File(s) under permanent embargo
Securing RFID systems from SQLIA
While SQL injection attacks have been plaguing web applications for years the threat they pose to RFID systems have only identified recently. Because the architecture of web systems and RFID systems differ considerably the prevention and detection techniques proposed for web applications are not suitable for RFID systems. In this paper we propose a system to secure RFID systems against tag based SQLIA. Our system is optimized for the architecture of RFID systems and consists of a query structure matching technique and tag data cleaning technique. The novelty of the proposed system is that it's specifically aimed at RFID systems and has the ability to detect and prevent second order injections which is a problem most current solutions haven't addressed. The preliminary evaluation of our query matching technique is very promising showing very high detection rate with minimal false positives.
History
Title of book
Algorithms and architectures for parallel processingSeries
Lecture notes in computer science; v. 7017Chapter number
24Pagination
245 - 254Publisher
Springer-VerlagPlace of publication
Berlin, GermanyISSN
0302-9743eISSN
1611-3349ISBN-13
9783642246494Language
engNotes
Proceedings, Part II of the 11th International Conference, ICA3PP 2011, Melbourne, Australia, October 24-26, 2011.Publication classification
B1 Book chapterCopyright notice
2011, Springer-Verlag BerlinExtent
38Editor/Contributor(s)
Y Xiang, A Cuzzocrea, M Hobbs, W ZhouUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC