Tools
Tools
Zebin, Tahmina 
ORCID: https://orcid.org/0000-0003-0437-0570, Rezvy, Shahadate and Luo, Yuan
(2022)
An explainable AI-based intrusion detection system for DNS over HTTPS (DoH) Attacks.
IEEE Transactions on Information Forensics and Security, 17.
pp. 2339-2349.
ISSN 1556-6013
Preview |
PDF (T-IFS-13877-2021.R2_Proof_hi)
- Accepted Version
Available under License Creative Commons Attribution Non-commercial. Download (7MB) | Preview |
Abstract
Over the past few years, Domain Name Service (DNS) remained a prime target for hackers as it enables them to gain first entry into networks and gain access to data for exfiltration. Although the DNS over HTTPS (DoH) protocol has desirable properties for internet users such as privacy and security, it also causes a problem in that network administrators are prevented from detecting suspicious network traffic generated by malware and malicious tools. To support their efforts in maintaining a secure network, in this paper, we have implemented an explainable AI solution using a novel machine learning framework. We have used the publicly available CIRA-CIC-DoHBrw-2020 dataset for developing an accurate solution to detect and classify the DNS over HTTPS attacks. Our proposed balanced and stacked Random Forest achieved very high precision (99.91%), recall (99.92%) and F1 score (99.91%) for the classification task at hand. Using explainable AI methods, we have additionally highlighted the underlying feature contributions in an attempt to provide transparent and explainable results from the model.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | explainable ai,secure computing,machine learning,intrusion detection system,secure computing,explainable ai,machine learning,safety, risk, reliability and quality,computer networks and communications,3* ,/dk/atira/pure/subjectarea/asjc/2200/2213 |
| Faculty \ School: | Faculty of Science > School of Computing Sciences |
| UEA Research Groups: | Faculty of Science > Research Groups > Smart Emerging Technologies |
| Related URLs: | |
| Depositing User: | LivePure Connector |
| Date Deposited: | 09 Jun 2022 08:30 |
| Last Modified: | 20 Aug 2023 01:28 |
| URI: | https://ueaeprints.uea.ac.uk/id/eprint/85477 |
| DOI: | 10.1109/TIFS.2022.3183390 |
Downloads
Downloads per month over past year
Actions (login required)
 |
View Item |