<p>Securing DNS over HTTPS: A Machine Learning Study on Traffic</p>
<p>Classification Using DoHBrw-2020</p>
<p>Al-Seyday.T. Qenawy 1 &lowast;, Hussein Alkattan2, Amany Khaled3</p>
<p>1Intelligent Systems and Machine Learning Lab, Shenzhen 518000, China</p>
<p>2Department of System Programming, South Ural State University, 454080 Chelyabinsk, Russia</p>
<p>3Department of Clinical Pharmacy and Pharmacy Practice, Faculty of Pharmacy, Mansoura University,</p>
<p>Mansoura, Egypt</p>
<p>Emails: S.Qenawy@asia.com, alkattan.hussein92@gmail.com, amany24khaled@gmail.com</p>
<p>Abstract</p>
<p>This paper provides a detailed review of related works for classifying secure DNS traffic, with emphasis on</p>
<p>the identification of threats relating to DoH using machine learning algorithms. In the present study, with the</p>
<p>help of DoHBrw-2020 dataset consisting the network traffic data of DoH protocol during its testing phase, we</p>
<p>compare the performance of various machine learning algorithms: Decision Tree, SVM, KNN, Na&uml;ıve Bayes,</p>
<p>Neural Network (MLP), Gradient Boosting, and SVM with RBF kernel. As for each model, we have Accuracy,</p>
<p>Sensitivity, Specificity, Positive Predicted Value, Negative Predicted Value, and F Score. They reveal the fact</p>
<p>that the chosen Decision Tree model produces the highest accuracy and equals to 99. 65% and all the criteria of</p>
<p>the assessment should be well managed. It is important that the various machine learning methods contribute</p>
<p>to the study&rsquo;s discovery of high potential in improving DNS traffic security and offers an understanding on the</p>
<p>best models to use for real-time detection of DoH threats. From these outcomes, it can draw many perspectives</p>
<p>to the further creation and implementation of safer DNS solutions within contemporary information security</p>
<p>paradigms.</p>
<p>Keywords: DNS over HTTPS, Machine Learning, Traffic Classification, DoHBrw-2020, Cybersecurity</p>