All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Comparative Analysis of DNS over HTTPS Detectors

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F24%3APU151372" target="_blank" >RIV/00216305:26230/24:PU151372 - isvavai.cz</a>

  • Alternative codes found

    RIV/63839172:_____/24:10133680

  • Result on the web

    <a href="https://doi.org/10.1016/j.comnet.2024.110452" target="_blank" >https://doi.org/10.1016/j.comnet.2024.110452</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1016/j.comnet.2024.110452" target="_blank" >10.1016/j.comnet.2024.110452</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Comparative Analysis of DNS over HTTPS Detectors

  • Original language description

    DNS over HTTPS (DoH) is a protocol that encrypts DNS traffic to improve user privacy and security. However, its use also poses challenges for network operators and security analysts who need to detect and monitor network traffic for security purposes. Therefore, there are multiple DoH detection proposals that leverage machine learning to identify DoH connections; however, these proposals were often tested on different datasets, and their evaluation methodologies were not consistent enough to allow direct performance comparison. We recreated seven DoH detection proposals and evaluated them using six different experiments to answer research questions that targeted specific deployment scenarios concerning ML-model transferability, usability, and longevity. For thorough testing, we used a large Collection of DoH datasets along with a novel 5-week dataset that enabled the evaluation of data drift. Our study provides insights into the current state of DoH detection techniques and can help network operators and security analysts choose the most suitable method for their specific needs.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/VJ02010024" target="_blank" >VJ02010024: Flow-based Encrypted Traffic Analysis</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2024

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    Computer Networks

  • ISSN

    1389-1286

  • e-ISSN

    1872-7069

  • Volume of the periodical

    2024

  • Issue of the periodical within the volume

    247

  • Country of publishing house

    NL - THE KINGDOM OF THE NETHERLANDS

  • Number of pages

    13

  • Pages from-to

    110452-110465

  • UT code for WoS article

    001237361300001

  • EID of the result in the Scopus database

    2-s2.0-85191654030

Similar results(10)

DNS over HTTPS Detection Using Standard Flow TelemetryCollection of Datasets with DNS over HTTPS TrafficDetecting DoH-Based Data Exfiltration: FluBot Malware Case Study