{"id":"https://openalex.org/W7117566141","doi":"https://doi.org/10.1109/mswim67937.2025.11309217","title":"Fingerprinting Encrypted DNS: Exploiting Metadata Leakage in DNS over QUIC","display_name":"Fingerprinting Encrypted DNS: Exploiting Metadata Leakage in DNS over QUIC","publication_year":2025,"publication_date":"2025-10-27","ids":{"openalex":"https://openalex.org/W7117566141","doi":"https://doi.org/10.1109/mswim67937.2025.11309217"},"language":null,"primary_location":{"id":"doi:10.1109/mswim67937.2025.11309217","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mswim67937.2025.11309217","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039026107","display_name":"Marta Moure-Garrido","orcid":"https://orcid.org/0000-0001-6068-6233"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Marta Moure-Garrido","raw_affiliation_strings":["University Carlos III of Madrid,Department of Telematic Engineering,Madrid,Spain"],"affiliations":[{"raw_affiliation_string":"University Carlos III of Madrid,Department of Telematic Engineering,Madrid,Spain","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5121528073","display_name":"Celeste Campo","orcid":null},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Celeste Campo","raw_affiliation_strings":["University Carlos III of Madrid,Department of Telematic Engineering,Madrid,Spain"],"affiliations":[{"raw_affiliation_string":"University Carlos III of Madrid,Department of Telematic Engineering,Madrid,Spain","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089344826","display_name":"Carlos Garc\u00eda-Rubio","orcid":"https://orcid.org/0000-0002-4635-722X"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Carlos Garcia-Rubio","raw_affiliation_strings":["University Carlos III of Madrid,Department of Telematic Engineering,Madrid,Spain"],"affiliations":[{"raw_affiliation_string":"University Carlos III of Madrid,Department of Telematic Engineering,Madrid,Spain","institution_ids":["https://openalex.org/I50357001"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5039026107"],"corresponding_institution_ids":["https://openalex.org/I50357001"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.84676798,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"404","last_page":"411"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9265999794006348,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9265999794006348,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.03909999877214432,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.009999999776482582,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8177000284194946},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.8051000237464905},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.6862999796867371},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.597000002861023},{"id":"https://openalex.org/keywords/metadata","display_name":"Metadata","score":0.5479000210762024},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4869999885559082},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.45750001072883606},{"id":"https://openalex.org/keywords/blacklisting","display_name":"Blacklisting","score":0.3862000107765198}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8177000284194946},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.8051000237464905},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7405999898910522},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6862999796867371},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6022999882698059},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.597000002861023},{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.5479000210762024},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4869999885559082},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.45750001072883606},{"id":"https://openalex.org/C2779797433","wikidata":"https://www.wikidata.org/wiki/Q632959","display_name":"Blacklisting","level":2,"score":0.3862000107765198},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.384799987077713},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.3817000091075897},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.38019999861717224},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3393999934196472},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.31290000677108765},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.3098999857902527},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.29170000553131104},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.2854999899864197},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2718999981880188},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.26489999890327454},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.26429998874664307},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.2632000148296356},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.2624000012874603}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/mswim67937.2025.11309217","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mswim67937.2025.11309217","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5107326507568359,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W2981067590","https://openalex.org/W3008176860","https://openalex.org/W3126325113","https://openalex.org/W3198788313","https://openalex.org/W3214128480","https://openalex.org/W4280526466","https://openalex.org/W4306824696","https://openalex.org/W4307020333","https://openalex.org/W4323338334","https://openalex.org/W4382753153","https://openalex.org/W4384835167","https://openalex.org/W4385522515","https://openalex.org/W4385624909","https://openalex.org/W4388005108","https://openalex.org/W4390277361","https://openalex.org/W4392980859","https://openalex.org/W4393379799","https://openalex.org/W4394795122","https://openalex.org/W4402278091","https://openalex.org/W4402436629","https://openalex.org/W4404627583","https://openalex.org/W4410950066"],"related_works":[],"abstract_inverted_index":{"The":[0,144],"growing":[1],"adoption":[2],"of":[3,62,75,141,146,153,163,173],"HTTP/3":[4],"and":[5,28,43],"its":[6],"underlying":[7],"transport":[8],"protocol,":[9],"Quick":[10],"UDP":[11],"Internet":[12,21],"Connections":[13],"(QUIC),":[14],"represents":[15],"a":[16,69,103,119,186],"major":[17],"step":[18],"forward":[19],"in":[20,59,178],"communications,":[22],"improving":[23],"performance,":[24,44],"latency,":[25],"congestion":[26],"control,":[27],"encryption.":[29,63],"Domain":[30],"Name":[31],"Server":[32],"(DNS)":[33],"over":[34],"QUIC":[35],"(DoQ)":[36],"has":[37],"emerged":[38],"to":[39,48,79,96,109,128,184,200],"enhance":[40],"DNS":[41,85,111],"confidentiality":[42],"but":[45],"remains":[46],"vulnerable":[47],"website":[49],"fingerprinting":[50,154,175],"(WF)":[51],"attacks,":[52,81],"which":[53,130],"exploit":[54,95],"observable":[55],"traffic":[56,86],"patterns,":[57],"even":[58],"the":[60,73,76,139,147,151,160,171,194],"presence":[61],"In":[64],"this":[65],"study,":[66],"we":[67],"conduct":[68],"detailed":[70],"analysis":[71],"into":[72,138],"vulnerability":[74],"DoQ":[77,157,182],"protocol":[78],"WF":[80],"examining":[82],"how":[83],"encrypted":[84,110,179],"can":[87],"still":[88],"leak":[89],"identifiable":[90],"patterns":[91],"that":[92],"adversaries":[93],"may":[94],"infer":[97],"users\u2019":[98],"web":[99],"activity.":[100],"We":[101,122],"implement":[102],"comprehensive":[104],"feature":[105],"extraction":[106],"framework":[107],"adapted":[108],"traffic.":[112],"This":[113],"approach":[114],"enables":[115],"accurate":[116],"classification":[117],"using":[118],"real-world":[120],"dataset.":[121],"apply":[123],"explainable":[124],"Artificial":[125],"Intelligence":[126],"(XAI)":[127],"identify":[129],"features":[131],"drive":[132],"model":[133],"predictions,":[134],"offering":[135],"new":[136],"insights":[137],"sources":[140],"metadata":[142],"leakage.":[143],"findings":[145],"present":[148],"study":[149],"reinforce":[150],"efficacy":[152],"attacks":[155],"on":[156],"traffic,":[158],"highlighting":[159],"persistent":[161],"nature":[162],"these":[164],"vulnerabilities":[165],"despite":[166],"DoQ\u2019s":[167],"encryption":[168],"mechanisms.":[169],"Consequently,":[170],"development":[172],"effective":[174],"mitigation":[176,198],"strategies":[177,199],"environments":[180],"like":[181],"continues":[183],"pose":[185],"critical":[187],"challenge":[188],"for":[189,196],"protecting":[190],"user":[191,202],"privacy,":[192],"underscoring":[193],"need":[195],"robust":[197],"safeguard":[201],"privacy.":[203]},"counts_by_year":[],"updated_date":"2025-12-31T23:11:33.660297","created_date":"2025-12-30T00:00:00"}