Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing

被引：0

作者：

Herrmann, Dominik ^{[1
]}

Maass, Max ^{[1
]}

Federrath, Hannes ^{[1
]}

机构：

[1] Univ Hamburg, Dept Comp Sci, Hamburg, Germany

来源：

ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, IFIP TC 11 INTERNATIONAL CONFERENCE, SEC 2014 | 2014年 / 428卷

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The Domain Name System (DNS) does not provide query privacy. Query obfuscation schemes have been proposed to overcome this limitation, but, so far, they have not been evaluated in a realistic setting. In this paper we evaluate the security of a random set range query scheme in a real-world web surfing scenario. We demonstrate that the scheme does not sufficiently obfuscate characteristic query patterns, which can be used by an adversary to determine the visited websites. We also illustrate how to thwart the attack and discuss practical challenges. Our results suggest that previously published evaluations of range queries may give a false sense of the attainable security, because they do not account for any interdependencies between queries.

引用

页码：205 / 219

页数：15

共 50 条

[11] Versatile Query Scrambling for Private Web Search
Arampatzis, Avi
Drosatos, George
Efraimidis, Pavlos S.
INFORMATION RETRIEVAL JOURNAL, 2015, 18 (04): : 331 - 358
[12] Intent-aware Query Obfuscation for Privacy Protection in Personalized Web Search
Ahmad, Wasi Uddin
Chang, Kai-Wei
Wang, Hongning
ACM/SIGIR PROCEEDINGS 2018, 2018, : 285 - 294
[13] DNS Privacy with Speed? Evaluating DNS over QUIC and its Impact on Web Performance
Kosek, Mike
Schumann, Luca
Marx, Robin
Trinh Viet Doan
Bajpai, Vaibhav
PROCEEDINGS OF THE 2022 22ND ACM INTERNET MEASUREMENT CONFERENCE, IMC 2022, 2022, : 44 - 50
[14] OB-PWS: Obfuscation-Based Private Web Search
Balsa, Ero
Troncoso, Carmela
Diaz, Claudia
2012 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2012, : 491 - 505
[15] Research on Enterprise DNS Security Scheme Based on Blockchain Technology
Zhang, Jichuan
Zhai, Jianhong
Yang, Ru
Liu, Shuyan
BLOCKCHAIN AND TRUSTWORTHY SYSTEMS, BLOCKSYS 2019, 2020, 1156 : 690 - 701
[16] A crypto scheme using data obfuscation of entity detection and replacement for private cloud
Dasari Y.
Kalluri H.K.
Dondeti V.
International Journal of Safety and Security Engineering, 2020, 10 (03) : 417 - 422
[17] A new query processing scheme in a Web Data Engine
Zhang, ZQ
Xing, CX
Zhou, LZ
Feng, JH
DATABASES IN NETWORKED INFORMATION SYSTEMS, 2002, 2544 : 74 - 87
[18] Security Authorization Scheme for Web Applications
Saito, Takamichi
Miyata, Daichi
Watanabe, Takafumi
Nishikura, Yuta
PROCEEDINGS 2015 18TH INTERNATIONAL CONFERENCE ON NETWORK-BASED INFORMATION SYSTEMS (NBIS 2015), 2015, : 250 - 256
[19] Two-servers PIR based DNS query scheme with privacy-preserving
Zhao, Fangming
Hori, Yoshiaki
Sakurai, Kouichi
2007 INTERNATIONAL CONFERENCE ON INTELLIGENT PERVASIVE COMPUTING, PROCEEDINGS, 2007, : 299 - 302
[20] Private finance scheme for Worcester - Battle in Kidderminster is against "spin," half truth, and obfuscation
Taylor, RT
BRITISH MEDICAL JOURNAL, 2000, 321 (7267): : 1016 - 1016

← 1 2 3 4 5 →