If you are here, chances are that your pet is always running around, destroying things in your sweet house. We will show you how to enrich Falco security through a smart plugin that may not stop your pet from bad behavior, but will at least warn you when it does misbehave!
What does that mean? Basically, you are now able to tailor Falco to perfectly suit your needs.
One can imagine Falco as an IoT events centralizer, with rules to warn you when your smart thermostat is low on battery, or when someone turns on the kitchen light after 11pm, for example.
Today, our goal will be to consume video streams from webcams around the house to catch cuddly intruders!
Requirements / What you’ll need
Together, with its config file:
Moreover, we will obviously make use of the Falco plugins go sdk, which is a small SDK to write Falco plugins.
Finally, a webcam will be used as a video stream source. You can find the plugin source code at:
Step-by-step instructions and launch
You are surely wondering how to run this. First, you need the latest Falco from master, or can wait until Falco 0.31 is released. This is mandatory as plugin support was introduced quite recently.
Additionally, you should extract the tarball of the aforementioned Tensorflow model. You should now be able to build the plugin. Move into plugin folder and issue the following:
$ make libhomesecurity.so
To run the plugin, you first need to enable it in Falco config, following: https://falco.org/blog/falco-plugins-early-access/#configuring-plugins-in-falco.
In the falco-home-security repository, some configs and rules ready to be used can be found; the config files use small videos (mostly found on Youtube) as sources, instead of webcams.
Be sure to update your chosen config “videoSource” key. This is the rule we have used:
- rule: Pet detected desc: We detected a pretty pet condition: video.entities[animal] > 0 output: "!!PET ALERT 😍!! -> source=%video.source, n_pets=%video.entities[animal]\n%evt.plugininfo" priority: Warning source: homesecurity
Finally, Falco can be run pointing at the new configuration and rule file, for example:
$ falco -c falco-home-security/confs/falco_pet_webcam.yaml -r falco-home-security/rules/pet_in_webcam.yaml
The plugin has quite a lot of parameters to enhance object tracking; moreover, you are able to specify if you want a GUI to be shown, and if you want to store a snapshot when an event is triggered.
In all seriousness, here is a small demo that showcases the security implications of this plugin.
As you can see, it is able to enhance Falco in many different ways, both funny and significant.
This project has been made possible thanks to Hackathon 2021 in Sysdig.
Other examples of Falco + cameras IoT
The current plugin implementation does not distinguish between animals. In other ways, it has only a giant ‘animal’ group.
Given that the coco dataset supports lots of categories, you can easily expand the example, filtering multiple categories like ‘cats,’ ‘dogs,’ ‘cows,’ etc.
For the full list of supported categories, head to:
Was it that simple?
Yes! Falco with plugin support is aiming to become the standard way to secure your infrastructure, the cloud one and eventually even the physical one.
And what about a Falco and IoT?
Starting from the current example, it is quite easy to imagine other integrations, like using Falco to aggregate IoT data coming from all the smart sensors in your home.
If your smart sensor offers an SDK, it is incredibly straightforward to create a Falco plugin around it. See you next time, with new awesome wonders from the land of Falco!