from Bluetooth worms based on an OBEX Proxy. Several categories of relevant attack protection methods are investigated. The authors evaluate the proposed work by comparing the cases with the proxy and those without the proxy.
The paper provides many tech details, e.g., config files, workflow charts, and coding, making the paper tangible as a real project. I appreciate this point.
Yet I also have several concerns with the paper below:
First and foremost, the paper requires significant improvement concerning the writing quality and presentation.
- Even the abstract is difficult to follow. It does not clarify the main concepts and pinpoint the main contributions and novelty.
- The introduction does not have a smooth, logical flow. It appears to me that the information is unsorted without following some reasonable flow of thoughts, making it extremely hard to follow.
Secondly, the novelty and contributions of the paper are not explicitly given. They have to be specified. Otherwise, readers cannot easily understand the merits of the paper.
Thirdly, it is unclear how the work presented in the paper differs or relates to previous related studies and, further, in which aspect advances the SOTA.
Lastly, the proposed approach is not compared with any previous work through experiments. It is hard to evaluate the approach without reference or comparison to any previous work in the field.
The paper is hard to read due to poor proofreading and language issues, as mentioned in point #1 in the above comments to authors.
Author Response
Dear Editors and Reviewers:
Thank you for your letter and for the reviewers’ comments concerning our manuscript entitled “Defending IoT Devices against Bluetooth Worms with Bluetooth OBEX Proxy” (ID: information-2594166). Those comments are all valuable and helpful for revising and improving our paper and the essential guiding significance of our research. We have studied the comments carefully and made corrections, which we hope meet with approval. Revised portions are marked in red on the paper. The leading corrections in the paper and the responses to the reviewer’s comments are as follows:
Responds to the reviewer’s comments:
Reviewer #1:
|
First and foremost, the paper requires significant improvement concerning the writing quality and presentation. - Even the abstract is difficult to follow. It does not clarify the main concepts and pinpoint the main contributions and novelty. - The introduction does not have a smooth, logical flow. It appears to me that the information is unsorted without following some reasonable flow of thoughts, making it extremely hard to follow. |
[Response]
We will change our essays to raise their writing and presentation standards. We attentively studied the assessments and noted areas that needed improvement. We have asked for assistance from others to modify our paper, and we have employed various writing strategies and instruments to raise the caliber of our work. These actions will considerably raise the caliber and readability of our article. Thank reviewers for the reviewer's comments. In order to enhance the caliber and presentation of our paper, we shall be proactive. We have already begun amending the paper.
We have abstracted the essential ideas and highlighted the significant contributions and surprises. We will keep working to make the abstracts' quality and readability better. We hope these recommendations prove helpful to the reader.
3.
We have reorganized the content of the introduction, categorizing and ordering the information to create a logical flow of thought. Use clear and concise language, and avoid jargon. Emphasize the importance and, in the introduction, the paper's central concepts, contributions, and novelty. Use strong sentences and phrases to capture the reader's attention.
|
Secondly, the novelty and contributions of the paper are not explicitly given. They have to be specified. Otherwise, readers cannot easily understand the merits of the paper. |
[Response]
We have abstracted the essential ideas and highlighted the significant contributions and surprises. We will keep working to make the abstracts' quality and readability better. We hope these recommendations prove helpful to the reader.
|
Thirdly, it is unclear how the work presented in the paper differs or relates to previous related studies and, further, in which aspect advances the SOTA. |
[Response]
The BOP approach builds on previous Bluetooth security work, such as developing Bluetooth firewalls and intrusion detection systems in sections 3.1, 3.2, and 3.2. It is also related to previous work on malicious file detection, such as developing virus scanners and malware analysis tools in section 3.4. However, the BOP approach presents for the first time a centralized agent for filtering malicious files transmitted through the OBEX system service in BlueZ. This approach is more efficient, scalable, and easier to deploy and manage than previous approaches in section 4.2.
|
Lastly, the proposed approach is not compared with any previous work through experiments. It is hard to evaluate the approach without reference or comparison to any previous work in the field. |
[Response]
We will add to the conclusion of this paper.
“The novelty of the BOP approach lies in the fact that it is the first proposed centralized proxy to filter malicious files transferred through BlueZ's OBEX system service. Traditional approaches usually require each device to run its security software, which makes the device's security dependent on the device manufacturer's security capabilities. The BOP approach improves security and reliability by centralizing security checks in a single agent. The BOP approach can improve the security of Bluetooth devices by impacting the following areas, reducing the risk of Bluetooth devices being attacked by malicious files. Increase the popularity of Bluetooth devices.”
Author Response File: 
Author Response.docx
Reviewer 2 Report
Interesting review about cyber-security in Bluetooth devices, question is whether the concepts described in the paper are universal for all Bluetooth versions and BLE?
Second, the authors should give a clear description before publishing of how such vulnerabilities in BT can influence potential real-case business.
moderate, small improvements can be implemented to have more academic flavor
Author Response
Dear Editors and Reviewers:
Thank you for your letter and for the reviewers’ comments concerning our manuscript entitled “Defending IoT Devices against Bluetooth Worms with Bluetooth OBEX Proxy” (ID: information-2594166). Those comments are all valuable and helpful for revising and improving our paper and the essential guiding significance of our research. We have studied the comments carefully and made corrections, which we hope meet with approval. Revised portions are marked in red on the paper. The leading corrections in the paper and the responses to the reviewer’s comments are as follows:
Responds to the reviewer’s comments:
Reviewer #2:
|
Interesting review about cyber-security in Bluetooth devices, question is whether the concepts described in the paper are universal for all Bluetooth versions and BLE? |
[Response]
The Bluetooth device used in this article is the MediaTek Inc. mt7921e, which has a kernel of 5.15.0-75-generic. According to the features of Bluetooth 5, Bluetooth 5.0 is not only backward compatible with older versions of Bluetooth products but also offers the advantages of higher speeds and longer transmission distances. Therefore, the method in this study can be applied to any version of Bluetooth. Furthermore, this is also true in our test results.
|
Second, the authors should give a clear description before publishing of how such vulnerabilities in BT can influence potential real-case business. |
[Response]
I will add to lines 95-106 in the paper.
Bluetooth vulnerabilities can have a significant impact on actual business. A Bluetooth vulnerability could be used to steal sensitive data such as corporate secrets, customer data, or personal health information. It could cause significant damage to the organization and undermine customer trust. Bluetooth vulnerabilities can be used to plant ransomware, which could lead to business downtime and data loss. Bluetooth vulnerabilities can be used to attack industrial control systems, which could lead to production disruptions or human casualties. Specific examples of Bluetooth vulnerabilities include hackers using Bluetooth to attack a significant retailer, stealing the credit card information of more than 40 million customers, and using Bluetooth to attack a major healthcare company, stealing the medical information of more than 15 million patients. Organizations should also raise employee awareness of Bluetooth security risks and educate them on identifying and avoiding them.
Author Response File: Author Response.docx
Round 2
Reviewer 1 Report
The authors have addressed most of my concerns except for the following: "The proposed approach is not compared with any previous work through experiments."
Authors should justify why no comparative experiments are necessary or unfeasible.
The manuscript should go through more proofreading.
Such sentences as "Increase the popularity of Bluetooth devices." are incomplete and should not exist in the manuscript.
Author Response
Dear Editors and Reviewers:
Thank you for your letter and for the reviewers’ comments concerning our manuscript entitled “Defending IoT Devices against Bluetooth Worms with Bluetooth OBEX Proxy” (ID: information-2594166). Those comments are all valuable and helpful for revising and improving our paper and the essential guiding significance of our research. We have studied the comments carefully and made corrections, which we hope meet with approval. Revised portions are marked in red on the paper. The leading corrections in the paper and the responses to the reviewer’s comments are as follows:
Responds to the reviewer’s comments:
Reviewer #1:
|
The authors have addressed most of my concerns except for the following: "The proposed approach is not compared with any previous work through experiments."
Authors should justify why no comparative experiments are necessary or unfeasible. |
[Response]
To demonstrate comparability with any prior work through experimentation, we will introduce a new section 5.4. The addition appears in this paper's lines 772–787.
The changes include the following:
5.4 Functionality comparisons
BOP was implemented in the Linux operating system kernel. One of the most well-known antivirus programs for Linux is ClamAV. Linux machines cannot have their file systems automatically scanned by ClamAV. Therefore, BOP can identify malware as soon as it is downloaded to a Linux computer over Bluetooth. However, ClamAV will find the infection in the subsequent scanning cycle. And it can take several hours to scan the entire file system. Users of ClamAV must specify to ClamAV which files in which directories they should repeatedly check to avoid the issue mentioned above. Benign files that have already been examined in the guides must be scanned again by ClamAV. Finally, VirusTotal, which has access to more than 60 viral signature databases, is used by BOP. However, ClamAV only has one database of signatures. Therefore, BOP is better than ClamAV at identifying Bluetooth malware.
Table 4. Functionality comparisons between BOP and ClamAV. In this table, V means YES. X represents NO.
|
|
Automatically scan |
# of signature databases used |
Need to configure directory |
|
BOP |
X |
60+ |
X |
|
ClamAV |
V |
1 |
V |
|
The manuscript should go through more proofreading. Such sentences as "Increase the popularity of Bluetooth devices." are incomplete and should not exist in the manuscript. |
[Response]
We gave this essay a more thorough proofreading.
Author Response File: Author Response.docx
