Abstract
Malware, in essence, is an infiltration to one’s computer system. Malware is created to wreak havoc once it gets in through weakness in a computer’s barricade. Anti-virus companies and operating system companies are working to patch weakness in systems and to detect infiltrators. However, with the advance of fragmentation, detection might even prove to be more difficult. Malware detection relies on signatures to identify malware of certain shapes. With fragmentation, functionality and size can change depending on how many fragments are used and how the fragments are created. In this paper we present a robust malware detection technique, with emphasis on detecting fragmentation malware attacks in RFID systems that can be extended to detect complex obfuscated and mutated malware. After a particular fragmented malware has been first identified, it can be analyzed to extract the signature, which provides a basis for detecting variants and mutants of similar types of malware in the future. Encouraging experimental results on a limited set of recent malware are presented.
Similar content being viewed by others
References
Butler, S.: RFID usage and trends. http://www.emarketer.com/Report.aspx?code=rfid_jul04. Retrieved July 18 (2007)
Waters, J.: More tech in store: Wal-Mart’s muscle is advancing RFID usage. http://www.marketwatch.com/News/Story/Story.aspx?guid=%7BA9969BF0%2DC580%2D4286%2DA396%2DB5ADDEA298DA%7D&siteid=google&dist=google. Retrieved July 18 (2007)
Zetter, K.: Wired magazine. Feds Rethinking RFID Passport. http://www.wired.com/print/politics/security/news/2005/04/67333. Retrieved July 30 (2007)
Rieback, M.R., Crispo, B., Tanenbaum, A.S.: Is your cat infected with a computer virus? http://www.rfidvirus.org/papers/percom.06.pdf. IEEE Percom (2006)
Bond G.W.: Software as art. Commun. ACM 48(8), 118–124 (2005)
Sulaiman, T., Shankarpani, M.K., Mukkamala, S., Sung, A.H.: RFID malware fragmentation attacks. In: International Symposium on Collaborative Technologies and Systems, 2008 (CTS 2008), Issue, 19–23, pp. 533–539 (2008)
Sulaiman A., Mukkamala S., Sung A.: SQL infections through RFID. J Comp Virol 4(4), 347–356 (2007)
CGI Security. What is SQL injection? http://www.cgisecurity.com/questions/sql.shtml. Retrieved on December 10 (2006)
Geer, D., et al.: CyberInsecurity: the cost of monopoly. Computer & Communications Industry Association. http://www.ccianet.org/filings/cybersecurity/cyberinsecurity.pdf. Retrieved on February 10 (2007)
Garfinkel S., Rosenberg B.: RFID: Application, Security and Privacy. Addison-Wesley, Reading (2006)
Van Hout, P.: Radio Frequency Identification (RFID) Demystified. http://www.pragmatyxs.com/RFIDwhitepaper.html. Pragmatyxs. Retrieved March 21 (2007)
Thompson, D.R., Di, J., Sunkara, H., Thompson, C.: categorizing RFID privacy threats with STRIDE. In: Proceedings ACM’s Symposium on Usable Privacy and Security held at CMU (2006)
RFIDeas, Inc. AIR ID Writer SDK. http://www.rfideas.com/products/software_developer_kits/contactless_smart_cards/index.php
Karygiannis, T., et al.: National Institute of Standards and Technology. Guidance for Securing RFID Systems (Draft). http://csrc.nist.gov/publications/drafts/800-98/Draft-SP800-98.pdf. Retrieved July 30 (2007)
Biometrics deployment of machine readable travel documents. May 2004. http://www.icao.int/mrtd/download/documents/Biometrics%20deployment%20o%f%20Machine%20Readable%20Travel%20Documents%202004.pdf. Retrieved July 26 (2007)
Bono, S., Green, M., Stubble_eld, A., Juels, A., Rubin, A., Szydlo, M.: Security analysis of a cryptographically enabled RFID device. In: 14th USENIX Security Symposium, p. 1.16, July–August. USENIX, Baltimore, Maryland, USA (2005)
K_r, Z., Wool, A.: Picking virtual pockets using relay attacks on contactless smartcard systems. In: 1st Intl. Conf. on Security and Privacy for Emerging Areas in Communication Networks, Sep 2005. http://eprint.iacr.org/. Retrieved July 26 (2007)
MySQL. Download Connector/Net 5.0, an ADO.NET driver for MySQL. http://dev.mysql.com/downloads/connector/net/5.0.html. Retrieved March 20 (2007)
Generation 2 Security, http://www.thingmagic.com/html/pdf/Generation%202%20-%20Security.pdf. Retrieved July 26 (2007)
How to Defend against RFID Malware. http://www.rfidvirus.org/defend.html. Retrieved July 27 (2007)
Filiol, E.: Formalization and implementation aspects of K-ary (malicious) Codes. In: Broucek, V., (ed.) EICAR 2007 Special Issue. J. Comp. Virol. 3(2) (2007)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shankarapani, M.K., Sulaiman, A. & Mukkamala, S. Fragmented malware through RFID and its defenses. J Comput Virol 5, 187–198 (2009). https://doi.org/10.1007/s11416-008-0106-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-008-0106-0