EMV Cards Vulnerabilities Detection Using Deterministic Finite Automaton

Available online at www.sciencedirect.com

ScienceDirect

Available online at www.sciencedirect.com Available online at www.sciencedirect.com Procedia Computer Science 00 (2018) 000–000

ScienceDirect ScienceDirect

Procedia Computer Science 00 (2018) 000–000 Procedia Computer Science 127 (2018) 531–538

www.elsevier.com/locate/procedia

www.elsevier.com/locate/procedia

The First International Conference On Intelligent Computing in Data Sciences

EMVThe Cards Vulnerabilities Detection Using Deterministic Finite First International Conference On Intelligent Computing in Data Sciences Automaton EMV Cards Vulnerabilities Detection Using Deterministic Finite b Tarik Hajjia,*, Noura Ouerdi , Abdelmalek Azizib, Mostafa Azizic Automaton a

Faculty of Engineering, Private University, Fez 30 000, Morocco

a, b First University, Oujda 60 000, b Morocco Faculty of sciences, Mohammed

Tarik Hajji *, Noura Ouerdi , Abdelmalek Azizi , Mostafa Azizic Superior School of Technology, Mohammed First University, Oujda 60 000, Morocco b

c

a Faculty of Engineering, Private University, Fez 30 000, Morocco Faculty of sciences, Mohammed First University, Oujda 60 000, Morocco c Superior School of Technology, Mohammed First University, Oujda 60 000, Morocco b

Abstract

Europay-MasterCard-Visa (EMV) standard aims to improve the security and reliability of smartcards. The main concern of this Abstract is to detect vulnerabilities in an EMV transaction between terminal and EMV card. In this paper, we propose a new contribution methodology for vulnerabilities detection based on Deterministic finite automaton (DFA). In fact, we use, as a starting point, the machine state diagram which models the specifications of a secure transaction between aofterminal and aThe payment card. Then, we Europay-MasterCard-Visa (EMV) standard aims to improve the security and reliability smartcards. main concern of this provide the DFA this transition graph. We also provide implementation our In DFA order we to recognize contribution is to based detect on vulnerabilities instate an EMV transaction betweenthe terminal and EMVofcard. thisinpaper, propose avalid new and invalid patterns automatically. Our tests proved the efficiencyfinite of ourautomaton algorithm(DFA). and its In ability vulnerabilities methodology for vulnerabilities detection based on Deterministic fact, to werecognize use, as a the starting point, the in terms of sequence ofwhich ordersmodels sent by the the specifications terminal to theofEMV card.transaction between a terminal and a payment card. Then, we machine state diagram a secure provide the DFA based on this transition state graph. We also provide the implementation of our DFA in order to recognize valid © The Authors. Published by Elsevier Keywords: EMV cards;automatically. Deterministic Finite state graph; vulnerabilities algorithm; and2018 invalid patterns Our Automaton; testsB.V. provedtransition the efficiency of our algorithm detection and its ability to recognize the vulnerabilities This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/3.0/). Selection and in terms of sequence of orders sent by the terminal to the EMV card. peer-review under responsibility of International Neural Network Society Morocco Regional Chapter. Keywords: EMV cards; Deterministic Finite Automaton; transition state graph; vulnerabilities detection algorithm; 1. Introduction

Smart cards are currently responsible for much of the security of some current systems, such as the banking 1. Introduction system. These critical systems must, therefore, be protected against all types of failures, and in particular against intruders perpetrated by attackers. Several countermeasures have been proposed to defeat these attacks. However, Smart have cardsincreasingly are currently responsibletechnologies for much oftothe security of some current systems, such asItthe banking attackers sophisticated exploit possible vulnerabilities of the system. is therefore system. These critical systems must, be protected all types of failures, and intheparticular necessary to find new methods and totherefore, develop new tools for against predicting, detecting and limiting impact ofagainst these intruders perpetrated attackers. Several intrusions. This is the by purpose of this paper. countermeasures have been proposed to defeat these attacks. However, attackers have increasingly sophisticated technologies to exploit possible vulnerabilities of the system. It is therefore necessary to find new methods andatonew develop new tools predicting, detecting and the impact between of these In this contribution, we propose methodology forfor detecting vulnerabilities in anlimiting EMV transaction purposecard of this paper. aintrusions. terminal This and isa the payment [12]. To do this, we used finite deterministic automata. The automata are this contribution, we+212-5-356-914-46; propose a new methodology for detecting vulnerabilities in an EMV transaction between * In Corresponding author. Tel.: fax: +212-5-365-006-03. a terminal and a payment card [12]. To do this, we used finite deterministic automata. The automata are E-mail address:[email protected] 1877-0509© 2018 The Authors. Published by Elsevier B.V. * Corresponding author. Tel.: +212-5-356-914-46; fax: +212-5-365-006-03. ThisE-mail is an address:[email protected] open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/3.0/). Selection

and peer-review under responsibility of International Neural Network Society Morocco Regional Chapter.

1877-0509© 2018 The Authors. Published by Elsevier B.V.

This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/3.0/). Selection

1877-0509 © 2018under The Authors. Published by Elsevier Neural B.V. Network Society Morocco Regional Chapter. and peer-review responsibility of International This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/3.0/). Selection and peer-review under responsibility of International Neural Network Society Morocco Regional Chapter. 10.1016/j.procs.2018.01.152

532

Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538 Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000

2

mathematical objects, very used in computer science, which make possible the modeling of a large number of computer systems. They are found in the modeling process, control, communication protocols and programs verification. For this reason, we thought for exploiting them for the contribution to the EMV cards security. The paper is organized as follows: the second section presents the related works which concern vulnerabilities detection using multi layer neural network. The third section details our new methodology based on deterministic finite automaton. In the fourth section, we present the final obtained result. The fifth section closes the paper. 2. Related works Many works have dealt with the detection of intrusions and vulnerabilities [9]. In the work, entitled ―Multi-Layer Neural Network for EMV Evaluation‖ [1], the authors based on EMV specifications to implement a multi-layer artificial neural network. Indeed, they used the machine state diagram that has already been achieved in the work [2] where they model an EMV transaction between terminal and payment card using UML language. In order to detect potential attacks or vulnerabilities, they chose to use a multilayer neural network. They made a comparative study to select the architecture of the best performing ANN and the Table 1 shows a summary of the best results found. The ANN architecture designates the number of neurons in each layer. For example 16-8-2 ANN architecture means that the neural network consists of 3 layers. 16 neurons in the input layer, 8 neurons in the hidden layer and 2 neurons in the output layer. Table 1. Vulnerabilities detection using ANN. ANN architecture 10-8-4-2

Results Recognition Rate % 92

12-6-2

91

12-8-4-2

91

13-6-2

91

13-8-4-2

94

14-7-2

92

14-8-4-2

92

15-8-4-2 15-12-8-4-2 16-8-2

91 91 95

The work [1] is concluded by the selection of the ANN characterized by the architecture composed of one input layer formed by 16 artificial neurons, a hidden layers formed by 8 artificial neurons and one output layer composed of 2 neurons. With this ANN architecture, the recognition rate has reached 95%. In the same context, another work [8] was done using ANN [10]. According to the obtained results, the network was able to detect all of the abnormal patterns without any false positive. That means that the network was able to detect 100% of the vulnerabilities and does not confuse them with the normal patterns. However, the disadvantage of this work is that with the neural network used, it was not possible to treat all the paths in particular the infinite paths. Another work proposed a detection approach of fault attacks [11]. According to this work, the Neural Network is able to detect about 96% of attacks. The objective of this current work is to increase the recognition rate to 100% by using a new method of recognizing valid and invalid paths and in the same time to take into consideration all paths including infinite paths



Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538 Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000

533 3

(loops drawn in red color in the transition state graph of the Fig. 1).

Fig. 1. Transition state graph

3. Methodology Our methodology consists of three steps: Performing the design of the transition state graph (TSG), transformation of the transition state graph into a finite deterministic automaton and implementation of finite deterministic automaton. 3.1. Transition state graph (TSG) In the work entitled ―EMV Cards Vulnerabilities Detection Using ANN »[2] we gave the description of the approach to follow for the design of the TSG. The Fig 1 shows the TSG that we used in this work. The Table 2 shows an extract from the data dictionary that we used to represent the transitions in the graph.

Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538 Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000

534

4

Table 2. Data dictionary GAC Transition GAC1_AAC_ARQC_AAC

Meaning The first call of GENERATE AC command with parameter TC, AAC or ARQC cryptogram. It returns AAC cryptogram

GAC1_ARQC_ARQC

The first call of GENERATE AC APDU command with ARQC cryptogram parameter. It returns ARQC cryptogram.

GAC1_TC_TC

The first call of GENERTE AC APDU command. TC cryptogram as argument and TC as return value.

GAC2_TC_TC

The second call of GENERATE AC APDU command. TC cryptogram as argument and TC as return value.

CAC2_AAC_TC_AAC

The second call of GENERATE AC APDU command. It takes as parameter AAC or TC cryptogram and returns AAC cryptogram.

3.2. Transforming the TSG into a DFA For finite automaton (deterministic or non-deterministic), I and F are sets of initial and terminal states respectively and T is the set of transitions on a fixed alphabet. We denoted by The determinate automaton of A, denoted by det (A), is the deterministic automaton, of which all states are accessible, equivalent to the starting automaton A obtained by the usual substructure construction procedure [3]. 3.2.1. Definition of the alphabet

The Table 3 shows the alphabet I = {A, B, C, D, E, F, G, H, I, J, K, E, F }, the notation used and the description of each notation. Table 3. Automaton states State

Notation

Type

1

Initialization

Initial state

2

Application_Selected

Intermediate state

3

GPO_Performed

Intermediate state

4

Record_Read

Intermediate state

6

Dyn_Card_Ahth

Intermediate state

5

Static_Card_Auth

Intermediate state

7

Card_Ready_To_Rereive_PIN

Intermediate state

8

Cardholder_Verif

Intermediate state

10

Transition_Aborted

Final State

9

ARQC_Performed

Final State

11

Transition_Approved

Final State

The Table 4 shows the transitions of the automaton.



Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538 Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000

535 5

Table 4. Automaton transitions Transition in the Fig. 1

Notation

Starting state

Alphabet

Final state

SELECT_APPLICATION

(1,A,2)

1

A

2

SELECT_APPLICATION2

(2,A,2)

2

A

2

GPO

(2, B, 3)

2

B

3

READ_RECORD_OR_GET_DATA

(3, C, 4)

3

C

4

READ_RECORD_OR_GET_DATA

(4, C, 4)

4

C

4

SDA

(4, D, 5)

4

D

5

INTERNAl_AUTH

(4, E, 6)

4

E

5

GET_CHALLENGE

(6, F, 7)

6

F

7

VERIFY

(5, G, 8)

5

G

8

VERIFY2

(7, H, 8)

7

H

8

GAC1_TC_TC

(8, I, 11)

8

I

11

(8, J, 9)

8

J

9

GAC1_ARQC_ARQC GAC1_TC_AAC_ARQC_AAC GAC2_TC_TC

(8, K, 10)

8

K

10

(9, M, 11)

9

M

11

GAC2_AAC_TC_AAC

(9, L, 10)

9

L

10

3.2.2. Minimization and determination of the automaton

Rabin-Scott indicated in a theorem that any language recognized by an NFA can be recognized by DFA[4]. The principle of determination is to take as states of the DFA the sets of states of the NFA. The initial unique state of the DFA is the set I of the initial states of the NFA. We start from the initial state I, then we calculate all the transitions starting from I, then we start again with the new states obtained. Then minimize the automaton with a minimization algorithm (Brzozowski) whose principle is the following: As Brzozowski (1963) observed, reversing the edges of a DFA produces a non-deterministic finite automaton (NFA) for the reversal of the original language, and converting this NFA to a DFA using the standard power set (constructing only the reachable states of the converted DFA) leads to a minimal DFA for the same reversed language[5]. Repeating this reversal operation a second time produces a minimal DFA for the original language. The worst-case complexity of Brzozowski's algorithm is exponential, as there are regular languages for which the minimal DFA of the reversal is exponentially larger than the minimal DFA of the language, but it frequently performs better than this worst case would suggest [6]. The Fig. 2 presents our DFA.

Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000 536

6

Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538

Fig. 2. Deterministic Finite Automaton

3.3. DFA Implementation We have implemented our automaton in C language. In fact, we wrote a program that accepts as input a set of paths expressed in the form of a word. This word consists of the alphabets representing a sequence of transitions of our automaton. In the output file, we find the obtained result. If the path is valid, we will have as result the value 1 otherwise we get the value 0. For this, we wrote a set of functions in C language. These functions return a booleen type in the following form: bool recognition(){ COURANTCHAR = 0; CHEMINSIZE = pathSize(path); if(path[CURRANTCHAR]=='A'){ if(getNexteChar()==-1)return error(); return recognition_2(); }else{ return error(); } } We take for example the path AABCCEFHJM in the input file. After compilation and execution of our program, we obtained, in the output file, AABCCEFHJM ----> 1.

Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000

Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538

7 537

4. Result & Analysis We all know that the behavior of an automaton is the set of character sequences that make it pass from the initial state to an end state. We are then based on our automaton of Fig. 2. to specify the regular expression allowing us to define the set of the words accepted by the automaton. These accepted words represent for us valid paths. Any valid path corresponds to a normal transaction between a card and a terminal. However, any invalid path presented a possible intrusion. After analyzing the automaton of a Fig. 2, we defined the associated regular expression to find all the sequences of characters accepted by the automaton, it is presented as follows: A+BC+EFH[IK] | A+BC+EFHJ[LM] | A+BC+DG[IK] | A+BC+DGJ[LM] Based on this regular expression, we generated all of the words corresponding to the valid paths, so all of normal transactions between card and terminal. Thus, any other different path will be invalid. We have applied the program on a set of valid and invalid paths database used in the work [1] and compare with the results obtained using artificial neural networks. Using our program, the paths shown in the Fig. 3 are all considered as normal patterns. ABCDGI ABCDGJM ABCDGJL ABCDGK ABCEFHI ABCEFHJM ABCEFHJL ABCEFHK Fig. 3. Valid patterns

Consequently, any path which is different of valid patterns (Including the possibility of multiplying the two alphabets A and C) is considered as an attempted attack. We have tested 236 abnormal patterns which are detected as invalid path by the program. And as an example, we present some invalid paths by the Fig.4. The invalid passages are highlighted with red color. ACDGI ABDGJM ABCGJL ABCDK ABC FHI ABCEFJM ABCEFH L Fig.4. Invalid patterns

As synthesis, we confirm that our methodology has enabled us to detect all invalid paths, ie all transactions that do not comply with the sequence of commands accepted by the state machine diagram. This was not the case for the

Tarik Hajji et al. / Procedia Computer Science 127 (2018) 531–538 Tarik Hajji/ Procedia Computer Science 00 (2018) 000–000

538

8

work [1] where it was possible to detect only 95% of invalid paths. In addition, this methodology enabled us to take into account the paths containing commands that can be repeated an unlimited number of times. This case was not treated by the work [8]. Another advantage of our program is that it is written in C language. So we can use it in a simulation under an open source Java virtual machine and test it. This is our work in progress. The table 5 below summarizes the comparison between the method of using ANN and the method of using DFA. Table 5. Comparison between ANN and DFA methods ANN method Detects 95% of invalid paths (attacks)

DFA method Detects 100% of invalid paths (attacks)

Requires a learning phase that takes time

Fast and no learning phase

No combinatorial explosion in case of large number of states but the result remains approximate

Causes a combinatorial explosion in the case of a large number of states (this is not the case for our model in which we have only 11 states)

5. Conclusion In this work we have presented an implementation for a deterministic finite automaton that can detect intrusions in EMV cards automatically. The implementation is able to do the exact recognition of the intrusions in the inverse of the use of the networks of neurons. The advantage also lies in the fact that our method does not use learning. As a perspective of this work, we will study the complexity and the optimization of this implementation.

References 1. N. Ouerdi, T. Hajji, A. Azizi, and A. Yahia. (2017) ―Multi-layer Neural Network for EMV Evaluation‖, in Europe and MENA Cooperation Advances in Information and Communication Technologies (pp. 549-557). Springer International Publishing. 2. T. Hajji, and N. Ouerdi. (2016) ―EMV cards vulnerabilities detection using ANN‖, in Information Technology for Organizations Development (IT4OD), International Conference on (pp. 1-5). IEEE. 3. J.E. Pin, and M.P. Schützenberger. (1984) Variétés de langages formels (Vol. 3). Paris: Masson. 4. B.R. Hodgson. (1983) Décidabilité par automate fini. Ann. sc. math. Québec, 7(1), 39-57. 5. J.A. Brzozowski. (1962) ―Canonical regular expressions and minimal state graphs for definite events‖. Mathematical theory of Automata, 12(6), 529-561 6. S. De Felice, and C. Nicaud. (2013) ―Brzozowski algorithm is generically super-polynomial for deterministic automata‖, in International Conference on Developments in Language Theory (pp. 179-190). Springer Berlin Heidelberg. 7. N. Ouerdi, M. Azizi, J.L. Lanet, A. Azizi, and M. Ziane. (2013) ―EMV card: Generation of Test Cases based on SysML Models‖. IERI Procedia. Volume 4, Pages 133-138. https://doi.org/10.1016/j.ieri.2013.11.020 8. N. Ouerdi, I. ElFarissi, A. Azizi, and M. Azizi. (2015) ―Artificial neural network-based methodology for vulnerabilities detection in EMV cards‖, Information Assurance and Security (IAS), 11th International Conference. 14-16 Dec. IEEE publisher. DOI: 10.1109/ISIAS.2015.7492750 9. R. Beghdad. (2008) ―Critical study of neural networks in detecting intrusions‖ Computers & security 27, pp. 168—175. 10. N. Gupta. (2013) ―Network and Complex Systems‖ ISSN 2224-610X (Paper) ISSN 2225-0603 (Online) Vol.3, No.1, Selected from International Conference on Recent Trends in Applied Sciences with Engineering Applications 11. I. ElFarissi, M. Azizi, J.L. Lanet, and M. Moussaoui. (2011) ―Evaluation of detection System of fault attacks based on Neural network into a java virtual machine‖. International journal of computers & technology. ISSN 22773061.Vol 10, N 3. Pages 1481-1488. 12. EMVCo. (2011) Book 1-2-3-4 - Application independent ICC to Terminal Interface requirements, 4.3 edition.