Return to search

Anomaly Detection in RFID Networks

Available security standards for RFID networks (e.g. ISO/IEC 29167) are designed to secure individual tag-reader sessions and do not protect against active attacks that could also compromise the system as a whole (e.g. tag cloning or replay attacks). Proper traffic characterization models of the communication within an RFID network can lead to better understanding of operation under “normal” system state conditions and can consequently help identify security breaches not addressed by current standards. This study of RFID traffic characterization considers two piecewise-constant data smoothing techniques, namely Bayesian blocks and Knuth’s algorithms, over time-tagged events and compares them in the context of rate-based anomaly detection.
This was accomplished using data from experimental RFID readings and comparing (1) the event counts versus time if using the smoothed curves versus empirical histograms of the raw data and (2) the threshold-dependent alert-rates based on inter-arrival times obtained if using the smoothed curves versus that of the raw data itself. Results indicate that both algorithms adequately model RFID traffic in which inter-event time statistics are stationary but that Bayesian blocks become superior for traffic in which such statistics experience abrupt changes.

Identiferoai:union.ndltd.org:unf.edu/oai:digitalcommons.unf.edu:etd-1813
Date01 January 2017
CreatorsAlkadi, Alaa
PublisherUNF Digital Commons
Source SetsUniversity of North Florida
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceUNF Graduate Theses and Dissertations

Page generated in 0.0022 seconds