Vulnerability Assessment and Penetration Testing on IP cameras

TL;DR

This paper assesses vulnerabilities in IP cameras, specifically the TP-Link Tapo C200, revealing three security flaws and proposing countermeasures using a Raspberry Pi to enhance device security.

Contribution

It provides a detailed vulnerability assessment and introduces a novel attack called 'Motion Oracle', along with countermeasures for IP camera security.

Findings

Identified three vulnerabilities: DoS, eavesdropping, and Motion Oracle attack.

Demonstrated effectiveness of countermeasures using Raspberry Pi.

Highlights security risks in widely used IoT devices.

Abstract

IP cameras have always been part of the Internet of Things (IoT) and are among the most widely used devices in both home and professional environments. Unfortunately, the vulnerabilities of IP cameras have attracted malicious activities. For example, in 2016, a massive attack resulted in thousands of cameras and IoT devices being breached and used to create a botnet. Given this history and the extremely sensitive nature of the data these devices have access to, it is natural to question what security measures are in place today. In this paper, a vulnerability assessment and penetration testing is performed on a specific model of IP camera, the TP-Link Tapo C200. More in detail, our findings show that the IP camera in question suffers from three vulnerabilities such as: denial of service, video eavesdropping and, finally, a new type of attack called "Motion Oracle". Experiments are not limited to the offensive part but also propose countermeasures for the camera in question and for all those that may suffer from the same vulnerabilities. The countermeasure is based on the use of another IoT device, a Raspberry Pi.