File(s) under permanent embargo
Malware detection and prevention in RFID systems
The threat that malware poses to RFID systems was identified only recently. Fortunately, all currently known RFID malware is based on SQLIA. Therefore, in this chapter we propose a dual pronged, tag based SQLIA detection and prevention method optimized for RFID systems. The first technique is a SQL query matching approach that uses simple string comparisons and provides strong security against a majority of the SQLIA types possible on RFID systems. To provide security against second order SQLIA, which is a major gap in the current literature, we also propose a tag data validation and sanitization technique. The preliminary evaluation of our query matching technique is very promising, showing 100% detection rates and 0% false positives for all attacks other than second order injection.
History
Title of book
Internet of things and inter-cooperative computational technologies for collective intelligenceSeries
Studies in Computational Intelligence ; v.460Chapter number
6Pagination
143 - 166Publisher
SpringerPlace of publication
Heidelberg, GermanyPublisher DOI
ISSN
1860-949XISBN-13
9783642349522ISBN-10
3642349528Language
engPublication classification
B1 Book chapterCopyright notice
2012, SpringerExtent
18Editor/Contributor(s)
N Bessis, F Xhafa, D Varvarigou, R Hill, M LiUsage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC