HoneyCam: Scalable High-Interaction Honeypot for IoT Cameras Based on 360-Degree Video

While IoT cameras have been widely deployed as part of many commercial and residential systems, there exist many threats to IoT camera-based systems due to their inherent vulnerabilities. An effective way to improve the security of IoT cameras is by deploying honeypots, which can be leveraged to engage and deceive the attackers. However, it is challenging to build a camera honeypot that realistically emulates an IoT camera. The camera honeypot not only needs to provide what appears to be a live video stream, but also react to camera control commands (e.g, zoom in/out, tilting, etc.) faithfully and with the expected latency. Existing systems use either real IoT cameras as the source of video streams, which incurs high setup cost and limited scalability because it requires a camera for every honeypot, or plays pre-recorded videos, which do not engage attackers because they do not allow interactions. To address these problems, this paper focuses on the design and evaluation of a scalable high-interaction IoT camera honeypot, called HoneyCam. To emulate IoT cameras, we prerecord 360 o video, and propose techniques to map the 360o video to different fields of view based on the attacker's camera control commands. We evaluate the effectiveness and robustness of HoneyCam by deploying the system on the public Internet. Evaluation results show that HoneyCam can achieve a similar level of deception as those using real IoT cameras, but with better scalability and lower deployment cost. Moreover, it is covert against widely used reconnaissance and honeypot detection tools.

Files

  • guan-cns2022.pdf

    size: 1.45 MB | mime_type: application/pdf | date: 2023-02-27 | sha256: 177e111

Metadata

Work Title HoneyCam: Scalable High-Interaction Honeypot for IoT Cameras Based on 360-Degree Video
Access
Open Access
Creators
  1. Chongqi Guan
  2. Xianda Chen
  3. Guohong Cao
  4. Sencun Zhu
  5. Thomas La Porta
License In Copyright (Rights Reserved)
Work Type Article
Publisher
  1. 2022 IEEE Conference on Communications and Network Security (CNS)
Publication Date October 3, 2022
Publisher Identifier (DOI)
  1. https://doi.org/10.1109/CNS56114.2022.9947265
Deposited February 27, 2023

Versions

Analytics

Collections

This resource is currently not in any collection.

Work History

Version 1
published

  • Created
  • Added guan-cns2022.pdf
  • Added Creator Chongqi Guan
  • Added Creator Xianda Chen
  • Added Creator Guohong Cao
  • Added Creator Sencun Zhu
  • Added Creator Thomas La Porta
  • Published
  • Updated Publisher Show Changes
    Publisher
    • 2022 IEEE Conference on Communications and Network Security (CNS)