Collaborative RFID intrusion detection with an artificial immune system
- 296 Downloads
The current RFID systems are fragile to external attacks, due to the limitations of encryption authentication and physical protection methods used in implementation of RFID security systems. In this paper, we propose a collaborative RFID intrusion detection method that is based on an artificial immune system (AIS). The new method can enhance the security of RFID systems without need to amend the existing technical standards of RFID. Mimicking the immune cell collaboration in biological immune systems, RFID operations are defined as self and nonself antigens, representing legal and illegal RFID operations, respectively. Data models are defined for antigens’ epitopes. Known RFID attacks are defined as danger signals represented by nonself antigens. We propose a method to collect RFID data for antigens and danger signals. With the antigen and danger signal data available, we use a negative selection algorithm to generate adaptive detectors for self antigens as RFID legal operations. We use an immune based clustering algorithm aiNet to generate collaborative detectors for danger signals of RFID intrusions. Simulation results have shown that the new RFID intrusion detection method has effectively reduced the false detection rate. The detection rate on known types of attacks was 98% and the detection rate on unknown type of attacks was 93%.
KeywordsRadio Frequency IDentification (RFID) Collaborative intrusion detection Negative selection Artificial immune system (AIS) Immune based clustering
The project was supported by the National Natural Science Foundation of China under Grants 60973132, and Guangdong Natural Science Foundation under grants 8451064101000630.
- Aickelin, U., & Cayzer, S. (2002). The danger theory and its applications to artificial immune systems. In Proceedings of the first international conference on artificial immune systems (pp. 141–148).Google Scholar
- Aickelin, U., Bentley, P., Cayzer, S., Kim, J., & McLeod, J. (2003). Danger theory: The link between AIS and IDS. Report LPL-2003-138, HP Laboratories Bristol 2003. Available at www.hpl.hp.com/techreports/2003/HPL-2003-138.pdf.
- D’haeseleer, P., Forrest, S., & Helman, P. (1996). An immunological approach to change detection: Algorithms, analysis and implications. In Proceedings of IEEE symposium on security and privacy (pp. 110–119).Google Scholar
- De Castro, L., & Von Zuben, F. (2000). An evolutionary immune network for data clustering. In Proceedings of the 6th Brazilian symposium on neural networks (pp. 84–89). Los Alamitos: IEEE Computer Society.Google Scholar
- EPCTM (2007). EPCTM radio frequency identity protocols class-1 generation-2 UHF RFID protoco1 for communications at 860M Hz-960MHz version 1.1.0. EPCglobal.Google Scholar
- Forrest, S., & Hofmeyr, S. (2000). Immunology as information processing. In L. A. Segel, & I. R. Cohen (Eds.), Design principles for immune system & other distributed autonomous systems (pp. 361–387). Oxford: Oxford University Press.Google Scholar
- Forrest, S., Longstaff, T., Hofmeyr, S., & Somayaji, A. (1996). A sense of self for unix process. In Proceedings of the IEEE symposium on security and privacy (pp. 120–128). Los Alamitos: IEEE Computer Society.Google Scholar
- Forrest, S., Perelson, A., Allen, L., & Cherukuri, R. (1994). Self-nonself discrimination in a computer. In Proceedings of the IEEE symposium on security and privacy (pp. 201–212). Los Alamitos: IEEE Computer Society.Google Scholar
- Hofmeyr, S. (2000). An interpretative introduction to the immune system. Department of Computer Science, University of New Mexico. Available at http://www.cs.unm.edu/~steveah/imm-overview-new.pdf.
- Hong, Z., Wu, L., & Wang, Y. (2008). Worm containment model based on negative selection. Computer Engineering, 34(7), 126–128 (in Chinese).Google Scholar
- Li, J., Gao, X., & Jiao, L. (2004). A novel clustering method with network structure based on clonal algorithm. ACTA Electronica Sinica, 32(7), 1195–1199 (in Chinese).Google Scholar
- Matzinger, P. (1994). Tolerance, danger and the extended family. Annual Review of Immunology, 12, 991–1045.Google Scholar
- Mirowski, L., & Hartnett, J. (2007). Deckard: A system to detect change of RFID tag ownership. International Journal of Computer Science and Network Security, 7(7), 89–98.Google Scholar
- Ohkubo, M., Suzuki, K., & Kinoshita, S. (2004). Hash-chain based forward-secure privacy protection scheme for low-cost RFID. In Proceedings of the 2004 symposium on cryptography and information security (SCIS2004) (pp. 719–724). Sendai: SCIS.Google Scholar
- Rivest, R. (1992). The MD5 message-digest algorithm. MIT Laboratory for Computer Science and RSA Data Security, Inc. Available at http://www.ietf.org/rfc/rfc1321.txt.
- Sarma, S. E., Weis, S. A., & Wengels, D. (2003). Radio-frequency identification: Secure risks and challenges. RSA Laboratories Cryptobytes, 6(1), 2–9.Google Scholar
- Thamilarasu, G., & Sridhar, R. (2008). Intrusion detection in RFID systems. In Military communications conference (pp. 1–7). San Diego: IEEE.Google Scholar
- Weis, S. A., Sarma, S. E., Rivest, R. L., et al. (2004). Security and privacy aspects of low-cost radio frequency identification systems. In Proceedings of the 1st international conference on security in pervasive computing (pp. 201–212). Berlin: Springer.Google Scholar
- Williamson, M. (2002). Biologically inspired approaches to computer security. Report LPL-2002-131, HP Laboratories Bristol 2002. Available at http://www.hpl.hp.com/techreports/2002/HPL-2002-131.pdf.
- Xu, H., Xu, C., Cheng, X., & Peng, Z. (2009). Research and design of adaptive intrusion prevention system for co-stimulated by danger signals. Computer Engineering, 35(2), 172–174 (in Chinese).Google Scholar
- Zhang, Q., Qian, Y., Xu, B., Gao, T., & Xie, K. (2007). Negative-selection algorithm of mutation search in self space to train detector. Journal of Computer Applications, 27(3), 627–629 (in Chinese).Google Scholar