E-DoH: Elegantly Detecting the Depths of Open DoH Service on the Internet
Cong Dong, Jiahai Yang, Yun Li, Yue Wu, Yufan Chen, Chenglong Li,, Haoran Jiao, Xia Yin, Yuling Liu
TL;DR
This paper introduces E-DoH, an optimized method for detecting DoH services that significantly improves efficiency and reduces traffic, leading to the discovery of nearly twice as many services as previous methods.
Contribution
The paper presents an innovative, optimized detection approach for DoH services that enhances efficiency and accuracy over existing techniques.
Findings
80% improvement in detection time efficiency
Discovered 46,000 DoH services, nearly double previous methods
Reduced traffic volume to 4-20% of prior requirements
Abstract
In recent years, DNS over Encrypted (DoE) methods have been regarded as a novel trend within the realm of the DNS ecosystem. In these DoE methods, DNS over HTTPS (DoH) provides encryption to protect data confidentiality while providing better obfuscation to avoid censorship by multiplexing port 443 with web services. This development introduced certain inconveniences in discovering publicly available DoH services. In this paper, we propose the E-DoH method for elegant and efficient DoH service detection. First, we optimized the probing mechanism to enable a single DoH connection to accomplish multiple tasks including service discovery, correctness validation and dependency construction. Second, we propose an efficient DoH detection tool. This tool can enhance probing efficiency while significantly reduce the required traffic volume. Third, based on the above optimization methods, we…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsWeb Data Mining and Analysis