NORMA eResearch @NCI Library

Android Browser Exploit Prevention Using NFC Tag Filtering

Thomas, Tony (2020) Android Browser Exploit Prevention Using NFC Tag Filtering. Masters thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Master of Science)
Download (762kB) | Preview
[img]
Preview
PDF (Configuration manual)
Download (360kB) | Preview

Abstract

Near Field Communication (NFC) is one of the prominent and popular communication technologies used for transmitting information between two devices within a limited range with the help of radiofrequency. The integration of this technology into smartphones has led manufacturers, developers and the end-users to a growing interest in this technology and its use cases. This technology is widely adopted in various application domains such as contactless payment systems, ticketing, access control, identity management, device tracking etc. Even though the range of NFC is limited to a few centimetres, the NFC Forum has not made sufficient effort in securing all aspects of this technology. The NFC tag is one such area. Unlike other types of NFC embedded devices such as contactless smart card, debit/credit cards that use authentication, encryption and other forms of security measures, these tags can easily be read, written, spoofed, intercepted or altered by anyone with a valid NFC reader such as a smartphone. Overwriting these tags with malicious content could jeopardize the security of the system since these devices are designed to execute actions automatically without any user intervention. In this research paper, we evaluate this security issue and propose a secure middleware interface between the NFC reader and the tag so that only valid tag content gets executed by the reader. Our middleware application explicitly focuses on identifying malicious URL’s within the tag since they have the peak chance of compromising the security of the device. This will ultimately add an extra layer of security while reading information from the tag.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software

Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: CAOIMHE NI MHAICIN
Date Deposited: 03 Apr 2020 13:22
Last Modified: 03 Apr 2020 13:22
URI: http://norma.ncirl.ie/id/eprint/4173

Actions (login required)

View Item View Item