• State Verified Answer
  • Locked Locked
  • Replies 16 replies
  • Subscribers 73 subscribers
  • Views 9771 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 120182
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Heavy scanning activity from Android (and iOS) devices might prevent connecting to BLE GAP Peripheral

endnode

Dear Nordic team and community,

Have you encountered the problem where standard BT4.0/4.1 GAP Peripheral device would be "blocked" from connection (kind of "denial of service" situation) by too many actively scanning GAP Scanners/Centrals? We are seeing this with certain mobile phones (especially Android) in "observing" role and this is pretty independent on adv. interval we use (typically 20-200ms). All adv. events are "loaded" with SCAN_REQ packets when there are 5 or more "scanning" phones and beside SCAN_REQ collisions (which are typically not critical for BLE solutions) basically all CONNECT_REQ collide with some SCAN_REQ packet and thus Peripheral never follows the connection.

Any suggestions (beside trying to lower scanning activity on phones' side which obviously isn't always possible)?

Thanks Jan

Parents
  • 0

    Hi Jan

    My concern was not for a hardware DOS style attach, where the channels were effectively jammed by sending random noise, as I dont know if its possible to write a phone app to make the phone hardware do that.

    I was more concerned with web pages maliciously using the BLE web api without the user knowing it was happening. i.e if an app deliberately does this, its likely google and apple would remove it from their App stores. But scripts on websites are a lot harder to ban.

    At the moment I dont know enough about the BLE protocol to know how to defend from the script kiddie type DOS attack.

    I have investigated multiple beacons in close proximity ( 100 beacons in the same room) and I did not see to many problems with this, but I have not tried lots of phones and a few beacons. I suppose I could simulate this by reflashing my Smartbeacons with some Central code.

Reply
  • 0

    Hi Jan

    My concern was not for a hardware DOS style attach, where the channels were effectively jammed by sending random noise, as I dont know if its possible to write a phone app to make the phone hardware do that.

    I was more concerned with web pages maliciously using the BLE web api without the user knowing it was happening. i.e if an app deliberately does this, its likely google and apple would remove it from their App stores. But scripts on websites are a lot harder to ban.

    At the moment I dont know enough about the BLE protocol to know how to defend from the script kiddie type DOS attack.

    I have investigated multiple beacons in close proximity ( 100 beacons in the same room) and I did not see to many problems with this, but I have not tried lots of phones and a few beacons. I suppose I could simulate this by reflashing my Smartbeacons with some Central code.

Children
No Data
Related
Terms of service