research-article

RFID survivability quantification and attack modeling

Author:

Yanjun ZuoAuthors Info & Claims

WiSec '10: Proceedings of the third ACM conference on Wireless network security

Pages 13 - 18

https://doi.org/10.1145/1741866.1741870

Published: 22 March 2010 Publication History

Abstract

In this paper, we present an RFID survivability experiment and quantitatively measure the degree of survivability of an RFID system under varying attacks. By modeling different malicious scenarios using stochastic process algebras, we show the different effects of those attacks on an RFID system's ability to provide critical services even when some components have been damaged. Our model relates its statistic to the attack strategies and security recovery. The model is the first of its kind to formally represent and simulate attacks on RFID systems from a survivability perspective and to measure the degree of survivability of an RFID system under different attacks.

References

[1]

M. Rieback, B. Crispo, and A. Tanenbaum, "Is Your Cat Infected with a Computer Virus?" Fourth Annual IEEE International Conference on Pervasive Computing and Communications, March 13-17, 2006, Pisa, Italy.

Digital Library

[2]

R. Ellison, D. Fisher, R. Linger, and H. Lipson, "Survivable Network Systems: An Emerging Discipline", Technical Report CMU/SEI-97-TR-013, Software Engineering Institute, Carnegie Mellon University, 1997.

[3]

J. Knight, E. Strunk, and K. Sullivan, "Towards a Rigorous Definition of Information System Survivability", DARPA Information Survivability Conference and Exposition, April 22-24, 2003, Washington, DC, USA.

[4]

E. Strunk and J. Knight, "Dependability Through Assured Reconfiguration in Embedded Systems Software", IEEE Transactions on Dependable and Secure Computing, Vol. 3, No. 3, pp. 172--187, July 2006.

Digital Library

[5]

A. Snow, U. Varshney, and A. Malloy, "Reliability and Survivability of Wireless and Mobile Networks", IEEE Computer, 33(7), pp. 49--55, July 2000.

Digital Library

[6]

A. Juels, "RFID Security and Privacy: A Research Survey", IEEE Journal on Selected Areas in Communication, 24(2), February 2006.

Digital Library

[7]

S. Piramuthu, "Protocols for RFID Tag/Reader Authentication", Decision Support Systems, (43) pp. 897--914, 2007.

Digital Library

[8]

C. Lim, and T. Kwon, "Strong and Robust RFID Authentication Enabling Perfect Ownership Transfer", The 8th Conference on Information and Communications Security, December 4-7, 2006, Raleigh, NC, USA.

Digital Library

[9]

N. Hopper, and M. Blum, "Secure Human Identification Protocols", In C. Boyd (ed.) Advances in Cryptology -- ASIA CRYPT 2001, Vol. 2248, Lecture Notes in Computer Science, pp. 52--66, Springer-Verlag, 2001.

Digital Library

[10]

J. Katz, and J. Shin, "Parallel and Concurrent Security of the HB and HB++ Protocols", Advances in Cryptology -- EURO CRYPT 2006, Vol. 4004, Lecture Notes in Computer Science, pp. 73--87, Springer, 2006.

Digital Library

[11]

K. Fishkin, and S. Roy, "Enhancing RFID Privacy via Antenna Energy Analysis", MIT RFID Privacy Workshop, November 15, 2003, Boston, USA.

[12]

A. Juels, P. Syverson, and D. Bailey, "High-Power Proxies for Enhancing RFID Privacy and Utility", Workshop on Privacy Enhancing Technologies (PET), May 30-June 1, 2005, Dubrovnik, Croatia.

Digital Library

[13]

A. Juels, and S. Weis, "Defining Strong Privacy for RFID", Fifth IEEE International Conference on Pervasive Computing and Communications Workshops, pp. 342--347, March 30, 2007, White Plains, NY, USA.

Digital Library

[14]

A. Juels, "Minimalist Cryptography for Low-cost RFID Tags," The Fourth International Conference on Security in Communication Networks, pp. 149--164, September 8-10, 2004, Amalfi, Italy.

Digital Library

[15]

J. Hillston, "A Compositional Approach to Performance Modeling," Ph.D. Thesis, University of Edinburgh, 1994.

Cited By

Zuo Y(2018)Survivable RFID systemsIEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews10.1109/TSMCC.2010.204394940:4(406-418)Online publication date: 25-Dec-2018
https://dl.acm.org/doi/10.1109/TSMCC.2010.2043949
Krishna M(2016)Security and Trust Management for the Internet of Things: An Rfid and Sensor Network PerspectiveCyber‐Assurance for the Internet of Things10.1002/9781119193784.ch4(137-162)Online publication date: 17-Dec-2016
https://doi.org/10.1002/9781119193784.ch4
(2016)BibliographyCyber‐Assurance for the Internet of Things10.1002/9781119193784.biblio(433-455)Online publication date: 17-Dec-2016
https://doi.org/10.1002/9781119193784.biblio
Show More Cited By

Index Terms

RFID survivability quantification and attack modeling
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Survivability Experiment and Attack Characterization for RFID

Radio Frequency Identification (RFID) has been developed as an important technique for many high security and high integrity settings. In this paper, we study survivability issues for RFID. We first present an RFID survivability experiment to define a ...
Survivability Enhancing Techniques for RFID Systems

Radio Frequency Identification RFID has been applied in various high security and high integrity settings. As an important ubiquitous technique, RFID offers opportunities for real-time item tracking, object identification, and inventory management. ...
Quantification of system survivability

Survivability is a concept that describes the capability of a system to achieve timely recovery after the occurrence of undesired events. It is more general and detailed than many terms, such as RTO and RPO, that have a similar goal. Survivability is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '10: Proceedings of the third ACM conference on Wireless network security

March 2010

186 pages

ISBN:9781605589237

DOI:10.1145/1741866

General Chair:
Susanne Wetzel
Stevens Institute of Technology, USA
,
Program Chairs:
Cristina Nita-Rotaru
Purdue University, USA
,
Frank Stajano
University of Cambridge, UK

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 March 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WISEC '10

Sponsor:

SIGSAC

WISEC '10: Third ACM Conference on Wireless Network Security

March 22 - 24, 2010

New Jersey, Hoboken, USA

Acceptance Rates

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
342
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zuo Y(2018)Survivable RFID systemsIEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews10.1109/TSMCC.2010.204394940:4(406-418)Online publication date: 25-Dec-2018
https://dl.acm.org/doi/10.1109/TSMCC.2010.2043949
Krishna M(2016)Security and Trust Management for the Internet of Things: An Rfid and Sensor Network PerspectiveCyber‐Assurance for the Internet of Things10.1002/9781119193784.ch4(137-162)Online publication date: 17-Dec-2016
https://doi.org/10.1002/9781119193784.ch4
(2016)BibliographyCyber‐Assurance for the Internet of Things10.1002/9781119193784.biblio(433-455)Online publication date: 17-Dec-2016
https://doi.org/10.1002/9781119193784.biblio
Wang BMa M(2012)A Server Independent Authentication Scheme for RFID SystemsIEEE Transactions on Industrial Informatics10.1109/TII.2012.21852458:3(689-696)Online publication date: Aug-2012
https://doi.org/10.1109/TII.2012.2185245

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents