Security Challenges and Mitigations of NFC-Enabled Attendance System

  • Cheah Boon Chew
  • Kam Chiang Wei
  • Tan Wei Sheng
  • Manmeet Mahinderjit-Singh
  • Nurul Hashimah Ahamed Hassain Malim
  • Mohd Heikal Husin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9141)

Abstract

Most of the universities or colleges, the lecturer has to take the attendance of the students manually by circulating a paper for them to register their names or calling the names. To date, there are various types of attendance systems that are applying different technologies such as biometrics, tokens and sensors such as RFID. The latest is by applying near-field communication (NFC), a sensor within the smartphone has been used as a mean for recording attendances. The aim of this paper is to list out the possible security attacks against NFC (Near Field Communication) enabled systems by focusing on a student-based attendance system. A brief overview over NFC technology and discussion on various security attacks against NFC in different media is presented. Overall, an attendance system is compromised mainly by tag swapping, tag cloning and manipulation of data occurring on the NFC device and operational server.

Keywords

Attendance system Near Field Communication (NFC) Security attack Mitigations 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Özdenizci, B., Aydin, M., Coskun, V., Kerem, O.K.: NFC Research Framework: A Literature Review and Future Research Directions. Information Technologies Department, ISIK University, IstanbulGoogle Scholar
  2. 2.
    Madlmayr, G., Langer, J., Scharinger, J., Kantner, C.: NFC Devices: Security and Privacy. The Third International Conference on Availability, Reliability and SecurityGoogle Scholar
  3. 3.
    Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: Practical NFC peer-to-peer relay attack using mobile phones. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 35–49. Springer, Heidelberg (2010)Google Scholar
  4. 4.
    Roland, M.: Practical Attack Scenarios on Secure Element-enabled Mobile Devices. 4th International Workshop on Near Field Communication, Helsinki, Finland, March 13, 2012Google Scholar
  5. 5.
    Porter Felt, A., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A Survey of Mobile Malware in the Wild. University of California, BerkeleyGoogle Scholar
  6. 6.
    Breitinger, F., Nickel, C.: User Survey on Phone Security and UsageGoogle Scholar
  7. 7.
    Mitrokotsa, A., Beye, M.R.T., Lopez, P.: Classification of RFID Threats based on Security Principles. Security Lab, Faculty of Electrical Engineering, Mathematics and Computer Science, Delft University of Technology (TU Delft), Mekelweg 4, 2628 CDGoogle Scholar
  8. 8.
    Aigner, M., Dominikus, S., Feldhofer, M.: A System of Secure Virtual Coupons Using NFC Technology. In: Proceedings of the Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops © (2007)Google Scholar
  9. 9.
    Kilas, M.: Digital Signatures on NFC Tags. Master of Science Thesis, March 18, 2009Google Scholar
  10. 10.
    Church, L., Moloney, M.: State of the Art for Near Field Communication: security and privacy within the field. Escher Group Ltd, Ireland, 3rd draft: May 10, 2012Google Scholar
  11. 11.
    Reveilhac, M., Pasquet, M.: Promising Secure Element Alternatives for NFCTechnology. 2009 First International Workshop on Near Field CommunicationGoogle Scholar
  12. 12.
    Yan, Q., Li, Y., Li, T., Deng, R.: Insights into Malware Detection and Preventionon Mobile PhonesGoogle Scholar
  13. 13.
    Balitanas, O.M., Kim, T.: Review: Security Threats for RFID-Sensor Network Anti-Collision Protocol. Hannam University, Department of Multimedia Engineering, PostfachGoogle Scholar
  14. 14.
    Greeshma, M.: Global Smartphone Users to Touch 1.75 billion in 2014, January 20, 2014 (accessed on January 2, 2015)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Cheah Boon Chew
    • 1
  • Kam Chiang Wei
    • 1
  • Tan Wei Sheng
    • 1
  • Manmeet Mahinderjit-Singh
    • 1
  • Nurul Hashimah Ahamed Hassain Malim
    • 1
  • Mohd Heikal Husin
    • 1
  1. 1.School of Computer SciencesUniversity Sains MalaysiaPenangMalaysia

Personalised recommendations