Looping Surveillance Cameras through Live Editing of Network Streams

Presented at DEF CON 23 (2015), Aug. 8, 2015, 3 p.m. (60 minutes).

This project consists of the hardware and software necessary to hijack wired network communications. The hardware allows an attacker to splice into live network cabling without ever breaking the physical connection. This allows the traffic on the line to be passively tapped and examined. Once the attacker has gained enough knowledge about the data being sent, the device switches to an active tap topology, where data in both directions can be modified on the fly. Through our custom implementation of the network stack, we can accurately mimic the two devices across almost all OSI layers. We have developed several applications for this technology. Most notable is the editing of live video streams to produce a "camera loop," that is, hijacking the feed from an Ethernet surveillance camera so that the same footage repeats over and over again. More advanced video transformations can be applied if necessary. This attack can be executed and activated with practically no interruption in service, and when deactivated, is completely transparent.


Presenters:

  • Eric Van Albert - independent security researcher
    Eric is a recent MIT graduate who spends his days building 3D printers for Formlabs and his nights crawling around places he probably shouldn’t. He has taught seminars on lockpicking and physical security vulnerabilities to various audiences at the Institute, and done a small bit of security consulting work. When he runs out of projects to hack on, he reads the leaked NSA ANT catalog for ideas.
  • Zach Banks - independent security researcher
    Zach is also a recent MIT graduate with over 0 years of security experience. He’s particularly interested in the security of embedded devices and knots. In his free time, he enjoys putting household appliances on the internet and refactoring his old code.

Links:

Similar Presentations: