How Private is Android's Private DNS Setting? Identifying Apps by Encrypted DNS Traffic

3Citations
Citations of this article
10Readers
Mendeley users who have this article in their library.

Abstract

DNS over TLS (DoT) and DNS over HTTPS (DoH) promise to improve privacy and security of DNS by encrypting DNS messages, especially when messages are padded to a uniform size. Firstly, to demonstrate the limitations of recommended padding approaches, we present Segram, a novel app fingerprinting attack that allows adversaries to infer which mobile apps are executed on a device. Secondly, we record traffic traces of 118 Android apps using 10 differnet DoT/DoH resolvers to study the effectiveness of Segram under different conditions. According to our results, Segram identifies apps with accuracies of up to 72 % with padding in a controlled closed world setting. The effectiveness of Segram is comparable with state-of-the-art techniques but Segram requires less computational effort. We release our datasets and code. Thirdly, we study the prevalence of padding among privacy-focused DoT/DoH resolvers, finding that up to 81 % of our sample fail to enable padding. Our results suggest that recommended padding approaches are less effective than expected and that resolver operators are not sufficiently aware about this feature.

Cite

CITATION STYLE

APA

Mühlhauser, M., Pridöhl, H., & Herrmann, D. (2021). How Private is Android’s Private DNS Setting? Identifying Apps by Encrypted DNS Traffic. In ACM International Conference Proceeding Series. Association for Computing Machinery. https://doi.org/10.1145/3465481.3465764

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free