Title :
A Fuzzing Framework for the Security Evaluation of NDEF Message Format
Author :
Stirparo, Pasquale
Author_Institution :
Inst. for the Protection & Security of the Citizen, Eur. Comm., Ispra, Italy
Abstract :
In the very near future, the vast majority of mobile phones will be NFC-enabled. The NFC technology, other than adding extra features to mobile devices, adds a new way for attackers to break into these. To be sure that attackers will go after this technology, it is enough to think that the killer feature foreseen for this technology it will be the possibility for the user to pay on the fly with his phone, by simply putting the smartphone in close proximity to the payment device. The aim of this paper is to draw the attention to one aspect related to the security of NFC devices, the NFC Data Exchange Format (NDEF). In this paper will be introduced techniques for testing NDEF, as well as to propose a new solution for fuzz testing NDEF on smart phones.
Keywords :
electronic data interchange; fuzzy set theory; near-field communication; security of data; smart phones; NDEF message format; NFC data exchange format; NFC device security; NFC technology; fuzz testing; fuzzing framework; mobile phone; near field communication; payment device; smart phone; Mobile communication; Payloads; Protocols; Security; Smart phones; Testing; Android; NFC; fuzzing; mobile security;
Conference_Titel :
Computational Intelligence, Communication Systems and Networks (CICSyN), 2013 Fifth International Conference on
Conference_Location :
Madrid
Print_ISBN :
978-1-4799-0587-4
DOI :
10.1109/CICSYN.2013.58
