한국컴퓨터정보학회논문지 (Journal of the Korea Society of Computer and Information)

  • 제24권1호
  • /
  • Pages.107-113
  • /
  • 2019
  • /
  • 1598-849X(pISSN)
  • /
  • 2383-9945(eISSN)
한국컴퓨터정보학회 (Korean Society of Computer Information)
권호 표지
DOI QR코드

DOI QR Code

Security Problems and Measures for IP Cameras in the environment of IoT

  • Kang, Gil-uk (Dept. of Computer Information Security, Korea National University of Welfare) ;
  • Han, Sang-Hoon (Dept. of Computer Information Security, Korea National University of Welfare) ;
  • Lee, Ho (Dept. of Computer Information Security, Korea National University of Welfare)
  • 투고 : 2018.11.19
  • 심사 : 2018.12.04
  • 발행 : 2019.01.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Along with the development of IOT, the number of people using IOT devices has enormously increased and the IOT era has come. Especially, people using the IP cameras among Internet devices have been drastically increasing. It is because the IP cameras are well networked and comparatively cheap compared with CCTVs, and they can also be monitored and controlled in real time through PCs and smart phones for the purposes of general theft prevention and shop surveillance. However, due to the user's serious lack of security awareness and the fact that anyone can easily hack only with simple hacking tools and hacking sites information, security crimes that exploit those have been increasing as well. Therefore, this paper describes how easily the IP cameras can be hacked in the era of IOT, what kind of security incidents occurred, and also suggests possible government measures and new technical solutions to those problems.

키워드

CPTSCQ_2019_v24n1_107_f0001.png 이미지

Fig. 1. Transition and Forecast of Global Surveillance Camera Market Size

CPTSCQ_2019_v24n1_107_f0002.png 이미지

Fig. 2. Site Listing IP Cameras that were hacked

CPTSCQ_2019_v24n1_107_f0003.png 이미지

Fig. 3. Homepage of Shodan

CPTSCQ_2019_v24n1_107_f0004.png 이미지

Fig. 4. Example of Aircrack-ng Tool

CPTSCQ_2019_v24n1_107_f0005.png 이미지

Fig. 5. Example of Hydra Tool

CPTSCQ_2019_v24n1_107_f0006.png 이미지

Fig. 6. Result of Retrieval using contry:KR Filter

CPTSCQ_2019_v24n1_107_f0007.png 이미지

Fig. 7. Access to Domestic IP Camera without Authentication

CPTSCQ_2019_v24n1_107_f0008.png 이미지

Fig. 8. Finding Parameter Information using Development Tools

CPTSCQ_2019_v24n1_107_f0009.png 이미지

Fig. 9. Cracking Password using Hydra Tool

Table 1. Filters used in Shodan

CPTSCQ_2019_v24n1_107_t0001.png 이미지

Table 2. Cracking result after setting Default Password

CPTSCQ_2019_v24n1_107_t0002.png 이미지

Table 3. Cracking Result after setting Safe Password

CPTSCQ_2019_v24n1_107_t0003.png 이미지

참고문헌

  1. Jeon Young Sung, Han Jong Wook, Cho Hyun Sook, "Technology Trend of Next Generation Video Security", REVIEW OF KIISC, 20(3), pp. 9-17, 2010.
  2. Hong Soon Ho, "IP Camera Market and Trend in the Video Security Industry", REVIEW OF KIISC, Vol. 20, No. 3, pp. 18-23, 2010.
  3. J. Y. Park, C. H. Song, S. Y. Kim, J. H. Park, J. H. Park, "IP Camera Authentication and Key Exchange Protocol Using ID-Based Signature Scheme", Journal of the Korea Institute of Information Security & Cryptology, 28(4), pp. 789-801, 2018. https://doi.org/10.13089/JKIISC.2018.28.4.789
  4. S. D. Yoo, D. H. Ryu, "A study on the Promotion Method of Domestic Video Security Industry", The Journal of The Institute of Internet, Broadcasting and Communication, Vol. 17, No. 3, pp. 9-21, 2017. https://doi.org/10.7236/JIIBC.2017.17.3.9
  5. Tae Woong Seo, Sung Ryoul Lee, Byung Chul Bae, E-Joong Yoon, Chang Soo Kim, "An Analysis of Vulnerabilities and Performance on the CCTV Security Monitoring and Control", Journal of Korea Multimedia Society, 15(1), pp. 93-100, 2012. https://doi.org/10.9717/kmms.2012.15.1.093
  6. Kim Yun Ha, Yun Seong Won, Kim Jin Hun, OH EUN, Choi Hun Ju, "The Case Study on Security Reinforcement and Network Management Improvement using Vulnerability Analysis of Transmission Section for IP Camera", Proceedings of Symposium of the Korean Institute of Communications and Information Sciences, pp. 759-760, 2018.
  7. Jin Young Park, Chi-ho Song, Suk-young Kim, Ju-hyun Park, Jong Hwan Park, "IP Camera Authentication and Key Exchange Protocol Using ID-Based Signature Scheme", Journal of The Korea Institute of Information Security & Cryptology, 28(4), pp. 789-801, 2018. https://doi.org/10.13089/JKIISC.2018.28.4.789
  8. K. Y. Kim, K. S. Lee, B. S. Kim, "Protection Motivation of IP Camera Users: A Mixed Methods Approach", The e-Business Studies, 19(10, pp. 227-245, 2018.
  9. DongHyuk Lee, Namje Park, "A Study on Security Authentication and Security Management Method for IoT Products", The Journal of The Korean Institute of Communication Sciences, 33(12), pp. 28-34, 2016.
  10. Ministry of Science and ICT, Korea Communications Commission, National Police Agency, "Comprehensive Countermeasures for IP Cameras", 2017.
  11. MiHui Kim, "Privacy Protection Technologies on IoT Environments : Case Study of Networked Cameras", Journal of THE KOREA CONTENTS ASSOCIATION, 16(9), pp. 329-338, 2016. https://doi.org/10.5392/JKCA.2016.16.09.329
  12. Sang-hoon Han, Kyo-Rim Koo, Han-Sol Park, Hyun-Tae Kim, Do-Yong Song, "A Security Analysis by Cracking in Wireless Routers", Proceedings of the Korean Society of Computer Information Conference, 25(2), pp. 400-401, 2017.
  13. Sang-Hoon Han, Jin-Hui Jang,Gil-Uk Kang, Han-Sol Park, "IP Camera Hacking Analysis And Measure", Proceedings of The Korean Society of Computer Information Conference, 26(1), pp. 165-166, 2018.
  14. Ishwadeep Badgujar, "How to Hack CCTV Private Cameras", https://null-byte.wonderhowto.com/forum/hack-cctv-private-cameras-0159437
  15. Hydra tool, http://tylerrockwell.github.io/defeating-basic-auth-with-hydra/
  16. Andy O'Donnell, "How to Secure Your IP Security Cameras", https://www.lifewire.com/secure-your-ipsecurity-cameras-2487488