视频流量逐渐在网络中占据主导地位,且视频平台大多对其进行加密传输.虽然加密传输视频可以有效保护用户隐私,但是也增加了监管有害视频传播的难度.现有的加密视频识别方法基于TCP(Transmission Control Protocol)传输协议头部信息和HTTP/1.1(Hypertext Transfer Protocol Version 1.1)的传输模式,提取应用层音视频数据单元传输长度序列来实现视频识别.但是随着基于UDP(User Datagram Protocol)的QUIC(Quick UDP Internet Connections)协议及基于 QUIC 实现的 HTTP/3(Hypertext Transfer Protocol Version 3)协议应用于视频传输,已有方法不再适用.HTTP/3协议缺少类似TCP的头部信息,且使用了多路复用机制,并对几乎所有数据进行了加密,此外,视频平台开始使用多片段合并分发技术,这给从网络流量中精准识别加密视频带来了巨大挑战.本文基于HTTP/3协议中的控制信息特征,提出了从HTTP/3加密视频流中提取数据传输特征并进行修正的方法,最大程度复原出应用层音视频长度特征.面向多片段合并分发导致的海量匹配问题,本文基于明文指纹库设计了键值数据库来实现视频的快速识别.实验结果表明,本文提出的基于HTTP/3传输特性的加密视频识别方法能够在包含36万个真实视频指纹的YouTube大规模指纹库中达到接近99%的准确率、100%的精确率以及99.32%的F1得分,对传输过程中加入了填充帧的Facebook平台,在包含28万个真实视频指纹的大规模指纹库中达到95%的准确率、100%的精确率以及96.45%的F1得分,在具有同样特性的Instagram平台中,最高可达到97.57%的F1得分,且本方法在所有指纹库中的平均视频识别时间均低于0.4秒.本文的方法首次解决了使用HTTP/3传输的加密视频在大规模指纹库场景中的识别问题,具有很强的实用性和通用性.
An Encrypted Video Recognition Method Based on the Transmission Characteristics of HTTP/3
The proliferation of encrypted video streaming has significantly impacted internet traffic,with most platforms opting for encryption to safeguard user privacy.However,this approach also poses substantial challenges to content monitoring and the regulation of potentially harmful broadcasts.Traditional techniques for the identification of encrypted video streams typically utilize TCP(Transmission Control Protocol)header information and the transmission mode of HTTP/1.1(Hypertext Transfer Protocol Version 1.1),extracting sequences of application-layer audio and video data unit lengths to recognize video content.However,the evolution of Internet protocols,notably with the adoption of the UDP(User Datagram Protocol)-based QUIC(Quick UDP Internet Connections)protocol and its subsequent implementation in HTTP/3(Hypertext Transfer Protocol Version 3),has made these traditional methods inadequate.HTTP/3 significantly differs from its predecessors by lacking similar header information as TCP,using multiplexing to handle multiple data streams simultaneously,and encrypting nearly all transmitted data.These changes,along with the adoption of segmented and merged distribution strategies by video platforms,complicate the accurate identification of encrypted video content from network traffic.The necessity for new methods to tackle these challenges led to the development of the approach detailed in this paper,which capitalizes on specific control information characteristics within the HTTP/3 protocol.Our method focuses on extracting and refining data transmission features from HTTP/3 encrypted video streams,enabling the reconstruction of application-layer audio and video length characteristics.This reconstruction is crucial for identifying video content accurately.To handle the challenges posed by segmented merging distribution,we developed a key-value database that utilizes a plaintext fingerprint library.This database design facilitates rapid video identification by quickly matching incoming encrypted video data against stored fingerprints.Experimental validation of our method was conducted using a comprehensive dataset comprising 362,502 real video fingerprints from YouTube.The results show that our method achieves nearly 99%accuracy,100%precision,and 99.32%F1 score.These metrics attest to the robustness and reliability of our technique.Further experiments on Facebook,where padding frames are commonly introduced during transmission,demonstrated commendable performance within a large-scale fingerprint database containing 283,895 real video fingerprints.Specifically,our method achieved a notable accuracy of 95%,a precision of 100%,and an F1 score of 96.45%.On the Instagram platform,which shares the same features as Facebook,our method can achieve a maximum F1 score of 97.57%.One of the standout features of our approach is its efficiency,with the average video identification time across all fingerprint databases being less than 0.4 seconds.This speed is vital for applications that require real-time decision-making,such as automated content moderation systems.In conclusion,this paper presents a pioneering method for the identification of encrypted videos transmitted via HTTP/3,filling the existing gap in encrypted video content recognition.The approach not only enhances the ability to monitor and regulate encrypted video content but also respects user privacy.This balance is critical in today's digital age,where privacy concerns are paramount.Our method can simultaneously address issues related to internet pollution regulation and citizen privacy protection without altering existing network architectures,thereby possessing significant practical value.
Hypertext Transfer Protocol Version 3Quick UDP Internet connectionsdynamic adaptive streaming over HTTPvideo recognitionencrypted traffic
NETL
NSTL
万方数据
