Herrmann, Dominik ; Maass, Max ; Federrath, Hannes (2022):
Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing. (Postprint)
In: ICT Systems Security and Privacy Protection, pp. 205-219,
Darmstadt, Springer Berlin Heidelberg, 29th IFIP TC 11 International Conference, SEC 2014, Marrakech, Morocco, 02.-04.06.2014, ISBN 978-3-642-55415-5,
DOI: 10.26083/tuprints-00021795,
[Conference or Workshop Item]
Abstract
The Domain Name System (DNS) does not provide query privacy. Query obfuscation schemes have been proposed to overcome this limitation, but, so far, they have not been evaluated in a realistic setting. In this paper we evaluate the security of a random set range query scheme in a real-world web surfing scenario. We demonstrate that the scheme does not sufficiently obfuscate characteristic query patterns, which can be used by an adversary to determine the visited websites. We also illustrate how to thwart the attack and discuss practical challenges. Our results suggest that previously published evaluations of range queries may give a false sense of the attainable security, because they do not account for any interdependencies between queries.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2022 |
| Creators: | Herrmann, Dominik ; Maass, Max ; Federrath, Hannes |
| Origin: | Secondary publication service |
| Status: | Postprint |
| Title: | Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing |
| Language: | English |
| Abstract: | The Domain Name System (DNS) does not provide query privacy. Query obfuscation schemes have been proposed to overcome this limitation, but, so far, they have not been evaluated in a realistic setting. In this paper we evaluate the security of a random set range query scheme in a real-world web surfing scenario. We demonstrate that the scheme does not sufficiently obfuscate characteristic query patterns, which can be used by an adversary to determine the visited websites. We also illustrate how to thwart the attack and discuss practical challenges. Our results suggest that previously published evaluations of range queries may give a false sense of the attainable security, because they do not account for any interdependencies between queries. |
| Book Title: | ICT Systems Security and Privacy Protection |
| Place of Publication: | Darmstadt |
| Publisher: | Springer Berlin Heidelberg |
| ISBN: | 978-3-642-55415-5 |
| Collation: | 16 Seiten |
| Uncontrolled Keywords: | Block Size, Range Query, Domain Name System, Query Pattern, Pattern Length |
| Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Sichere Mobile Netze |
| Event Title: | 29th IFIP TC 11 International Conference, SEC 2014 |
| Event Location: | Marrakech, Morocco |
| Event Dates: | 02.-04.06.2014 |
| Date Deposited: | 29 Jul 2022 14:44 |
| DOI: | 10.26083/tuprints-00021795 |
| URL / URN: | https://tuprints.ulb.tu-darmstadt.de/21795 |
| URN: | urn:nbn:de:tuda-tuprints-217956 |
| PPN: | |
| Corresponding Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Send an inquiry |
Options (only for editors)
 |
Show editorial Details |
Drucken
Impressum