CCTV Test: Camera Tamper Protection
With the wider use of smart detection, an increasing number of manufacturers are claiming to offer anti-tamper features on video cameras. Benchmark considers the performance of this functionality to see whether it offers credible protection.
[dropcap]I[/dropcap]n recent times, the introduction of smart technologies has increased the benefits on offer from video surveillance cameras. Predominantly found in networked units (although other cameras are capitalising on the move to more advanced chipsets), smart codecs are typically associated with motion detection, line-based analytics, face detection, object tracking, etc..
The move has happened as ever more powerful chipsets are introduced. Manufacturers are making use of additional processing power, with many of the leading manufacturers introducing a credible level of on-board analytics.
When considering such functionality, it is common to immediately think about the detection and tracking of violations in a viewed scene. However, it is also a simple task to introduce protection for the camera itself.
Increasingly, tamper protection is being listed as a benefit of advanced video surveillance cameras. However, following conversations with a number of installers and integrators, most admitted to not regularly using this feature. The main reasons were a lack of experience with tamper protection in the field, and concerns that the processing requirements of the function might affect overall performance.
Different manufacturers offer varying levels of protection, ranging from simple global scene change detection through to identification of sabotage attempts such as defocusing and even impact sensing. However, the real question is whether this functionality actually offers credible protection, or does it merely add to the list of features and functions as a part of specsmanship? Benchmark put some cameras into real world applications to find out how well they perform.
Axis Communications P3365-V
The AXIS P3365-V from Axis Communications is a networked static dome day/night camera which delivers HD1080P streams. These can be compressed using either H.264 or M-JPEG, and multiple streaming is supported. The camera features a varifocal lens with a range of 3-9mm. P-iris functionality is also supported. Features include VMD and tamper protection, alarm I/O, WDR and two-way audio. The camera supports edge recording via SD cards. Power is PoE.
The P3365-V supports a range of ‘smart’ detection options, including a camera tampering option. This will generate an alarm if the camera is repositioned, or if it is masked, sprayed or defocused.
The tampering alerts can be set with Action Rules. This allows various actions to be specified in response to events.
The first element of setting up camera tamper sensing is done via the Detectors menu. There are only two settings. The first is for a tamper time period. This prevents false alarms from innocuous sources by allowing a time window (set in seconds or minutes, with a minimum of 10 seconds and maximum of 60 minutes) for which a mask or other violation needs to exist before it is flagged as a sabotage attempt.
The second setting is a simple tick box, which sets the camera to alarm for a dark image. Obviously, many applications will have dark images at certain times, so this should be applied with caution!
The next step is to create an Alarm Rule to deliver an appropriate response. This is done via the Events menu. The trigger is selected as a camera detector, with Tampering selected as the appropriate type. The trigger can also be active during a schedule if required. There is an option to add additional triggers within a time window; a motion event could be selected to proceed a tamper event, for example.
Finally, an action is selected. These could be triggering a relay, recording video, transmitting a snapshot or clip, sending a notification, switching camera mode, playing an alert, etc..
The P3365-V responded accurately to attempts at masking the camera where the full viewed scene was blocked. However, where partial masking was applied to cover certain areas of the scene, amounting to around 50 per cent of the view, the performance was less consistent. If the part of scene still viewed was relatively featureless, such as a wall, the event was detected. However, if the area still in view was detailed then masking was generally not detected.
Repositioning the camera was detected with a good degree of consistency. However, applying a transparent film of a thickness sufficient to alter focus to a point where individuals were difficult to identify did not create an alarm.
The VB-S800D from Canon is a networked day/night camera which delivers HD1080P streams utilising H.264 and M-JPEG compression. Dual streaming is supported. The camera is fitted with a fixed 2.7mm lens. Features include VMD and basic content analytics, alarm I/O, two-way audio, smart shade control and edge recording via an integral MicroSD card slot. The camera also supports tamper protection. Power is via PoE.
The VB-S800D supports a range of intelligent detection options, including camera tampering. This will generate an alarm if the camera is repositioned, or if it is masked or sprayed.
The tampering alerts can have event actions applied, giving a few choices with regard to how tampering alarms are managed.
Configuring camera tamper detection is done via the Admin Tool, in the Intelligent Function Setting menu. The process involves creating a new detection, selecting Camera Tampering as the criteria, and then specifying the percentage of change in the image that constitutes an alarm.
Once this is done, an event action is created. This can be video recording or an email notification when an event occurs. There is also an option to trigger the camera’s output.
The VB-S800D responded accurately to attempts at masking the camera where the full viewed scene was blocked, and was fairly fast in detecting change. With the percentage of change ratio set appropriately, it also detected masking where part of the scene was obscured. Unfortunately it also detected lighting changes as a tamper event, even where there was still enough light to deliver a clean colour image.
Changing the camera’s field of view was consistently detected. The application of transparent film to alter focus was not detected; Canon does not claim that its tamper protection includes focus issues.
The IDIS DC-D1223WX is a networked day/night camera which delivers HD1080P streams utilising H.264 and M-JPEG compression. The camera operates in two modes. DirectIP mode requires implementation in an IDIS DirectIP system. Compatability mode allows integration with third party devices. Multiple streaming is supported. The lens is varifocal, with a range of 3-9mm. Features include VMD and tamper detection, alarm I/O, two-way audio, noise reduction, digital WDR and privacy masking. The camera also supports edge recording via an integral MicroSD card slot. Power is via PoE or 12V DC.
The DC-D1223WX supports a few detection options and these include camera tampering. This will generate an alarm if change is detected in the video image, such as the camera being repositioned or masked.
Tampering alerts can also be associated with a number of actions.
Configuring tamper detection is done via the device’s GUI in the Event Menu. The process is relatively simple and only includes a couple of options. These are sensitivity (there are five levels) and activation time (0-5 seconds).
There is also a setting for what IDIS refers to as an ‘Ignoring Time’. This is a very basic schedule, and allows a start and end parameter to be set for times when tamper alerts should be ignored. There is no flexibility for various days or weekends.
Once this is configured, the same menu allows setting of an event action. The choices are to trigger an output, recording, audio alert, email including snapshots, FTP upload and call-back.
The DC-D1223WX was originally left at the default level 3 for sensitivity, but it missed several masking attempts when the image was totally obscured. It only regularly detected masking with dark materials. It did, however, detect scene change through camera repositioning. It also ignored the application of transparent films to blur the image.
Switching the sensitivity level to 4 saw a better response to masking with light materials. However, it also meant that light changes – not significant enough to affect image quality – were also detected as tampers.
The Pelco IME219-1ES is a networked day/night camera which delivers HD1080p streams. It utilises H.264 and M-JPEG compression, and multiple streaming is supported. The unit includes integral IR leds for night vision. The lens is a 3-9mm varifocal unit. Features include adaptive motion detection with sabotage protection, SureVision WDR, alarm I/O, two-way audio and edge recording via a MicroSD card. Power is PoE.
The IME219-1ES supports a number of intelligent detection options, and these include camera sabotage detection. This feature generates an alarm if the camera is repositioned, or if it is masked or sprayed.
The tampering alerts can be handled in a number of ways, dependent upon the configuration.
Setting up the sabotage behaviour is carried out via the camera’s GUI, and is relatively straightforward. The process involves creating a profile, activating the sabotage behaviour and then specifying a time period for a sabotage event to exist before it is classed as an alarm. The range is from 3 to 300 seconds. It is also possible to specify the severity of the alarm.
Alarms from the analytics engine can be viewed in an Event Stream. It is also possible to set up an event source and handler, to allow actions to be taken such as affecting alarm output states, sending an email notification, saving a snapshot or transfering data via FTP.
The IME219-1ES was accurate in detecting attempts at masking the camera where the full viewed scene was fully blocked, but if there was only a partial obscuration it wasn’t always detected dependent upon the content of the unobscured element.
Changing the camera’s field of view was also consistently detected. However, the application of a transparent film to alter focus was not detected; it is worth noting that Pelco does not claim that its sabotage protection will detect focus change.
The Samsung Techwin SND-6084P is a networked day/night camera which delivers HD1080p streams at frame rates of up to 50fps. It utilises H.264 and M-JPEG compression, and multiple streaming is supported. The lens is a 3-8.5mm motorised varifocal unit. Features include BLC, WDR, DNR, image stabilisation, defog, alarm I/O and two-way audio. Motion, face and audio detection functionality is also included, as is video analytics. The camera also supports Samsung’s ‘open platform’ apps. Edge recording is provided via a MicroSD card. Power is via PoE or 12V DC.
The SND-6084P uses the company’s WiseNet III processing platform which supports a number of ‘smart’ detection options, including a camera tampering option. This will generate an alarm if the camera is repositioned, or if it is masked or sprayed.
The tampering alerts can be linked to a number of actions, thus giving some flexibility with regard to event handling.
The tampering detection configuration is part of the Event menu of the main camera GUI. The Tampering Detection page is selected, and then it’s a simple task of enabling the detection and setting a sensitivity level: there are five settings.
The next task is to set an Event Action, which is done from the same menu. These can include recording to an SD card, transfer via FTP or email, or triggering an alarm output. The latter can be for an unlimited period requiring acknowledgment to clear the alarm condition, for a time period (5, 10 or 15 seconds) or disabled.
Finally, the tampering detection can be scheduled, with an option to set differing times on days of the week.
The SND-6084P responded accurately to attempts at masking the camera where the full viewed scene was blocked. It worked consistently with both dark (non light emitting) and light (light emitting) masking materials. Detection was also relatively swift.
With regard to partial masking, the camera was also accurate and relatively swift. It didn’t seem to matter whether a partial mask covered a detailed area or a relatively empty and bland one; detection still occurred as expected.
Repositioning the camera was also accurately detected and the camera showed consistency with regard to performance.
Interestingly, whilst we could find no specific claims with regard to the tamper detection’s abilities, the SND-6084P did detect the use of transparent film. In all tests we used a layer of heavy gauge film. This allowed light and general shapes to be resolved, but it affected the focus to a degree where positive identification of individuals was difficult. The Samsung camera was one of only three units to deliver consistent results with this type of tampering.
The RC3402HD-6311IR from Riva is a networked static dome day/night camera which delivers HD1080P streams. These can be encoded using H.264 or M-JPEG, and dual streaming is supported. The camera features a varifocal lens with a range of 3-9mm; infrared illuminators deliver night vision with a stated range of 20 metres. Features include VCA analytics (use of this limits frame rate, and subsequently a compliant HD stream cannot be delivered if it is deployed), VMD, WDR and privacy masking. The camera supports edge recording via MicroSD cards. Power is PoE or 12V DC.
It features a suite of on-board analytics powered by VCA technology. This includes camera tampering protection as standard. This will generate an alarm if the camera is repositioned, or if it is masked, sprayed or defocused.
The tampering alerts are set via the camera’s VCA menu. On first glance you would be forgiven for thinking that tamper detection isn’t supported, but the initial task is to enable VCA, which will then populate the menu with other options. From there, simply select the Tamper Detection page and a screen image with simple menu appears.
The first thing to do is to tick the Enabled box to activate tamper detection. Then there are an additional three options. One is for the time duration of a tamper attempt, and can be set ranging from 1 to 100,000 seconds! The next allows a percentage of scene change to be specified. This can ensure that partial masking attempts are detected. The final option is a tick-box which will suppress alarms generated by lighting changes.
Once the tamper detection parameters are set, then the next task is to create an Event Rule to generate an action on alarm. This is achieved via the Event Configuration menu, using the Event Rule page.
Once a Rule has been created, the next task is to select the source – in this case it’s a VCA trigger, with Tamper selected – before selecting an appropriate action. The latter include recording to an SD card, writing to the event log, or a notification via email, FTP, HTTP or multicast.
The RC3402HD-6311IR gave mixed results with regard to tamper attempts where the full viewed scene was blocked. If a dark mask was applied it was inevitably detected. However, light masks which totally obscured the image but still let light through were often missed. It didn’t matter whether this was due to an item placed in front of the camera or applied directly to the lens cover.
The same was true with partial masking, and even with the percentage requiring change being reduced the performance was still not accurate or consistent.
Repositioning the camera was only detected if the viewed scene changed dramatically. We tried the tests with the option to suppress lighting change both enabled and disabled, but there wasn’t a great difference.
Needless to say, applying a transparent film to alter focus did not create an alarm.
The Tyco ADCi610-D011 is a networked day/night camera which delivers HD1080p streams. It utilises H.264 and M-JPEG compression, and dual streaming is supported. The camera is fitted with a 3-9mm varifocal lens which includes patented ‘barrel distortion correction’. The camera also includes integral IR illuminators. Features include motion and face detection, privacy masking, alarm I/O, WDR and two-way audio. The camera supports edge recording via an integral MicroSD card slot. Power is PoE or 124V AC.
The ADCi610-D011 supports a number of basic detection options, including what is referred to as ‘blur’ detection. This will generate an alarm if the image becomes blurred. The Tyco explanation is that this will occur if the camera is repositioned, masked or defocused.
The blur detection is set via the Events menu, and the options are very basic. The first is to enable the feature, and it can be set to one of five sensitivity levels. These are 20, 40, 60, 80 and 100. Alternatively you can select a custom option and select the setting between 1 and 100.
The next step is to select an action. This can be alarm only (it gets logged but no other action occurs), or images can be recorded to an SD card or transmitted to an FTP or SMTP server.
Because of the ‘blur’ definition and the frugal settings we didn’t expect much from the ADCi610-D011, but it responded accurately to attempts at masking the camera where the full viewed scene was blocked. It detected attempts with both darker materials and those which allowed light transmission. Partial attempts were also detected, with only very slow masking of small areas of the scene being ignored. However, these would be picked up at around 50 per cent masking.
Repositioning the camera was detected with a good degree of consistency.
The one masking method which defeated most cameras, applying a transparent film of a thickness sufficient to alter focus to a point where individuals were difficult to identify, was detected consistently, making the ADCi610-D011 one of three cameras in the test to do so.
The FD8371V from Viviotek is a networked day/night camera which delivers HD1080p streams at rates of up to 50fps. It employs H.264, MPEG-4 and M-JPEG encoding, and multiple streaming is supported. The camera is fitted with a 3-10mm varifocal lens which also deliver P-iris performance. The camera features integral infrared illuminators, and has a stated range of 20 metres for night vision. Features include motion detection, alarm I/O, WDR, two-way audio, noise reduction and privacy masking. The camera supports edge recording via an integral MicroSD card slot. Power is PoE or 12V DC/24V AC.
The FD8371EV is billed as supporting a range of ‘smart’ options, including camera tampering as one part of its smart detection capabilities. This will generate an alarm if the camera is repositioned, or if it is masked, sprayed or defocused.
The tampering alert configuration can be found in the Applications section of the menu. It is very simple: there is a tick-box to enable tamper detection, and the time parameter which is set between 10 and 600 seconds.
Triggering an action from the alert is carried out via the Event menu. Once an event is created and scheduled, tamper detection is specified as the trigger event. The action can then be set. Choices include recording or upload of images, and alarm logging.
The FD8371EV responded accurately to attempts at masking the camera where the full scene was blocked. This was with both dark light-excluding materials and those that allowed the passage of light. When the scene was partially blocked to allow access and egress out of view of the camera, this was also detected consistently.
Repositioning the camera was detected with a good degree of accuracy. Even small movements to remove portions of the image rather than changing the entire view were detected. Whilst this shows that subtle changes will be picked up, so too will lighting changes.
When applying a transparent film in order to alter focus, the FD8371EV detected this with a high degree of consistency, making it the final of the three cameras out of the eight tested that could do so.
Before starting the tests, Benchmark spoke to a number of installers and integrators about camera tamper detection functionality. The reaction received was mainly negative, even amongst those who had never tried to utilise the feature.
The general objection, albeit one based upon a gut feeling rather than experience, was that the detection would be hit and miss, creating a number of false alarms, and might not be credible if a genuine sabotage attempt occurred. The feeling was that if the cameras had been sold with tamper protection as a specification, any failure would cause a liability for the installation company.
Some of the cameras tested did provide a degree of tamper protection. Others were far too easy to defeat. In reality, every camera could be tampered with without detection by some means. Unfortunately too many were compromised by some very simple methods.
The three top-ranking models from Samsung, Tyco and Vivotek all detected masking (both full and partial blockages caused an alert) with materials that allowed the passage of light and those that blocked light. However, more importantly they also detected attempts to use transparent films to alter the focus of the camera.
This latter point is important because the result makes it very difficult to identify an individual whilst also giving the operator the impression that any issue lies with the camera rather than a sabotage attempt.
The Axis camera proved to the be the best of the rest, predominantly because it offers a high degree of flexibility with regard to how tamper alerts and managed, and what actions are taken.
As already stated, all cameras can be defeated in some way, and all gave false notifications during the test. As such it does raise the question whether tamper detection is a currently a credible tool on any CCTV camera.
Manufacturers could certainly improve it, but as those R&D efforts would inevitably be at the expense of other functionality, we’re not sure that it’s likely to happen in the near future.