Abstract
Given the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic study on live webcams from both aggregation sites and individual webcams (webpages/IP hosts). We propose a series of efficient, automated techniques for detecting and fingerprinting live webcams. In particular, we leverage distributed algorithms to detect aggregation sites and generate webcam fingerprints by utilizing the Graphical User Interface (GUI) of the built-in web server of a device. Overall, we observe 0.85 million webpages from aggregation sites hosting live webcams and 2.2 million live webcams in the public IPv4 space. Our study reveals that aggregation sites have a typical long-tail distribution in hosting live streams (5.8% of sites contain 90.44% of live streaming contents), and 85.4% of aggregation websites scrape webcams from others. Further, we observe that (1) 277,239 webcams from aggregation sites and IP hosts (11.7%) directly expose live streams to the public, (2) aggregation sites expose 187,897 geolocation names and more detailed 23,083 longitude/latitude pairs of webcams, (3) the default usernames and passwords of 38,942 webcams are visible on aggregation sites in plaintext, and (4) 1,237 webcams are detected as having been compromised to conduct malicious behaviors.
- Mathias M Adankon and Mohamed Cheriet. 2009. Support vector machine. Encyclopedia of biometrics . Springer, 1303--1308.Google Scholar
- Mark Alllman and Vern Paxson. 2007. Issues and Etiquette Concerning Use of Shared Measurement Data. In Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement (IMC '07). ACM, New York, NY, USA, 135--140. https://doi.org/10.1145/1298306.1298327Google Scholar
Digital Library
- Amazon. 2015. EMR, A Scale Big Data Framework for Apache Spark and Hadoop . https://aws.amazon.com/emr/. (2015).Google Scholar
- ANGR. 2016. A platform-agnostic binary analysis framework. . (2016). https://github.com/angr/angrGoogle Scholar
- Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In Proceedings of the 26th USENIX Conference on Security Symposium .Google Scholar
Digital Library
- Binwalk. 2012. The tool for analyzing, reverse engineering, and extracting firmware images. (2012). https://github.com/ReFirmLabs/binwalkGoogle Scholar
- Christopher M Bishop. 2007. Pattern recognition and machine learning (information science and statistics) .Springer.Google Scholar
Digital Library
- CalOPPA. 2004. California Online Privacy Protection Act . (2004).Google Scholar
- Censys. 2015. a search engine based on Internet-wide scanning for the devices and networks. https://censys.io/. (2015).Google Scholar
- Daming D Chen, Manuel Egele, Maverick Woo, and David Brumley. 2016. Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. In Network and Distributed System Security Symposium (NDSS) .Google Scholar
- K. Cheng, Q. Li , L. Wang, Q. Chen, Y. Zheng, L. Sun, and Z. Liang. 2018. DTaint: Detecting the Taint-Style Vulnerability in Embedded Device Firmware. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 430--441. https://doi.org/10.1109/DSN.2018.00052Google Scholar
- Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares. In 23rd USENIX Security Symposium . San Diego, CA, 95--110.Google Scholar
- Common Crawl. 2013. An Open Repository of Web CrawlData . (2013).Google Scholar
- Jeffrey Dean and Sanjay Ghemawat. 2008. MapReduce: simplified data processing on large clusters . Communications of the ACM, 2008 , Vol. 51, 1 (2008), 107--113.Google Scholar
Digital Library
- David Dittrich, Erin Kenneally, et almbox. 2012. The Menlo Report: Ethical principles guiding information and communication technology research . Technical Report. US Department of Homeland Security.Google Scholar
- Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J Alex Halderman. 2015. A Search Engine Backed by Internet-Wide Scanning. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, 542--553.Google Scholar
Digital Library
- Zakir Durumeric, James Kasten, David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicholas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer, and Vern Paxson. 2014. The Matter of Heartbleed. In Proceedings of the Internet Measurement Conference (IMC) Vancouver, BC, Canada, November 5--7, 2014. 475--488.Google Scholar
Digital Library
- Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2013. ZMap: Fast Internet-wide Scanning and Its Security Applications. In USENIX Security Symposium, vol. 8, pp. 47--53. 2013. 605--620.Google Scholar
- Claude Fachkha, Elias Bou-Harb, Anastasis Keliris, Nasir Memon, and Mustaque Ahamad. 2017. Internet-scale probing of CPS: Inference, characterization and orchestration analysis. In Proceedings of Network and Distributed System Security Symposium, NDSS, 2017, Vol. 17.Google Scholar
Cross Ref
- Xuan Feng, Qiang Li, Haining Wang, and Limin Sun. 2018. Acquisitional Rule-based Engine for Discovering Internet-of-Things Devices. In 27th USENIX Security Symposium (USENIX Security 18). Baltimore, MD, 327--341.Google Scholar
- FFmpeg. 2000. a complete, cross-platform solution to record, convert and stream audio and video . https://www.ffmpeg.org/. (2000).Google Scholar
- Jerome H Friedman. 2001. Greedy function approximation: a gradient boosting machine. Annals of statistics (2001), 1189--1232.Google Scholar
- Manaf Gharaibeh, Anant Shah, Bradley Huffaker, Han Zhang, Roya Ensafi, and Christos Papadopoulos. 2017. A Look at Router Geolocation in Public and Commercial Databases. In Proceedings of the 2017 Internet Measurement Conference (IMC '17). ACM, New York, NY, USA, 463--469. https://doi.org/10.1145/3131365.3131380Google Scholar
Digital Library
- Honeypot. 2015. The Honeynet Project. (2015). https://www.honeynet.org/Google Scholar
- Damilola Ibosiola, Benjamin Steer, Alvaro Garcia-Recuero, Gianluca Stringhini, Steve Uhlig, and Gareth Tyson. 2018. Movie pirates of the caribbean: Exploring illegal streaming cyberlockers. In Twelfth International AAAI Conference on Web and Social Media .Google Scholar
Cross Ref
- ICO. 2015. Joint letter to the operators of Insecam . https://ico.org.uk/media/about-the-ico/documents/1043287/ico-letter-to-webcam-manufacturers.pdf . (2015).Google Scholar
- Insecam. 2014. Network live IP video cameras directory . http://www.insecam.org/en/. (2014).Google Scholar
- Nathan Jacobs, Walker Burgin, Nick Fridrich, Austin Abrams, Kylia Miskell, Bobby H. Braswell, Andrew D. Richardson, and Robert Pless. 2009. The Global Network of Outdoor Webcams: Properties and Applications. In Proceedings of the 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS '09). ACM, New York, NY, USA, 111--120. https://doi.org/10.1145/1653771.1653789Google Scholar
Digital Library
- JPEG. 1992. Joint Photographic Experts Group for lossy compression for digital images . https://jpeg.org/about.html . (1992).Google Scholar
- Oliver Kramer. 2013. K-nearest neighbors. Dimensionality Reduction with Unsupervised Nearest Neighbors. Springer, 13--23.Google Scholar
- K Ming Leung. 2007. Naive bayesian classifier. Polytechnic University Department of Computer Science/Finance and Risk Engineering (2007).Google Scholar
- Li-Jia Li and Li Fei-Fei. 2007. What, where and who? classifying events by scene and object recognition. In 2007 IEEE 11th International Conference on Computer Vision (ICCV). IEEE, 1--8.Google Scholar
Cross Ref
- Qiang Li, Xuan Feng, Haining Wang, Zhi Li, and Limin Sun. 2018. Towards fine-grained fingerprinting of firmware in online embedded devices. In IEEE International Conference on Computer Communications (INFOCOM 2018) .Google Scholar
Digital Library
- Q. Li, X. Feng , H. Wang, and L. Sun. 2018. Understanding the Usage of Industrial Control System Devices on the Internet. IEEE Internet of Things Journal , Vol. 5, 3 (June 2018), 2178--2189. https://doi.org/10.1109/JIOT.2018.2826558Google Scholar
Cross Ref
- Masscan. 2013. Network Scanner tool for scanning Internet port . https://github.com/robertdavidgraham/masscan . (2013).Google Scholar
- MaxMind. 2002. MaxMind GeoIP2 database provides location data for IP addresses . https://www.maxmind.com/en/geoip2-services-and-databases . (2002).Google Scholar
- Austin Murdock, Frank Li, Paul Bramsen, Zakir Durumeric, and Vern Paxson. 2017. Target generation for Internet-wide IPv6 scanning. Proceedings of the 2017 Internet Measurement Conference. ACM, 242--253.Google Scholar
Digital Library
- NLTK. 2001. a suite of libraries and programs for symbolic and statistical natural language processing. http://www.nltk.org/. (2001).Google Scholar
- Nmap. 1997. Network Security Scanner tool . https://nmap.org/. (1997).Google Scholar
- RFC 5905 NTP. 1985. The Network Time Protocol Protocol for synchronize the clocks of computers over a network. http://www.ntp.org/. (1985).Google Scholar
- Webcam Number. 2014. Information Handling Services Markit, 245 million video surveillance cameras installed globally. https://technology.ihs.com/532501/cameras-installed-globally-in-2014 . (2014).Google Scholar
- ONVIF. [n. d.]. Open Network Video Interface Forum website . ([n. d.]). http://www.onvif.orgGoogle Scholar
- M Zubair Rafique, Tom Van Goethem, Wouter Joosen, Christophe Huygens, and Nick Nikiforakis. 2016. It's free for a reason: Exploring the ecosystem of free live streaming services. In Proceedings of the 23rd Network and Distributed System Security Symposium (NDSS 2016) . Internet Society, 1--15.Google Scholar
Cross Ref
- BBC report. 2017. BBC report, In Your Face: China's all-seeing state . https://www.bbc.com/news/av/world-asia-china-42248056/in-your-face-china-s-all-seeing-state . (2017).Google Scholar
- Mirai Report. 2016. the cyber attack disrupts internet service across Europe and US via Mirai . https://www.theguardian.com/technology/2016/oct/21/ddos-attack-dyn-internet-denial-service . (2016).Google Scholar
- Scrapy. 2008. A Fast and Powerful Scraping and Web Crawling Framework . https://scrapy.org . (2008).Google Scholar
- Zain Shamsi, Daren B. H. Cline, and Dmitri Loguinov. 2017. Faulds: A Non-Parametric Iterative Classifier for Internet-Wide OS Fingerprinting. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, CCS, Dallas, TX, USA, October 30 - November 03, 2017 . 971--982.Google Scholar
Digital Library
- Zain Shamsi, Ankur Nandwani, Derek Leonard, and Dmitri Loguinov. 2014. Hershel: Single-packet Os Fingerprinting. In The 2014 ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS '14). 195--206.Google Scholar
- Shodan. 2009. The search engine for Internet-connected devices . https://www.shodan.io/. (2009).Google Scholar
- Beautiful Soup. 2012. package for parsing HTML and XML documents . https://www.crummy.com/software/BeautifulSoup/. (2012).Google Scholar
- VLC. 2001. media player originated by the VideoLan software . https://www.videolan.org/. (2001).Google Scholar
- WARC. 2015. Web ARChive file format combines multiple digital resources into an aggregate archive file together with related information. https://www.loc.gov/preservation/digital/formats/fdd/fdd000236.shtml. (2015).Google Scholar
- Webcam. 2012. Flaw in Home Security Cameras Exposes Live Feeds to Hackers. (2012). https://www.wired.com/2012/02/home-cameras-exposed/Google Scholar
- ICANN WHOIS. 1995. Whois Database for Registration Data. https://www.whois.net/. (1995).Google Scholar
Index Terms
Under the Concealing Surface: Detecting and Understanding Live Webcams in the Wild
Recommendations
Under the Concealing Surface: Detecting and Understanding Live Webcams in the Wild
SIGMETRICS '20: Abstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer SystemsGiven the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic ...
Under the Concealing Surface: Detecting and Understanding LiveWebcams in the Wild
Given the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic ...
A measurement study of YouTube 360° live video streaming
NOSSDAV '19: Proceedings of the 29th ACM Workshop on Network and Operating Systems Support for Digital Audio and Video360° live video streaming is becoming increasingly popular. While providing viewers with enriched experience, 360° live video streaming is challenging to achieve since it requires a significantly higher bandwidth and a powerful computation ...






Comments