Liang Jiao, Yujia Zhu, Xingyu Fu, Yi Zhou, Fenglin Qin, Qingyun Liu
{"title":"CCSv6:基于IPv6的注意机制的DNS-over-HTTPS隧道检测模型","authors":"Liang Jiao, Yujia Zhu, Xingyu Fu, Yi Zhou, Fenglin Qin, Qingyun Liu","doi":"10.1109/ISCC58397.2023.10218057","DOIUrl":null,"url":null,"abstract":"In this paper, we first show DNS-over-HTTPS (DoH) tunneling detection methods verified to be effective over IPv4 can be applied to IPv6, and then propose a new model called CCSv6, using attention-based convolution neural network to build classifiers with flow-based features to detect DoH tunneling over IPv6, achieve 99.99% accuracy on the IPv6 dataset. In addition, we discuss the influence of various factors such as locations or DoH resolvers on the detection results in detail over IPv6. All the more important, our model shows better transfer learning ability, which can achieve the F1-score of 96% when trained on the IPv6 dataset and tested on the IPv4 dataset.","PeriodicalId":265337,"journal":{"name":"2023 IEEE Symposium on Computers and Communications (ISCC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"CCSv6: A Detection Model for DNS-over-HTTPS Tunnel Using Attention Mechanism over IPv6\",\"authors\":\"Liang Jiao, Yujia Zhu, Xingyu Fu, Yi Zhou, Fenglin Qin, Qingyun Liu\",\"doi\":\"10.1109/ISCC58397.2023.10218057\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we first show DNS-over-HTTPS (DoH) tunneling detection methods verified to be effective over IPv4 can be applied to IPv6, and then propose a new model called CCSv6, using attention-based convolution neural network to build classifiers with flow-based features to detect DoH tunneling over IPv6, achieve 99.99% accuracy on the IPv6 dataset. In addition, we discuss the influence of various factors such as locations or DoH resolvers on the detection results in detail over IPv6. All the more important, our model shows better transfer learning ability, which can achieve the F1-score of 96% when trained on the IPv6 dataset and tested on the IPv4 dataset.\",\"PeriodicalId\":265337,\"journal\":{\"name\":\"2023 IEEE Symposium on Computers and Communications (ISCC)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE Symposium on Computers and Communications (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC58397.2023.10218057\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC58397.2023.10218057","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CCSv6: A Detection Model for DNS-over-HTTPS Tunnel Using Attention Mechanism over IPv6
In this paper, we first show DNS-over-HTTPS (DoH) tunneling detection methods verified to be effective over IPv4 can be applied to IPv6, and then propose a new model called CCSv6, using attention-based convolution neural network to build classifiers with flow-based features to detect DoH tunneling over IPv6, achieve 99.99% accuracy on the IPv6 dataset. In addition, we discuss the influence of various factors such as locations or DoH resolvers on the detection results in detail over IPv6. All the more important, our model shows better transfer learning ability, which can achieve the F1-score of 96% when trained on the IPv6 dataset and tested on the IPv4 dataset.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
