INTERNATIONAL JOURNAL OF SCIENTIFIC DEVELOPMENT AND RESEARCH International Peer Reviewed & Refereed Journals, Open Access Journal ISSN Approved Journal No: 2455-2631 | Impact factor: 8.15 | ESTD Year: 2016
open access , Peer-reviewed, and Refereed Journals, Impact factor 8.15
Mechanized Fare Collection (AFC) frameworks have been around the world sent for quite a long time, especially in the public transportation network where the travel charge is determined dependent on the length of the outing (a.k.a., distance-based evaluating AFC frameworks). Albeit most messages of AFC frameworks are unreliably moved in plaintext, framework administrators didn't give a lot of consideration to this weakness, since the AFC network is essentially secluded from the public organization (e.g., the Internet) — it is highly unlikely of misusing such a weakness from an external perspective of the AFC organization. In any case, as of late, the appearance of Near Field Communication (NFC)- prepared advanced cells has opened up a channel to attack into the AFC network from the portable Internet, i.e., by Host-based Card Emulation (HCE) over NFC-prepared PDAs. In this paper, we distinguish a novel worldview of assaults, called Less Pay against current distance-based valuing AFC frameworks, empowering clients to pay considerably less than what they should be charged. The distinguished assault has two significant properties: 1) it is imperceptible to AFC framework administrators in light of the fact that the assault never causes any irregularity in the back-end information base of the administrators; and 2) it very well may be adaptable to influence countless clients (e.g., 10,000) by just requiring a moderate-sized AFC card pool (e.g., containing 150 cards). To assess the viability of the assault, we built up a HCE application to dispatch the LessPay assault; and this present reality tests show not just the practicality of the LessPay assault (with 97.6% achievement rate) yet in addition its minimal effort as far as transmission capacity and calculation. At last, we propose, execute and assess four sorts of countermeasures, and present security investigation and correlation of these countermeasures on protecting against the LessPay assault.
Keywords:
Cite Article:
"Pricing Data Tampering in Automated Fare Collection ", International Journal of Science & Engineering Development Research (www.ijsdr.org), ISSN:2455-2631, Vol.6, Issue 4, page no.432 - 436, April-2021, Available :http://www.ijsdr.org/papers/IJSDR2104070.pdf
Downloads:
000337067
Publication Details:
Published Paper ID: IJSDR2104070
Registration ID:193191
Published In: Volume 6 Issue 4, April-2021
DOI (Digital Object Identifier):
Page No: 432 - 436
Publisher: IJSDR | www.ijsdr.org
ISSN Number: 2455-2631
Facebook Twitter Instagram LinkedIn