Australian Digital Forensics Conference
Document Type
Conference Proceeding
Publisher
School of Computer and Information Science, Edith Cowan University, Perth, Western Australia
Abstract
Efficient stock management in the commercial retail sector is being dominated by Radio Frequency Identification (RFID) tag implementations. Research reports of the security risk of RFID tags show that breaches are likely and that forensic readiness is a requirement. In this paper a RFID tag business simulation is reported that replicates previous research reports of security breaches with the purpose of identifying potential evidence after such attacks. A Read/Write Tag was cloned and used to replicate a SQL poisoning attack on a simulated Business System. A forensic investigation was then undertaken to identify potential locations for evidential recovery. This paper differentiates from the replicated studies in that the whole Business System is considered evidential. The scope of the inquiry includes the technical artefacts, the information artefacts and the human actors. The result of the investigation shows locations of evidence and the priority for investigations in RFID system architectures.
DOI
10.4225/75/57b291b040cd9
Comments
8th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, November 30th 2010