BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.securityfest.com//academic-village-2026//speaker//UB
 P9GC
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-academic-village-2026-MXSELJ@cfp.securityfest.com
DTSTART;TZID=CET:20260527T131000
DTEND;TZID=CET:20260527T140000
DESCRIPTION:Despite the widespread adoption of HTTPS for enhanced web priva
 cy\, encrypted network traffic may still leave traces that can lead to pri
 vacy breaches. One such case concerns MPEG-DASH\, one of the most popular 
 protocols for video streaming\, where video identification attacks have ex
 ploited the protocol's side-channel vulnerabilities. As shown by several w
 orks in recent years\, the distinctive traffic patterns generated by DASH'
 s adaptive bitrate streaming reveal streamed content despite TLS-protectio
 n. However\, these earlier studies have not demonstrated that the vulnerab
 ility remains exploitable in large-scale attack scenarios\, even when maki
 ng strong assumptions about network details. To that end\, this work prese
 nts a protocol-agnostic system capable of identifying videos independent o
 f network layer information\, and demonstrates a practical attack over the
  largest dataset to date\, comprising over 240\,000 videos covering three 
 entire streaming services. Using a combination of k-d tree search and time
  series methods\, our system achieves an accuracy of over 99.5% in real-ti
 me video identification and remains effective even in scenarios involving 
 victims behind VPNs or where Wi-Fi eavesdropping occurs. Since large-scale
  video identification can compromise user privacy and enable potential mas
 s surveillance of video services\, we complement our work with an analysis
  of the vulnerability root cause when using adaptive bitrate streaming and
  propose a mitigation strategy to stand against such vulnerabilities. Reco
 gnizing the lack of open-source tooling in this domain\, we publish an ext
 ensive dataset of video fingerprints\, network capture data\, and tools to
  foster awareness and prompt timely solutions within the video streaming c
 ommunity to address these privacy concerns effectively.
DTSTAMP:20260627T234049Z
LOCATION:Taube Room
SUMMARY:Endangered Privacy: Large-Scale Monitoring of Video Streaming Servi
 ces - Romaric Duvignau
URL:https://cfp.securityfest.com/academic-village-2026/talk/MXSELJ/
END:VEVENT
END:VCALENDAR