Skip navigation

SmartDoH: A deep learning solution for secure and efficient DNS-over-HTTPS traffic analysis

SmartDoH: A deep learning solution for secure and efficient DNS-over-HTTPS traffic analysis

Zeng, Dake, Dawood, Muhammad, Tu, Shanshan, Al-Antary, Mohammad, Waqas, Muhammad ORCID logoORCID: https://orcid.org/0000-0003-0814-7544 and Namoun, Abdallah (2025) SmartDoH: A deep learning solution for secure and efficient DNS-over-HTTPS traffic analysis. In: 2025 3rd International Conference on Big Data and Privacy Computing (BDPC). IEEE Xplore . Institute of Electrical and Electronics Engineers (IEEE), Fuzhou, China, pp. 35-40. ISBN 979-8331522926; 979-8331522933 (doi:10.1109/BDPC63545.2025.11135907)

[thumbnail of Author's Accepted Manuscript]
Preview
PDF (Author's Accepted Manuscript)
50990 WAQAS_SmartDoH_A_Deep_Learning_Solution_For_Secure_And_Efficient_DNS-Over-HTTPS_Traffic_Analysis_(AAM)_2025.pdf - Accepted Version

Download (2MB) | Preview

Abstract

The Domain Name System over HTTPS (DoH) protocol enhances privacy and security by encrypting DNS queries and responses, thereby mitigating risks associated with interception and tampering. However, this encryption simultaneously introduces challenges for conventional DNS monitoring and filtering mechanisms, which rely on visibility into plaintext DNS traffic to detect and block malicious activity. To address this limitation, we propose a deep learning-based framework for the detection and classification of DoH traffic. The approach incorporates a hybrid feature selection mechanism, utilizing both Chi-Square and Pearson Correlation Coefficient tests to identify the most relevant features. A single-layer neural network model is trained on a dataset comprising both DoH and non-DoH traffic, enabling it to differentiate benign from malicious flows with enhanced efficiency. Experimental evaluation demonstrates a detection accuracy of 98.88% and a classification accuracy of 99.84%, affirming the model’s capability for high-performance traffic analysis. By jointly processing multiple traffic types and minimizing computational overhead, the proposed method facilitates real-time deployment in resource-constrained environments. Overall, this study contributes to the advancement of secure network operations by offering a robust and scalable solution for detecting cyber threats that leverage DoH to evade traditional security mechanisms.

Item Type: Conference Proceedings
Title of Proceedings: 2025 3rd International Conference on Big Data and Privacy Computing (BDPC)
Uncontrolled Keywords: Domain Name System over HTTPS, privacy and security, DoH traffic, deep learning, correlation, coefficient, privacy, accuracy,f iltering, neural networks, feature extraction, HTTP, real-time systems, Domain Name System, cryptography, deep learning, DNS-over-HTTPS, detection and classification
Subjects: Q Science > Q Science (General)
Q Science > QA Mathematics
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified: 04 Sep 2025 15:00
URI: https://gala.gre.ac.uk/id/eprint/50990

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics