RFID攻击建模及安全技术研究

发布时间：2018-01-03 22:34

本文关键词：RFID攻击建模及安全技术研究　出处：《电子科技大学》2015年博士论文　论文类型：学位论文

【摘要】：射频识别RFID(Radio Frequency Identification)技术具有使用方便、快捷等优点,在物流、制造和公共信息服务等行业得到广泛的应用。目前已成为物联网前端采集技术中的一个重要分支,并有代替条码占据更多市场之势。随着市场应用规模的扩大,RFID系统的安全性也越来越多地受到关注。由于成本的制约及自身技术的特点,RFID系统与一般的信息系统相比安全问题更为复杂,在一定程度上限制了这一技术的快速发展和大范围推广应用,如何能提高该技术的安全性成为近年来大家关注的热点之一。本文的研究内容涉及攻击检测、安全评估、安全防护,主要创新点如下:1、构建了RFID系统漏洞发掘模型。该模型可以针对不同RFID通信协议进行安全检测,并给出漏洞评估报告,具有良好的适用性、高效性和可扩展性。该模型主要采用两种检测方法:FSM有限状态机方法和基于多决策树的方法。在FSM攻击监测方法中采用了RFID中间件进行攻击数据流比对并提取特征向量,然后对入侵数据流对应子模块的归纳建立FSM。在利用多决策树检测方法时,首先建立四棵决策树,每棵决策树针对一类攻击的入侵检测,然后通过决策树之间的互联,得到针对该RFID系统攻击之间的联系。2、提出了基于权限提升模式的攻击图监测算法。该算法能普遍覆盖市场现有的多种协议标准,具有较强的通用性。论文通过分析攻击数据流找到关键的攻击特征,将成功实现这些攻击特征设定为不同的权限,通过攻击图方法构建出攻击检测算法。经过分析我们将攻击手段聚类成四类,得出四类攻击生成图。该模型能够动态地模拟攻击者可能采取的攻击步骤,直观地体现了RFID系统的安全状态,最后本文还进行了实现和测试。3、提出了基于组合方法的RFID系统安全风险评估模型。该模型利用模糊综合评判法、层次分析法、相乘法、灰色系统预测模型和DEA法等多种方法,为风险评估人员提供了具有实用价值的评估手段。该模型在运用基于模糊综合评价法的DEA算法构建出指标体系的基础上,对多种评估方法进行筛选,再用整体有效的DEA法对各风险评估值赋权并组合,最后得到相对更加科学、合理的风险评估结果。根据该安全评估模型,研发了RFID系统安全风险评估工具,建立了专家知识库,优化了评估过程,使得评估计算过程自动化。从而减少了评估人员数据分析、整理工作量,可以提高风险评估效率。4、提出了一个RFID隐私保护协议。该协议针对RFID系统涉及的多通信环节中的隐私保护、身份认证和密钥管理等热点问题,采用属性加密和代理重加密算法,以及密钥交换机制,解决了协议中密钥交换、属性分配等问题,实现了相关信息的秘密传输和秘密共享,以及对各方用户属性进行撤销,更新等操作。该协议主要解决RFID标签和读写器之间的安全通信,其特点在于属性的引入,使得对RFID标签信息的隐私保护得到增强,以及提供了基于RFID标签的ID和身份属性的细粒度访问控制。本文的研究内容主要包括攻击检测、安全评估、安全防护,由于以上三个方面每一个均涉及广泛的领域,目前有关这三个方面完整的研究资料比较少,在力求保持整体完整性的同时,有所侧重和突破。
[Abstract]:Radio frequency identification RFID (Radio Frequency Identification) technology has the advantages of fast, easy to use, in logistics, manufacturing and public information service industries are widely used. It has become an important branch of data acquisition technology in the Internet of things, and replace the bar code to occupy more market potential. With the expansion of market scale application. The security of the RFID system is also more and more attention. Due to the characteristics of cost control and its technology, the RFID system compared with the general information system security problem is more complex, restricting the rapid development of this technology and the extensive application in a certain extent, how to improve the safety of the technology has become one of the the attention hotspot in recent years. The research content of this paper involves the attack detection, safety assessment, safety protection, the main innovations are as follows: 1, construct the RFID system vulnerabilities mining mode Type. The model can be used for the safety inspection of different RFID communication protocol, and gives the vulnerability assessment report, has good applicability, efficiency and scalability. This model mainly adopts two methods: FSM finite state machine method and method based on decision tree. The attack on the FSM monitoring method using RFID the middleware attack data stream alignment and feature extraction, then the intrusion data stream corresponding sub module is established in FSM. by the induction of decision tree method, built the four decision tree, the invasion of each decision tree for a class of attack detection, and then through the interconnection between the decision tree and get on the RFID attack system contact.2, proposed privilege escalation attack graph based monitoring algorithm. The algorithm can generally cover the market a variety of protocols to existing standards, and has strong versatility. On paper Analysis of attack data stream to find key features of the attacks, these attacks will be successful feature set for different permissions, constructs the attack detection algorithm by attack graph method. Through the analysis we will attack clustered into four categories, the graph obtained four types of attack. The model can dynamically simulate the attack steps the potential attackers, intuitive reflect the safety status of the RFID system, finally the implementation and test of.3, this paper proposed an evaluation model of RFID system security risk based on a combination of methods. The model using fuzzy comprehensive evaluation method, AHP, multiplication, multi method model and DEA method of grey prediction, provide practical value the evaluation method for risk assessment. The model in the use of DEA algorithm based on the fuzzy comprehensive evaluation method is constructed on the basis of the index system, a variety of evaluation methods for the screen Then, the overall effective DEA method of value evaluation and the risk weighting combination, finally get the relatively more scientific and reasonable risk assessment results. According to the model of evaluating the safety and development of RFID system security risk assessment tools, the establishment of expert knowledge base, optimize the evaluation process, the evaluation and calculation process automation to reduce. The data analysis, assessment staff workload, risk assessment can improve the efficiency of.4, proposes a RFID privacy protection protocol. Privacy preserving multi links of the communication protocol for RFID system is involved in the authentication and key management issues, using attribute encryption and proxy re encryption algorithm, and solve the key exchange mechanism the key exchange protocol, attribute distribution and other issues, the secret transmission of relevant information and secret sharing, and to all users attribute undo and update operations. The protocol is mainly to solve the RFID secure communication between the tag and the reader, which is characterized by the introduction of the property, privacy protection of RFID tag information is enhanced, and provides fine-grained access ID and identity tag's RFID attribute based control. The main research contents of this paper include attack detection, safety assessment, safety protection, due to the above three aspects of each covers a wide range of areas, the current research about the three aspects of integrity is relatively small, in keeping the overall integrity at the same time, emphasis and breakthrough.

【学位授予单位】：电子科技大学
【学位级别】：博士
【学位授予年份】：2015
【分类号】：TP391.44;TP309

【相似文献】