Sensors (May 2022)

Vulnerabilities of Live-Streaming Services in Korea

  • Sun-Hong Hwang,
  • Ga-Yeong Kim,
  • Su-Hwan Myeong,
  • Tai-Sic Yun,
  • Seung-Min Yoon,
  • Tai-Ho Kim,
  • Ieck-Chae Euom

DOI
https://doi.org/10.3390/s22103766
Journal volume & issue
Vol. 22, no. 10
p. 3766

Abstract

Read online

Recently, the number of users and the demand for live-streaming services have increased. This has exponentially increased the traffic to such services, and live-streaming service platforms in Korea use a grid computing system that distributes traffic to users and reduces traffic loads. However, ensuring security with a grid computing system is difficult because the system exchanges general user traffic in a peer-to-peer (P2P) manner instead of receiving data from an authenticated server. Therefore, in this study, to explore the vulnerabilities of a grid computing system, we investigated a vulnerability discovery framework that involves a three-step analysis process and eight detailed activities. Four types of zero-day vulnerabilities, namely video stealing, information disclosure, denial of service, and remote code execution, were derived by analyzing a live-streaming platform in Korea, as a representative service, using grid computing.

Keywords