RFID malware: Design principles and examples

Pervasive and Mobile Computing

Volumn 2, Issue 4, 2006, Pages 405-426

  Rieback, Melanie R ^a   Simpson, Patrick N D ^a   Crispo, Bruno ^a,b   Tanenbaum, Andrew S ^a  

^a VU UNIVERSITY AMSTERDAM   (Netherlands)

^b UNIVERSITY OF TRENTO   (Italy)

Author keywords

Exploit; Malware; Radio Frequency Identification; RFID; Security; Virus; Worm

Indexed keywords

COMPUTER VIRUSES; COMPUTER WORMS; REAL TIME SYSTEMS; SECURITY OF DATA;

EXPLOIT; MALWARE; RADIO FREQUENCY IDENTIFICATION; SECURITY;

MOBILE COMPUTING;

EID: 33749663423     PISSN: 15741192     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.pmcj.2006.07.008     Document Type: Article

References (21)

1. Weiser M. The computer for the twenty-first century. Scientific American (1991) 94-100
2. J. Ditlev, Rest in peace, in: RFID Buzz. http://www.rfidbuzz.com/news/2005/rest_in_peace.html
3. International Civil Aviation Organization, Biometrics deployment of machine readable travel documents, 2004. http://www.icao.int/mrtd/download/documents/Biometrics%20deployment%20of%20Machine%20Readable%20Travel%20Documents%202004.pdf
4. S. Bono, M. Green, A. Stubblefield, A. Juels, A. Rubin, M. Szydlo, Security analysis of a cryptographically-enabled RFID device, in: 14th USENIX Security Symposium, USENIX, Baltimore, Maryland, USA, 2005, pp. 1-16
5. Z. Kfir, A. Wool, Picking virtual pockets using relay attacks on contactless smartcard systems, in: 1st Intl. Conf. on Security and Privacy for Emerging Areas in Communication Networks, 2005
6. Basili V.R., and Perricone B.T. Software errors and complexity: An empirical investigation. Communications of the ACM 27 1 (1984) 42-52
7. N. Weaver, V. Paxson, S. Staniford, R. Cunningham, A taxonomy of computer worms, in: First Workshop on Rapid Malcode, WORM, 2003
8. C. Anley, Advanced SQL injection in SQL Server applications. http://www.nextgenss.com/papers/advanced_sql_injection.pdf
9. Microsoft Corporation, How to prevent cross-site scripting security issues. http://support.microsoft.com/default.aspx?scid=kb;en-us;Q252985
10. US-CERT, Vulnerability Note VU#181038 - Microsoft Windows Metafile handler SETABORTPROC GDI Escape Vulnerability
11. K. Sitaker, How to find security holes. http://www.canonical.org/~kragen/security-holes.html
12. Fabian B., Günther O., and Spiekermann S. Security analysis of the object name service for RFID. Security, Privacy and Trust in Pervasive and Ubiquitous Computing (2005)
13. D.R. Hofstadter, Godel, Escher, Bach: An Eternal Golden Braid, Basic Books, Inc., New York, NY, USA, 1979
14. N. Jorgensen, Self documenting program in SQL. http://www.droptable. com/archive478-2005-5-25456.html
15. D. Madore, Quines (self-replicating programs). http://www.madore.org/~david/computers/quine.html
16. D. Rajesh, Advanced concepts to prevent SQL injection. http://www.csharpcorner.com/UploadFile/rajeshdg/Page107142005052957AM/Page1.aspx?ArticleID=631d8221-64ed-4db7-b81b-8ba3082cb496
17. N. Nethercote, J. Seward, Valgrind: A program supervision framework, Electronic Notes in Theoretical Computer Science 89 (2)
18. B. Perens, Electric fence. http://perens.com/FreeSoftware/ElectricFence/
19. Graff M.G., and Van Wyk K.R. Secure Coding: Principles and Practices (2003), O'Reilly
20. Viega J., and McGraw G. Building Secure Software: How to Avoid Security Problems the Right Way (2001), Addison-Wesley Professional
21. Howard M., and LeBlanc D. Writing Secure Code (2002), Microsoft Press