An explainable AI-based intrusion detection system for DNS over HTTPS (DoH) attacks
Article
Zebin, T., Rezvy, S. and Luo, Y. 2022. An explainable AI-based intrusion detection system for DNS over HTTPS (DoH) attacks. IEEE Transactions on Information Forensics and Security. 17, pp. 2339-2349. https://doi.org/10.1109/TIFS.2022.3183390
Type | Article |
---|---|
Title | An explainable AI-based intrusion detection system for DNS over HTTPS (DoH) attacks |
Authors | Zebin, T., Rezvy, S. and Luo, Y. |
Abstract | Over the past few years, Domain Name Service (DNS) remained a prime target for hackers as it enables them to gain first entry into networks and gain access to data for exfiltration. Although the DNS over HTTPS (DoH) protocol has desirable properties for internet users such as privacy and security, it also causes a problem in that network administrators are prevented from detecting suspicious network traffic generated by malware and malicious tools. To support their efforts in maintaining a secure network, in this paper, we have implemented an explainable AI solution using a novel machine learning framework. We have used the publicly available CIRA-CIC-DoHBrw-2020 dataset for developing an accurate solution to detect and classify the DNS over HTTPS attacks. Our proposed balanced and stacked Random Forest achieved very high precision (99.91%), recall (99.92%) and F1 score (99.91%) for the classification task at hand. Using explainable AI methods, we have additionally highlighted the underlying feature contributions in an attempt to provide transparent and explainable results from the model. |
Keywords | Tunneling; Servers; Security; Cryptography; Protocols; Computer crime; Feature extraction; Secure computing; machine learning; intrusion detection system; explainable AI |
Sustainable Development Goals | 9 Industry, innovation and infrastructure |
Publisher | Institute of Electrical and Electronics Engineers |
Journal | IEEE Transactions on Information Forensics and Security |
ISSN | 1556-6013 |
Electronic | 1556-6021 |
Publication dates | |
Online | 15 Jun 2022 |
24 Jun 2022 | |
Publication process dates | |
Deposited | 27 Jun 2022 |
Accepted | 06 Jun 2022 |
Output status | Published |
Accepted author manuscript | |
Copyright Statement | © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
Digital Object Identifier (DOI) | https://doi.org/10.1109/TIFS.2022.3183390 |
Web of Science identifier | WOS:000815662000011 |
Language | English |
https://repository.mdx.ac.uk/item/89x29
Download files
66
total views20
total downloads3
views this month3
downloads this month