Security of CCTV and Video Surveillance Systems: Threats, Vulnerabilities, Attacks, and Mitigations
作者: Andrei Costin
关键词: Covert channel 、 Physical security 、 Semantics 、 Software deployment 、 Table (database) 、 Internet privacy 、 Field (computer science) 、 Firmware 、 Computer security 、 Computer science 、 Scope (project management)
摘要: Video surveillance, closed-circuit TV and IP-camera systems became virtually omnipresent indispensable for many organizations, businesses, users. Their main purpose is to provide physical security, increase safety, prevent crime. They also increasingly complex, comprising communication means, embedded hardware non-trivial firmware. However, most research date focused mainly on the privacy aspects of such systems, did not fully address their issues related cyber-security in general, visual layer (i.e., imagery semantics) attacks particular. In this paper, we conduct a systematic review existing novel threats video based publicly available data. The insights can then be used better understand identify security risks associated with development, deployment use these systems. We study threats, along or possible countermeasures, summarize knowledge into comprehensive table that practical way as checklist when assessing level new CCTV designs deployments. set recommendations mitigations help improve levels provided by hardware, firmware, network communications operation surveillance hope findings paper will valuable threat landscape are exposed to, well promote further widen scope field beyond its current boundaries.
acm.org
sci-hub.se 参考文章(61)
Samuel Joseph O’Malley, Kim-Kwang Raymond Choo, Bridging the Air Gap: Inaudible Data Exfiltration by Insiders Social Science Research Network. ,(2014)
Mario Strasser, Srdjan Čapkun, Christina Pöpper, Jamming-resistant broadcast communication without shared keys usenix security symposium. pp. 231- 248 ,(2009) , 10.3929/ETHZ-A-006824907
Goutam Paul, Ming-Yuan Duan, Ian Davidson, George Berg, Searching For Hidden Messages: Automatic Detection of Steganography innovative applications of artificial intelligence. pp. 51- 56 ,(2003)
Jan H. P. Eloff, Martin S. Olivier, T. Morkel, An overview of image steganography. information security for south africa. pp. 1- 11 ,(2005)
Calton Pu, Jinpeng Wei, A Methodical Defense against TOCTTOU Attacks: The EDGI Approach ,(2006)
Yuval Elovici, Assaf Kachlon, Gabi Kedma, Yisroel Mirsky, Mordechai Guri, Ofer Hasson, GSMem: data exfiltration from air-gapped computers over GSM frequencies usenix security symposium. pp. 849- 864 ,(2015)
Matthew Brocker, Stephen Checkoway, iSeeYou: disabling the MacBook webcam indicator LED usenix security symposium. pp. 337- 352 ,(2014)
Aniello Castiglione, Marco Cepparulo, Alfredo De Santis, Francesco Palmieri, Towards a Lawfully Secure and Privacy Preserving Video Surveillance System international conference on electronic commerce. pp. 73- 84 ,(2010) , 10.1007/978-3-642-15208-5_7
Craig Valli, Michael Coole, Andrew Woodward, Understanding the Vulnerabilities in Wi-Fi and the Impact on its Use in CCTV Systems ,(2012) , 10.4225/75/57A03670AC5CE
Stefan Savage, John Bellardo, 802.11 denial-of-service attacks: real vulnerabilities and practical solutions usenix security symposium. pp. 2- 2 ,(2003)