I see what you’re watching on your streaming service: Fast identification of dash encrypted network traces

Paper i proceeding, 2023

In recent years, concerns about the privacy of users data have raised as testified by the wide adoption of the HTTPS protocol over its unencrypted predecessor. This work demonstrates, however, that the encryption used in HTTPS does not guarantee that the user’s data is hidden when streaming videos using the DASH protocol. We show that the encryption can be bypassed by exploiting recognizable and predictable patterns produced by DASH in side-channels. To demonstrate our attack, we have collected 100k fingerprints from the SVT Play streaming platform, and have shown that encrypted videos can reliably and quickly be identified by capturing streamed HTTPS traffic and comparing it against the fingerprint database. Compared with previous work, our evaluation demonstrates the superior accuracy in our approach as well as its capacity of swiftly identify videos that are playing from an arbitrary timestamp. Our prototype is, to the best of our knowledge, the fastest and most accurate video streaming recognizer to date, only requiring as little as 12 seconds of network traffic to infer a video title with more than 98% accuracy among a catalogue of 20k videos. Our results call for future updates in the DASH protocol designed to circumvent the privacy leak we have shown. An open- source implementation of our prototype is publicly available at https://github.com/embeage/streaming-identification.