{"id":"https://openalex.org/W4402156883","doi":"https://doi.org/10.1109/icc51166.2024.10622347","title":"Real-Time Analysis of Encrypted DNS Traffic for Threat Detection","display_name":"Real-Time Analysis of Encrypted DNS Traffic for Threat Detection","publication_year":2024,"publication_date":"2024-06-09","ids":{"openalex":"https://openalex.org/W4402156883","doi":"https://doi.org/10.1109/icc51166.2024.10622347"},"language":"en","primary_location":{"id":"doi:10.1109/icc51166.2024.10622347","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/icc51166.2024.10622347","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICC 2024 - IEEE International Conference on Communications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039026107","display_name":"Marta Moure-Garrido","orcid":"https://orcid.org/0000-0001-6068-6233"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Marta Moure-Garrido","raw_affiliation_strings":["University Carlos III of Madrid,Department of Telematics Engineering,Madrid,Spain"],"affiliations":[{"raw_affiliation_string":"University Carlos III of Madrid,Department of Telematics Engineering,Madrid,Spain","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050881965","display_name":"Sajal K. Das","orcid":"https://orcid.org/0000-0002-9471-0868"},"institutions":[{"id":"https://openalex.org/I20382870","display_name":"Missouri University of Science and Technology","ror":"https://ror.org/00scwqd12","country_code":"US","type":"education","lineage":["https://openalex.org/I20382870"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sajal K. Das","raw_affiliation_strings":["Missouri University of Science and Technology,Department of Computer Science,Rolla,MO,USA"],"affiliations":[{"raw_affiliation_string":"Missouri University of Science and Technology,Department of Computer Science,Rolla,MO,USA","institution_ids":["https://openalex.org/I20382870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021832848","display_name":"Celeste Campo","orcid":"https://orcid.org/0000-0003-1788-890X"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Celeste Campo","raw_affiliation_strings":["University Carlos III of Madrid,Department of Telematics Engineering,Madrid,Spain"],"affiliations":[{"raw_affiliation_string":"University Carlos III of Madrid,Department of Telematics Engineering,Madrid,Spain","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089344826","display_name":"Carlos Garc\u00eda-Rubio","orcid":"https://orcid.org/0000-0002-4635-722X"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Carlos Garcia-Rubio","raw_affiliation_strings":["University Carlos III of Madrid,Department of Telematics Engineering,Madrid,Spain"],"affiliations":[{"raw_affiliation_string":"University Carlos III of Madrid,Department of Telematics Engineering,Madrid,Spain","institution_ids":["https://openalex.org/I50357001"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5039026107"],"corresponding_institution_ids":["https://openalex.org/I50357001"],"apc_list":null,"apc_paid":null,"fwci":0.3653,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.60794607,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"3292","last_page":"3297"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7268800139427185},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.6499284505844116},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.528888463973999},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4757087826728821},{"id":"https://openalex.org/keywords/traffic-analysis","display_name":"Traffic analysis","score":0.41709062457084656},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.41018974781036377},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17848584055900574},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.09863743185997009}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7268800139427185},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6499284505844116},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.528888463973999},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4757087826728821},{"id":"https://openalex.org/C2781317605","wikidata":"https://www.wikidata.org/wiki/Q7832483","display_name":"Traffic analysis","level":2,"score":0.41709062457084656},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.41018974781036377},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17848584055900574},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.09863743185997009}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icc51166.2024.10622347","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/icc51166.2024.10622347","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICC 2024 - IEEE International Conference on Communications","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W2148628210","https://openalex.org/W2762155482","https://openalex.org/W2803684864","https://openalex.org/W2806616617","https://openalex.org/W3025921802","https://openalex.org/W3194547325","https://openalex.org/W3199534252","https://openalex.org/W4213362721","https://openalex.org/W4221077261","https://openalex.org/W4225607886","https://openalex.org/W4281687072","https://openalex.org/W4285160154","https://openalex.org/W4285184946","https://openalex.org/W4312652679","https://openalex.org/W4319455844","https://openalex.org/W4382753153","https://openalex.org/W6785916776"],"related_works":["https://openalex.org/W2183899684","https://openalex.org/W3004039032","https://openalex.org/W2012920909","https://openalex.org/W2073523380","https://openalex.org/W3010674707","https://openalex.org/W2772151426","https://openalex.org/W2791352643","https://openalex.org/W3166874438","https://openalex.org/W4289314221","https://openalex.org/W4206366499"],"abstract_inverted_index":{"Domain":[0],"Name":[1],"System":[2,46],"(DNS)":[3],"tunneling":[4],"is":[5,75,125,152,182],"a":[6,35,62,76,94,118,138,146,166],"well-known":[7],"cyber-attack":[8],"that":[9,98,172],"allows":[10],"data":[11,81,157],"exfiltration":[12],"-":[13],"the":[14,24,79,108,131,160,173],"attackers":[15,30],"exploit":[16],"this":[17,90,123],"tunnel":[18,73],"to":[19,38,54,64,126],"extract":[20],"sensitive":[21],"information":[22],"from":[23],"system.":[25],"Advanced":[26],"Persistent":[27],"Threat":[28],"(APT)":[29],"encapsulate":[31],"malicious":[32,100,128],"traffic":[33,87,110,187],"in":[34,103,178],"DNS":[36,69,86],"connection":[37],"elude":[39],"security":[40],"mechanisms":[41],"such":[42],"as":[43,133,135],"Intrusion":[44],"Detection":[45],"(IDS).":[47],"Although":[48],"different":[49,186],"techniques":[50],"have":[51],"been":[52],"implemented":[53],"detect":[55,127],"these":[56],"targeted":[57],"attacks,":[58],"their":[59],"rise":[60],"induces":[61],"threat":[63],"Cyber-Physical":[65],"Systems":[66],"(CPS).":[67],"The":[68,120],"over":[70],"HTTPS":[71],"(DoH)":[72],"detection":[74,96],"challenge":[77],"because":[78],"encrypted":[80],"prevents":[82],"an":[83],"analysis":[84,143],"of":[85,122,175],"content.":[88],"In":[89],"paper,":[91],"we":[92,116],"present":[93],"novel":[95],"system":[97,124,132,151],"identifies":[99],"DoH":[101,180],"tunnels":[102],"real":[104],"time.":[105],"We":[106,170],"study":[107],"normal":[109],"pattern":[111],"and":[112,159],"based":[113,144],"on":[114,130,145,154],"that,":[115],"define":[117],"profile.":[119],"objective":[121],"activity":[129],"early":[134],"possible":[136,183],"through":[137],"lightweight":[139],"packet":[140,142],"by":[141,184],"real-time":[147],"IDS":[148],"classifier.":[149],"This":[150],"evaluated":[153],"three":[155],"available":[156],"sets":[158],"results":[161],"obtained":[162],"are":[163],"compared":[164],"with":[165],"machine":[167],"learning":[168],"technique.":[169],"demonstrate":[171],"identification":[174],"anomalous":[176],"activity,":[177],"particular":[179],"tunnels,":[181],"analyzing":[185],"features.":[188]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-12-26T23:08:49.675405","created_date":"2025-10-10T00:00:00"}