I Know What You Saw Last Minute - The Chrome Browser Case

Explore a 28-minute Black Hat conference talk that delves into the security implications of HTTP Adaptive Streaming (HAS) and Dynamic Adaptive Streaming over HTTP (DASH) for online video consumption. Discover how Ran Dubin investigates the potential for identifying viewed content through traffic analysis, focusing on YouTube's implementation in the Chrome browser. Learn about the encoding of YouTube videos, encrypted network traffic patterns, and proposed machine learning solutions using Support Vector Machines (SVM) and Neural Networks (NN) for classification. Gain insights into the accuracy of these methods and their potential impact on user privacy in the age of widespread mobile video streaming.

Intro
Motivation
The Scenario
Brief Partial Overview of SSL/TLS
How Can "I Know What You Saw"? 1. How are YouTube videos encoded?
Introduction To HTTP Adaptive Streaming (HAS)
YouTube Encrypted Network Traffic
YouTube Flow Patterns - The Web Proxy Perspective
YouTube HTTP Byte Range
Related Works
Proposed Machine Learning Solution 1. Traffic Analysis
BPP Index Vs Download Copy
Pre-Processing
Proposed algorithms 1. Support Vector Machines (SVM) with Radial Basis Function (RBF) . With a BPP feature vector
SVM with Radial Basis Function (RBF) Kernel
BPP Set Feature
NN Algorithm • Similarity score between two BPP-sets is the cardinality of the intersection set
Classification Accuracy
Confusion Matrices
Ongoing Results