| Radio Frequency Identification(RFID) has such advantages as convenience, high-efficiency, shortcut, therefore, it has been widely used in the application fields like logistics, manufacturing, public information service, etc. Nowadays, RFID has become an important branch of front-end information acquisition technology in the Internet of things, it also has the potential to replace the barcode and occupy more markets. Along with the scale expanding of market application, the security issues of RFID systems receive more and more attentions. Due to the cost control of tags and the corresponding lower performance capabilities, existing mature security solutions cannot be simply applied to RFID systems, which in turn restrict the rapid growth and massive applications on a large scale. How to improve the security capability of RFID applications based on their limited resources is an attractive research topic in recent years. The major research issues of this thesis include attack detection, security assessment and security protection. The main contributions of this thesis are as follows:1. Proposed an attack detection model for RFID systems. This thesis proposes an intrusion detection model based on the evaluations of the existing RFID attacks and the analyses of the attack characters. The proposed model can be used for the security inspection of different RFID communication protocols, therefore has good applicability and expansibility. Two methods are used in this model: Finite-State Machine(FSM) and multi-decision trees. As to the FSM method, an RFID middle-ware is used to compare data stream of attacks so as to extract the feature vectors and establish an FSM for sub-module of invasion data stream. In the multi-decision tree model, four decision trees are established and each decision tree is used to detect a kind of attacks. And those four decision trees can be connected so as to cooperatively detect the corresponding relations of different attacks.2. Proposed a detection algorithm based on the attack graph model. As to the attack graph model which is based on the patterns of privilege escalation, the attack characters can be found by analyzing the attacking data streams. According to studying on the differents attacks, we can clustering attacks into four types and generating four types of attack graphs. By using this model and setting the characters of successive attacks with different privileges, an attack monitoring model has been established and tested.3. Proposed an RFID system security evaluation model based on a combination method. This method combines several existing methods, which include fuzzy comprehensive evaluation method, analytic hierarchy process, cross producing, the gray system forecast model and so on, therefore provides practical values for the risk assessment practioners. The model firstly uses of the DEA algorithm, which is based on the fuzzy comprehensive evaluation method, to evaluate and select risk assessment methods. Secondly, the analytic hierarchy process and DEA algorithm are used for weighting each risk assessment. And finally, a more reasonable risk assessment result is obtained. According to this model, a practical tool and a expert knowledge base for risk assessment of RFID systems have been developed. The developed tools optimize the evaluation process by reducing the work of analyzing and organizing data, thus improve the evaluating performance.4. Proposed an RFID privacy protection protocol. This protocol targets to the privacy protection, authentication, key management and other hot issues involved in RFID systems. Two algorithms, the attribute-based encryption algorithm and the attribute-based proxy re-encryption algorithm, and the corresponding key exchange mechanism are employed by the protocol so that the relative information can be transmitted and shared securely, and their keys can be easily withdrawn or updated. This protocol aims to solve the secure communication between tags and readers. Because of the introduced attributes, the protection of RFID tag messages is enhanced. It also provides fine grained access control for ID and identity attributes.The research topic of this thesis includes attack detection, security assessment and security protection of RFID systems. Because of the fact that these three aspects involves in a wide range of research areas and researches that cover all three three aspects are relative less when comparing with other fields, this thesis is striving to maintain the overall integrity, while putting some priorities to certain issues.
|
PDF Full Text Request