recentpopularlog in

jabley : https   40

Identifying HTTPS-Protected Netflix Videos in Real-Time
After more than a year of research and development, Netflix
recently upgraded their infrastructure to provide HTTPS
encryption of video streams in order to protect the privacy of their
viewers. Despite this upgrade, we demonstrate that it is possible to
accurately identify Netflix videos from passive traffic capture in
real-time with very limited hardware requirements. Specifically,
we developed a system that can report the Netflix video being
delivered by a TCP connection using only the information
provided by TCP/IP headers.
To support our analysis, we created a fingerprint database
comprised of 42,027 Netflix videos. Given this collection of
fingerprints, we show that our system can differentiate between
videos with greater than 99.99% accuracy. Moreover, when tested
against 200 random 20-minute video streams, our system
identified 99.5% of the videos with the majority of the
identifications occurring less than two and a half minutes into the
video stream.
filetype:pdf  paper  https  data  leak  tls  security 
april 2017 by jabley
Optimizing TLS for High–Bandwidth Applications in FreeBSD
Transport Layer Security (TLS) is becoming increasingly
desirable and necessary in the modern Internet.
Unfortunately it also induces heavy penalties on application
CPU performance for both the client and server. In this paper
we examine the server-side performance implications on CPU
computational and data-movement overhead when enabling TLS
on Netflix’s OpenConnect Appliance (OCA [1]) network. We then
explore enhancements to FreeBSD to reduce the costs that TLS
adds when serving high volumes of video traffic. Finally we
describe recent changes and future improvements to FreeBSD’s
OpenCrypto Framework that can be used to further improve
netflix  https  paper  freebsd  performance  filetype:pdf 
august 2016 by jabley

Copy this bookmark:

to read