Network Working Group L. Melegassi Internet-Draft Catellix Intended status: Informational 29 May 2026 Expires: 30 November 2026 MVPS Video-Surveillance and CCTV Profile: Fleet-Coherence Detection of Feed Replay and Loop Injection Across IP Cameras draft-melegassi-ippm-mvps-video-surveillance-00 Abstract This document defines a Multi-Vantage Path Snapshot (MVPS) domain profile for video surveillance: fleets of IP cameras, NVR/VMS recorders, and cloud video-surveillance-as-a-service (VSaaS) endpoints treated as MVPS vantages. Its target threat is the feed-replay (loop) attack -- an on-path adversary that substitutes a live camera stream with previously recorded footage so that operators and single-camera analytics see nothing wrong. The profile re-establishes the bounded-joint-skew axiom A1 under the video pipeline (camera NTP/PTP residual, encoder and GOP buffering, recorder jitter buffer, frame-interval quantization), gives a closed-form maximum pipeline budget, and proves the headline result: with capture timestamps authenticated at the sensor, any replayed loop older than a closed-form, strictly positive minimum age leaves the coherence ball and is flagged by core Theorem T2. The core detection and Byzantine theorems are inherited via the MVPS Architecture-Invariance Theorem. The profile is DEFENSIVE: it detects coherence anomalies (feed replay, loop, tamper, rogue ingest). It defines no facial recognition, biometric, tracking, or identification function. All properties are validated by scripts/validate_video_surveillance.py (7/7 PASS, exit 0) and recorded in evidence/video_surveillance_receipt.json. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 30 November 2026. Copyright Notice Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. The Feed-Replay Threat . . . . . . . . . . . . . . . . . 3 1.2. Defensive Scope and Non-Goals . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. The Video-Pipeline Joint-Skew Model . . . . . . . . . . . . . 5 4. Re-establishing Axiom A1 (Lemma L-CAM-1) . . . . . . . . . . 5 5. Maximum Pipeline Budget (Lemma L-CAM-2) . . . . . . . . . . . 6 6. Feed-Replay Detectability (Lemma L-CAM-4) . . . . . . . . . . 6 7. Inheritance of the Core Theorems . . . . . . . . . . . . . . 7 8. Byzantine and Compromised Cameras . . . . . . . . . . . . . . 8 9. Timestamp-Blind Loops (Conjecture C-CAM-1) . . . . . . . . . 8 10. Operational Logging . . . . . . . . . . . . . . . . . . . . . 9 11. Numerical Receipt . . . . . . . . . . . . . . . . . . . . . . 9 12. Security Considerations . . . . . . . . . . . . . . . . . . . 9 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 14.1. Normative References . . . . . . . . . . . . . . . . . . 10 14.2. Informative References . . . . . . . . . . . . . . . . . 11 Appendix A. Worked Budgets (Normative) . . . . . . . . . . . . . 11 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 12 1. Introduction MVPS detects network-propagating anomalies by measuring the coherence of an observed state across multiple spatially independent vantages. Its theorems are surface-independent: they hold where the five MVPS axioms hold, by the Architecture-Invariance Theorem [I-D.melegassi-iab-mvps-architecture]. A video-surveillance deployment is such a surface. Every IP camera, NVR/VMS recorder, and cloud-VSaaS endpoint is a vantage that emits timestamped state on a tick. Camera fleets are large, long-lived, physically distributed, and a frequent target -- which makes them a natural and high-value instantiation of MVPS. 1.1. The Feed-Replay Threat The signature attack against surveillance is the feed-replay (loop): an on-path adversary substitutes the live stream with previously recorded footage so an operator -- or a per-camera analytic -- sees a plausible but stale scene while something happens off-frame. Classical countermeasures are per-camera (motion entropy, frame hashing, watermarks). They are blind to the one asset a fleet has that a single camera does not: COHERENCE with the rest of the fleet's clocks. A replayed feed is, by construction, late: its authenticated capture time lags real time by the loop's age. MVPS measures exactly that lag as a coherence offset across the fleet. 1.2. Defensive Scope and Non-Goals This profile is strictly DEFENSIVE: detection of coherence anomalies in camera-fleet telemetry (feed replay, loop, tamper, rogue ingest). This document does NOT define and MUST NOT be claimed to define any facial recognition, biometric, person-tracking, or identification function, nor any output other than coherence-anomaly detection and audit logs. 2. Terminology eps_ntp: the camera capture-timestamp residual (NTP/PTP). tau_enc: encoder plus GOP/keyframe buffering latency. tau_jb: jitter buffer at the VMS/NVR/cloud ingest. tau_frame: frame-interval quantization, = 1/fps. delta_replay: the age of an injected loop / replayed segment. T_tick: the deployment coherence tick. Authenticated capture time: a capture timestamp bound at the sensor (signed frame or attested encoder) so it cannot be silently rewritten on the wire. The key words "MUST", "MUST NOT", "SHOULD", "MAY" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals. 3. The Video-Pipeline Joint-Skew Model A disciplined enterprise camera holds capture time to eps_ntp via PTP (about 1e-4 s); a cheap IP camera over NTP holds 1e-2..1e-1 s. Encoding with a GOP/keyframe structure buffers up to tau_enc before a coherent frame is emitted; the recorder or cloud ingest adds a jitter buffer tau_jb. Sampling at f frames per second quantizes capture time by tau_frame = 1/f. The effective joint skew is skew_eff = 2*eps_ntp + tau_enc + tau_jb + tau_frame . The replay attack is treated in Section 6 as an additive offset to this skew. 4. Re-establishing Axiom A1 (Lemma L-CAM-1) Axiom A1 holds on tick T_tick iff skew_eff = 2*eps_ntp + tau_enc + tau_jb + tau_frame < T_tick. For representative budgets: enterprise-PTP (ONVIF Profile-T, low-latency H.265): skew_eff = 63.5 ms < 1000 ms tick consumer-IP camera (NTP, GOP buffering): skew_eff = 466.7 ms < 1000 ms tick cloud-VSaaS (server transcode + ingest buffer): skew_eff = 880.0 ms < 2000 ms tick All satisfy A1; the infeasible control (2.5 s of buffering against a 1 s tick) gives skew_eff = 2667 ms and correctly violates A1 (validator check L-CAM-1). 5. Maximum Pipeline Budget (Lemma L-CAM-2) Solving skew_eff = T_tick for the end-to-end buffering gives tau_pipe_max = T_tick - tau_frame - 2*eps_ntp. For the enterprise-PTP budget, tau_pipe_max is about 966.47 ms at a 1 s tick. The practical reading is that the binding term is the pipeline buffering (encoder GOP plus recorder jitter buffer); keeping it under tau_pipe_max preserves coherence at the chosen tick. 6. Feed-Replay Detectability (Lemma L-CAM-4) Suppose capture timestamps are authenticated at the sensor, so the adversary cannot rewrite them without detection by the authentication layer. An injected loop of age delta_replay raises the replaying vantage's apparent skew to skew_eff + delta_replay. The replaying vantage therefore leaves the coherence ball -- and is flagged by core Theorem T2 -- as soon as delta_replay >= delta_min = T_tick - skew_eff (the A1 margin). This minimum detectable loop age is closed-form and strictly positive on every feasible budget: enterprise-PTP : delta_min = 936 ms (at a 1 s tick) consumer-IP : delta_min = 533 ms (at a 1 s tick) cloud-VSaaS : delta_min = 1120 ms (at a 2 s tick) A tighter tick lowers delta_min and catches shorter loops, trading detector sensitivity against pipeline headroom (validator check L-CAM-4: each delta_min is exact -- skew_eff + delta_min round-trips to T_tick). 7. Inheritance of the Core Theorems If A1 holds (Section 4) and the compromised-vantage fraction f < 1/2, then by the Architecture-Invariance Theorem [I-D.melegassi-iab-mvps-architecture] the core results inherit verbatim: T1 multi-vantage D^2 dominates per-vantage max-z; T2 Phi_D concentration under the null; T3' empirical-quantile false-alarm calibration; T9 Byzantine robustness of the geometric-median aggregator. No core theorem is re-derived (validator check A-CAM-INHERIT). 8. Byzantine and Compromised Cameras A large camera fleet must assume some vantages are compromised (hijacked cameras, rogue ingest, botnet-recruited DVRs). For f < 1/2 the geometric-median aggregator has finite max-bias b(f) = C*f/(1-2f) (after [Minsker]; MVPS imported result I12), diverging only as f -> 1/2 (validator check B-CAM-1: b(0.2)=0.333, b(0.4)=2.000). 9. Timestamp-Blind Loops (Conjecture C-CAM-1) When capture timestamps are NOT authenticated (the adversary rewrites them along with the loop), it is plausible that a loop is still detected via cross-vantage SCENE coherence -- overlapping fields of view, shared illumination / shadow dynamics, correlated motion phase -- flagged by the multi-vantage detector before any single-camera tamper analytic alarms. This is stated as a CONJECTURE, not a theorem, with a falsification protocol (observable: cross-vantage correlated luminance / motion-phase anomaly vs per-camera tamper score; data: an overlapping-FOV fleet with ground-truth injected loops; test: Wilson 95% lower bound on detection-time gain > 0; blocker: a calibrated overlapping-FOV testbed with labelled replay injections). The headline replay defence (Section 6) stands on its own ONLY with authenticated timestamps; this conjecture is its unproved timestamp-blind complement, and the profile's guarantees do NOT depend on it. 10. Operational Logging Deployments SHOULD log events using the MVPS operational log format [I-D.melegassi-opsawg-mvps-logging], anchoring opportunistically; a flagged replay/loop event and the offending vantage's offset are themselves useful, tamper-evident audit records. 11. Numerical Receipt scripts/validate_video_surveillance.py evaluates seven checks (L-CAM-1..4, A-CAM-INHERIT, B-CAM-1, C-CAM-1) over the budgets above and writes evidence/video_surveillance_receipt.json with per-scenario skew, the closed-form pipeline tolerance, the per-scenario minimum detectable loop age, the inherited theorem list, the defensive non-claims, and a SHA-256 of its own canonical body. All seven checks PASS (exit 0). 12. Security Considerations The profile is a detection and audit capability; no facial recognition, biometric, or targeting surface is added. Its value is early, coherent detection of feed replay, loop injection, tamper, and rogue ingest across a camera fleet, with a tamper-evident audit trail (Section 10). The headline replay defence (Section 6) depends on authenticated capture timestamps; without them, loop detection is only a conjecture (Section 9) and MUST NOT be relied upon as a guarantee. Quantum-era integrity of logs and anchors follows the Proof Envelope [I-D.melegassi-ippm-mvps-proof-envelope]. 13. IANA Considerations This document has no IANA actions. 14. References 14.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, May 2017. [I-D.melegassi-iab-mvps-architecture] Melegassi, L., "MVPS Architecture Invariance", draft-melegassi-iab-mvps-architecture-00, 2026. 14.2. Informative References [I-D.melegassi-ippm-mvps-orbital-coherence] Melegassi, L., "MVPS Orbital Coherence", draft-melegassi-ippm-mvps-orbital-coherence-00, 2026. [I-D.melegassi-ippm-mvps-maritime-edge] Melegassi, L., "MVPS Maritime and Tactical-Edge Profile", draft-melegassi-ippm-mvps-maritime-edge-00, 2026. [I-D.melegassi-ippm-mvps-terrestrial-mobile] Melegassi, L., "MVPS Terrestrial Mobile and Vehicular Profile", draft-melegassi-ippm-mvps-terrestrial-mobile-00, 2026. [I-D.melegassi-opsawg-mvps-logging] Melegassi, L., "The MVPS Operational Log Format", draft-melegassi-opsawg-mvps-logging-00, 2026. [I-D.melegassi-ippm-mvps-proof-envelope] Melegassi, L., "MVPS Proof Envelope", draft-melegassi- ippm-mvps-proof-envelope-00, 2026. [Minsker] Minsker, S., "Geometric median and robust estimation in Banach spaces", Bernoulli 21(4), 2015. Appendix A. Worked Budgets (Normative) The three budgets of Section 4 (enterprise-PTP, consumer-IP, cloud-VSaaS) and the infeasible control (2.5 s of buffering at a 1 s tick) are the normative vectors. A conformant implementation MUST reproduce, for each, the skew_eff value, the A1 verdict, and the minimum detectable loop age delta_min emitted by scripts/validate_video_surveillance.py. Author's Address Leonardo Melegassi Catellix Brazil Email: melegassi@catellix.com