DoH Deception: Evading ML-Based Tunnel Detection Models with Real-world Adversarial Examples
Resumo
Previous research on DNS over HTTPS (DoH) tunnel detection has focused on developing detection Machine Learning (ML) models, emphasizing accuracy and explainability. However, these models have neglected the threat of adversarial attacks, rendering them vulnerable and less robust. Our study reveals that most state-of-the-art DoH tunnel detection models are likely susceptible to adversarial black-box attacks. We adopt a novel approach by adapting the Zeroth Order Optimization (ZOO) attack to support DoH request features. The most constrained adaptation generated adversarial examples for 5 out of 6 DoH public tunnel tools. Our methods have successfully evaded the four most used state-of-the-art tunnel detection architectures. The technique relies on network flows and does not depend on the DoH request format. Thus, researchers can use it to create more robust DoH tunnel classifiers that target similar architectures in different security domains.Referências
Alenezi, R. and Ludwig, S. A. (2021). Classifying dns tunneling tools for malicious doh traffic. In 2021 IEEE Symposium Series on Computational Intelligence (SSCI), pages 1–9.
Borgolte, K., Chattopadhyay, T., Feamster, N., Kshirsagar, M., Holland, J., Hounsel, A., and Schmitt, P. (2019). How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem. In Proceedings of the 47th Research Conference on Communications, Information and Internet Policy (TPRC). TPRC.
Carlini, N. and Wagner, D. (2017). Towards evaluating the robustness of neural networks. In 2017 IEEE Symposium on Security and Privacy (SP), pages 39–57, Los Alamitos, CA, USA. IEEE Computer Society.
Catillo, M., Pecchia, A., Repola, A., and Villano, U. (2024). Towards realistic problem-space adversarial attacks against machine learning in network intrusion detection. In Proceedings of the 19th International Conference on Availability, Reliability and Security, ARES ’24, New York, NY, USA. Association for Computing Machinery.
Chen, P.-Y., Zhang, H., Sharma, Y., Yi, J., and Hsieh, C.-J. (2017). Zoo: Zeroth order optimization based black-box attacks to deep neural networks without training substitute models. In Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, AISec ’17, page 15–26, New York, NY, USA. Association for Computing Machinery.
Debicha, I., Bauwens, R., Debatty, T., Dricot, J.-M., Kenaza, T., and Mees, W. (2023). Tad: Transfer learning-based multi-adversarial detection of evasion attacks against network intrusion detection systems. Future Generation Computer Systems, 138:185–197.
Goodfellow, I. J., Shlens, J., and Szegedy, C. (2015). Explaining and harnessing adversarial examples.
Hoffman, P. E. and McManus, P. (2018). DNS Queries over HTTPS (DoH). RFC 8484.
Hynek, K. (2023). The Impact of Encrypted DNS on Network Security. Dissertation, Czech Technical University in Prague, Prague, Czech Republic.
Lyu, M., Gharakheili, H. H., and Sivaraman, V. (2022). A survey on DNS encryption: Current development, malware misuse, and inference techniques. CoRR, abs/2201.00900.
Mitsuhashi, R., Jin, Y., Iida, K., Shinagawa, T., and Takai, Y. (2022). Malicious dns tunnel tool recognition using persistent doh traffic analysis. IEEE Transactions on Network and Service Management, pages 1–1.
MontazeriShatoori, M., Davidson, L., Kaur, G., and Habibi Lashkari, A. (2020). Detection of doh tunnels using time-series classification of encrypted traffic. In 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pages 63–70.
Niktabe, S., Lashkari, A. H., and Roudsari, A. H. (2024). Unveiling DoH tunnel: Toward generating a balanced DoH encrypted traffic dataset and profiling malicious behavior using inherently interpretable machine learning. Peer-to-Peer Networking and Applications, 17(1):507–531.
Papernot, N., McDaniel, P., and Goodfellow, I. (2016). Transferability in machine learning: from phenomena to black-box attacks using adversarial samples.
Singh, S. K. and Roy, P. K. (2020). Detecting malicious dns over https traffic using machine learning. In 2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT), pages 1–6.
Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., and Fergus, R. (2014). Intriguing properties of neural networks.
Sánchez Sánchez, P. M., Huertas Celdrán, A., Bovet, G., and Martínez Pérez, G. (2024). Adversarial attacks and defenses on ml- and hardware-based iot device fingerprinting and identification. Future Generation Computer Systems, 152:30–42.
Toulas, B. (2024). Hackers use dns tunneling for network scanning, tracking victims. Accessed: 2024-06-14.
Wang, Y., Zhou, A., Liao, S., Zheng, R., Hu, R., and Zhang, L. (2021). A comprehensive survey on dns tunnel detection. Comput. Netw., 197(C).
Yassine, S., Khalife, J., Chamoun, M., and Ghor, H. E. (2018). A survey of dns tunnelling detection techniques using machine learning. In International Conference on Big Data and Cyber-Security Intelligence.
Zebin, T., Rezvy, S., and Luo, Y. (2022). An explainable ai-based intrusion detection system for dns over https (doh) attacks. IEEE Transactions on Information Forensics and Security, 17:2339–2349.
Zhan, M., Li, Y., Yu, G., Li, B., and Wang, W. (2022). Detecting dns over https based data exfiltration. Computer Networks, 209:108919.
Žiža K, T. P. and Vuletić, P. (2023). Dns exfiltration detection in the presence of adversarial attacks and modified exfiltrator behaviour. Int. J. Inf. Secur. (2023).
Borgolte, K., Chattopadhyay, T., Feamster, N., Kshirsagar, M., Holland, J., Hounsel, A., and Schmitt, P. (2019). How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem. In Proceedings of the 47th Research Conference on Communications, Information and Internet Policy (TPRC). TPRC.
Carlini, N. and Wagner, D. (2017). Towards evaluating the robustness of neural networks. In 2017 IEEE Symposium on Security and Privacy (SP), pages 39–57, Los Alamitos, CA, USA. IEEE Computer Society.
Catillo, M., Pecchia, A., Repola, A., and Villano, U. (2024). Towards realistic problem-space adversarial attacks against machine learning in network intrusion detection. In Proceedings of the 19th International Conference on Availability, Reliability and Security, ARES ’24, New York, NY, USA. Association for Computing Machinery.
Chen, P.-Y., Zhang, H., Sharma, Y., Yi, J., and Hsieh, C.-J. (2017). Zoo: Zeroth order optimization based black-box attacks to deep neural networks without training substitute models. In Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, AISec ’17, page 15–26, New York, NY, USA. Association for Computing Machinery.
Debicha, I., Bauwens, R., Debatty, T., Dricot, J.-M., Kenaza, T., and Mees, W. (2023). Tad: Transfer learning-based multi-adversarial detection of evasion attacks against network intrusion detection systems. Future Generation Computer Systems, 138:185–197.
Goodfellow, I. J., Shlens, J., and Szegedy, C. (2015). Explaining and harnessing adversarial examples.
Hoffman, P. E. and McManus, P. (2018). DNS Queries over HTTPS (DoH). RFC 8484.
Hynek, K. (2023). The Impact of Encrypted DNS on Network Security. Dissertation, Czech Technical University in Prague, Prague, Czech Republic.
Lyu, M., Gharakheili, H. H., and Sivaraman, V. (2022). A survey on DNS encryption: Current development, malware misuse, and inference techniques. CoRR, abs/2201.00900.
Mitsuhashi, R., Jin, Y., Iida, K., Shinagawa, T., and Takai, Y. (2022). Malicious dns tunnel tool recognition using persistent doh traffic analysis. IEEE Transactions on Network and Service Management, pages 1–1.
MontazeriShatoori, M., Davidson, L., Kaur, G., and Habibi Lashkari, A. (2020). Detection of doh tunnels using time-series classification of encrypted traffic. In 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pages 63–70.
Niktabe, S., Lashkari, A. H., and Roudsari, A. H. (2024). Unveiling DoH tunnel: Toward generating a balanced DoH encrypted traffic dataset and profiling malicious behavior using inherently interpretable machine learning. Peer-to-Peer Networking and Applications, 17(1):507–531.
Papernot, N., McDaniel, P., and Goodfellow, I. (2016). Transferability in machine learning: from phenomena to black-box attacks using adversarial samples.
Singh, S. K. and Roy, P. K. (2020). Detecting malicious dns over https traffic using machine learning. In 2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT), pages 1–6.
Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., and Fergus, R. (2014). Intriguing properties of neural networks.
Sánchez Sánchez, P. M., Huertas Celdrán, A., Bovet, G., and Martínez Pérez, G. (2024). Adversarial attacks and defenses on ml- and hardware-based iot device fingerprinting and identification. Future Generation Computer Systems, 152:30–42.
Toulas, B. (2024). Hackers use dns tunneling for network scanning, tracking victims. Accessed: 2024-06-14.
Wang, Y., Zhou, A., Liao, S., Zheng, R., Hu, R., and Zhang, L. (2021). A comprehensive survey on dns tunnel detection. Comput. Netw., 197(C).
Yassine, S., Khalife, J., Chamoun, M., and Ghor, H. E. (2018). A survey of dns tunnelling detection techniques using machine learning. In International Conference on Big Data and Cyber-Security Intelligence.
Zebin, T., Rezvy, S., and Luo, Y. (2022). An explainable ai-based intrusion detection system for dns over https (doh) attacks. IEEE Transactions on Information Forensics and Security, 17:2339–2349.
Zhan, M., Li, Y., Yu, G., Li, B., and Wang, W. (2022). Detecting dns over https based data exfiltration. Computer Networks, 209:108919.
Žiža K, T. P. and Vuletić, P. (2023). Dns exfiltration detection in the presence of adversarial attacks and modified exfiltrator behaviour. Int. J. Inf. Secur. (2023).
Publicado
16/09/2024
Como Citar
VALENTE, Emanuel C. A.; OSTI, André A.; P. JÚNIOR, Lourenço A.; ESTRELLA, Júlio C..
DoH Deception: Evading ML-Based Tunnel Detection Models with Real-world Adversarial Examples. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 287-302.
DOI: https://doi.org/10.5753/sbseg.2024.241637.
