{"title":"生成智能卡应用程序的本地和预期行为以检测软件异常","authors":"G. Jolly, B. Hemery, C. Rosenberger","doi":"10.1109/ARES.2015.76","DOIUrl":null,"url":null,"abstract":"The electronic payment transaction involves the use of a smart card. A card application is a software, corresponding to standards and non-proprietary and proprietary specifications, and is stored in the smart card. Despite increased security with Euro pay Mastercard Visa (EMV) specifications, attacks still exist due to anomalies in the card application. The validation of the card application enables the detection of any anomaly, improving the overall security of electronic payment transactions. Among the different ways of validating a card application, we can use the verification of required behaviors. These behavior can be materialized as properties of commands sent by the terminal and responses from the smart card, using the Application Protocol Data Unit (APDU) from the ISO/IEC 7816 standard [1]. However, the creation of these behaviors is complicated. We propose in this article a way to automatically create such behaviors by using a genetic algorithm technique.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"154 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Generation of Local and Expected Behaviors of a Smart Card Application to Detect Software Anomaly\",\"authors\":\"G. Jolly, B. Hemery, C. Rosenberger\",\"doi\":\"10.1109/ARES.2015.76\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The electronic payment transaction involves the use of a smart card. A card application is a software, corresponding to standards and non-proprietary and proprietary specifications, and is stored in the smart card. Despite increased security with Euro pay Mastercard Visa (EMV) specifications, attacks still exist due to anomalies in the card application. The validation of the card application enables the detection of any anomaly, improving the overall security of electronic payment transactions. Among the different ways of validating a card application, we can use the verification of required behaviors. These behavior can be materialized as properties of commands sent by the terminal and responses from the smart card, using the Application Protocol Data Unit (APDU) from the ISO/IEC 7816 standard [1]. However, the creation of these behaviors is complicated. We propose in this article a way to automatically create such behaviors by using a genetic algorithm technique.\",\"PeriodicalId\":331539,\"journal\":{\"name\":\"2015 10th International Conference on Availability, Reliability and Security\",\"volume\":\"154 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 10th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2015.76\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2015.76","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Generation of Local and Expected Behaviors of a Smart Card Application to Detect Software Anomaly
The electronic payment transaction involves the use of a smart card. A card application is a software, corresponding to standards and non-proprietary and proprietary specifications, and is stored in the smart card. Despite increased security with Euro pay Mastercard Visa (EMV) specifications, attacks still exist due to anomalies in the card application. The validation of the card application enables the detection of any anomaly, improving the overall security of electronic payment transactions. Among the different ways of validating a card application, we can use the verification of required behaviors. These behavior can be materialized as properties of commands sent by the terminal and responses from the smart card, using the Application Protocol Data Unit (APDU) from the ISO/IEC 7816 standard [1]. However, the creation of these behaviors is complicated. We propose in this article a way to automatically create such behaviors by using a genetic algorithm technique.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
