The Domain Name System (DNS) protocol essentially translates domain names to IP addresses, enabling browsers to load and utilize Internet resources. Despite its major role, DNS is vulnerable to various security loopholes that attackers have continually abused. Therefore, delivering secure DNS traffic has become challenging since attackers use advanced and fast malicious information-stealing approaches. To overcome DNS vulnerabilities, the DNS over HTTPS (DoH) protocol was introduced to improve the security of the DNS protocol by encrypting the DNS traffic and communicating it over a covert network channel. This paper proposes a lightweight, double-stage scheme to identify malicious DoH traffic using a hybrid learning approach. The system comprises two layers. At the first layer, the traffic is examined using random fine trees (RF) and identified as DoH traffic or non-DoH traffic. At the second layer, the DoH traffic is further investigated using Adaboost trees (ADT) and identified as benign DoH or malicious DoH. Specifically, the proposed system is lightweight since it works with the least number of features (using only six out of thirty-three features) selected using principal component analysis (PCA) and minimizes the number of samples produced using a random under-sampling (RUS) approach. The experiential evaluation reported a high-performance system with a predictive accuracy of 99.4% and 100% and a predictive overhead of 0.83 µs and 2.27 µs for layer one and layer two, respectively. Hence, the reported results are superior and surpass existing models, given that our proposed model uses only 18% of the feature set and 17% of the sample set, distributed in balanced classes.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC10098885 | PMC |
| http://dx.doi.org/10.3390/s23073489 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
Risk and Protective Factors for Injury in Adult Front- and Rear-Seated Motor Vehicle Occupants in New York State.
Int J Environ Res Public Health
May 2024
Departments of Epidemiology, Health Policy and Management, Columbia University, New York, NY 10032, USA.
Article Synopsis
- Seatbelt use significantly reduces the risk of injury and death in vehicle crashes, but rear-seated adults are less likely to wear them compared to those in the front seat.
- A study analyzed data from nearly 1 million adults involved in crashes in New York, finding that rear-seated occupants had a 1.5 times higher mortality rate and were more often unrestrained.
- Factors like speeding, a drinking driver, and older vehicles were linked to higher injury severity, highlighting that unrestrained rear-seated occupants face greater risks than their restrained front-seated counterparts.
Intelligent model for the detection and classification of encrypted network traffic in cloud infrastructure.
PeerJ Comput Sci
May 2024
School of Science and Engineering, Al Akhawayn University in Ifrane, Ifrane, Morocco.
This article explores detecting and categorizing network traffic data using machine-learning (ML) methods, specifically focusing on the Domain Name Server (DNS) protocol. DNS has long been susceptible to various security flaws, frequently exploited over time, making DNS abuse a major concern in cybersecurity. Despite advanced attack, tactics employed by attackers to steal data in real-time, ensuring security and privacy for DNS queries and answers remains challenging.
View Article and Find Full Text PDFDNS-BC: Fast, Reliable and Secure Domain Name System Caching System Based on a Consortium Blockchain.
Sensors (Basel)
July 2023
State Key Laboratory of Integrated Service Networks, Xidian University, Xi'an 710071, China.
The Domain Name System (DNS) is a fundamental component of the internet, responsible for resolving domain names into IP addresses. DNS servers are typically categorized into four types: recursive resolvers, root name servers, Top-Level Domain (TLD) name servers, and authoritative name servers. The latter three types of servers store actual records, while recursive resolvers do not store any real data and are only responsible for querying the other three types of servers and responding to clients.
View Article and Find Full Text PDFA Lightweight Double-Stage Scheme to Identify Malicious DNS over HTTPS Traffic Using a Hybrid Learning Approach.
Sensors (Basel)
March 2023
Department of Computer Science, Princess Sumaya University for Technology (PSUT), Amman 11941, Jordan.
The Domain Name System (DNS) protocol essentially translates domain names to IP addresses, enabling browsers to load and utilize Internet resources. Despite its major role, DNS is vulnerable to various security loopholes that attackers have continually abused. Therefore, delivering secure DNS traffic has become challenging since attackers use advanced and fast malicious information-stealing approaches.
View Article and Find Full Text PDFMotor Vehicle Crash and Hospital Charges in Front- and Rear-Seated Restrained and Unrestrained Adult Motor Vehicle Occupants.
Int J Environ Res Public Health
October 2022
New York State Department of Health, Bureau of Occupational Health and Injury Prevention, Albany, NY 12237, USA.
Unlabelled: There are reports that historically higher mortality observed for front- compared to rear-seated adult motor vehicle (MV) occupants has narrowed. Vast improvements have been made in strengthening laws and restraint use in front-, but not rear-seated occupants suggesting there may be value in expanding the science on rear-seat safety.
Methods: A linked 2016-2017 hospital and MV crash data set, the Crash Outcomes Data Evaluation System (CODES), was used to compare characteristics of front-seated ( = 115,939) and rear-seated ( = 5729) adults aged 18 years and older involved in a MV crash in New York State (NYS).
Want AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!