research-article

Under the Concealing Surface: Detecting and Understanding Live Webcams in the Wild

Authors:

Limin SunAuthors Info & Claims

Proceedings of the ACM on Measurement and Analysis of Computing Systems, Volume 4, Issue 1

Article No.: 05, Pages 1 - 25

https://doi.org/10.1145/3379471

Published: 27 May 2020 Publication History

Abstract

Given the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic study on live webcams from both aggregation sites and individual webcams (webpages/IP hosts). We propose a series of efficient, automated techniques for detecting and fingerprinting live webcams. In particular, we leverage distributed algorithms to detect aggregation sites and generate webcam fingerprints by utilizing the Graphical User Interface (GUI) of the built-in web server of a device. Overall, we observe 0.85 million webpages from aggregation sites hosting live webcams and 2.2 million live webcams in the public IPv4 space. Our study reveals that aggregation sites have a typical long-tail distribution in hosting live streams (5.8% of sites contain 90.44% of live streaming contents), and 85.4% of aggregation websites scrape webcams from others. Further, we observe that (1) 277,239 webcams from aggregation sites and IP hosts (11.7%) directly expose live streams to the public, (2) aggregation sites expose 187,897 geolocation names and more detailed 23,083 longitude/latitude pairs of webcams, (3) the default usernames and passwords of 38,942 webcams are visible on aggregation sites in plaintext, and (4) 1,237 webcams are detected as having been compromised to conduct malicious behaviors.

References

[1]

Mathias M Adankon and Mohamed Cheriet. 2009. Support vector machine. Encyclopedia of biometrics . Springer, 1303--1308.

[2]

Mark Alllman and Vern Paxson. 2007. Issues and Etiquette Concerning Use of Shared Measurement Data. In Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement (IMC '07). ACM, New York, NY, USA, 135--140. https://doi.org/10.1145/1298306.1298327

Digital Library

[3]

Amazon. 2015. EMR, A Scale Big Data Framework for Apache Spark and Hadoop . https://aws.amazon.com/emr/. (2015).

[4]

ANGR. 2016. A platform-agnostic binary analysis framework. . (2016). https://github.com/angr/angr

[5]

Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In Proceedings of the 26th USENIX Conference on Security Symposium .

Digital Library

[6]

Binwalk. 2012. The tool for analyzing, reverse engineering, and extracting firmware images. (2012). https://github.com/ReFirmLabs/binwalk

[7]

Christopher M Bishop. 2007. Pattern recognition and machine learning (information science and statistics) .Springer.

Digital Library

[8]

CalOPPA. 2004. California Online Privacy Protection Act . (2004).

[9]

Censys. 2015. a search engine based on Internet-wide scanning for the devices and networks. https://censys.io/. (2015).

[10]

Daming D Chen, Manuel Egele, Maverick Woo, and David Brumley. 2016. Towards Automated Dynamic Analysis for Linux-based Embedded Firmware. In Network and Distributed System Security Symposium (NDSS) .

[11]

K. Cheng, Q. Li, L. Wang, Q. Chen, Y. Zheng, L. Sun, and Z. Liang. 2018. DTaint: Detecting the Taint-Style Vulnerability in Embedded Device Firmware. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 430--441. https://doi.org/10.1109/DSN.2018.00052

[12]

Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares. In 23rd USENIX Security Symposium . San Diego, CA, 95--110.

[13]

Common Crawl. 2013. An Open Repository of Web CrawlData . (2013).

[14]

Jeffrey Dean and Sanjay Ghemawat. 2008. MapReduce: simplified data processing on large clusters . Communications of the ACM, 2008, Vol. 51, 1 (2008), 107--113.

Digital Library

[15]

David Dittrich, Erin Kenneally, et almbox. 2012. The Menlo Report: Ethical principles guiding information and communication technology research . Technical Report. US Department of Homeland Security.

[16]

Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J Alex Halderman. 2015. A Search Engine Backed by Internet-Wide Scanning. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, 542--553.

Digital Library

[17]

Zakir Durumeric, James Kasten, David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicholas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer, and Vern Paxson. 2014. The Matter of Heartbleed. In Proceedings of the Internet Measurement Conference (IMC) Vancouver, BC, Canada, November 5--7, 2014. 475--488.

Digital Library

[18]

Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2013. ZMap: Fast Internet-wide Scanning and Its Security Applications. In USENIX Security Symposium, vol. 8, pp. 47--53. 2013. 605--620.

[19]

Claude Fachkha, Elias Bou-Harb, Anastasis Keliris, Nasir Memon, and Mustaque Ahamad. 2017. Internet-scale probing of CPS: Inference, characterization and orchestration analysis. In Proceedings of Network and Distributed System Security Symposium, NDSS, 2017, Vol. 17.

[20]

Xuan Feng, Qiang Li, Haining Wang, and Limin Sun. 2018. Acquisitional Rule-based Engine for Discovering Internet-of-Things Devices. In 27th USENIX Security Symposium (USENIX Security 18). Baltimore, MD, 327--341.

[21]

FFmpeg. 2000. a complete, cross-platform solution to record, convert and stream audio and video . https://www.ffmpeg.org/. (2000).

[22]

Jerome H Friedman. 2001. Greedy function approximation: a gradient boosting machine. Annals of statistics (2001), 1189--1232.

[23]

Manaf Gharaibeh, Anant Shah, Bradley Huffaker, Han Zhang, Roya Ensafi, and Christos Papadopoulos. 2017. A Look at Router Geolocation in Public and Commercial Databases. In Proceedings of the 2017 Internet Measurement Conference (IMC '17). ACM, New York, NY, USA, 463--469. https://doi.org/10.1145/3131365.3131380

Digital Library

[24]

Honeypot. 2015. The Honeynet Project. (2015). https://www.honeynet.org/

[25]

Damilola Ibosiola, Benjamin Steer, Alvaro Garcia-Recuero, Gianluca Stringhini, Steve Uhlig, and Gareth Tyson. 2018. Movie pirates of the caribbean: Exploring illegal streaming cyberlockers. In Twelfth International AAAI Conference on Web and Social Media .

[26]

ICO. 2015. Joint letter to the operators of Insecam . https://ico.org.uk/media/about-the-ico/documents/1043287/ico-letter-to-webcam-manufacturers.pdf . (2015).

[27]

Insecam. 2014. Network live IP video cameras directory . http://www.insecam.org/en/. (2014).

[28]

Nathan Jacobs, Walker Burgin, Nick Fridrich, Austin Abrams, Kylia Miskell, Bobby H. Braswell, Andrew D. Richardson, and Robert Pless. 2009. The Global Network of Outdoor Webcams: Properties and Applications. In Proceedings of the 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS '09). ACM, New York, NY, USA, 111--120. https://doi.org/10.1145/1653771.1653789

Digital Library

[29]

JPEG. 1992. Joint Photographic Experts Group for lossy compression for digital images . https://jpeg.org/about.html . (1992).

[30]

Oliver Kramer. 2013. K-nearest neighbors. Dimensionality Reduction with Unsupervised Nearest Neighbors. Springer, 13--23.

[31]

K Ming Leung. 2007. Naive bayesian classifier. Polytechnic University Department of Computer Science/Finance and Risk Engineering (2007).

[32]

Li-Jia Li and Li Fei-Fei. 2007. What, where and who? classifying events by scene and object recognition. In 2007 IEEE 11th International Conference on Computer Vision (ICCV). IEEE, 1--8.

[33]

Qiang Li, Xuan Feng, Haining Wang, Zhi Li, and Limin Sun. 2018. Towards fine-grained fingerprinting of firmware in online embedded devices. In IEEE International Conference on Computer Communications (INFOCOM 2018) .

Digital Library

[34]

Q. Li, X. Feng, H. Wang, and L. Sun. 2018. Understanding the Usage of Industrial Control System Devices on the Internet. IEEE Internet of Things Journal, Vol. 5, 3 (June 2018), 2178--2189. https://doi.org/10.1109/JIOT.2018.2826558

[35]

Masscan. 2013. Network Scanner tool for scanning Internet port . https://github.com/robertdavidgraham/masscan . (2013).

[36]

MaxMind. 2002. MaxMind GeoIP2 database provides location data for IP addresses . https://www.maxmind.com/en/geoip2-services-and-databases . (2002).

[37]

Austin Murdock, Frank Li, Paul Bramsen, Zakir Durumeric, and Vern Paxson. 2017. Target generation for Internet-wide IPv6 scanning. Proceedings of the 2017 Internet Measurement Conference. ACM, 242--253.

Digital Library

[38]

NLTK. 2001. a suite of libraries and programs for symbolic and statistical natural language processing. http://www.nltk.org/. (2001).

[39]

Nmap. 1997. Network Security Scanner tool . https://nmap.org/. (1997).

[40]

RFC 5905 NTP. 1985. The Network Time Protocol Protocol for synchronize the clocks of computers over a network. http://www.ntp.org/. (1985).

[41]

Webcam Number. 2014. Information Handling Services Markit, 245 million video surveillance cameras installed globally. https://technology.ihs.com/532501/cameras-installed-globally-in-2014 . (2014).

[42]

ONVIF. [n. d.]. Open Network Video Interface Forum website . ([n. d.]). http://www.onvif.org

[43]

M Zubair Rafique, Tom Van Goethem, Wouter Joosen, Christophe Huygens, and Nick Nikiforakis. 2016. It's free for a reason: Exploring the ecosystem of free live streaming services. In Proceedings of the 23rd Network and Distributed System Security Symposium (NDSS 2016) . Internet Society, 1--15.

[44]

BBC report. 2017. BBC report, In Your Face: China's all-seeing state . https://www.bbc.com/news/av/world-asia-china-42248056/in-your-face-china-s-all-seeing-state . (2017).

[45]

Mirai Report. 2016. the cyber attack disrupts internet service across Europe and US via Mirai . https://www.theguardian.com/technology/2016/oct/21/ddos-attack-dyn-internet-denial-service . (2016).

[46]

Scrapy. 2008. A Fast and Powerful Scraping and Web Crawling Framework . https://scrapy.org . (2008).

[47]

Zain Shamsi, Daren B. H. Cline, and Dmitri Loguinov. 2017. Faulds: A Non-Parametric Iterative Classifier for Internet-Wide OS Fingerprinting. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, CCS, Dallas, TX, USA, October 30 - November 03, 2017 . 971--982.

Digital Library

[48]

Zain Shamsi, Ankur Nandwani, Derek Leonard, and Dmitri Loguinov. 2014. Hershel: Single-packet Os Fingerprinting. In The 2014 ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS '14). 195--206.

[49]

Shodan. 2009. The search engine for Internet-connected devices . https://www.shodan.io/. (2009).

[50]

Beautiful Soup. 2012. package for parsing HTML and XML documents . https://www.crummy.com/software/BeautifulSoup/. (2012).

[51]

VLC. 2001. media player originated by the VideoLan software . https://www.videolan.org/. (2001).

[52]

WARC. 2015. Web ARChive file format combines multiple digital resources into an aggregate archive file together with related information. https://www.loc.gov/preservation/digital/formats/fdd/fdd000236.shtml. (2015).

[53]

Webcam. 2012. Flaw in Home Security Cameras Exposes Live Feeds to Hackers. (2012). https://www.wired.com/2012/02/home-cameras-exposed/

[54]

ICANN WHOIS. 1995. Whois Database for Registration Data. https://www.whois.net/. (1995).

Cited By

El Jaouhari SAhmed S(2024)CTIoT: A Cyber Threat Intelligence Tool for IoT2024 International Wireless Communications and Mobile Computing (IWCMC)10.1109/IWCMC61514.2024.10592406(1483-1489)Online publication date: 27-May-2024
https://doi.org/10.1109/IWCMC61514.2024.10592406
Song JWan SHuang MLiu JSun LLi Q(2023)Toward Automatically Connecting IoT Devices with Vulnerabilities in the WildACM Transactions on Sensor Networks10.1145/360895120:1(1-26)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3608951
Wan SLi QWang HLi HSun L(2023)DevTag: A Benchmark for Fingerprinting IoT DevicesIEEE Internet of Things Journal10.1109/JIOT.2022.322558010:7(6388-6399)Online publication date: 1-Apr-2023
https://doi.org/10.1109/JIOT.2022.3225580
Show More Cited By

Index Terms

Under the Concealing Surface: Detecting and Understanding Live Webcams in the Wild
1. General and reference
  1. Cross-computing tools and techniques
    1. Measurement
2. Networks
  1. Network performance evaluation
    1. Network measurement
  2. Network types
    1. Cyber-physical networks

Recommendations

Under the Concealing Surface: Detecting and Understanding Live Webcams in the Wild
SIGMETRICS '20: Abstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer Systems

Given the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic ...
Under the Concealing Surface: Detecting and Understanding LiveWebcams in the Wild

Given the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic ...
A measurement study of YouTube 360° live video streaming
NOSSDAV '19: Proceedings of the 29th ACM Workshop on Network and Operating Systems Support for Digital Audio and Video

360° live video streaming is becoming increasingly popular. While providing viewers with enriched experience, 360° live video streaming is challenging to achieve since it requires a significantly higher bandwidth and a powerful computation ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Measurement and Analysis of Computing Systems

Proceedings of the ACM on Measurement and Analysis of Computing Systems Volume 4, Issue 1

SIGMETRICS

March 2020

467 pages

EISSN:2476-1249

DOI:10.1145/3402934

Editors:
Augustin Chaintreau
Columbia University
,
Leana Golubchik
University of Southern California
,
Zhi-Li Zhang
University of Minnesota

Issue’s Table of Contents

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 May 2020

Online AM: 07 May 2020

Published in POMACS Volume 4, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Natural Science Foundation of China
Fundamental Research Funds for the Central Universities of China
National Key R&D Program of China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
523
Total Downloads

Downloads (Last 12 months)37
Downloads (Last 6 weeks)4

Reflects downloads up to 26 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

El Jaouhari SAhmed S(2024)CTIoT: A Cyber Threat Intelligence Tool for IoT2024 International Wireless Communications and Mobile Computing (IWCMC)10.1109/IWCMC61514.2024.10592406(1483-1489)Online publication date: 27-May-2024
https://doi.org/10.1109/IWCMC61514.2024.10592406
Song JWan SHuang MLiu JSun LLi Q(2023)Toward Automatically Connecting IoT Devices with Vulnerabilities in the WildACM Transactions on Sensor Networks10.1145/360895120:1(1-26)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3608951
Wan SLi QWang HLi HSun L(2023)DevTag: A Benchmark for Fingerprinting IoT DevicesIEEE Internet of Things Journal10.1109/JIOT.2022.322558010:7(6388-6399)Online publication date: 1-Apr-2023
https://doi.org/10.1109/JIOT.2022.3225580
Ma ZZhang SLi NLi THu XFeng HZhou QLiu FQuan XWang HHu GZhang SZhai YChen SZhang S(2023)GraphNEI: A GNN-based network entity identification method for IP geolocationComputer Networks10.1016/j.comnet.2023.109946235(109946)Online publication date: Dec-2023
https://doi.org/10.1016/j.comnet.2023.109946
Yang MWang X(2022)Interaction Design of Wellness Building Space by Deep Learning and VR Technology in the Context of Internet of ThingsWireless Communications & Mobile Computing10.1155/2022/65674312022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/6567431
Zha JLiang HFeng XJhala RDillig I(2022)Verifying optimizations of concurrent programs in the promising semanticsProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523734(903-917)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523734
Zhang YHuang MLi QSun L(2022)IoTminer: Semantic Information Extraction in the Packet PayloadsGLOBECOM 2022 - 2022 IEEE Global Communications Conference10.1109/GLOBECOM48099.2022.10001220(6079-6084)Online publication date: 4-Dec-2022
https://doi.org/10.1109/GLOBECOM48099.2022.10001220
Yang XHe SWang BTabatabaie M(2021)Spatio-Temporal Graph Attention Embedding for Joint Crowd Flow and Transition PredictionsProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34950035:4(1-24)Online publication date: 30-Dec-2021
https://dl.acm.org/doi/10.1145/3495003
Song JLi QWang HSun L(2020)Under the Concealing SurfaceACM SIGMETRICS Performance Evaluation Review10.1145/3410048.341009348:1(77-78)Online publication date: 9-Jul-2020
https://dl.acm.org/doi/10.1145/3410048.3410093
Song JLi QWang HSun LYeh EMarkopoulou ATay Y(2020)Under the Concealing Surface: Detecting and Understanding Live Webcams in the WildAbstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer Systems10.1145/3393691.3394220(77-78)Online publication date: 8-Jun-2020
https://dl.acm.org/doi/10.1145/3393691.3394220
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents