Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing

被引：0

作者：

Herrmann, Dominik ^{[1
]}

Maass, Max ^{[1
]}

Federrath, Hannes ^{[1
]}

机构：

[1] Univ Hamburg, Dept Comp Sci, Hamburg, Germany

来源：

ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, IFIP TC 11 INTERNATIONAL CONFERENCE, SEC 2014 | 2014年 / 428卷

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The Domain Name System (DNS) does not provide query privacy. Query obfuscation schemes have been proposed to overcome this limitation, but, so far, they have not been evaluated in a realistic setting. In this paper we evaluate the security of a random set range query scheme in a real-world web surfing scenario. We demonstrate that the scheme does not sufficiently obfuscate characteristic query patterns, which can be used by an adversary to determine the visited websites. We also illustrate how to thwart the attack and discuss practical challenges. Our results suggest that previously published evaluations of range queries may give a false sense of the attainable security, because they do not account for any interdependencies between queries.

引用

页码：205 / 219

页数：15

共 50 条

[41] Analysis of the constructing principles and methodology for evaluating the security of shoulder-surfing resistant graphic passwords
Yakovlev V.A.
Arkhipov V.V.
Adadurov S.E.
Automatic Control and Computer Sciences, 2017, 51 (8) : 1000 - 1010
[42] EVALUATING SECURITY OF A SIMPLE INTERACTIVE HUMAN IDENTIFICATION SCHEME
MIZUTANI, R
MATSUMOTO, T
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 1995, E78A (05) : 577 - 578
[43] A Low Cost Weight Obfuscation Scheme for Security Enhancement of ReRAM Based Neural Network Accelerators
Wang, Yuhang
Jin, Song
Li, Tao
2021 26TH ASIA AND SOUTH PACIFIC DESIGN AUTOMATION CONFERENCE (ASP-DAC), 2021, : 499 - 504
[44] Evaluating security of a simple interactive human identification scheme
Yokohama Natl Univ, Yokohama-shi, Japan
IEICE Trans Fund Electron Commun Comput Sci, 5 (577-578):
[45] Web security in a windows system as PrivacyDefender in private browsing mode
Fu-Hau Hsu
Min-Hao Wu
Yi-Wen Chang
Shiuh-Jeng Wang
Multimedia Tools and Applications, 2015, 74 : 1667 - 1688
[46] Web security in a windows system as PrivacyDefender in private browsing mode
Hsu, Fu-Hau
Wu, Min-Hao
Chang, Yi-Wen
Wang, Shiuh-Jeng
MULTIMEDIA TOOLS AND APPLICATIONS, 2015, 74 (05) : 1667 - 1688
[47] You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements
Hantke, Florian
Calzavara, Stefano
Wilhelm, Moritz
Rabitti, Alvise
Stock, Ben
PROCEEDINGS OF THE 2023 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, CCS 2023, 2023, : 3168 - 3182
[48] A Hidden Markov Model Security Scheme for Query State Inference in Discovery Services
Dahbi, Abdelmounaim
Khair, Mazen G.
Mouftah, Hussein T.
2014 GLOBAL INFORMATION INFRASTRUCTURE AND NETWORKING SYMPOSIUM (GIIS), 2014,
[49] Privacy Concerns from Single-Word Search Query Leakage from Web Browsers Through DNS
Isobe, Katsuki
Kondo, Daishi
Tode, Hideki
IEEE Networking Letters, 2022, 4 (01): : 48 - 52
[50] Mining search engine query log for evaluating content and structure of a web site
Hosseini, Mehdi
Abolhassani, Hassan
PROCEEDINGS OF THE IEEE/WIC/ACM INTERNATIONAL CONFERENCE ON WEB INTELLIGENCE: WI 2007, 2007, : 235 - 241

← 1 2 3 4 5 →