Article

Is Your Cat Infected with a Computer Virus?

Authors:

Melanie R. Rieback,

Bruno Crispo,

Andrew S. TanenbaumAuthors Info & Claims

PERCOM '06: Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications

Pages 169 - 179

https://doi.org/10.1109/PERCOM.2006.32

Published: 13 March 2006 Publication History

Publisher Site

Abstract

RFID systems as a whole are often treated with suspicion, but the input data received from individual RFID tags is implicitly trusted. RFID attacks are currently conceived as properly formatted but fake RFID data; however no one expects an RFID tag to send a SQL injection attack or a buffer overflow. This paper is meant to serve as a warning that data from RFID tags can be used to exploit back-end software systems. RFID middleware writers must therefore build appropriate checks (bounds checking, special character filtering, etc.), to prevent RFID middleware from suffering all of the well-known vulnerabilities experienced by the Internet. Furthermore, as a proof of concept, this paper presents the first self-replicating RFID virus. This virus uses RFID tags as a vector to compromise backend RFID middleware systems, via a SQL injection attack.

Cited By

View all

Sun YWu TMa XChao H(2015)Modeling and verifying EPC network intrusion system based on timed automataPervasive and Mobile Computing10.1016/j.pmcj.2015.06.00724:C(61-76)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1016/j.pmcj.2015.06.007
Abawajy JFernando H(2015)Policy-based SQLIA detection and prevention approach for RFID systemsComputer Standards & Interfaces10.1016/j.csi.2014.08.00538:C(64-71)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1016/j.csi.2014.08.005
Avoine GCoisel IMartin TKrunz MLazos LDi Pietro RTrappe W(2012)A privacy-restoring mechanism for offline RFID systemsProceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks10.1145/2185448.2185458(63-74)Online publication date: 16-Apr-2012
https://dl.acm.org/doi/10.1145/2185448.2185458
Show More Cited By

Index Terms

Is Your Cat Infected with a Computer Virus?

Recommendations

Packet Leak Detection on Hardware-Trojan Infected NoCs for MPSoC Systems
ICCSP '17: Proceedings of the 2017 International Conference on Cryptography, Security and Privacy

Packet leak on network-on-chip (NoC) is one of the key security concerns in the MPSoC design, where the NoC of the system can come from a third-party vendor and can be illegitimately implanted with hardware trojans. Those trojans are usually small so ...
Computer Virus: Timeline of computer viruses and worms, Computer program, Malware, Adware, Spyware, Computer worm, Trojan horse (computing), Elk Cloner, ... Polymorphic code, Metamorphic code
The Art of Computer Virus Research and Defense

Comments

Information & Contributors

Information

Published In

PERCOM '06: Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications

March 2006

336 pages

ISBN:0769525180

Publisher

IEEE Computer Society

United States

Publication History

Published: 13 March 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sun YWu TMa XChao H(2015)Modeling and verifying EPC network intrusion system based on timed automataPervasive and Mobile Computing10.1016/j.pmcj.2015.06.00724:C(61-76)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1016/j.pmcj.2015.06.007
Abawajy JFernando H(2015)Policy-based SQLIA detection and prevention approach for RFID systemsComputer Standards & Interfaces10.1016/j.csi.2014.08.00538:C(64-71)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1016/j.csi.2014.08.005
Avoine GCoisel IMartin TKrunz MLazos LDi Pietro RTrappe W(2012)A privacy-restoring mechanism for offline RFID systemsProceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks10.1145/2185448.2185458(63-74)Online publication date: 16-Apr-2012
https://dl.acm.org/doi/10.1145/2185448.2185458
Mahmood RAl-Hamdani WWhitman MZafar H(2011)Is RFID technology secure and private?Proceedings of the 2011 Information Security Curriculum Development Conference10.1145/2047456.2047462(42-49)Online publication date: 30-Sep-2011
https://dl.acm.org/doi/10.1145/2047456.2047462
D'Antonio SCoppolino LElia IFormicola VGiandomenico F(2011)Security issues of a phasor data concentrator for smart grid infrastructureProceedings of the 13th European Workshop on Dependable Computing10.1145/1978582.1978584(3-8)Online publication date: 11-May-2011
https://dl.acm.org/doi/10.1145/1978582.1978584
Najera PLopez JRoman R(2011)Real-time location and inpatient care systems based on passive RFIDJournal of Network and Computer Applications10.1016/j.jnca.2010.04.01134:3(980-989)Online publication date: 1-May-2011
https://dl.acm.org/doi/10.1016/j.jnca.2010.04.011
Zugenmaier A(2011)Risks of blind controllers and deaf views in model view controller patterns for multitag user interfacesProceedings of the 19th international conference on Security Protocols10.1007/978-3-642-25867-1_14(150-155)Online publication date: 28-Mar-2011
https://dl.acm.org/doi/10.1007/978-3-642-25867-1_14
Alizade MMoghaddam RMomenebellah S(2010)New mobile payment protocolProceedings of the 9th WSEAS international conference on Advances in e-activities, information security and privacy10.5555/1948838.1948843(41-46)Online publication date: 14-Dec-2010
https://dl.acm.org/doi/10.5555/1948838.1948843
Rekleitis ERizomiliotis PGritzalis S(2010)An agent based back-end RFID tag management systemProceedings of the 7th international conference on Trust, privacy and security in digital business10.5555/1894888.1894908(165-176)Online publication date: 30-Aug-2010
https://dl.acm.org/doi/10.5555/1894888.1894908
Kieseberg PLeithner MMulazzani MMunroe LSchrittwieser SSinha MWeippl EPardede ETaniar DAwan I(2010)QR code securityProceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia10.1145/1971519.1971593(430-435)Online publication date: 8-Nov-2010
https://dl.acm.org/doi/10.1145/1971519.1971593
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Packet Leak Detection on Hardware-Trojan Infected NoCs for MPSoC Systems

Computer Virus: Timeline of computer viruses and worms, Computer program, Malware, Adware, Spyware, Computer worm, Trojan horse (computing), Elk Cloner, ... Polymorphic code, Metamorphic code

The Art of Computer Virus Research and Defense

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations