Kai Bu,Xuan Liu,Bin Xiao

DOI: https://doi.org/10.1109/iwqos.2012.6245962

2012-01-01

Abstract:Tag cloning attacks threaten a variety of Radio Frequency Identification (RFID) applications but are hard to prevent. To secure RFID applications that confine tagged objects in the same RFID system, this paper studies the cloned-tag identification problem. Although limited existing work has shed some light on the problem, designing fast cloned-tag identification protocols for applications in large-scale RFID systems is yet not thoroughly investigated. To this end, we propose leveraging broadcast and collisions to identify cloned tags. This approach relieves us from resorting to complex cryptography techniques and time-consuming transmission of tag IDs. Based on this approach, we derive a time lower bound on cloned-tag identification and propose a suite of time-efficient protocols toward approaching the time lower bound. The execution time of our protocol is only 1.4 times the value of the time lower bound, being up to 91% less than that of the existing protocol. The proposed protocols may benefit also RFID applications that distribute tagged objects across multiple places.

Kai Bu,Xuan Liu,Jiaqing Luo,Bin Xiao,Guiyi Wei

DOI: https://doi.org/10.1109/TIFS.2012.2237395

IF: 7.231

2013-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Cloning attacks threaten radio-frequency identification (RFID) applications but are hard to prevent. Existing cloning attack detection methods are enslaved to the knowledge of tag identifiers (IDs). Tag IDs, however, should be protected to enable and secure privacy-sensitive applications in anonymous RFID systems. In a first step, this paper tackles cloning attack detection in anonymous RFID systems without requiring tag IDs as a priori. To this end, we leverage unreconciled collisions to uncover cloning attacks. An unreconciled collision is probably due to responses from multiple tags with the same ID, exactly the evidence of cloning attacks. This insight inspires GREAT, our pioneer protocol for cloning attack detection in anonymous RFID systems. We evaluate the performance of GREAT through theoretical analysis and extensive simulations. The results show that GREAT can detect cloning attacks in anonymous RFID systems fairly fast with required accuracy. For example, when only six out of 50,000 tags are cloned, GREAT can detect the cloning attack in 75.5 s with a probability of at least 0.99.

Kai Bu,Xuan Liu,Bin Xiao

DOI: https://doi.org/10.1016/j.adhoc.2013.08.011

IF: 4.816

2014-01-01

Ad Hoc Networks

Abstract:Tag cloning attacks threaten a variety of Radio Frequency Identification (RFID) applications but are hard to prevent. To secure RFID applications that confine tagged objects in the same RFID system, this paper studies the cloned-tag identification problem. Although limited existing work has shed some light on the problem, designing fast cloned-tag identification protocols for applications in large-scale RFID systems is yet not thoroughly investigated. To this end, we propose leveraging broadcast and collisions to identify cloned tags. This approach relieves us from resorting to complex cryptography techniques and time-consuming transmission of tag IDs. Based on this approach, we derive a time lower bound on cloned-tag identification and propose a suite of time-efficient protocols toward approaching the time lower bound. The execution time of our protocol is only 1.4 times the value of the time lower bound, being over 91% less than that of the existing protocol. Even better, we further dig up an adaptive protocol that can yield higher time efficiency under some scenarios. The proposed protocols may benefit also RFID applications that distribute tagged objects across multiple places.

Kai Bu,Mingjie Xu,Xuan Liu,Jiaqing Luo,Shigeng Zhang

DOI: https://doi.org/10.1109/mass.2014.12

2014-01-01

Abstract:Cloning attacks seriously impede the security of Radio-Frequency Identification (RFID) applications. In this paper, we tackle deterministic clone detection for anonymous RFID systems without tag identifiers (IDs) as a priori. Existing clone detection protocols either cannot apply to anonymous RFID systems due to necessitating the knowledge of tag IDs or achieve only probabilistic detection with a few clones tolerated. We propose two protocols, BASE and DeClone, toward fast and deterministic clone detection for large anonymous RFID systems. BASE leverages the observation that clone tags make tag cardinality exceed ID cardinality. DeClone is built on a recent finding that clone tags cause collisions that are hardly reconciled through rearbitration. For DeClone to achieve detection certainty, we design breadth first tree traversal toward quickly verifying unreconciled collisions and hence the cloning attack. We validate their detection performance through analysis and simulation. The results show that BASE delivers faster detection for small systems while DeClone for large ones especially when clone ratio increases.

Xingyu Chen,Jia Liu,Xia Wang,Xiaocong Zhang,Yanyan Wang,Lijun Chen

DOI: https://doi.org/10.1109/sahcn.2018.8397134

2018-01-01

Abstract:In RFID systems, a cloning attack is to fabricate one or more replicas of a genuine tag, so that these replicas behave exactly the same as the genuine tag and fool the reader for getting legal authorization, leading to potential financial loss or reputation damage for the corporations. These replicas are called clone tags. Although many advanced solutions have been proposed to combat cloning attack, they need to either modify the MAC- layer protocols or increase extra hardware resources, which cannot be deployed on commercial off-the-shelf (COTS) RFID devices for practical use. In this paper, we take a fresh attempt to counterattack tag cloning based on COTS RFID devices and the universal C1G2 standard, without any software redesign or hardware augment needed. The basic idea is to use the RF signal profile to characterize each tag. Since these physical-layer data are measured by the reader and susceptible to various environmental factors, they are hard to be estimated by the attackers; let alone be cloned. Even so, we assert that it is challenging to identify clone tags as the signal data from a genuine tag and its clones are all mixed together. Besides, the tag moving has a great impact on the measured RF signals. To overcome these challenges, we propose a clustering-based scheme that detects the cloning attack in the still scene and a chain- based scheme for clone detection in the dynamic scene, respectively. Extensive experiments on COTS RFID devices demonstrate that the detection accuracy of our approaches reaches 99.8% in a still case and 99.3% in a dynamic scene.

Kai Bu,Mingjie Xu,Xuan Liu,Jiaqing Luo,Shigeng Zhang,Minyu Weng

DOI: https://doi.org/10.1109/TII.2015.2482921

IF: 12.3

2015-01-01

IEEE Transactions on Industrial Informatics

Abstract:Cloning attacks seriously impede the security of radio-frequency identification (RFID) applications. This paper tackles deterministic clone detection for anonymous RFID systems without tag identifiers (IDs) as a priori. Existing clone detection protocols either cannot apply to anonymous RFID systems due to necessitating the knowledge of tag IDs or achieve only probabilistic detection with a few cl...

Xin Ai,Honglong Chen,Kai Lin,Zhibo Wang,Jiguo Yu

DOI: https://doi.org/10.1109/tifs.2020.3023785

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Radio-Frequency Identification (RFID) is an emerging technology which has been widely applied in various scenarios, such as tracking, object monitoring, and social networks, etc. Cloning attacks can severely disturb the RFID systems, such as missed detection for the missing tags. Although there are some techniques with physical architecture design or complicated encryption and cryptography proposed to prevent the tags from being cloned, it is difficult to definitely avoid the cloning attack. Therefore, cloning attack detection and identification are critical for the RFID systems. Prior works rely on that each clone tag will reply to the reader when its corresponding genuine tag is queried. In this article, we consider a more general attack model, in which each clone tag replies to the reader's query with a predefined probability, i.e., attack probability. We concentrate on identifying the tags being attacked with the probability no less than a threshold $P_{t}$ with the required identification reliability $\alpha $ . We first propose a basic protocol to Identify the Probabilistic Cloning Attacks with required identification reliability for the large-scale RFID systems called IPCA. Then we propose two enhanced protocols called MS-IPCA and S-IPCA respectively to improve the identification efficiency. We theoretically analyze the parameters of the proposed IPCA, MS-IPCA and S-IPCA protocols to maximize the identification efficiency. Finally we conduct extensive simulations to validate the effectiveness of the proposed protocols.

Fei Wang,Bin Xiao,Kai Bu,Jinshu Su

DOI: https://doi.org/10.1109/icc.2013.6654842

2013-01-01

Abstract:Blocker tags are initially introduced to protect regular tags in certain ID ranges, called blocking ranges, from unwanted scanning in RFID systems. But if misused, blocker tags can cause blocking attacks that corrupt the communication between interfered regular tags and readers. Previous approaches can only detect blocking behavior. However, they cannot distinguish malicious blocking from legitimate blocking that can be perfectly allowed to protect customer's privacy. To solve the problem, we carry out the first attempt in the paper to detect real blocking attacks by identifying malicious blocking ranges from authorized ones in a system. We present two pioneer probe-based protocols that can accurately identify malicious blocking ranges in popular tree-based RFID systems, and get rid of their impact before performing RFID applications. We validate the efficacy of the two protocols through theoretical analysis and simulation experiments. The results show that our protocols can identify blocking ranges very fast even when the blocker tag percentage is very low, for example, dozens of blocker tags among tens of thousands of regular tags. Our protocols deliver also a faster blocker tag detection than previous detection methods; our best protocol reduces detection time by over 90% compared with the state-of-the-art detection method.

Kai Bu,Junze Bao,Minyu Weng,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1016/j.adhoc.2015.06.006

IF: 4.816

2016-01-01

Ad Hoc Networks

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring applications. Along with this trend, a corresponding important problem is to verify the intactness of a set of objects using that of their attached tags. Existing solutions necessitate the knowledge of tag identifiers (IDs), sharing the intuition that verifying whether any tag is absent comes after knowing which tags are supposed to be present. Such solutions, however, can hardly live up to the recent vision of anonymous RFID systems that isolate tag IDs from protocols design for privacy concern. In this paper, we take the first leap toward verifying intactness of anonymous RFID systems. We first identify three critical solution requirements—deterministic verification, anonymity preservation, and scalability—for applications tolerating no absence. Without tag IDs as a priori, we propose a series of crypto-free, lightweight protocols that satisfy the requirements. The proposed protocols explore tag-cardinality difference or leverage Direct-Sequence Spread Spectrum enabled RFID. We validate their performance in terms of accuracy, privacy, and scalability through both analytical and simulation results. To cater for applications that tolerate losing some tagged objects, we further explore probabilistic intactness verification to trade tiny accuracy for boosted efficiency.

Kai Bu,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1109/PADSW.2014.7097801

2014-01-01

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring systems. Along with this trend, tagged objects' value and privacy become a primary concern. A corresponding important problem is to verify the intactness of a set of tagged objects without leaking tag identifiers (IDs). However, existing solutions necessitate the knowledge of tag IDs. Without tag IDs as a priori, this paper studies intactness verification in anonymous RFID systems. We identify three critical solution requirements, that is, deterministic verification, anonymity preservation, and scalability. We propose Cardiff and Divar, two crypto-free, lightweight protocols that isolate tag IDs from intactness verification and satisfy solution requirements. Cardiff explores tag cardinality as intactness proof while Divar leverages Direct-Sequence Spread Spectrum (DSSS) enabled RFID. Both analytical and simulation results demonstrate that Cardiff and Divar can satisfy the requirements of accuracy, privacy, and scalability.

Dheeraj K. Klair,Kwan-Wu Chin,Raad Raad,Dheeraj K Klair

DOI: https://doi.org/10.1109/surv.2010.031810.00037

2010-01-01

Abstract:RFID technologies have revolutionized the asset tracking industry, with applications ranging from automated checkout to monitoring the medication intakes of elderlies. In all these applications, fast, and in some cases energy efficient, tag reading is desirable, especially with increasing tag numbers. In practice, tag reading protocols face many problems. A key one being tag collision, which occurs when multiple tags reply simultaneously to a reader. As a result, an RFID reader experiences low tag reading performance, and wastes valuable energy. Therefore, it is important that RFID application developers are aware of current tag reading protocols. To this end, this paper surveys, classifies, and compares state-of-the-art tag reading protocols. Moreover, it presents research directions for existing and future tag reading protocols.

computer science, information systems,telecommunications

Luciano Gavoni

DOI: https://doi.org/10.48550/arXiv.2110.00094

2021-10-01

Abstract:Radio Frequency Identification (RFID) systems are among the most widespread computing technologies with technical potential and profitable opportunities in numerous applications worldwide. Further, RFID is the core technology behind the Internet of Things (IoT), which can accomplish the real-time transmission of information between objects without manual operation. However, RFID security has been taken for granted for several years, causing multiple vulnerabilities that can even damage human functionalities. The latest ISO/IEC 18000-63:2015 standard concerning RFID dates to 2015, and much freedom has been given to manufacturers responsible for making their devices secure. The lack of a substantial standard for devices that implement RFID technology creates many vulnerabilities that expose end-users to elevated risk. Hence, this paper gives the reader a clear overview of the technology, and it analyzes 23 well-known RFID attacks such as Reverse Engineering, Buffer Overflow, Eavesdropping, and Malware. Moreover, given the exceptional capabilities and utilities of RFID devices, this paper has focused on security measures and defenses for protecting them, such as Active Jamming, Shielding tag, and Authentication.

Cryptography and Security

Xia Wang,Jia Liu,Yanyan Wang,Xingyu Chen,Lijun Chen

DOI: https://doi.org/10.1016/j.comnet.2019.106894

IF: 5.493

2019-12-01

Computer Networks

Abstract:Due to limited on-chip resources, RFID tags may blindly respond to any readers authorized or not, leading to privacy leakage when sensitive data are exposed. A feasible solution to this problem is deploying blocker tags that emulate and behave like the genuine tags. With this deployment, there is always a virtual tag produced by the blocker tag that responds to the reader when the genuine tag to be protected replies, resulting in irreconcilable collisions and thus preventing privacy-leakage. This paper studies the problem of missing tag identification in blocker-enabled RFID systems. Unlike existing work, the reader in this problem will always get the responses from blocker tags even the genuine tags are lost, which makes the existing solutions unavailable. To address this problem, we propose three efficient protocols. The first is a group-based protocol that splits the entire tag set into three subsets and separately deals with each of them in different ways. The second protocol is called collision-reconciled protocol that turns some useless collision slots into useful singleton slots, increasing slot availability and thereby reducing the execution time. The third protocol is a concurrent missing tag identification protocol that improves the time efficiency of missing-event detection by running grouping and missing identification in parallel rather than in sequence. Theoretical analyses and extensive simulations show that our protocols are far superior to benchmark. For example, our best protocol can improve the identification efficiency by a factor of 6.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Xuan Liu,Bin Xiao,Shigeng Zhang,Kai Bu,Alvin Chan

DOI: https://doi.org/10.1109/tc.2015.2394461

IF: 3.183

2015-01-01

IEEE Transactions on Computers

Abstract:The radio frequency identification (RFID) technology is greatly revolutionizing applications such as warehouse management and inventory control in retail industry. In large RFID systems, an important and practical issue is tag searching: Given a particular set of tags called wanted tags, tag searching aims to determine which of them are currently present in the system and which are not. As an RFID system usually contains a large number of tags, the intuitive solution that collects IDs of all the tags in the system and compares them with the wanted tag IDs to obtain the result is highly time inefficient. In this paper, we design a novel technique called testing slot, with which a reader can quickly figure out which wanted tags are absent from its interrogation region without tag ID transmissions. The testing slot technique thus greatly reduces transmission overhead during the searching process. Based on this technique, we propose two protocols to perform time-efficient tag searching in practical large RFID systems containing multiple readers. In our protocols, each reader first employs the testing slot technique to obtain its local searching result by iteratively eliminating wanted tags that are absent from its interrogation region. The local searching results of readers are then combined to form the final searching result. The proposed protocols outperform existing solutions in both time efficiency and searching precision. Simulation results show that, compared with the state-of-the-art solution, our best protocol reduces execution time by up to 60 percent, meanwhile promotes the searching precision by nearly an order of magnitude.

Kai Bu,Bin Xiao,Qingjun Xiao,Shigang Chen

DOI: https://doi.org/10.1109/tpds.2012.48

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Radio-Frequency Identification (RFID) technology brings many innovative applications. Of great importance to RFID applications in production economics is misplaced-tag pinpointing (MTP), because misplacement errors fail optimal inventory placement and thus significantly decrease profit. The existing MTP solution [1], originally proposed from a data-processing perspective, collects and processes a large amount of data. It suffers from time inefficiency (and energy-inefficiency as well if active tags are in use). The problem of finding efficient solutions for the MTP problem from the communication protocol design perspective has never been investigated before. In this paper, we propose a series of protocols toward efficient MTP solutions in large RFID systems. The proposed protocols detect misplaced tags using reader positions instead of tag positions to guarantee the efficiency and scalability as system scale grows, because RFID readers are much fewer than tags. Considering applications that employ active tags, we further propose a solution requiring responses from only a subset of tags in favor of energy saving. We also design a distributed protocol that enables each reader to independently detect misplaced tags. We then investigate how to apply the proposed protocols in scenarios with tag mobility. To evaluate the proposed protocols, we analyze their optimal performances to demonstrate their efficiency potential and also conduct extensive simulation experiments. The results show that the proposed protocols can significantly increase the time efficiency and the energy efficiency by over 70 percent on average when compared with the best existing work.

Xuan Liu,Bin Xiao,Kai Bu,Shigeng Zhang

DOI: https://doi.org/10.1109/IWQoS.2014.6914341

2014-01-01

Abstract:Tag identification is the most fundamental problem in Radio Frequency Identification (RFID) systems. Time efficiency is the top quality of service (QoS) metric in RFID tag identification. Traditional tag scanning approaches suffer from low time efficiency because they need to transmit tag IDs that are usually very long (e.g., 96 bits). In this paper, we investigate how to employ handheld readers to improve the time efficiency of tag identification and provide flexibility to scan tags on different purposes. A fast and flexible tag scanning mechanism called LOCK is proposed, which combines both the information and the replying slot index of a tag's response. In LOCK, tags transmit only short responses instead of tag IDs. Based on LOCK, we propose two novel tag scanning protocols that progressively add new techniques on top of one another to improve the time efficiency. Compared to the state-of-the-art solution in literature, our best protocol reduces scanning time by up to 53 percent.

Xuan Liu,Shigeng Zhang,Kai Bu,Bin Xiao

DOI: https://doi.org/10.1109/mass.2012.6502501

2012-01-01

Abstract:The RFID technology greatly improves efficiency of many applications including inventory control, object tracking, and supply chain management. In such applications, it is common that new objects are added into the system or existing objects are misplaced in wrong regions. When this happens, fast and complete identification of such tags is very important. We name this problem unknown tag identification, as these tags appear to be unknown by the reader(s) currently covering them. In this paper, we propose a series of protocols to identify unknown tags completely and fast. In these protocols, we develop several novel techniques to efficiently resolve collisions caused by known tags when identifying unknown tags, which greatly improve the time efficiency. To our knowledge, this is the first work that completely identify all the unknown tags with deterministic approaches. Simulation results show the superior performance of the proposed protocols: Compared with a baseline method which collects IDs of all the tags in the system, our best protocol reduces the execution time by 63% in average and by 85% at most.

Honglong Chen,Xin Ai,Kai Lin,Na Yan,Zhibo Wang,Nan Jiang,Jiguo Yu

DOI: https://doi.org/10.1109/tii.2021.3072929

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:Radio frequency identification (RFID) systems have achieved wide applications in various scenarios, such as warehouse management, logistic tracking, smart transportation, etc. Despite the enormous benefits from the RFID systems, the security issues are still of great concern, such as the cloning attacks. In this article, we focus on the detection of probabilistic cloning attacks for the anonymous RFID systems, in which each cloned genuine tag suffers attacks from its clone tags with a certain probability. We propose an efficient detection protocol against the probabilistic cloning attacks in anonymous RFID systems named DAP, which can detect the probabilistic cloning attacks with the required detection reliability <span class="mjpage"><svg xmlns:xlink="http://www.w3.org/1999/xlink" width="5.661ex" height="2.509ex" style="vertical-align: -0.671ex;" viewBox="0 -791.3 2437.5 1080.4" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg"><g stroke="currentColor" fill="currentColor" stroke-width="0" transform="matrix(1 0 0 -1 0 0)"> <use xlink:href="#MJMATHI-61" x="0" y="0"></use> <use xlink:href="#MJMATHI-6C" x="529" y="0"></use> <use xlink:href="#MJMATHI-70" x="828" y="0"></use> <use xlink:href="#MJMATHI-68" x="1331" y="0"></use> <use xlink:href="#MJMATHI-61" x="1908" y="0"></use></g></svg></span> if at least one tag is attacked with the probability no less than the threshold <span class="mjpage"><svg xmlns:xlink="http://www.w3.org/1999/xlink" width="2.882ex" height="2.509ex" style="vertical-align: -0.671ex;" viewBox="0 -791.3 1240.7 1080.4" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg"><g stroke="currentColor" fill="currentColor" stroke-width="0" transform="matrix(1 0 0 -1 0 0)"> <use xlink:href="#MJMATHI-50" x="0" y="0"></use> <use transform="scale(0.707)" xlink:href="#MJMATHI-54" x="908" y="-213"></use></g></svg></span>. The proposed DAP protocol fully utilizes the inconsistency and unreconcilable collision caused by the probabilistic cloning attacks to effectively detect the probabilistic cloning attacks.The parameters are theoretically analyzed to maximize the detection efficiency. The extensive simulations are conducted and the results demonstrate the effectiveness of the proposed DAP protocol.<svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs id="MathJax_SVG_glyphs"><path stroke-width="1" id="MJMATHI-61" d="M33 157Q33 258 109 349T280 441Q331 441 370 392Q386 422 416 422Q429 422 439 414T449 394Q449 381 412 234T374 68Q374 43 381 35T402 26Q411 27 422 35Q443 55 463 131Q469 151 473 152Q475 153 483 153H487Q506 153 506 144Q506 138 501 117T481 63T449 13Q436 0 417 -8Q409 -10 393 -10Q359 -10 336 5T306 36L300 51Q299 52 296 50Q294 48 292 46Q233 -10 172 -10Q117 -10 75 30T33 157ZM351 328Q351 334 346 350T323 385T277 405Q242 405 210 374T160 293Q131 214 119 129Q119 126 119 118T118 106Q118 61 136 44T179 26Q217 26 254 59T298 110Q300 114 325 217T351 328Z"></path><path stroke-width="1" id="MJMATHI-6C" d="M117 59Q117 26 142 26Q179 26 205 131Q211 151 215 152Q217 153 225 153H229Q238 153 241 153T246 151T248 144Q247 138 245 128T234 90T214 43T183 6T137 -11Q101 -11 70 11T38 85Q38 97 39 102L104 360Q167 615 167 623Q167 626 166 628T162 632T157 634T149 635T141 636T132 637T122 637Q112 637 109 637T101 638T95 641T94 647Q94 649 96 661Q101 680 107 682T179 688Q194 689 213 690T243 693T254 694Q266 694 266 686Q266 675 193 386T118 83Q118 81 118 75T117 65V59Z"></path><path stroke-width="1" id="MJMATHI-70" d="M23 287Q24 290 25 295T30 317T40 348T55 381T75 411T101 433T134 442Q209 442 230 378L240 387Q302 442 358 442Q423 442 460 395T497 281Q497 173 421 82T249 -10Q227 -10 210 -4Q199 1 187 11T168 28L161 36Q160 35 139 -51T118 -138Q118 -144 126 -145T163 -148H188Q194 -155 194 -157T191 -175Q188 -187 185 -190T172 -194Q170 -194 161 -194T127 -193T65 -192Q-5 -192 -24 -194H-32Q-39 -187 -39 -183Q-37 -156 -26 -148H-6Q28 -147 33 -136Q36 -130 94 103T155 350Q156 355 156 364Q156 405 131 405Q109 405 94 377T71 316T59 280Q57 278 43 278H29Q23 284 23 287ZM178 102Q200 26 252 26Q282 26 310 49T356 107Q374 141 392 215T411 325V331Q411 405 350 405Q339 405 328 402T306 393T286 380T269 365T254 350T243 336T235 326L232 322Q232 321 229 308T218 264T204 212Q178 106 178 102Z"></path><path stroke-width="1" id="MJMATHI-68" d="M137 683Q138 683 209 688T282 694Q294 694 294 685Q294 674 258 534Q220 386 220 383Q220 381 227 388Q288 442 357 442Q411 442 444 415T478 336Q478 285 440 178T402 50Q403 36 407 31T422 26Q450 26 474 56T513 138Q516 149 519 151T535 153Q555 153 555 145Q555 144 551 130Q535 71 500 33Q466 -10 419 -10H414Q367 -10 346 17T325 74Q325 90 361 192T398 345Q398 404 354 404H349Q266 404 205 306L198 293L164 158Q132 28 127 16Q114 -11 83 -11Q69 -11 59 -2T48 16Q48 30 121 320L195 616Q195 629 188 632T149 637H128Q122 643 122 645T124 664Q129 683 137 683Z"></path><path stroke-width="1" id="MJMATHI-50" d="M287 628Q287 635 230 637Q206 637 199 638T192 648Q192 649 194 659Q200 679 203 681T397 683Q587 682 600 680Q664 669 707 631T751 530Q751 453 685 389Q616 321 507 303Q500 302 402 301H307L277 182Q247 66 247 59Q247 55 248 54T255 50T272 48T305 46H336Q342 37 342 35Q342 19 335 5Q330 0 319 0Q316 0 282 1T182 2Q120 2 87 2T51 1Q33 1 33 11Q33 13 36 25Q40 41 44 43T67 46Q94 46 127 49Q141 52 146 61Q149 65 218 339T287 628ZM645 554Q645 567 643 575T634 597T609 619T560 635Q553 636 480 637Q463 637 445 637T416 636T404 636Q391 635 386 627Q384 621 367 550T332 412T314 344Q314 342 395 342H407H430Q542 342 590 392Q617 419 631 471T645 554Z"></path><path stroke-width="1" id="MJMATHI-54" d="M40 437Q21 437 21 445Q21 450 37 501T71 602L88 651Q93 669 101 677H569H659Q691 677 697 676T704 667Q704 661 687 553T668 444Q668 437 649 437Q640 437 637 437T631 442L629 445Q629 451 635 490T641 551Q641 586 628 604T573 629Q568 630 515 631Q469 631 457 630T439 622Q438 621 368 343T298 60Q298 48 386 46Q418 46 427 45T436 36Q436 31 433 22Q429 4 424 1L422 0Q419 0 415 0Q410 0 363 1T228 2Q99 2 64 0H49Q43 6 43 9T45 27Q49 40 55 46H83H94Q174 46 189 55Q190 56 191 56Q196 59 201 76T241 233Q258 301 269 344Q339 619 339 625Q339 630 310 630H279Q212 630 191 624Q146 614 121 583T67 467Q60 445 57 441T43 437H40Z"></path></defs></svg>

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Xuan Liu,Shigeng Zhang,Bin Xiao,Kai Bu

DOI: https://doi.org/10.1109/tmc.2014.2381252

IF: 6.075

2015-01-01

IEEE Transactions on Mobile Computing

Abstract:Tag scanning is an important issue to dynamically manage tag IDs in radio frequency identification (RFID) systems. Different from tag identification that collects IDs of all the tags, tag scanning first verifies whether or not a responding tag has already been identified and retrieves its ID when the answer is yes, and collects the tag's ID only when it is unidentified. In this paper, we present the first study on spot scanning with a handheld reader, which aims to scan tags in the reader's interrogation range at an arbitrarily specified position in the system. Existing studies mainly focus on continuous scanning, and they are highly time inefficient in performing spot scanning. The inefficiency stems from the small overlap between tag populations in different spot scanning operations, in which case existing solutions cannot efficiently recognize unidentified tags. We develop a novel technique called LOCK to efficiently recognize unidentified tags even when the overlapped tags are few. LOCK does not simply use a tag's reply slot index but also compact short responses from tags to efficiently distinguish unidentified tags from identified ones. The valuable compact short responses are firstly investigated, which are the keys for efficient tag identification in the paper. Based on LOCK, three tag scanning protocols are proposed to solve the spot scanning problem. Simulation results show that, for spot scanning, our best protocol reduces per tag scanning time by up to 70 percent when compared with the state-of-the-art solution. Moreover, the proposed protocols can also be employed to perform continuous scanning with better time efficiency than the best existing solutions.

Xiulong Liu,Xin Xie,Xibin Zhao,Kun Wang,Keqiu Li,Alex X. Liu,Song Guo,Jie Wu

DOI: https://doi.org/10.1109/tmc.2018.2793219

IF: 6.075

2018-01-01

IEEE Transactions on Mobile Computing

Abstract:The widely used RFID systems are vulnerable to the denial-of-service (DoS) attacks launched by malicious blocker tags. This paper studies how to quickly and completely identify the valid RFID tags that are blocked. The existing work that can seemingly address this problem suffers from either low time-efficiency or serious false positives. This paper proposes a hybrid approach that consists of two complementary component protocols, namely Aloha Filtering (AF) and Poll&Listen (PL). AF is fast but inaccurate, while PL is accurate but slow. Taking the merit of each protocol, our hybrid approach is to first repeat the fast AF for multiple rounds to quickly filter out the target tags that are definitely not blocked. Then, on the size-reduced remaining set that just contains a small number of suspicious tags, we invoke the accurate PL to verify the intactness of each suspicious tag with 100 percent confidence. We optimize the round count of AF that trades off between the time costs of AF and PL to minimize the total time of AF+PL. As required in the optimization process, we need to know the size of the blocked tag set and that of the unknown tag set, which, however, are not known in advance. To estimate these two set sizes, we propose a supplementary protocol called Simultaneous Estimation of the Blocked tag size and the Unknown tag size (SEBU). The key advantages of our approach over the prior art are four-fold. First, unlike the detection protocol that just discovers the existence of blocking attacks, our approach exactly identifies all the blocked target tags. Second, our approach is compliant with the C1G2 standard, and does not require any modifications to be made to the commercial RFID tags. It only needs to be installed on readers as a software module. Third, our approach does not involve any false positives. Finally, our approach significantly reduces the execution time when compared with the state-of-the-art schemes that can completely identify the blocked tags.