Abstract
It is effective for supervisors to monitor the network by analyzing traffic from devices.In this way, illegal video can be detected when it is played on the network. Most Internet traffic is encrypted, which brings difficulties to traffic analysis. However, many researches suggest that even if the video traffic is encrypted, the information of video segmentation leaked by DASH (Dynamic Adaptive Streaming over HTTP) can also be used to identify the content of encrypted video traffic without decryption. Moreover, each encrypted video stream can be represented by a fragment sequence. This paper presents two methods based on Levenshtein distance for encrypted video traffic analysis. Using the distance distribution fitted by gamma distribution functions, we calculated a threshold to determine whether two encrypted video traffic belonging to the same video. The accuracy of the judgment using the threshold reached 89%, stably. As far as I am concerned, it is the first work to apply unsupervised methods for content analysis of encrypted video traffic.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Aceto, G., Ciuonzo, D., Montieri, A., Pescapé, A.: Mobile encrypted traffic classification using deep learning: experimental evaluation, lessons learned, and challenges. IEEE Trans. Netw. Service Manag. 16(2), 445–458 (2019)
Ameigeiras, P., Ramos-Munoz, J.J., Navarro-Ortiz, J., Lopez-Soler, J.M.: Analysis and modelling of youtube traffic. Trans. Emerg. Telecommun. Technol. 23(4), 360–377 (2012)
Anderson, B., McGrew, D.: Identifying encrypted malware traffic with contextual flow data. In: Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security. pp. 35–46 (2016)
Anderson, B., Paul, S., McGrew, D.: Deciphering malware’s use of tls (without decryption). J. Comput. Virol. Hacking Tech. 14(3), 195–211 (2018)
Bagaria, S., Balaji, R., Bindhumadhava, B.: Detecting malignant tls servers using machine learning techniques. arXiv preprint arXiv:1705.09044 (2017)
Bujlow, T., Carela-Español, V., Barlet-Ros, P.: Independent comparison of popular dpi tools for traffic classification. Comput. Netw. 76, 75–89 (2015)
Cisco, C.V.N.I.: The zettabyte era-trends and analysis, 2015–2020. white paper (2016)
Dierks, T., Rescorla, E.: Rfc 5246-the transport layer security (tls) protocol version 1.2. Internet Engineering Task Force (2008)
Dubin, R., Dvir, A., Pele, O., Hadar, O.: The video streams pcap files dataset. http://www.cse.bug.ac.il/title_fingerprinting/ (2017)
Dubin, R., Dvir, A., Pele, O., Hadar, O.: I know what you saw last minute-encrypted http adaptive video streaming title classification. IEEE Trans. Inf. Forensics Secur. 12(12), 3039–3049 (2017)
Levenshtein, V.I.: Binary codes capable of correcting deletions, insertions, and reversals. In: Soviet physics doklady. vol. 10, pp. 707–710 (1966)
Liu, Y., Ou, C., Li, Z., Corbett, C., Mukherjee, B., Ghosal, D.: Wavelet-based traffic analysis for identifying video streams over broadband networks. In: IEEE GLOBECOM 2008–2008 IEEE Global Telecommunications Conference. pp. 1–6. IEEE (2008)
Liu, Y., Sadeghi, A.-R., Ghosal, D., Mukherjee, B.: Video streaming forensic – content identification with traffic snooping. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 129–135. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-18178-8_11
Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31–88 (2001)
Rao, A., Legout, A., Lim, Y.s., Towsley, D., Barakat, C., Dabbous, W.: Network characteristics of video streaming traffic. In: Proceedings of the Seventh Conference on Emerging Networking Experiments and Technologies. pp. 1–12 (2011)
Schuster, R., Shmatikov, V., Tromer, E.: Beauty and the burst: remote identification of encrypted video streams. In: 26th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 17). pp. 1357–1374 (2017)
Shi, Y., Ross, A., Biswas, S.: Source identification of encrypted video traffic in the presence of heterogeneous network traffic. Comput. Commun. 129, 101–110 (2018)
Yao, H., Liu, C., Zhang, P., Wu, S., Jiang, C., Yu, S.: Identification of encrypted traffic through attention mechanism based long short term memory. IEEE Trans. Big Data (2019)
Acknowledgments
This work is supported by the National Key Research and Development Program of China (No. 2018YFB0204301), Open Foundation of State Key Laboratory of Cryptology (No: MMKFKT201617), and the NUDT Research Grants (No. ZK19-38).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yang, L., Zeng, Y., Fu, S., Luo, Y. (2020). Unsupervised Analysis of Encrypted Video Traffic Based on Levenshtein Distance. In: Xiang, Y., Liu, Z., Li, J. (eds) Security and Privacy in Social Networks and Big Data. SocialSec 2020. Communications in Computer and Information Science, vol 1298. Springer, Singapore. https://doi.org/10.1007/978-981-15-9031-3_9
Download citation
DOI: https://doi.org/10.1007/978-981-15-9031-3_9
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-9030-6
Online ISBN: 978-981-15-9031-3
eBook Packages: Computer ScienceComputer Science (R0)