How Private is Android's Private DNS Setting? Identifying Apps by Encrypted DNS Traffic
DNS over TLS (DoT) and DNS over HTTPS (DoH) promise to improve privacy and security of DNS by encrypting DNS messages, especially when messages are padded to a uniform size. Firstly, to demonstrate the limitations of recommended padding approaches, we present Segram, a novel app fingerprinting attack that allows adversaries to infer which mobile apps are executed on a device. Secondly, we record traffic traces of 118 Android apps using 10 different DoT/DoH resolvers to study the effectiveness of Segram under different conditions. According to our results, Segram identifies apps with accuracies of up to 72 of Segram is comparable with state-of-the-art techniques but Segram requires less computational effort. We release our datasets and code. Thirdly, we study the prevalence of padding among privacy-focused DoT/DoH resolvers, finding that up to 81 recommended padding approaches are less effective than expected and that resolver operators are not sufficiently aware about this feature.
READ FULL TEXT