As the Internet has transformed into a critical infrastructure, society has become more
vulnerable to its security flaws. Despite substantial efforts to address many of these …

The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol
(IP) addresses plays a foundational role in Internet communications. By default, DNS …

Machine learning (ML) based malicious traffic detection is an emerging security paradigm,
particularly for zero-day attack detection, which is complementary to existing rule based …

Over the past few years, a new protocol DNS over HTTPS (DoH) has been created to
improve users' privacy on the internet. DoH can be used instead of traditional DNS for …

In this paper, we propose HyperVision, a realtime unsupervised machine learning (ML)
based malicious traffic detection system. Particularly, HyperVision is able to detect unknown …

DNS is often used by attackers as a covert channel for data exfiltration, also known as DNS
tunneling. Since the plaintext DNS lookup leads to privacy issues, DNS over HTTPS (DoH) …

Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …

As an emerging security paradigm, machine learning (ML) based malicious traffic detection
is an essential part of automatic defense against network attacks. Powered by dedicated …

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by
hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that …

This paper initiates research on zero-knowledge middleboxes (ZKMBs). A ZKMB is a
network middlebox that enforces network usage policies on encrypted traffic. Clients send …