Development of an algorithm to protect user communication devices against data leaks

Authors

DOI:

https://doi.org/10.15587/1729-4061.2021.225339

Keywords:

DNS query, DNS server, DNS leaks, DNS traffic, DNS proxy server, data collection

Abstract

In order to identify ways used to collect data from user communication devices, an analysis of the interaction between DNS customers and the Internet name domain space has been carried out. It has been established that the communication device's DNS traffic is logged by the DNS servers of the provider, which poses a threat to the privacy of users. A comprehensive algorithm of protection against the collection of user data, consisting of two modules, has been developed and tested. The first module makes it possible to redirect the communication device's DNS traffic through DNS proxy servers with a predefined anonymity class based on the proposed multitest. To ensure a smooth and sustainable connection, the module automatically connects to a DNS proxy server that has minimal response time from those available in the compiled list. The second module blocks the acquisition of data collected by the developers of the software installed on the user's communication device, as well as by specialized Internet services owned by IT companies. The proposed algorithm makes it possible for users to choose their preferred level of privacy when communicating with the Internet space, thereby providing them with a choice of privacy level and, as a result, limiting the possibility of information manipulation over their owners. The DNS traffic of various fixed and mobile communication devices has been audited. The analysis of DNS traffic has enabled to identify and structure the DNS requests responsible for collecting data from users by the Internet services owned by IT companies. The identified DNS queries have been blocked; it has been experimentally confirmed that the performance of the basic and application software on communication devices was not compromised.

Author Biographies

Alexander Zadereyko, National University "Odessa Law Academy"

PhD, Associate professor

Department of Information Technology

Yuliia Prokop, O. S. Popov Odessa National Academy of Telecommunications

Senior Lecturer

Department of Information Technology

Olena Trofymenko, National University “Odessa Law Academy”

PhD, Associate professor

Department of Information Technology

Natalia Loginova, National University “Odessa Law Academy”

PhD, Associate professor

Department of Information Technology

Оlha Plachinda, Odessa National Polytechnic University

PhD, Associate professor

Department of Oil and Gas and Chemical Engineering

References

  1. García-Dorado, J. L., Ramos, J., Rodríguez, M., Aracil, J. (2018). DNS weighted footprints for web browsing analytics. Journal of Network and Computer Applications, 111, 35–48. doi: http://doi.org/10.1016/j.jnca.2018.03.008
  2. Guelke, J. (2020). Leaking. International Encyclopedia of Ethics, 6, 1–7. doi: http://doi.org/10.1002/9781444367072.wbiee898
  3. Trish, B. (2018). Big Data under Obama and Trump: The Data-Fueled U.S. Presidency. Politics and Governance, 6 (4), 29–39. doi: http://doi.org/10.17645/pag.v6i4.1565
  4. Esteve, A. (2017). The business of personal data: Google, Facebook, and privacy issues in the EU and the USA. International Data Privacy Law, 7 (1), 36–47. doi: http://doi.org/10.1093/idpl/ipw026
  5. Google: зловещая черта (2019). Available at: https://eurasia.film/2019/08/google-v-tvoej-golove/
  6. Saeli, S., Bisio, F., Lombardo, P., Massa, D. (2020). DNS Covert Channel Detection via Behavioral Analysis: a Machine Learning Approach. International Conference on Malicious and Unwanted Software (MALWARE), 46–55. Available at: https://www.researchgate.net/publication/344485984_DNS_Covert_Channel_Detection_via_Behavioral_Analysis_a_Machine_Learning_Approach
  7. Chen, X., Navidi, T., Rajagopal, R. (2020). Generating private data with user customization. Available at: https://www.researchgate.net/publication/346614406_Generating_private_data_with_user_customization
  8. Liu, X., Li, H., Lu, X., Xie, T., Mei, Q., Feng, F., Mei, H. (2018). Understanding Diverse Usage Patterns from Large-Scale Appstore-Service Profiles. IEEE Transactions on Software Engineering, 44 (4), 384–411. doi: http://doi.org/10.1109/tse.2017.2685387
  9. Stachl, C., Au, Q., Schoedel, R., Gosling, S. D., Harari, G. M., Buschek, D. et. al. (2020). Predicting personality from patterns of behavior collected with smartphones. Proceedings of the National Academy of Sciences, 117 (30), 17680–17687. doi: http://doi.org/10.1073/pnas.1920484117
  10. Waheed, H., Anjum, M., Rehman, M., Khawaja, A. (2017). Investigation of user behavior on social networking sites. PLOS ONE, 12 (2), e0169693. doi: http://doi.org/10.1371/journal.pone.0169693
  11. Zadereyko, O., Trofymenko, O., Loginova, N. (2019). Algorithm of user’s personal data protection against data leaks in Windows 10 OS. Informatyka Automatyka Pomiary w Gospodarce i Ochronie Środowiska, 9 (1), 41–44. doi: http://doi.org/10.5604/01.3001.0013.0905
  12. Raber, F., Vossebein, N. (2017). URetail: Privacy User Interfaces for Intelligent Retail Stores. Human-Computer Interaction INTERACT 2017. Lecture Notes in Computer Science. Cham: Springer, 10516, 473–477. doi: http://doi.org/10.1007/978-3-319-68059-0_54
  13. Siby, S., Juarez, M., Diaz, C., Narseo, V., Troncoso, C. (2019). Encrypted DNS – Privacy? A Traffic Analysis Perspective. Cryptography and Security, 1–19. Available at: https://arxiv.org/abs/1906.09682
  14. Grothoff, C., Wachs, M., Ermert, M., Appelbaum, J. (2018). Toward secure name resolution on the internet. Computers & Security, 77, 694–708. doi: http://doi.org/10.1016/j.cose.2018.01.018
  15. Bumanglag, K., Kettani, H. (2020). On the Impact of DNS Over HTTPS Paradigm on Cyber Systems. 3rd International Conference on Information and Computer Technologies (ICICT). San Jose, 494–499. doi: http://doi.org/10.1109/icict50521.2020.00085
  16. Yan, Z., Lee, J.-H. (2020). The road to DNS privacy. Future Generation Computer Systems, 112, 604–611. doi: http://doi.org/10.1016/j.future.2020.06.012
  17. Imana, B., Korolova, A., Heidemann, J. (2018). Enumerating Privacy Leaks in DNS Data Collected Above the Recursive. Proceedings of the ISOC NDSS Workshop on DNS Privacy. San Diego, 1–7. Available at: https://www.isi.edu/~johnh/PAPERS/Imana18a.pdf
  18. Hoang, N., Niaki, A., Borisov, N., Gill, P., Polychronakis, M. (2020). Assessing the Privacy Benefits of Domain Name Encryption. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS '20). New York, 290–304. doi: http://doi.org/10.1145/3320269.3384728
  19. Deccio, C., Davis, J. (2019). DNS privacy in practice and preparation. Proceedings of the 15th International Conference on Emerging Networking Experiments and Technologies (CoNEXT'19), 138–143. doi: http://doi.org/10.1145/3359989.3365435
  20. Beliavskii, D. (2015). DNS: kto ne spriatalsia, tot i vinovat. Internet v tsifrakh, 1 (21), 74–77. Available at: http://37.230.117.45/upload/iblock/690/6900620c7bef412cfa870a549817b4fd.pdf
  21. Houser, R., Li, Zh., Cotton, Ch., Wang, H. (2019). An investigation on information leakage of DNS over TLS. Proceedings of the 15th International Conference on Emerging Networking Experiments and Technologies (CoNEXT '19) New York, 123–137. doi: http://doi.org/10.1145/3359989.3365429
  22. Borgolte, K., Chattopadhyay, T., Feamster, N., Kshirsagar, M., Holland, J., Hounsel, A., Schmitt, P. (2019). How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem. SSRN Electronic Journal. doi: http://doi.org/10.2139/ssrn.3427563
  23. Rai, T., Verma, R. (2015). Packet Filtering Technique for Network Security. International Journal of Engineering Research & Technology (IJERT), 3 (20), 1–3. Available at: https://www.ijert.org/research/packet-filtering-technique-for-network-security-IJERTCONV3IS20047.pdf
  24. Sheluhin, O. I., Smychek, M. A., Simonyan, A. G. (2018). Filtering unwanted applications of Internet resources for information security purposes. H&ES Research, 10 (2), 87–98. Available at: https://www.elibrary.ru/item.asp?id=34939631
  25. Smart DNS Proxy Servers. Available at: https://www.smartdnsproxy.com/Servers
  26. Podkorytov, D., Floka, A., Kuleshov S. (2019). Arkhitektura krossplatformennogo DNS Proxy servisa. T-Comm: Telekommunikatsii i transport, 13 (5), 35–40. Available at: https://www.researchgate.net/publication/333844552_Podkorytov_DA_Floka_AB_Kulesov_SV_Arhitektura_krossplatformennogo_DNS_Proxy_servisa_T-Comm_Telekommunikacii_i_transport_2019_Tom_13_No5_S_35-40
  27. Dooley, M., Rooney, T. (2020). Navigating the Internet with DNS. IP Address Management, 75–92. doi: http://doi.org/10.1002/9781119692263.ch4
  28. Fujiwara, K., Sato, A., Yoshida, K. (2019). Cache Effect of Shared DNS Resolver. IEICE Transactions on Communications, E102.B (6), 1170–1179. doi: http://doi.org/10.1587/transcom.2018ebp3184
  29. General Data Protection Regulation (EU GDPR). Available at: https://gdpr-text.com/
  30. Charanjeet, S. (2020). How to Enable DNS Over HTTPS in Chrome, Firefox, Edge, Brave & More? Fossbytes. Available at: https://fossbytes.com/how-to-enable-dns-over-https-on-chrome-firefox-edge-brave/
  31. Ashok, A., John, A., Joy, P., Vijayan, R., Amrutha, V., Deepa, K., Jooby, E. (2016). Proxy Server Protection for Web Search. International Journal of Computer Science and Technology, 7 (1), 165–169. Available at: http://www.ijcst.com/vol71/2/34-amrutha-ashok.pdf
  32. Shima, K., Nakamura, R., Okada, K., Ishihara, T., Miyamoto, D., Sekiya, Y. (2019). Classifying DNS Servers Based on Response Message Matrix Using Machine Learning. International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, 1550–1551. doi: http://doi.org/10.1109/csci49370.2019.00291

Downloads

Published

2021-02-26

How to Cite

Zadereyko, A. ., Prokop, Y., Trofymenko, O., Loginova, N. ., & Plachinda О. (2021). Development of an algorithm to protect user communication devices against data leaks. Eastern-European Journal of Enterprise Technologies, 1(2 (109), 24–34. https://doi.org/10.15587/1729-4061.2021.225339

Issue

Section

Information technology. Industry control systems