hh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Evaluating intrusion detection points in an end-to-end solution
Halmstad University, School of Information Technology.
2023 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Evaluating all intrusion detection points in an end-to-end cyber-physical system can be challenging. This master thesis focuses on evaluating the security of the most exposed part of such systems, Radio Frequency Identification (RFID) communication. As both the RFID reader and tag can be located outside of secure premises, RFID communication can be a target of several cyber threats. Common cyber-attacks such as replay attacks, eavesdropping, or tag cloning can be associated with the lack of security of the communication channel between the reader and the tag or flaws of the implemented authentication protocols and encryption algorithms. This thesis briefly summarizes parts 4 and 3 of the ISO/IEC 14443 standard, which specify the initialization, selection, and transmission protocols in high-frequency RFID smart-card and reader communication. A formal security analysis was conducted to evaluate these protocols using a tool called Scyther. Then, an improved authentication protocol was proposed utilizing a commercially available feature, the Random Unique Identifier of the card (RID). The Scyther protocol verification results showed that implementing RID can prevent many RFID attacks such as, eavesdropping or replay attacks, and protect the cardholder's privacy.

Place, publisher, year, edition, pages
2023. , p. 56
Keywords [en]
RFID, Random UID, Mutual Authentication, Scyther
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:hh:diva-50870OAI: oai:DiVA.org:hh-50870DiVA, id: diva2:1771420
External cooperation
Axis Communications
Subject / course
Digital Forensics
Educational program
Master's Programme in Network Forensics, 60 credits
Supervisors
Examiners
Available from: 2023-05-24 Created: 2023-06-20 Last updated: 2023-08-10Bibliographically approved

Open Access in DiVA

fulltext(991 kB)182 downloads
File information
File name FULLTEXT02.pdfFile size 991 kBChecksum SHA-512
e5ae711f3f0bfb6d0f9c66947ebc878546e244cfb4684d2116eac14d486123bb84805c3409724cd3aeee9d5b8e0c8b27305654b7bcd852a6e7d0f324e089f368
Type fulltextMimetype application/pdf

By organisation
School of Information Technology
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 182 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 394 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf