While SQL injection attacks have been plaguing web applications for years the threat they pose to RFID systems have only identified recently. Because the architecture of web systems and RFID systems differ considerably the prevention and detection techniques proposed for web applications are not suitable for RFID systems. In this paper we propose a system to secure RFID systems against tag based SQLIA. Our system is optimized for the architecture of RFID systems and consists of a query structure matching technique and tag data cleaning technique. The novelty of the proposed system is that it's specifically aimed at RFID systems and has the ability to detect and prevent second order injections which is a problem most current solutions haven't addressed. The preliminary evaluation of our query matching technique is very promising showing very high detection rate with minimal false positives. © 2011 Springer-Verlag.
CITATION STYLE
Fernando, H., & Abawajy, J. (2011). Securing RFID systems from SQLIA. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7017 LNCS, pp. 245–254). https://doi.org/10.1007/978-3-642-24669-2_24
Mendeley helps you to discover research relevant for your work.