View article

In this paper we present BISON, a novel attack on Bluetooth’s broadcast isochronous streams (BISes), and demonstrate it on off-the-shelf hardware. BISON exploits the plaintext metadata used for stream synchronization as well as the vague specification of the Broadcast_Code exchange to take over ongoing BISes and manipulate their content. With BISON, we are the first to raise awareness about the vulnerability of BISes, which are the stepping stone of several Bluetooth applications for audio diffusion at public locations. We further describe possible attack countermeasures and guidelines on how to design secure applications leveraging BISes.