1,721,184 research outputs found
Knocking on IPs: Identifying HTTPS Websites for Zero-Rated Traffic
No full textZero-rating is a technique where internet service providers (ISPs) allow consumers to utilize a specific website without charging their internet data plan. Implementing zero-rating requires an accurate website identification method that is also efficient and reliable to be applied on live network traffic. In this paper, we examine existing website identification methods with the objective of applying zero-rating. Furthermore, we demonstrate the ineffectiveness of these methods against modern encryption protocols such as Encrypted SNI and DNS over HTTPS and therefore show that ISPs are not able to maintain the current zero-rating approaches in the forthcoming future. To address this concern, we present “Open-Knock,” a novel approach that is capable of accurately identifying a zero-rated website, thwarts free-riding attacks, and is sustainable on the increasingly encrypted web. In addition, our approach does not require plaintext protocols or preprocessed fingerprints upfront. Finally, our experimental analysis unveils that we are able to convert each IP address to the correct domain name for each website in the Tranco top 6000 websites list with an accuracy of 50.5% and therefore outperform the current state-of-the-art approaches.This research was funded in part by Bijzonder Onderzoeksfonds (BOF) of Hasselt University. Finally, the authors thank Balazs Nemeth and Pieter Robyns for sharing their indepth knowledg
Realistically Fingerprinting Social Media Webpages in HTTPS Traffic
No full textIn webpage fingerprinting (WPF), an adversary attempts to identify
webpages in encrypted network traffic. Identifying social media
webpages however is a challenging task, due to the similarity and
dynamic nature of such pages. Existing webpage fingerprinting
attacks often have unrealistic assumptions regarding the capability
of government agencies or knowledge of the criminal’s environment, which renders these attacks ineffective when applied to social
media platforms. In this paper, we unravel the current concerns in
state of the art WPF attacks in a social network context for forensic
analysis. To resolve the issues presented, we propose an enhanced
version of the WPF attack ‘IUPTIS’ and introduce an intelligent
observer that significantly improves upon previous works. Furthermore, our improvements are compared to related WPF attacks by
conducting extensive experiments on two social platforms: Twitter
and Instagram. Our examination shows that the improved IUPTIS
attack defeats previous works in terms of realistic obstacles such
as HTTP/2, caching and performance costs, thus making it feasible
to identify social media webpages with minimal resources.Thank you to Robin Marx for his extensive knowledge of the
HTTP/2 protocol. As well as Pieter Robyns for his valuable deep
learning experience, Balazs Nemeth and Tom Haber for their insightful feedback.
This research was funded in part by the Bijzonder Onderzoeksfonds
(BOF) of Hasselt Universit
Adaptive Web-Based VR Streaming of Multi-LoD 3D Scenes via Author-Provided Relevance Scores
No full textThe growing storage requirements of 3D virtual scenes, combined with the increased heterogeneity of consumption devices, trigger the need for novel, on-demand streaming techniques of textured meshes. This paper proposes a way to perform relevance-aware Adaptive Bit-Rate (ABR) scheduling using MPEG-DASH, tailored to VR consumption in the web browser. Scene authors can annotate the relative importance of scene assets to optimize scheduling decisions. Our approach outperforms the state-of-the-art (measured using the MS-SSIM metric) across different scene complexities and network configurations, and is found to be most beneficial when scene complexity is high and network conditions are relatively poor.IEEE; IEEE Comp Soc; Virbela; Tecnico Lisboa; Immers Learning Res Network; Qualcomm; Vicon; HitLabNZ AIGI; Microsoft; Appen; Facebook Real Labs Res; XR Bootcamp; NSF; Fakespace Lab
Vegvisir: A testing framework for HTTP/3 media streaming
No full textAssessing media streaming performance traditionally requires the presence of reproducible network conditions and a heterogeneous dataset of media materials. Setting up such experiments represents a complex challenge in itself. This challenge becomes even more complex when we consider the new QUIC transport protocol, which has many tunable features, yet is difficult to analyze due to its inherent encrypted nature. In this paper, we introduce Vegvisir, which aims to solve these aforementioned challenges by providing an open-source automated testing framework for orchestrating media streaming experiments over HTTP/3. We describe how users can steer the behavior of Vegvisir through its configuration system. We provide a high-level overview of its inner workings and its broad applicability by describing two use cases: one covering sizeable experiments spanning multiple days and another covering HAS evaluation scenarios.Joris Herbots (BOF19OWB07) and Mike Vandersanden (BOF22OWB17) are Ph.D. candidates at Hasselt University, supported by the Special Research Fund (BOF). Special thanks go to Olaf Van Bylen for his work on exploring front-ends for Vegvisir. The research leading to the results in Section 5.2 has received funding from the European Union’s Horizon Europe Programme under grant agreement 101070072, MAX-R (Mixed Augmented and eXtended Reality media pipeline)
HTTP/3's Extensible Prioritization Scheme in the Wild
No full textFor HTTP/2 and HTTP/3, multiple (Web page) resources are loaded by multiplexing them onto a single TCP or QUIC connection. A "prioritization system" is used to properly schedule the order in which the resources are sent. As HTTP/2's "prioritization tree" underperformed, a more straightforward setup called the Extensible Prioritization Scheme (EPS) was proposed for HTTP/3. This paper represents the first real-world measurement study into how this new scheme is supported and employed in practice by the three main browser engines and 12 different popular servers and cloud/CDN deployments. We find considerable heterogeneity in overall EPS (sub)feature support and even fundamental differences in approach/philosophy between the stacks. As incorrect prioritization can have a negative effect on (Web) performance metrics, our work not only provides essential insights for browser vendors and server deployments but also offers recommendations for future improvements
Cross that boundary: Investigating the feasibility of cross-layer information sharing for enhancing ABR decision logic over QUIC
No full textWith HTTP Adaptive Streaming (HAS), client-side Adaptive Bi-trate (ABR) algorithms drive the (quality-variant) scheduling and downloading of media segments. These ABR algorithms are implemented in the application layer and can therefore base their logic only on relatively coarse and/or inaccurate application-layer met-rics. The recently standardized QUIC transport protocol has many userspace implementations, which paves the way for cross-layer optimizations by exposing transport-layer metrics to application-layer algorithms. In this paper, we investigate whether the availability of fine-grained transport-level throughput metrics can positively impact the operation of ABR algorithms and hence the Quality of Experience (QoE) of HAS users in Video on Demand (VoD) settings. Our results show that QUIC-level throughput data can indeed aid ABR algorithms to more accurately predict playout buffer under-runs, which in turn allows the ABR logic to take reactive measures in a timely fashion such that playback stalls can be avoided under challenging network conditions. Overall, our work presents a step towards improving ABR operation via cross-layer data exchange
PHY-layer security is no alternative to cryptography
No full textIn recent works, numerous physical-layer security systems have been proposed as alternatives to classic cryptography. Such systems aim to use the intrinsic properties of radio signals and the wireless medium to provide con dentiality and authentication to wireless devices. However, fundamental vulnerabilities are o en discovered in these systems shortly a er their inception. We therefore challenge the assumptions made by existing physical-layer security systems, and postulate that weaker assumptions are needed in order to adapt for practical scenarios. We also argue that if no computational advantage over an adversary can be ensured, secure communication cannot be realistically achieved.This research was funded by a Ph.D. Grant of the Research Foundation Flanders (FWO)
Visualizing QUIC and HTTP/3 with qlog and qvis
No full textThe new QUIC and HTTP/3 protocols are complex to implement, debug and use. To tackle this challenge we have worked on both qlog, a structured endpoint logging format, and qvis, a suite of interactive visualizations. These projects have found widespread uptake in the QUIC community and have been used to identify various high-impact real-world bugs. As we are now extending qlog and qvis to other protocols and think they can be useful for teaching and research as well, we feel the time is right to bring our work to the wider SIGCOMM community. We do this by means of a demo of the qvis tools, showcasing bugs we found in complex areas such as congestion control, stream multiplexing and packetization
Same Standards, Different Decisions
No full textThe QUIC and HTTP/3 protocols are quickly maturing together with
their implementations, though many of their low-level behaviours
are not yet well-understood. To help improve this, we empirically
compare 15 IETF QUIC+HTTP/3 implementations for advanced
features like Flow and Congestion Control, 0-RTT, Multiplexing,
and Packetization. We find a large heterogeneity between stacks,
discuss uncovered bugs and conclude that most implementations
are not fully optimized or validated yet. We argue that future work
must prioritize rigorous root-cause analysis of observed behaviours,
and show this is possible by employing our qlog and qvis tools.Robin Marx is a SB PhD fellow at FWO, Research Foundation Flan-ders, #1S02717N. The authors would like to thank our shepherdVaibhav Bajpai for his guidance during the review process. We alsoappreciate the help of Maarten Wijnants, Jens Bruggemans, DmitriTikhonov, Lucas Pardue, Maxime Piraux and Song Zhu in reviewingearlier versions of this wor
Cross-layer metrics sharing for QUICker video streaming
No full textQUIC is marketed to hold many advantages over TCP. However, preliminary experimentation has shown that simply running contemporary HTTP Adaptive Streaming (HAS) implementations over QUIC does not improve but actually hurts streaming performance compared to a traditional TCP deployment. We argue that this behavior can be attributed to the amount of TCP specialization that HAS Adaptive BitRate (ABR) algorithms have received over the years. In contrast to TCP (which can be regarded as a "black box"), QUIC actually encompasses all the necessary tools to empower streaming performance optimization (e.g., definition of custom congestion control algorithms, access to transport-layer metrics in the application layer). This however comes at the expense of added complexity which in turn could lead to misinterpretations of the root causes of suboptimal streaming performance. To facilitate research on HTTP adaptive bitrate streaming over QUIC, in this paper we propose a solution towards jointly visualizing transport-and application-layer metrics to allow for a better understanding of HAS streaming performance over various types of transport protocols (i.e., TCP versus QUIC). We see the work presented in this paper as an important stepping stone towards cross-layer optimization of HAS ABR performance to achieve a better overall Quality of Experience (QoE) for streaming users
- …
