Guannan Hu
ABSTRACT
Increased demand for DNS privacy has driven the creation of several encrypted DNS protocols, such as DNS over HTTPS (DoH), DNS over TLS (DoT), and DNS over QUIC (DoQ). Recently, the DoT and DoH have been deployed by some vendors like Google and Cloudflare. However, it is pointed out that DoT/DoH still have privacy leakage problems. Our goal is aiming at comparing the level of privacy leakage in encrypted DNS. This preliminary work focuses on analyzing the DoQ traffic to determine whether the adversary can infer the category of websites users visit. We find that information leakage is still possible even in the DoQ traffic. Moreover, we identify that important features are mainly related to inter-arrival times of queries, and the accuracy score slightly decreases for more categories.
- 2020. https://www.similarweb.com. (2020).Google Scholar
- 2021. https://github.com/AdguardTeam/dnsproxy. (2021).Google Scholar
- P. Hoffman and P. McManus. 2018. DNS Queries over HTTPS (DoH). In RFC 8484, RFC Editor (Ed.).Google Scholar
- Rebekah Houser, Zhou Li, Chase Cotton, and Haining Wang. 2019. An Investigation on Information leakage of DNS over TLS. In CoNEXT '19. Orlando, Florida, USA, 123 -- 137. Google ScholarDigital Library
- Z. Hu, L. Zhu, J. Heidemann, A. Mankin, D. Wessels, and P. Hoffman. 2016. Specification for DNS over Transport Layer Security (TLS). In RFC 7858, RFC Editor (Ed.).Google Scholar
- C. Huitema. 2021. Specification of DNS over Dedicated QUIC Connections, IETF (Ed.).Google Scholar
- A. Panchenko, Fabian Lanze, Jan Pennekamp, T. Engel, Andreas Zinnen, Martin Henze, and K. Wehrle. 2016. Website Fingerprinting at Internet Scale. In NDSS'16. San Diego, CA, USA.Google Scholar
- Sandra Siby, Marc Juarez, Claudia Diaz, Narseo Vallina-Rodriguez, and Carmela Troncoso. 2020. Encrypted DNS → Privacy? A Traffic Analysis Perspective. In NDSS'20. San Diego, CA, USA.Google ScholarCross Ref
- Jean-Pierre Smith, Prateek Mittal, and Adrian Perrig. 2021. Website FIngerprinting in the age of QUIC. In Proceedings on Privacy Enhancing Technologies. 48 -- 69.Google ScholarCross Ref
- Pengwei Zhan, Liming Wang, and Yi Tang. 2021. Website Fingerprinting on Early QUIC Traffic. ArXiv abs/2101.11871 (2021).Google Scholar
Index Terms
- An analysis of privacy leakage in DoQ traffic
Recommendations
Privacy leakage analysis in online social networks
Online Social Networks (OSNs) have become one of the major platforms for social interactions, such as building up relationship, sharing personal experiences, and providing other services. The wide adoption of OSNs raises privacy concerns due to personal ...
Privacy Leakage in Access Mode: Revisiting Private RFID Authentication Protocols
ICPP '11: Proceedings of the 2011 International Conference on Parallel ProcessingExisting RFID Privacy-Preserving Authentication(PPA) solutions mainly focus on the design of crypto based interactive protocols between readers and tags. Although the cryptographic mechanisms enable randomization and enhance protocol-level privacy, the ...
Analysis of Privacy Disclosure in DNS Query
MUE '07: Proceedings of the 2007 International Conference on Multimedia and Ubiquitous EngineeringWhen a DNS (domain name system) client needs to look up a name, it queries DNS servers to resolve the name on the Internet. The query information from the client was passed through one or more DNS servers. While useful, in the whole query transmission, ...
Comments