While DNS over HTTPS (DoH) is designed to enhance user privacy by encrypting DNS queries, it may introduce new privacy risks by exposing new vectors of vulnerability. This study examines the privacy implications of DoH by presenting an automated system for capturing and analyzing HTTPS traffic, with a focus on identifying and classifying DoH flows. Traffic was generated by visiting 200 popular websites within a controlled environment. By leveraging machine learning, the system distinguishes DoH from non-DoH traffic through observable features like packet size, timing, and flow patterns. Despite payload encryption, certain traffic features remain visible, enabling reliable flow-based classification of DoH traffic. Furthermore, a secondary classifier infers the category of the websites, such as social media, messaging, or blogs, accessed via DoH traffic, even in the absence of explicit domain names. This reveals how even metadata alone can compromise user anonymity. The results highlight a critical limitation of DoH: while it mitigates traditional DNS monitoring, it remains vulnerable to advanced traffic analysis, including data-driven traffic fingerprinting. Consequently, DoH acts as a double-edged sword: enhancing privacy in terms of encrypting DNS queries, while simultaneously exposing users to new inference risks through traffic analysis.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

DoH: A Double-Edged Sword for Privacy? Unmasking Hidden Traffic Patterns with Machine Learning

  • Marta Moure-Garrido,
  • Sergio Anillo-Baeza,
  • Carlos Garcia-Rubio,
  • Celeste Campo

摘要

While DNS over HTTPS (DoH) is designed to enhance user privacy by encrypting DNS queries, it may introduce new privacy risks by exposing new vectors of vulnerability. This study examines the privacy implications of DoH by presenting an automated system for capturing and analyzing HTTPS traffic, with a focus on identifying and classifying DoH flows. Traffic was generated by visiting 200 popular websites within a controlled environment. By leveraging machine learning, the system distinguishes DoH from non-DoH traffic through observable features like packet size, timing, and flow patterns. Despite payload encryption, certain traffic features remain visible, enabling reliable flow-based classification of DoH traffic. Furthermore, a secondary classifier infers the category of the websites, such as social media, messaging, or blogs, accessed via DoH traffic, even in the absence of explicit domain names. This reveals how even metadata alone can compromise user anonymity. The results highlight a critical limitation of DoH: while it mitigates traditional DNS monitoring, it remains vulnerable to advanced traffic analysis, including data-driven traffic fingerprinting. Consequently, DoH acts as a double-edged sword: enhancing privacy in terms of encrypting DNS queries, while simultaneously exposing users to new inference risks through traffic analysis.