Watching the Watchers: Practical Video Identification Attack in LTE Networks

Paper

Published Aug. 11, 2022 by USENIX Security 2022.

(1 review)

A video identification attack is a tangible privacy threat that can reveal videos that victims are watching. In this paper, we present the first study of a video identification attack in Long Term Evolution (LTE) networks. We discovered that, by leveraging broadcast radio signals, an unprivileged adversary equipped with a software-defined radio can 1) identify mobile users who are watching target videos of the adversary's interest and then 2) infer the video title that each of these users is watching. Using 46,810 LTE traces of three video streaming services from three cellular operators, we demonstrate that our attack achieves an accuracy of up to 0.985. We emphasize that this high level of accuracy stems from overcoming the unique challenges related to the operational logic of LTE networks and video streaming systems. Finally, we present an end-to-end attack scenario leveraging the presented video identification attack and propose countermeasures that are readily …

A video identification attack is a tangible privacy threat that can reveal videos that victims are watching. In this paper, we present the first study of a video identification attack in Long Term Evolution (LTE) networks. We discovered that, by leveraging broadcast radio signals, an unprivileged adversary equipped with a software-defined radio can 1) identify mobile users who are watching target videos of the adversary's interest and then 2) infer the video title that each of these users is watching. Using 46,810 LTE traces of three video streaming services from three cellular operators, we demonstrate that our attack achieves an accuracy of up to 0.985. We emphasize that this high level of accuracy stems from overcoming the unique challenges related to the operational logic of LTE networks and video streaming systems. Finally, we present an end-to-end attack scenario leveraging the presented video identification attack and propose countermeasures that are readily applicable to current LTE networks.

1 edition

Jacob T. reviewed Watching the Watchers: Practical Video Identification Attack in LTE Networks by Dongkwan Kim

Scary capability, good research

4 stars

[Included in ThinkstScapes]

This paper explored using ML techniques to identify LTE devices streaming specific content via their bandwidth fingerprint. The authors identify that video streaming encodes a specific duration of video into a data-chunk, so each video has a unique sequence of transmitted chunk sizes, allowing for fingerprinting a media sample, and then classifying an encrypted network stream to determine if it is that video.

The experiment ran both open and closed world, and showed high accuracy, even with other device processes using data, and with other channel usage to increase channel capacity. In short, they were able to [with high confidence] determine what video every LTE device was watching in a cell (assuming it was seen prior).