Fig 3 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
Internet of things (IoT) is made up of many devices like sensors, tags, actuators, mobile devices, and many more. These devices interact with each other without human interaction. Radio-frequency identification (RFID) devices are used to track people, assets, objects, etc. Along with the small memory capacity and low-power battery issues, these dev...
Context in source publication
Citations
... Security and privacy: This value indicates how well a WS node can detect the information at the user's end and how safely it may send sensing data. The growing populism of WS nodes is creating worries about end-user data privacy and security [28]. With the lack of security standards, there is a significant gap in the security and privacy of WS devices. ...
... In general, RFID suffers from inflexibility issues, as usually, the readers ought to be fixed in place. Moreover, and more precisely, commercial devices are expensive to re-design or reproduce since they come as a black box with limited information [7]; at this point, manufacturers restrict users' ability to make profound changes. Furthermore, message collisions can be spotlighted as another challenge that can reduce the system's efficiency, since the same communication channel is used by the diverse tags utilized. ...
... Here, circumventing the security mechanisms utilized is the main objective of the counterfeiting threat [10]. • Eavesdropping: This attack is based on saving the read intercepted communication with the intention to be re-used for analysis and as a baseline for another type of attack such as tag cloning attacks [7]. ...
... • Tags cloning: Its major purpose is to duplicate a reliable tag as a copy to be used for unauthorized access to the reader's information with the intention of extracting data to be stored in another tag. Tag cloning leads to several damages such as the manufacturer's reputation and some serious financial losses [7]. • Physical attacks: Its main concern is to tamper with the tag physically by damaging one of its components or disrupting its normal performance by glitching the tag's clock or changing the transmitted radio frequencies, and we can mention side channel and timing attacks [10]. ...
The Internet of Things (IoT) concept is tremendously applied in our current daily lives. The IoT involves Radio Frequency Identification (RFID) as a part of the infrastructure that helps with the data gathering from different types of sensors. In general, security worries have increased significantly as these types of technologies have become more common. For this reason, manifold realizations and studies have been carried out to address this matter. In this work, we tried to provide a thorough analysis of the cryptography-based solutions for RFID cards (MIFARE cards as a case study) by performing a Systematic Literature Review (SLR) to deliver the up-to-date trends and outlooks on this topic.
... A tag contains an integrated circuit (IC) attached to an antenna that is used to transmit a signal and communicate with a reader when in its proximity. RFID provides the ability to identify objects in the neighbourhood of a reader, unlike barcodes [23] which must be in direct sight of a barcode scanner. RFID systems operate by affixing a small tag to an object so that the object can be identified when it comes within the range of a reader. ...
... Concomitant with the IoT [24], the MIoT also inherits the associated security risks [23] that come with an interconnected world of more than 12 billion devices, as of 2021 [25]. As a result, the security landscape has drastically changed and continues to do so. ...
The maritime sector employs the Internet of Things (IoT) to exploit many of its benefits to maintain a competitive advantage and keep up with the growing demands of the global economy. The maritime IoT (MIoT) not only inherits similar security threats as the general IoT, it also faces cyber threats that do not exist in the traditional IoT due to factors such as the support for long-distance communication and low-bandwidth connectivity. Therefore, the MIoT presents a significant concern for the sustainability and security of the maritime industry, as a successful cyber attack can be detrimental to national security and have a flow-on effect on the global economy. A common component of maritime IoT systems is Radio Frequency Identification (RFID) technology. It has been revealed in previous studies that current RFID authentication protocols are insecure against a number of attacks. This paper provides an overview of vulnerabilities relating to maritime RFID systems and systematically reviews lightweight RFID authentication protocols and their impacts if they were to be used in the maritime sector. Specifically, this paper investigates the capabilities of lightweight RFID authentication protocols that could be used in a maritime environment by evaluating those authentication protocols in terms of the encryption system, authentication method, and resistance to various wireless attacks.
... The radiofrequency wireless link is the first link that could be attacked. The security of radiofrequency identification devices has been a research topic since the early 2000s [52], and several reviews have investigated it, including scientometric analyses on research trends [52] and existing challenges [53]. Several attacks can indeed be performed at this level, for instance, skimming through the establishment of a hidden communication link by a malicious reader concealed to the PoC users, or eavesdropping on the tag-reader communications, possibly through side-channel attacks [54]. ...
Points-of-care (PoCs) augment healthcare systems by performing care whenever needed and are becoming increasingly crucial for the well-being of the worldwide population. Personalized medicine, chronic illness management, and cost reduction can be achieved thanks to the widespread adoption of PoCs. Significant incentives for PoCs deployment are nowadays given by wearable devices and, in particular, by RFID (RadioFrequency IDentification) and NFC (Near Field Communications), which are rising among the technological cornerstones of the healthcare internet of things (H-IoT). To fully exploit recent technological advancements, this paper proposes a system architecture for RFID- and NFC-based PoCs. The architecture comprises in a unitary framework both interfaces to benefit from their complementary features, and gathered data are shared with medical experts through secure and user-friendly interfaces that implement the Fast Health Interoperability Resource (FHIR) emerging healthcare standard. The selection of the optimal UHF and NFC components is discussed concerning the employable sensing techniques. The secure transmission of sensitive medical data is addressed by developing a user-friendly "PoC App" that is the first web app exploiting attribute-based encryption (ABE). An application example of the system for monitoring the pH and cortisol levels in sweat is implemented and preliminarily tested by a healthy volunteer.
... Several works with various approaches have been done towards automating and tracking class attendance. Fingerprint and Radio Frequency Identification (RFID) techniques were explored by (Huang et al., 2022;Kumar et al., 2021). The system uses RFID tags and readers to initialize the attendance tracking process and uses the fingerprint of the user to authenticate the user and the record is stored in a Secure Digital (SD) card. ...
Lecture attendance management is usually tedious, and time-consuming and may be prone to errors or manipulations when done manually. Hence, in this work, a web application called RollCall was developed and tested, for use by both students and lecturers in the Faculty of Engineering at the University of Ilorin as a model to manage attendance. The system manages attendance by allowing the lecturers to create courses, and take and retrieve attendance records for the courses created. Student functionalities include uploading their face data, enrolling for courses, and retrieving attendance records for the courses in which they enrolled. Attendance is marked through face recognition technology implemented with Python, OpenCV and Sci-kit Learn. The web interface was implemented using HTML5, Twitter Bootstrap CSS framework and JavaScript. The findings revealed that RollCall effectively streamlined attendance management, making it easier for both students and lecturers to keep track of attendance records. The web application is user-friendly and enhances the overall academic experience by improving the accuracy and efficiency of attendance management.
... Thereby, cloning the tag. (Kumar et al, 2021) ...
The development of anti-poaching networks and systems has created a new environment for animals in game reserves all over the world. Advanced technologies such as heat sensors, drones, and trip wires help prevent poachers from entering the property and therefore, creating a safer environment for animals to roam freely. Radio frequency identification (RFID) systems are used to track the location of animals. These networks are, however, susceptible to being hacked if not properly protected with cybersecurity tools, resulting in cyber-criminals gaining access into the network. Many attacks or threats can be executed on the RFID network due to some exposed vulnerabilities of elements within the anti-poaching network. The purpose of this paper is to explore the empirical methods of common attacks, used by cyber-criminals, to attack the anti-poaching network, and whether these methods used are effective in identifying weaknesses within the network. This will be executed by creating an experimental structure of the anti-poaching system with a specialised focus on the RFID elements, using quantitative research methods to produce findings. GNS3, an open-source software application that has specifically been chosen to conduct this research, is used to build the network simulation in order to analyse the weaknesses of the network. Cybersecurity protocols are implemented to protect the network and aim to protect the animals. The attacks performed, such as Flood and Scapy attacks, have shown that the anti-poaching network is vulnerable to penetration from cyber-criminals. A hypothesis test was conducted to determine whether the attacks had a significant effect on the network, by using the average ping time from specific nodes to Google. It was found that the average ping time increased by 2.0020 units, therefore stating that the elements of the network were successfully attacked. The fault tolerance test shows that the availability of the anti-poaching network is roughly 90 percent which concludes that the network is configured to deliver quality performance and handle failures, should there be any intervention. This will allow game reserves to implement and have information on a better and safer RFID system for the animals.
... RFID tags consists of a small microchip which, depending on the type, usually store not more than two KB of data (Kumar et al., 2021). Information from these tags can be read from a wide range of distance, e.g. ...
This thesis addresses the pressing issue of Mining Influenced Water (MIW), including acid mine drainage (AMD), which poses a threat to mining communities in South Africa and beyond. Proper treatment of MIW before discharge into water courses for potential domestic and industrial use is crucial. However, mine water quality changes over time and can be unpredictable without appropriate techniques. The study introduces the use of artificial intelligence (AI) and the Internet of Things (IoT) to optimize mine water management. Divided into four sections, the research explores IoT techniques using RFID technology for mine water sampling, including the development of the eMetsi system for efficient data exchange. The second and third sections focus on AI-supported prediction and forecasting of mine water parameters using hybrid intelligent models, incorporating LSTM, gradient boosting regression tree, random forest regression tree, and other models to predict and forecast MIW parameters like electrical conductivity and pH. The final section introduces a machine learning graphical user interface (GUI) for streamlined model development and data visualization. Overall, these techniques aim to enhance the efficiency of mine water treatment plants and can be applied to optimize wastewater treatment plants as well, facilitating better planning for chemical, electrical, and operational requirements in managing MIW.
... The radiofrequency wireless link is the first link that could be attacked. The security of radiofrequency identification devices has been a research topic since the early 2000s [52], and several reviews have investigated it, including scientometric analyses on research trends [52] and existing challenges [53]. Several attacks can indeed be performed at this level, for instance, skimming through the establishment of a hidden communication link by a malicious reader concealed to the PoC users, or eavesdropping on the tag-reader communications, possibly through side-channel attacks [54]. ...
Points-of-care (PoCs) augment healthcare systems by performing care whenever needed and are becoming increasingly crucial for the well-being of the worldwide population. Personalized medicine, chronic illness management, and cost reduction can be achieved thanks to the widespread adoption of PoCs. Significant incentives for PoCs deployment are nowadays given by wearable devices and, in particular, by RFID (RadioFrequency IDentification) and NFC (Near Field Communications), which are rising among the technological cornerstones of the healthcare internet of things (H-IoT). To fully exploit recent technological advancements, this paper proposes a system architecture for RFID-and NFC-based PoCs. The architecture comprises in a unitary framework both interfaces to benefit from their complementary features, and gathered data are shared with medical experts through secure and user-friendly interfaces that implement the Fast Health Interoperability Resource (FHIR) emerging healthcare standard. The selection of the optimal UHF and NFC components is discussed concerning the employable sensing techniques. The secure transmission of sensitive medical data is addressed by developing a user-friendly "PoC App" that is the first web app exploiting attribute-based encryption (ABE). An application example of the system for monitoring the pH and cortisol levels in sweat is implemented and preliminarily tested by a healthy volunteer.
... Tables 2 and 3 provide a comprehensive review of relevant studies focused on techniques utilized for the detection and prevention of malware. The article in [25] examines three main approaches to identifying and combating malware: signature based detection, behavior based detection, and specification based detection. It then focuses on the use of artificial immune systems (AIS) as a lightweight and adaptable technique for preventing malware in IoT networks. ...
Radio frequency identification (RFID) is a technology that uses electromagnetic waves (EMW) to send, process, and store data by using a built-in integrated circuit and antenna. However, its susceptibility to malware attacks poses a threat to data privacy and system performance. Thus, there is a need to develop techniques to protect RFID systems from malware injection and improve efficiency through spectrum optimization. An approach for improving the efficiency and data privacy of RFID systems operating in the UHF band is proposed for multiple data rates of 160, 256, 320, and 640 kbps. Firstly, a method is introduced for reconstructing regular data in a malware-free RFID system with optimized spectrum usage, which reaches up to 50% of the total spectrum and improves efficiency. Secondly, a spectrum injection-based approach (SIBA) is proposed by incorporating a bandpass filtering (BPF) technique to inject the missing spectrum of regular data with a portion of the malware-injected data spectrum. This approach results in faster and more precise data reconstruction with higher accuracy and overcomes the malware. A noise reduction technique based on BPF is also proposed to reduce the noise effects and enhance the accuracy of data reconstruction at different signal-to-noise ratio (SNR) levels. This technique is evaluated through extensive analysis with various metrics such as reconstruction accuracy, robustness to noise, BUF, and computational complexity, making it suitable for resource-constrained environmental settings. These approaches address the challenges of malware injection and spectrum optimization, resulting in more efficient and secure RFID systems.
... Existing literature in the RFID and NFC security is largely application-independent [31][32][33][34][35][36] and does not consider the peculiarities of the healthcare domain. Thus, published papers either detail specific attacks [37][38][39] or develop advanced defenses [40][41][42]. ...
... Since RFID is a pervasive technology that is commonly widespread, many reviews comprehensively investigate the topic of its security for generic applications, as, for instance [31][32][33]. However, H-IoT systems based on radiofrequency identification have gained momentum for innumerable uses, so specific security and privacy concerns that are still unaddressed have been raised [56]. ...
World population and life expectancy have increased steadily in recent years, raising issues regarding access to medical treatments and related expenses. Through last-generation medical sensors, NFC (Near Field Communication) and radio frequency identification (RFID) technologies can enable healthcare internet of things (H-IoT) systems to improve the quality of care while reducing costs. Moreover, the adoption of point-of-care (PoC) testing, performed whenever care is needed to return prompt feedback to the patient, can generate great synergy with NFC/RFID H-IoT systems. However, medical data are extremely sensitive and require careful management and storage to protect patients from malicious actors, so secure system architectures must be conceived for real scenarios. Existing studies do not analyze the security of raw data from the radiofrequency link to cloud-based sharing. Therefore, two novel cloud-based system architectures for data collected from NFC/RFID medical sensors are proposed in this paper. Privacy during data collection is ensured using a set of classical countermeasures selected based on the scientific literature. Then, data can be shared with the medical team using one of two architectures: in the first one, the medical system manages all data accesses, whereas in the second one, the patient defines the access policies. Comprehensive analysis of the H-IoT system can be useful for fostering research on the security of wearable wireless sensors. Moreover, the proposed architectures can be implemented for deploying and testing NFC/RFID-based healthcare applications, such as, for instance, domestic PoCs.
