Difference between revisions of "Projects:2017s1-167b Real Time Video Steam Substitution"
Line 7: | Line 7: | ||
== Project Supervisor == | == Project Supervisor == | ||
− | • Matthew Sorell | + | • Dr. Matthew Sorell |
== Introduction == | == Introduction == |
Revision as of 10:58, 30 October 2017
Contents
Project Members
• Matt Reynolds
• Harish Gowda
Project Supervisor
• Dr. Matthew Sorell
Introduction
NATO’s Locked Shields [1] is an annual (since 2010) live-fire cyber defence exercise organised to aid in the training of security experts tasked with protecting national IT systems. The scenario-based exercise focuses on the attack and defence of network and service infrastructure of a fictional country, including military command and control systems, electrical power grid systems and unmanned aerial vehicles. One such attack performed at the 2017 event focused on the substitution of footage from a military drone’s real-time video feed. The defence network was compromised with the video feed replaced and displayed on screen. This was achieved via the use of VLC command line options. Taking inspiration from the recently concluded event and the attack performed on the drone, this project investigates how a real-time video stream can be seamlessly substituted whilst going undetected. Consequently, the investigation will generate the need for further research into uncovered vulnerabilities and their potential solutions.
Estonia Study Tour
As part of this research project, we had the privilege of attending a 2-week study tour in Estonia. Participation gave us the opportunity to witness firsthand the progress Estonia is making in the world of cyber security. We found it to be an invaluable experience as it allowed us to network with fellow peers and professionals.
Abstract
This research project looks at how intercepting and substituting the contents of a real-time video stream between a source and end-user over IP may be conducted. The real-time video stream is to be seamlessly substituted with an arbitrary video or an alternate stream. The project aims to identify all the complexities and constraints associated with conducting such a substitution.
The project is divided into two components:
- Multimedia Network Security and
- Video stream Substitution
The Multimedia Network Security aspect of the project considers different attack strategies which can be implemented to gain access to the real-time stream. This is while also keeping the end users unaware of any breaches in the network. Different session hijacking techniques and their complexities are to be examined. As a starting point, it is assumed network encryption is omitted.
The Video substitution component of the project considers the associated challenges of manipulating and seamlessly substituting a video stream in real-time. Motion JPEG and MPEG standards 2 and 4 are of focus.
Objectives
Concept
Consider the following high-level concept where a real-time stream originates from some source, is sent through a routing network over IP and arrives at the end-user. A man-in-the-middle attack can be performed at a vulnerable point within the routing network to hijack the connection. From here all data can then be routed through an external node for manipulation.
At the external node, the objective is to pull apart and break down the video stream into its elementary components. Relevant stream control data including timestamps, clock references and frame rate information are to be extracted and retained, with the video frames discarded. The stream can then be re-encoded using the retained stream control data and new video frames.
References
[1] “Locked Shields 2017,” NATO Cooperative Cyber Defence Centre of Excellence, 2017. [Online]. Available: https://ccdcoe.org/locked-shields-2017.html.