Side Channel Analysis of Encrypted Video Streaming Traffic

 Network encryption can protect its user’s privacy and identity, but encrypted traffic is still vulnerable to side-channel attacks. A VPN or TOR can provide added layers of protection, but leaking information through side-channel analysis is still possible even with these protections. Side-channel attacks can lead to private or confidential information being revealed. Dynamic Adaptive Streaming over HTTPS is one example of a protocol that is vulnerable to side-channel attacks. This paper examines two machine-learning models for identifying encrypted videos streamed using DASH. The models include a convolutional neural network and a random forest classifier. Different features and capture lengths were examined and compared for each machine-learning model. The video traffic includes videos streamed using SSL/TLS, VPN, and TOR connections. Different resolutions (240p, 360p, 540p, and auto) were used when streaming the videos and collecting the traffic data. The data was divided into two categories: TOR only and mixed data (mix of SSL/TLS, VPN, and TOR). Each method has different benefits and trade-offs, including accuracy, scalability, and complexity. By achieving an accuracy of over 90% in some test cases, these methods demonstrate a vulnerability in the DASH protocol that allows videos to be uniquely identified from encrypted traffic.