Modified cyber kill chain model for multimedia service environments

Abstract

The sudden rise in the frequency and sophistication of cyber threats has become a hindrance to the steady development of internet of things (IoT)-based multimedia service environments. The framework currently in use for understanding and analyzing cyber threats in the information security (IS) field is the cyber kill chain model. Of these threats, a particular threat that involves advanced and persistent attacks on a designated target (company that provides multimedia services) and causes large-scale damage is referred to as an advanced persistent threat (APT). As there can be numerous threat points in an IoT-based multimedia service environment with networks of various heterogeneous devices connected through multiple routes, an understanding of the potential routes of the threats is crucial. APTs are generally divided into the infiltration stage from the outside into the inside of an organization, and a threat stage that occurs within an organization. The existing kill chain model in the IS field is problematic in that it cannot fully express the actions that occur inside an organization. However, many attacks that occur in today's IoT-based multimedia service environments are performed after infiltration of an insider or the organization. Thus, it is important for actions that occur on the inside to be clearly schematized to secure visibility in the multimedia service environment. This study analyzes the limitations of the existing model, and proposes a revised cyber kill chain model for multimedia security that can explain threats within an organization in addition to external threats.