Sciweavers

PERCOM
2006
ACM

Is Your Cat Infected with a Computer Virus?

14 years 11 months ago
Is Your Cat Infected with a Computer Virus?
RFID systems as a whole are often treated with suspicion, but the input data received from individual RFID tags is implicitly trusted. RFID attacks are currently conceived as properly formatted but fake RFID data; however no one expects an RFID tag to send a SQL injection attack or a buffer overflow. This paper is meant to serve as a warning that data from RFID tags can be used to exploit back-end software systems. RFID middleware writers must therefore build appropriate checks (bounds checking, special character filtering, etc..), to prevent RFID middleware from suffering all of the well-known vulnerabilities experienced by the Internet. Furthermore, as a proof of concept, this paper presents the first self-replicating RFID virus. This virus uses RFID tags as a vector to compromise backend RFID middleware systems, via a SQL injection attack.
Melanie R. Rieback, Bruno Crispo, Andrew S. Tanenb
Added 24 Dec 2009
Updated 24 Dec 2009
Type Conference
Year 2006
Where PERCOM
Authors Melanie R. Rieback, Bruno Crispo, Andrew S. Tanenbaum
Comments (0)