{"id":"https://openalex.org/W4416814268","doi":"https://doi.org/10.1093/cybsec/tyaf039","title":"Cyber vulnerabilities and technical regulation of China-made CCTV IoT surveillance cameras in Australia","display_name":"Cyber vulnerabilities and technical regulation of China-made CCTV IoT surveillance cameras in Australia","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4416814268","doi":"https://doi.org/10.1093/cybsec/tyaf039"},"language":"en","primary_location":{"id":"doi:10.1093/cybsec/tyaf039","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf039","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/11/1/tyaf039/65562745/tyaf039.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://academic.oup.com/cybersecurity/article-pdf/11/1/tyaf039/65562745/tyaf039.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055360306","display_name":"Ausma Bernot","orcid":"https://orcid.org/0000-0002-2663-1834"},"institutions":[{"id":"https://openalex.org/I11701301","display_name":"Griffith University","ror":"https://ror.org/02sc3r913","country_code":"AU","type":"education","lineage":["https://openalex.org/I11701301"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Ausma Bernot","raw_affiliation_strings":["School of Criminology and Criminal Justice, Griffith University , Southport, QLD 4215 ,"],"raw_orcid":"https://orcid.org/0000-0002-2663-1834","affiliations":[{"raw_affiliation_string":"School of Criminology and Criminal Justice, Griffith University , Southport, QLD 4215 ,","institution_ids":["https://openalex.org/I11701301"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065309356","display_name":"M. Arif Khan","orcid":"https://orcid.org/0000-0001-6112-8874"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Muhammad Arif Khan","raw_affiliation_strings":["School of Computing and Mathematics, Charles Sturt University , Wagga Wagga, NSW 2678 ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computing and Mathematics, Charles Sturt University , Wagga Wagga, NSW 2678 ,","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007446608","display_name":"Khurram Shahzad","orcid":"https://orcid.org/0000-0001-8433-6705"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Khurram Shahzad","raw_affiliation_strings":["School of Computing and Mathematics, Charles Sturt University , Wagga Wagga, NSW 2678 ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computing and Mathematics, Charles Sturt University , Wagga Wagga, NSW 2678 ,","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082326026","display_name":"Murat Karakaya","orcid":"https://orcid.org/0000-0002-9542-6965"},"institutions":[{"id":"https://openalex.org/I4210165202","display_name":"Bethlehem Area School District","ror":"https://ror.org/05qxr6b81","country_code":"US","type":"education","lineage":["https://openalex.org/I4210165202"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mert Karakaya","raw_affiliation_strings":["IPVM , 3713 Linden St, Suite B, Bethlehem, PA 18020 ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IPVM , 3713 Linden St, Suite B, Bethlehem, PA 18020 ,","institution_ids":["https://openalex.org/I4210165202"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011025357","display_name":"Conor Healy","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165202","display_name":"Bethlehem Area School District","ror":"https://ror.org/05qxr6b81","country_code":"US","type":"education","lineage":["https://openalex.org/I4210165202"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Conor Healy","raw_affiliation_strings":["IPVM , 3713 Linden St, Suite B, Bethlehem, PA 18020 ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IPVM , 3713 Linden St, Suite B, Bethlehem, PA 18020 ,","institution_ids":["https://openalex.org/I4210165202"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5055360306"],"corresponding_institution_ids":["https://openalex.org/I11701301"],"apc_list":{"value":1864,"currency":"USD","value_usd":1864},"apc_paid":{"value":1864,"currency":"USD","value_usd":1864},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.48702095,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"11","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12943","display_name":"COVID-19 Digital Contact Tracing","score":0.13619999587535858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12943","display_name":"COVID-19 Digital Contact Tracing","score":0.13619999587535858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.06790000200271606,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T14347","display_name":"Big Data and Digital Economy","score":0.031700000166893005,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/government","display_name":"Government (linguistics)","score":0.6805999875068665},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.5853000283241272},{"id":"https://openalex.org/keywords/clarity","display_name":"CLARITY","score":0.522599995136261},{"id":"https://openalex.org/keywords/commonwealth","display_name":"Commonwealth","score":0.4993000030517578},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.491100013256073},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.4171000123023987},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.40540000796318054},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.37400001287460327}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7202000021934509},{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.6805999875068665},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.5853000283241272},{"id":"https://openalex.org/C2777146004","wikidata":"https://www.wikidata.org/wiki/Q14949826","display_name":"CLARITY","level":2,"score":0.522599995136261},{"id":"https://openalex.org/C2777826127","wikidata":"https://www.wikidata.org/wiki/Q2578692","display_name":"Commonwealth","level":2,"score":0.4993000030517578},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.491100013256073},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.4171000123023987},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.40540000796318054},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3912000060081482},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.37400001287460327},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.3675000071525574},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.36559998989105225},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.34630000591278076},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3434999883174896},{"id":"https://openalex.org/C528167355","wikidata":"https://www.wikidata.org/wiki/Q258307","display_name":"National security","level":2,"score":0.3043999969959259},{"id":"https://openalex.org/C146778888","wikidata":"https://www.wikidata.org/wiki/Q836862","display_name":"Installation","level":2,"score":0.2996000051498413},{"id":"https://openalex.org/C165347436","wikidata":"https://www.wikidata.org/wiki/Q1514547","display_name":"Project commissioning","level":3,"score":0.2800999879837036},{"id":"https://openalex.org/C69360830","wikidata":"https://www.wikidata.org/wiki/Q1172237","display_name":"Data Protection Act 1998","level":2,"score":0.26489999890327454},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.26089999079704285},{"id":"https://openalex.org/C2779033394","wikidata":"https://www.wikidata.org/wiki/Q5186733","display_name":"Critical infrastructure protection","level":3,"score":0.25940001010894775},{"id":"https://openalex.org/C2780428219","wikidata":"https://www.wikidata.org/wiki/Q16952335","display_name":"Cover (algebra)","level":2,"score":0.25429999828338623},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2524999976158142},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.25049999356269836}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1093/cybsec/tyaf039","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf039","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/11/1/tyaf039/65562745/tyaf039.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:pure.atira.dk:publications/1503b2e4-3b9a-451e-854e-9b61d0a4a36c","is_oa":true,"landing_page_url":"https://researchoutput.csu.edu.au/en/publications/1503b2e4-3b9a-451e-854e-9b61d0a4a36c","pdf_url":null,"source":{"id":"https://openalex.org/S7407055442","display_name":"Charles Sturt University Research Output (CRO)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Bernot, A, Khan, M A, Shahzad, K, Karakaya, M & Healy, C 2025, 'Cyber vulnerabilities and technical regulation of China-made CCTV IoT surveillance cameras in Australia', Journal of Cybersecurity, vol. 11, no. 1, tyaf039, pp. 1-14. https://doi.org/10.1093/cybsec/tyaf039","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1093/cybsec/tyaf039","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf039","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/11/1/tyaf039/65562745/tyaf039.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320961","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4416814268.pdf","grobid_xml":"https://content.openalex.org/works/W4416814268.grobid-xml"},"referenced_works_count":20,"referenced_works":["https://openalex.org/W2137549954","https://openalex.org/W2612102454","https://openalex.org/W2766295581","https://openalex.org/W2792715678","https://openalex.org/W2887949427","https://openalex.org/W2953323334","https://openalex.org/W2966432753","https://openalex.org/W2989837596","https://openalex.org/W3023951208","https://openalex.org/W3057898108","https://openalex.org/W3126956508","https://openalex.org/W3157143799","https://openalex.org/W3196833029","https://openalex.org/W4213035102","https://openalex.org/W4213455721","https://openalex.org/W4308087301","https://openalex.org/W4322743131","https://openalex.org/W4366331238","https://openalex.org/W4386141199","https://openalex.org/W4390542578"],"related_works":[],"abstract_inverted_index":{"Abstract":[0],"Internet":[1],"of":[2,38,61,91,212],"Things":[3],"(IoT)":[4],"devices":[5,18,136],"used":[6],"on":[7,19,102,187],"a":[8],"wide":[9],"scale":[10],"are":[11,128,178,190],"currently":[12,179],"underregulated":[13],"in":[14,54,73,122,134],"Australia.":[15],"Installing":[16],"IoT":[17,52,93,115,213],"private":[20],"property":[21],"can":[22],"lead":[23],"to":[24,139],"data":[25],"security":[26,48,163],"issues":[27],"if":[28],"targeted.":[29],"In":[30],"key":[31],"locations":[32],"like":[33],"government":[34,104],"buildings,":[35],"the":[36,45,62,74,80,89,147,158,210,218],"risk":[37],"surveillance":[39],"increases.":[40],"This":[41,67],"research":[42,70],"article":[43,71],"addresses":[44],"recent":[46],"national":[47],"concerns":[49],"regarding":[50],"China-made":[51],"CCTVs":[53],"Australia":[55],"that":[56,146,202],"had":[57],"few":[58],"technical":[59],"evaluations":[60],"cameras":[63],"before":[64],"their":[65],"removal.":[66],"two-stage":[68],"interdisciplinary":[69],"proceeds":[72],"following":[75],"steps:":[76],"first,":[77],"by":[78],"using":[79],"Common":[81],"Vulnerability":[82],"Scoring":[83],"System":[84],"(CVSS)":[85],"framework,":[86],"we":[87,108],"assess":[88],"vulnerabilities":[90,121,133],"three":[92,124],"CCTV":[94,116,214],"providers\u2014Hikvision,":[95],"Dahua,":[96],"and":[97,141,153,166,171,189,197,204,216],"Avigilon\u2014that":[98],"have":[99],"been":[100],"installed":[101],"Commonwealth":[103,184],"buildings":[105],"and,":[106],"second,":[107],"evaluate":[109],"those":[110],"findings":[111],"against":[112],"Australia\u2019s":[113],"existing":[114,159],"regulation":[117],"frameworks.":[118],"We":[119,143,200],"detect":[120],"all":[123],"systems,":[125],"although":[126],"there":[127],"no":[129],"High":[130],"or":[131],"Critical":[132],"Avigilon":[135],"when":[137],"compared":[138],"Hikvision":[140],"Dahua.":[142],"also":[144],"find":[145],"current":[148],"Australian":[149],"regulations":[150,167],"simultaneously":[151],"overlap":[152],"do":[154],"not":[155],"sufficiently":[156],"cover":[157],"cyber-vulnerabilities.":[160],"The":[161],"overlapping":[162],"frameworks,":[164,176],"guidelines,":[165],"address":[168],"organizational":[169],"cyber-hygiene":[170],"environmental":[172],"security.":[173],"Technical":[174],"cybersecurity":[175,206],"however,":[177],"available":[180],"only":[181],"for":[182,194],"select":[183],"Government":[185],"agencies":[186],"demand":[188],"classified,":[191],"excluding":[192],"guidance":[193],"industry":[195],"actors":[196],"state":[198],"governments.":[199],"conclude":[201],"unified":[203],"mandatory":[205],"guidelines":[207],"would":[208],"benefit":[209],"clarity":[211],"systems":[215],"support":[217],"consumer":[219],"benefit.":[220]},"counts_by_year":[],"updated_date":"2026-03-12T06:13:28.667946","created_date":"2025-11-28T00:00:00"}