Fernando, Harinda and Abawajy, Jemal 2013, Malware detection and prevention in RFID systems, in Internet of things and inter-cooperative computational technologies for collective intelligence, Springer, Heidelberg, Germany, pp.143-166.
(Some files may be inaccessible until you login with your DRO credentials)
Internet of things and inter-cooperative computational technologies for collective intelligence
Bessis, Nik Xhafa, Fatos Varvarigou, Dora Hill, Richard Li, Maozhen
Studies in Computational Intelligence ; v.460
Place of Publication
The threat that malware poses to RFID systems was identified only recently. Fortunately, all currently known RFID malware is based on SQLIA. Therefore, in this chapter we propose a dual pronged, tag based SQLIA detection and prevention method optimized for RFID systems. The first technique is a SQL query matching approach that uses simple string comparisons and provides strong security against a majority of the SQLIA types possible on RFID systems. To provide security against second order SQLIA, which is a major gap in the current literature, we also propose a tag data validation and sanitization technique. The preliminary evaluation of our query matching technique is very promising, showing 100% detection rates and 0% false positives for all attacks other than second order injection.
Field of Research
080501 Distributed and Grid Systems
Socio Economic Objective
890103 Mobile Data Networks and Services
HERDC Research category
B2 Book chapter in non-commercially published book