RFID systems are one of the important techniques that have been used in modern technologies; these
systems rely heavily on default and random passwords. Due to the increasing use of RFID in various
industries, security and privacy issues should be addressed carefully as there is no efficient way to achieve
security in this technology. Some active tags are low cost and basic tags cannot use standard cryptographic
operations where the uses of such techniques increase the cost of these cards. This paper sheds light on the
weaknesses of RFID system and identifies the threats and countermeasures of possible attacks. For the
sake of this paper, an algorithm was designed to ensure and measure the strength of passwords used in the
authentication process between tag and reader to enhance security in their communication and defend
against brute-force attacks. Our algorithm is design by modern techniques based on entropy, password
length, cardinality, Markov-model and Fuzzy Logic
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Editor IJMTER
To provide security to network we use existing Intrusion Detection System(IDS) for
identification of known attack with low false alarm,but it is not working when unknown attacks
occurs so to identify unknown attacks we use Anomaly based IDS(ADS) with high false alarm.
HIDS is the combination of IDS and ADS with their advantages for identification of known as well
as unknown attack.IDS used signature based model to identify known attack and ADS used anomaly
based model for identification of unknown attack.HIDS used internet episode rules for identify
known as well as unknown attacks.
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIESIJNSA Journal
In this paper, we examined the effect on network performance of the various strategies an attacker could adopt to launch Man-In The Middle (MITM) attacks on the wireless network, such as fleet or random strategies. In particular, we're focusing on some of those goals for MITM attackers - message delay, message dropping. According to simulation data, these attacks have a significant effect on legitimate nodes in the network, causing vast amounts of infected packets, end-to-end delays, and significant packet loss.
DYNAMIC IDP SIGNATURE PROCESSING BY FAST ELIMINATION USING DFAIJNSA Journal
Intrusion Detection & Prevention Systems generally aims at detecting / preventing attacks against Information systems and networks. The basic task of IDPS is to monitor network & system traffic for any malicious packets/patterns and hence to prevent any unwarranted incidents which leads the systems to insecure state. The monitoring is done by checking each packet for its validity against the signatures formulated for identified vulnerabilities. Since, signatures are the heart & soul of an Intrusion Detection and Prevention System (IDPS), we, in this paper, discuss two methodologies we adapted in our research effort to improve the current Intrusion Detection and Prevention (IDP) systems. The first methodology RUDRAA is for formulating, verifying & validating the potential signatures to be used with IDPS. The second methodology DSP-FED is aimed at processing the signatures in less time with our proposed fast elimination method using DFA. The research objectives of this project are 1) To formulate & process potential IPS signatures to be used with Intrusion prevention system. 2) To propose a DFA based approach for signature processing which, upon a pattern match, could process the signatures faster else could eliminate it efficiently if not matched
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Self Adaptive Automatch Protocol for Batch Identification Mechanism in Wirele...IRJET Journal
This document discusses a self-adaptive automatch protocol for batch identification in wireless mobile networks. It proposes two algorithms, Condensed Binary Identification (CBI) and Multiple Rounds Identification (MRI), to improve the performance of identifying invalid signatures when batch verification fails at the receiver or sink node. The system forms nodes, transmits encrypted messages through intermediate nodes which may include attackers, and uses the sink node to perform batch verification and identify invalid signatures using the most suitable identification algorithm based on the transaction history of attackers.
Both mobile operators and cybercriminals make heavy use of the SS7 protocol on previous-generation networks.
SS7 is old and vulnerable to attacks, yet will underpin the advanced networks of tomorrow. Learning more about SS7 is mission-critical for securing increasingly complex environments.
Watch the webinar to learn all about the ins and outs of SS7 for a smooth transition to 5G!
Our premium SS7 Security Analysis Report serves as a valuable knowledge base for cybersecurity specialists and network experts as they prepare for the security challenges of 2020. To access the report, go to: https://positive-tech.com/research/ss7-network-security-analysis-2020/
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
This document summarizes a research paper that proposes using mobile agents to improve intrusion detection systems. The paper presents an architecture for an intrusion detection system that uses mobile agents to autonomously collect intrusion-related information from systems on a network. Information collector agents gather data, while chasing agents work to trace the path of intrusions and locate their origin. The paper evaluates this approach and discusses how mobile agents can enhance intrusion detection through their mobility and autonomous functionality.
In this abstract, we analyze the state of the art of end-to-end security Instant Messaging applications.
This includes the applications' network architectures, current and future challenges, and potential legal and social impact.
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET Journal
The document proposes a new system called PhishDect and Mitigator to detect and mitigate phishing attacks using software-defined networking (SDN). It uses deep packet inspection techniques and a convolutional neural network (CNN) to classify phishing signatures. Traffic is directed through either a "store and forward" or "forward and inspect" mode. In store and forward mode, packets are stored and inspected before forwarding. In forward and inspect mode, packets are forwarded first and then a copy is inspected. The system aims to overcome limitations of existing phishing detection methods.
A Study on Recent Trends and Developments in Intrusion Detection SystemIOSR Journals
This document discusses recent trends and developments in intrusion detection systems. It covers several topics:
- Artificial intelligence and machine learning techniques like neural networks, genetic algorithms, and fuzzy logic can be applied to intrusion detection to improve detection capabilities.
- There are different types of intrusion detection systems, including network-based, host-based, and wireless intrusion detection. Signature-based and anomaly-based detection are also discussed.
- Popular open source intrusion detection tools like Snort are discussed as alternatives to commercial intrusion prevention systems for some organizations.
- Intrusion prevention systems not only detect attacks but can also block attacks in real-time, providing an enhanced level of protection over intrusion
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsEditor IJCATR
Due to extensive growth of the Internet and increasing availability of tools and methods for intruding and attacking
networks, intrusion detection has become a critical component of network security parameters. TCP/IP protocol suite is the defacto
standard for communication on the Internet. The underlying vulnerabilities in the protocols is the root cause of intrusions. Therefor
Intrusion detection system becomes an important element in network security that controls real time data and leads to huge
dimensional problem. Processing large number of packets and data in real time is very difficult and costly. Therefor data preprocessing
is necessary to remove redundant and unwanted information from packets and clean network data. Here, we are focusing on
two important aspects of intrusion detection; one is accuracy and other is performance. The layered approach of TCP/IP model can be
applied to packet pre-processing to achieve early and faster intrusion detection. Motivation for the paper comes from the large impact
data preprocessing has on the accuracy and capability of anomaly-based NIPS. In this paper it is demonstrated that high attack
detection accuracy can be achieved by using layered approach for data preprocessing in Internet. To reduce false positive rate and to
increase efficiency of detection, the paper proposed framework for preprocessing in intrusion prevention system. We experimented
with real time network traffic as well as he KDDcup99 dataset for our research.
The intention behind writing this paper on this subject is to anticipate IT students or novice in the field of data communication and network security about spoofing attacks, how vulnerable and the prevention from the attacks. Nowadays, several malicious attacks and contents are found on the internet. So, to overcome the probability of risk, it is must be implemented to prevent the end user from these. IP address spoofing is basically a technique to alter spoof the packets of original source address in the header section intended to compromise or retrieve sensitive information from another trusted host or a machine. The meaning of spoofing is to provide the false information, in the area network security and it comprises of many types which includes IP ADDRESS SPOOFING E MAIL SPOOFING WEB SPOOFING ARP ADDRESS RESOLUTION PROTOCOL SPOOFING Mr. Satish Bharadwaj | Prof. Abhijit Desai "IP Spoofing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-6 , October 2020, URL: https://www.ijtsrd.com/papers/ijtsrd33246.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-security/33246/ip-spoofing/mr-satish-bharadwaj
Mobile operators across the globe have already started to roll out their 5G. It is here to stay and so security should be kept it mind ensuring the industry learns from the lessons of previous generous networks.
In 2020 our PT Telecom Attack Discovery (PT TAD) 5G-ready next-generation signaling firewall scored no. 1 on the security market.* Want to find out the reasons behind this accolade, then watch the record of our webinar to learn about an effective approach towards signaling security in the era of 5G.
During the live session Positive Technologies’ experts - Kirill Puzankov, Product Manager and Jimmy Jones, security telecoms expert:
explained how to implement security for Core networks quickly, efficiently and with fewer efforts
showed a demo on how telecom operators could withstand an attack or malicious actions using our next-generation Telecom Attack Discovery signaling Firewall
provided statistics and key trends in signaling security.
* According to ROCCO Signalling Firewall Vendor Performance Report 2020. https://positive-tech.com/research/rocco-report-2020/
Follow us on LinkedIn to keep up with our upcoming webinars and events: https://www.linkedin.com/company/positive-tech/
AVAILABILITY ASPECTS THROUGH OPTIMIZATION TECHNIQUES BASED OUTLIER DETECTION ...IJCNCJournal
Radio Frequency IDentification (RFID) and Wireless Sensor Networks (WSN) are the two most prominent wireless technologies for implementing a complete smart environment for the Internet of Things (IoT). Both RFID and WSN are resource constraint devices, which forces us to go for lightweight cryptography for security purposes. Security in terms of confidentiality, integrity, authentication, authorization, and
availability. Key management is one of the major constraints for resource constraint mobile sensor devices. This work is an extension of the work done by Kumar et al. using efficient error prediction and limit of agreement for anomaly score. This work ensures cryptographic property, availability, in RFID-WSN
integrated network through outlier detection mechanism for 50 to 5000 nodes network. Through detection ratios and anomaly scores system is tested against outliers. The proposed outlier detection mechanism identifies the inliers and outliers through anomaly score for protection against Denial-of-Service (DoS)
attack. Intruders can be detected in few milliseconds without giving any conflict to the access rights. In terms of throughput, a minimum improvement of 6.2% and a maximum of 219.9% is observed for the proposed protocol as compared to Kumar et al. Protocol and in terms of percentage of Packet Delivery Ratio (PDR), a minimum improvement of 8.9% and a maximum of 19.5% is observed for the proposed protocol as compared
to Kumar et al. protocol.
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection
system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
Nowadays mobile networks are the most dynamic part of critical communication infrastructures and the key instrument used to perform daily activities ranging from voice and text messaging to providing signaling for emergency services and critical infrastructure.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...IRJET Journal
This document presents a proposed system for detecting victim systems in client networks using a coarse-grained botnet algorithm. The system uses a two-stage approach: 1) the primary stage detects and collects network anomalies related to botnets; 2) the second stage identifies bots and blocks them from entering the receiver end, identifying bot sender IP addresses. The system implements a scanner to identify bot files, scanning incoming files in both the sender and receiver ends if protection mode is enabled. This avoids intrusions and blocks unauthorized users from accessing the application. The proposed system can help avoid botnet infections spreading in client networks.
In recent years, wireless sensor network (WSN) is used in several application areas resembling observance, tracking, and dominant in IoTs. for several applications of WSN, security is a crucial demand. However, security solutions in WSN disagree from ancient networks because of resource limitation and process constraints. This paper analyzes security solutions: TinySec, IEEE 802.15.4, SPINS, MiniSEC, LSec, LLSP, LISA, and LISP in WSN. This paper additionally presents characteristics, security needs, attacks, cryptography algorithms, and operation modes. This paper is taken into account to be helpful for security designers in WSNs.
Very often a lot of vehicles carry the illegal or very valuable goods and they do not have owner’s permission to unload them. In such situations, it is proposed to monitor vehicle transit via GPS tracking system. To guarantee appropriate and well-timed reaction to the interfering vehicle introductions, containers are well-appointed with the mobile GPS device and GSM modem. Furthermore door opening sensor is fixed secretly in the container. GPS device preoccupies the synchronization of container and transmissions of the information to the chief server via GSM network at static pauses. The employer can associate to the graphic user interface and monitor container traffic along with door status (was opened or not) with any computer, linked to the Internet & GSM network. Whether or not the door is opened, the alert, self-possessed of exact time, organizes and sent to the user’s mobile number.
Keywords: GPS, microcontroller, PIC 18, sensor.
With a growing selection of antenna choices and sensor ICs, SMARTRAC’s sensor tag and inlay family offers state-of-the-art products with great flexibility to accurately measure moisture and temperature conditions in industrial, healthcare and many other applications.
Sensor inlays and tags are passive UHF inlays equipped with RFMicron’s Magnus® IC family. These RFID sensor inlays offer great performance, and are a perfect choice where moisture and temperature detection is an important requirement. Their specific antenna design acts as a resistor/inductor/capacitor (RLC) tuned circuit to enable an antenna to sense its environment. The antenna converts environmental data into an impedance change, and the sensor tag IC translates this into a sensor code, as it dynamically matches antenna impedance to die impedance.
These single-chip sensor inlay and tag solutions are cost-efficient and easy to implement, and work on different surface materials ranging from textiles to metal parts to construction materials. They can be deployed where active or semi-active sensors are not practical, and involve no battery maintenance, costs or problems with product lifetime or recycling. Delivery formats are dry and wet to suit all converting-industry needs.
Apresentação sobre Indústria 4.0 demonstrando as tecnologias mais utilizadas, os conceitos, as aplicações, exemplos de utilização, abrangência no dia a dia e perfil do profissional desejado pelas indústrias.
IMAGE BASED RECOGNITION - RECENT CHALLENGES AND SOLUTIONS ILLUSTRATED ON APPL...mlaij
This document summarizes recent challenges and solutions in image-based recognition, illustrated through applications in analyzing mineral aggregates and wheat samples. It describes the full process of technical recognition, including image acquisition, preprocessing, segmentation of individual objects, feature extraction, and classification. Segmentation is a particular challenge for samples viewed "compactly" without separation; the authors present a two-step segmentation method using thresholding and model-based post-processing. Feature selection and classifier optimization are also discussed to reduce dimensionality and overfitting issues common to natural materials. Real-time computation of complex recognition problems is now possible using modern processors and graphics processing units.
A HYBRID APPROACH COMBINING RULE-BASED AND ANOMALY-BASED DETECTION AGAINST DD...IJNSA Journal
We have designed a hybrid approach combining rule-based and anomaly-based detection against DDoS
attacks. In the approach, the rule-based detection has established a set of rules and the anomaly-based
detection use one-way ANOVA test to detect possible attacks. We adopt TFN2K (Tribe Flood, the Net 2K)
as an attack traffic generator and monitor the system resource of the victim like throughput, memory
utilization, CPU utilization consumed by attack traffic. Target users of the proposed scheme are data
center administrators. The types of attack traffic have been analysed and by that we develop a defense
scheme. The experiment has demonstrated that the proposed scheme can effectively detect the attack traffic.
AN APPORACH FOR SCRIPT IDENTIFICATION IN PRINTED TRILINGUAL DOCUMENTS USING T...ijaia
In this work, we review the outcome of texture features for script classification. Rectangular White Space
analysis algorithm is used to analyze and identify heterogeneous layouts of document images. The texture
features, namely the color texture moments, Local binary pattern (LBP) and responses of Gabor, LM-filter,
S-filter, R-filter are extracted, and combinations of these are considered in the classification. In this work,
a probabilistic neural network and Nearest Neighbor are used for classification. To corrabate the
adequacy of the proposed strategy, an experiment was operated on our own data set. To study the effect of
classification accuracy, we vary the database sizes and the results show that the combination of multiple
features vastly improves the performance.
MODELING, IMPLEMENTATION AND PERFORMANCE ANALYSIS OF MOBILITY LOAD BALANCING ...IJCNCJournal
We propose in this paper a simulation implementation of Self-Organizing Networks (SON) optimization
related to mobility load balancing (MLB) for LTE systems using ns-3 [1]. The implementation is achieved
toward two MLB algorithms dynamically adjusting handover (HO) parameters based on the Reference
Signal Received Power (RSRP) measurements. Such adjustments are done with respect to loads of both an
overloaded cell and its cells’ neighbours having enough available resources enabling to achieve load
balancing. Numerical investigations through selected key performance indicators (KPIs) of the proposed
MLB algorithms when compared with another HO algorithm (already implemented in ns-3) based on A3
event [2] highlight the significant MLB gains provided in terms global network throughput, packet loss rate
and the number of successful HO without incurring significant overhead.
FLEXIBLE VIRTUAL ROUTING FUNCTION DEPLOYMENT IN NFV-BASED NETWORK WITH MINIMU...IJCNCJournal
In a conventional network, most network devices, such as routers, are dedicated devices that do not
have much variation in capacity. In recent years, a new concept of Network Functions
Virtualisation (NFV) has come into use. The intention is to implement a variety of network functions
with software on general-purpose servers and this allows the network operator to select any
capabilities and locations of network functions without any physical constraints.
This paper focuses on the deployment of NFV-based routing functions which are one of critical
virtual network functions, and present the algorithm of virtual routing function allocation that
minimize the total network cost. In addition, this paper presents the useful allocation policy of
virtual routing functions, based on an evaluation with a ladder-shaped network model. This policy
takes the ratio of the cost of a routing function to that of a circuit and traffic distribution in the
network into consideration. Furthermore, this paper shows that there are cases where the use of
NFV-based routing functions makes it possible to reduce the total network cost dramatically, in
comparison to a conventional network, in which it is not economically viable to distribute smallcapacity
routing functions
A FRAMEWORK FOR INTEGRATING USABILITY PRACTICES INTO SMALL-SIZED SOFTWARE DEV...ijseajournal
Usability now appears to be a highly important attribute for software quality; it is a critical factor that
needs to be considered by every software-development organization when developing software to improve
customer satisfaction and increase competition in the market. There exists a lack of a reference model or
framework for small-sized software-development organizations to indicate which usability practices should
be implemented, and where in the system-development life cycle they need to be considered. We offer
developers who have the objective of integrating usability practices into their development life cycle a
framework that characterizes 10 selected user-centered design (UCD) methods in relation to five relevant
criteria based on some ISO factors that have an effect on the selection of methods (ISO/TR16982). The
selection of the methods for inclusion in the framework responds to these organizations’ needs; and we
selected basic methods that are recommended, cost-effective, simple to plan and apply, and easy to learn by
developers; and which can be applied when time, resources, skills, and expertise are limited. We favor
methods that are generally applicable across a wide range of development environments. The selected
methods are organized in the framework according to the stages in the development process where they
might be applied. The only requirement for the existing development life cycle is that it to be based on an
iterative approach.
COLOR IMAGE ENCRYPTION BASED ON MULTIPLE CHAOTIC SYSTEMSIJNSA Journal
This document proposes a novel color image encryption scheme based on multiple chaotic systems. The scheme utilizes the ergodic properties of chaotic systems to perform pixel permutation and applies a substitution operation to achieve diffusion. In the permutation stage, two generalized Arnold maps are used to generate hybrid chaotic sequences to permute pixel positions. In the diffusion stage, four pseudo-random gray value sequences generated by another generalized Arnold map are used to diffuse the permuted image via bitwise XOR operations. Security analysis shows the scheme has a large key space and is highly secure against statistical attacks, differential attacks, and chosen/known plaintext attacks.
The document describes a machine learning toolbox developed using Python that implements and compares several supervised machine learning algorithms, including Naive Bayes, K-nearest neighbors, decision trees, SVM, and neural networks. The toolbox allows users to test algorithms on various datasets, including Iris and diabetes data, and compare the accuracy results. Testing on these datasets showed Naive Bayes and K-nearest neighbors had the highest average accuracy rates, while neural networks and decision trees showed more variable performance depending on parameters and dataset splits. The toolbox is intended to help users evaluate which algorithms best fit their datasets.
MODEL DRIVEN WEB APPLICATION DEVELOPMENT WITH AGILE PRACTICESijseajournal
Model driven development is an effective method due to its benefits such as code transformation, increasing
productivity and reducing human based error possibilities. Meanwhile, agile software development
increases the software flexibility and customer satisfaction by using iterative method. Can these two
development approaches be combined to develop web applications efficiently? What are the challenges and
what are the benefits of this approach? In this paper, we answer these two crucial problems; combining
model driven development and agile software development results in not only fast development and
easiness of the user interface design but also efficient job tracking. We also defined an agile model based
approach for web applications whose implementation study has been carried out to support the answers we
gave these two crucial problems.
OPTIMIZATION OF NEURAL NETWORK ARCHITECTURE FOR BIOMECHANIC CLASSIFICATION TA...ijaia
Electromyogram signals (EMGs) contain valuable information that can be used in man-machine interfacing between human users and myoelectric prosthetic devices. However, EMG signals are
complicated and prove difficult to analyze due to physiological noise and other issues. Computational
intelligence and machine learning techniques, such as artificial neural networks (ANNs), serve as powerful
tools for analyzing EMG signals and creating optimal myoelectric control schemes for prostheses. This
research examines the performance of four different neural network architectures (feedforward, recurrent,
counter propagation, and self organizing map) that were tasked with classifying walking speed when given
EMG inputs from 14 different leg muscles. Experiments conducted on the data set suggest that self
organizing map neural networks are capable of classifying walking speed with greater than 99% accuracy.
GAME THEORY BASED INTERFERENCE CONTROL AND POWER CONTROL FOR D2D COMMUNICATIO...IJCNCJournal
With the current development of mobile communication services, people need personal communication of
high speed, excellent service, high quality and low latency,however, limited spectrum resources become
the most important factor to hamper improvement of cellular systems. As big amount of data traffic will
cause greater local consumption of spectrum resources, future networks are required to have appropriate
techniques to better support such forms of communication. D2D (Device-to-device) communication
technology in a cellular network makes full use of spectrum resources underlaying, reduces the load of the
base station, minimizes transmit power of the terminals and the base stations, thereby enhances the overall
throughput of the networks. Due to the use of multiplexing D2D UE (User equipment) resources and
spectrum, and the interference caused by the sharing of resources between adjacent cells, it has become a
major factor affecting coexisting of cellular subscribers and D2D users. When D2D communication
multiplexes the uplink resources, the base-stations are easily to be disturbed; when the downlink resources
are multiplexed, the users of downlink are susceptible to interference. In order to build a high-efficient
mobile network, we can meet the QoS requirements by controlling the power to suppress the interference
between the base station and a terminal user.
PREDICTING STUDENT ACADEMIC PERFORMANCE IN BLENDED LEARNING USING ARTIFICIAL ...ijaia
Along with the spreading of online education, the importance of active support of students involved in
online learning processes has grown. The application of artificial intelligence in education allows
instructors to analyze data extracted from university servers, identify patterns of student behavior and
develop interventions for struggling students. This study used student data stored in a Moodle server and
predicted student success in course, based on four learning activities - communication via emails,
collaborative content creation with wiki, content interaction measured by files viewed and self-evaluation
through online quizzes. Next, a model based on the Multi-Layer Perceptron Neural Network was trained to
predict student performance on a blended learning course environment. The model predicted the
performance of students with correct classification rate, CCR, of 98.3%.
EVALUATION OF A NEW INCREMENTAL CLASSIFICATION TREE ALGORITHM FOR MINING HIGH...mlaij
Abstract—A new model for online machine learning process of high speed data stream is proposed, to
minimize the severe restrictions associated with the existing computer learning algorithms. Most of the
existing models have three principle steps. In the first step, the system would create a model incrementally.
In the second step the time taken by the examples to complete a prescribed procedure with their arrival
speed is computed. In the third and final step of the model the size of memory required for computation is
predicted in advance. To overcome these restrictions we proposed this new data stream classification
algorithm, where the data can be partitioned into stream of trees. In this algorithm, the new data set can be
updated with the existing tree. This algorithm, called incremental classification tree algorithm, is proved to
be an excellent solution for processing larger data streams. In this paper, we present the experimental
results of our new algorithm and prove that our method would eradicate the problems of the existing
method.
Digital Disruption Proposal: FridgePilot Lewis Hill
Original idea for disruptive digital proposal-
FridgePilot will enable today’s consumers to eat better, save money and save time.
FridgePilot’s secret ingredient is that it communicates with RFID sensors on food packaging: silently and wirelessly updating your app with the information you need to have more taste and less waste.
ENERGY CONSUMPTION IMPROVEMENT OF TRADITIONAL CLUSTERING METHOD IN WIRELESS S...IJCNCJournal
In the traditional clustering routing protocol of wireless sensor network, LEACH protocol (Low Energy
Adaptive Clustering Hierarchy) is considered to have many outstanding advantages in the implementation
of the hierarchy according to low energy adaptive cluster to collect and distribute the data to the base
station. The main objective of LEACH is: To prolong life time of the network, reduce the energy
consumption by each node, using the data concentration to reduce bulletins in the network. However, in the
case of large network, the distance from the nodes to the base station is very different. Therefore, the
energy consumption when becoming the host node is very different but LEACH is not based on the
remaining energy to choose the host node, which is based on the number of times to become the host node
in the previous rounds. This makes the nodes far away from the base station lose power sooner.
In this paper, we give a new routing protocol based on the LEACH protocol in order to improve operating
time of sensor network by considering energy issues and distance in selecting the cluster-head (CH), at that
time the nodes with high energy and near the base station (BS) will have a greater probability of becoming
the cluster-head than the those in far and with lower energy.
A Survey Of RFID Authentication Protocols Based On Hash-Chain MethodLuz Martinez
This document provides a survey of RFID authentication protocols that are based on hash-chain methods. It discusses several protocols that have been proposed to address security and privacy issues in RFID communications by employing hash chains. The survey compares 10 different protocols, summarizing their use of hash chains, objectives, limitations, and vulnerabilities. Overall, the survey aims to provide a comparative analysis of hash-chain based RFID authentication protocols in order to better understand their approaches and limitations for enhancing RFID security and privacy.
Radio Frequency Identification RFID tags generally belong to a single domain system which is called has RFID single domain system. Till date, most of the researches in the RFID single domain system have been authentication protocol against a variety of attacks. This topic generally describes about the security and privacy mechanism in RFID multi domain which is further divided into three sub topics that is RFID forehand system security, RFID backhand system security and RFID inter domain system security. Pawankumar Tanavarappu ""A Security Framework in RFID"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020,
URL: https://www.ijtsrd.com/papers/ijtsrd30217.pdf
Paper Url : https://www.ijtsrd.com/computer-science/computer-network/30217/a-security-framework-in-rfid/pawankumar-tanavarappu
A research survey rfid security & privacy issuecsandit
This document summarizes research on RFID security and privacy issues. It discusses how RFID tags can be tracked and privacy risks that arise. It also reviews various techniques proposed for RFID privacy preservation, including encryption, pseudonyms, and private information retrieval (PIR). However, existing solutions have limitations in providing secure, low-cost encryption suitable for RFID tags while protecting privacy. Overall, the document surveys existing RFID security and privacy techniques and their challenges, concluding that a strong yet inexpensive encryption algorithm is still needed.
A RESEARCH SURVEY: RFID SECURITY & PRIVACY ISSUEcscpconf
“Information security and privacy” is one of the major challenges in the communication world
of IT as each and every information we pass need to be secured enough to the extent that it
doesn’t hurt anyone’s privacy. In trace and track world RFID play a pivotal role. We cannot
track people as it causes a privacy risk. Migration of data to cloud also comes under threat as
many things cannot be control over there. A trusted database is needed which can maintain and
enforce the privacy policy. In order to cater all these requirements, a secure, cheap and
complex computation encryption-decryption algorithm is required to meet this challenge.
This paper is based on the research survey of previous and current security and privacy
techniques used for securing RFID tag and reader communication and their impact on real
world.
Radio Frequency Identification RFID is a programmed innovation and helps machines or PCs to distinguish objects, record metadata or control singular focus through radio waves. Associating RFID reader to the terminal of Internet, the reader can distinguish, track and screen the articles appended with labels all inclusive, consequently, and progressively, if necessary. This is the supposed Internet of Things IOT . Radio Frequency Identification RFID is an innovation that utilizes correspondence through electromagnetic waves to trade information between a terminal and an electronic label joined to an article, with the end goal of ID and tracking Sapna Yadav | Pratibha Jha ""RFID Technology: An Overview"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-3 , April 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23247.pdf
Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/23247/rfid-technology-an-overview/sapna-yadav
This document summarizes the privacy and security issues surrounding RFID implementations. It begins with an overview of RFID technology, including its history and how it works. It then discusses several current uses of RFID, such as in toll booths, financial transactions, supply chain management, and healthcare. Potential privacy issues with RFID include tracking individuals via implanted or external RFID tags. Security issues involve cloning RFID tags. The document analyzes these issues through two case studies: issues with the Mifare Classic RFID system and privacy/security vulnerabilities in US/Australian ePassports that use RFID.
The document discusses RFID technology, including how it works, its benefits and threats, and security considerations. RFID uses radio waves to read tags attached to objects without needing direct contact or line-of-sight. There are two types of tags - active tags with batteries and passive tags without. The document outlines security risks like spoofing, replay attacks, and unauthorized tracking. It emphasizes the need for lightweight cryptography and random number generation on tags to address security challenges in RFID systems.
IoT is referred as Internet of objects and wireless sensor networks and RFID are enabled in the fields of education, health, agriculture and entertainment. The IoT is the development production of the computer science and communication technology. The vulnerable nature of IoT is related to the security and privacy issues. The user may face as the consequence of the spread of IoT technology. The survey is focused on security loopholes arising out of the information exchange technologies used in IoT. Data analytics utilizes IoT and Big Data and it faces security challenges to protect their important data. In 2020, the wide amount of data could be generated by using the technologies of IoT and Big Data. The purpose of this survey is to analyze the vulnerable security issues and risk involved in each layer of the IoT as per to our knowledge the first survey with some goals. Dr. E. J. Thomson Fedrik | A. Vinitha | B. Vanitha ""Review on Vulnerabilities of IoT Security"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd24020.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-network/24020/review-on-vulnerabilities-of-iot-security/dr-e-j-thomson-fedrik
1) The document examines the reliability challenges of RFID-based object tracking applications. Experiments showed that reliability is affected by factors like inter-tag distance, tag-antenna distance, tag orientation, and number of tags.
2) Applying redundancy techniques like multiple tags can significantly improve reliability. Locating tags in different positions on an object also impacts reliability.
3) Tracking experiments showed reliable identification is possible for tagged humans by placing tags at waist level as with ID cards.
The document discusses the US Department of Homeland Security's use of Radio Frequency Identification (RFID) technology to improve security. It notes that RFID allows real-time access to security information and can be used to track people and objects. However, there are also privacy and security concerns around RFID implementation, such as tags being hacked or data being intercepted. The document evaluates different RFID strategies and technologies used by DHS to balance security, privacy, and cost-effectiveness of programs like e-Passports and driver's licenses.
This document proposes a taxonomy for classifying RFID systems. The taxonomy has four main dimensions: usage, physical, frequency, and data. Usage looks at whether a system is for monitoring or authorization. Physical examines components like a tag's antenna, material, and operating environment. Frequency considers the signal distance and range used. The taxonomy is intended to help understand RFID technology and compare vendor solutions. It provides a framework to guide research and direct users to additional resources. An evaluation of real-world cases is suggested to test the taxonomy.
Internet of Things and its Enabling Technologies - RFIDSwetha Kogatam
The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure.infrastructure is one such technology which enables the Internet of things.When the RFID readers abides by appropriate communication protocols and are connected to the terminal of Internet, the readers distributed throughout the world can identify, track and monitor the objects attached with tags globally, automatically, and in real time, if needed. This is the so-called Internet of Things (IOT).
A Modular Approach To Intrusion Detection in Homogenous Wireless NetworkIOSR Journals
This document discusses a modular approach to intrusion detection in homogeneous wireless networks. It begins by introducing wireless networks and the need for intrusion detection systems (IDS) due to security vulnerabilities. It then discusses different types of IDS, including signature-based detection that identifies known attacks, and anomaly-based detection that identifies deviations from normal behavior but can result in high false positives. The document proposes a modular approach combining advantages of signature-based and anomaly-based detection for high detection rates and low false positives. Requirements for IDS in wireless networks are also outlined.
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLSKatie Robinson
Network security tools play an important role in cybersecurity. The document discusses various network security tools including vulnerability scanners like Nessus, packet sniffers like Wireshark, password crackers like John the Ripper, honeypots, and wireless security tools like NetStumbler. It provides an overview of the most popular tools, how they work, and what features they provide to enhance network security through activities like vulnerability detection, packet analysis, password cracking, and monitoring of network traffic. The top five tools discussed are Wireshark, Nessus, Snort, John the Ripper, and NetStumbler.
This document discusses the use of RFID (radio frequency identification) technology for human implantation and the associated privacy and security issues. It provides background on RFID technology and its current uses. The document outlines several research objectives, including developing a privacy framework for human implantation of RFID chips and addressing security issues like tracking. It discusses the potential benefits of RFID implantation for medical purposes but also health risks. The proposed research would take 3-4 years and involve both theoretical and experimental work.
This document discusses the use of RFID technology for human implantation and addresses privacy issues. It provides background on RFID technology and its use for tracking items and in various industries. The document then discusses potential uses of RFID chips implanted in humans, including medical applications and assisting disabled people. However, it also notes privacy and security issues with human implantation, such as tracking location and accessing private information. The goal of the research presented is to develop methods and a framework to address the privacy issues surrounding RFID chips implanted in humans to enhance security while allowing for beneficial applications of the technology.
A Novel RFID Readers Employee Management SystemIJMTST Journal
Radio Frequency Identification (RFID) is a new generation of Auto Identification and Data collection technology which helps to automate business processes and allows identification of large number of tagged objects using radio waves. RFID based Employee Management System (EMS) would allow complete hands-free access control, monitoring the whereabouts of employee and record the attendance of the employee as well. The access tag can be read up to 5 (~16 feet) meters from the RFID reader, which usually eliminates the need to handle the tag or to walk very close to the reader. This freedom is particularly important to handicapped workers, staff carrying packages. The proposed system is based on UHF RFID readers, supported with antennas at gate and transaction sections, and employee identification cards containing RFID transponders which are able to electronically store information that can be read / written even without the physical contact with the help of radio medium. This paper presents the experiments conducted to set up RFID based EMS.
Trust Metric-Based Anomaly Detection via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Trust Metric-Based Anomaly Detection Via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Review of the Introduction and Use of RFIDEditor IJCATR
We live in an age where technology is an integral part of human daily life. The aim of the technology is secure, accurate,
correct use of time for mankind and nature brings it may also have disadvantages and challenges. In this paper we describe the RFID
technology. Today, this technology in hospitals, shops, airports, tracking birds are used. It can be used in hospital intensive care unit
for monitoring and remote patient care, which causes it to print patients and physicians are not required to comply with very close
distance, the result of which can cause safety Patients and physicians should be. The security technology implementation is a
challenge. This paper introduces the applications, the challenges we have this technology.
Similar to ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH AND MARKOV MODEL (20)
Implementations of Fused Deposition Modeling in real worldEmerging Tech
The presentation showcases the diverse real-world applications of Fused Deposition Modeling (FDM) across multiple industries:
1. **Manufacturing**: FDM is utilized in manufacturing for rapid prototyping, creating custom tools and fixtures, and producing functional end-use parts. Companies leverage its cost-effectiveness and flexibility to streamline production processes.
2. **Medical**: In the medical field, FDM is used to create patient-specific anatomical models, surgical guides, and prosthetics. Its ability to produce precise and biocompatible parts supports advancements in personalized healthcare solutions.
3. **Education**: FDM plays a crucial role in education by enabling students to learn about design and engineering through hands-on 3D printing projects. It promotes innovation and practical skill development in STEM disciplines.
4. **Science**: Researchers use FDM to prototype equipment for scientific experiments, build custom laboratory tools, and create models for visualization and testing purposes. It facilitates rapid iteration and customization in scientific endeavors.
5. **Automotive**: Automotive manufacturers employ FDM for prototyping vehicle components, tooling for assembly lines, and customized parts. It speeds up the design validation process and enhances efficiency in automotive engineering.
6. **Consumer Electronics**: FDM is utilized in consumer electronics for designing and prototyping product enclosures, casings, and internal components. It enables rapid iteration and customization to meet evolving consumer demands.
7. **Robotics**: Robotics engineers leverage FDM to prototype robot parts, create lightweight and durable components, and customize robot designs for specific applications. It supports innovation and optimization in robotic systems.
8. **Aerospace**: In aerospace, FDM is used to manufacture lightweight parts, complex geometries, and prototypes of aircraft components. It contributes to cost reduction, faster production cycles, and weight savings in aerospace engineering.
9. **Architecture**: Architects utilize FDM for creating detailed architectural models, prototypes of building components, and intricate designs. It aids in visualizing concepts, testing structural integrity, and communicating design ideas effectively.
Each industry example demonstrates how FDM enhances innovation, accelerates product development, and addresses specific challenges through advanced manufacturing capabilities.
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc
Six months into 2024, and it is clear the privacy ecosystem takes no days off!! Regulators continue to implement and enforce new regulations, businesses strive to meet requirements, and technology advances like AI have privacy professionals scratching their heads about managing risk.
What can we learn about the first six months of data privacy trends and events in 2024? How should this inform your privacy program management for the rest of the year?
Join TrustArc, Goodwin, and Snyk privacy experts as they discuss the changes we’ve seen in the first half of 2024 and gain insight into the concrete, actionable steps you can take to up-level your privacy program in the second half of the year.
This webinar will review:
- Key changes to privacy regulations in 2024
- Key themes in privacy and data governance in 2024
- How to maximize your privacy program in the second half of 2024
Best Programming Language for Civil EngineersAwais Yaseen
The integration of programming into civil engineering is transforming the industry. We can design complex infrastructure projects and analyse large datasets. Imagine revolutionizing the way we build our cities and infrastructure, all by the power of coding. Programming skills are no longer just a bonus—they’re a game changer in this era.
Technology is revolutionizing civil engineering by integrating advanced tools and techniques. Programming allows for the automation of repetitive tasks, enhancing the accuracy of designs, simulations, and analyses. With the advent of artificial intelligence and machine learning, engineers can now predict structural behaviors under various conditions, optimize material usage, and improve project planning.
How RPA Help in the Transportation and Logistics Industry.pptxSynapseIndia
Revolutionize your transportation processes with our cutting-edge RPA software. Automate repetitive tasks, reduce costs, and enhance efficiency in the logistics sector with our advanced solutions.
Transcript: Details of description part II: Describing images in practice - T...BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and slides: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Comparison Table of DiskWarrior Alternatives.pdfAndrey Yasko
To help you choose the best DiskWarrior alternative, we've compiled a comparison table summarizing the features, pros, cons, and pricing of six alternatives.
Kief Morris rethinks the infrastructure code delivery lifecycle, advocating for a shift towards composable infrastructure systems. We should shift to designing around deployable components rather than code modules, use more useful levels of abstraction, and drive design and deployment from applications rather than bottom-up, monolithic architecture and delivery.
Blockchain technology is transforming industries and reshaping the way we conduct business, manage data, and secure transactions. Whether you're new to blockchain or looking to deepen your knowledge, our guidebook, "Blockchain for Dummies", is your ultimate resource.
Support en anglais diffusé lors de l'événement 100% IA organisé dans les locaux parisiens d'Iguane Solutions, le mardi 2 juillet 2024 :
- Présentation de notre plateforme IA plug and play : ses fonctionnalités avancées, telles que son interface utilisateur intuitive, son copilot puissant et des outils de monitoring performants.
- REX client : Cyril Janssens, CTO d’ easybourse, partage son expérience d’utilisation de notre plateforme IA plug & play.
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
Best Practices for Effectively Running dbt in Airflow.pdfTatiana Al-Chueyr
As a popular open-source library for analytics engineering, dbt is often used in combination with Airflow. Orchestrating and executing dbt models as DAGs ensures an additional layer of control over tasks, observability, and provides a reliable, scalable environment to run dbt models.
This webinar will cover a step-by-step guide to Cosmos, an open source package from Astronomer that helps you easily run your dbt Core projects as Airflow DAGs and Task Groups, all with just a few lines of code. We’ll walk through:
- Standard ways of running dbt (and when to utilize other methods)
- How Cosmos can be used to run and visualize your dbt projects in Airflow
- Common challenges and how to address them, including performance, dependency conflicts, and more
- How running dbt projects in Airflow helps with cost optimization
Webinar given on 9 July 2024
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH AND MARKOV MODEL
1. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
DOI: 10.5121/ijnsa.2016.8402 19
ENHANCE RFID SECURITY AGAINST BRUTE FORCE
ATTACK BASED ON PASSWORD STRENGTH AND
MARKOV MODEL
Dr. Adwan Yasin1
and Fadi AbuAlrub2
1
Computer Science Department, Arab American University
Jenin - Palestine
2
Computer Science Department, Arab American University
Jenin - Palestine
ABSTRACT
RFID systems are one of the important techniques that have been used in modern technologies; these
systems rely heavily on default and random passwords. Due to the increasing use of RFID in various
industries, security and privacy issues should be addressed carefully as there is no efficient way to achieve
security in this technology. Some active tags are low cost and basic tags cannot use standard cryptographic
operations where the uses of such techniques increase the cost of these cards. This paper sheds light on the
weaknesses of RFID system and identifies the threats and countermeasures of possible attacks. For the
sake of this paper, an algorithm was designed to ensure and measure the strength of passwords used in the
authentication process between tag and reader to enhance security in their communication and defend
against brute-force attacks. Our algorithm is design by modern techniques based on entropy, password
length, cardinality, Markov-model and Fuzzy Logic.
KEYWORDS
RFID, brute-force attack, Markov-model, entropy, fuzzy logic.
1. INTRODUCTION
IN order to achieve security and privacy protection in the RFID system, we studied
the RFID environment concerning how it works, its key components as well as
threats and countermeasures of this technology in order to determine the attacks that
still need for further research. [1][2]
Due to the limited size and cost of RFID systems, commonly used encryption
techniques do not meet the desired security requirements. Thus; it is important to
develop a new technique that enhances the security of RFID communication.
When the password is weak, it can be broken easily by hackers by using brute-force
attack. The aim of this paper is to develop a new algorithm that generates strong
passwords which can withstand brute-force attacks and tests the strength of
generated passwords, and to integrate this algorithm with other authentication
algorithms to enhance the security of RFID communication.
2. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
20
1.1 PROBLEM STATEMENT
Although most of the focus in RFID technology is on privacy, we should be more aware
about information security issues in this technology. The weakness interest in
information security in RFID technology makes it easy to access sensitive
information that use this technology, which is an opportunity for manipulation, and
theft of critical information through eavesdrop the communication between the tag
and the reader. [1][3]
Due to the growing cost of existing encryption techniques, this will add to the cost of
RFID systems which makes the design of new algorithms to ensure data security a
challenge, and the unsafe communication channels which provide a non-secure
environment for the exchange of information between the tag and the reader, it is
necessary to protect these channels with a new low-cost encryption technology. And
the use of non-cryptography based authentication with a random number doesn’t
provide enough security. [3][5]
In this paper, we will study different RFID attacks and the countermeasures for these
attacks. We will also categorize the attacks and the countermeasure actions to select one
of the most dangerous attacks that are not covered completely with security controls to
enhance security on RFID based on the chosen attack.
2. RFID SYSTEM OVERVIEW
2.1 RFID TECHNOLOGY
RFID stands for Radio Frequency Identification that uses radio waves to transmit the
identification as a unique serial number for an object wirelessly. RFID is deemed one of
the most widespread technologies that use radio waves to track, classify, detect and
uniquely identify a variety of objects (i.e., merchandise, people, and assets), it doesn’t
need line-of-sight scanning as it uses waves. RFID uses serial number to identify the
objects with its full information; it stores the object on a microchip that is connected to
an antenna (this combination called tags). [1]
2.2 RFID ENVIRONMENT
RFID environment consists of the following components as shown in Figure 1: [1]
Figure 1. RFID System Components
3. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
21
1. RFID Tags
There are two main kinds of RFID Tags: [1]
• Passive Tags
• Active Tags which have larger memories up to 128 KB.[20]
2. RFID Reader
3. RFID Middleware
4. Electronic Product Code (EPC): A unique code for objects stored in RFID tags
memory, matching the same functionality of barcode numbering scheme (UPC).
This code is a 96-bit number as in Figure 2.
Figure 2. EPC Tags [21]
2.3 HOW DOES RFID WORK?
RFID tag store a unique identity code in its read-only or rewrites internal memory
depending on type and application. The reader identifies the tag through the magnetic
field frequencies. After authentication is done, the tag sends its unique serial and all
information to the reader who, in turn, sends these data to the application side through
middleware. The middleware is an interface between readers, tags, application and
database. When tags send their identification to the reader and the system will match
tags’ code with the corresponding data existing in the database. The result determines if
the next processing will be accepted or rejected as shown in Figure 3. [1]
Figure 3. RFID Communications
4. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
22
2.4 RFID LAYERS COMMUNICATION
It’s very important to understand the communication process between RFID components
through the system. In order to do that, we should understand the OSI model for RFID
system.
The OSI model is the model that is responsible for data communication through the
system; it consists of logical layers that define the requirements of communication
between tag and reader.
Figure 4. RFID Layers Communication [4]
3. RFID THREATS AND SECURITY ATTACKS
With the widespread usage of RFID, the big challenges to RFID applications in- creased,
therefore; security and privacy protection become important. RFID applications are
exposed to different types of malicious attacks ranging from passive eavesdropping to
active interference. In order to understand RFID attacks; it’s important to understand and
summarize RFID weaknesses. This part explains and classifies the most important RFID
attacks and their countermeasures. [4]
RFID threats come in these main layers: physical, network transport, application,
Multilayer layer and Strategic Layer, classified based on their (integrity, confidentiality,
and availability) as shown in Table 1. [7]
Table 1. Major RFID Threats [4]
Physical Layer Network-
transport layer
Application
layer
Multilayer
Attacks
Strategic
Layer
Temporarily
disabling tag and
permanently
disabling tag.
Eavesdropping(or
Skimming)
Tag
modification
Man in Middle
Attack
Privacy
Threats
Spoofing Replay
Cloning Denial of Service
Attack
Impersonation Cryptography
Attacks
Traffic Analysis
5. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
23
4. RFID ATTACK CATEGORIZATION BY CIA
There are many attacks on RFID systems and these attacks can be classified based on
integrity, availability and confidentiality as shown in Table 2.
Table 2. RFID Attack Categorization by CIA
5. RFID IMPACTS AND COUNTERMEASURES
Institutions put the necessary measures for achieving security and privacy. Risk
management is one of the best means of calculating the risk in order to develop the
necessary countermeasures for the risk prevention. Risks are calculated by assessing the
threats as well as their impact on the institution, vulnerability and the likelihood. Note
that the impacts of threats are related to CIA principle. In this section, we will discuss
the effects of each threat and the appropriate countermeasure for each. [2]
It’s important to analyze threat countermeasures when the organization determines the
threats. We have already checked some other papers and calculated the number of
countermeasures for each threat in order to focus our research on the threats that do not
have adequate countermeasures as shown in Table 3. [2]
Reviewing the effects of RFID threats with CIA principle, we became able to determine
which threat to focus on based on concerning relative importance of these threats for the
institution. Depending on the results shown in Table 3, we chose cryptography attacks
and focused on brute force attack due to the lack of its countermeasures. [2]
6. CRYPTOGRAPHIC ATTCAKS
In this attack, the attacker breaks these algorithms and tries to get the data that is
stored in a tag. Brute force attack is mostly used in cryptography to break the
encrypted algorithms.
6.1 BRUTE-FORCE ATTACK
Brute-force attack is an attack where software or tools are used to guess password and
get access to sensitive data, in this attack, series of all possible passwords are sent in an
6. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
24
attempt to guess the used password and obtain access. To protect our data against this
attack, the password used should be powerful enough. When the strength of password
increased, it will take more time to guess it. In addition to using a strong password,
powerful encryption can be used at the same time to provide a very high level of security
for your data. [10][13]
There are many things to take into consideration in this kind of attack: a group of
passwords to test, how fast the hacker can check whether potential passwords are valid or
not, how long it would take the hacker to break the password as well as the possible rate of
success for breaking a specific password.[11]
The feasibility of brute force relies on the domain of input characters of the password
and the length of the password. Table 4 shows the number of possible passwords for a
given password length and character set, as well as how long it would take to crack
passwords of that type.[12]
When we create the password we use the following collections:
Numbers (0 to 9); that leaves us with 10 numbers. Characters (A-Z or a-z); 26 for
upper-case letters and 26 for lower-case letters, so that the total is 52. Special
Symbols (! @,., #, $, %, ˆ,& , and more) that are about 32.
The formula used to count the number of combinations to try is: Total
Combinations = Possible character password length
Table 4. RFID Cracking Time
7. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
25
7. RELATED WORK
The authors in paper [5] proposed an algorithm to ensure the security of authentication
between RFID tag and reader without the need to use costly encryption techniques, and
they are adopted in the design of the algorithm on matrix multiplication.
The algorithm assumes that each tag and reader stores a square matrix, and each of
them stores one matrix and the inverse of the matrix which exist in the other end
of the same size. The tag and the reader share the key K. With the knowledge that
the selected key and matrices are generated randomly by both the tag and the
reader. [5][6]
The algorithm description is shown in Figure 6.
Figure 6. Secure Tag Identification Algorithms [5]
7.1 ALGORITHM LIMITATIONS
The proposed algorithm uses a key and matrix of size 24 bytes which is fairly small, and
makes it possible for a hacker to guess each of the key and the matrix using a brute force
attack. Generating multiple keys in each phase and store these keys in RFID tags
consume their resources taking in consideration the limitation in their memory. [5][6]
The keys and matrices are generated randomly with small size and using brute-force
techniques an intruder can easily guess these keys and matrices used in this algorithm.
Data Security violates are strongly related to randomness. Weak random numbers
and impairment in the authentication protocol allows any key of a cryptographic
RFID to be found in a matter of seconds. [14]
Given that random numbers are used to secure our information, it will come as no
surprise that the performance and characteristics of random number generators have a
robust impact on security. To put it simply, attackers don’t crack encryption, they rob
or guess keys. Poor quality or insufficient quantities of random numbers have the
8. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
26
effect of creating that much easier, decreasing security to well below its designed level
and making the overall system vulnerable. [15]
8. CONTRIBUTION
The algorithm used in paper [5] was taken and improved in this paper because it does
not meet the security requirements necessary for the process of encryption between
RFID tag and reader due to the use of weak key and matrices; which are small in size
and lacks complexity giving by this a possibility for hackers to guess passwords and
matrices using brute-force attack.
Thus, the idea here is to improve the previous algorithm by generating strong passwords
according to the best practices so that they would be unbreakable and integrated into the
former algorithm in order to increase its strength against brute-force attack.
The resilience of a password against brute-force attack can be determined based on
three parameters cardinality, length, and entropy. The current minimum key length
used in the previous algorithm is eight characters, so it should equal 32 characters or
more.
And as an example by choosing a cardinality of 92 constructed as in Figure 7, and by
using a password of 8 characters long, we calculated the entropy using equation
number (1), and got a result of 52.4 bits entropy. This entropy measures the number of
guesses the hacker need to break a password using a brute-force attack as follows: [17]
[19]
Entropy = (1)
Where C is cardinality and L is password length.
8.1 WHAT MAKES FOR A SECURE RANDOM GENERATOR?
One of the important parameters to explore is entropy density. Entropy is a measure of
the randomness of data. For a given throughput, lower entropy might result in keys that
are less random, making them more vulnerable to hacking. [15]
8.2 ADDRESSING BRUTE-FORCE ATTACK USING STRONG PASSWORD
One of the effective methods to resist the brute-force attack is to use a strong password
policy by reviewing the previous algorithm criticized earlier for using a randomly
generated key and lacking strength. Strong passwords which are long and consist of
symbols and letters help overcoming brute force attack. [16][6]
As there is no precise description of strong password, there are some rules to follow in
order to ensure generating a strong password that can resist brute-force:
• Passwords must consist of twelve characters at least.
• Passwords should have both capital and small letters.
9. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
27
• Passwords must contain numeric characters.
• Passwords should include punctuation.
One of the methods used to resist brute-force attack is to delay it by increasing the
number of failed attempts to break the password, with this delay we can have indications
of an attack and, therefore; take the necessary measures to resist it. [16]
8.3 PASSWORD ENTROPY
Entropy is a quality indicator for passwords and high entropy can give a better quality.
The entropy only establishes the boundary for the amount of guesses needed to crack the
password. Thus we can estimate the number of attempts used by a hacker to guess the
password. [17][19]
The entropy bits of a password measured in bits is:
• The base-2 logarithm of number of estimation to find the password.
• On average, an assailant should try half of potential passwords before finding the
correct one.
For example a password that consists of 8 characters with upper and lowercase
characters and numbers aregiven in the following equation:
E =
By using this formula it’s evident that increasing the length is more important than increasing
the cardinality of a password. If we use the formula to test this by using the two
passwords:”A13F=; 54d!” and”IhaveAOldHorse123”. The first password, if we use Table 5,
will have a cardinality of 92 and a length of 10, while the other password has a cardinality of
62 and a length of 17.
8.4 PASSWORD CARDINALITY
Entropy will show the passwords variation expressed as bits. It’s calculated by a formula
provided by Shannon (1948). Where C stands for the password cardinality which is the
amount of different elements in a set by using the values in Table 5 for the cardinality
and L stand for the length of the password and the formula is: [19]
10. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
28
Table 5. Cardinality
Figure 7. Cardinality Values [26]
8.5 MEASURING THE STRENGTH OF PASSWORDS
Measuring the strength of password is one of the important means to ensure the security
of passwords. Current means used to measure the strength of passwords do not provide
sufficient accuracy due to applying simple rules. Based on what has been explained
earlier, we have proposed a new way to measure the strength of passwords with high
accuracy using Marko-models. [18][23]
There are many algorithms and websites that evaluate the strength of passwords but
they are weak due to following simple rules such as requiring to use small and capital
letters and symbols which lead to the generation of weak passwords. [18][23]
Entropy is one of the important measures used to measure the strength of passwords and
evaluate their resistance against brute-force attack. It assesses the strength of password
and it is approved by the National Institute of Standards and Technology (NIST). [23]
Strength of passwords can be defined with the extent of necessary power needed to guess
and break passwords, thus; it is necessary to increase the strength of passwords in order
to increase the time needed to break them and reduce the possibility of being guessed at
all. From here we can define the entropy as the average number of possible passwords to
guess in order to reach the correct password. [18][23]
A password checker function f(x) can be defined as follows: [18][23]
f(x) = (2)
UC + LC + D + S = 26+26+10+30 = 92
UC + LC + D = 26+ 26 + 10 = 62
UC + LC + S = 26 + 26 + 30 = 82
UC + D + S = 26 + 26 + 30 = 66
..... and so on
11. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
29
Where P(x) is the probabilities.
Through this equation we can classify the password as”optimal” as the password has the
same order both when using this equation and an optimal password guessing attack.
Consequently we can classify the strength of passwords based on the time necessary to
guess the password. [23]
Comparing the results to the extent of password strength through the use of three
important sites to guess passwords which are: NIST, Google and Microsoft password
checkers. With the knowledge that each of these sites has its specific methodology to
assess the strength of passwords as shown in Table 6. [23]
Guessing is one of the standards used to determine the strength of the passwords by
setting the time needed to break the passwords and recognize them. They assess the
strength of passwords through computing the probabilities necessary to guess the a
particular password then comparing the results with the previously mentioned password
checker web sites, as shown in Table 6. [23]
Table 6. A Short List of Passwords as Scored by our Markov-Model [18]
Password Ideal Markov NIST MS Google
password 9.09 9.25 21 1 1
password1 11.52 11.83 22.5 2 1
Password1 16.15 17.08 28.5 3 1
P4ssw0rd 22.37 21.67 27 3 1
naeemha 21.96 28.42 19.5 1 0
dkriouh N/A 42.64 19.5 1 0
2GWapWis N/A 63.67 21 3 4
Wp8E&NCc N/A 67.15 27 3 4
8.6 ESTIMATING PASSWORD PROBABILITIES WITH MARKOV MODELS
Markov models proved its strength in the field of information security in general and
password security in particular. [24]
The power of Markov models based on the extent of the accuracy of calculation of
guessing passwords depending on well-known password corpus and generating
an n-gram used to calculate the probabilities of new generated passwords. This
helps us access to the most accurate results in the evaluation of of these models
strength in guessing passwords depending on a large database of frequently used
passwords. [24]
For example, suppose that we have D, E, and F. If training data shows that D is the most
probably starting character, E is the character most likely to follow D, and F is the
character most likely to follow E, then the first guess will be DEF. If the next-most-
probable character to follow E is D, the second guess will be DED, and so on. [22]
12. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
30
Goal: Guess passwords and estimate the password probabilities from real password data
(e.g. RockYou list). Several very large password datasets have been made publicly
available through leaks: the Rockyou dataset, which contains a set of 32 million
passwords. [18]
Markov assumption: these subjunctive probabilities can be approximated by a short
history, e.g., for 3-grams (history 2):
P(password) = P(pa).P(s/pa).P(s/as).P(w/ss).P(d/sw)
8.7 ESTIMATING PASSWORD PROBABILITIES WITH MARKOV MODELS
By using the n-gram used by Markov-model, the likelihood of the following character in
a string based on a prefix of length n. Hence for a given string c1,...,cm we can write:
[24]
P(c1,. . .,cm) = (ci|ci-n+1,…,ci-1) (3)
In n-gram we generate the counts of count(x1,..., xn), and the conditional probabilities
can be computed as follows: [18]
P(ci|ci-n+1,..,ci-1)=count(ci-n+1,…,ci-1,ci) / count(ci-n+1,..,ci-1,ci) (4)
n-gram database
Password Count
aaaaa 17988
aaaab 340
aaaac 303
…..
passa 1129
passb 225
…..
passw 97963
…..
zzzzz 0
Figure 8. Conditional Probability Examples
For instance: To compute the probability of the (password) with n = 5 is calculated as
shown below: P(password) = P(p)P(a/p)P(s/pa). . . P(d/swor)
p(o/assw) = count(asswo)/count(assw) = 98450/101485 = 0.97.
p(w/pass) = count(passw)/count(pass*) = 97963/114218
0.86.
13. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
31
And the probability is: P(password) = 0.0016, where the result of (password) from
RockYou database is 0.0018. [18]
And familiarized them with Table 6 compared to the results to guess passwords using
Markov model compared to the results from other famous password databases and
deduce from the table over the accuracy of the results using Markov model. [23][24]
8.8 PROPOSED WORK AND DISCUSSION
Our proposed algorithm checks the strength of generated random password based on
these parameters: length, entropy and cardinality and on an additional level of security
using Markov model which measures password strength by calculating the “guess
probability” (GP) for the password. Through this algorithm, we can put weak passwords
in a black list to easily ignore them when created another time without repeating the
previous calculations and this will save time.
Using a password of 8 characters long and a composite password which includes
symbols, numbers,... etc. Let us suppose that the value of cardinality is 92, and by
applying the entropy equation, we got a final result 52.4, and according to the
password standards we note that short passwords can be guessed easily and thus it is
necessary to increase the length of the password to be more than 32 characters
according to RFID tag features and the password should be as complex as possible.
In our algorithm, we proposed a password with a length of 32 characters and an
optimal password cardinality with a score of 92 and by applying the entropy equation
we got a result 208.7, so that our conditions will be password length >=32,
cardinality>=92, entropy >=208.7 and the “guess probability” (GP) should be over a
specific threshold. The resulting score indicates the strength of generated passwords, if it
is classified as weak passwords we put it in a black list to be ignored next time
before check and we regenerate another password, while if it is classified as strong
password we accept it.
Our proposed algorithm checks the strength of the generated password as shown in
Figure 9. In our system we chooses an active tag and the reader generates a password
based on our proposed algorithm which generates a password bigger than or equal to
32 bit and check if the password doesn’t exist in the black list, it computes the
cardinality depending on the structure of generated password. After that, the
algorithm computes the entropy which is a measurement to estimate the strength of
password to resist brute-force attack based on the value of cardinality and the length
of generated password, then the algorithm computes the probability based on Markova
model which indicates the strength of generated passwords, the proposed algorithm
should be greater than a specific threshold. Finally, by aggregating the two results
(entropy and guess probability) the final result shows the strength of password: If it is
strong it will be used in the authentication process. If not, the algorithm will add it to
a blacklist and regenerates a new password.
In order to aggregating the two results (entropy and guess probability), we suggest to use
Mamdani Fuzzy logic model. This can be done by applying two-input one-output model
which takes (entropy and guess probability) as input while the output will be the
prediction result for their composition. In fuzzy logic, we classify the inputs into
membership functions classified to (LOW, MEDIUM, HIGH) and the outputs can be
14. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
32
classified as (LOW, MEDIUM, HIGH) and through defuzzification, this model gives us a
crisp values which determines the strength of password as shown in Figure 13. [25][26]
We also proposed a mechanism to fill the matrix based on Electronic Product Code
(EPC), which contains a decimal and a hexadecimal code. In order to fill the matrix, we
used the object class part and the serial number part and excluded zeros from both of
them. Then converted the hexadecimal numbers to decimal format and filled all the
decimal numbers to the matrix as shown in Figure 10.
Figure 9. Proposed Algorithm
Figure 10. Proposed Mechanism to Fill the Matrix
15. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
33
8.9 ALGORITHM DESCRIPTION
Our enhanced algorithm enhances the security issues of the authentication process
between RFID tag and reader. This algorithm requires that both tag and reader store
two square matrices and share a key K as follows:
The tag: stores M1 and M 2−1, where M 2−1
is the inverses of M2.
The reader: stores M2 and M1−1, where M1−1
is the inverses of M1.
Database: stores information about the tags and each of the tags’ information was
indexed with a unique number X which equals to the multiplication of K and M1 (KM1).
The key K: is generated using our algorithm and a new key is generated for every
identification session.
The matrices: M1, M2, M 1−1
, M 2−1
, and the matrices are filled from EPC code as
discussed before.
In the previous algorithm, both of the matrices and the key are generated randomly
which still can be guessed through a brute-force attack. In our algorithm, on the other
hand, we used a new algorithm to generate a strong key and a mechanism that fills the
matrix making it more complicated and difficult for a hacker to guess.
The identification composes of two phases:
First phase: Tag identification. It happens when the reader send a SYNC message to the
tag and starts a session, the tag then replies with ACKN message which is X=KM1, note
that each tag is indexed in the database with a unique number X. While the tag replies, a
timer starts, and when the reader extradites a unique number X, it communicates with the
database through middleware to get the tag’s information identified by X.
Second phase: the reader authentication. In this phase the reader tries to authenticate
itself to the tag and through this process it generates a new key using our algorithm and
sends it back to the tag. While the reader makes new authentication, it generates a new
key and instead to send the whole keys back to the tag and to save the tag resources, the
reader uses XOR to get a small one key instead of all generated keys and multiply the
Knew with the matrix M2. And to obtain a new key the reader uses Xnew such that
Knew XnewM 1−1
. Then the reader sends both Y and Z resulting from the
multiplication of the new key with M2 to the tag which accepts and stores the new
key in their memory to be used in a new identification and authentication phases, and
at this time the tag stops the timer and the tag and so on.
In case of failure of the reader to be authenticated to the tag, the tag will stop the
connection until reset and it can create one authentication at a session time.
The proposed algorithm is shown in Figure 11 and Figure 12.
16. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
34
Figure 11. Propose Model for Secure Tag Identification Algorithm
Figure 12. Proposed Secure Tag Identification Algorithm
17. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
35
Figure 13. Mamdani Fuzzy Logic Model to Measure Password Strength
9. CONCLUSION AND FUTURE WORK
It can be positively concluded that our algorithm ensures RFID authentication
security against brute-force attack. The algorithm prevents generated passwords that
fail even a single condition. In order to be accepted, a password should pass all
conditions of length, cardinality, and entropy and Markov probability. Our future
work will be on the implementation part of the proposed algorithm by analyzing the
results and comparing them with such algorithms.
18. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
36
Table 3. RFID Threats and Countermeasures for all Layers
REFERENCES
[1] Mandeep Kaur, Manjeet Sandhu, Neeraj Mohan and Parvinder S. Sandhu, (2011) ” RFID Technology
Principles, Advantages, Limitations & Its Applications”, International Journal of Computer and
Electrical Engineering, Vol.3, No.1, 151-157 ISSN: 1793-8163, February, 2011. DOI:
10.7763/IJCEE.2011.V3.306
[2] Nidhi Chauhan, (2014) ” Vulnerability and Countermeasures of RFID System”, International Journal
of Engineering and Technical Research (IJETR) ISSN: 2321-0869, Volume-2, Issue-9, September
2014
[3] Dong-Her Shih, Chin-Yi Lin and Binshan Lin, (2005) “RFID tags: Privacy and security aspects”,
International Journal of Mobile Communications Vol.3 (3):214-230. January 2005. DOI: 10.1504/
ijmc.2005.006581
[4] Gursewak Singh, Rajveer Kaur, Himanshu Sharma, (2013) ”Various Attacks and their
Countermeasure on all Layers of RFID System”, International Journal of Emerging Science and
Engineering (IJESE) ISSN: 23196378, Volume-1, Issue-5, March 2013
20. International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.5, September 2016
38
[25] Arshdeep Kaur, Amrit Kaur, (2012) ” Comparison of Mamdani-Type and Sugeno-Type Fuzzy
Inference Systems for Air Conditioning System”, International Journal of Soft Computing and
Engineering (IJSCE) ISSN: 2231-2307, Volume-2, Issue-2, May 2012. DOI: 10.1109/
icacea.2015.7164799
[26] Poonam , Surya Prakash Tripathi and Praveen Kumar Shukla, (2012) ” Uncertainty Handling using
Fuzzy Logic in Rule Based Systems”, International Journal of Advanced Science and Technology
Vol. 45, August, 2012
AUTHORS’ PROFILES
Dr. Adwan Yasin PH.D Computer System Engineering /Computer security /Kiev National
Technical University of Ukraine, 1996. Master degree in computer System Engineering-
Donetsk Polytechnic institute, Ukraine, 1992. An associate professor former Dean of the
Engineering and Information Technology Faculty of the Arab American University of Jenin,
Palestine. Previously he worked as Chair Person of Computer Science Department- AAUJ,
Assistant professor of the computer Science Department -The Arab American University-
Palestine. Assistant professor of the computer & Information System Department,
Philadelphia University- Jordan. Assistant professor of the Computer science department,
Zarka Private University- Jordan. He has many publications in the fields of computer
networking and security in different international journals. His research interests Computer
Security, Computer Architecture and Computer Networks.
Fadi K M AbuAlrub received his BS in telecommunication technology from Arab
American University in Palestine, Ramallah, in 2006. He is currently working with State
Audit and Administrative Control Bureau as a software engineer and IT auditor since 2008,
and currently pursuing his Master of Computer Science from Arab American University,
Jenin, Palestine. His researches interest includes computer networking, information security,
artificial intelligence, RFID technology and data mining.