research-article

Towards the Security of Motion Detection-based Video Surveillance on IoT Devices

Authors:
Xianglong Feng

University of Nebraska-Lincoln, Lincoln, NE, USA

University of Nebraska-Lincoln, Lincoln, NE, USA
View Profile

,
Mengmei Ye

University of Nebraska-Lincoln, Lincoln, NE, USA

University of Nebraska-Lincoln, Lincoln, NE, USA
View Profile

,
Viswanathan Swaminathan

Adobe Systems Inc., San Jose, CA, USA

Adobe Systems Inc., San Jose, CA, USA
View Profile

,
Sheng Wei

University of Nebraska-Lincoln, Lincoln, NE, USA

University of Nebraska-Lincoln, Lincoln, NE, USA
View Profile

Thematic Workshops '17: Proceedings of the on Thematic Workshops of ACM Multimedia 2017October 2017Pages 228–235https://doi.org/10.1145/3126686.3126713

Published:23 October 2017Publication History

Thematic Workshops '17: Proceedings of the on Thematic Workshops of ACM Multimedia 2017

Pages 228–235

ABSTRACT

Video surveillance enabled by Internet of Things (IoT) devices, such as smart cameras, has become a popular set of applications recently with the trend of adopting IoT in multimedia signal processing and smart home use cases. Despite its intelligence and convenience, the video motion detection module deployed on the IoT devices poses security challenges due to the sensitive nature of the captured surveillance video and the motion detection operation. In this paper, we investigate the security vulnerabilities of IoT video surveillance from the hardware system point of view. We first develop a proof-of-concept prototype demonstrating video replay attacks, in which the compromised surveillance device hides the chosen suspicious motion by overwriting the corresponding frames with pre-recorded normal frames under the control of the attacker. To address the security concerns, we develop a hardware-based IoT security framework that creates a trusted execution environment and physically isolates the security sensitive components, such as the motion detection module, from the rest of the system. We implement the security framework on an ARM system on chip (SoC). Our evaluations on the real hardware reveal superior security and low performance/power overhead in IoT video surveillance applications.

References

ARM Security Technology: Building a Secure System using TrustZone Technology. http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html.Google Scholar
Intel Software Guard Extensions. https://software.intel.com/en-us/isa-extensions/intel-sgx.Google Scholar
Nest Cam Spec Sheet. https://content.abt.com/documents/73396/NC2100ES-specs.pdf.Google Scholar
Ring Video Doorbell. https://ring.com/.Google Scholar
2016. iOS Security Guide. https://www.apple.com/business/docs/iOS_Security_Guide.pdf.Google Scholar
Mamoona Asghar and Mohammad Ghanbari. 2011. Cryptographic keys management for H. 264 scalable coded video security. In Information Security and Cryptology (ISCISC), 2011 8th International ISC Conference on. 83--86.Google ScholarCross Ref
Ahmed M. Azab, Kirk Swidowski, Rohan Bhutkar, Jia Ma, Wenbo Shen, Ruowen Wang, and Peng Ning. 2016. SKEE: A Lightweight Secure Kernel-level Execution Environment for ARM. In The Network and Distributed System Security Symposium (NDSS).Google Scholar
Mainak Banga and Michael S. Hsiao. 2010. A region based approach for the identification of hardware Trojans. In IEEE International Symposium on Hardware-Oriented Security and Trust (HOST). 40--47. Google ScholarDigital Library
Andrew Baumann, Marcus Peinado, and Galen Hunt. 2014. Shielding applications from an untrusted cloud with Haven. In USENIX Symposium on Operating Systems Design and Implementation (OSDI). 267--283. Google ScholarDigital Library
Gedare Bloom, Bhagirath Narahari, and Rahul Simha. 2009. OS support for detecting Trojan circuit attacks. In IEEE International Symposium on Hardware-Oriented Security and Trust (HOST). 100--103. Google ScholarDigital Library
Stefan Brenner, Colin Wulf, and Rüdiger Kapitza. 2014. Running ZooKeeper coordination services in untrusted clouds. In USENIX Conference on Hot Topics in System Dependability (HotDep). 2--2. Google ScholarDigital Library
Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal hardware extensions for strong software isolation. In USENIX Security Symposium.Google ScholarDigital Library
Prithula Dhungel, Xiaojun Hei, Keith W. Ross, and Nitesh Saxena. 2007. The pollution attack in P2P live video streaming: Measurement results and defenses. In Workshop on Peer-to-peer streaming and IP-TV. 323--328. Google ScholarDigital Library
Jeremy Dubeuf, David Hély, and Ramesh Karri. 2013. Run-time detection of hardware Trojans: The processor protection unit. In IEEE European Test Symposium (ETS). 1--6.Google ScholarCross Ref
Andrew Ferraiuolo, Xuehui Zhang, and Mark Tehranipoor. 2012. Experimental analysis of a ring oscillator network for hardware Trojan detection in a 90nm ASIC. In IEEE/ACM International Conference on Computer-Aided Design (ICCAD). 37--42. Google ScholarDigital Library
Ben Gras, Kaveh Razavi, Erik Bosman, Herbert Bos, and Christiano Giuffrida. 2017. ASLR on the line: Practical cache attacks on the MMU. In Network and Distributed System Security Symposium (NDSS).Google ScholarCross Ref
Yier Jin and Yiorgos Makris. 2008. Hardware Trojan detection using path delay fingerprint. In IEEE International Symposium on Hardware-Oriented Security and Trust (HOST). 51--57. Google ScholarDigital Library
Narjes Jomaa, David Nowak, Gilles Grimaud, and Samuel Hym. 2016. Formal proof of dynamic memory isolation based on MMU. In International Symposium on Theoretical Aspects of Software Engineering (TASE). 73--80.Google ScholarCross Ref
Konstantinos Koukos, Alberto Ros, Erik Hagersten, and Stefanos Kaxiras. 2016. Building heterogeneous unified virtual memories (UVMs) without the overhead. ACM Transactions on Architecture and Code Optimization (TACO) 13, 1 (2016), 1. Google ScholarDigital Library
Chung-Hsin Liu and Chun-Lin Lo. 2009. The analysis of DDoS attack for the video transmission. In Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human. 394--399. Google ScholarDigital Library
Nuno Santos, Himanshu Raj, Stefan Saroiu, and Alec Wolman. 2014. Using ARM TrustZone to build a trusted language runtime for mobile applications. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 67--80. Google ScholarDigital Library
Jared Schmitz, Jason Loew, Jesse Elwell, Dmitry Ponomarev, and Nael AbuGhazaleh. 2011. TPM-SIM: a framework for performance evaluation of trusted platform modules. In Design Automation Conference (DAC). 236--241. Google ScholarDigital Library
Felix Schuster, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, and Mark Russinovich. 2015. VC3: Trustworthy data analytics in the cloud using SGX. In IEEE Symposium on Security and Privacy. 38--54. Google ScholarDigital Library
Prabira Kumar Sethy, Kamal Pradhan, and Santi Kumari Behera. 2016. A security enhanced approach for video steganography using K-Means clustering and direct mapping. In International Conference on Automatic Control and Dynamic Optimization Techniques (ICACDOT). 618--622.Google ScholarCross Ref
Jianxiong Shao, Yu Qin, Dengguo Feng, and Weijin Wang. 2015. Formal analysis of enhanced authorization in the TPM 2.0. In ACM Symposium on Information, Computer and Communications Security (ASIA CCS). 273--284. Google ScholarDigital Library
Shikha Sharma and Devendra Somwanshi. 2016. A DWT based attack resistant video steganography. In International Conference on Information and Communication Technology for Competitive Strategies. 116. Google ScholarDigital Library
Matthew Simpson, Bhuvan Middha, and Rajeev Barua. 2005. Segment protection for embedded systems using run-time checks. In International Conference on Compilers, Architectures and Synthesis for Embedded Systems. 66--77. Google ScholarDigital Library
E. Srikanth. 2014. Zynq-7000 AP SoC low power techniques part 2 - Measuring ZC702 power using TI Fusion Power Designer tech tip. http://www.wiki.xilinx.com/Zynq-7000+AP+SoC+Low+Power+Techniques+part+2+-+Measuring+ZC702+Power+using+TI+Fusion+Power+Designer+Tech+Tip.Google Scholar
Chris Stauffer and W. Eric L. Grimson. 1999. Adaptive background mixture models for real-time tracking. In Computer Vision and Pattern Recognition, 1999. IEEE Computer Society Conference on., Vol. 2. 246--252.Google ScholarCross Ref
He Sun, Kun Sun, Yuewu Wang, and Jiwu Jing. 2015. TrustOTP: Transforming smartphones into secure one-time password tokens. In ACM Conference on Computer and Communications Security (CCS). 976--988. Google ScholarDigital Library
Viswanathan Swaminathan and Sayaan Mitra. 2012. A partial encryption scheme for AVC video. In IEEE International Conference on Emerging Signal Processing Applications (ESPA). 1--4.Google ScholarCross Ref
Viswanathan Swaminathan and Sheng Wei. 2013. Offline protected video playback on heterogeneous platforms. In IEEE International Conference on Multimedia and Expo Workshops (ICME). 1--4.Google ScholarCross Ref
Mark Tehranipoor and Farinaz Koushanfar. 2010. A survey of hardware Trojan taxonomy and detection. In IEEE Design & Test of Computers. 10--25. Google ScholarDigital Library
Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2013. Steal this movie: Automatically bypassing DRM protection in streaming media services. In USENIX Security Symposium. Google ScholarDigital Library
Sheng Wei, Saro Meguerdichian, and Miodrag Potkonjak. 2010. Gate-level characterization: Foundations and hardware security applications. In Design Automation Conference (DAC). 222--227. Google ScholarDigital Library
Sheng Wei, James B. Wendt, Ani Nahapetian, and Miodrag Potkonjak. 2014. Reverse engineering and prevention techniques for physical unclonable functions using side channels. In Design Automation Conference (DAC). 1--6. Google ScholarDigital Library
Francis Wolff, Chris Papachristou, Swarup Bhunia, and Rajat S. Chakraborty. 2008. Towards Trojan-free Trusted ICs: Problem analysis and detection scheme. In Design, Automation and Test in Europe (DATE). 1362--1365. Google ScholarDigital Library
Xilinx Inc. 2014. Programming ARM TrustZone Architecture on the Xilinx Zynq-7000 All Programmable SoC. In UG1019 (v1.0).Google Scholar
Yan Zhai, Lichao Yin, Jeffrey Chase, Thomas Ristenpart, and Michael Swift. 2016. CQSTR: Securing cross-tenant applications with cloud containers. In ACM Symposium on Cloud Computing (SoCC). 223--236. Google ScholarDigital Library
Dawei Zhang, Zhen Han, and Guangwen Yan. 2010. A portable TPM based on USB key. In ACM conference on Computer and Communications Security (CCS). 750--752. Google ScholarDigital Library
Xuehui Zhang, Andrew Ferraiuolo, and Mohammad Tehranipoor. 2013. Detection of Trojans using a combined ring oscillator network and off-chip transient power analysis. ACM Journal on Emerging Technologies in Computing Systems 9, 3, Article 25 (2013), 25:1--25:20 pages. Google ScholarDigital Library

Index Terms

Towards the Security of Motion Detection-based Video Surveillance on IoT Devices
1. Information systems
  1. Information systems applications
    1. Multimedia information systems
2. Security and privacy
  1. Security in hardware
    1. Embedded systems security

Recommendations

Protecting IoT devices from security attacks using effective decision-making strategy of appropriate features
Abstract
The term "Internet of things (IoT)” refers to a network in which data from all connected devices may be gathered, analyzed, and modified as per requirements to offer new services. IoT devices require a constant Internet connection to exchange ...
Read More
IoT Security & Privacy: Threats and Challenges
IoTPTS '15: Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security

The era of the Internet of Things (IoT) has already started and it will profoundly change our way of life. While IoT provides us many valuable benefits, IoT also exposes us to many different types of security threats in our daily life. Before the advent ...
Read More
Data Security and risks for IoT in intercommunicating objects
BDCA'17: Proceedings of the 2nd international Conference on Big Data, Cloud and Applications

Nowadays Internet of Things" (IoT) codes are passive entities that encode information, The goal of this work is to give explicit interconnections between IoT specifications and interpreting IoT codes and information's in order to exchange information to ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
Thematic Workshops '17: Proceedings of the on Thematic Workshops of ACM Multimedia 2017
October 2017
558 pages
ISBN:9781450354165
DOI:10.1145/3126686
Program Chairs:
Wanmin Wu
Google, USA
,
Jianchao Yang
Snap Inc., USA
,
Qi Tian
The University of Texas at San Antonio, USA
,
Roger Zimmermann
National University of Singapore, Singapore
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 23 October 2017
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
arm trustzone
hardware isolation
internet of things
motion detection
replay attack
video surveillance
Qualifiers
- research-article
Conference
Upcoming Conference
MM '24

Sponsor:

sigmm

MM '24: The 32nd ACM International Conference on Multimedia

October 28 - November 1, 2024

Melbourne , VIC , Australia
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 7
  Total Citations
  View Citations
- 286
  Total Downloads
- Downloads (Last 12 months)19
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Towards the Security of Motion Detection-based Video Surveillance on IoT Devices

Thematic Workshops '17: Proceedings of the on Thematic Workshops of ACM Multimedia 2017

ABSTRACT

References

Cited By

Index Terms

Recommendations

Protecting IoT devices from security attacks using effective decision-making strategy of appropriate features

IoT Security & Privacy: Threats and Challenges

Data Security and risks for IoT in intercommunicating objects