Yanchao Zhang

Bio: Yanchao Zhang is an academic researcher. The author has contributed to research in topics: Computer science & Authentication (law). The author has co-authored 1 publications.

RCID: Fingerprinting Passive RFID Tags via Wideband Backscatter

Abstract: Tag cloning and spoofing pose great challenges to RFID applications. This paper presents the design and evaluation of RCID, a novel system to fingerprint RFID tags based on the unique reflection coefficient of each tag circuit. Based on a novel OFDM-based fingerprint collector, our system can quickly acquire and verify each tag’s RCID fingerprint which are independent of the RFID reader and measurement environment. Our system applies to COTS RFID tags and readers after a firmware update at the reader. Extensive prototyped experiments on 600 tags confirm that RCID is highly secure with the authentication accuracy up to 97.15% and the median authentication error rate equal to 1.49%. RCID is also highly usable because it only takes about 8 s to enroll a tag and 2 ms to verify an RCID fingerprint with a fully connected multi-class neural network. Finally, empirical studies demonstrate that the entropy of an RCID fingerprint is about 202 bits over a bandwidth of 20 MHz in contrast to the best prior result of 17 bits, thus offering strong theoretical resilience to RFID cloning and spoofing.

WearRF-CLA: Continuous Location Authentication with Wrist Wearables and UHF RFID

Abstract: Continuous location authentication (CLA) seeks to continuously and automatically verify the physical presence of legitimate users in a protected indoor area. CLA can play an important role in contexts where access to electrical or physical resources must be limited to physically present legitimate users. In this paper, we present WearRF-CLA, a novel CLA scheme built upon increasingly popular wrist wearables and UHF RFID systems. WearRF-CLA explores the observation that human daily routines in a protected indoor area comprise a sequence of human-states (e.g., walking and sitting) that follow predictable state transitions. Each legitimate WearRF-CLA user registers his/her RFID tag and also wrist wearable during system enrollment. After the user enters a protected area, WearRF-CLA continuously collects and processes the gyroscope data of the wrist wearable and the phase data of the RFID tag signals to verify three factors to determine the user's physical presence/absence without explicit user involvement: (1) the tag ID as in a traditional RFID authentication system, (2) the validity of the human-state chain, and (3) the continuous coexistence of the paired wrist wearable and RFID tag with the user. The user passes CLA if and only if all three factors can be validated. Extensive user experiments on commodity smartwatches and UHF RFID devices confirm the very high security and low authentication latency of WearRF-CLA.

SmartMagnet: Proximity-Based Access Control for IoT Devices With Smartphones and Magnets

Abstract: Ubiquitous smartphones can be powerful tools to access IoT devices. Proximity-based access control (PBAC) is needed such that IoT devices only allow data access by legitimate users in close proximity. Traditional smartphone-based authentication techniques do not satisfy the PBAC requirements. This paper presents SmartMagnet, a novel scheme that combines smartphones and cheap magnets to achieve PBAC for IoT devices. SmartMagnet explores a few cheap, tiny commodity magnets which we propose to attach to or embed into IoT devices, as well as the magnetometer and attitude sensor on commodity smartphones. Each legitimate user performs a self-chosen 3D password gesture near the target IoT device with the enrolled smartphone. Then the system server uses the IoT device’s confidential magnet configuration parameters to reconstruct the user gesture from the magnetometer and attitude sensor data submitted by the smartphone. If the reconstructed gesture matches the stored template of the purported user, the smartphone user is deemed legitimate and allowed access to the IoT device. Extensive experiments confirm the high usability of SmartMagnet and its strong resilience to lost/stolen smartphones and also remote attacks via signal relaying.

Secure UHF RFID Authentication With Smart Devices

Abstract: Commodity ultra-high-frequency (UHF) RFID authentication systems only provide weak user authentication, as RFID tags can be easily stolen, lost, or cloned by attackers. This paper presents the design and evaluation of SmartRFID, a novel UHF RFID authentication system to promote commodity crypto-less UHF RFID tags for security-sensitive applications. SmartRFID explores extremely popular smart devices and requires a legitimate user to enroll his smart device along with his RFID tag. Besides authenticating the RFID tag as usual, SmartRFID verifies whether the user simultaneously possesses the associated smart device with both feature-based machine learning and deep learning techniques. The user is considered authentic if and only if passing the dual verifications. Comprehensive user experiments on commodity smartwatches and RFID devices confirmed the high security and usability of SmartRFID. In particular, SmartRFID achieves a true acceptance rate of above 97.5% and a false acceptance rate of less than 0.7% based on deep learning. In addition, SmartRFID can achieve an average authentication latency of less than 2.21 s, which is comparable to inputting a PIN on a door keypad or smartphone.

Remote Protection for Mobile Apps in Cloud Computing Environments

Abstract: Android app repackaging has become a serious problem currently. To protect apps from tampering, code obfuscation, watermarking and other techniques have been designed. However, most of these approaches could only provide inadequate protection. Meanwhile, it is possible to achieve remote tamper-resistance in recent, especially for networking apps, with the development of cloud computing technology and the spread of networks. In this paper, we propose a novel remote protection mechanism for mobile apps in cloud computing environments. In the proposed mechanism, the app should download and execute some code from the cloud when some important function is called. Tamper proofing code which could check the app is tampered or not is embedded in the downloaded code. Furthermore, the code can only run correctly one time and is continuous changing, which makes it difficult for an adversary to analyze and modify.

Secure UHF RFID Authentication With Smart Devices

Abstract: Commodity ultra-high-frequency (UHF) RFID authentication systems only provide weak user authentication, as RFID tags can be easily stolen, lost, or cloned by attackers. This paper presents the design and evaluation of SmartRFID, a novel UHF RFID authentication system to promote commodity crypto-less UHF RFID tags for security-sensitive applications. SmartRFID explores extremely popular smart devices and requires a legitimate user to enroll his smart device along with his RFID tag. Besides authenticating the RFID tag as usual, SmartRFID verifies whether the user simultaneously possesses the associated smart device with both feature-based machine learning and deep learning techniques. The user is considered authentic if and only if passing the dual verifications. Comprehensive user experiments on commodity smartwatches and RFID devices confirmed the high security and usability of SmartRFID. In particular, SmartRFID achieves a true acceptance rate of above 97.5% and a false acceptance rate of less than 0.7% based on deep learning. In addition, SmartRFID can achieve an average authentication latency of less than 2.21 s, which is comparable to inputting a PIN on a door keypad or smartphone.

Towards Location- and Orientation-Independent RFID Authentication with COTS Devices

Abstract: To authenticate tags against counterfeiting, RF fin-gerprinting technique is widely exploited. However, the status of tagged item is always changed by movement, rotation and other operations. When the item's location or orientation changes, the capability of past methods would be severely affected and their supported authentication ranges are fairly small. To overcome this challenge, we propose the first-of-its-kind method FreeAuth to achieve certain location- and orientation-independent RFID authentication without any customized devices, by attaching a tag-pair and hopping the frequency channels and transmission powers. The key insight of FreeAuth lies in an implicit fin-gerprint matching scheme where the distance-frequency-power and orientation-frequency-power relationships are leveraged to circumvent these two negative factors. We implement a prototype of FreeAuth with COTS devices and the experiments demonstrate that FreeAuth is able to achieve around 0.8m and 0.6m ranges along 2D axes, in which the authentication accuracy is over 80%. The average effective authentication range of FreeAuth can outperform the state-of-the-art method by 11.67 x.

ESPAR array design for the UHF RFID wireless sensor communication system

Abstract: In this paper, in order to improve the received signal strength (RSS) and signal quality, three arrays of electronically steerable parasitic array radiator (ESPAR) antennas are suggested for the ultra‐high frequency (UHF) radio frequency identification (RFID) communication and sensing system applications. Instead of the single antenna, the array antennas have recently been widely used in many communication systems because of their peak gains, better radiation patterns, and higher radiation efficiency. Also, there are some important issues to use the antenna array like high data rates in wireless communication systems and to better understand the many targets or sensors. In this article, a wireless sensor network (WSN) is being investigated to overcome multipath fading and interference by antenna nulling technology that can be achieved through beam control ESPAR array antennas. The proposed ESPAR array antennas exhibit higher gains like 9.63, 10.2, and 12 dBi and proper radiation patterns from one array to another. Moreover, we investigate the mutual coupling effect on the performance of array antennas with different spacing (0.5λ, 0.75λ, λ) and configurations. It is found that the worst mutual coupling reduced by −28 to −34 dB for 2 × 2 array, −3 to −43 dB for 2 × 3 array, and finally −42 dB to −51 dB due to the antenna spacing from 0.5λ to λ. Thus, these suggested antennas could effectively be applied in the WSN communication systems, internet of things (IoT) networks, and massive wireless and backscatter communication systems.