Reseach On Key Technology Of RFID System Security Testing

With the expanding application fields of RFID(Radio Frequency Identification, RFID) technology, more and more RFID applications need a comprehensive evaluation of the safety inspection system to support the security of RFID systems. However, due to the openness of RFID in the original design and various protocol standards are not uniform, how to effectively test RFID system security situation becomes an open issue. Nowadays,most scholars are concentrated about improved security protocols and encryption algorithms, only a small number of scholars concerned to detect attacks on RFID systems from the point of attacker. In order to protect the security of RFID systems, we must study the key technology of RFID security testing to build a platform for RFID testing services.In this paper,we carry out security attacks on RFID systems draw on the idea of traditional network attack graph modeling to detect security vulnerabilities and security research. Finally we designed and developed the RFID security testing tools for the EPC C1G2(EPC Class-1 Generation-2) standard protocol, so that meet the needs to RFID security level detection.This thesis do RFID security detection modeling from the attacker’s point of view,we focus our research work on the following aspects:(1).Proposed RFID security vulnerabilities grading policy based of AHP(Analytic Hierarchy Process).We study the grading structure AHP model, calculate the vulnerability classification table, determine the classification step and so on. According to this strategy we can get a RFID security vulnerability classification table, based on the table can meet the RFID system attack measue classification needs.(2).Proposed RFID security detection scheme based on attack graph model,including divided the attacks into four categories, design attack graph model, formulate attack rules, research and analysis attacker generation algorithm based on privilege escalation etc. And based on standard protocols and nonstandard protocols are discussed in this article to verify the feasibility of the design of RFID attack graph model.(3)Designed and developed the RFID security testing tools. Tools has achieved the standard protocol simulation, attack detection of four types of attacks, attack graph visualization, security level reporting. Fully and effectively tested the attack graph model and the level of security classification strategies and have proved the effectiveness of the safety testing methods, and further demonstrates the practical value of RFID security testing tools.RFID security attack detection model established in this paper have a certain scalability, based on the model can be easily and effectively expand and upgrade the means of attack, which can be further enriched and extended attack test mode.