Endangered Privacy: Large-Scale Monitoring of Video Streaming Services
Martin Björklund
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Privacy 3: Attacks
In a revealing presentation at USENIX Security, Martin Björklund unveiled groundbreaking research demonstrating that a sophisticated man-in-the-middle (MitM) eavesdropper can precisely identify the specific video content a user is watching on major streaming services, even though the stream itself is encrypted. Titled "Endangered Privacy: Large-Scale Monitoring of Video Streaming Services," the talk showcased how inherent properties of modern video streaming protocols, specifically **Adaptive Bit Rate (ABR) streaming** and **Variable Bit Rate (VBR) encoding**, create unique "fingerprints" from network traffic that can be exploited for large-scale surveillance.
AI review
Solid, well-executed network privacy research that moves the video fingerprinting conversation from 'theoretically possible' to 'practically deployed at scale.' The 240k-video dataset, manifest-scraping efficiency trick, and KD-tree architecture are the real contributions here — this isn't a rehash, it's a meaningful engineering advancement over prior work. Doesn't quite hit five stars because the core attack concept (ABR fingerprinting via segment sizes) has prior art, and the defensive section is thin on actionable specifics.