Abstract
Internet Protocol (IP) cameras and Internet of Things (IoT) devices are known for their vulnerabilities, and Man in the Middle attacks present a significant privacy and security concern. Because the attacks are easy to perform and highly effective, this allows attackers to steal information and disrupt access to services. We evaluate the security of six IP cameras by performing and outlining various attacks which can be used by criminals. A threat scenario is used to describe how a criminal may attack cameras before and during a burglary. Our findings show that IP cameras remain vulnerable to ARP Poisoning or Spoofing, and while some cameras use Digest Authentication to obfuscate passwords, some vendors and applications remain insecure. We suggest methods to prevent ARP Poisoning, and reiterate the need for good password policy.
Original language | English |
---|---|
Pages (from-to) | 163-172 |
Journal | CS & IT Conference proceedings |
Volume | 9 |
Issue number | 7 |
DOIs | |
Publication status | Published - 30 Jun 2019 |
Event | 8th International Conference on Soft Computing, Artificial Intelligence and Applications - Copenhagen, Denmark Duration: 29 Jun 2019 → 30 Jun 2019 |