DoQ+QUIC web traffic dataset

Moving away from plain-text DNS communications,
users now have the option of using encrypted DNS protocols
for domain name resolutions. DNS-over-QUIC (DoQ) employs
QUIC—the latest transport protocol—for encrypted communi-
cations between users and their recursive DNS servers. QUIC is
also poised to become the foundation of our daily web browsing
experience by replacing TCP with HTTPP/3, the latest version
of the HTTP protocol.
Traditional TCP-based web browsing is vulnerable to website
fingerprinting (WFP) attacks that can identify the websites a user
visits. The emergence of QUIC-based DNS and HTTP protocols
raises an important question: are regular users better protected
from WFP attacks when using these new protocols?
To investigate this, we first collect and publicly release the
first benchmark dataset of network traffic corresponding to real
visits to QUIC-enabled websites while using DoQ for domain
resolution. This dataset will help advance the research on WFP
attacks and defenses. Second, we implement and evaluate the
first WFP attack targeting the combined use of DoQ and HTTP/3
protocols by users by developing two transformer models tailored
for WFP attacks. Finally, we conduct comprehensive experiments,
which reveal that these models are effective in identifying user-
visited websites, emphasizing the need for defensive measures.