8 research outputs found
E-Ensemble: A Novel Ensemble Classifier for Encrypted Video Identification
In recent years, video identification within encrypted network traffic has gained popularity for many reasons. For example, a government may want to track what content is being watched by its citizens, or businesses may want to block certain content for productivity. Many such reasons advocate for the need to track users on the internet. However, with the introduction of the secure socket layer (SSL) and transport layer security (TLS), it has become difficult to analyze traffic. In addition, dynamic adaptive streaming over HTTP (DASH), which creates abnormalities due to the variable-bitrate (VBR) encoding, makes it difficult for researchers to identify videos in internet traffic. The default quality settings in browsers automatically adjust the quality of streaming videos depending on the network load. These auto-quality settings also increase the challenge in video detection. This paper presents a novel ensemble classifier, E-Ensemble, which overcomes the abnormalities in video identification in encrypted network traffic. To achieve this, three different classifiers are combined by using two different combinations of classifiers: the hard-level and soft-level combinations. To verify the performance of the proposed classifier, the classifiers were trained on a video dataset collected over one month and tested on a separate video dataset captured over 20 days at a different date and time. The soft-level combination of classifiers showed more stable results in handling abnormalities in the dataset than those of the hard-level combination. Furthermore, the soft-level classifier combination technique outperformed the hard-level combination with a high accuracy of 81.81%, even in the auto-quality mode
SCNN-Attack: A Side-Channel Attack to Identify YouTube Videos in a VPN and Non-VPN Network Traffic
Encryption Protocols e.g., HTTPS is utilized to secure the traffic between servers and clients for YouTube and other video streaming services, and to further secure the communication, VPNs are used. However, these protocols are not sufficient to hide the identity of the videos from someone who can sniff the network traffic. The present work explores the methodologies and features to identify the videos in a VPN and non-VPN network traffic. To identify such videos, a side-channel attack using a Sequential Convolution Neural Network is proposed. The results demonstrate that a sequence of bytes per second from even one-minute sniffing of network traffic is sufficient to predict the video with high accuracy. The accuracy is increased to 90% accuracy in the non-VPN, 66% accuracy in the VPN, and 77% in the mixed VPN and non-VPN traffic, for models with two-minute sniffing
On the Feasibility of Fingerprinting Collaborative Robot Traffic
This study examines privacy risks in collaborative robotics, focusing on the
potential for traffic analysis in encrypted robot communications. While
previous research has explored low-level command recovery, our work
investigates high-level motion recovery from command message sequences. We
evaluate the efficacy of traditional website fingerprinting techniques (k-FP,
KNN, and CUMUL) and their limitations in accurately identifying robotic actions
due to their inability to capture detailed temporal relationships. To address
this, we introduce a traffic classification approach using signal processing
techniques, demonstrating high accuracy in action identification and
highlighting the vulnerability of encrypted communications to privacy breaches.
Additionally, we explore defenses such as packet padding and timing
manipulation, revealing the challenges in balancing traffic analysis resistance
with network efficiency. Our findings emphasize the need for continued
development of practical defenses in robotic privacy and security.Comment: 12 page
Practical Traffic Analysis Attacks on Secure Messaging Applications
Instant Messaging (IM) applications like Telegram, Signal, and WhatsApp have
become extremely popular in recent years. Unfortunately, such IM services have
been targets of continuous governmental surveillance and censorship, as these
services are home to public and private communication channels on socially and
politically sensitive topics. To protect their clients, popular IM services
deploy state-of-the-art encryption mechanisms. In this paper, we show that
despite the use of advanced encryption, popular IM applications leak sensitive
information about their clients to adversaries who merely monitor their
encrypted IM traffic, with no need for leveraging any software vulnerabilities
of IM applications. Specifically, we devise traffic analysis attacks that
enable an adversary to identify administrators as well as members of target IM
channels (e.g., forums) with high accuracies. We believe that our study
demonstrates a significant, real-world threat to the users of such services
given the increasing attempts by oppressive governments at cracking down
controversial IM channels.
We demonstrate the practicality of our traffic analysis attacks through
extensive experiments on real-world IM communications. We show that standard
countermeasure techniques such as adding cover traffic can degrade the
effectiveness of the attacks we introduce in this paper. We hope that our study
will encourage IM providers to integrate effective traffic obfuscation
countermeasures into their software. In the meantime, we have designed and
deployed an open-source, publicly available countermeasure system, called
IMProxy, that can be used by IM clients with no need for any support from IM
providers. We have demonstrated the effectiveness of IMProxy through
experiments
Improving ABR Video Streaming Design with Systematic QoE Measurement and Cross Layer Analysis
Adaptive Bitrate streaming (ABR) has been widely adopted by mobile video services to deliver satisfying Quality of Experience (QoE) over cellular network with time-varying bandwidth conditions. To build an ABR service, a wide range of critical components spanning different entities need to be determined. It is challenging to achieve designs with good QoE properties, as the streaming performance depends on complex interactions among the various factors. To make it more complex, many design decisions also involve tradeoffs among different QoE metrics.
To address this challenge, in this dissertation, we build four systems to provide systematic support for video QoE measurements and cross-layer analysis. First, we build a general black-box measurement platform based on standard ABR protocols and common UI designs. It analyzes HTTP information in the network traffic and correlates UI events of mobile video apps to reveal ABR design and identify QoE issues. Second, to address the challenge brought by increasingly adopted encryption protocols such HTTPS and QUIC, we develop a technique called CSI to infer ABR video adaptation behavior based on packet size and timing information still available in the encrypted traffic. Third, we explore a conceptually very different approach to QoE measurement --- utilizing the on-device recording capability to record the video displayed on the mobile device screen and measuring delivered QoE from this recording. We design a novel system VideoEye to conduct such screen-recording-based QoE analysis. Lastly, to understand the interaction of existing video streaming system design with the new transport protocol QUIC, we build a platform WIQ to perform what-if analysis and measure the video QoE impact of QUIC without the need of modifying the server or client implementation. Leveraging these systems, we perform measurements on popular streaming services, understand the QoE implications of various ABR design, identify a wide range of QoE issues and develop best practices.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/155039/1/xsc_1.pd
Network and Content Intelligence for 360 Degree Video Streaming Optimization
In recent years, 360° videos, a.k.a. spherical frames, became popular among users
creating an immersive streaming experience. Along with the advances in smart-
phones and Head Mounted Devices (HMD) technology, many content providers
have facilitated to host and stream 360° videos in both on-demand and live stream-
ing modes. Therefore, many different applications have already arisen leveraging
these immersive videos, especially to give viewers an impression of presence in a
digital environment. For example, with 360° videos, now it is possible to connect
people in a remote meeting in an interactive way which essentially increases the
productivity of the meeting. Also, creating interactive learning materials using
360° videos for students will help deliver the learning outcomes effectively.
However, streaming 360° videos is not an easy task due to several reasons. First,
360° video frames are 4–6 times larger than normal video frames to achieve the
same quality as a normal video. Therefore, delivering these videos demands higher
bandwidth in the network. Second, processing relatively larger frames requires
more computational resources at the end devices, particularly for end user devices
with limited resources. This will impact not only the delivery of 360° videos but
also many other applications running on shared resources. Third, these videos need
to be streamed with very low latency requirements due their interactive nature.
Inability to satisfy these requirements can result in poor Quality of Experience
(QoE) for the user. For example, insufficient bandwidth incurs frequent rebuffer-
ing and poor video quality. Also, inadequate computational capacity can cause
faster battery draining and unnecessary heating of the device, causing discomfort
to the user. Motion or cyber–sickness to the user will be prevalent if there is an
unnecessary delay in streaming. These circumstances will hinder providing im-
mersive streaming experiences to the much-needed communities, especially those
who do not have enough network resources.
To address the above challenges, we believe that enhancements to the three main
components in video streaming pipeline, server, network and client, are essential.
Starting from network, it is beneficial for network providers to identify 360° video
flows as early as possible and understand their behaviour in the network to effec-
tively allocate sufficient resources for this video delivery without compromising the
quality of other services. Content servers, at one end of this streaming pipeline, re-
quire efficient 360° video frame processing mechanisms to support adaptive video streaming mechanisms such as ABR (Adaptive Bit Rate) based streaming, VP
aware streaming, a streaming paradigm unique to 360° videos that select only
part of the larger video frame that fall within the user-visible region, etc. On the
other end, the client can be combined with edge-assisted streaming to deliver 360°
video content with reduced latency and higher quality.
Following the above optimization strategies, in this thesis, first, we propose a mech-
anism named 360NorVic to extract 360° video flows from encrypted video traffic
and analyze their traffic characteristics. We propose Machine Learning (ML) mod-
els to classify 360° and normal videos under different scenarios such as offline, near
real-time, VP-aware streaming and Mobile Network Operator (MNO) level stream-
ing. Having extracted 360° video traffic traces both in packet and flow level data
at higher accuracy, we analyze and understand the differences between 360° and
normal video patterns in the encrypted traffic domain that is beneficial for effec-
tive resource optimization for enhancing 360° video delivery. Second, we present
a WGAN (Wesserstien Generative Adversarial Network) based data generation
mechanism (namely VideoTrain++) to synthesize encrypted network video traffic,
taking minimal data. Leveraging synthetic data, we show improved performance
in 360° video traffic analysis, especially in ML-based classification in 360NorVic.
Thirdly, we propose an effective 360° video frame partitioning mechanism (namely
VASTile) at the server side to support VP-aware 360° video streaming with dy-
namic tiles (or variable tiles) of different sizes and locations on the frame. VASTile
takes a visual attention map on the video frames as the input and applies a com-
putational geometric approach to generate a non-overlapping tile configuration to
cover the video frames adaptive to the visual attention. We present VASTile as a
scalable approach for video frame processing at the servers and a method to re-
duce bandwidth consumption in network data transmission. Finally, by applying
VASTile to the individual user VP at the client side and utilizing cache storage
of Multi Access Edge Computing (MEC) servers, we propose OpCASH, a mech-
anism to personalize the 360° video streaming with dynamic tiles with the edge
assistance. While proposing an ILP based solution to effectively select cached
variable tiles from MEC servers that might not be identical to the requested VP
tiles by user, but still effectively cover the same VP region, OpCASH maximize
the cache utilization and reduce the number of requests to the content servers in
congested core network. With this approach, we demonstrate the gain in latency
and bandwidth saving and video quality improvement in personalized 360° video
streaming