Search Results (5)

Radio Frequency Identification (RFID) technology is widely applied in various scenarios, including logistics tracking, supply chain management, and target monitoring. In these contexts, the malicious cloning of legitimate tag information can lead to sensitive data leakage and disrupt the normal acquisition of tag information by readers, thereby threatening personal privacy and corporate security and incurring significant economic losses. Although some efforts have been made to detect cloning attacks, the presence of missing tags in RFID systems can obscure cloned ones, resulting in a significant reduction in identification efficiency and accuracy. To address these problems, we propose the block-based cloned tag identification (BCTI) protocol for identifying cloning attacks in the presence of missing tags. First, we introduce a block indicator to sort all tags systematically and design a block mechanism that enables tags to respond repeatedly within a block with minimal time overhead. Then, we design a superposition strategy to further reduce the number of verification times, thereby decreasing the execution overhead. Through an in-depth analysis of potential tag response patterns, we develop a precise method to identify cloning attacks and mitigate interference from missing tags in probabilistic cloning attack scenarios. Moreover, we perform parameter optimization of the BCTI protocol and validate its performance across diverse operational scenarios. Extensive simulation results demonstrate that the BCTI protocol meets the required identification reliability threshold and achieves an average improvement of $24.01\%$ in identification efficiency compared to state-of-the-art solutions. Full article

An electric vehicle charging station (EVCS) infrastructure is the backbone of transportation electrification; however, the EVCS has various vulnerabilities in software, hardware, supply chain, and incumbent legacy technologies such as network, communication, and control. These standalone or networked EVCSs open up large attack surfaces for local or state-funded adversaries. The state-of-the-art approaches are not agile and intelligent enough to defend against and mitigate advanced persistent threats (APT). We propose data-driven model-free digital clones based on multiple independent agents deep reinforcement learning (IADRL) that uses the Twin Delayed Deep Deterministic Policy Gradient (TD3) to efficiently learn the control policy to mitigate the cyberattacks on the controllers of EVCS. Also, the proposed digital clones trained with TD3 are compared against the benchmark Deep Deterministic Policy Gradient (DDPG) agent. The attack model considers the APT designed to malfunction the duty cycles of the EVCS controllers with Type-I low-frequency attacks and Type-II constant attacks. The proposed model restores the EVCS operation under threat incidence in any/all controllers by correcting the control signals generated by the legacy controllers. Our experiments verify the superior control policies and actions of TD3-based clones compared to the DDPG-based clones. Also, the TD3-based controller clones solve the problem of incremental bias, suboptimal policy, and hyperparameter sensitivity of the benchmark DDPG-based digital clones, enforcing the efficient mitigation of the impact of cyberattacks on EVCS controllers. Full article

The development of the wireless sensor networks technology commonly named WSNs has been gaining a significantly increased amount of attention from researchers over the last few decades. Its large number of sensor nodes is one of the features that makes it beneficial to the technology. The sensors can communicate with each other to form a network. These sensor nodes are generally used for diverse applications, such as pressure monitoring, fire detection, target tracking, and health monitoring, etc. However, the downside is that WSNs are often deployed in hostile, critical environments where they do not restrain physical access. This reality makes them incredibly vulnerable to clone node attacks or node replication attacks. The adversary can capture the legitimate sensor nodes, extract them and then collect some sensitive information, such as node ID, keys and perform a replication attack. This possibility will afterward facilitate the attacker to be able to take control of the whole network and execute the same functions as that of the authorized nodes. Based on this vulnerability, it is of great importance for researchers to invent a detection protocol for the clone attacks as well as a mitigation method. From all of the researches that have been published, a lot of them proposed some techniques to detect the clone node attacks and also to mitigate the attacks. However, almost none of them semantically focused on the security layer establishment. Based on this fact, we proposed an ontology-based approach Ontology for Replication Attacks in Static Wireless Sensor Networks “ORASWSN”, which can semantically be used for the detection and mitigation of the attacks by taking into consideration the importance of using security layers. Full article

Wireless sensor networks (WSNs) are often deployed in hostile environments, where an adversary can physically capture some of the sensor nodes. The adversary collects all the nodes’ important credentials and subsequently replicate the nodes, which may expose the network to a number of other security attacks, and eventually compromise the entire network. This harmful attack where a single or more nodes illegitimately claims an identity as replicas is known as the node replication attack. The problem of node replication attack can be further aggravated due to the mobile nature in WSN. In this paper, we propose an extended version of multi-level replica detection technique built on Danger Theory (DT), which utilizes a hybrid approach (centralized and distributed) to shield the mobile wireless sensor networks (MWSNs) from clone attacks. The danger theory concept depends on a multi-level of detections; first stage (highlights the danger zone (DZ) by checking the abnormal behavior of mobile nodes), second stage (battery check and random number) and third stage (inform about replica to other networks). The DT method performance is highlighted through security parameters such as false negative, energy, detection time, communication overhead and delay in detection. The proposed approach also demonstrates that the hybrid DT method is capable and successful in detecting and mitigating any malicious activities initiated by the replica. Nowadays, crimes are vastly increasing and it is crucial to modify the systems accordingly. Indeed, it is understood that the communication needs to be secured by keen observation at each level of detection. The simulation results show that the proposed approach overcomes the weaknesses of the previous and existing centralized and distributed approaches and enhances the performance of MWSN in terms of communication and memory overhead. Full article

The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol. Full article