The proliferation of smartphone and tablet empowers ubiquitous Device-to-device (D2D) networks. Using a locally handled wireless link between devices provides significant convenience to all use cases of Internet of Things, such as home monitors, garage door, and Google home. Nowadays, digital cameras have also adapted Wi-Fi technology to ease the process of transferring pictures and videos to smartphones and laptops. This paper introduces the D2D file transfer mechanisms between cameras and mobile platforms and presents an in-depth empirical security analysis on the D2D network created by those devices. Cameras and applications are close-sourced black boxes, which makes security investigation considerably challenging. In this paper, the analysis concentrates on the most popular camera brands in the market and our team reveals some critical vulnerabilities. We exploit the discovered flaws to construct a proof-of-concept attack to demonstrate how to steal an image from a camera in a busy Wi-Fi environment. We conclude the paper with improvement suggestions and possible solutions. The experimental setup we have developed could be used for future related research.
[1]
Peter M. Corcoran,et al.
PTP/IP - a new transport specification for wireless photography
,
2005,
IEEE Transactions on Consumer Electronics.
[2]
Yu Cheng,et al.
Security Analysis of Mobile Device-to-Device Network Applications
,
2019,
IEEE Internet of Things Journal.
[3]
Yu Cheng,et al.
Development of Mobile Ad-hoc Networks over Wi-Fi Direct with off-the-shelf Android phones
,
2016,
2016 IEEE International Conference on Communications (ICC).
[4]
Sunghyun Cho,et al.
Secure Authentication and Four-Way Handshake Scheme for Protected Individual Communication in Public Wi-Fi Networks
,
2018,
IEEE Access.