{"id":21646267,"url":"https://github.com/supersjgk/data-analysis-dns-over-https","last_synced_at":"2025-03-19T22:39:07.275Z","repository":{"id":143576510,"uuid":"427297958","full_name":"supersjgk/Data-Analysis-DNS-over-HTTPS","owner":"supersjgk","description":"A Data Analytics + ML project to classify Benign and Malicious DNS-over-HTTPS traffic","archived":false,"fork":false,"pushed_at":"2023-04-24T17:00:22.000Z","size":76,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-25T04:46:03.369Z","etag":null,"topics":["classification-model","data-analysis","data-analysis-python","data-analytics","datamining","decision-trees","dns","dns-over-https","doh","gradient-boosting","knn","machine-learning","random-forest"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/supersjgk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-11-12T09:15:29.000Z","updated_at":"2024-03-26T17:31:03.000Z","dependencies_parsed_at":null,"dependency_job_id":"38493d53-d852-4e13-b520-3546811224a0","html_url":"https://github.com/supersjgk/Data-Analysis-DNS-over-HTTPS","commit_stats":null,"previous_names":["supersjgk/data-analysis-dns-over-https"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/supersjgk%2FData-Analysis-DNS-over-HTTPS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/supersjgk%2FData-Analysis-DNS-over-HTTPS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/supersjgk%2FData-Analysis-DNS-over-HTTPS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/supersjgk%2FData-Analysis-DNS-over-HTTPS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/supersjgk","download_url":"https://codeload.github.com/supersjgk/Data-Analysis-DNS-over-HTTPS/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244518683,"owners_count":20465509,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["classification-model","data-analysis","data-analysis-python","data-analytics","datamining","decision-trees","dns","dns-over-https","doh","gradient-boosting","knn","machine-learning","random-forest"],"created_at":"2024-11-25T06:44:07.009Z","updated_at":"2025-03-19T22:39:07.241Z","avatar_url":"https://github.com/supersjgk.png","language":"Jupyter Notebook","readme":"The main objective of this project is to deploy DoH within an application and capture benign as well as malicious DoH traffic as a two-layered approach to detect and characterize DoH traffic using time-series classifier.\n\nThis project uses the following Machine Learning classification algorithms: Naive Bayes, KNN, Decision Tree, Random Forest, Gradient Boost.\n\nThe final dataset includes implementing DoH protocol within an application using five different browsers and tools and four servers to capture Benign-DoH, Malicious-DoH and non-DoH traffic. Layer 1 of the proposed two-layered approach is used to classify DoH traffic from non-DoH traffic and layer 2 is used to characterize Benign-Doh from Malicious-DoH traffic. The browsers and tools used to capture traffic include Google Chrome, Mozilla Firefox, dns2tcp, DNSCat2, and Iodine while the servers used to respond to DoH requests are AdGuard, Cloudflare, Google DNS, and Quad9.\n\n![layers](https://www.unb.ca/cic/_assets/images/doh-brw.jpg)\n\nI have taken subsets of data from each of the five browsers and merged them into First layer data and Second layer data. If you want the whole dataset, go to: http://205.174.165.80/CICDataset/DoHBrw-2020/\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsupersjgk%2Fdata-analysis-dns-over-https","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsupersjgk%2Fdata-analysis-dns-over-https","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsupersjgk%2Fdata-analysis-dns-over-https/lists"}