Automated Security Testing Framework for Validating Content Rights On Video Streaming Devices

Abstract

Proliferation of high speed internet services and mass adoption of smart phones and internet enabled smart devices has led to a meteoritic rise in streaming video services around the globe. As streaming audio-video content takes center-stage in this digital era, “Cut-the-Cord” phenomenon has gained significant momentum all over the globe. New streaming models like Over-the-Top (OTT) services have disrupted this industry globally. OTT platforms like Netflix, Amazon Prime, YouTube, Sony Crackle, BBC iPlayer have gained lot of market share in the recent years. In India alone, there are more than 40 video streaming services [1] like Hotstar, AirtelTV, Voot, Sony Liv, JioTV and the list is growing by the day. However, streaming video applications, face constant challenges with respect to security of content rights across the streaming value chain. A leading global research firm KPMG, in a recent report suggests that, global streaming players could suffer losses of over 50 billion dollars (USD) due to pirated content in the next few years. Similarly a recent report released by FICCI highlights the fact that, upto 30% of overall film sector revenue in India has been lost due to piracy alone. As millions of internet videos get streamed on various consumer devices, risks of security breaches, online piracy and video hacking, pose considerable challenge for the entire video streaming industry. Therefore, it becomes absolutely essential for the video content creators, aggregators and distributors to adopt best-in-class secure development methodologies along with cutting edge security testing techniques to protect digital video assets. This requires special focus beyond traditional quality assurance (QA) and conventional security testing techniques like Pen Testing, Vulnerability Assessment etc. In this paper we propose a unique automated security testing framework focusing on critical aspects of the video streaming domain. In-order to provide a holistic model for enhancing cyber security aspects of streaming video systems, we expanded our earlier research work [3], [4] to cover latest content security concepts like Digital Rights Management (DRM), High-bandwidth Digital Content Protection (HDCP). Our proposed security testing methodology uses latest automation techniques and proven statistical methods to yield more than 90% better efficiencies with accuracy as high as 97%.