INFORMATION TECHNOLOGY OF SECURE ACCESS TO DNS RESOURCES BASED ON ML-TRAINED TRAFFIC IDENTIFICATION MODELS

Authors

DOI:

https://doi.org/10.30888/2663-5712.2023-21-01-015

Keywords:

Traffic classifier, Domain Name System, DNS over HTTPS, ADT, Top Level Domain, RF.

Abstract

Domain Name System has a great role in accessing Internet resources, providing granularity, hierarchy and consistency.This protocol is an integral part of the information space, which cannot be replaced, but due to its peculiarity, which was developed ba

Metrics

Metrics Loading ...

References

Qasem Abu Al-Haija, Manar Alohaly,Ammar Odeh, “A Lightweight Double-Stage Scheme to Identify Malicious DNS over HTTPS Traffic Using a Hybrid Learning Approach”.

Hynek, K.; Vekshin, D.; Luxemburk J.; Cejka, T.; Wasicek, A.; “Summary of DNS over HTTPS Abuse”.

Jose, G.-L.; Mary, K.S.; Carol, A.W. Internet Protocol Handbook. In The Domain Name System (DNS) Handbook; DTIC: Fort Belvoir, VA, USA, 1989; Volume 4.

Paul, M. Domain Names–Implementation and Specification; Internet Engineering Task Force; ISI: Marina del Rey, CA, USA, 1987.

Usman Aijaz, N.; Misbahuddin, M.; Raziuddin, S. Survey on DNS-Specific Security Issues and Solution Approaches. In Data Science and Security; Jat, D.S., Shukla, S., Unal, A., Mishra, D.K., Eds.; Lecture Notes in Networks and Systems; Springer: Singapore, 2021; Volume 132, pp. 79–89, ISBN 9789811553080.

Romain, F. DNS Security for Business Continuity and Resilience; IDC: Needham, MA, USA, 2022.

Hu, Z.; Zhu, L.; Heidemann, J.; Mankin, A.;Wessels, D.; Hoffman, P.E. Specification for DNS over Transport Layer Security (TLS); Internet Engineering Task Force: Fremont, CA, USA, 2016.

Hoffman, P.E.; McManus, P. DNS Queries over HTTPS (DoH); Internet Engineering Task Force: Fremont, CA, USA, 2018.

Albulayhi, K.; Smadi, A.A.; Sheldon, F.T.; Abercrombie, R.K. IoT Intrusion Detection Taxonomy, Reference Architecture, and Analyses. Sensors 2021, 21, 6432. [CrossRef] [PubMed]

P. E. Hoffman and P. McManus, “DNS Queries over HTTPS (DoH),” RFC 8484, Tech. Rep. 8484, Oct. 2018.

P. Mockapetris, “Domain names –implementation and specification,”RFC 1035 (Internet Standard), RFC Editor, pp. 1–55. [Online]. Available: https://www:rfc-editor:org/rfc/rfc1035:txt

E. Brumaghin and C. Grady, “Covert channels and poor decisions: The tale of dnsmessenger,” Mar 2017. [Online]. Available: https: /blog:talosintelligence:com/2017/03/dnsmessenger:html

C. Cimpanu, “Here’s how to enable DoH in each browser, ISPs be damned,” Dec 2020, https://www.zdnet.com/article/dns-over-https-willeventually-roll-out-in-all-major-browsers-despite-isp-opposition/.

S. García, K. Hynek, D. Vekshin, T. Cejka, and A. Wasicek, “Large scale measurement on the adoption of encrypted DNS,” CoRR, vol. abs/2107.04436, 2021. [Online]. Available: https://arxiv:org/abs/2107:04436

K. Hynek and T. Cejka, “Privacy Illusion: Beware of Unpadded DoH,” in 2020 11th IEEE Information Technology, Electronic and Mobile Communication conference (IEMCON), 2020.

K. Borgolte, T. Chattopadhyay, N. Feamster, M. Kshirsagar, J. Holland, A. Hounsel, and P. Schmitt, “How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem,” Performance, and Policy in the Internet Ecosystem (July 27, 2019), 2019.

I. N. Bozkurt, A. Aguirre, B. Chandrasekaran, P. B. Godfrey, G. Laughlin, B. Maggs, and A. Singla, “Why is the internet so slow?!” in Passive and Active Measurement, M. A. Kaafar, S. Uhlig, and J. Amann, Eds. Cham: Springer International Publishing, 2017, pp. 173–187.

P. McManus, Aug 2018. [Online]. Available: https://blog:nightly:mozilla:org/2018/08/28/firefox-nightly-securedns-experimental-results/

T. Böttger, F. Cuadrado, G. Antichi, E. L. a. Fernandes, G. Tyson, I. Castro,and S. Uhlig, “An Empirical Study of the Cost of DNS-over-HTTPS,”in Proceedings of the Internet Measurement Conference, ser. IMC ’19. New York, NY, USA: Association for Computing Machinery, 2019, p.15–21. [Online]. Available: https://doi:org/10:1145/3355369:3355575

A. Hounsel, P. Schmitt, K. Borgolte, and N. Feamster, “Can EncryptedDNS Be Fast?” in Passive and Active Measurement, O. Hohlfeld, A. Lutu, and D. Levin, Eds. Cham: Springer International Publishing, 2021, pp. 444–459.

K. Jerabek, O. Rysavy, and I. Burgetova, “Measurement and characterization of DNS over HTTPS traffic,” 2022. [Online]. Available: https://arxiv:org/abs/2204:03975

R. Chhabra, P. Murley, D. Kumar, M. Bailey, and G. Wang, “Measuring DNS-over-HTTPS Performance around the World,” in Proceedings of the 21st ACM Internet Measurement Conference, ser. IMC ’21. New York, NY, USA: Association for Computing Machinery, 2021, p. 351–365. [Online]. Available: https://doi:org/10:1145/3487552:3487849

A. Hounsel, K. Borgolte, P. Schmitt, J. Holland, and N. Feamster, Comparing the Effects of DNS, DoT, and DoH on Web Performance. New York, NY, USA: Association for Computing Machinery, 2020, p. 562–572. [Online]. Available: https://doi:org/10:1145/3366423:3380139

E. S. Mbewe and J. Chavula, “On QoE Impact of DoH and DoT in Africa: Why a User’s DNS Choice Matters,” in Towards new e-Infrastructure and e-Services for Developing Countries, R. Zitouni, A. Phokeer, J. Chavula, A. Elmokashfi, A. Gueye, and N. Benamar, Eds. Cham: Springer International Publishing, 2021, pp. 289–304.

T. Jensen, “Windows Insiders can now test DNS over HTTPS,” May 2020. [Online]. Available: https://techcommunity:microsoft:com/t5/ networkingblog/windows-insiders-can-now-test-dns-over-https/ba-p/1381282

Vekshin, D.; Hynek, K.; Cejka, T. Doh insight: Detecting dns over https by machine learning. In Proceedings of the 15th International Conference on Availability, Reliability and Security, Virtual Event, 25–28 August 2020; pp. 1–8.

Rawat, R.; Shedbalkar, K.; Moharir, M.; Deepamala, N.; Kumar, P.R.; Tanmayananda, M. Analysis and detection of malicious activity on doh traffic. In Proceedings of the 2021 2nd Global Conference for Advancement in Technology (GCAT), Bangalore, India, 1–3 October 2021; pp. 1–5.

Parra, G.D.L.T.; Rad, P.; Choo, K.-K.R. Implementation of deep packet inspection in smart grids and industrial Internet of Things: Challenges and opportunities. J. Netw. Comput. Appl. 2019, 135, 32–46. [CrossRef]

Naz, N.; Khan, M.A.; Alsuhibany, S.A.; Diyan, M.; Tan, Z.; Khan, M.A.; Ahmad, J. Ensemble learning-based IDS for sensors telemetry data in IoT networks. Math. Biosci. Eng. 2022, 19, 10550–10580. [CrossRef]

Fisher,W.W.; Piazza, C.C.; Roane, H.S. Handbook of Applied Behavior Analysis; Guilford Publications: New York, NY, USA, 2021.

Behnke, M.; Briner, N.; Cullen, D.; Schwerdtfeger, K.; Warren, J.; Basnet, R.; Doleck, T. Feature Engineering and Machine Learning Model Comparison for Malicious Activity Detection in the DNS-Over-HTTPS Protocol. IEEE Access 2021, 9, 129902–129916. [CrossRef]

DNS Over HTTPS Traffic Analysis and Detection. Carlos López Romera, Carlos Hernández Gañán,Víctor García Font 2nd June, 2020.

Downloads

Published

2023-09-30

How to Cite

Коробейнікова, Т., & Федчук, Т. (2023). INFORMATION TECHNOLOGY OF SECURE ACCESS TO DNS RESOURCES BASED ON ML-TRAINED TRAFFIC IDENTIFICATION MODELS. SWorldJournal, 1(21-01), 80–91. https://doi.org/10.30888/2663-5712.2023-21-01-015

Issue

No. 21-01 (2023)

Section

Articles

License

Copyright (c) 2023 Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Most read articles by the same author(s)