ABSTRACT
Mobile video streaming services have widely adopted Adaptive Bitrate (ABR) streaming to dynamically adapt the streaming quality to variable network conditions. A wide range of third-party entities such as network providers and testing services need to understand such adaptation behavior for purposes such as QoE monitoring and network management. The traditional approach involved conducting test runs and analyzing the HTTP-level information from the associated network traffic to understand the adaptation behavior under different network conditions. However, end-to-end traffic encryption protocols such as HTTPS and QUIC are being increasingly used by streaming services, hindering such traditional traffic analysis approaches.
To address this, we develop CSI (Chunk Sequence Inferencer), a general system that enables third-parties to conduct active measurements and infer mobile ABR video adaptation behavior based on packet size and timing information still available in the encrypted traffic. We perform extensive evaluations and demonstrate that CSI achieves high inference accuracy for video encodings of popular streaming services covering various ABR system designs. As an illustration, for a popular mobile video service, we show that CSI can effectively help understand the video QoE implications of network traffic shaping policies and develop optimized policies, even in the presence of encryption.
- [n.d.]. Big Buck Bunny. https://peach.blender.org/.Google Scholar
- [n.d.]. Chrome Devtools. https://developers.google.com/web/tools/chrome-devtools/.Google Scholar
- [n.d.]. draft-ietf-quic-tls-13 - Using Transport Layer Security (TLS) to Secure QUIC. https://tools.ietf.org/html/draft-ietf-quic-tls-13.Google Scholar
- [n.d.]. FFmpeg. http://ffmpeg.org.Google Scholar
- [n.d.]. Firefox Developer Tools. https://developer.mozilla.org/en-US/docs/Tools.Google Scholar
- [n.d.]. GOCR. http://jocr.sourceforge.net/.Google Scholar
- [n.d.]. google/ExoPlayer: An extensible media player for Android. https://github.com/google/exoplayer.Google Scholar
- [n.d.]. google/shaka-player: JavaScript player library / DASH client / MSE-EME player. https://github.com/google/shaka-player.Google Scholar
- [n.d.]. HBO Now Terms of Use. https://play.hbonow.com/terms.Google Scholar
- [n.d.]. Hulu Terms of Use. https://secure.hulu.com/terms.Google Scholar
- [n.d.]. Man-in-the-middle attack. https://en.wikipedia.org/wiki/Man-in-the-middle_attack.Google Scholar
- [n.d.]. MP4Box: GPAC multimedia packager. https://gpac.wp.imt.fr/mp4box/.Google Scholar
- [n.d.]. Netflix Terms of Use. https://help.netflix.com/legal/termsofuse.Google Scholar
- [n.d.]. Optimized shot-based encodes: Now Streaming! https://medium.com/netflix-techblog/optimized-shot-based-encodes-now-streaming-4b9464204830.Google Scholar
- [n.d.]. Per-Title Encode Optimization. https://medium.com/netflix-techblog/per-title-encode-optimization-7e99442b62a2.Google Scholar
- [n.d.]. Quick Start Guide to Using Cronet. https://chromium.googlesource.com/chromium/src/+/master/components/cronet.Google Scholar
- [n.d.]. RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2. https://tools.ietf.org/html/rfc5246.Google Scholar
- [n.d.]. RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3. https://tools.ietf.org/html/rfc8446#section-5.4.Google Scholar
- [n.d.]. Squid web proxy SSL bump feature. https://wiki.squid-cache.org/Features/SslBump.Google Scholar
- [n.d.]. SSL MITM Proxy. https://crypto.stanford.edu/ssl-mitm/.Google Scholar
- [n.d.]. Stream More Video, Use Less Data with Stream Saver - AT&T. https://www.att.com/offers/streamsaver.html.Google Scholar
- [n.d.]. Tesseract OCR. https://github.com/tesseract-ocr/tesseract.Google Scholar
- [n.d.]. Test patterns | Netflix. https://www.netflix.com/title/80018499.Google Scholar
- [n.d.]. UI Automator. https://developer.android.com/training/testing/ui-automator.Google Scholar
- [n.d.]. UI Automator. https://linux.die.net/man/8/tc-tbf.Google Scholar
- [n.d.]. Why is it so hard to "root" a smartphone? https://www.androidcentral.com/why-it-so-hard-root-smartphone.Google Scholar
- [n.d.]. Why you shouldn't root your Android phone. https://www.howtogeek.com/132115/the-case-against-root-why-android-devices-dont-come-rooted/.Google Scholar
- [n.d.]. Youtube brings us stats for nerds. http://tubularinsights.com/youtube-stats-for-nerds/.Google Scholar
- [n.d.]. Youtube Data API. https://developers.google.com/youtube/v3/.Google Scholar
- [n.d.]. youtube-dl: Download videos from YouTube. https://rg3.github.io/youtube-dl/.Google Scholar
- 2012. ISO/IEC 23009-1, Information technology - Dynamic adaptive streaming over HTTP (DASH). http://standards.iso.org/ittf/PubliclyAvailableStandards/c057623_ISO_IEC_23009-1_2012.zip.Google Scholar
- 2016. ExoPlayer 2 - Why, what and when? https://medium.com/google-exoplayer/exoplayer-2-x-why-what-and-when-74fd9cb139.Google Scholar
- 2016. ExoPlayer from the other side. https://medium.com/google-exoplayer/exoplayer-from-the-other-side-5909553abae2.Google Scholar
- 2016. Protecting Netflix Viewing Privacy at Scale. https://medium.com/netflix-techblog/protecting-netflix-viewing-privacy-at-scale-39c675d88f45.Google Scholar
- 2016. WhatsApp For Android Devices. https://tech.blorge.com/2016/09/23/whatsapp-2-16-274-download-available/-android-devices-new-emojis/155538.Google Scholar
- 2016. YouTube's road to HTTPS. https://youtube-eng.googleblog.com/2016/08/youtubes-road-to-https.html.Google Scholar
- 2017. Android Network Security Configuration. https://developer.android.com/training/articles/security-config.html.Google Scholar
- 2017. App share of total mobile minutes in leading online markets. https://www.statista.com/statistics/692752/app-share-of-mobile-minutes-countries/.Google Scholar
- 2017. Building Periscope for Android. http://nerds.airbnb.com/building-periscope-for-android/.Google Scholar
- 2017. Cisco Visual Networking Index: Forecast and Methodology, 2016-2021. https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/mobile-white-paper-c11-520862.html.Google Scholar
- 2017. Openwave Mobility Mobile Video Index, Dec 2017. https://owmobility.com/whitepapers/.Google Scholar
- 2017. The 2017 U.S. Mobile App Report. https://www.comscore.com/Insights/Presentations-and-Whitepapers/2017/The-2017--US-Mobile-App-Report.Google Scholar
- 2018. IETF QUIC working group. https://datatracker.ietf.org/wg/quic.Google Scholar
- 2018. Mobile App versus Mobile Website Statistics. https://jmango360.com/wiki/mobile-app-vs-mobile-website-statistics/.Google Scholar
- Saamer Akhshabi, Ali C Begen, and Constantine Dovrolis. 2011. An experimental evaluation of rate-adaptation algorithms in adaptive streaming over HTTP. In Proceedings of the second annual ACM conference on Multimedia systems. ACM, 157--168.Google ScholarDigital Library
- Johanna Amann, Oliver Gasser, Quirin Scheitle, Lexi Brent, Georg Carle, and Ralph Holz. 2017. Mission accomplished?: HTTPS security after diginotar. In Proceedings of the 2017 Internet Measurement Conference. ACM, 325--340.Google ScholarDigital Library
- Xiang Cai, Xin Cheng Zhang, Brijesh Joshi, and Rob Johnson. 2012. Touching from a distance: Website fingerprinting attacks and defenses. In Proceedings of the 2012 ACM conference on Computer and communications security. ACM, 605--616.Google ScholarDigital Library
- Aldo Cortesi, Maximilian Hils, Thomas Kriechbaumer, and contributors. 2010--. mitmproxy: A free and open source interactive HTTPS proxy. https://mitmproxy.org/ [Version 4.0].Google Scholar
- Scott E Coull and Kevin P Dyer. 2014. Traffic analysis of encrypted messaging services: Apple imessage and beyond. ACM SIGCOMM Computer Communication Review 44, 5 (2014), 5--11.Google ScholarDigital Library
- Jan De Cock, Aditya Mavlankar, Anush Moorthy, and Anne Aaron. 2016. A large-scale video codec comparison of x264, x265 and libvpx for practical VOD applications. In Applications of Digital Image Processing XXXIX, Vol. 9971. International Society for Optics and Photonics, 997116.Google Scholar
- Edsger W Dijkstra. 1959. A note on two problems in connexion with graphs. Numerische mathematik 1, 1 (1959), 269--271.Google Scholar
- Giorgos Dimopoulos, Ilias Leontiadis, Pere Barlet-Ros, and Konstantina Papagiannaki. 2016. Measuring video QoE from encrypted traffic. In Proceedings of the 2016 Internet Measurement Conference. ACM, 513--526.Google ScholarDigital Library
- Kevin P Dyer, Scott E Coull, Thomas Ristenpart, and Thomas Shrimpton. 2012. Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. In Security and Privacy (SP), 2012 IEEE Symposium on. IEEE, 332--346.Google ScholarDigital Library
- Tobias Flach, Pavlos Papageorge, Andreas Terzis, Luis Pedrosa, Yuchung Cheng, Tayeb Karim, Ethan Katz-Bassett, and Ramesh Govindan. 2016. An Internet-wide analysis of traffic policing. In Proceedings of the 2016 ACM SIGCOMM Conference. ACM, 468--482.Google ScholarDigital Library
- Jiaxi Gu, Jiliang Wang, Zhiwen Yu, and Kele Shen. 2018. Walls Have Ears: Traffic-based Side-channel Attack in Video Streaming. In INFOCOM 2018-IEEE Conference on Computer Communications, IEEE. IEEE.Google Scholar
- Jian He, Mubashir Adnan Qureshi, Lili Qiu, Jin Li, Feng Li, and Lei Han. 2018. Favor: fine-grained video rate adaptation. In MMSys.Google Scholar
- Te-Yuan Huang, Nikhil Handigol, Brandon Heller, Nick McKeown, and Ramesh Johari. 2012. Confused, timid, and unstable: picking a video streaming rate is hard. In Proceedings of the 2012 ACM conference on Internet measurement conference. ACM, 225--238.Google ScholarDigital Library
- Te-Yuan Huang, Ramesh Johari, Nick McKeown, Matthew Trunnell, and Mark Watson. 2015. A buffer-based approach to rate adaptation: Evidence from a large video streaming service. ACM SIGCOMM Computer Communication Review 44, 4 (2015), 187--198.Google ScholarDigital Library
- Alfonso Iacovazzi, Andrea Baiocchi, and Ludovico Bettini. 2013. What are you Googling?-Inferring search type information through a statistical classifier. In Global Communications Conference (GLOBECOM), 2013 IEEE. IEEE, 747--753.Google ScholarCross Ref
- Junchen Jiang, Vyas Sekar, and Hui Zhang. 2014. Improving fairness, efficiency, and stability in http-based adaptive video streaming with festive. IEEE/ACM Transactions on Networking (TON) 22, 1 (2014), 326--340.Google ScholarDigital Library
- Arash Molavi Kakhki, Samuel Jero, David Choffnes, Cristina Nita-Rotaru, and Alan Mislove. 2017. Taking a long look at QUIC: an approach for rigorous evaluation of rapidly evolving transport protocols. In Proceedings of the 2017 Internet Measurement Conference. ACM, 290--303.Google ScholarDigital Library
- Arash Molavi Kakhki, Fangfan Li, David Choffnes, Ethan Katz-Bassett, and Alan Mislove. 2016. Bingeon under the microscope: Understanding T-Mobiles zero-rating implementation. In Proceedings of the 2016 workshop on QoE-based Analysis and Management of Data Communication Networks. ACM, 43--48.Google ScholarDigital Library
- Albert Kwon, Mashael AlSabah, David Lazar, Marc Dacier, and Srinivas Devadas. 2015. Circuit fingerprinting attacks: Passive deanonymization of tor hidden services. In 24th USENIX Security Symposium (USENIX Security 15).Google ScholarDigital Library
- TV Lakshman, Antonio Ortega, and Amy R Reibman. 1998. VBR video: Tradeoffs and potentials. Proc. IEEE (1998).Google Scholar
- Adam Langley, Alistair Riddoch, Alyssa Wilk, Antonio Vicente, Charles Krasic, Dan Zhang, Fan Yang, Fedor Kouranov, Ian Swett, Janardhan Iyengar, et al. 2017. The QUIC transport protocol: Design and Internet-scale deployment. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication. ACM, 183--196.Google ScholarDigital Library
- Tarun Mangla, Emir Halepovic, Mostafa Ammar, and Ellen Zegura. 2018. eMIMIC: Estimating HTTP-based Video QoE Metrics from Encrypted Network Traffic. In IEEE/IFIP Conference on Traffic Measurement and Analysis 2018.Google ScholarCross Ref
- Tarun Mangla, Emir Halepovic, Rittwk Jana, Kyung-Wook Hwang, Marco Platania, and Mostafa Ammar. 2018. VideoNOC: Assessing Video QoE for Network Operators using Passive Measurements. In Proceedings of ACM Multimedia Systems Conference. ACM.Google ScholarDigital Library
- Ahmed Mansy, Mostafa Ammar, Jaideep Chandrashekar, and Anmol Sheth. 2014. Characterizing client behavior of commercial mobile video streaming services. In Proceedings of Workshop on Mobile Video Delivery. ACM, 8.Google Scholar
- Hongzi Mao, Ravi Netravali, and Mohammad Alizadeh. 2017. Neural adaptive video streaming with pensieve. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication. ACM, 197--210.Google ScholarDigital Library
- M Hammad Mazhar and Zubair Shafiq. 2018. Real-time Video Quality of Experience Monitoring for HTTPS and QUIC. In INFOCOM 2018-IEEE Conference on Computer Communications, IEEE. IEEE.Google Scholar
- Brad Miller, Ling Huang, Anthony D Joseph, and J Doug Tygar. 2014. I know why you went to the clinic: Risks and realization of https traffic analysis. In International Symposium on Privacy Enhancing Technologies Symposium. Springer, 143--163.Google ScholarCross Ref
- Irena Orsolic, Dario Pevec, Mirko Suznjevic, and Lea Skorin-Kapov. 2016. Youtube QoE estimation based on the analysis of encrypted network traffic using machine learning. In Globecom Workshops (GC Wkshps), 2016 IEEE. IEEE, 1--6.Google ScholarCross Ref
- Irena Orsolic, Dario Pevec, Mirko Suznjevic, and Lea Skorin-Kapov. 2017. A machine learning approach to classifying YouTube QoE based on encrypted network traffic. Multimedia tools and applications 76, 21 (2017), 22267--22301.Google Scholar
- Wubin Pan, Gaung Cheng, Hua Wu, and Yongning Tang. 2016. Towards QoE assessment of encrypted YouTube adaptive video streaming in mobile networks. In 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS). IEEE, 1--6.Google Scholar
- Roger Pantos and William May. 2016. HTTP live streaming. (2016).Google Scholar
- Yanyuan Qin, Shuai Hao, KR Pattipati, Feng Qian, Subhabrata Sen, Bing Wang, and Chaoqun Yue. 2018. ABR streaming of VBR-encoded videos: characterization, challenges, and solutions. In Proceedings of the 14th International Conference on emerging Networking EXperiments and Technologies. ACM, 366--378.Google ScholarDigital Library
- Andrew Reed and Benjamin Klimkowski. 2016. Leaky streams: Identifying variable bitrate DASH videos streamed over encrypted 802.11 n connections. In Consumer Communications & Networking Conference (CCNC), 2016 13th IEEE Annual. IEEE, 1107--1112.Google ScholarDigital Library
- Andrew Reed and Michael Kranch. 2017. Identifying HTTPS-protected Netflix videos in real-time. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy. ACM, 361--368.Google ScholarDigital Library
- Paul Schmitt, Francesco Bronzino, Sara Ayoubi, Guilherme Martins, Renata Teixeira, and Nick Feamster. 2020. Inferring Streaming Video Quality from Encrypted Traffic: Practical Models and Deployment Experience. Proceedings of the ACM on Measurement and Analysis of Computing Systems (2020).Google Scholar
- Kevin Spiteri, Rahul Urgaonkar, and Ramesh K Sitaraman. 2016. BOLA: near-optimal bitrate adaptation for online videos. In Computer Communications, IEEE INFOCOM 2016-The 35th Annual IEEE International Conference on. IEEE, 1--9.Google ScholarDigital Library
- Qixiang Sun, Daniel R Simon, Yi-Min Wang, Wilf Russell, Venkata N Padmanabhan, and Lili Qiu. 2002. Statistical identification of encrypted web browsing traffic. In Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on. IEEE, 19--30.Google ScholarDigital Library
- Andrew M White, Austin R Matthews, Kevin Z Snow, and Fabian Monrose. 2011. Phonotactic reconstruction of encrypted voip conversations: Hookt on fon-iks. In Security and Privacy (SP), 2011 IEEE Symposium on. IEEE, 3--18.Google ScholarDigital Library
- Shichang Xu, Subhabrata Sen, Z Morley Mao, and Yunhan Jia. 2017. Dissecting VOD services for cellular: performance, root causes and best practices. In Proceedings of the 2017 Internet Measurement Conference. ACM, 220--234.Google ScholarDigital Library
- Xiaoqi Yin, Abhishek Jindal, Vyas Sekar, and Bruno Sinopoli. 2015. A control-theoretic approach for dynamic adaptive video streaming over HTTP. In ACM SIGCOMM Computer Communication Review, Vol. 45. ACM, 325--338.Google ScholarDigital Library
Recommendations
Downlink resource allocation for OFDMA-based multiservice networks with imperfect CSI
ICC'09: Proceedings of the 2009 IEEE international conference on CommunicationsThis paper addresses practical implementation issues of resource allocation in OFDMA networks: inaccuracy of channel state information (CSI) available to the resource allocation unit (RAU) and diversity of subscribers' quality of service (QoS) ...
Process model-based atomic service discovery and composition of composite semantic web services using web ontology language for services OWL-S
Web Service composition has become indispensable as a single web service cannot satisfy complex functional requirements. Composition of services has received much interest to support business-to-business B2B or enterprise application integration. An ...
Study On Purchase Intention In Different Live Streaming Scenarios Based On Experimental Approach
ICEBI '22: Proceedings of the 2022 6th International Conference on E-Business and InternetLive streaming e-commerce has exploded recently. While the live streaming traffic is dominated by the top live streamers, merchants and ordinary live streamers attempt to establish self-operating live streaming, but the number of fans and sales ...
Comments