Wireless communications among wearable and implantable devices implement the information exchange around the human body. Wireless body area network (WBAN) technology enables non-invasive applications in our daily lives. Wireless connected devices improve the quality of many services, and they make procedures easier. On the other hand, they open up large attack surfaces and introduces potential security vulnerabilities. Bluetooth low energy (BLE) is a low-power protocol widely used in wireless personal area networks (WPANs). This paper analyzes the security vulnerabilities of a BLE heart-rate sensor. By observing the received signal strength indicator (RSSI) variations, it is possible to detect anomalies in the BLE connection. The case-study shows that an attacker can easily intercept and manipulate the data transmitted between the mobile app and the BLE device. With this research, the author would raise awareness about the security of the heart-rate information that we can receive from our wireless body sensors.

翻译：可穿戴与植入式设备间的无线通信实现了人体周围的信息交换。无线体域网（WBAN）技术使我们日常生活中的非侵入式应用成为可能。无线连接设备提升了许多服务的质量，并简化了操作流程。然而，它们也暴露了更大的攻击面，并引入了潜在的安全漏洞。蓝牙低功耗（BLE）是一种广泛应用于无线个人局域网（WPAN）的低功耗协议。本文分析了BLE心率传感器的安全漏洞。通过观测接收信号强度指示（RSSI）的变化，可以检测BLE连接中的异常。案例研究表明，攻击者能够轻易截获并篡改移动应用与BLE设备之间传输的数据。通过这项研究，作者旨在提高人们对从无线体传感器获取的心率信息安全的关注。