Biblio

Nowadays big shopping marts are expanding their business all over the world but not all marts are fully protected with the advanced security system. Very often we come across cases where people take the things out of the mart without billing. These marts require some advanced features-based security system for them so that they can run an efficient and no-loss business. The idea we are giving here can not only be implemented in marts to enhance their security but can also be used in various other fields to cope up with the incompetent management system. Several issues of the stores like regular stock updating, placing orders for new products, replacing products that have expired can be solved with the idea we present here. We also plan on making the slow processes of billing and checking out of the mart faster and more efficient that would result in customer satisfaction.

The current face recognition technology has rapidly come into the public life, from unlocking cell phone face to mobile payment, which has brought a lot of convenience to life. However, it is undeniable that it also brings security challenges. Based on this paper, we will discuss the risks of face recognition in the mobile payment and put forward relevant suggestions.

In recent years, body-worn RFID and NFC (near field communication) devices have become one of the principal technologies concurring to the rise of healthcare internet of thing (H-IoT) systems. Similarly, points of care (PoCs) moved increasingly closer to patients to reduce the costs while supporting precision medicine and improving chronic illness management, thanks to timely and frequent feedback from the patients themselves. A typical PoC involves medical sensing devices capable of sampling human health, personal equipment with communications and computing capabilities (smartphone or tablet) and a secure software environment for data transmission to medical centers. Hybrid platforms simultaneously employing NFC and ultra-high frequency (UHF) RFID could be successfully developed for the first sensing layer. An application example of the proposed hybrid system for the monitoring of acute myocardial infarction (AMI) survivors details how the combined use of NFC and UHF-RFID in the same PoC can support the multifaceted need of AMI survivors while protecting the sensitive data on the patient’s health.

Nowadays, Security is the biggest challenge in communication networks. Well defined security protocols not only solve the privacy and security issues but also help to reduce the implementation cost and simplify network's operation. Network society demands more reliable and secure network services as well as infrastructure. In communication networks, data theft, hacking, fraud, cyber warfare are serious security threats. Security as defined by experts is confirming protected communication amongst communication/computing systems and consumer applications in private and public networks, it is important for promising privacy, confidentiality, and protection of information. This paper highlights the security related issues and challenges in communication networks. We also present the holistic view for the underlaying physical layer including physical infrastructure attacks, jamming, interception, and eavesdropping. This research focused on improving the security measures and protocols in different communication networks.

Multi-factor user authentication (MFUA) becomes increasingly popular due to its superior security comparing with single-factor user authentication. However, existing MFUAs require multiple interactions between users and different authentication components when sensing the multiple factors, leading to extra overhead and bad use experiences. In this paper, we propose a secure and user-friendly MFUA system, namely BioDraw, which utilizes four categories of biometrics (impedance, geometry, composition, and behavior) of human hand plus the pattern-based password to identify and authenticate users. A user only needs to draw a pattern on a RFID tag array, while four biometrics can be simultaneously collected. Particularly, we design a gradient-based pattern recognition algorithm for pattern recognition and then a CNN-LSTM-based classifier for user recognition. Furthermore, to guarantee the systemic security, we propose a novel anti-spoofing scheme, called Binary ALOHA, which utilizes the inhabit randomness of RFID systems. We perform extensive experiments over 21 volunteers. The experiment result demonstrates that BioDraw can achieve a high authentication accuracy (with a false reject rate less than 2%) and is effective in defending against various attacks.

Passive radio frequency identification (RFID) systems raise new transmission secrecy protection challenges against the special proactive eavesdropper, since it is able to both enhance the information wiretap and interfere with the information detection at the RFID reader simultaneously by broadcasting its own continuous wave (CW) signal. To defend against proactive eavesdropping attacks, we propose an artificial noise (AN) aided secure transmission scheme for the RFID reader, which superimposes an AN signal on the CW signal to confuse the proactive eavesdropper. The power allocation between the AN signal and the CW signal are optimized to maximize the secrecy rate. Furthermore, we model the attack and defense process between the proactive eavesdropper and the RFID reader as a hierarchical security game, and prove it can achieve the equilibrium. Simulation results show the superiority of our proposed scheme in terms of the secrecy rate and the interactions between the RFID reader and the proactive eavesdropper.

The use of modeling techniques such as Knuth's Rule or Bayesian Blocks for the purposes of real-time traffic characterization in RFID networks has been proposed already. This study examines the applicability of using Voronoi polygon maps or alternatively, DBSCAN clustering, as initial density estimation techniques when computing 2-Dimentional Bayesian Blocks models of RFID traffic. Our results are useful for the purposes of extending the constant-piecewise adaptation of Bayesian Blocks into 2D piecewise models for the purposes of more precise detection of anomalies in RFID traffic based on multiple log features such as command type, location, UID values, security support, etc. Automatic anomaly detection of RFID networks is an essential first step in the implementation of intrusion detection as well as a timely response to equipment malfunction such as tag hardware failure.

As the core of the third information revolution, the Internet of things plays an important role in the development of the times. According to the relevant investigation and research, we can find that the research on the Internet of things is still in the stage of LAN and private network, and its open advantages have not been fully utilized[1]. In this context, RFID technology as the core technology of the Internet of things, the security protocol plays an important role in the normal use of the technology. With the continuous development of Internet information technology, the disadvantages of security protocol become more and more obvious. These problems seriously affect the popularity of Internet of things technology. Therefore, in the future work, the relevant staff need to continue to strengthen research, according to the future development plan, effectively play the advantages of technology, and further promote its development.

In recent years, the Internet of Things technology has developed rapidly. RFID technology, as an important branch of the Internet of Things technology, is widely used in logistics, medical, military and other fields. RFID technology not only brings convenience to people's production and life, but also hides many security problems. However, the current research on RFID technology mainly focuses on the technology application, and there are relatively few researches on its security analysis. This paper firstly studies the authentication mechanism and storage mechanism of RFID technology, then analyzes the common vulnerabilities of RFID, and finally gives the security protection suggestions.

Lightweight cryptography is a new branch of cryptography focused on providing security to resource-constraint devices such as wireless sensor networks (WSN), Radio-Frequency Identification (RFIDs) and other embedded systems. The factors considered in lightweight cryptography are mainly circuit area, memory requirement, processing time, latency, power, and energy consumption. This paper presents a discussion on common lightweight block ciphers in terms of different performance parameters, strength, design trends, limitations, and applications including the National Institute of Science and Technology (NIST) round 1 and 2 candidates. Analysis of these lightweight algorithms has offered an insight into this newly emerging field of cryptography.

Passive RFID technology is widely used in user authentication and access control. We propose RF-Rhythm, a secure and usable two-factor RFID authentication system with strong resilience to lost/stolen/cloned RFID cards. In RF-Rhythm, each legitimate user performs a sequence of taps on his/her RFID card according to a self-chosen secret melody. Such rhythmic taps can induce phase changes in the backscattered signals, which the RFID reader can detect to recover the user's tapping rhythm. In addition to verifying the RFID card's identification information as usual, the backend server compares the extracted tapping rhythm with what it acquires in the user enrollment phase. The user passes authentication checks if and only if both verifications succeed. We also propose a novel phase-hopping protocol in which the RFID reader emits Continuous Wave (CW) with random phases for extracting the user's secret tapping rhythm. Our protocol can prevent a capable adversary from extracting and then replaying a legitimate tapping rhythm from sniffed RFID signals. Comprehensive user experiments confirm the high security and usability of RF-Rhythm with false-positive and false-negative rates close to zero.

Studies on two-factor authentication based on RFID and face recognition have been carried out on a large scale. However, these studies didn't discuss the way to overcome the weaknesses of face recognition authentication in the access control systems. In this study, two authentication factors, RFID and face recognition, were implemented using the LBP (Local Binary Pattern) algorithm to overcome weaknesses of face recognition authentication in the access control system. Based on the results of performance testing, the access control system has 100% RFID authentication and 80% face recognition authentication. The average time for the RFID authentication process is 0.03 seconds, the face recognition process is 6.3885 seconds and the verification of the face recognition is 0.1970 seconds. The access control system can still work properly after three days without being switched off. The results of security testing showed that the capabilities spoofing detection has 100% overcome the photo attack.

With the development of 5G communication technology, the status of the Internet of Vehicles in people's lives is greatly improved in the general trend of intelligent transportation. The combination of vehicles and Radio Frequency Identification (RFID) makes the application prospects of vehicle networking gradually expand. However, the wireless network of the Internet of Vehicles is open and mobile, so it can be easily stolen or tampered with by attackers. Moreover, it will cause serious traffic security problems and even threat people's lives. In this paper, we propose a lightweight authentication protocol for the Internet of Vehicles based on a mobile RFID system and give corresponding security requirements for modeling potential attacks. The protocol is based on the three-party mutual authentication, and uses bit-operated left-cycle shift operations and hetero-oriented operations to generate encrypted data. The simultaneous inclusion of triparty shared key information and random numbers makes the protocol resistant to counterfeit attacks, violent attacks, replay attacks and desynchronization attacks. Finally, a simulation analysis of the security protocol using the ProVerif tool shows that the protocol secures is not accessible to attackers during the data transfer, and achieve the three-party authentication between sensor nodes (SN), vehicle nodes (Veh) and backend servers.

Wireless networking opens up many opportunities to facilitate miniaturized robots in collaborative tasks, while the openness of wireless medium exposes robots to the threats of Sybil attackers, who can break the fundamental trust assumption in robotic collaboration by forging a large number of fictitious robots. Recent advances advocate the adoption of bulky multi-antenna systems to passively obtain fine-grained physical layer signatures, rendering them unaffordable to miniaturized robots. To overcome this conundrum, this paper presents ScatterID, a lightweight system that attaches featherlight and batteryless backscatter tags to single-antenna robots to defend against Sybil attacks. Instead of passively "observing" signatures, ScatterID actively "manipulates" multipath propagation by using backscatter tags to intentionally create rich multipath features obtainable to a single-antenna robot. These features are used to construct a distinct profile to detect the real signal source, even when the attacker is mobile and power-scaling. We implement ScatterID on the iRobot Create platform and evaluate it in typical indoor and outdoor environments. The experimental results show that our system achieves a high AUROC of 0.988 and an overall accuracy of 96.4% for identity verification.

This Innovate Practice Work in Progress paper is about education on Cybersecurity, which is essential in training of innovative talents in the era of the Internet. Besides knowledge and skills, it is important as well to enhance the students' awareness of cybersecurity in daily life. Considering that contactless smart cards are common and widely used in various areas, one basic and two advanced contactless smart card experiments were designed innovatively and assigned to junior students in 3-people groups in an introductory cybersecurity summer course. The experimental principles, facilities, contents and arrangement are introduced successively. Classroom tests were managed before and after the experiments, and a box and whisker plot is used to describe the distributions of the scores in both tests. The experimental output and student feedback implied the learning objectives were achieved through the problem-based, active and group learning experience during the experiments.

The Internet of Things (IoT) is a new paradigm in which every-day objects are interconnected between each other and to the Internet. This paradigm is receiving much attention of the scientific community and it is applied in many fields. In some applications, it is useful to prove that a number of objects are simultaneously present in a group. For example, an individual might want to authorize NFC payment with his mobile only if k of his devices are present to ensure that he is the right person. This principle is known as Grouping-Proofs. However, existing Grouping-Proofs schemes are mostly designed for RFID systems and don't fulfill the IoT characteristics. In this paper, we propose a Threshold Grouping-Proofs for IoT applications. Our scheme uses the Key-Policy Attribute-Based Encryption (KP-ABE) protocol to encrypt a message so that it can be decrypted only if at least k objects are simultaneously present in the same location. A security analysis and performance evaluation is conducted to show the effectiveness of our proposal solution.

Multi-tag identification technique has been applied widely in the RFID system to increase flexibility of the system. However, it also brings serious tags collision issues, which demands the efficient anti-collision schemes. In this paper, we propose a Multi-target tags assignment slots algorithm based on Hash function (MTSH) for efficient multi-tag identification. The proposed algorithm can estimate the number of tags and dynamically adjust the frame length. Specifically, according to the number of tags, the proposed algorithm is composed of two cases. when the number of tags is small, a hash function is constructed to map the tags into corresponding slots. When the number of tags is large, the tags are grouped and randomly mapped into slots. During the tag identification, tags will be paired with a certain matching rate and then some tags will exit to improve the efficiency of the system. The simulation results indicate that the proposed algorithm outperforms the traditional anti-collision algorithms in terms of the system throughput, stability and identification efficiency.

In current, RFID (Radio Frequency Identification) Middleware is widely used in nearly all RFID applications, and provides service for raw data capturing, security data reading/writing as well as sensors controlling. However, as the existing Middlewares were organized with rigorous data comparison and data encryption, it is seriously affecting the usefulness and execution efficiency. Thus, in order to improve the utilization rate of effective data, increase the reading/writing speed as well as preserving the security of RFID, this paper proposed a PSO (Particle swarm optimization) clustering scheme to accelerate the procedure of data operation. Then with the help of PSO cluster, the RFID Middleware can provide better service for both data security and data availability. At last, a comparative experiment is proposed, which is used to further verify the advantage of our proposed scheme.

With the development of scientific information technology, the emergence of the Internet of Things (IOT) promoted the information industry once again to a new stage of economic and technological development. From the perspective of confidentiality, integrity, and availability of information security, this paper analyzed the current state of the IOT and the security threats, and then researched the security primary technologies of the IOT security architecture. IOT security architecture established the foundation for a reliable information security system for the IOT.

Radio frequency identification wireless sensing technology widely adopted and developed from last decade and has been utilized for monitoring and autonomous identification of objects. However, wider utilization of RFID technologies has introduced challenges such as preserving security and privacy of sensitive data while maintaining the high quality of service. Thus, in this work, we will deliberately build up a RFID system by utilizing learning automata based multi agent intelligent system to greatly enhance and secure message transactions and to improve operational efficiency. The incorporation of these two advancements and technological developments will provide maximum benefit in terms of expertly and securely handle data in RFID scenario. In proposed work, learning automata inbuilt RFID tags or assumed players choose their optimal strategy via enlarging its own utility function to achieve long term benefit. This is possible if they transmit their utility securely to back end server and then correspondingly safely get new utility function from server to behave optimally in its environment. Hence, our proposed authentication protocol, expertly transfer utility from learning automata inbuilt tags to reader and then to server. Moreover, we verify the security and privacy of our proposed system by utilizing automatic formal prover Scyther tool.

In recent years, with the rapid development of Internet of things, RFID tags have been widely used, in due to the chip used in radio frequency identification (RFID) tags is more demanding for resources, which also brings a great threat to the safety performance of cryptographic algorithms in differential power analysis (DPA). For this purpose, it is necessary to study the LED lightweight cryptography algorithm of RFID tags in the Internet of things, so as to explore a lightweight and secure cryptographic algorithm which can be applied to RFID Tags. In this paper, through the combination of Piccolo cryptographic algorithm and the new DPA protection technology threshold, we propose a LED lightweight cryptographic algorithm which can be applied to the RFID tag of the Internet of things. With the help of improve d exhaustive search and Boolean expression reconstruction, the two methods share the implementation of the S -box and the InvS-box, thereby effectively solves the burr threat problem of the S-box and the InvS-box in the sharing implementation process, the security performance of the algorithm is evaluated by the DPA attack of FPGA. The results show that the algorithm can achieve lightweight and security performance at the same time, can effectively meet the light and security requirements of RFID tag chip of Internet of things for cryptographic algorithms.

The applications of Radio Frequency Identification (RFID) technology has been rapidly developed to be used in different fields that require automatic identification of objects and managing information. The advantage of employing RFID systems is to facilitate automatic identification of objects from distance without any interaction with tagged objects and without using a line of sight as compared with barcode. However, security and privacy constitute a challenge to RFID system as RFID systems use the wireless communication. Many researchers have introduced elliptical curve cryptographic (ECC) solutions to the security and privacy in RFID system as an ideal cryptosystem to be implemented with RFID technology. However, most of these solutions do not have provide adequate protection. Moreover, in terms of integrity and confidentiality level, most of these authentication protocols still vulnerable to some of security and privacy attacks. Based on these facts, this paper proposes a mutual authentication protocol that aims at enhancing an existing RFID authentication protocol that suffers from tracking attack and man-in-the-middle attack (MITM). The enhancement is accomplished by improving the security and privacy level against MITM, tracking attack and other related attacks. The proposed protocol is dependent on use the elliptical curve version of Schnorr identification protocol in combination with Keccak hash function. This combination leads to enhance the confidentiality and integrity level of the RFID authentication system and increase the privacy protection.

In this paper, we propose a novel PHY layer security technique in radio frequency identification (RFID) backscatter communications system. In order to protect the RFID tag information confidentiality from the eavesdroppers attacks, the proposed technique deploys beam steering (BS) using a one dimensional (1-D) antenna array in the tag side in addition to noise injection from the reader side. The performance analysis and simulation results show that the new technique outperforms the already-existing noise injection security technique and overcomes its design limitations.

With the continuous development of the Internet of Things, intelligent manufacturing has gradually entered the application stage, which urgently needs to solve the problem of information transmission security. In order to realize data security with transmission encryption, the UHF RFID tag based on domestic cryptographic algorithm SM7 is proposed. By writing the anti-counterfeiting authentication identification code when the tag leaves the factory, verifying the identification code when the tag is issued, and using the authentication code of the tag to participate in the sectoral key dispersion, the purpose of data security protection is achieved. Through this scheme, the security of tag information and transmission is guaranteed, and a new idea is provided for the follow-up large-scale extension of intelligent manufacturing.

The security problem of RFID system is a great potential security hazard in its application. Due to the limitation of hardware conditions, traditional public key cryptography can not be directly used in security mechanism. Compared with the traditional RSA public key cryptography, the elliptic curve cryptography has the advantages of shorter key, faster processing speed and smaller storage space, which is very suitable for use in the RFID system.