Date of Award


Document Type


Degree Name

Master of Science in Information Systems and Technology


Information and Decision Sciences

First Reader/Committee Chair

Dr. Harold Dyck


The utilization of the Bluetooth protocol has provided many with the seamless transmission of data to multiple devices. Given its versatility and being an efficient process of connectivity, it has become one of the preferred methods of wireless connections. Despite this, an aspect of the Bluetooth function is still vulnerable to being exploited by having the data transmission stolen. This project answered the following questions: “How does one reduce the vulnerability by comparing normal and abnormal Bluetooth data?”, “How does one identify outlying variables within the data?” and “How can we improve the Bluetooth function?”. This project relied on previous research based on establishing patterns of life in Bluetooth devices in order to categorize such devices using their data. By applying a similar approach, this research is focused on creating a methodology of capturing, detecting, and analyzing normal and abnormal Bluetooth data. By creating two scenarios involving Bluetooth devices, one where a normal transmission happens and another where a Bluetooth Hijacking occurs, comparable scans were made and then compared. The findings were as follows: The analysis shows it is possible to categorize the Bluetooth devices and attribute their data to create a pattern of life. By comparing normal and abnormal Bluetooth data, vulnerability can be reduced by detecting abnormal data much sooner and thus alerting the user of any attacks. To identify the outlying variables, certain characteristics within the Bluetooth packet in Wireshark can be selected and shown in the RStudio graph. Having these variables displayed creates a better visual to further analyze the data captured and identify any outlying variables. This project also introduced methods that the Bluetooth function can be improved on by including the introduction of more pin inputs when entering Bluetooth networks, as well as the idea to introduce a feature that authenticates the termination of a Bluetooth connection. The conclusion of this project revealed that these captures and analysis allow for establishing a pattern of life of what would be considered normal and abnormal data within the Bluetooth IoT and can be expanded into other Bluetooth devices.