Privacy-Preserving Pattern Matching for Anomaly Detection in RFID Anti-Counterfeiting

  • Florian Kerschbaum
  • Nina Oertel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6370)


Traces of RFID-equipped item can be used to detect counterfeits. Nevertheless companies are reluctant to share the necessary traces, since it is unclear what can be inferred from them. In this paper we present a provably secure pattern matching algorithm that can be used for distributed anomaly detection. We improve performance and detection capabilities compared to competing approaches by storing partial, malleable information on the RFID tag.


Supply Chain Pattern Match Anomaly Detection Event Source Message Authentication Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Applebaum, B., Freedman, M., Ringberg, H., Caesar, M., Rexford J.: Collaborative, Privacy-Preserving Data Aggregation At Scale (2009),
  2. 2.
    Ben-David, A., Nisan, N., Pinkas, B.: FairplayMP: a system for secure multi-party computation. In: Proceesings of the 15th ACM Conference on Computer and Communications Security, CCS (2008)Google Scholar
  3. 3.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the 20th annual ACM symposium on Theory of computing (1988)Google Scholar
  4. 4.
    Burkhart, M., Strasser, M., Many, D., Dimitropoulos, X.: SEPIA: Security through Private Information Aggregation (2009),
  5. 5.
    Du, W., Atallah, M.: Secure Multi-Party Computation Problems and Their Applications: A Review and Open Problems. In: Proceedings of the Workshop on New Security Paradigms (2001)Google Scholar
  6. 6.
    European Commission. Report on Community Customs Activities on Counterfeit and Piracy (2008)Google Scholar
  7. 7.
    Flajolet, P., Gardy, D., Thimonier, L.: Birthday paradox, coupon collectors, caching algorithms and self-organizing search. Discrete Applied Mathematics 39(3) (1992)Google Scholar
  8. 8.
    Goldreich, O.: Secure Multi-party Computation (2002),
  9. 9.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the 19th ACM Symposium on Theory of Computing (1987)Google Scholar
  10. 10.
    Hazay, C., Lindell, Y.: Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries. In: Proceedings of the 5th Theory of Cryptography Conference (2008)Google Scholar
  11. 11.
    Kerschbaum, F.: Practical Privacy-Preserving Benchmarking. In: Proceedings of the 23rd IFIP International Information Security Conference (2008)Google Scholar
  12. 12.
    Kerschbaum, F., Dahlmeier, D., Schröpfer, A., Biswas, D.: On the Practical Importance of Communication Complexity for Secure Multi-Party Computation Protocols. In: Proceedings of the 24th ACM Symposium on Applied Computing (2009)Google Scholar
  13. 13.
    Kuerschner, C., Thiesse, F., Fleisch, E.: An analysis of data-on-tag concepts in manufacturing. In: Proceedings of the 3rd Konferenz Ubiquitäre und Mobile Informationssysteme (2008)Google Scholar
  14. 14.
    Lee, A., Tabriz, P., Borisov, N.: A Privacy-Preserving Interdomain Audit Framework. In: Proceedings of the ACM Workshop on Privacy in the Electronic Society (2006)Google Scholar
  15. 15.
    Lehtonen, M., Michahelles, F., Fleisch, E.: How to Detect Cloned Tags in a Reliable Way from Incomplete RFID Traces. In: Proceedings of the IEEE RFID Conference (2009)Google Scholar
  16. 16.
    Lincoln, P., Porras, P., Shmatikov, V.: Privacy-Preserving Sharing and Correlation of Security Alerts. In: Proceedings of the USENIX Security Symposium (2004)Google Scholar
  17. 17.
    Locasto, M., Parekh, J., Keromytis, A., Stolfo, S.: Towards Collaborative Security and P2P Intrusion Detection. In: Proceedings of the Information Assurance Workshop (2005)Google Scholar
  18. 18.
    Mirowski, L., Hartnett, J.: Deckard: A System to Detect Change of RFID Tag Ownership. International Journal of Computer Science and Network Security 7(7) (2007)Google Scholar
  19. 19.
    Oertel, N.: Tracking based product authentication: Catching intruders in the supply chain. In: Proceedings of the 17th European Conference on Information Systems (2008)Google Scholar
  20. 20.
    Parekh, J., Wang, K., Stolfo, S.: Privacy-Preserving Payload-Based Correlation for Accurate Malicious Traffic Detection. In: Proceedings of the SIGCOMM Workshop on Large-Scale Attack Defense (2006)Google Scholar
  21. 21.
    Porras, P., Shmatikov, V.: Large-Scale Collection and Sanitization of Network Security Data: Risks and Challenges. In: Proceedings of the Workshop on New Security Paradigms (2006)Google Scholar
  22. 22.
    Santos, B., Smith, L.: RFID in the Supply Chain: Panacea or Pandora’s Box? Communications of the ACM 51(10) (2008)Google Scholar
  23. 23.
    Sarma, S., Brock, D., Engels, D.: Radio frequency identification and the electronic product code. IEEE Micro. 21(6) (2001)Google Scholar
  24. 24.
    Staake, T., Thiesse, F., Fleisch, E.: Extending the EPC Network – The Potential of RFID in Anti-Counterfeiting. In: Proceedings of the 20th ACM Symposium on Applied Computing (2005)Google Scholar
  25. 25.
    Yao, A.: Protocols for Secure Computations. In: Proceedings of the IEEE Symposium on Foundations of Computer Science (1982)Google Scholar
  26. 26.
    Zanetti, D., Fellmann, L., Capkun, S.: Privacy-preserving Clone Detection for RFID-enabled Supply Chains. In: Proceedings of the IEEE International Conference on RFID (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Florian Kerschbaum
    • 1
  • Nina Oertel
    • 1
    • 2
  1. 1.SAP ResearchKarlsruheGermany
  2. 2.Chair of Business Administration and Information SystemsUniversity of MannheimGermany

Personalised recommendations