On the Practicality of UHF RFID Fingerprinting: How Real is the RFID Tracking Problem?

In this work, we demonstrate the practicality of people tracking by means of physical-layer fingerprints of RFID tags that they carry. We build a portable low-cost USRP-based RFID fingerprinter and we show, over a set of 210 EPC C1G2 tags, that this fingerprinter enables reliable identification of individual tags from varying distances and across different tag placements (wallet, shopping bag, etc.). We further investigate the use of this setup for clandestine people tracking in an example Shopping Mall scenario and show that in this scenario the mobility traces of people can be reconstructed with a high accuracy.

[1]  Sneha Kumar Kasera,et al.  On Fast and Accurate Detection of Unauthorized Wireless Access Points Using Clock Skews , 2010, IEEE Transactions on Mobile Computing.

[2]  Olivier Billet,et al.  An efficient forward private RFID protocol , 2009, CCS.

[3]  Jia Di,et al.  Ownership Transfer of RFID Tags based on Electronic Fingerprint , 2008, Security and Management.

[4]  Srdjan Capkun,et al.  Physical-layer identification of UHF RFID tags , 2010, MobiCom.

[5]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[6]  Günter Karjoth,et al.  Disabling RFID tags with visible confirmation: clipped tags are silenced , 2005, WPES '05.

[7]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[8]  W. Kinsner,et al.  Multifractal modelling of radio transmitter transients for classification , 1997, IEEE WESCANEX 97 Communications, Power and Computing. Conference Proceedings.

[9]  Chih-Ming Wang,et al.  Electromagnetic Measurements for Counterfeit Detection of Radio Frequency Identification Cards , 2009, IEEE Transactions on Microwave Theory and Techniques.

[10]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[11]  Srdjan Capkun,et al.  Transient-based identification of wireless sensor nodes , 2009, 2009 International Conference on Information Processing in Sensor Networks.

[12]  Michel Barbeau,et al.  Enhancing intrusion detection in wireless networks using radio frequency fingerprinting , 2004, Communications, Internet, and Information Technology.

[13]  Marco Gruteser,et al.  Wireless device identification with radiometric signatures , 2008, MobiCom '08.

[14]  Michael A. Temple,et al.  Improving Intra-Cellular Security Using Air Monitoring with RF Fingerprints , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[15]  Chih-Ming Wang,et al.  Identifying RF Identification Cards From Measurements of Resonance and Carrier Harmonics , 2010, IEEE Transactions on Microwave Theory and Techniques.

[16]  Srdjan Capkun,et al.  Physical-layer Identification of RFID Devices , 2009, USENIX Security Symposium.

[17]  O. Ureten,et al.  Detection of radio transmitter turn-on transients , 1999 .

[18]  Ingrid Verbauwhede,et al.  Low-cost untraceable authentication protocols for RFID , 2010, WiSec '10.

[19]  N. Serinken,et al.  Characteristics of radio transmitter fingerprints , 2001 .

[20]  Oktay Ureten,et al.  Wireless security through RF fingerprinting , 2007, Canadian Journal of Electrical and Computer Engineering.

[21]  E. U. Warriach,et al.  ACM/IEEE Conference on Information Processing in Sensor Networks , 2013 .

[22]  Sarah Spiekermann,et al.  Critical RFID Privacy-Enhancing Technologies , 2009, IEEE Security & Privacy.

[23]  Michel Barbeau,et al.  Detecting rogue devices in bluetooth networks using radio frequency fingerprinting , 2006, Communications and Computer Networks.

[24]  Tadayoshi Kohno,et al.  EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond , 2009, CCS.

[25]  Jia Di,et al.  Fingerprinting RFID Tags , 2011, IEEE Transactions on Dependable and Secure Computing.

[26]  Dale R. Thompson,et al.  Fingerprinting Radio Frequency Identification Tags Using Timing Characteristics , 2009 .

[27]  Kwangjo Kim,et al.  Enhancing Security of EPCglobal Gen-2 RFID Tag against Traceability and Cloning , 2006 .

[28]  Silviu Guiasu,et al.  The principle of maximum entropy , 1985 .

[29]  Michael A. Temple,et al.  Improved wireless security for GMSK-based devices using RF fingerprinting , 2010, Int. J. Electron. Secur. Digit. Forensics.

[30]  Srdjan Capkun,et al.  Implications of radio fingerprinting on the security of sensor networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.