Identifying HTTPS-Protected Netflix Videos in Real-Time

Reed, Andrew C.; Kranch, Michael J.

doi:10.1145/3029806.3029821

Cited by 68 publications

(36 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Application-specific encrypted traffic analysis has also been proposed, for Netflix [27] or Skype [28], [29]. These ap- 6 Closed world is opposed to open world as it only considers a finite sample for both the training and testing.…”

Section: Related Workmentioning

confidence: 99%

Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic

Brissaud

Jérôme

Chrisment

et al. 2019

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

Nowadays, most of web services are accessed through HTTPS. While preserving user privacy is important, it is also mandatory to monitor and detect specific users' actions, for instance, according to a security policy. This paper presents a solution to monitor HTTP/2 traffic over TLS. It highly differs from HTTP/1.1 over TLS traffic what makes existing monitoring techniques obsolete. Our solution, H2Classifier, aims at detecting if a user performs an action that has been previously defined over a monitored web service, but without using any decryption. It is thus only based on passive traffic analysis and relies on random forest classifier. A challenge is to extract representative values of the loaded content associated to a web page, which is actually customized based on the user action. Extensive evaluations with five top used web services demonstrate the viability of our technique with an accuracy between 94% and 99%.

show abstract

Section: Related Workmentioning

confidence: 99%

Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic

Brissaud

Jérôme

Chrisment

et al. 2019

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

show abstract

“…We use this dataset as if the videos were downloaded in bulk rather than streamed; that is, we pad the video as a single file. The argument for padding YouTube videos as whole files is that, as shown by related work [43,44,50], variable-bitrate encoding combined with streaming leak which video is being watched. If YouTube wanted to protect the privacy of its users, it could re-encode everything to constantbitrate encoding and still stream it, but then the total length of the stream would still leak information.…”

Section: Datasets and Methodologymentioning

confidence: 99%

“…The length itself, however, might indirectly reveal information about the content. Such leakage is already used extensively in traffic-analysis attacks, e.g., website fingerprinting [21,39,56,57], video identification [43,44,50], and VoIP traffic fingerprinting [15,61]. Although solutions involving application-or network-level padding are numerous, they are typically designed for a specific problem domain, and the more basic problem of lengthleaking ciphertexts remains.…”

Section: Limiting Leakage Via Lengthmentioning

confidence: 99%

“…In particular, an attacker may be able to fingerprint users [40,52] and the applications they use use [63]. Using traffic analysis [17], an attacker may be able to infer websites a user visited [17,21,39,56,57] or videos a user watched [43,44,50]. On VoIP, metadata can be used to infer the geo-location [35], the spoken language [61], or the voice activity of users [15].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Reducing Metadata Leakage from Encrypted Files and Communication with PURBs

Nikitin

Barman

Lueks

et al. 2019

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Most encrypted data formats, such as PGP, leak substantial metadata from their plaintext headers, such as the format version, the encryption schemes used, number of recipients who can decrypt the data, and even the identities of these recipients. This leakage can pose security and privacy risks to users, e.g., by revealing the full membership of a group of collaborators from a single encrypted e-mail, or by enabling an eavesdropper to fingerprint the precise encryptionsoftware version and configuration the sender used. We propose to improve security and privacy hygiene by designing future encrypted data formats such that anyone without a relevant decryption key cannot learn anything at all from a ciphertext, apart from its length, and as little as possible even from that. We present Padded Uniform Random Blobs or PURBs, an encrypted format that strongly minimizes a ciphertext's leakage via metadata or length. Without a decryption key, a PURB is indistinguishable from a uniform random bit string. Legitimate recipients can efficiently decrypt the PURB, even when it is encrypted for any number of recipients' public keys and/or passwords, and when these public keys are from different cryptographic schemes. PURBs use a novel padding scheme to reduce potential information-leakage via the ciphertext's length L to the asymptotic minimum of O(log log L) bits, comparable to padding to a power of two, but with a much lower padding overhead of at most 12%, which decreases with larger payloads.*Both are corresponding authors and share first authorship. Motivation and BackgroundWe begin this section by giving examples of where PURBs can be useful, and describe the Integrated Encryption Scheme that we later use as a starting point in our design. Motivation and ApplicationsPURBs is a paradigm for designing encryption data formats; it efficiently protects sensitive metadata. Our goal is to define a general approach applicable to most of the common data-encryption scenarios such

show abstract

“…Under a common mindset with our herein proposed work, Li [12] presented Silhouette; a real-time, lightweight video classification method that only uses statistics for video title identification; Stikkelorum [11] used state machines to match video segments and reward segments in order to identify the video title in the encrypted Youtube video stream. Moreover, Reed and Kranch [9] used direct network observations to identify Netflix videos streaming, and Schuster et al [10] noted that video streams are uniquely characterized by their burst patterns, such that by implementing a Convolutional Neural Network (CNN) they could accurately identify them.…”

Section: Related Workmentioning

confidence: 99%

Clustering the Unknown - The Youtube Case

Dvir

Marnerides

Dubin

et al. 2019

2019 International Conference on Computing, Networking and Communications (ICNC)

View full text Add to dashboard Cite

Recent stringent end-user security and privacy requirements caused the dramatic rise of encrypted video streams in which YouTube encrypted traffic is one of the most prevalent. Regardless of their encrypted nature, metadata derived from such traffic flows can be utilized to identify the title of a video, thus enabling the classification of video streams into a single video title using a given video title set. Nonetheless, scenarios where no video title set is present and a supervised approach is not feasible, are both frequent and challenging. In this paper we go beyond previous studies and demonstrate the feasibility of clustering unknown video streams into subgroups although no information is available about the title name. We address this problem by exploring Natural Language Processing (NLP) formulations and Word2vec techniques to compose a novel statistical feature in order to further cluster unknown video streams. Through our experimental results over real datasets we demonstrate that our methodology is capable to cluster 72 video titles out of 100 video titles from a dataset of 10,000 video streams. Thus, we argue that the proposed methodology could sufficiently contribute to the newly rising and demanding domain of encrypted Internet traffic classification.

show abstract

Identifying HTTPS-Protected Netflix Videos in Real-Time

Cited by 68 publications

References 6 publications

Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic

Transparent and Service-Agnostic Monitoring of Encrypted Web Traffic

Reducing Metadata Leakage from Encrypted Files and Communication with PURBs

Clustering the Unknown - The Youtube Case

Contact Info

Product

Resources

About