Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Comprehensive Study for RFID Malwares on Mobile Devices TBD.

Published byBrad Reames Modified over 10 years ago

Similar presentations

Presentation on theme: "A Comprehensive Study for RFID Malwares on Mobile Devices TBD."— Presentation transcript:

1 A Comprehensive Study for RFID Malwares on Mobile Devices TBD

2 Outline Motivation State-of-Art Malwares and Countermeasures for RFID and Mobile Systems – RFID Security Challenge – Mobile Security Challenge – New Challenge from RFID Malwares on Mobile Devices Extended Threat Model Basic Design of Anti-malware Framework for Mobile Devices in RFID Systems Conclusion

3 Motivation Severe challenge for RFID security on mobile devices, because – RFID systems are still in its infant stage. Many RFID Systems are lack of security protection. – To improve productivity, more mobile devices will be used. Mobile systems are more vulnerable than non-portable systems. Limitations for RFID malwares are being relaxed as the development of technology. – Cheaper RFID tags with larger storage capacity – hold more malicious data. – Better network connection for mobile devices – easier for malware propagation.

4 New Opportunities for RFID Malwares C1: The tag data size limitation (<1024 bits) make RFID malware unrealistic. EPC Gen2 Class3 Tags have at least kilo bytes storage. C2: RFID Systems are closed-loop systems. New RFID Standard: EPCglobal Architecture may require exchanging data with EPCglobal Network through the Internet. C3: More mobile devices will be used as RFID readers. RFID Malware

5 Lessons from Practices (1/2) L1: A small number of bits are enough to construct a RFID malware. RFID malwares can spread itself by modifying database for tag value writing. – In 2006, researchers in Vrije University proposed the first proof-of-concept malware design and basic propagation model. – Even when the space is very limited, it is still possible to store a smaller malware trigger in a RFID tag which may awake malwares that already exist in the system.

6 Lessons from Practices (2/2) L2: Malwares may trigger exception flow to bypass pure data level protection mechanism. System level protection is required. – In 2007, German RFID experts shows how to crash RFID Reader for RFID enabled E-Passport by modifying JPEG2000 photo image file in E- Passport. – exploit buffer overflow vulnerability in off-the- shelf libraries when loading the photo image.

7 Basic Threat Model & Countermeasures 1. Defend Cloning and Counterfeiting 2. Defend Malware 3. Defend Denial-of-Service Less attention for front-end devices as (mobile) RFID reader!

8 Malware State on Mobile Devices First proof-of-concept mobile malware was reported in 2004. But no major outbreak of mobile malwares is reported until now. In F-Secure Cell-phone Malwares Report 2007 – 373 malwares in total (including variants). – Total number of malware reaches 1 million in Symantec Internet Security Threat Report 2007 In CVE (Common Vulnerabilities and Exposures) database (2002-2008) – 138 vulnerabilities found for software on mobile systems. – iPhone contributes 1/4 number of vulnerabilities.

9 Malware Trend on Mobile Devices Why are mobile malwares so unpopular? – Limited function of mobile device All existed mobile malwares requires user interaction. – Poor network connection only allow local propagations in most of time. – Low potential profit Most people only use phone or Email functions of mobile devices. The situation is changing. – New multi-function platform: iPhone – New network techniques: Wi-Fi, 3G – More people use it to store sensitive or private data. Businessmen and college students.

10 Major Malware Challenge on Mobile Devices Lack of permission control – Most mobile system are single-user systems running on simple hardware without runtime privilege control. – Social engineering are widely used in mobile malwares. Limited resources – Powered by battery – Less computation and storage capability compared to general purpose platform. – Resource-demanding security protections are prohibited. Countermeasure status – Still emerging, not mature, useful mostly for post-infection cleanup.

11 No-Tech Attacks in Mobile Malwares The distribution of Vulnerabilities[From CVE] The distribution of Malwares[From F-Secure] Symbian OS, the most popular mobile system with only 3 reported vulnerabilities, has the largest number of malwares.

12 New Challenge from RFID Malware on Mobile Devices RFID Systems: – High potential profit. – Global connection in EPCglobal architecture. Mobile Systems: – More vulnerable than non-portable counterpart. – Limited resources prohibit resource demanding security protection. RFID Systems + Mobile Systems: – Attractive targets for hackers.

13 Extended Threat Model RFID Tag can carry: 1.Malware trigger 2.Malware fragment 3.Malware entity RFID Tag can carry: 1.Malware trigger 2.Malware fragment 3.Malware entity Reader Firmware may be compromised Reader Firmware may be compromised Mobile Device / Middleware on it may be compromised Mobile Device / Middleware on it may be compromised Front-end Server may be compromised Enterprise Database System may be compromised EPCglobal Network may be compromised Bad News: Every node can be compromised. Good News: They are connected in a chain. Bad News: Every node can be compromised. Good News: They are connected in a chain. Public Domain Company Domain EPC Core Domain

14 Basic Design of Anti-malware Framework for Mobile Devices in RFID Systems To secure the frontier of RFID security chain, we arm the mobile device with Intrusion Prevention System and Intrusion Detection System. IPS IDS Dangerous Data Source Filter out anything can be filtered. Detect anything can be detected. Firewall + Check Data Format and Content. Defend DoS, SQL/Script Injection, Shell Code in text input. Another alternative: Distort Binary Data? Firewall + Check Data Format and Content. Defend DoS, SQL/Script Injection, Shell Code in text input. Another alternative: Distort Binary Data? Validate Program Behavior on Given Data Input. Defend Buffer Overflow, Unexpected Behavior. Validate Program Behavior on Given Data Input. Defend Buffer Overflow, Unexpected Behavior. IDS is well known inefficient and resource demanding. Is it feasible to use it on mobile device? IDS is well known inefficient and resource demanding. Is it feasible to use it on mobile device?

15 Potential Techniques (1/2) 1. Good Signature Checking – Why is IDS known inefficient and resource- demanding? Check the related signatures one by one. Complex program behaviors are inevitable in general purpose systems. Many signatures to check, no matter whether good or malicious signatures are used. – However, the functions of RFID systems are much SIMPLE than general purpose systems. Check good signatures should be affordable. To provide a more flexible system, combine good signatures with malicious signatures if necessary.

16 – Some Problem? How to automatically generate efficient good signatures? How to secure the good signature database and the IDS monitor on mobile device? …

17 Potential Techniques (2/2) 2. Cooperative mode – Connection with EPCglobal network is compulsory for new RFID Standard. Network connection is guaranteed. – To achieve longer battery time and enable sophisticated IDS protection, SHIFT part or all of intrusion detection workload to cooperative servers.

18 – Some Problems? What kinds of workload should be shifted to cooperative servers? What to do when the connection to cooperative servers is lost? How to efficiently balance the workload between mobile client and cooperative servers? …

19 Conclusion We survey state-of-art malware and countermeasures for RFID and mobile systems, and… – Propose an extended threat model to capture the malware threats to RFID systems with mobile devices – Discuss some potential techniques to defend against such malware threats.

20 Q & A TBD

Download ppt "A Comprehensive Study for RFID Malwares on Mobile Devices TBD."

Similar presentations

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.

Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Mobile Security Guide Matt Scofield, Eric Samson, Cong Le.

Mobile Security Guide Matt Scofield, Eric Samson, Cong Le.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.

Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Tagging Technology for the Masses (TTM) Trevor Maynard Dan Santoni.

Tagging Technology for the Masses (TTM) Trevor Maynard Dan Santoni.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Val Rahmani CEO Damballa Inc.. #SINET Connection The Internet is dynamic. The threats are agile. Neither are shrinking or slowing!

Val Rahmani CEO Damballa Inc.. #SINET Connection The Internet is dynamic. The threats are agile. Neither are shrinking or slowing!
© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.
A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
A Study on Mobile P2P Systems Hongyu Li. Outline  Introduction  Characteristics of P2P  Architecture  Mobile P2P Applications  Conclusion.

A Study on Mobile P2P Systems Hongyu Li. Outline  Introduction  Characteristics of P2P  Architecture  Mobile P2P Applications  Conclusion.
How to Build a Low-Cost, Extended-Range RFID Skimmer Ilan Kirschenbaum & Avishai Wool 15 th Usenix Security Symposium,2006 Kishore Padma Raju.

How to Build a Low-Cost, Extended-Range RFID Skimmer Ilan Kirschenbaum & Avishai Wool 15 th Usenix Security Symposium,2006 Kishore Padma Raju.
Chapter 3 Ethics, Privacy & Security

Chapter 3 Ethics, Privacy & Security
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Security Threats Connecting Computers Copyright Law & Ethics Storage & Memory Computer System 50 40 30 20 10 20 30 40 50 10 20 30 40 50 10 20 30 40 50.

Security Threats Connecting Computers Copyright Law & Ethics Storage & Memory Computer System
Jörn-Marc Schmidt Social Networks Computer / Notebook Localization Smart Phone Identification Tracking ??? RFID Social Networks.

Jörn-Marc Schmidt Social Networks Computer / Notebook Localization Smart Phone Identification Tracking ??? RFID Social Networks.

Similar presentations

Ads by Google