Article

Steal this movie - automatically bypassing DRM protection in streaming media services

Authors:

Yan Shoshitaishvili,

Christopher Kruegel,

Giovanni VignaAuthors Info & Claims

SEC'13: Proceedings of the 22nd USENIX conference on Security

Pages 687 - 702

Published: 14 August 2013 Publication History

Abstract

Streaming movies online is quickly becoming the way in which users access video entertainment. This has been powered by the ubiquitous presence of the Internet and the availability of a number of hardware platforms that make access to movies convenient. Often, video-on-demand services use a digital rights management system to prevent the user from duplicating videos because much of the economic model of video stream services relies on the fact that the videos cannot easily be saved to permanent storage and (illegally) shared with other customers. In this paper, we introduce a general memory-based approach that circumvents the protections deployed by popular video-on-demand providers. We apply our approach to four different examples of streaming services: Amazon Instant Video, Hulu, Spotify, and Netflix and we demonstrate that, by using our technique, it is possible to break DRM protection in a semi-automated way.

References

[1]

RC4, 1994. http://web.archive.org/web/20080404222417/ http://cypherpunks.venona.com/date/1994/09/ msg00304.html.

[2]

RTMP, 2009. http://wwwimages.adobe.com/www.adobe. com/content/dam/Adobe/en/devnet/rtmp/pdf/rtmp_ specification_1.0.pdf.

[3]

Adobe RTMPE, 2012. http://lkcl.net/rtmp/RTMPE.txt.

[4]

Audials software, 2012. http://audials.com/en/how_to_ record_stream_capture_music_videos_movies_from/ netflix.html.

[5]

The despotify project, 2012. http://despotify.se/.

[6]

E-city nabs pirates using thomson watermarking tech, 2012. http://businessofcinema.com/bollywood-news/ecity-nabs\%2Dpirates-using-thomson\%2Dwatermarking\%2Dtech/27167.

[7]

Esperanza project, 2012. http://code.google.com/p/ esperanza.

[8]

Freakonomics - How Much Do Music And Movie Piracy Really Hurt the U.S. Economy?, 2012. http://www.freakonomics.com/2012/01/12/how-much\%2Ddo-music\%2Dand-movie\%2Dpiracy\%2Dreally-hurt\%2Dthe-u-s\%2Deconomy/.

[9]

High-bandwidth Digital Content Protection System - Interface Independent Adaptation - 2.2, 2012. http://www.digital-cp.com/files/static_page_files/6FEA6756-1A4B\%2DB294\%2DD0494084C37A637F/HDCP\%20Interface\%20Independent\%20Adaptation\%20Specification\%20Rev2_2_FINAL.pdf.

[10]

Microsoft PlayReady DRM, 2012. http://msdn.microsoft.com/ en-us/library/cc838192(VS.95).aspx.

[11]

Microsoft protected media path, 2012. http://scholar.google. com/scholar?hl=en&q=protected+media+path&btnG= &as_sdt=1%2C5&as_sdtp=.

[12]

Nation of unrepentant pirates costs $900m, 2012. http://www.smh.com.au/technology/technology-news/nation-of\%2Dunrepentant-pirates-costs\%2D900m-20110305\%2D1bix5.html.

[13]

Porn studio awarded 1.5 million from man who shared 10 movies, 2012. http://www.slate.com/blogs/trending/2012/11/ 02/kywan_fisher_flava_works_wins_1_5_million_in_ biggest_ever_torrent_judgement.html.

[14]

SOPA: How much does online piracy really cost the economy?, 2012. http://www.washingtonpost.com/blogs/ezra-klein/post/how-much\%2Ddoes-online-piracy\%2Dreally-cost-the\%2Deconomy/2012/01/05/gIQAXknNdP_blog.html.

[15]

Spotify DRM, 2012. http://www.defectivebydesign.org/spotify.

[16]

F. Bellard. QEMU, a fast and portable dynamic translator. USENIX, 2005.

[17]

J. Bloom and C. Polyzois. Watermarking to track motion picture theft. In Signals, Systems and Computers, 2004. Conference Record of the Thirty-Eighth Asilomar Conference on, volume 1, pages 363-367. IEEE, 2004.

[18]

L. Boney, A. Tewfik, and K. Hamdy. Digital watermarks for audio signals. In Multimedia Computing and Systems, 1996., Proceedings of the Third IEEE International Conference on, pages 473-480. IEEE, 1996.

[19]

J. Caballero, N. M. Johnson, S. McCamant, and D. Song. Binary code extraction and interface identification for security applications. Technical report, DTIC Document, 2009.

[20]

J. Caballero, P. Poosankam, C. Kreibich, and D. Song. Dispatcher: Enabling active botnet infiltration using automatic protocol reverse-engineering. In Proceedings of the 16th ACM conference on Computer and communications security, pages 621-634. ACM, 2009.

[21]

J. Caballero, P. Poosankam, S. McCamant, D. Song, et al. Input generation via decomposition and re-stitching: Finding bugs in malware. In Proceedings of the 17th ACM conference on Computer and communications security, pages 413-425. ACM, 2010.

[22]

J. Calvet, J. M. Fernandez, and J.-Y. Marion. Aligot: Cryptographic function identification in obfuscated binary programs. 2012.

[23]

R. Caso. Digital Rights Management: Il commercio delle informazioni digitali tra contratto e diritto d'autore. CEDAM, 2006.

[24]

S. Chow, P. Eisen, H. Johnson, and P. C. Van Oorschot. A white-box des implementation for drm applications. In Digital Rights Management, pages 1-15. Springer, 2003.

[25]

U. S. Congress. Digital Millennium Copyright Act, October 1998.

[26]

I. Cox and J. Linnartz. Some general methods for tampering with watermarks. Selected Areas in Communications, IEEE Journal on, 16(4):587-593, 1998.

[27]

G. Danby. Key issues for the new parliament 2010 - copyright and piracy, 2010. http://www.parliament.uk/documents/commons/ lib/research/key_issues/Key%20Issues%20Copyright% 20and%20piracy.pdf.

[28]

E. Diehl and T. Furon. © watermark: Closing the analog hole. In Consumer Electronics, 2003. ICCE. 2003 IEEE International Conference on, pages 52-53. IEEE, 2003.

[29]

W. Diffie and M. Hellman. New directions in cryptography. Information Theory, IEEE Transactions on, 22(6):644-654, 1976.

[30]

Engadget. HDCP 'master key' supposedly released, unlocks HDTV copy protection permanently, 2010. http://www.engadget.com/2010/09/14/hdcp-master\%2Dkey-supposedly\%2Dreleased-unlocks\%2Dhdtv-copy\%2Dprotect/.

[31]

O. Goldreich. Foundations of Cryptography: Volume 2, Basic Applications, volume 2. Cambridge university press, 2004.

[32]

F. Gröbert, C. Willems, and T. Holz. Automated identification of cryptographic primitives in binary programs. In Recent Advances in Intrusion Detection, pages 41-60. Springer, 2011.

[33]

D. Knuth. The art of computer programming. addison-Wesley, 2006.

[34]

C. Kolbitsch, T. Holz, C. Kruegel, and E. Kirda. Inspector gadget: Automated extraction of proprietary gadgets from malware binaries. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 29-44. IEEE, 2010.

[35]

G. Langelaar, R. Lagendijk, and J. Biemond. Removing spatial spread spectrum watermarks. In Proceedings of the European Signal Processing Conference (EUSIPCO98), Rodes, Greece, 1998.

[36]

P. L'Ecuyer. Testing random number generators. In Winter Simulation Conference: Proceedings of the 24th conference on Winter simulation, volume 13, pages 305-313, 1992.

[37]

Z. Lin, X. Zhang, and D. Xu. Automatic reverse engineering of data structures from binary execution. 2010.

[38]

C. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. Reddi, and K. Hazelwood. Pin: building customized program analysis tools with dynamic instrumentation. In ACM SIGPLAN Notices, volume 40, pages 190-200. ACM, 2005.

[39]

N. Lutz. Towards revealing attackers intent by automatically decrypting network traffic. Master's thesis, ETH Zuerich, 2008.

[40]

T. Moseley, D. Grunwald, D. Connors, R. Ramanujam, V. Tovinkere, and R. Peri. LoopProf: Dynamic techniques for loop detection and profiling. In Proceedings of the 2006 Workshop on Binary Instrumentation and Applications (WBIA), 2006.

[41]

M. Peitz and P. Waelbroeck. Piracy of digital products: A critical review of the economics literature. 2003.

[42]

C. Shannon. Communication theory of secrecy systems. Bell system technical journal, 28(4):656-715, 1949.

[43]

A. Slowinska, T. Stancescu, and H. Bos. Howard: a dynamic excavator for reverse engineering data structures. In Proceedings of NDSS, 2011.

[44]

F. A. Stevenson. Cryptanalysis of contents scrambling system, 2000. http://web.archive.org/web/20000302000206/ www.dvd-copy.com/news/cryptanalysis_of_contents_ scrambling_system.htm.

[45]

S. Thakkur and T. Huff. Internet streaming SIMD extensions. Computer, 32(12):26-34, 1999.

[46]

Z. Wang, X. Jiang, W. Cui, X. Wang, and M. Grace. Reformat: Automatic reverse engineering of encrypted messages. Computer Security-ESORICS 2009, pages 200-215, 2009.

[47]

Wikipedia. Analog Hole -Wikipedia, the free encyclopedia, 2012. [Online; accessed 09-Nov-2012].

[48]

Wikipedia. DeCSS - Wikipedia, the free encyclopedia, 2012. [Online; accessed 09-Nov-2012].

[49]

Wikipedia. Software protection dongle - Wikipedia, the free encyclopedia, 2012. [Online; accessed 09-Nov-2012].

[50]

Y. Zhu, J. Jung, D. Song, T. Kohno, and D.Wetherall. Privacy scope: A precise information flow tracking system for finding application leaks. Technical report, Tech. Rep. EECS-2009-145, Department of Computer Science, UC Berkeley, 2009.

Cited By

Viglianisi GCarminati MPolino MContinella AZanero SMcDonald JBardin SStakhanova N(2018)SysTaintProceedings of the 8th Software Security, Protection, and Reverse Engineering Workshop10.1145/3289239.3289245(1-12)Online publication date: 3-Dec-2018
https://dl.acm.org/doi/10.1145/3289239.3289245
Chau SWang BWang JChowdhury OKate ALi N(2018)Why Johnny Can't Make Money With His ContentsProceedings of the 34th Annual Computer Security Applications Conference10.1145/3274694.3274752(236-251)Online publication date: 3-Dec-2018
https://dl.acm.org/doi/10.1145/3274694.3274752
Li JLin ZCaballero JZhang YGu DLie DMannan MBackes MWang X(2018)K-HuntProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243783(412-425)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243783
Show More Cited By

Steal this movie - automatically bypassing DRM protection in streaming media services
1. Security and privacy

Recommendations

DRM architecture for mobile VOD services
MRCS'06: Proceedings of the 2006 international conference on Multimedia Content Representation, Classification and Security

This study proposes DRM architecture for VOD streaming services in a mobile environment. The proposed system architecture consists of DRM Client Manager, in which core components for client services are independently constructed to be used in a mobile ...
Fairer usage contracts for DRM
DRM '05: Proceedings of the 5th ACM workshop on Digital rights management

DRM has been widely promoted as a means to enforce copyright. In many previous papers, it has been argued that DRM gives too much power to rights holders and actually goes beyond the restrictions provided by copyright laws. In this paper we argue that ...
Law Infringements in Social Live Streaming Services
Human Aspects of Information Security, Privacy and Trust
Abstract
Over the past few years, the popularity of Social Live Streaming Services (SLSSs) like Periscope, Ustream, or YouNow, has been on the rise. The services offer their users the opportunity to interact with the viewers in real time while broadcasting ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

SEC'13: Proceedings of the 22nd USENIX conference on Security

August 2013

702 pages

ISBN:9781931971034

Program Chair:
Sam King
University of Illinois and Adrenaline Mobility

Sponsors

Akamai: Akamai
Google Inc.
IBMR: IBM Research
NSF
Microsoft Reasearch: Microsoft Reasearch

Publisher

USENIX Association

United States

Publication History

Published: 14 August 2013

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Viglianisi GCarminati MPolino MContinella AZanero SMcDonald JBardin SStakhanova N(2018)SysTaintProceedings of the 8th Software Security, Protection, and Reverse Engineering Workshop10.1145/3289239.3289245(1-12)Online publication date: 3-Dec-2018
https://dl.acm.org/doi/10.1145/3289239.3289245
Chau SWang BWang JChowdhury OKate ALi N(2018)Why Johnny Can't Make Money With His ContentsProceedings of the 34th Annual Computer Security Applications Conference10.1145/3274694.3274752(236-251)Online publication date: 3-Dec-2018
https://dl.acm.org/doi/10.1145/3274694.3274752
Li JLin ZCaballero JZhang YGu DLie DMannan MBackes MWang X(2018)K-HuntProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243783(412-425)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243783
Mehri VIlie DTutschku K(2018)Privacy and DRM Requirements for Collaborative Development of AI ApplicationsProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3233268(1-8)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3233268
Salls CShoshitaishvili YStephens NKruegel CVigna G(2017)PistonProceedings of the 33rd Annual Computer Security Applications Conference10.1145/3134600.3134611(141-153)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3134600.3134611
Feng XYe MSwaminathan VWei SWu WYang JTian QZimmermann R(2017)Towards the Security of Motion Detection-based Video Surveillance on IoT DevicesProceedings of the on Thematic Workshops of ACM Multimedia 201710.1145/3126686.3126713(228-235)Online publication date: 23-Oct-2017
https://dl.acm.org/doi/10.1145/3126686.3126713
Choi JAiken WRyoo JKim H(2016)Bypassing the Integrity Checking of Rights Objects in OMA DRMProceedings of the 10th International Conference on Ubiquitous Information Management and Communication10.1145/2857546.2857609(1-5)Online publication date: 4-Jan-2016
https://dl.acm.org/doi/10.1145/2857546.2857609
Dolan-Gavitt BHodosh JHulin PLeek TWhelan RMcDonald JPreda MStakhanova N(2015)Repeatable Reverse Engineering with PANDAProceedings of the 5th Program Protection and Reverse Engineering Workshop10.1145/2843859.2843867(1-11)Online publication date: 8-Dec-2015
https://dl.acm.org/doi/10.1145/2843859.2843867
Lestringant PGuihéry FFouque PBao FMiller SZhou JAhn G(2015)Automated Identification of Cryptographic Primitives in Binary Code with Data Flow Graph IsomorphismProceedings of the 10th ACM Symposium on Information, Computer and Communications Security10.1145/2714576.2714639(203-214)Online publication date: 14-Apr-2015
https://dl.acm.org/doi/10.1145/2714576.2714639
Weiβer DDahse JHolz T(2015)Security Analysis of PHP Bytecode Protection MechanismsProceedings of the 18th International Symposium on Research in Attacks, Intrusions, and Defenses - Volume 940410.1007/978-3-319-26362-5_23(493-514)Online publication date: 2-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-26362-5_23

View Options

View options

Media

Figures

Other

Tables

View Table of Contents