• State Verified Answer
  • Locked Locked
  • Replies 16 replies
  • Subscribers 64 subscribers
  • Views 7892 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 120182
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Heavy scanning activity from Android (and iOS) devices might prevent connecting to BLE GAP Peripheral

endnode

Dear Nordic team and community,

Have you encountered the problem where standard BT4.0/4.1 GAP Peripheral device would be "blocked" from connection (kind of "denial of service" situation) by too many actively scanning GAP Scanners/Centrals? We are seeing this with certain mobile phones (especially Android) in "observing" role and this is pretty independent on adv. interval we use (typically 20-200ms). All adv. events are "loaded" with SCAN_REQ packets when there are 5 or more "scanning" phones and beside SCAN_REQ collisions (which are typically not critical for BLE solutions) basically all CONNECT_REQ collide with some SCAN_REQ packet and thus Peripheral never follows the connection.

Any suggestions (beside trying to lower scanning activity on phones' side which obviously isn't always possible)?

Thanks Jan

Parents
  • 0

    Hi Jan

    I can see DOS attacks being more and more common, especially with the BLE Web API being released by Google recently (in Chrome)

    I have thought about defence strategies for this, and one option I considered was changing the "connectable" flags if your software thinks its under DOS attack

    e.g. just turn it off for a few seconds, of perhaps longer.

    But. I've not tried this myself yet.

    I also looked at trying to prevent devices connecting in an attempt to flatten the battery.

    So I tried immediately disconnecting, if the first attempt didn't immediately write to a custom (authorisation) characteristic, with a password. But it didnt help, because Android appears to immediately tries to reconnect, over and over again, until it times out (which seems to take around 5 secs)

    Hence I considered changing the connectable flag, but didnt have time to investigate whether that would work

Reply
  • 0

    Hi Jan

    I can see DOS attacks being more and more common, especially with the BLE Web API being released by Google recently (in Chrome)

    I have thought about defence strategies for this, and one option I considered was changing the "connectable" flags if your software thinks its under DOS attack

    e.g. just turn it off for a few seconds, of perhaps longer.

    But. I've not tried this myself yet.

    I also looked at trying to prevent devices connecting in an attempt to flatten the battery.

    So I tried immediately disconnecting, if the first attempt didn't immediately write to a custom (authorisation) characteristic, with a password. But it didnt help, because Android appears to immediately tries to reconnect, over and over again, until it times out (which seems to take around 5 secs)

    Hence I considered changing the connectable flag, but didnt have time to investigate whether that would work

Children
No Data
Related