Skip to main content
SpringerLink
Log in

A new security approach for public transport application against tag cloning with neural network-based pattern recognition

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

RFID tags are widely used in situations where their counterfeiting or cloning can bring financial rewards. Cloning is a particular problem because it gets round the sophisticated security measures. This paper describes a neural network-based technique for identifying cloned tickets for a public transport system. It is based on modeling passenger behavior. Cardholders’ behavioral characteristics in using public transport are modeled with seven neural network model equations, one for each day of the week, and stored in an RFID card. At the time of use, these model equations or characteristics are employed to predict whether the user is the real owner of the card. Therefore, even if the RFID card is cloned, the cloned card cannot be used because a passenger’s behavioral characteristics when using public transport are individual and unique, such as the passenger’s signature or style of speech. Therefore, the proposed approach provides high security, especially for low-cost RFID tags.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Notes

  1. www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid.

References

  1. Landt J (2005) The history of RFID. IEEE Potentials 24:8–11. doi:10.1109/MP.2005.1549751

    Article  Google Scholar 

  2. Garcia FD, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur RW, Jacobs B (2008) Dismantling MIFARE classic. Comput Secur Lect Notes Comput Sci 5283:97–114. doi:10.1007/978-3-540-88313-5_7

    Article  Google Scholar 

  3. Nohl K, Plöz H (2007) Mifare, little security, despite obscurity. In: 24th congress of the chaos computer club, Berlin, Germany

  4. Chien HY, Lee CI, Chen SK, Hou HP (2011) New RFID authentication protocol with DOS-attack resistance. In: IEEE 17th international conference on parallel and distributed systems, Tainan, Taiwan, pp 605–609. doi:10.1109/ICPADS.2011.84

  5. Xiao F, Zhou YJ, Zhou JX, Zhu HL, Niu XX (2013) Universal composable secure protocol for EPC system. J China Univ Posts Telecommun 20:115–121. doi:10.1016/S1005-8885(13)60017-5

    Article  Google Scholar 

  6. Bagheri N, Safkhani M, Naderi M (2014) Cryptanalysis of a new EPC class-1 generation-2 standard compliant RFID protocol. Neural Comput Appl 24:799–805. doi:10.1007/s00521-012-1283-9

    Article  Google Scholar 

  7. Song B, Hwang JY, Shim KA (2011) Security improvement of an RFID security protocol of ISO/IEC WD 29167-6. IEEE Commun Lett 15:1375–1377. doi:10.1109/LCOMM.2011.103111.111816

    Article  Google Scholar 

  8. Bagheri N, Safkhani M, Peris-Lopez P, Tapiador JE (2013) Comments on “Security improvement of an RFID security protocol of ISO/IEC WD 29167-6″. IEEE Commun Lett 17:805–807. doi:10.1109/LCOMM.2013.021213.122837

    Article  Google Scholar 

  9. Williamson A, Tsay LS, Kateeb IA, Burton L (2013) Solutions for RFID smart tagged card security vulnerabilities. AASRI Procedia 4:282–287. doi:10.1016/j.aasri.2013.10.042

    Article  Google Scholar 

  10. Kasper T, von Maurich I, Oswald D, Paar C (2010) Cloning cryptographic RFID cards for 25$. In: 5th Benelux workshop on information and system security. Nijmegen, Netherlands

  11. Barenghi A, Hocquet C, Bol D, Standaert FX, Regazzoni F, Koren I (2012) Exploring the feasibility of low cost fault injection attacks on sub-threshold devices through an example of a 65 nm AES implementation. RFID Secur Privacy Lect Notes Comput Sci 7055:48–60. doi:10.1007/978-3-642-25286-0_4

    Article  Google Scholar 

  12. Kasper T, Oswald D, Paar C (2009) EM side-channel attacks on commercial contactless smartcards using low-cost equipment. Inform Secur Appl Lect Notes Comput Sc 5932:79–93. doi:10.1007/978-3-642-10838-9_7

    Article  Google Scholar 

  13. Courtois NT (2009) The dark side of security by obscurity and cloning MiFare classic rail and building passes anywhere, anytime. In: International conference on security and cryptography, Milan, Italy, pp 331–338

  14. Teepe W (2008) Making the best of mifare classic. Manuscript. Radboud University, Nijmegen

    Google Scholar 

  15. Murdoch SJ, Drimer S, Anderson R, Bond M (2010) Chip and PIN is broken. In: IEEE symposium on security and privacy, Berkeley, CA, pp 433–446. doi:10.1109/SP.2010.33

  16. Bogari EA, Zavarsky P, Lindskog D, Ruhl R (2012) An analysis of security weaknesses in the evolution of RFID enabled passport. In: IEEE world congress on internet security, Guelph, Canada, pp 158–166

  17. Prabhusundhar P, Kumar VKN, Srinivasan B (2013) Border crossing security and privacy in biometric passport using cryptographic authentication protocol. In: IEEE international conference on computer communication and informatics, Coimbatore, India, pp 1–7. doi:10.1109/ICCCI.2013.6466144

  18. Nohl K, Evans D, Starbug S, Plotz H (2008) Reverse-engineering a cryptographic RFID tag. In: 17th USENIX security symposium, San Jose, CA, USA

  19. de Koning Gans G, Hoepman JH, Garcia FD (2008) A practical attack on the MIFARE Classic. Smart Card Res Adv Appl Lect Notes Comput Sci 5189:267–282. doi:10.1007/978-3-540-85893-5_20

    Article  Google Scholar 

  20. Keith EM, Carlos C (2010) The MIFARE classic story. Inform Secur Tech Report 15:8–12. doi:10.1016/j.istr.2010.10.009

    Article  Google Scholar 

  21. Singh K, Kaur G (2012) Radio frequency identification: applications and security issues. In: IEEE second international conference on advanced computing & communication technologies, Rohtak, Haryana, India, pp 490–494. doi:10.1109/ACCT.2012.94

  22. Bono SC, Green M, Stubblefield A, Juels A, Rubin AD, Szydlo M (2005) Security analysis of a cryptographically-enabled RFID device. In: 14th USENIX security symposium, Baltimore, MA, USA, pp 1–16

  23. Russell R, Kaminsky D, Puppy RF, Grand J, Ahmad D, Flynn H, Dubrawsky I, Manzuik SW, Permeh R (2002) Hack proofing your network. 2nd ed. Rockland, MA, USA

  24. Westhues J (2005) Hacking the Prox Card. In: Garfinkel S, Rosenberg B (eds) RFID: applications, security, and privacy. Addison Wesley, New York, pp 291–301

    Google Scholar 

  25. Halamka J, Juels A, Stubblefield A, Westhues J (2006) The security implications of VeriChip cloning. J Am Med Inform Assoc 13:601–607. doi:10.1197/jamia.M2143

    Article  Google Scholar 

  26. Bu K, Liu X, Luo J, Xiao B, Wei G (2013) Unreconciled collisions uncover cloning attacks in anonymous RFID systems. IEEE Trans Inf Forensics Secur 8:429–439. doi:10.1109/TIFS.2012.2237395

    Article  Google Scholar 

  27. Bu K, Liu X, Xiao B (2012) Fast cloned-tag identification protocols for large-scale RFID systems. In: IEEE 20th international workshop on quality of service, Coimbra, Portugal, pp 1–4. doi:10.1109/IWQoS.2012.6245962

  28. Banerjee D, Jiang L, Jia D, Thompson DR (2012) Feature selection for RFID tag identification. In: IEEE 7th international ICST conference on communications and networking in China, Kun Ming, China, pp 218–221. doi:10.1109/ChinaCom.2012.6417479

  29. Noman ANM, Rahman M, Adams C (2011) Improving security and usability of low cost RFID tags. In: IEEE 9th annual international conference on privacy, security and trust, Montreal, Canada, pp 134–141. doi:10.1109/PST.2011.5971975

  30. Lehtonen M, Ostojic D, Ilic A, Michahelles F (2009) Securing RFID systems by detecting tag cloning. Pervasive Comp Lect Notes Comput Sci 5538:291–308. doi:10.1007/978-3-642-01516-8_20

    Article  Google Scholar 

  31. Fu L, Shen X, Zhu L, Wang J (2014) A low-cost UHF RFID tag chip with AES cryptography engine. Secur Commun Netw 7:365–375. doi:10.1002/sec.723

    Article  Google Scholar 

  32. Jung SW, Jung S (2013) HRP: a HMAC-based RFID mutual authentication protocol using PUF. In: IEEE international conference on information networking, Bangkok, Thailand, pp 578–582. doi:10.1109/ICOIN.2013.6496690

  33. Wenger E, Baier T, Feichtner J (2012) JAAVR: introducing the next generation of security-enabled RFID tags. In: IEEE 15th Euromicro conference on digital system design, Izmir, Turkey, pp 640–647. doi:10.1109/DSD.2012.81

  34. Bertoncini C, Rudd K, Nousain B, Hinders M (2012) Wavelet fingerprinting of radio-frequency identification (RFID) tags. IEEE Trans Ind Electron 59:4843–4850. doi:10.1109/TIE.2011.2179276

    Article  Google Scholar 

  35. Shen J, Choi D, Moh S, Chung I (2010) A novel anonymous RFID authentication protocol providing strong privacy and security. In: IEEE international conference on multimedia information networking and security. Nanjing, Jiangsu, China, pp 584–588. doi:10.1109/MINES.2010.128

  36. Eng A, Wahsheh LA (2013) Look into my eyes: a survey of biometric security. In: IEEE 10th international conference on information technology: new generations, Las Vegas, NV, USA, pp 422–427. doi:10.1109/ITNG.2013.65

  37. Sibai FN, Nuaimi A, Maamari A, Kuwair R (2013) Ear recognition with feed-forward artificial neural networks. Neural Comput Appl 23:1265–1273. doi:10.1007/s00521-012-1068-1

    Article  Google Scholar 

  38. Liu Z, Zhao H, Pu J, Wang H (2013) Face recognition under varying illumination. Neural Comput Appl 23:133–139. doi:10.1007/s00521-012-1042-y

    Article  Google Scholar 

  39. Lu S, Liu L, Lu Y, Wang PSP (2012) Cost-sensitive neural network classifiers for postcode recognition. Int J Pattern Recogn 26:218–232. doi:10.1142/S0218001412630013

    Article  MathSciNet  Google Scholar 

  40. Leung KF, Leung FHF, Lam HK, Ling SH (2007) Application of a modified neural fuzzy network and an improved genetic algorithm to speech recognition. Neural Comput Appl 16:419–431. doi:10.1007/s00521-006-0068-4

    Article  Google Scholar 

  41. Hasan H, Kareem SA (2013) Fingerprint image enhancement and recognition algorithms: a survey. Neural Comput Appl 23:1605–1610. doi:10.1007/s00521-012-1113-0

    Article  Google Scholar 

  42. Gaxiola F, Melin P, Lopez M (2010) Modular neural networks for person recognition using the contour segmentation of the human iris biometric measurement. In: Melin P, Kacprzyk J, Pedrycz W (eds) Soft computing for recognition based on biometrics. Springer, Berlin, pp 137–153

    Chapter  Google Scholar 

  43. Ratnayake DN, Kazemian HB, Yusuf SA (2013) Identification of probe request attacks in WLANs using neural networks. Neural Comput Appl. doi:10.1007/s00521-013-1478-8

    Google Scholar 

  44. Rankovic V, Novakovic A, Grujovic N, Divac D, Milivojevic N (2014) Predicting piezometric water level in dams via artificial neural networks. Neural Comput Appl 24:1115–1121. doi:10.1007/s00521-012-1334-2

    Article  Google Scholar 

  45. Sarlin P (2014) On biologically inspired predictions of the global financial crisis. Neural Comput Appl 24:663–673. doi:10.1007/s00521-012-1281-y

    Article  Google Scholar 

  46. Kusiak A, Zeng Y, Zhang Z (2013) Modeling and analysis of pumps in a wastewater treatment plant: a data-mining approach. Eng Appl Artif Intel 26:1643–1651. doi:10.1016/j.engappai.2013.04.001

    Article  Google Scholar 

  47. Carpenter WC, Barthelemy JF (1994) Common misconceptions about neural networks as approximators. J Comput Civil Eng 8:345–358. doi:10.1061/(ASCE)0887-3801

    Article  Google Scholar 

  48. Katz JO (1992) Developing neural network forecasters for trading. Tech Anal Stocks Commod 10:160–168

    Google Scholar 

  49. Priddy KL, Keller PE (2005) Artificial neural networks: an introduction. SPIE, Washington, USA

    Book  Google Scholar 

  50. Boger Z, Guterman H (1997) Knowledge extraction from artificial neural network models. In: International conference on computational cybernetics and simulation, man, and cybernetics conference, Orlando, FL, USA, pp 3030–3035. doi:10.1109/ICSMC.1997.633051

Download references

Acknowledgments

This research was supported as part of the project “Campus RFID Automation System” at the Sakarya University in Turkey (Nos. 2004/1 and 2005/4).

Author information

Authors and Affiliations

  1. Department of Electronic Engineering, Faculty of Engineering, Sakarya University, Sakarya, Turkey

    Gürsel Düzenli

Authors
  1. Gürsel Düzenli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gürsel Düzenli.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Düzenli, G. A new security approach for public transport application against tag cloning with neural network-based pattern recognition. Neural Comput & Applic 26, 1681–1691 (2015). https://doi.org/10.1007/s00521-015-1837-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-015-1837-8

Keywords

Search

Navigation