RFID malware fragmentation attacks

Author

Suliman, A. ; Shankarapani, M.K. ; Mukkamala, S. ; Sung, A.H.

Author_Institution

Inst. for Complex Additive Syst. Anal., New Mexico Inst. of Min. & Technol., Socorro, NM

fYear

2008

fDate

19-23 May 2008

Firstpage

533

Lastpage

539

Abstract

With no one´s expectation, radio frequency identification devices (RFID) tags can lead to a SQL injection attack, denial of service attack, or even a buffer overflow. This paper deals with fragmentation attacks, a new type of attack that can be done on a database. Fragmentation attacks are performed using RFID as carriers. This paper is an extension of our previous work. A contactless RFID reader and an array of 2048-byte tags are used for our experiments. In another related work, an attack using a self-referential query was done on Linux, Oracle, and PHP/SSI. Here, we will discuss possible attacks over the middleware systems, its implementation on RFID, the consequences of fragmentation attacks, and other possible attacks using RFID.

Keywords

SQL; middleware; radiofrequency identification; security of data; telecommunication computing; RFID malware; SQL injection attack; denial of service attack; fragmentation attacks; middleware systems; radio frequency identification devices tags; Aircraft; Buffer overflow; Character recognition; Computer crime; Databases; Linux; Middleware; RFID tags; Radiofrequency identification; Security; RFID attacks; RFID malware; fragmented malware; injection attacks;

fLanguage

English

Publisher

ieee

Conference_Titel

Collaborative Technologies and Systems, 2008. CTS 2008. International Symposium on

Conference_Location

Irvine, CA

Print_ISBN

978-1-4244-2248-7

Electronic_ISBN

978-1-4244-2249-4

Type

conf

DOI

10.1109/CTS.2008.4543975

Filename

4543975