recentpopularlog in

jabley : tls   59

Identifying HTTPS-Protected Netflix Videos in Real-Time
After more than a year of research and development, Netflix
recently upgraded their infrastructure to provide HTTPS
encryption of video streams in order to protect the privacy of their
viewers. Despite this upgrade, we demonstrate that it is possible to
accurately identify Netflix videos from passive traffic capture in
real-time with very limited hardware requirements. Specifically,
we developed a system that can report the Netflix video being
delivered by a TCP connection using only the information
provided by TCP/IP headers.
To support our analysis, we created a fingerprint database
comprised of 42,027 Netflix videos. Given this collection of
fingerprints, we show that our system can differentiate between
videos with greater than 99.99% accuracy. Moreover, when tested
against 200 random 20-minute video streams, our system
identified 99.5% of the videos with the majority of the
identifications occurring less than two and a half minutes into the
video stream.
filetype:pdf  paper  https  data  leak  tls  security 
april 2017 by jabley

Copy this bookmark:

to read