ACD: An Adaptable Approach for RFID Cloning Attack Detection

With the rapid development of the internet of things, radio frequency identification (RFID) technology plays an important role in various fields. However, RFID systems are vulnerable to cloning attacks. This is the fabrication of one or more replicas of a genuine tag, which behave exactly as a genuine tag and fool the reader to gain legal authorization, leading to potential financial loss or reputation damage. Many advanced solutions have been proposed to combat cloning attacks, but they require extra hardware resources, or they cannot detect a clone tag in time. In this article, we make a fresh attempt to counterattack tag cloning based on spatiotemporal collisions. We propose adaptable clone detection (ACD), which can intuitively and accurately display the positions of abnormal tags in real time. It uses commercial off-the-shelf (COTS) RFID devices without extra hardware resources. We evaluate its performance in practice, and the results confirm its success at detecting cloning attacks. The average accuracy can reach 98.7%, and the recall rate can reach 96%. Extensive experiments show that it can adapt to a variety of RFID application scenarios.

[1]  Esti Suryani,et al.  Floyd warshall algorithm with FIS Sugeno for search evacuation route optimization , 2017, 2017 International Seminar on Application for Technology of Information and Communication (iSemantic).

[2]  Flavio D. Garcia,et al.  Tutorial: Proxmark, the Swiss Army Knife for RFID Security Research , 2012 .

[3]  Jiann-Liang Chen,et al.  Architecture design and performance evaluation of RFID object tracking systems , 2007, Comput. Commun..

[4]  Christof Paar,et al.  Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World , 2011, CHES.

[5]  Tony Q. S. Quek,et al.  Lightweight and Practical Anonymous Authentication Protocol for RFID Systems Using Physically Unclonable Functions , 2018, IEEE Transactions on Information Forensics and Security.

[6]  Shijie Jia,et al.  Identification of Cloned HF RFID Proximity Cards Based on RF Fingerprinting , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[7]  P.V. Nikitin,et al.  An Overview of Near Field UHF RFID , 2007, 2007 IEEE International Conference on RFID.

[8]  Florian Michahelles,et al.  Securing RFID Systems by Detecting Tag Cloning , 2009, Pervasive.

[9]  Marten van Dijk,et al.  LightSource: Ultra Lightweight Clone Detection of RFID Tags from Software Unclonable Responses , 2016, IACR Cryptol. ePrint Arch..

[10]  Nik Mohd Zarifie Hashim,et al.  Development Of High Performance And Low Cost Automatic Toll Payment System Using Rfid Technology For Malaysia Environment , 2014 .

[11]  Biplab Sikdar,et al.  Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices , 2019, IEEE Internet of Things Journal.

[12]  Bart Jacobs,et al.  Dismantling MIFARE Classic , 2008, ESORICS.

[13]  Stefan Hougardy,et al.  The Floyd-Warshall algorithm on graphs with negative cycles , 2010, Inf. Process. Lett..

[14]  Serge Vaudenay,et al.  Pathchecker: An RFID application for tracing products in Supply-chains , 2015 .

[15]  Wolfram Burgard,et al.  Mapping and localization with RFID technology , 2004, IEEE International Conference on Robotics and Automation, 2004. Proceedings. ICRA '04. 2004.

[16]  Sankaran Mahadevan,et al.  Fuzzy Dijkstra algorithm for shortest path problem under uncertain environment , 2012, Appl. Soft Comput..

[17]  Srdjan Capkun,et al.  Tailing RFID Tags for Clone Detection , 2013, NDSS.

[18]  Xia Wang,et al.  Combating Tag Cloning with COTS RFID Devices , 2018, 2018 15th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON).

[19]  Lei Yang,et al.  Identification-free batch authentication for RFID tags , 2010, The 18th IEEE International Conference on Network Protocols.

[20]  Refik Molva,et al.  Tracker: Security and Privacy for RFID-based Supply Chains , 2010, NDSS.

[21]  Stanley Okpara Detecting Cloning Attack in Low-Cost Passive RFID Tags An Analytic Comparison between KILL Passwords and Synchronized Secrets Obinna , 2015 .

[22]  Hairulnizam Mahdin,et al.  Clone tag detection in distributed RFID systems , 2018, PloS one.

[23]  Amir Salehipour,et al.  Speeding up the Floyd-Warshall algorithm for the cycled shortest path problem , 2012, Appl. Math. Lett..

[24]  Jacky Hartnett,et al.  Deckard: A System to Detect Change of RFID Tag Ownership , 2007 .

[25]  Daniel S. Yeung,et al.  A brief survey on current RFID applications , 2009, 2009 International Conference on Machine Learning and Cybernetics.

[26]  Bo Sheng,et al.  Secure and Serverless RFID Authentication and Search Protocols , 2008, IEEE Transactions on Wireless Communications.

[27]  Yingjiu Li,et al.  Batch Clone Detection in RFID-enabled supply chain , 2014, 2014 IEEE International Conference on RFID (IEEE RFID).

[28]  M. Babaie,et al.  Efficient Detecting of RFID Tag Cloning Attacks using Chaos Theory , 2010 .

[29]  Dirk Westermann,et al.  Closed loop flow detection in power systems based on Floyd-Warshall algorithm , 2017, 2017 IEEE Manchester PowerTech.

[30]  L. Batina,et al.  EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol , 2008, 2008 IEEE International Conference on RFID.

[31]  Refik Molva,et al.  CHECKER: on-site checking in RFID-based supply chains , 2012, WISEC '12.

[32]  Matthew Green,et al.  Security Analysis of a Cryptographically-Enabled RFID Device , 2005, USENIX Security Symposium.

[33]  K Manaf,et al.  Designing futsal match finder application with floyd-warshall algorithm , 2019, Journal of Physics: Conference Series.

[34]  Michal Krumnikl,et al.  EM410x RFID cloned card detection system , 2015, 2015 International Conference on Pervasive and Embedded Computing and Communication Systems (PECCS).