Abstract
RFID tags are widely used in situations where their counterfeiting or cloning can bring financial rewards. Cloning is a particular problem because it gets round the sophisticated security measures. This paper describes a neural network-based technique for identifying cloned tickets for a public transport system. It is based on modeling passenger behavior. Cardholders’ behavioral characteristics in using public transport are modeled with seven neural network model equations, one for each day of the week, and stored in an RFID card. At the time of use, these model equations or characteristics are employed to predict whether the user is the real owner of the card. Therefore, even if the RFID card is cloned, the cloned card cannot be used because a passenger’s behavioral characteristics when using public transport are individual and unique, such as the passenger’s signature or style of speech. Therefore, the proposed approach provides high security, especially for low-cost RFID tags.
Similar content being viewed by others
References
Landt J (2005) The history of RFID. IEEE Potentials 24:8–11. doi:10.1109/MP.2005.1549751
Garcia FD, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur RW, Jacobs B (2008) Dismantling MIFARE classic. Comput Secur Lect Notes Comput Sci 5283:97–114. doi:10.1007/978-3-540-88313-5_7
Nohl K, Plöz H (2007) Mifare, little security, despite obscurity. In: 24th congress of the chaos computer club, Berlin, Germany
Chien HY, Lee CI, Chen SK, Hou HP (2011) New RFID authentication protocol with DOS-attack resistance. In: IEEE 17th international conference on parallel and distributed systems, Tainan, Taiwan, pp 605–609. doi:10.1109/ICPADS.2011.84
Xiao F, Zhou YJ, Zhou JX, Zhu HL, Niu XX (2013) Universal composable secure protocol for EPC system. J China Univ Posts Telecommun 20:115–121. doi:10.1016/S1005-8885(13)60017-5
Bagheri N, Safkhani M, Naderi M (2014) Cryptanalysis of a new EPC class-1 generation-2 standard compliant RFID protocol. Neural Comput Appl 24:799–805. doi:10.1007/s00521-012-1283-9
Song B, Hwang JY, Shim KA (2011) Security improvement of an RFID security protocol of ISO/IEC WD 29167-6. IEEE Commun Lett 15:1375–1377. doi:10.1109/LCOMM.2011.103111.111816
Bagheri N, Safkhani M, Peris-Lopez P, Tapiador JE (2013) Comments on “Security improvement of an RFID security protocol of ISO/IEC WD 29167-6″. IEEE Commun Lett 17:805–807. doi:10.1109/LCOMM.2013.021213.122837
Williamson A, Tsay LS, Kateeb IA, Burton L (2013) Solutions for RFID smart tagged card security vulnerabilities. AASRI Procedia 4:282–287. doi:10.1016/j.aasri.2013.10.042
Kasper T, von Maurich I, Oswald D, Paar C (2010) Cloning cryptographic RFID cards for 25$. In: 5th Benelux workshop on information and system security. Nijmegen, Netherlands
Barenghi A, Hocquet C, Bol D, Standaert FX, Regazzoni F, Koren I (2012) Exploring the feasibility of low cost fault injection attacks on sub-threshold devices through an example of a 65 nm AES implementation. RFID Secur Privacy Lect Notes Comput Sci 7055:48–60. doi:10.1007/978-3-642-25286-0_4
Kasper T, Oswald D, Paar C (2009) EM side-channel attacks on commercial contactless smartcards using low-cost equipment. Inform Secur Appl Lect Notes Comput Sc 5932:79–93. doi:10.1007/978-3-642-10838-9_7
Courtois NT (2009) The dark side of security by obscurity and cloning MiFare classic rail and building passes anywhere, anytime. In: International conference on security and cryptography, Milan, Italy, pp 331–338
Teepe W (2008) Making the best of mifare classic. Manuscript. Radboud University, Nijmegen
Murdoch SJ, Drimer S, Anderson R, Bond M (2010) Chip and PIN is broken. In: IEEE symposium on security and privacy, Berkeley, CA, pp 433–446. doi:10.1109/SP.2010.33
Bogari EA, Zavarsky P, Lindskog D, Ruhl R (2012) An analysis of security weaknesses in the evolution of RFID enabled passport. In: IEEE world congress on internet security, Guelph, Canada, pp 158–166
Prabhusundhar P, Kumar VKN, Srinivasan B (2013) Border crossing security and privacy in biometric passport using cryptographic authentication protocol. In: IEEE international conference on computer communication and informatics, Coimbatore, India, pp 1–7. doi:10.1109/ICCCI.2013.6466144
Nohl K, Evans D, Starbug S, Plotz H (2008) Reverse-engineering a cryptographic RFID tag. In: 17th USENIX security symposium, San Jose, CA, USA
de Koning Gans G, Hoepman JH, Garcia FD (2008) A practical attack on the MIFARE Classic. Smart Card Res Adv Appl Lect Notes Comput Sci 5189:267–282. doi:10.1007/978-3-540-85893-5_20
Keith EM, Carlos C (2010) The MIFARE classic story. Inform Secur Tech Report 15:8–12. doi:10.1016/j.istr.2010.10.009
Singh K, Kaur G (2012) Radio frequency identification: applications and security issues. In: IEEE second international conference on advanced computing & communication technologies, Rohtak, Haryana, India, pp 490–494. doi:10.1109/ACCT.2012.94
Bono SC, Green M, Stubblefield A, Juels A, Rubin AD, Szydlo M (2005) Security analysis of a cryptographically-enabled RFID device. In: 14th USENIX security symposium, Baltimore, MA, USA, pp 1–16
Russell R, Kaminsky D, Puppy RF, Grand J, Ahmad D, Flynn H, Dubrawsky I, Manzuik SW, Permeh R (2002) Hack proofing your network. 2nd ed. Rockland, MA, USA
Westhues J (2005) Hacking the Prox Card. In: Garfinkel S, Rosenberg B (eds) RFID: applications, security, and privacy. Addison Wesley, New York, pp 291–301
Halamka J, Juels A, Stubblefield A, Westhues J (2006) The security implications of VeriChip cloning. J Am Med Inform Assoc 13:601–607. doi:10.1197/jamia.M2143
Bu K, Liu X, Luo J, Xiao B, Wei G (2013) Unreconciled collisions uncover cloning attacks in anonymous RFID systems. IEEE Trans Inf Forensics Secur 8:429–439. doi:10.1109/TIFS.2012.2237395
Bu K, Liu X, Xiao B (2012) Fast cloned-tag identification protocols for large-scale RFID systems. In: IEEE 20th international workshop on quality of service, Coimbra, Portugal, pp 1–4. doi:10.1109/IWQoS.2012.6245962
Banerjee D, Jiang L, Jia D, Thompson DR (2012) Feature selection for RFID tag identification. In: IEEE 7th international ICST conference on communications and networking in China, Kun Ming, China, pp 218–221. doi:10.1109/ChinaCom.2012.6417479
Noman ANM, Rahman M, Adams C (2011) Improving security and usability of low cost RFID tags. In: IEEE 9th annual international conference on privacy, security and trust, Montreal, Canada, pp 134–141. doi:10.1109/PST.2011.5971975
Lehtonen M, Ostojic D, Ilic A, Michahelles F (2009) Securing RFID systems by detecting tag cloning. Pervasive Comp Lect Notes Comput Sci 5538:291–308. doi:10.1007/978-3-642-01516-8_20
Fu L, Shen X, Zhu L, Wang J (2014) A low-cost UHF RFID tag chip with AES cryptography engine. Secur Commun Netw 7:365–375. doi:10.1002/sec.723
Jung SW, Jung S (2013) HRP: a HMAC-based RFID mutual authentication protocol using PUF. In: IEEE international conference on information networking, Bangkok, Thailand, pp 578–582. doi:10.1109/ICOIN.2013.6496690
Wenger E, Baier T, Feichtner J (2012) JAAVR: introducing the next generation of security-enabled RFID tags. In: IEEE 15th Euromicro conference on digital system design, Izmir, Turkey, pp 640–647. doi:10.1109/DSD.2012.81
Bertoncini C, Rudd K, Nousain B, Hinders M (2012) Wavelet fingerprinting of radio-frequency identification (RFID) tags. IEEE Trans Ind Electron 59:4843–4850. doi:10.1109/TIE.2011.2179276
Shen J, Choi D, Moh S, Chung I (2010) A novel anonymous RFID authentication protocol providing strong privacy and security. In: IEEE international conference on multimedia information networking and security. Nanjing, Jiangsu, China, pp 584–588. doi:10.1109/MINES.2010.128
Eng A, Wahsheh LA (2013) Look into my eyes: a survey of biometric security. In: IEEE 10th international conference on information technology: new generations, Las Vegas, NV, USA, pp 422–427. doi:10.1109/ITNG.2013.65
Sibai FN, Nuaimi A, Maamari A, Kuwair R (2013) Ear recognition with feed-forward artificial neural networks. Neural Comput Appl 23:1265–1273. doi:10.1007/s00521-012-1068-1
Liu Z, Zhao H, Pu J, Wang H (2013) Face recognition under varying illumination. Neural Comput Appl 23:133–139. doi:10.1007/s00521-012-1042-y
Lu S, Liu L, Lu Y, Wang PSP (2012) Cost-sensitive neural network classifiers for postcode recognition. Int J Pattern Recogn 26:218–232. doi:10.1142/S0218001412630013
Leung KF, Leung FHF, Lam HK, Ling SH (2007) Application of a modified neural fuzzy network and an improved genetic algorithm to speech recognition. Neural Comput Appl 16:419–431. doi:10.1007/s00521-006-0068-4
Hasan H, Kareem SA (2013) Fingerprint image enhancement and recognition algorithms: a survey. Neural Comput Appl 23:1605–1610. doi:10.1007/s00521-012-1113-0
Gaxiola F, Melin P, Lopez M (2010) Modular neural networks for person recognition using the contour segmentation of the human iris biometric measurement. In: Melin P, Kacprzyk J, Pedrycz W (eds) Soft computing for recognition based on biometrics. Springer, Berlin, pp 137–153
Ratnayake DN, Kazemian HB, Yusuf SA (2013) Identification of probe request attacks in WLANs using neural networks. Neural Comput Appl. doi:10.1007/s00521-013-1478-8
Rankovic V, Novakovic A, Grujovic N, Divac D, Milivojevic N (2014) Predicting piezometric water level in dams via artificial neural networks. Neural Comput Appl 24:1115–1121. doi:10.1007/s00521-012-1334-2
Sarlin P (2014) On biologically inspired predictions of the global financial crisis. Neural Comput Appl 24:663–673. doi:10.1007/s00521-012-1281-y
Kusiak A, Zeng Y, Zhang Z (2013) Modeling and analysis of pumps in a wastewater treatment plant: a data-mining approach. Eng Appl Artif Intel 26:1643–1651. doi:10.1016/j.engappai.2013.04.001
Carpenter WC, Barthelemy JF (1994) Common misconceptions about neural networks as approximators. J Comput Civil Eng 8:345–358. doi:10.1061/(ASCE)0887-3801
Katz JO (1992) Developing neural network forecasters for trading. Tech Anal Stocks Commod 10:160–168
Priddy KL, Keller PE (2005) Artificial neural networks: an introduction. SPIE, Washington, USA
Boger Z, Guterman H (1997) Knowledge extraction from artificial neural network models. In: International conference on computational cybernetics and simulation, man, and cybernetics conference, Orlando, FL, USA, pp 3030–3035. doi:10.1109/ICSMC.1997.633051
Acknowledgments
This research was supported as part of the project “Campus RFID Automation System” at the Sakarya University in Turkey (Nos. 2004/1 and 2005/4).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Düzenli, G. A new security approach for public transport application against tag cloning with neural network-based pattern recognition. Neural Comput & Applic 26, 1681–1691 (2015). https://doi.org/10.1007/s00521-015-1837-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-015-1837-8