Abstract
RFID systems as a whole are often treated with suspicion, but the input data received from individual RFID tags is implicitly trusted. RFID attacks are currently conceived as properly formatted but fake RFID data; however no one expects an RFID tag to send a SQL injection attack or a buffer overflow. This paper is meant to serve as a warning that data from RFID tags can be used to exploit back-end software systems. RFID middleware writers must therefore build appropriate checks (bounds checking, special character filtering, etc..), to prevent RFID middleware from suffering all of the well-known vulnerabilities experienced by the Internet. Furthermore, as a proof of concept, this paper presents the first self-replicating RFID virus. This virus uses RFID tags as a vector to compromise bockend RFID middleware systems, via a SQL injection attack. © 2006 IEEE.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - Fourth Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2006 |
| Publisher | Institute of Electrical and Electronics Engineers, Inc. |
| Pages | 169-179 |
| Number of pages | 10 |
| Volume | 2006 |
| ISBN (Print) | 0769525180, 9780769525181 |
| DOIs | |
| Publication status | Published - 2006 |
| Event | 4th Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2006 - Pisa, Italy Duration: 13 Mar 2006 → 17 Mar 2006 |
Conference
| Conference | 4th Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2006 |
|---|---|
| Country/Territory | Italy |
| City | Pisa |
| Period | 13/03/06 → 17/03/06 |
Bibliographical note
Best Paper AwardFingerprint
Dive into the research topics of 'Is Your Cat Infected with a Computer Virus?'. Together they form a unique fingerprint.Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver