Modified cyber kill chain model for multimedia service environments

The sudden rise in the frequency and sophistication of cyber threats has become a hindrance to the steady development of internet of things (IoT)-based multimedia service environments. The framework currently in use for understanding and analyzing cyber threats in the information security (IS) field...

Full description

Saved in:
Bibliographic Details
Published in:Multimedia tools and applications 2019-02, Vol.78 (3), p.3153-3170
Main Authors: Kim, Hyeob, Kwon, HyukJun, Kim, Kyung Kyu
Format: Article
Language:English
Subjects:
Chains
Computer Communication Networks
Computer networks
Computer Science
Cybersecurity
Data Structures and Information Theory
Infiltration
Internet of Things
Multimedia
Multimedia Information Systems
Special Purpose and Application-Based Systems
Threat evaluation
Threats
Visibility
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The sudden rise in the frequency and sophistication of cyber threats has become a hindrance to the steady development of internet of things (IoT)-based multimedia service environments. The framework currently in use for understanding and analyzing cyber threats in the information security (IS) field is the cyber kill chain model. Of these threats, a particular threat that involves advanced and persistent attacks on a designated target (company that provides multimedia services) and causes large-scale damage is referred to as an advanced persistent threat (APT). As there can be numerous threat points in an IoT-based multimedia service environment with networks of various heterogeneous devices connected through multiple routes, an understanding of the potential routes of the threats is crucial. APTs are generally divided into the infiltration stage from the outside into the inside of an organization, and a threat stage that occurs within an organization. The existing kill chain model in the IS field is problematic in that it cannot fully express the actions that occur inside an organization. However, many attacks that occur in today’s IoT-based multimedia service environments are performed after infiltration of an insider or the organization. Thus, it is important for actions that occur on the inside to be clearly schematized to secure visibility in the multimedia service environment. This study analyzes the limitations of the existing model, and proposes a revised cyber kill chain model for multimedia security that can explain threats within an organization in addition to external threats.
ISSN:1380-7501
1573-7721
DOI:10.1007/s11042-018-5897-5