Wrapping DNS into HTTP(S): An Empirical Study on Name Resolution in Mobile Applications.

Wrapping DNS into HTTP(S) is a promising way to mitigate the privacy and security issues of the traditional DNS. It has been standardized by IETF, i.e., DNS-over-HTTPS (DoH). This approach allows the application to choose open resolvers that it trusts, protecting its activities from potential snooping. Moreover, an application can establish a connection with its resolvers, incorporating specific handles and identifiers for customized use. How is the name resolution process performed on the client side? What are the criteria for an application to choose a resolver? These questions are still unclear. In this paper, we examine the application-level name resolution practices of 25 popular apps on Android and iOS platforms, revealing their adoption and usage patterns. We present the following findings: (i) non-standard, self-defined HTTP(S)DNS is more prevalent than DoH in practice, (ii) popular apps tend to use dispersed resolvers, some of which are self-owned, (iii) HTTP(S)DNS usage patterns differ across apps. These findings raise new issues related to the transparency and security of DNS configuration inside apps. We also explore the implications of these changes on the DNS ecosystem and analyze the potential security risks.