Is Your Cat Infected with a Computer Virus?

Rieback, Melanie R.; Crispo, Bruno; Tanenbaum, Andrew S.

doi:10.1109/percom.2006.32

Cited by 124 publications

(78 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Adversaries may use RFID tags to launch buffer overflows on the back-end RFID middleware. Although this might not be trivial, considering the memory storage of RFID tags, there are still commands that allow an RFID tag to send the same data block repetitively (Rieback et al 2006) in order to overflow a buffer in the back-end RFID middleware. Other options include the use of other devices with more resources such as smart cards or devices that are able to emulate multiple RFID tags (e.g.…”

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

“…RFID Guardian). -Malicious Code Injection: RFID tags can be used in order to propagate hostile code that subsequently could infect other entities of the RFID network (readers and connecting networks) (Rieback et al 2006). In this scenario, an adversary uses the memory space of RFID tags in order to store and spread in the back-end system the infecting viruses or other RFID malware.…”

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

“…In this scenario, an adversary uses the memory space of RFID tags in order to store and spread in the back-end system the infecting viruses or other RFID malware. Although this type of attacks are not widespread, laboratory experiments (Rieback et al 2006) have proved that they are feasible. Considering the fact that middleware applications use multiple scripting languages such as Javascript, PHP, XML etc.…”

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

“…More specifically, RFID tags can be employed in order to perform code insertion in RFID applications that use web protocols and intercept scripting languages. In the same way, can also be performed SQL injection (Rieback et al 2006), a special code insertion attack based on unexpectedly executing SQL statements that may lead unauthorized access to back-end databases and subsequently reveal or even modify data stored in the back-end RFID middleware.…”

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

See 3 more Smart Citations

Classifying RFID attacks and defenses

2009

View full text Add to dashboard Cite

RFID (Radio Frequency Identification) systems are one of the most pervasive computing technologies with technical potential and profitable opportunities in a diverse area of applications. Among their advantages is included their low cost and their broad applicability. However, they also present a number of inherent vulnerabilities. This paper develops a structural methodology for risks that RFID networks face by developing a classification of RFID attacks, presenting their important features, and discussing possible countermeasures. The goal of the paper is to categorize the existing weaknesses of RFID communication so that a better understanding of RFID attacks can be achieved and subsequently more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed.

show abstract

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

Section: Middleware Attacks -Buffer Overflowsmentioning

confidence: 99%

See 2 more Smart Citations

Classifying RFID attacks and defenses

2009

View full text Add to dashboard Cite

show abstract

“…Therefore here we shall refrain from a prevalent review and focus on those works that are most directly related to our contribution. Further interested readers may go through [8], [4] and [5].…”

Section: Related Workmentioning

confidence: 99%

YA-SRAP: yet another serverless RFID authentication protocol

Ahamed

Hoque

Rahman

et al. 2008

4th International Conference on Intelligent Environments (IE 08)

View full text Add to dashboard Cite

Several threats in RFID systems are obstacles to intermingle this technology into human lives. On the other hand ensuring flexible privacy mechanism has been an enormous challenge due to extremely inadequate computational storage of typical RFID tags. So in order to relieve tags from responsibility, privacy protection and security assurance was guaranteed by central server. In this paper, we describe serverless, lightweight, forward secured and untraceable authentication protocol for RFID tags. This authentication protocol safeguards both tag and reader against all major attacks without the intervention of server. Though it is very critical to guarantee untraceability and scalability simultaneously, here we are proposing a scheme to make our protocols more scalable via ownership transfer. To the best of our knowledge this feature is incorporated in the serverless system for the first time.

show abstract

Context‐aware usage control for web of things

Bai

Yang

et al. 2012

Security Comm Networks

View full text Add to dashboard Cite

The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures. To address these challenges, we propose a context‐aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context‐aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context‐aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. Copyright © 2012 John Wiley & Sons, Ltd.

show abstract

Is Your Cat Infected with a Computer Virus?

Cited by 124 publications

References 4 publications

Classifying RFID attacks and defenses

Classifying RFID attacks and defenses

YA-SRAP: yet another serverless RFID authentication protocol

Context‐aware usage control for web of things

Contact Info

Product

Resources

About