TY - GEN
T1 - HoneyCam
T2 - 2022 IEEE Conference on Communications and Network Security, CNS 2022
AU - Guan, Chongqi
AU - Chen, Xianda
AU - Cao, Guohong
AU - Zhu, Sencun
AU - Porta, Thomas La
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - While IoT cameras have been widely deployed as part of many commercial and residential systems, there exist many threats to IoT camera-based systems due to their inherent vulnerabilities. An effective way to improve the security of IoT cameras is by deploying honeypots, which can be leveraged to engage and deceive the attackers. However, it is challenging to build a camera honeypot that realistically emulates an IoT camera. The camera honeypot not only needs to provide what appears to be a live video stream, but also react to camera control commands (e.g, zoom in/out, tilting, etc.) faithfully and with the expected latency. Existing systems use either real IoT cameras as the source of video streams, which incurs high setup cost and limited scalability because it requires a camera for every honeypot, or plays pre-recorded videos, which do not engage attackers because they do not allow interactions. To address these problems, this paper focuses on the design and evaluation of a scalable high-interaction IoT camera honeypot, called HoneyCam. To emulate IoT cameras, we prerecord 360 o video, and propose techniques to map the 360o video to different fields of view based on the attacker's camera control commands. We evaluate the effectiveness and robustness of HoneyCam by deploying the system on the public Internet. Evaluation results show that HoneyCam can achieve a similar level of deception as those using real IoT cameras, but with better scalability and lower deployment cost. Moreover, it is covert against widely used reconnaissance and honeypot detection tools.
AB - While IoT cameras have been widely deployed as part of many commercial and residential systems, there exist many threats to IoT camera-based systems due to their inherent vulnerabilities. An effective way to improve the security of IoT cameras is by deploying honeypots, which can be leveraged to engage and deceive the attackers. However, it is challenging to build a camera honeypot that realistically emulates an IoT camera. The camera honeypot not only needs to provide what appears to be a live video stream, but also react to camera control commands (e.g, zoom in/out, tilting, etc.) faithfully and with the expected latency. Existing systems use either real IoT cameras as the source of video streams, which incurs high setup cost and limited scalability because it requires a camera for every honeypot, or plays pre-recorded videos, which do not engage attackers because they do not allow interactions. To address these problems, this paper focuses on the design and evaluation of a scalable high-interaction IoT camera honeypot, called HoneyCam. To emulate IoT cameras, we prerecord 360 o video, and propose techniques to map the 360o video to different fields of view based on the attacker's camera control commands. We evaluate the effectiveness and robustness of HoneyCam by deploying the system on the public Internet. Evaluation results show that HoneyCam can achieve a similar level of deception as those using real IoT cameras, but with better scalability and lower deployment cost. Moreover, it is covert against widely used reconnaissance and honeypot detection tools.
UR - http://www.scopus.com/inward/record.url?scp=85143409689&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85143409689&partnerID=8YFLogxK
U2 - 10.1109/CNS56114.2022.9947265
DO - 10.1109/CNS56114.2022.9947265
M3 - Conference contribution
AN - SCOPUS:85143409689
T3 - 2022 IEEE Conference on Communications and Network Security, CNS 2022
SP - 82
EP - 90
BT - 2022 IEEE Conference on Communications and Network Security, CNS 2022
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 3 October 2022 through 5 October 2022
ER -