Litcius/Paper detail

Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Hoang Nguyen Phong, Niaki Arian Akhavan, Phillipa Gill, Michalis Polychronakis

2021DOAJ (DOAJ: Directory of Open Access Journals)19 citationsDOI

Abstract

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-based load balancing, co-hosting of different websites on the same server, and IP address churn, all contribute towards making domain–IP mappings unstable, and prevent straightforward IP-based browsing tracking.

Topics & Concepts

Computer scienceDomain nameEncryptionExploitRobustness (evolution)Ip addressDomain Name SystemComputer securityWorld Wide WebDomain (mathematical analysis)Software deploymentComputer networkThe InternetInternet privacyChemistryBiochemistryMathematicsOperating systemGeneMathematical analysisInternet Traffic Analysis and Secure E-votingSpam and Phishing DetectionNetwork Security and Intrusion Detection
Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting | Litcius