Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming

Siyuan Tang; Eihal Alowaisheq; Xianghang Mi; Yi Chen; Xiao Feng Wang; Yanzhi Dou

doi:10.1109/DSN58291.2024.00041

Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming

Siyuan Tang, Eihal Alowaisheq, Xianghang Mi, Yi Chen, Xiao Feng Wang, Yanzhi Dou

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

Abstract

Peer-assisted delivery network (PDN) can significantly reduce the bandwidth cost incurred by traditional CDN services. However, it is unclear whether they have been deployed extensively and their security implications have never been investigated thoroughly. In this paper, we report the first effort to address this issue through an automatic pipeline to discover real-world PDN services and their customers, and a PDN analysis framework to test the potential security and privacy risks of these services. Our results have revealed the extensive adoption of PDN across the Internet, especially by Chinese video platforms. Most importantly, our analysis on these PDN services has brought to light a series of novel security vulnerabilities, i.e., free riding of PDN services, video segment pollution, and unreported privacy risks, i.e., resource squatting and extensive leakage of video viewers' IPs. We have responsibly disclosed these security risks to relevant PDN providers which in turn have well acknowledged our findings.

Original language	English
Title of host publication	Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024
Editors	Hyoungshick Kim, Shantanu Pal, Xingliang Yuan
Place of Publication	Piscataway NJ USA
Publisher	IEEE, Institute of Electrical and Electronics Engineers
Pages	324-337
Number of pages	14
ISBN (Electronic)	9798350341058
DOIs	https://doi.org/10.1109/DSN58291.2024.00041
Publication status	Published - 2024
Externally published	Yes
Event	Annual IEEE/IFIP International Conference on Dependable Systems and Networks 2024 - Brisbane, Australia Duration: 24 Jun 2024 → 27 Jun 2024 Conference number: 54th https://ieeexplore.ieee.org/xpl/conhome/10646626/proceeding (Proceedings) https://ieeexplore.ieee.org/xpl/conhome/10647056/proceeding (Proceedings - supplement) https://dsn2024uq.github.io/ (Website)

Conference

Conference	Annual IEEE/IFIP International Conference on Dependable Systems and Networks 2024
Abbreviated title	DSN 2024
Country/Territory	Australia
City	Brisbane
Period	24/06/24 → 27/06/24
Internet address	https://ieeexplore.ieee.org/xpl/conhome/10646626/proceeding (Proceedings) https://ieeexplore.ieee.org/xpl/conhome/10647056/proceeding (Proceedings - supplement) https://dsn2024uq.github.io/ (Website)

Keywords

content pollution
IP leak
P2P network
Peer-assisted delivery network
security analysis
WebRTC

Access to Document

10.1109/DSN58291.2024.00041

Cite this

Tang, S., Alowaisheq, E., Mi, X., Chen, Y., Wang, X. F., & Dou, Y. (2024). Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming. In H. Kim, S. Pal, & X. Yuan (Eds.), Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024 (pp. 324-337). IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/DSN58291.2024.00041

Tang, Siyuan ; Alowaisheq, Eihal ; Mi, Xianghang et al. / Stealthy Peers : Understanding Security and Privacy Risks of Peer-Assisted Video Streaming. Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. editor / Hyoungshick Kim ; Shantanu Pal ; Xingliang Yuan. Piscataway NJ USA : IEEE, Institute of Electrical and Electronics Engineers, 2024. pp. 324-337

@inproceedings{bd64d8db0f774b2d8c603f1908c6cccc,

title = "Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming",

abstract = "Peer-assisted delivery network (PDN) can significantly reduce the bandwidth cost incurred by traditional CDN services. However, it is unclear whether they have been deployed extensively and their security implications have never been investigated thoroughly. In this paper, we report the first effort to address this issue through an automatic pipeline to discover real-world PDN services and their customers, and a PDN analysis framework to test the potential security and privacy risks of these services. Our results have revealed the extensive adoption of PDN across the Internet, especially by Chinese video platforms. Most importantly, our analysis on these PDN services has brought to light a series of novel security vulnerabilities, i.e., free riding of PDN services, video segment pollution, and unreported privacy risks, i.e., resource squatting and extensive leakage of video viewers' IPs. We have responsibly disclosed these security risks to relevant PDN providers which in turn have well acknowledged our findings.",

keywords = "content pollution, IP leak, P2P network, Peer-assisted delivery network, security analysis, WebRTC",

author = "Siyuan Tang and Eihal Alowaisheq and Xianghang Mi and Yi Chen and Wang, \{Xiao Feng\} and Yanzhi Dou",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; Annual IEEE/IFIP International Conference on Dependable Systems and Networks 2024, DSN 2024 ; Conference date: 24-06-2024 Through 27-06-2024",

year = "2024",

doi = "10.1109/DSN58291.2024.00041",

language = "English",

pages = "324--337",

editor = "Hyoungshick Kim and Shantanu Pal and Xingliang Yuan",

booktitle = "Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

address = "United States of America",

url = "https://ieeexplore.ieee.org/xpl/conhome/10646626/proceeding, https://ieeexplore.ieee.org/xpl/conhome/10647056/proceeding, https://dsn2024uq.github.io/",

}

Tang, S, Alowaisheq, E, Mi, X, Chen, Y, Wang, XF & Dou, Y 2024, Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming. in H Kim, S Pal & X Yuan (eds), Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. IEEE, Institute of Electrical and Electronics Engineers, Piscataway NJ USA, pp. 324-337, Annual IEEE/IFIP International Conference on Dependable Systems and Networks 2024, Brisbane, Queensland, Australia, 24/06/24. https://doi.org/10.1109/DSN58291.2024.00041

Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming. / Tang, Siyuan; Alowaisheq, Eihal; Mi, Xianghang et al.
Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. ed. / Hyoungshick Kim; Shantanu Pal; Xingliang Yuan. Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers, 2024. p. 324-337.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Stealthy Peers

T2 - Annual IEEE/IFIP International Conference on Dependable Systems and Networks 2024

AU - Tang, Siyuan

AU - Alowaisheq, Eihal

AU - Mi, Xianghang

AU - Chen, Yi

AU - Wang, Xiao Feng

AU - Dou, Yanzhi

N1 - Conference code: 54th

PY - 2024

Y1 - 2024

N2 - Peer-assisted delivery network (PDN) can significantly reduce the bandwidth cost incurred by traditional CDN services. However, it is unclear whether they have been deployed extensively and their security implications have never been investigated thoroughly. In this paper, we report the first effort to address this issue through an automatic pipeline to discover real-world PDN services and their customers, and a PDN analysis framework to test the potential security and privacy risks of these services. Our results have revealed the extensive adoption of PDN across the Internet, especially by Chinese video platforms. Most importantly, our analysis on these PDN services has brought to light a series of novel security vulnerabilities, i.e., free riding of PDN services, video segment pollution, and unreported privacy risks, i.e., resource squatting and extensive leakage of video viewers' IPs. We have responsibly disclosed these security risks to relevant PDN providers which in turn have well acknowledged our findings.

AB - Peer-assisted delivery network (PDN) can significantly reduce the bandwidth cost incurred by traditional CDN services. However, it is unclear whether they have been deployed extensively and their security implications have never been investigated thoroughly. In this paper, we report the first effort to address this issue through an automatic pipeline to discover real-world PDN services and their customers, and a PDN analysis framework to test the potential security and privacy risks of these services. Our results have revealed the extensive adoption of PDN across the Internet, especially by Chinese video platforms. Most importantly, our analysis on these PDN services has brought to light a series of novel security vulnerabilities, i.e., free riding of PDN services, video segment pollution, and unreported privacy risks, i.e., resource squatting and extensive leakage of video viewers' IPs. We have responsibly disclosed these security risks to relevant PDN providers which in turn have well acknowledged our findings.

KW - content pollution

KW - IP leak

KW - P2P network

KW - Peer-assisted delivery network

KW - security analysis

KW - WebRTC

UR - https://www.scopus.com/pages/publications/85203836974

U2 - 10.1109/DSN58291.2024.00041

DO - 10.1109/DSN58291.2024.00041

M3 - Conference Paper

AN - SCOPUS:85203836974

SP - 324

EP - 337

BT - Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024

A2 - Kim, Hyoungshick

A2 - Pal, Shantanu

A2 - Yuan, Xingliang

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - Piscataway NJ USA

Y2 - 24 June 2024 through 27 June 2024

ER -

Tang S, Alowaisheq E, Mi X, Chen Y, Wang XF, Dou Y. Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming. In Kim H, Pal S, Yuan X, editors, Proceedings - 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2024. Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers. 2024. p. 324-337 doi: 10.1109/DSN58291.2024.00041

Stealthy Peers: Understanding Security and Privacy Risks of Peer-Assisted Video Streaming

Abstract

Conference

Keywords

Access to Document

Other files and links

Cite this