Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2405.09902 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866909205402746880 |
|---|---|
| author | Gansekoele, Arwin Bot, Tycho van der Mei, Rob Bhulai, Sandjai Hoogendoorn, Mark |
| author_facet | Gansekoele, Arwin Bot, Tycho van der Mei, Rob Bhulai, Sandjai Hoogendoorn, Mark |
| contents | Encryption on the internet with the shift to HTTPS has been an important step to improve the privacy of internet users. However, there is an increasing body of work about extracting information from encrypted internet traffic without having to decrypt it. Such attacks bypass security guarantees assumed to be given by HTTPS and thus need to be understood. Prior works showed that the variable bitrates of video streams are sufficient to identify which video someone is watching. These works generally have to make trade-offs in aspects such as accuracy, scalability, robustness, etc. These trade-offs complicate the practical use of these attacks. To that end, we propose a deep metric learning framework based on the triplet loss method. Through this framework, we achieve robust, generalisable, scalable and transferable encrypted video stream detection. First, the triplet loss is better able to deal with video streams not seen during training. Second, our approach can accurately classify videos not seen during training. Third, we show that our method scales well to a dataset of over 1000 videos. Finally, we show that a model trained on video streams over Chrome can also classify streams over Firefox. Our results suggest that this side-channel attack is more broadly applicable than originally thought. We provide our code alongside a diverse and up-to-date dataset for future research. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2405_09902 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | Unveiling the Potential: Harnessing Deep Metric Learning to Circumvent Video Streaming Encryption Gansekoele, Arwin Bot, Tycho van der Mei, Rob Bhulai, Sandjai Hoogendoorn, Mark Computer Vision and Pattern Recognition Artificial Intelligence Cryptography and Security Encryption on the internet with the shift to HTTPS has been an important step to improve the privacy of internet users. However, there is an increasing body of work about extracting information from encrypted internet traffic without having to decrypt it. Such attacks bypass security guarantees assumed to be given by HTTPS and thus need to be understood. Prior works showed that the variable bitrates of video streams are sufficient to identify which video someone is watching. These works generally have to make trade-offs in aspects such as accuracy, scalability, robustness, etc. These trade-offs complicate the practical use of these attacks. To that end, we propose a deep metric learning framework based on the triplet loss method. Through this framework, we achieve robust, generalisable, scalable and transferable encrypted video stream detection. First, the triplet loss is better able to deal with video streams not seen during training. Second, our approach can accurately classify videos not seen during training. Third, we show that our method scales well to a dataset of over 1000 videos. Finally, we show that a model trained on video streams over Chrome can also classify streams over Firefox. Our results suggest that this side-channel attack is more broadly applicable than originally thought. We provide our code alongside a diverse and up-to-date dataset for future research. |
| title | Unveiling the Potential: Harnessing Deep Metric Learning to Circumvent Video Streaming Encryption |
| topic | Computer Vision and Pattern Recognition Artificial Intelligence Cryptography and Security |
| url | https://arxiv.org/abs/2405.09902 |