{"id":"https://openalex.org/W4308430162","doi":"https://doi.org/10.1145/3548606.3559372","title":"When Good Becomes Evil","display_name":"When Good Becomes Evil","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4308430162","doi":"https://doi.org/10.1145/3548606.3559372"},"language":"en","primary_location":{"id":"doi:10.1145/3548606.3559372","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3559372","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100333755","display_name":"Yue Zhang","orcid":"https://orcid.org/0000-0002-7786-0231"},"institutions":[{"id":"https://openalex.org/I52357470","display_name":"The Ohio State University","ror":"https://ror.org/00rs6vg23","country_code":"US","type":"education","lineage":["https://openalex.org/I52357470"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yue Zhang","raw_affiliation_strings":["The Ohio State University, Columbus, OH, USA"],"affiliations":[{"raw_affiliation_string":"The Ohio State University, Columbus, OH, USA","institution_ids":["https://openalex.org/I52357470"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026864098","display_name":"Zhiqiang Lin","orcid":"https://orcid.org/0000-0001-6527-5994"},"institutions":[{"id":"https://openalex.org/I52357470","display_name":"The Ohio State University","ror":"https://ror.org/00rs6vg23","country_code":"US","type":"education","lineage":["https://openalex.org/I52357470"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhiqiang Lin","raw_affiliation_strings":["The Ohio State University, Columbus, OH, USA"],"affiliations":[{"raw_affiliation_string":"The Ohio State University, Columbus, OH, USA","institution_ids":["https://openalex.org/I52357470"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5100333755"],"corresponding_institution_ids":["https://openalex.org/I52357470"],"apc_list":null,"apc_paid":null,"fwci":2.5918,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.91824249,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"3181","last_page":"3194"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12801","display_name":"Bluetooth and Wireless Communication Technologies","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12801","display_name":"Bluetooth and Wireless Communication Technologies","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.923799991607666,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8004761338233948},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.6192909479141235},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.6145370006561279},{"id":"https://openalex.org/keywords/bluetooth","display_name":"Bluetooth","score":0.5868852138519287},{"id":"https://openalex.org/keywords/replay-attack","display_name":"Replay attack","score":0.5662804245948792},{"id":"https://openalex.org/keywords/timing-attack","display_name":"Timing attack","score":0.5029577612876892},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.46163058280944824},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4423266649246216},{"id":"https://openalex.org/keywords/channel","display_name":"Channel (broadcasting)","score":0.4172445833683014},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.41383013129234314},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.4129723608493805},{"id":"https://openalex.org/keywords/power-analysis","display_name":"Power analysis","score":0.41200190782546997},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4008851945400238},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.3056846261024475},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2262878715991974},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.22440099716186523},{"id":"https://openalex.org/keywords/wireless","display_name":"Wireless","score":0.1709764301776886}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8004761338233948},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.6192909479141235},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.6145370006561279},{"id":"https://openalex.org/C546215728","wikidata":"https://www.wikidata.org/wiki/Q39531","display_name":"Bluetooth","level":3,"score":0.5868852138519287},{"id":"https://openalex.org/C11560541","wikidata":"https://www.wikidata.org/wiki/Q1756025","display_name":"Replay attack","level":3,"score":0.5662804245948792},{"id":"https://openalex.org/C28420585","wikidata":"https://www.wikidata.org/wiki/Q2665075","display_name":"Timing attack","level":4,"score":0.5029577612876892},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.46163058280944824},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4423266649246216},{"id":"https://openalex.org/C127162648","wikidata":"https://www.wikidata.org/wiki/Q16858953","display_name":"Channel (broadcasting)","level":2,"score":0.4172445833683014},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.41383013129234314},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.4129723608493805},{"id":"https://openalex.org/C71743495","wikidata":"https://www.wikidata.org/wiki/Q2845210","display_name":"Power analysis","level":3,"score":0.41200190782546997},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4008851945400238},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.3056846261024475},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2262878715991974},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.22440099716186523},{"id":"https://openalex.org/C555944384","wikidata":"https://www.wikidata.org/wiki/Q249","display_name":"Wireless","level":2,"score":0.1709764301776886},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3548606.3559372","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3559372","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/7","display_name":"Affordable and clean energy","score":0.8399999737739563}],"awards":[{"id":"https://openalex.org/G2186497367","display_name":null,"funder_award_id":"2112471","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W103398704","https://openalex.org/W189998244","https://openalex.org/W2019698782","https://openalex.org/W2061719810","https://openalex.org/W2274307588","https://openalex.org/W2400744680","https://openalex.org/W2748719146","https://openalex.org/W2790176444","https://openalex.org/W2902420616","https://openalex.org/W2933347941","https://openalex.org/W2947213621","https://openalex.org/W2963660578","https://openalex.org/W2965405723","https://openalex.org/W2965644669","https://openalex.org/W2979036900","https://openalex.org/W2983028905","https://openalex.org/W2986203625","https://openalex.org/W2992094613","https://openalex.org/W2997157514","https://openalex.org/W3016167145","https://openalex.org/W3038161846","https://openalex.org/W3047244366","https://openalex.org/W3082009274","https://openalex.org/W3108723500","https://openalex.org/W3159047493","https://openalex.org/W4293783379","https://openalex.org/W6602393588","https://openalex.org/W6604224933","https://openalex.org/W6659382052","https://openalex.org/W6680560629","https://openalex.org/W6683062620","https://openalex.org/W6719600236","https://openalex.org/W6776158550","https://openalex.org/W6786532134"],"related_works":["https://openalex.org/W1971956962","https://openalex.org/W4384807855","https://openalex.org/W1533979697","https://openalex.org/W2981727040","https://openalex.org/W2170261837","https://openalex.org/W4244949874","https://openalex.org/W2083001766","https://openalex.org/W2127307719","https://openalex.org/W2809979774","https://openalex.org/W2482982817"],"abstract_inverted_index":{"Bluetooth":[0,78,239,248],"Low":[1],"Energy":[2],"(BLE)":[3],"is":[4,80,139],"ubiquitous":[5],"today.":[6],"To":[7],"prevent":[8],"a":[9,13,41,48,84,93,100,263,272],"BLE":[10,121],"device":[11,45,49,102,165,214],"(e.g.,":[12],"smartphone)":[14],"from":[15,28,83],"being":[16],"connected":[17],"by":[18],"unknown":[19],"devices,":[20,123],"it":[21,58],"uses":[22],"allowlisting":[23,138],"to":[24,97,141,162,195,208,211,238,252],"allow":[25],"the":[26,51,70,142,147,191],"connectivity":[27],"only":[29],"recognized":[30],"devices.":[31],"Unfortunately,":[32],"we":[33,66],"show":[34],"that":[35,69,201],"this":[36,254],"allowlist":[37],"feature":[38],"actually":[39],"introduces":[40],"side":[42,116],"channel":[43,117],"for":[44,172,176,183,188,219,229],"tracking,":[46],"since":[47],"with":[50,87,119,137,271],"allowed":[52],"list":[53],"behaves":[54],"differently":[55],"even":[56,65],"though":[57],"has":[59],"used":[60],"randomized":[61,197],"MAC":[62,72,95,158,198],"addresses.":[63],"Worse":[64],"also":[67],"find":[68],"current":[71],"address":[73,96,159],"randomization":[74,160],"scheme":[75,161],"specified":[76],"in":[77,245],"protocol":[79,256],"flawed,":[81],"suffering":[82],"replay":[85,92,209],"attack":[86],"which":[88],"an":[89,150],"attacker":[90],"can":[91,203],"sniffed":[94],"probe":[98],"whether":[99],"targeted":[101],"will":[103],"respond":[104],"or":[105],"not":[106],"based":[107],"on":[108],"its":[109],"allowlist.":[110],"We":[111,145,233],"have":[112,234],"validated":[113],"our":[114,236,260],"allowlist-based":[115],"attacks":[118],"43":[120],"peripheral":[122,155],"11":[124],"centrals,":[125],"and":[126,130,154,174,178,185,190,221,224,231,241,268],"4":[127],"development":[128],"boards,":[129],"found":[131],"none":[132],"of":[133,149,193],"them":[134,210],"once":[135],"configured":[136],"immune":[140],"proposed":[143],"attacks.":[144],"advocate":[146],"use":[148,192],"interval":[151],"unpredictable,":[152],"central":[153],"synchronized":[156],"random":[157],"defeat":[163,212],"passive":[164],"tracking":[166,215],"(introducing":[167,216],"1%":[168],"power":[169],"consumption":[170],"overhead":[171,182,218,228],"centrals":[173,184,230],"6.75%":[175],"peripherals,":[177,220],"88.49":[179],"\u03bcs":[180,187,223,226],"performance":[181,227],"94.46":[186],"peripherals),":[189],"timestamps":[194],"derive":[196],"addresses":[199],"such":[200],"attackers":[202],"no":[204],"longer":[205],"be":[206],"able":[207],"active":[213],"3.04%":[217],"63.58":[222],"20.54":[225],"peripherals).":[232],"disclosed":[235],"findings":[237,261],"SIG":[240,249],"many":[242],"other":[243],"stake-holders":[244],"October":[246],"2020.":[247],"assigned":[250,259],"CVE-2020-35473":[251],"track":[253],"logical-level":[255],"flaw.":[257],"Google":[258],"as":[262],"high":[264],"severity":[265],"design":[266],"flaw":[267],"awarded":[269],"us":[270],"bug":[273],"bounty.":[274]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}