吴桦  等:大型指纹库场景中加密视频识别方法                                                          3329


                 目前已有的加密视频识别方法评估都使用了区分度不高的查全率,但都回避了在大型指纹库中的查准率和假
                 阳率指标,导致已有的研究成果无法应用于大型指纹库中.本文的成果填补了这一空白,具有很强的应用价值.
                    本文的关键技术在于基于 TLS1.2 加密及 HTTP1.1 流水线模式传输原理提出了 ADU 长度精准复原算法
                 HHTF,在对数据预处理时,充分考虑了网络传输中的各种复杂现象,保证了待匹配数据的准确性,从而能够提取
                 出关键特征.而现有成果的研究重点都是在后期的匹配算法上,并未考虑网络传输环境的复杂性,无法提取出数
                 据的关键特征,因此无法精准复原视频指纹,导致在大型数据库场景中的性能无法得到保证.
                    本文利用 ADU 加密传输过程中的协议规范将加密传输的 ADU 长度精准复原,但是 Internet 上的协议规范
                 会不断更新,现在已有一些网站使用 TLS1.3 协议进行加密传输,要想保持算法结果的精确性,就需要提取新的
                 特征值.此外,使用基于 UDP 的 QUIC 协议进行加密传输也是发展趋势之一,对 QUIC 协议的特征提取是识别
                 QUIC 协议加密传输视频的关键,这些都是未来本领域的研究点.

                 References:
                 [1]    Zhao B, Guo H, Liu QR, Wu JX. Protocol independent identification of encrypted traffic based on weighted cumulative sum test.
                     Ruan Jian  Xue  Bao/Journal of Software, 2013,24(6):13341345  (in Chinese with English abstract).  http://www.jos.org.cn/1000-
                     9825/4279.htm [doi: 10.3724/SP.J.1001.2013.04279]
                 [2]    Velan P, Čermák M, Čeleda P, Drašar M. A survey of methods for encrypted traffic classification and analysis. Int’l Journal of
                     Network Management, 2015,25(5):355374. [doi: 10.1002/nem.1901]
                 [3]    Xiang C, Chen Q, Xue M, Zhu H. APPCLASSIFIER: Automated app inference on encrypted traffic via Meta data analysis. In: Proc.
                     of the 2018 IEEE  Global  Communications  Conf. (GLOBECOM). Piscataway: IEEE, 2018.  17. [doi:  10.1109/GLOCOM.2018.
                     8647508]
                 [4]    Taylor VF, Spolaor R, Conti M, Martinovic I. Robust smartphone app identification via encrypted network traffic analysis. IEEE
                     Trans. on Information Forensics and Security, 2017,13(1):6378. [doi: 10.1109/TIFS.2017.2737970]
                 [5]    Anderson  B, Paul  S, McGrew  D.  Deciphering Malware’s use of  TLS (without decryption).  Journal of Computer  Virology  and
                     Hacking Techniques, 2018,14:195211. [doi: 10.1007/s11416-017-0306-6]
                 [6]    Anderson B, McGrew D. Identifying encrypted Malware traffic with contextual flow data. In: Proc. of the 2016 ACM Workshop on
                     Artificial Intelligence and Security. New York: ACM, 2016. 3546. [doi: 10.1145/2996758.2996768]
                 [7]    Ahmed ME, Ullah  S, Kim H.  Statistical application fingerprinting  for DDoS attack mitigation.  IEEE Trans.  on  Information
                     Forensics and Security, 2019,14(6):14711484. [doi: 10.1109/TIFS.2018.2879616]
                 [8]    Biernacki A. Identification of adaptive video streams based on traffic correlation. Multimedia Tools and Applications, 2019,78(13):
                     1827118291. [doi: 10.1007/s11042-019-7183-6]
                 [9]    Li F,  Chung JW,  Claypool M. Silhouette: Identifying  YouTube video flows from  encrypted traffic. In: Proc. of the 28th ACM
                     SIGMM Workshop on Network and Operating Systems Support for Digital Audio and Video. New York: ACM, 2018. 1924.
                [10]    Tang S, Qin XW, Wei G. Network-based video quality assessment for encrypted HTTP adaptive streaming. IEEE Access, 2018,6:
                     5624656257. [doi: 10.1109/ACCESS.2018.2872932]
                [11]    Orsolic I, Skorin-Kapov L, Suznjevic M. Towards a framework for classifying YouTube QoE based on monitoring of encrypted
                     traffic. In: Proc. of the Int’l Young Researcher Summit on Quality of Experience in Emerging Multimedia Services (QEEMS 2017).
                     2019. https://www.fer.unizg.hr/_news/71871/qeems_paper.pdf
                [12]    Orsolic I, Pevec D, Suznjevic M, Skorin-Kapov L. A machine learning approach to classifying YouTube QoE based on encrypted
                     network traffic. Multimedia Tools and Applications, 2017,76(21):2226722301. [doi: 10.1007/s11042-017-4728-4]
                [13]    Dimopoulos G, Leontiadis I, Barlet-Ros P, Papagiannaki K. Measuring video QoE from encrypted traffic. In: Proc. of the 2016
                     Internet Measurement Conf. New York: ACM, 2016. 513526. [doi: 10.1145/2987443.2987459]
                [14]    Pan W, Cheng G, Wu H, Tang Y. Towards QoE assessment of encrypted YouTube adaptive video streaming in mobile networks. In:
                     Proc. of the 24th IEEE/ACM Int’l Symp. on Quality of Service (IWQoS). Piscataway: IEEE, 2016. 16. [doi: 10.1109/IWQoS.2016.
                     7590437]
                [15]    CISCO. Cisco Annual Internet Report (2018-2023) White Paper, 2019. https://www.cisco.com/c/en/us/solutions/collateral/service-
                     provider/visual-networking-index-vni/white-paper-c11-741490.html
                [16]    Gu XD, Yang M, Luo JZ, Jiang P. Website fingerprinting attack based on hyperlink relations. Chinese Journal of Computers, 2015,
                     38(4):833845 (in Chinese with English abstract). [doi: 10.3724/SP.J.1016.2015.00833]