Attackers Can Use Security Camera Traffic Patterns to Tell If You’re Home

IP security cameras could let attackers determine if anyone’s home without having to actually intercept the data stream, according to a research paper published at the IEEE International Conference on Computer Communications.

Hackers can sometimes access security cameras, usually by leveraging vulnerabilities. It’s a complicated process, and it usually requires a high degree of technical expertise.

A compromised home security system is one of the worst possible outcomes, as it would tell attackers when you’re away from home, for example. According to a research paper called “Your Privilege Gives Your Privacy Away: An Analysis of a Home Security Camera Service” from the Chinese Academy of Science and the Queen Mary University of London, attackers don’t need actually to get any type of access.

Researchers looked at a Chinese system called HSC (15.4 million streams from 211,000 active users) and analyzed the patterns of how often motion-triggered cameras upload videos, what percentage of them will be watched, and how predictable are motion-triggered uploads and user access patterns.

The service has regular and premium users, and the traffic they generate differs greatly, as around 95% of replay upload traffic is generated by the top 5% of cameras (mostly motion-triggered uploads).

By using specific tools to monitor that traffic, researchers were able to predict, with high accuracy, when someone was at home and to learn the patterns or activities inside a house.

“After a period of observing surges, an attacker may be able to infer a user’s daily patterns,” reads the paper. “For example, a camera consistently uploading motion triggered video at 18:00 might indicate that family members arrive home at that time.”

Even if the study covered the China-based HSC security camera system, the findings would apply to any cameras that use Variable Bit Rate (VBR) encoding, including Nest.

Add Comment

Your email address will not be published. Required fields are marked *