NFC Attacks Analysis and Survey

Chen, Cheng-Hao; Lin, Iuon-Chang; Yang, Chou Chen

doi:10.1109/imis.2014.66

Cited by 24 publications

(27 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is an attempt to block tag's interaction with the corresponding reader by making tags impractical to be read, and hence, it is indispensable to ensure that RFID tags are not destroyed with an unlawful parity [124] Users or objects authentication [125] Near-Field Communication (NFC) (continued) Secure channel (authentication and encryption) [44] Relay S3, S4, S6, S7 Attackers redirect the calls from the readers of object to a malevolent one and replay backward its reply rapidly [126]. It severely relies on the implementation of the application protocol data unit instructions (ISO/IEC1443) Timing [127], distance bounding of cryptographic challenge-response couples [128] Man in the middle (MITM) S4, S6, S7 Adversary can capture the data, alter and send it to malevolent things in close vicinity making such attacks very complicated, encryption methods also make it difficult to succeed if they are fulfilled correctly [129] A secure channel between the NFC objects Data corruption All An attacker possesses the ability to disrupt communication channels between NFC-armed IoT devices by altering the transmitted data to be unreadable leading to a denial of services attack [130] The discovery of RF spheres throughout the communication of data [44] Data modification All An attacker possesses the ability to attacker modify the content of communicated data between NFC-armed IoT devices [131] Channel securing, Baud rate adjustment, constant checking of RF arena [44] (continued) An attacker attempt to inject some information into transmitted data when the NFC-armed device needs a long time to reply [130] Immediate entities response, securing the channel between two entities [130] Bluetooth Bluesnarfing All An attacker seeks to gain unlawful access to Bluetooth devices with the aim to capture their information and forward the incoming requests to another device [49] Setting mobiles on non-ascertainable style [49], keep on disconnected [64], validate next transmission BlueBugging All An adversary might use some weaknesses in legacy firmware to get into the victim's device to eavesdrop on phone calls, messages, emails, and link up to the internet without the awareness of the owner [49] Updating software and firmware, apply signatures to RF signals [132] Bluejacking S1, S2, S7, S10 An attacker can exploit the ability to transmit a radio business card to send an assault card; nonetheless, this necessitates the attacker to be very close i.e., within 10 m from the victim's device [49] Non-ascertainable style [49], keep on disconnected…”

Section: Allmentioning

confidence: 99%

Internet of Things Security Requirements, Threats, Attacks, and Countermeasures

Abdel‐Basset

Moustafa

Hawash

et al. 2021

Deep Learning Techniques for IoT Security and Privacy

View full text Add to dashboard Cite

This chapter elaborates on different security aspects to be taken into accounts during the development and the deployments of IoT architecture. To make the reader about the security of the IoT based system, this chapter begins by defining the contemporary security requirements that should be considered to realize a reliable and trustworthy IoT environment. Then, the discussion extends to differentiate different concepts of IoT security i.e., threat, vulnerability, countermeasure, attacks, risks; and also explain how the concepts relate to each other. Later, a systematic taxonomy is presented for classifying IoT attacks according to IoT assets, where each class of IoT is further classified into more subcategories. Finally, the discussion of each elaborate different categories of IoT attack indicating their main security targets and possible IoT countermeasures.To sum up, this chapter intends to provide a comprehensive overview regarding IoT security vulnerabilities, threats, countermeasures, risks along with practices of handling them all through the following sections: • Security Requirements in Internet of Things • IoT threats, Attacks, vulnerabilities, and risks • Today's IoT attacks and Countermeasures • IoT attack surfaces • Summary and Learnt Lessons.

show abstract

Section: Allmentioning

confidence: 99%

Internet of Things Security Requirements, Threats, Attacks, and Countermeasures

Abdel‐Basset

Moustafa

Hawash

et al. 2021

Deep Learning Techniques for IoT Security and Privacy

View full text Add to dashboard Cite

show abstract

“…Protocol attacks include all attacks on wired and wireless communication protocols. Regarding smartphones, Wi-Fi [5], Bluetooth [6], NFC [7] and USB [8], are the most targeted technologies. However, the attacker needs to be present in the operating range of the protocol.…”

Section: One Of the Most Known Examples Is The Legal Tussle Betweenmentioning

confidence: 99%

Hardware Man-in-the-Middle Attacks on Smartphones

Khelif¹,

Lorandel²,

Romain³

2020

Forensic Sci Today

View full text Add to dashboard Cite

With the arrival of 5G, a lot of communicating devices will be spread in our daily life environment. As indicated by Cisco's annual report [1], the number of overall connected devices will reach 29.3 billion by 2023 in comparison to 18.4 billion in 2018, with a 10% annual growth. In all these devices, smartphones will represent around a fourth of all these devices, among personal computers, laptops, TVs, tablets, M2M devices, etc.

show abstract

“…Data modification: Unlike data corruption, in which an attacker change only the format of transmitted data, data modification attack could alter the content of the data [47].…”

Section: Connectivity Protocols-based Attacksmentioning

confidence: 99%

A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model

Abdul-Ghani¹,

Konstantas²,

Mahyoub³

2018

ijacsa

View full text Add to dashboard Cite

Internet of Things (IoT) has not yet reached a distinctive definition. A generic understanding of IoT is that it offers numerous services in many domains, utilizing conventional internet infrastructure by enabling different communication patterns such as human-to-object, object-to-objects, and object-to-object. Integrating IoT objects into the standard Internet, however, has unlocked several security challenges, as most internet technologies and connectivity protocols have been specifically designed for unconstrained objects. Moreover, IoT objects have their own limitations in terms of computation power, memory and bandwidth. IoT vision, therefore, has suffered from unprecedented attacks targeting not only individuals but also enterprises, some examples of these attacks are loss of privacy, organized crime, mental suffering, and the probability of jeopardizing human lives. Hence, providing a comprehensive classification of IoT attacks and their available countermeasures is an indispensable requirement. In this paper, we propose a novel four-layered IoT reference model based on building blocks strategy, in which we develop a comprehensive IoT attack model composed of four key phases. First, we have proposed IoT asset-based attack surface, which consists of four main components: 1) physical objects, 2) protocols covering whole IoT stack, 3) data, and 4) software. Second, we describe a set of IoT security goals. Third, we identify IoT attack taxonomy for each asset. Finally, we show the relationship between each attack and its violated security goals, and identify a set of countermeasures to protect each asset as well. To the best of our knowledge, this is the first paper that attempts to provide a comprehensive IoT attacks model based on a building-blocked reference model.

show abstract

NFC Attacks Analysis and Survey

Cited by 24 publications

References 5 publications

Internet of Things Security Requirements, Threats, Attacks, and Countermeasures

Internet of Things Security Requirements, Threats, Attacks, and Countermeasures

Hardware Man-in-the-Middle Attacks on Smartphones

A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model

Contact Info

Product

Resources

About