Recognition of specific communication protocols over encrypted communications

  1. Context Internet Protocol Television (IPTV) is the delivery of television content over Internet Protocol (IP) networks, in contrast to traditional television. Unlike downloaded media, IPTV enables the constant broadcast of the source media. Pirates are able to hijack these broadcasts or generate them themselves in order to create an illegal parallel market.
  2. Problematic Nowadays, it is possible to detect the use of these pirate broadcasting services, however it is only possible when the traffic is not encrypted. Only 20% of these illegal activities are encrypted by pirates, but this figure is rising, which requires those defending intellectual property to update their techniques.
  3. Objectives The first objective was to determine if it was possible to detect the use of these pirate services, despite the encryption of the traffic. If such a thing was possible, the second objective was to provide a protocol dissector for the analysis tool used by the client company in order to prove the feasibility of the proposed method.
  4. Methodology First, it was necessary to understand the context of IPTV piracy in which this work was carried out, and then to study the different existing methods and select those that would be the most suitable. In order to have a reference target, a pirate service was obtained and analyzed to be used as a guinea pig.
  5. Results A method based on the analysis and pattern matching of a TLS handshake allowed to detect an illegal replay service despite HTTPS encryption. The other methods discussed in this work were less adapted to the specific service that was the reference target but will allow to address other services that offer different types of connection to a server.
  6. Perspectives and recommendations This technique will allow in the future to detect in real time every connection to a server offering illegal rebroadcasting services. Its customization allows this method to be easily adapted to each new service offering their client an HTTPS connection.

Etudiant: Nicolas Viotti

Année: 2022

Département: TIC

Filière: Informatique et systèmes de communication (anciennement Télécommunications) avec orientation en Sécurité de l'information

Type de formation: Plein temps

Enseignant responsable: Sylvain Pasini

Institut: IICT

Ce travail est confidentiel

Navigation

Retour à la recherche