The Challenge
A major U.S. retail chain was experiencing unauthorized after-hours access in multiple store locations. Their existing camera setup lacked context, had no real-time alerts, and required manual arm/disarm procedures—leading to frequent false positives during business hours and missed events overnight.
They needed an automated, real-time system that could:
- Detect intrusions precisely when stores were closed
- Capture visual context using smart cameras
- Alert staff instantly—without triggering false alarms during store hours
Our Approach
We built a hybrid edge-cloud intrusion detection system using door sensors, motion-activated cameras, and AI-based face detection—coordinated by AWS services and integrated with Slack for real-time alerts. The system could:
- Arm/disarm automatically based on store hours
- Capture images 5 seconds before and after any suspicious motion
- Use local AI for face detection (with no cloud data leaks)
- Deliver alerts in <5 seconds with annotated images
What We Delivered
Intelligent Edge Device
- Raspberry Pi with camera, motion sensor, and door status detection
- Local image buffer built with OpenCV
- DeepStack AI for on-device face detection
- Synced timestamps to align sensors and cameras perfectly
Serverless & Scalable Backend
- AWS IoT Core for secure MQTT-based communication
- AWS Lambda for image event processing and Slack notifications
- AWS DynamoDB for storing logs and metadata
- Spring Boot APIs for admin controls
- React Dashboard with role-based access via AWS Cognito
Automation & Security
- System auto-arms/disarms via AWS Scheduler
- JWT-secured APIs using Spring Security + Cognito
- IAM and X.509-based device security
Tech Stack Highlights
|
Layer
|
Tools
|
|
Edge
|
Raspberry Pi, OpenCV, DeepStack AI
|
|
Backend
|
Spring Boot, AWS Lambda, DynamoDB
|
|
Messaging
|
AWS IoT Core (MQTT)
|
|
UI
|
React + Cognito Auth
|
|
Alerting
|
Slack Webhooks
|
|
DevOps
|
GitHub Actions, Terraform
|
Results After Deployment
|
Metric
|
Before
|
After
|
|
Intrusion response time
|
~30 minutes
|
< 2 minutes
|
|
False alerts during store hours
|
Frequent
|
0
|
|
Visual event evidence
|
None
|
100% of alerts
|
|
Intrusions prevented (first 30 days)
|
0
|
3 attempts blocked
|
|
Detection speed
|
—
|
10 events/sec sustained
|
Managers also began using the admin dashboard daily to adjust store schedules and review logs, increasing engagement and control.
Lessons We Learned
- AWS IoT Core greatly simplified device communication at scale
- Local AI processing avoided privacy risks and cloud latency
- OpenCV buffering was key to capturing images just before/after each event
- Slack was perfect for MVP alerts, though advanced notification logic is needed for production
- Avoiding observability in MVP helped speed up delivery—but made debugging trickier
What’s Next
We're working on scaling this to 100+ store locations with new features:
|
Feature
|
Goal
|
|
Observability
|
Grafana dashboards, CloudWatch metrics, OpenTelemetry traces
|
|
Escalation Alerts
|
SMS + phone fallback via Twilio and PagerDuty
|
|
Face Recognition
|
Detect known staff vs intruders
|
|
Centralized Admin
|
Global fleet view, bulk config management
|
|
Reporting
|
Heatmaps, uptime, intrusion trends
|
Want to build something smart and secure like this?
👉 Let’s talk.
