The Journal of Supercomputing

, Volume 74, Issue 10, pp 5060–5081 | Cite as

Forensic investigation to detect forgeries in ASF files of contemporary IP cameras

  • Rashid Masood Khan
  • Waseem Iqbal
  • Muhammad Faisal Amjad
  • Haider Abbas
  • Hammad Afzal
  • Abdul Rauf
  • Maruf Pasha


Recent years have seen tremendous increase in crime and terrorism all over the world which has necessitated continuous surveillance of public spaces, commercial entities and residential areas. CCTV cameras are an integral part of any modern surveillance system and have evolved significantly. They are a vital part of any investigation that follows a criminal or terrorism incident by providing invaluable evidence. In this paper, we show that the Advance Systems Format (ASF) file used in most IP cameras, which is also the main file containing metadata about the streaming packets, is vulnerable to forgery. This file is stored in plain text and any technically savvy person can forge it; therefore, a mechanism is needed to prevent it. To that end, we have gathered critical artifacts from an ASF file of IP cameras and carried out their forensic analysis. The analysis performed during this study demonstrates successful detection of forgery/tampering of evidence in IP cameras.


ASF file ASF objects Digital forensics Forensic artifacts IP cameras 


Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.


  1. 1.
    Ohaneme CO, Eke J, Azubogu AC, Ifeagwu EN, Ohaneme LC (2012) Design and implementation of an IP-based security surveillance system. IJCSI Int J Comput Sci Issues 9(5):393Google Scholar
  2. 2.
    Mondaini N, Caldelli R, Piva A, Barni M, Cappellini V (2007) Detection of malevolent changes in digital video for forensic applications. Security, Steganography, and Watermarking of Multimedia Contents IX, vol 6505, p 65050T. International Society for Optics and PhotonicsGoogle Scholar
  3. 3.
    Bayram S, Sencar H, Memon N (2008) Video copy detection based on source device characteristics: a complementary approach to content-based methods. In: 1st ACM International Conference on Multimedia Information Retrieval. ACM, pp 435–442Google Scholar
  4. 4.
    Conotter V, O’Brien JF, Farid H (2012) Exposing digital forgeries in ballistic motion. IEEE Trans Inf Forensic Secur 7(1):283–296CrossRefGoogle Scholar
  5. 5.
    Stamm MC, Lin WS, Liu KR (2012) Temporal forensics and anti-forensics for motion compensated video. IEEE Trans Inf Forensic Secur 7(4):1315–1329CrossRefGoogle Scholar
  6. 6.
    Zhou Y, Zeng FZ, Yang GF (2012) The research for tamper forensics on mpeg-2 video based on compressed sensing. In: International Conference on Machine Learning and Cybernetics (ICMLC), 2012, vol 3, pp 1080–1084. IEEEGoogle Scholar
  7. 7.
    Liu Yx, Kurceren R, Budhia U (2006) Video classification for video quality prediction. J Zhejiang Univ Sci A 7(5):919–926CrossRefGoogle Scholar
  8. 8.
    Presenting digital evidence to court: security, data and privacy. Accessed 30 Sept 2017
  9. 9.
    Swaminathan A, Wu M, Liu KR (2006) Component forensics of digital cameras: a nonintrusive approach. In: 2006 40th Annual Conference on Information Sciences and Systems, pp 1194–1199. IEEEGoogle Scholar
  10. 10.
    Bestagini P, Fontani K, Milani S, Barni M, Piva A, Tagliasacchi M, Tubaro K (2012) An overview on video forensics. In: Proceedings of the 20th European Signal Processing Conference (EUSIPCO), pp 1229–1233. IEEEGoogle Scholar
  11. 11.
    Wang W, Farid H (2008) Detecting re-projected video. In: International Workshop on Information Hiding, pp 72–86, SpringerGoogle Scholar
  12. 12.
    Poisel R, Tjoa S (2011) Forensics investigations of multimedia data: a review of the state-of-the-art. In: 2011 Sixth International Conference on IT Security Incident Management and IT Forensics, pp 48–61. IEEEGoogle Scholar
  13. 13.
    Wang W, Farid H (2006) Exposing digital forgeries in video by detecting double mpeg compression. In: Proceedings of the 8th Workshop on Multimedia and Security, pp 37–47. ACMGoogle Scholar
  14. 14.
    Zhang J, Su Y, Zhang M (2009) Exposing digital video forgery by ghost shadow artifact. In: Proceedings of the First ACM Workshop on Multimedia in Forensics, pp 49–54. ACMGoogle Scholar
  15. 15.
    Wang W, Farid H (2007) Exposing digital forgeries in video by detecting duplication. In: Proceedings of the 9th Workshop on Multimedia and Security, pp 35–42. ACMGoogle Scholar
  16. 16.
    Shotton D, Rodriguez A, Guil N, Trelles O (2002) A metadata classification schema for semantic content analysis of videos. J Microsc 205(1):3342MathSciNetCrossRefGoogle Scholar
  17. 17.
    Qian R.J (2010) Advanced streaming format table of contents object. US Patent 7,676,495Google Scholar
  18. 18.
    Wei Q, Zhang Y, Zhang M, Cui M (2010) Study on synchronization for streaming media based on ASF format for e-learning. In: Web Information Systems and Mining (WISM), 2010 International Conference on, vol 1, pp 156–160. IEEEGoogle Scholar
  19. 19.
    Popescu C, Farid H (2005) Exposing digital forgeries in color filter array interpolated images. IEEE Trans Signal Process 53(10):3948–3959MathSciNetCrossRefGoogle Scholar
  20. 20.
    Birajdar GK, Mankar VH (2013) Digital image forgery detection using passive techniques: a survey. Digit Investig 10(3):226–245CrossRefGoogle Scholar
  21. 21.
    Martin T (2017) How to prevent your security camera from being hacked. Accessed 30 Sept 2017
  22. 22.
    Li A (2017) How to secure your wifi enabled home camera reolink blog. Accessed 30 Sept 2017
  23. 23.
    Howell D (2017) How to protect your home and business with IP security. Accessed 30 Sept 2017
  24. 24.

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.National University of Sciences and TechnologyIslamabadPakistan
  2. 2.Bahauddin Zakariya UniversityMultanPakistan

Personalised recommendations