Development of an algorithm to protect user communication devices against data leaks
DOI:
https://doi.org/10.15587/1729-4061.2021.225339Keywords:
DNS query, DNS server, DNS leaks, DNS traffic, DNS proxy server, data collectionAbstract
In order to identify ways used to collect data from user communication devices, an analysis of the interaction between DNS customers and the Internet name domain space has been carried out. It has been established that the communication device's DNS traffic is logged by the DNS servers of the provider, which poses a threat to the privacy of users. A comprehensive algorithm of protection against the collection of user data, consisting of two modules, has been developed and tested. The first module makes it possible to redirect the communication device's DNS traffic through DNS proxy servers with a predefined anonymity class based on the proposed multitest. To ensure a smooth and sustainable connection, the module automatically connects to a DNS proxy server that has minimal response time from those available in the compiled list. The second module blocks the acquisition of data collected by the developers of the software installed on the user's communication device, as well as by specialized Internet services owned by IT companies. The proposed algorithm makes it possible for users to choose their preferred level of privacy when communicating with the Internet space, thereby providing them with a choice of privacy level and, as a result, limiting the possibility of information manipulation over their owners. The DNS traffic of various fixed and mobile communication devices has been audited. The analysis of DNS traffic has enabled to identify and structure the DNS requests responsible for collecting data from users by the Internet services owned by IT companies. The identified DNS queries have been blocked; it has been experimentally confirmed that the performance of the basic and application software on communication devices was not compromised.
References
García-Dorado, J. L., Ramos, J., Rodríguez, M., Aracil, J. (2018). DNS weighted footprints for web browsing analytics. Journal of Network and Computer Applications, 111, 35–48. doi: http://doi.org/10.1016/j.jnca.2018.03.008
Guelke, J. (2020). Leaking. International Encyclopedia of Ethics, 6, 1–7. doi: http://doi.org/10.1002/9781444367072.wbiee898
Trish, B. (2018). Big Data under Obama and Trump: The Data-Fueled U.S. Presidency. Politics and Governance, 6 (4), 29–39. doi: http://doi.org/10.17645/pag.v6i4.1565
Esteve, A. (2017). The business of personal data: Google, Facebook, and privacy issues in the EU and the USA. International Data Privacy Law, 7 (1), 36–47. doi: http://doi.org/10.1093/idpl/ipw026
Google: зловещая черта (2019). Available at: https://eurasia.film/2019/08/google-v-tvoej-golove/
Saeli, S., Bisio, F., Lombardo, P., Massa, D. (2020). DNS Covert Channel Detection via Behavioral Analysis: a Machine Learning Approach. International Conference on Malicious and Unwanted Software (MALWARE), 46–55. Available at: https://www.researchgate.net/publication/344485984_DNS_Covert_Channel_Detection_via_Behavioral_Analysis_a_Machine_Learning_Approach
Chen, X., Navidi, T., Rajagopal, R. (2020). Generating private data with user customization. Available at: https://www.researchgate.net/publication/346614406_Generating_private_data_with_user_customization
Liu, X., Li, H., Lu, X., Xie, T., Mei, Q., Feng, F., Mei, H. (2018). Understanding Diverse Usage Patterns from Large-Scale Appstore-Service Profiles. IEEE Transactions on Software Engineering, 44 (4), 384–411. doi: http://doi.org/10.1109/tse.2017.2685387
Stachl, C., Au, Q., Schoedel, R., Gosling, S. D., Harari, G. M., Buschek, D. et. al. (2020). Predicting personality from patterns of behavior collected with smartphones. Proceedings of the National Academy of Sciences, 117 (30), 17680–17687. doi: http://doi.org/10.1073/pnas.1920484117
Waheed, H., Anjum, M., Rehman, M., Khawaja, A. (2017). Investigation of user behavior on social networking sites. PLOS ONE, 12 (2), e0169693. doi: http://doi.org/10.1371/journal.pone.0169693
Zadereyko, O., Trofymenko, O., Loginova, N. (2019). Algorithm of user’s personal data protection against data leaks in Windows 10 OS. Informatyka Automatyka Pomiary w Gospodarce i Ochronie Środowiska, 9 (1), 41–44. doi: http://doi.org/10.5604/01.3001.0013.0905
Raber, F., Vossebein, N. (2017). URetail: Privacy User Interfaces for Intelligent Retail Stores. Human-Computer Interaction INTERACT 2017. Lecture Notes in Computer Science. Cham: Springer, 10516, 473–477. doi: http://doi.org/10.1007/978-3-319-68059-0_54
Siby, S., Juarez, M., Diaz, C., Narseo, V., Troncoso, C. (2019). Encrypted DNS – Privacy? A Traffic Analysis Perspective. Cryptography and Security, 1–19. Available at: https://arxiv.org/abs/1906.09682
Grothoff, C., Wachs, M., Ermert, M., Appelbaum, J. (2018). Toward secure name resolution on the internet. Computers & Security, 77, 694–708. doi: http://doi.org/10.1016/j.cose.2018.01.018
Bumanglag, K., Kettani, H. (2020). On the Impact of DNS Over HTTPS Paradigm on Cyber Systems. 3rd International Conference on Information and Computer Technologies (ICICT). San Jose, 494–499. doi: http://doi.org/10.1109/icict50521.2020.00085
Yan, Z., Lee, J.-H. (2020). The road to DNS privacy. Future Generation Computer Systems, 112, 604–611. doi: http://doi.org/10.1016/j.future.2020.06.012
Imana, B., Korolova, A., Heidemann, J. (2018). Enumerating Privacy Leaks in DNS Data Collected Above the Recursive. Proceedings of the ISOC NDSS Workshop on DNS Privacy. San Diego, 1–7. Available at: https://www.isi.edu/~johnh/PAPERS/Imana18a.pdf
Hoang, N., Niaki, A., Borisov, N., Gill, P., Polychronakis, M. (2020). Assessing the Privacy Benefits of Domain Name Encryption. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS '20). New York, 290–304. doi: http://doi.org/10.1145/3320269.3384728
Deccio, C., Davis, J. (2019). DNS privacy in practice and preparation. Proceedings of the 15th International Conference on Emerging Networking Experiments and Technologies (CoNEXT'19), 138–143. doi: http://doi.org/10.1145/3359989.3365435
Beliavskii, D. (2015). DNS: kto ne spriatalsia, tot i vinovat. Internet v tsifrakh, 1 (21), 74–77. Available at: http://37.230.117.45/upload/iblock/690/6900620c7bef412cfa870a549817b4fd.pdf
Houser, R., Li, Zh., Cotton, Ch., Wang, H. (2019). An investigation on information leakage of DNS over TLS. Proceedings of the 15th International Conference on Emerging Networking Experiments and Technologies (CoNEXT '19) New York, 123–137. doi: http://doi.org/10.1145/3359989.3365429
Borgolte, K., Chattopadhyay, T., Feamster, N., Kshirsagar, M., Holland, J., Hounsel, A., Schmitt, P. (2019). How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem. SSRN Electronic Journal. doi: http://doi.org/10.2139/ssrn.3427563
Rai, T., Verma, R. (2015). Packet Filtering Technique for Network Security. International Journal of Engineering Research & Technology (IJERT), 3 (20), 1–3. Available at: https://www.ijert.org/research/packet-filtering-technique-for-network-security-IJERTCONV3IS20047.pdf
Sheluhin, O. I., Smychek, M. A., Simonyan, A. G. (2018). Filtering unwanted applications of Internet resources for information security purposes. H&ES Research, 10 (2), 87–98. Available at: https://www.elibrary.ru/item.asp?id=34939631
Smart DNS Proxy Servers. Available at: https://www.smartdnsproxy.com/Servers
Podkorytov, D., Floka, A., Kuleshov S. (2019). Arkhitektura krossplatformennogo DNS Proxy servisa. T-Comm: Telekommunikatsii i transport, 13 (5), 35–40. Available at: https://www.researchgate.net/publication/333844552_Podkorytov_DA_Floka_AB_Kulesov_SV_Arhitektura_krossplatformennogo_DNS_Proxy_servisa_T-Comm_Telekommunikacii_i_transport_2019_Tom_13_No5_S_35-40
Dooley, M., Rooney, T. (2020). Navigating the Internet with DNS. IP Address Management, 75–92. doi: http://doi.org/10.1002/9781119692263.ch4
Fujiwara, K., Sato, A., Yoshida, K. (2019). Cache Effect of Shared DNS Resolver. IEICE Transactions on Communications, E102.B (6), 1170–1179. doi: http://doi.org/10.1587/transcom.2018ebp3184
General Data Protection Regulation (EU GDPR). Available at: https://gdpr-text.com/
Charanjeet, S. (2020). How to Enable DNS Over HTTPS in Chrome, Firefox, Edge, Brave & More? Fossbytes. Available at: https://fossbytes.com/how-to-enable-dns-over-https-on-chrome-firefox-edge-brave/
Ashok, A., John, A., Joy, P., Vijayan, R., Amrutha, V., Deepa, K., Jooby, E. (2016). Proxy Server Protection for Web Search. International Journal of Computer Science and Technology, 7 (1), 165–169. Available at: http://www.ijcst.com/vol71/2/34-amrutha-ashok.pdf
Shima, K., Nakamura, R., Okada, K., Ishihara, T., Miyamoto, D., Sekiya, Y. (2019). Classifying DNS Servers Based on Response Message Matrix Using Machine Learning. International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, 1550–1551. doi: http://doi.org/10.1109/csci49370.2019.00291
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2021 Александр Владиславович Задерейко, Юлия Витальевна Прокоп, Елена Григорьевна Трофименко, Наталья Ивановна Логинова, Ольга Евгеньевна Плачинда
This work is licensed under a Creative Commons Attribution 4.0 International License.
The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.
