Skip to main content
SpringerLink
Log in

Analysis and Security Evaluation of Security Threat on Broadcasting Service

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

This paper defines and maps all possible threats to broadcasting services. Viewers currently use various types of broadcasting services—including cable TV, IPTV, and mobile TV, among others—and broadcast business operators are now developing the appropriate security mechanisms for each medium to safely and reliably provide broadcasting services to their audiences. Unlike mobile TV, which uses of a public network as in an over-the-top configuration, cable TV and IPTV are basically closed networks in terms of network security. However, they also link with external networks to provide additional services (bidirectional services or commerce-related services). Therefore, broadcast business operators of with various types of broadcast media are susceptible to security threats from which their broadcasting services may come to a halt or may be abused by hackers, such as with well-developed APT attacks, as well as other common external attacks. The common vulnerability scoring system for IT security is used to conduct a quantitative evaluation of the risk to security threats for broadcasting services. We also derive the results of a penetration test for the STB through the results presented with respect to a security threat. This result will help address potential security vulnerabilities in broadcasting services.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. EBU Project Group B/CA. (1995). Functional model of a conditional access system, EBU Technical Review.

  2. Tu, F.-K., Laih, C.-S., & Tung, H.-H. (1999). On key distribution management for conditional access system on pay-TV system. IEEE Transactions on Consumer Electronics, 45(1), 151–158.

    Article  Google Scholar 

  3. Tianbo, L., Feng, X., Yong, P., & Jin, X. (2011). Analysis of security standardization for IPTV. In 2011 3rd international conference on advanced computer control, pp. 219–223.

  4. Song, W. J., Kim, W. H., Kim, B. G., Kang, M., & Choi, M. (2003). Contents protection system using smart card interface for digital CATV network based on the OpenCable specification. In 2003 IEEE international conference on consumer electronics, pp. 274–275.

  5. https://en.wikipedia.rog/wiki/CVSS.

  6. Joh, H., & Malaiya, Y. K. (2010). A framework for software security risk evaluation using the vulnerability lifecycle and CVSS metrics. In 2010 international workshop on risk trust in extended enterprises, pp. 430–434.

  7. Joh, H., & Malaiya, Y. K. (2011). Defining and assessing quantitative security risk measures using vulnerability lifecycle and CVSS metrics. In The 2011 international conference on security and management, pp. 10–16.

  8. Wang, S., Xia, C., Jinghua, & Jia, Q. (2015). Vulnerability evaluation based on CVSS and environmental information statistics. In 2015 4th international conference on computer science and network technology, pp. 1249–1252.

  9. Younis, A., Malaiya, Y. K., & Ray, I. (2016). Evaluating CVSS base score using vulnerability rewards programs. ICT Systems Security and Privacy Protection, 471, 62–75.

    Article  Google Scholar 

  10. Smith, E. S. (1970). The emergence of CATV: A look at the evolution of a revolution. Proceeding of the IEEE, 58(7), 967–982.

    Article  Google Scholar 

  11. Jeffrey, M., Park, S., Lee, K., Adams, G., & Savage, S. (2008). Content security for IPTV. IEEE Communications Magazine, 46(11), 138–146.

    Article  Google Scholar 

  12. Llort, J., Canovas, A., Tomas, J., & Atenas, M. (2012). A network management algorithm and protocol for improving QoE in mobile IPTV. Computer Communication, 35(15), 1855–1870.

    Article  Google Scholar 

  13. STRIDE Threat Model., https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx.

  14. ENISA Threat Landscape 2014. (2014). Overview of current and emerging cyber-threats.

  15. NIST SP 800-30 Rev.1. (2012). Guide for conducting risk assessments.

  16. ITU-T. (2009). Functional requirements and architecture for IPTV security aspects, X.1191.

  17. CVSS v3.0. (2015). Specification document.

  18. CVSS v3.0. (2015). User guide.

  19. CVSS v3.0. (2015). Examples.

  20. https://www.cvedetails.com/vendor/833/Linksys.html.

  21. https://www.cvedetails.com/vendor/11936/Tp-link.html.

  22. http://mychristiantv.com.au/wp-content/uploads/Instal-Life-Update%20STB-USB-2016.pdf.

Download references

Acknowledgements

This research was supported by the MSIP(Ministry of Science, ICT and Future Planning), Korea, under the ITRC(Information Technology Research Center) support program (IITP-2017-R0992-16-1006) supervised by the IITP (Institute for Information & communications Technology Promotion).

Author information

Authors and Affiliations

  1. CJ HelloVision/CIST (Center for Information Security Technologies), Korea University, Anam-dong Seongbuk-gu, Seoul, 136-713, South Korea

    Jong Han Lee

  2. CIST (Center for Information Security Technologies), Korea University, Anam-dong Seongbuk-gu, Seoul, 136-713, South Korea

    Seung Joo Kim

Authors
  1. Jong Han Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seung Joo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Seung Joo Kim.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lee, J.H., Kim, S.J. Analysis and Security Evaluation of Security Threat on Broadcasting Service. Wireless Pers Commun 95, 4149–4169 (2017). https://doi.org/10.1007/s11277-017-4056-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4056-z

Keywords

Search

Navigation