CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12175 > Article
Paper
21 April 2022 Detecting DoH tunnels with privacy protection using federated learning
Bangling Li, Shen He, Huaxi Peng, Erpeng Zhang, Jun Xin
Author Affiliations +
Proceedings Volume 12175, International Conference on Network Communication and Information Security (ICNCIS 2021); 121750L (2022) https://doi.org/10.1117/12.2628461
Event: International Conference on Network Communication and Information Security (ICNCIS 2021), 2021, Beijing, China
Abstract
Domain Name System (DNS) service is a core service on the Internet and a key link to ensure the normal operation of the Internet. Since DNS can often pass through firewalls without being intercepted, it creates favorable conditions for attackers to build a covert channel based on the DNS protocol. DNS over HTTPS (DoH) can encrypt DNS lookup and response data packets to ensure that data packets are not monitored and used, but it also makes the DNS tunnels more difficult to detect. Due to the security of DoH, researchers began trying to detect DoH tunnels by using machine or deep learning. The effect of the model is not good if the data quality is poor or the amount of data is insufficient. Due to the privacy of traffic data, it is usually difficult to collect and share private traffic data to a centralized server. We propose a federated-learning DoH traffic classification framework (FL_DoH_CF), which permits multiple institutions to detect DoH tunnels by using convolutional neural network (CNN) without sharing traffic data. The experiments demonstrate that FL_DoH_CF is competitive with centralized learning, and it is still robust for non-independent and identically distributed (No_IID) data, and even achieves an accuracy of 99.86% for extreme one-class No_IID data.
© (2022) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Bangling Li, Shen He, Huaxi Peng, Erpeng Zhang, and Jun Xin "Detecting DoH tunnels with privacy protection using federated learning", Proc. SPIE 12175, International Conference on Network Communication and Information Security (ICNCIS 2021), 121750L (21 April 2022); https://doi.org/10.1117/12.2628461
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 9 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Data modeling
Machine learning
Internet
Network security
Computer security
Analytical research
Data conversion
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top