There is a newer version of this record available.

Dataset Closed Access

Dataset used for fingerprinting of DNS over HTTPS responses.

Hynek, Karel; Cejka, Tomas

DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="" xmlns="" xsi:schemaLocation="">
  <identifier identifierType="DOI">10.5281/zenodo.4039588</identifier>
      <creatorName>Hynek, Karel</creatorName>
      <nameIdentifier nameIdentifierScheme="ORCID" schemeURI="">0000-0002-8281-618X</nameIdentifier>
      <affiliation>CESNET z.s.p.o.</affiliation>
      <creatorName>Cejka, Tomas</creatorName>
      <nameIdentifier nameIdentifierScheme="ORCID" schemeURI="">0000-0001-7794-9511</nameIdentifier>
      <affiliation>CESNET z.s.p.o.</affiliation>
    <title>Dataset used for fingerprinting of  DNS over HTTPS responses.</title>
    <date dateType="Issued">2020-09-20</date>
  <resourceType resourceTypeGeneral="Dataset"/>
    <alternateIdentifier alternateIdentifierType="url"></alternateIdentifier>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsVersionOf">10.5281/zenodo.4039587</relatedIdentifier>
    <rights rightsURI="info:eu-repo/semantics/closedAccess">Closed Access</rights>
    <description descriptionType="Abstract">&lt;p&gt;&lt;strong&gt;&amp;nbsp;&lt;/strong&gt;The dataset consists of multiple different data sources:&lt;/p&gt;

	&lt;li&gt;DoH enabled Firefox on Linux OS&lt;/li&gt;
	&lt;li&gt;DoH enabled Firefox on Windows 10 OS&lt;/li&gt;
	&lt;li&gt;DoH enabled Chrome on Windows 10 OS&lt;/li&gt;


&lt;p&gt;We captured the traffic from the DoH enabled web-browsers using tcpdump. To automate the process of traffic generation, we installed Google Chrome and Mozilla Firefox into separate virtual machines and controlled them with the Selenium framework shows detailed information about used browsers and environments). Selenium simulates a user&amp;#39;s browsing according to the predefined script and a list of domain names (i.e., URLs from Alexa&amp;#39;s top websites list in our case). &amp;nbsp;The selenium was configured to visit pages in random order multiple times. For capturing the traffic, we used the default settings of each browser. We did not disable the DNS cache of the browser, and the random order of visiting webpages secures that the dataset contains traces influenced by DNS caching mechanisms.&amp;nbsp;Each virtual machine was configured to export TLS cryptographic keys, that was used for decrypting the traffic using WireShark application.&amp;nbsp;&lt;/p&gt;

&lt;p&gt;The WireShark text output of the decrypted traffic is provided in the dataset files. The detailed information about each file is provided in dataset README.&lt;/p&gt;



&lt;p&gt;This work was supported by the European Union&amp;rsquo;s Horizon 2020 research and innovation program under grant agreement No. 833418 and also by the Grant Agency of the CTU in Prague, grant No. SGS20/210/OHK3/3T/18 funded by the MEYS of the Czech Republic and the project Reg. No. CZ.02.1.01/0.0/0.0/16_013/0001797 co-funded by the MEYS and ERDF&lt;/p&gt;

      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/833418/">833418</awardNumber>
      <awardTitle>Sharing and Automation for Privacy Preserving Attack Neutralization</awardTitle>
All versions This version
Views 20640
Downloads 140
Data volume 1.5 GB0 Bytes
Unique views 14738
Unique downloads 100


Cite as