Not logged in.
Quick Search - Contribution
Contribution Details
Type | Bachelor's Thesis |
Scope | Discipline-based scholarship |
Title | Machine-learning based Detection of Malicious DNS-over-HTTPS (DoH) Traffic Based on Packet Captures |
Organization Unit | |
Authors |
|
Supervisors |
|
Language |
|
Institution | University of Zurich |
Faculty | Faculty of Business, Economics and Informatics |
Date | 2022 |
Abstract Text | The goal of this thesis is to implement a working prototype for the detection of malicious DNS-over-HTTPS (DoH) traffic into the already existing System SecGrid, a platform for the extraction of internet traffic, its analysis, and the detection of cyber-attacks developed by the CSG-Group at the University of Zurich. The implementation contains a special feature extraction for DoH traffic based on TCP-flows and a two Layered Machine Learning pipeline for the detection of malicious DoH traffic. The evaluation proves that the prototype is extremely precise for single data-sets, but as soon as the models are trained and tested with different data the accuracy of the prototype deteriorates drastically. The conclusion is the diversification of the training data-sets into data-sets that are aligned with real-world browser settings and all available DoH resolvers and especially the quantitative and qualitative extension of the state-of-the-art data. |
PDF File | Download |
Export | BibTeX |