Skip to main content
SpringerLink
Log in

Fragmented malware through RFID and its defenses

  • Original Paper
  • Published:
Journal in Computer Virology Aims and scope Submit manuscript

Abstract

Malware, in essence, is an infiltration to one’s computer system. Malware is created to wreak havoc once it gets in through weakness in a computer’s barricade. Anti-virus companies and operating system companies are working to patch weakness in systems and to detect infiltrators. However, with the advance of fragmentation, detection might even prove to be more difficult. Malware detection relies on signatures to identify malware of certain shapes. With fragmentation, functionality and size can change depending on how many fragments are used and how the fragments are created. In this paper we present a robust malware detection technique, with emphasis on detecting fragmentation malware attacks in RFID systems that can be extended to detect complex obfuscated and mutated malware. After a particular fragmented malware has been first identified, it can be analyzed to extract the signature, which provides a basis for detecting variants and mutants of similar types of malware in the future. Encouraging experimental results on a limited set of recent malware are presented.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Butler, S.: RFID usage and trends. http://www.emarketer.com/Report.aspx?code=rfid_jul04. Retrieved July 18 (2007)

  2. Waters, J.: More tech in store: Wal-Mart’s muscle is advancing RFID usage. http://www.marketwatch.com/News/Story/Story.aspx?guid=%7BA9969BF0%2DC580%2D4286%2DA396%2DB5ADDEA298DA%7D&siteid=google&dist=google. Retrieved July 18 (2007)

  3. Zetter, K.: Wired magazine. Feds Rethinking RFID Passport. http://www.wired.com/print/politics/security/news/2005/04/67333. Retrieved July 30 (2007)

  4. Rieback, M.R., Crispo, B., Tanenbaum, A.S.: Is your cat infected with a computer virus? http://www.rfidvirus.org/papers/percom.06.pdf. IEEE Percom (2006)

  5. Bond G.W.: Software as art. Commun. ACM 48(8), 118–124 (2005)

    Article  Google Scholar 

  6. Sulaiman, T., Shankarpani, M.K., Mukkamala, S., Sung, A.H.: RFID malware fragmentation attacks. In: International Symposium on Collaborative Technologies and Systems, 2008 (CTS 2008), Issue, 19–23, pp. 533–539 (2008)

  7. Sulaiman A., Mukkamala S., Sung A.: SQL infections through RFID. J Comp Virol 4(4), 347–356 (2007)

    Article  Google Scholar 

  8. CGI Security. What is SQL injection? http://www.cgisecurity.com/questions/sql.shtml. Retrieved on December 10 (2006)

  9. Geer, D., et al.: CyberInsecurity: the cost of monopoly. Computer & Communications Industry Association. http://www.ccianet.org/filings/cybersecurity/cyberinsecurity.pdf. Retrieved on February 10 (2007)

  10. Garfinkel S., Rosenberg B.: RFID: Application, Security and Privacy. Addison-Wesley, Reading (2006)

    Google Scholar 

  11. Van Hout, P.: Radio Frequency Identification (RFID) Demystified. http://www.pragmatyxs.com/RFIDwhitepaper.html. Pragmatyxs. Retrieved March 21 (2007)

  12. Thompson, D.R., Di, J., Sunkara, H., Thompson, C.: categorizing RFID privacy threats with STRIDE. In: Proceedings ACM’s Symposium on Usable Privacy and Security held at CMU (2006)

  13. RFIDeas, Inc. AIR ID Writer SDK. http://www.rfideas.com/products/software_developer_kits/contactless_smart_cards/index.php

  14. Karygiannis, T., et al.: National Institute of Standards and Technology. Guidance for Securing RFID Systems (Draft). http://csrc.nist.gov/publications/drafts/800-98/Draft-SP800-98.pdf. Retrieved July 30 (2007)

  15. Biometrics deployment of machine readable travel documents. May 2004. http://www.icao.int/mrtd/download/documents/Biometrics%20deployment%20o%f%20Machine%20Readable%20Travel%20Documents%202004.pdf. Retrieved July 26 (2007)

  16. Bono, S., Green, M., Stubble_eld, A., Juels, A., Rubin, A., Szydlo, M.: Security analysis of a cryptographically enabled RFID device. In: 14th USENIX Security Symposium, p. 1.16, July–August. USENIX, Baltimore, Maryland, USA (2005)

  17. K_r, Z., Wool, A.: Picking virtual pockets using relay attacks on contactless smartcard systems. In: 1st Intl. Conf. on Security and Privacy for Emerging Areas in Communication Networks, Sep 2005. http://eprint.iacr.org/. Retrieved July 26 (2007)

  18. MySQL. Download Connector/Net 5.0, an ADO.NET driver for MySQL. http://dev.mysql.com/downloads/connector/net/5.0.html. Retrieved March 20 (2007)

  19. Generation 2 Security, http://www.thingmagic.com/html/pdf/Generation%202%20-%20Security.pdf. Retrieved July 26 (2007)

  20. How to Defend against RFID Malware. http://www.rfidvirus.org/defend.html. Retrieved July 27 (2007)

  21. Filiol, E.: Formalization and implementation aspects of K-ary (malicious) Codes. In: Broucek, V., (ed.) EICAR 2007 Special Issue. J. Comp. Virol. 3(2) (2007)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Institute for Complex Additive Systems Analysis, Computational Analysis and Network Enterprise Solutions, New Mexico Tech, Socorro, New Mexico, 87801, Mexico

    Madhu K. Shankarapani, Anthonius Sulaiman & Srinivas Mukkamala

Authors
  1. Madhu K. Shankarapani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anthonius Sulaiman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Srinivas Mukkamala
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Srinivas Mukkamala.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Shankarapani, M.K., Sulaiman, A. & Mukkamala, S. Fragmented malware through RFID and its defenses. J Comput Virol 5, 187–198 (2009). https://doi.org/10.1007/s11416-008-0106-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-008-0106-0

Keywords

Search

Navigation