Open AccessRFID Privacy Risk Evaluation Based on Synthetic Method of Extended Attack Tree and Information Feature Entropy
Author(s) -
Peng Li,
Chao Xu,
Long Chen,
Ruchuan Wang
Publication year - 2015
Publication title -
international journal of distributed sensor networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.324
H-Index - 53
eISSN - 1550-1477
pISSN - 1550-1329
DOI - 10.1155/2015/146409
Subject(s) - computer science , entropy (arrow of time) , node (physics) , radio frequency identification , computer security , tree (set theory) , data mining , privacy protection , mathematics , mathematical analysis , physics , structural engineering , quantum mechanics , engineering
Evaluation of security risks in radio frequency identification (RFID) systems is a challenging problem in Internet of Things (IoT). This paper proposes an extended attack tree (EAT) model to identify RFID system's flaws and vulnerabilities. A corresponding formal description of the model is described which adds a probability SAND node together with the probability attribute of the node attack. In addition, we model the process of an RFID data privacy attack based on EAT, taking a sensitive information theft attack on an RFID tag as an example. To resolve the problem of assessing the risk probability of each node in EAT, we present the information feature entropy evaluation method for RFID privacy assessment. Finally, an evaluation is carried out to calculate the RFID privacy attack tree sequences and information feature entropy of the atomic node. Analysis shows that our scheme can calculate the overall risk evaluation result value for RFID privacy and comprehensively determine the risk of the weakest atomic node in RFID system.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom