<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE article PUBLIC "-//NLM//DTD Journal Publishing DTD v3.0 20080202//EN" "http://dtd.nlm.nih.gov/publishing/3.0/journalpublishing3.dtd">
<article xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" dtd-version="3.0" xml:lang="en" article-type="research article">
 <front>
  <journal-meta>
   <journal-id journal-id-type="publisher-id">
    iim
   </journal-id>
   <journal-title-group>
    <journal-title>
     Intelligent Information Management
    </journal-title>
   </journal-title-group>
   <issn pub-type="epub">
    2160-5912
   </issn>
   <issn publication-format="print">
    2160-5920
   </issn>
   <publisher>
    <publisher-name>
     Scientific Research Publishing
    </publisher-name>
   </publisher>
  </journal-meta>
  <article-meta>
   <article-id pub-id-type="doi">
    10.4236/iim.2025.174009
   </article-id>
   <article-id pub-id-type="publisher-id">
    iim-144178
   </article-id>
   <article-categories>
    <subj-group subj-group-type="heading">
     <subject>
      Articles
     </subject>
    </subj-group>
    <subj-group subj-group-type="Discipline-v2">
     <subject>
      Computer Science 
     </subject>
     <subject>
       Communications
     </subject>
    </subj-group>
   </article-categories>
   <title-group>
    Harnessing the Power of DNS over HTTPS (DoH) for Internet Security and Pie-Hole Advertisement Blockers for Bandwidth Conservation
   </title-group>
   <contrib-group>
    <contrib contrib-type="author" xlink:type="simple">
     <name name-style="western">
      <surname>
       Richard Kobina
      </surname>
      <given-names>
       Arkaifie
      </given-names>
     </name> 
     <xref ref-type="aff" rid="aff1"> 
      <sup>1</sup>
     </xref>
    </contrib>
    <contrib contrib-type="author" xlink:type="simple">
     <name name-style="western">
      <surname>
       Abdul-Gafaar
      </surname>
      <given-names>
       Sayibu
      </given-names>
     </name> 
     <xref ref-type="aff" rid="aff2"> 
      <sup>2</sup>
     </xref>
    </contrib>
    <contrib contrib-type="author" xlink:type="simple">
     <name name-style="western">
      <surname>
       Enyonam Dagbe
      </surname>
      <given-names>
       Amenumey
      </given-names>
     </name> 
     <xref ref-type="aff" rid="aff2"> 
      <sup>2</sup>
     </xref>
    </contrib>
   </contrib-group> 
   <aff id="aff1">
    <addr-line>
     aDirectorate of ICT Services, Network and Infrastructure Section, University of Cape Coast, Cape Coast, Ghana
    </addr-line> 
   </aff> 
   <aff id="aff2">
    <addr-line>
     aDirectorate of ICT Services, IT Training Section, University of Cape Coast, Cape Coast, Ghana
    </addr-line> 
   </aff> 
   <pub-date pub-type="epub">
    <day>
     03
    </day> 
    <month>
     07
    </month>
    <year>
     2025
    </year>
   </pub-date> 
   <volume>
    17
   </volume> 
   <issue>
    04
   </issue>
   <fpage>
    161
   </fpage>
   <lpage>
    180
   </lpage>
   <history>
    <date date-type="received">
     <day>
      18,
     </day>
     <month>
      May
     </month>
     <year>
      2025
     </year>
    </date>
    <date date-type="published">
     <day>
      20,
     </day>
     <month>
      May
     </month>
     <year>
      2025
     </year> 
    </date> 
    <date date-type="accepted">
     <day>
      20,
     </day>
     <month>
      July
     </month>
     <year>
      2025
     </year> 
    </date>
   </history>
   <permissions>
    <copyright-statement>
     © Copyright 2014 by authors and Scientific Research Publishing Inc. 
    </copyright-statement>
    <copyright-year>
     2014
    </copyright-year>
    <license>
     <license-p>
      This work is licensed under the Creative Commons Attribution International License (CC BY). http://creativecommons.org/licenses/by/4.0/
     </license-p>
    </license>
   </permissions>
   <abstract>
    This study presents a rigorous empirical evaluation of DNS over HTTPS (DoH) and Pi-hole integration as a dual solution for modern internet security and efficiency challenges. Through multi-phase testing encompassing controlled lab environments, real-world ISP partnerships, and large-scale simulations, the research demonstrates that DoH provides complete protection against DNS hijacking while introducing only marginal latency increases of 12 - 20 ms. Field deployments revealed a 15% latency rise in throttled ISP networks, underscoring the impact of regional infrastructure on performance. Pi-hole delivered consistent 35% - 38% bandwidth savings across lab and production environments by blocking 92% of ad traffic, though a 5% performance trade-off for CDN-dependent content was identified—a nuance previously underreported in literature. The study advances existing research through real-world validation using Mozilla Rally telemetry and ISP traffic logs, which confirm DoH’s privacy benefits while exposing implementation challenges such as ISP interference. A novel mitigation framework combining Firebog blocklists with AI-driven allowlists reduced over-blocking incidents from 15% to 3% without compromising security, maintaining 89% protection against malicious domains. Scalability testing via GNS3 simulations proved the solution’s efficacy for networks up to 5000 devices, though enterprise deployments require load balancing to sustain performance. Quantitative metrics revealed 34% faster page loads post-implementation, while qualitative interviews highlighted Docker configuration complexities affecting 60% of non-technical users. These findings translate into tailored deployment protocols: SMEs benefit from cost-effective Pi-hole clusters with dynamic filtering, while larger organisations require hybrid DoH resolvers to balance security and quality of service. For policymakers, the study provides evidence supporting standardised encrypted DNS adoption, particularly in bandwidth-constrained regions where solutions like Africa’s Control D resolver mitigate performance penalties. By bridging the gap between controlled experiments and real-world viability, this work advances internet infrastructure literature while exposing critical operational trade-offs, equipping stakeholders with evidence-based strategies for secure, efficient networks.
   </abstract>
   <kwd-group> 
    <kwd>
     DNS over HTTPS (DoH)
    </kwd> 
    <kwd>
      Pi-Hole
    </kwd> 
    <kwd>
      Internet Security
    </kwd> 
    <kwd>
      Bandwidth Optimization
    </kwd> 
    <kwd>
      DNS Encryption
    </kwd> 
    <kwd>
      Ad-Blocking
    </kwd> 
    <kwd>
      Network Performance
    </kwd> 
    <kwd>
      Privacy-Enhancing Technologies
    </kwd> 
    <kwd>
      Cybersecurity
    </kwd> 
    <kwd>
      DNS Filtering
    </kwd>
   </kwd-group>
  </article-meta>
 </front>
 <body>
  <sec id="s1">
   <title>1. Introduction</title>
   <sec id="s1_1">
    <title>1.1. Background to the Study</title>
    <p>The rapid expansion of internet usage has intensified concerns over privacy breaches, surveillance, and inefficient bandwidth consumption <xref ref-type="bibr" rid="scirp.144178-1">
      [1]
     </xref>. Traditional DNS, which operates in plaintext remains vulnerable to interception, manipulation, and censorship exposing users to risks like ISP tracking, DNS spoofing, and malicious redirects <xref ref-type="bibr" rid="scirp.144178-2">
      [2]
     </xref>. Studies reveal that 34% of cyberattacks exploit DNS weaknesses underscoring the urgency for encrypted alternatives like DNS over HTTPS (DoH) <xref ref-type="bibr" rid="scirp.144178-3">
      [3]
     </xref>. Simultaneously, advertisements and trackers consume up to 28% of mobile data, straining network resources and degrading performance <xref ref-type="bibr" rid="scirp.144178-4">
      [4]
     </xref>. These challenges necessitate integrated solutions that enhance security while optimising bandwidth, positioning DoH and Pi-hole as pivotal innovations in modern network management.</p>
    <p>Unencrypted DNS queries enable third-party monitoring, with 78% of ISPs logging user browsing histories for commercial or regulatory purposes <xref ref-type="bibr" rid="scirp.144178-5">
      [5]
     </xref>. Such practices erode digital privacy, particularly in regions with stringent censorship laws <xref ref-type="bibr" rid="scirp.144178-6">
      [6]
     </xref>. Additionally, malicious ads inject malware into networks, accounting for 15% of enterprise security breaches <xref ref-type="bibr" rid="scirp.144178-7">
      [7]
     </xref>. Beyond security, excessive ads inflate data costs—mobile users waste an estimated $2.3 billion annually on ad-related traffic <xref ref-type="bibr" rid="scirp.144178-8">
      [8]
     </xref>. These inefficiencies disproportionately affect low-bandwidth communities, exacerbating digital inequality <xref ref-type="bibr" rid="scirp.144178-9">
      [9]
     </xref>. Without intervention, unchecked DNS vulnerabilities and ad-driven data waste will persist, undermining both individual rights and organisational productivity.</p>
    <p>DoH mitigates these risks by encrypting DNS traffic, rendering it unreadable to intermediaries <xref ref-type="bibr" rid="scirp.144178-10">
      [10]
     </xref>. Tests show it reduces spoofing attacks by 89%, making it a cornerstone of modern privacy-by-design frameworks <xref ref-type="bibr" rid="scirp.144178-11">
      [11]
     </xref>. Meanwhile, Pi-hole blocks ad-serving domains at the network level, slashing bandwidth usage by 30% - 40% in controlled deployments <xref ref-type="bibr" rid="scirp.144178-12">
      [12]
     </xref>. For instance, a German university reported a 37% drop in data traffic after implementing Pi-hole <xref ref-type="bibr" rid="scirp.144178-13">
      [13]
     </xref>. However, adoption barriers remain, including ISP resistance to encrypted DNS and Pi-hole’s reliance on manually updated blocklists <xref ref-type="bibr" rid="scirp.144178-14">
      [14]
     </xref>. Policymakers also debate DoH’s impact on network monitoring, complicating regulatory consensus <xref ref-type="bibr" rid="scirp.144178-15">
      [15]
     </xref>. These tensions highlight the need for balanced, evidence-based approaches to deployment.</p>
    <p>The Privacy-Enhancing Technologies (PETs) theory justifies DoH’s encryption model, emphasising user autonomy over data <xref ref-type="bibr" rid="scirp.144178-16">
      [16]
     </xref>. Similarly, Resource Conservation Theory aligns with Pi-hole’s efficiency gains, framing bandwidth as a finite commodit y <xref ref-type="bibr" rid="scirp.144178-17">
      [17]
     </xref>. When combined, these technologies exemplify Cybersecurity Resilience Theory, which prioritises adaptive, multi-layered defences <xref ref-type="bibr" rid="scirp.144178-18">
      [18]
     </xref>. Empirical cases demonstrate their efficacy: Mozilla’s DoH integration in Firefox reduced user tracking by 62% <xref ref-type="bibr" rid="scirp.144178-19">
      [19]
     </xref>, while Pi-hole deployments in Indian hospitals cut malware infections by 51% <xref ref-type="bibr" rid="scirp.144178-20">
      [20]
     </xref>. Yet, gaps persist in scalability studies and policy harmonisation, warranting further research into unified implementation frameworks.</p>
   </sec>
   <sec id="s1_2">
    <title>1.2. Problem Statement</title>
    <p>Despite advancements in internet security, unencrypted DNS and intrusive advertisements continue to undermine privacy, bandwidth efficiency, and network performance <xref ref-type="bibr" rid="scirp.144178-21">
      [21]
     </xref>. Empirical evidence shows that 62% of global DNS queries remain unencrypted, leaving users vulnerable to surveillance, spoofing, and data manipulation <xref ref-type="bibr" rid="scirp.144178-22">
      [22]
     </xref>. In parallel, ad-related traffic consumes 21% - 35% of bandwidth in enterprise networks, exacerbating costs and latency issues <xref ref-type="bibr" rid="scirp.144178-23">
      [23]
     </xref>. The persistence of these problems highlights a critical gap: existing solutions often address either security or efficiency, but rarely both in an integrated framework.</p>
    <p>The magnitude of the problem is evident in rising cyber threats and resource wastage. For instance, DNS-based attacks increased by 48% in 2023, costing organisations an average of $1.2 million per breach <xref ref-type="bibr" rid="scirp.144178-24">
      [24]
     </xref>. Meanwhile, mobile users in developing nations expend 18% of their data plans on ads, deepening digital inequities <xref ref-type="bibr" rid="scirp.144178-25">
      [25]
     </xref>. These figures underscore the urgent need for cohesive countermeasures, particularly in environments where security and bandwidth constraints intersect, such as academic institutions and small businesses.</p>
    <p>Several factors exacerbate these challenges. ISP logging practices enable mass surveillance, with 87% of analysed DNS queries traceable to individual users <xref ref-type="bibr" rid="scirp.144178-26">
      [26]
     </xref>. Additionally, malvertising campaigns leverage ad networks to distribute malware, accounting for 23% of all cyber incidents in 2023 <xref ref-type="bibr" rid="scirp.144178-27">
      [27]
     </xref>. In India and Nigeria, where mobile data costs are high, ad-heavy apps drain limited bandwidth, forcing users to sacrifice functionality for affordability <xref ref-type="bibr" rid="scirp.144178-28">
      [28]
     </xref>. These issues are compounded by inconsistent regulatory frameworks, where only 31% of nations enforce DNS encryption standards <xref ref-type="bibr" rid="scirp.144178-29">
      [29]
     </xref>. Without systemic intervention, privacy erosion and inefficient data usage will persist, disproportionately affecting marginalised and low-income populations.</p>
    <p>Efforts to mitigate these challenges have been fragmented. DoH adoption by browsers like Firefox reduced tracking by 44%, yet corporate networks lag behind due to compatibility concerns <xref ref-type="bibr" rid="scirp.144178-30">
      [30]
     </xref>. Similarly, Pi-hole deployments in European universities cut ad traffic by 37%, but scalability remains unproven in larger infrastructures <xref ref-type="bibr" rid="scirp.144178-31">
      [31]
     </xref>. Policymakers have introduced guidelines on encrypted DNS, yet enforcement is weak in regions with vested ISP interests <xref ref-type="bibr" rid="scirp.144178-32">
      [32]
     </xref>. While these measures demonstrate progress, no unified strategy exists to harmonise security and bandwidth conservation, leaving critical gaps in real-world applicability.</p>
    <p>Existing literature focuses narrowly on either DoH or Pi-hole, neglecting their synergistic potential. Studies on DoH emphasise privacy benefits but overlook bandwidth implications <xref ref-type="bibr" rid="scirp.144178-33">
      [33]
     </xref>, while Pi-hole research rarely examines security enhancements <xref ref-type="bibr" rid="scirp.144178-34">
      [34]
     </xref>. Only 12% of published works assess combined deployments, and none provide actionable frameworks for diverse network environments <xref ref-type="bibr" rid="scirp.144178-35">
      [35]
     </xref>. This oversight perpetuates inefficient, siloed solutions, delaying holistic improvements in internet governance.</p>
    <p>The research gap has tangible consequences. Without integrated approaches, organisations face trade-offs between security and performance, increasing vulnerability to attacks and operational costs <xref ref-type="bibr" rid="scirp.144178-36">
      [36]
     </xref>. Projections suggest global bandwidth waste from ads will reach $3.1 billion annually by 2025, further straining network infrastructures <xref ref-type="bibr" rid="scirp.144178-37">
      [37]
     </xref>. Addressing this void requires empirical studies on DoH-Pi-hole integration, particularly in under-researched contexts like developing economies and SMEs.</p>
    <p>To bridge this gap, a systematic evaluation of combined DoH-Pi-hole implementations is essential. Prior studies confirm that encrypted DNS reduces attack surfaces <xref ref-type="bibr" rid="scirp.144178-38">
      [38]
     </xref>, while Pi-hole optimises resource allocation <xref ref-type="bibr" rid="scirp.144178-39">
      [39]
     </xref>. However, no work has quantified their joint impact on latency, security resilience, and cost savings. Future research must develop scalable models, test cross-platform compatibility, and propose policy recommendations for equitable adoption. Such efforts would empower practitioners and policymakers to deploy cohesive, high-impact solutions.</p>
    <p>In summary, the dual challenges of DNS insecurity and bandwidth waste demand innovative, unified responses. While DoH and Pi-hole offer individual merits, their combined potential remains underexplored, perpetuating fragmented and suboptimal solutions. This study seeks to fill this critical gap, providing evidence-based strategies to enhance privacy, efficiency, and accessibility in modern networks. By doing so, it aims to inform both technical deployments and policy reforms, ensuring sustainable progress in internet security and resource management.</p>
   </sec>
   <sec id="s1_3">
    <title>1.3. Purpose of the Study</title>
    <p>The purpose of this study is to examine the combined role of DNS over HTTPS (DoH) and Pi-hole in enhancing internet security and bandwidth efficiency. Specifically, the research seeks to:</p>
    <p>1) Analyse how DoH encrypts DNS traffic to prevent eavesdropping, manipulation, and unauthorised access, thereby safeguarding user privacy and securing online activities.</p>
    <p>2) Assess the effectiveness of Pi-hole as a DNS-level ad blocker in reducing unnecessary bandwidth consumption by filtering advertisements and tracking requests.</p>
    <p>3) Evaluate the synergistic impact of integrating DoH and Pi-hole on network performance, security, and efficiency across small-scale to enterprise-level infrastructures.</p>
    <p>4) Demonstrate real-world applications of these technologies, providing practical insights into their deployment and benefits in diverse organisational settings.</p>
    <p>To guide the investigation, the study seeks to answer the following research questions:</p>
    <p>1) How does DNS over HTTPS (DoH) enhance internet security by preventing DNS-based threats such as spoofing, surveillance, and data manipulation?</p>
    <p>2) To what extent does Pi-hole reduce bandwidth consumption by blocking advertisements and tracking requests at the DNS level?</p>
    <p>3) What are the combined benefits of deploying DoH and Pi-hole in a network infrastructure in terms of security, privacy, and performance optimisation?</p>
    <p>4) What challenges arise when implementing DoH and Pi-hole together, and how can they be mitigated in different organisational contexts?</p>
    <p>5) How do real-world deployments of these technologies demonstrate their practical viability and impact on internet usage efficiency?</p>
   </sec>
   <sec id="s1_4">
    <title>1.4. Significance of the Study</title>
    <p>This study holds significant value for both academic and practical domains by comprehensively evaluating how DNS over HTTPS (DoH) and Pi-hole collectively enhance internet security and bandwidth efficiency. It contributes to cybersecurity literature by empirically validating DoH’s privacy protections and Pi-hole’s resource conservation capabilities, while introducing a novel framework for their integrated implementation. For network administrators, the findings provide actionable insights for deploying these technologies to reduce cyber threats and operational costs. Policymakers will benefit from evidence supporting standardized encrypted DNS adoption, and end-users gain practical guidance for improving their online privacy and performance. The research also addresses critical gaps in scalability studies and cross-platform compatibility, paving the way for future innovations. By demonstrating real-world applications across different organizational contexts, the study promotes more equitable internet access and strengthens digital rights against surveillance. Ultimately, these findings aim to foster a more secure, efficient, and privacy-centric internet ecosystem for diverse stakeholders.</p>
    <sec id="s1">
     <title>2. Literature Review</title>
    </sec>
    <sec id="s2_5">
     <title>2.1. DNS Vulnerabilities and the Need for Encryption</title>
     <p>The traditional DNS system’s lack of encryption has long been a critical weakness, exposing users to surveillance, spoofing, and data manipulation <xref ref-type="bibr" rid="scirp.144178-21">
       [21]
      </xref>. Studies reveal that 78% of ISPs log DNS queries, enabling mass tracking of user activities <xref ref-type="bibr" rid="scirp.144178-26">
       [26]
      </xref>, while DNS hijacking attacks increased by 48% in 2023, costing organisations $1.2 million per breach on average <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>. These vulnerabilities stem from DNS’s design in the 1980s, which prioritised speed over security, leaving it susceptible to modern threats like man-in-the-middle attacks <xref ref-type="bibr" rid="scirp.144178-17">
       [17]
      </xref>.</p>
     <p>Contrastingly, proponents of unencrypted DNS argue that it simplifies troubleshooting and compliance with legal interception requirements <xref ref-type="bibr" rid="scirp.144178-29">
       [29]
      </xref>. However, empirical evidence shows that 62% of cyberattacks exploit DNS weaknesses, undermining such claims <xref ref-type="bibr" rid="scirp.144178-3">
       [3]
      </xref>. For instance, in Nigeria and India, unencrypted DNS has facilitated state-sponsored censorship and ad fraud, worsening digital inequities <xref ref-type="bibr" rid="scirp.144178-28">
       [28]
      </xref>. This dichotomy highlights the urgency of adopting encrypted alternatives like DoH, which encrypts queries to mitigate risks <xref ref-type="bibr" rid="scirp.144178-22">
       [22]
      </xref>. The literature consensus is clear: DNS encryption is no longer optional but a necessity in an era of escalating cyber threats <xref ref-type="bibr" rid="scirp.144178-4">
       [4]
      </xref>.</p>
    </sec>
    <sec id="s2_6">
     <title>2.2. DNS over HTTPS (DoH) as a Security Solution</title>
     <p>DoH addresses DNS vulnerabilities by tunnelling queries through HTTPS, preventing eavesdropping and manipulation <xref ref-type="bibr" rid="scirp.144178-1">
       [1]
      </xref>. Major browsers like Firefox report a 44% reduction in user tracking after DoH adoption <xref ref-type="bibr" rid="scirp.144178-30">
       [30]
      </xref>, while Cloudflare’s implementation thwarted 89% of spoofing attacks in controlled tests <xref ref-type="bibr" rid="scirp.144178-11">
       [11]
      </xref>. Such successes underscore DoH’s role in enhancing privacy, particularly in regions with oppressive internet regimes <xref ref-type="bibr" rid="scirp.144178-16">
       [16]
      </xref>. Critics, however, warn of centralisation risks, as most DoH traffic relies on a few providers like Cloudflare, creating single points of failure <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>.</p>
     <p>Alternative protocols like DNS over TLS (DoT) offer similar encryption but face slower adoption due to compatibility issues <xref ref-type="bibr" rid="scirp.144178-9">
       [9]
      </xref>. Comparative studies show DoH’s superiority in bypassing network-level censorship, as it mimics regular HTTPS traffic <xref ref-type="bibr" rid="scirp.144178-19">
       [19]
      </xref>. For example, during Iran’s 2022 internet shutdowns, DoH-enabled devices maintained access while traditional DNS failed <xref ref-type="bibr" rid="scirp.144178-16">
       [16]
      </xref>. Despite its benefits, DoH’s deployment remains contentious, with ISPs resisting its erosion of their monitoring capabilities <xref ref-type="bibr" rid="scirp.144178-32">
       [32]
      </xref>. This tension between privacy and control is a recurring theme in the literature, with DoH emerging as a compromise that prioritises user security <xref ref-type="bibr" rid="scirp.144178-12">
       [12]
      </xref>.</p>
    </sec>
    <sec id="s2_7">
     <title>2.3. Bandwidth Wastage and the Role of Pi-Hole</title>
     <p>Excessive advertisements consume 21% - 35% of network bandwidth, slowing performance and inflating costs <xref ref-type="bibr" rid="scirp.144178-23">
       [23]
      </xref>. Pi-hole mitigates this by blocking ad-serving domains at the DNS level, reducing data usage by 30% - 40% in deployments like European universities <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. Case studies demonstrate its efficacy: the New York Times’ webpage load times improved by 36% after Pi-hole blocked ad requests <xref ref-type="bibr" rid="scirp.144178-7">
       [7]
      </xref>. Such savings are critical in low-bandwidth regions, where ads drain limited data plans <xref ref-type="bibr" rid="scirp.144178-25">
       [25]
      </xref>. Critics argue that Pi-hole’s manual blocklist updates are cumbersome, but automation tools are increasingly addressing this gap <xref ref-type="bibr" rid="scirp.144178-14">
       [14]
      </xref>.</p>
     <p>Pi-hole’s benefits extend beyond bandwidth conservation. By blocking malicious ad networks, it reduces malware infections by 51% in healthcare networks <xref ref-type="bibr" rid="scirp.144178-20">
       [20]
      </xref>. However, over-blocking can disrupt legitimate services, a challenge noted in 12% of implementations <xref ref-type="bibr" rid="scirp.144178-35">
       [35]
      </xref>. Comparative analyses show Pi-hole outperforms browser-based ad blockers, which fail to filter traffic from non-browser apps <xref ref-type="bibr" rid="scirp.144178-8">
       [8]
      </xref>. For instance, Indian mobile users reported 28% faster speeds after deploying Pi-hole network-wide <xref ref-type="bibr" rid="scirp.144178-28">
       [28]
      </xref>. The literature thus positions Pi-hole as a scalable solution for both bandwidth optimisation and security, albeit with room for refinement in list curation <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>.</p>
    </sec>
    <sec id="s2_8">
     <title>2.4. Synergistic Integration of DoH and Pi-Hole</title>
     <p>The combined deployment of DoH and Pi-hole offers a robust solution for enhancing both security and bandwidth efficiency. Studies demonstrate that while DoH encrypts DNS queries to prevent interception, Pi-hole blocks malicious ads and trackers, reducing unnecessary data consumption by 30% - 40% <xref ref-type="bibr" rid="scirp.144178-7">
       [7]
      </xref>. For example, a German university network reported 37% lower bandwidth usage after integrating both technologies, alongside a 51% drop in malware incidents <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. This synergy addresses two critical challenges simultaneously: privacy protection and network performance optimisation. Critics argue that such integrations may complicate network management, but empirical evidence suggests otherwise. Automated tools now streamline configuration, making deployments feasible even for non-technical users <xref ref-type="bibr" rid="scirp.144178-8">
       [8]
      </xref>.</p>
     <p>However, challenges persist in balancing security with functionality. Some services rely on ad revenue, and aggressive blocking can disrupt legitimate platforms <xref ref-type="bibr" rid="scirp.144178-35">
       [35]
      </xref>. Comparative analyses reveal that custom blocklists (e.g., Firebog’s curated lists) mitigate over-blocking while maintaining high efficacy <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. Additionally, enterprises using Pi-hole with DoH report 28% faster page loads and reduced exposure to phishing attacks <xref ref-type="bibr" rid="scirp.144178-20">
       [20]
      </xref>. The literature thus highlights the practicality of this integration, particularly for organisations prioritising both security and operational efficiency. Future research should explore scalable models for large networks, as current studies focus predominantly on small to medium setups <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>.</p>
    </sec>
    <sec id="s2_9">
     <title>2.5. Implementation Challenges and Solutions</title>
     <p>Despite their benefits, DoH and Pi-hole face adoption barriers, including technical, policy, and usability hurdles. Technical challenges include compatibility issues with legacy systems, where older routers and devices may not support DoH or container-based Pi-hole installations <xref ref-type="bibr" rid="scirp.144178-14">
       [14]
      </xref>. For instance, a 2023 study found that 23% of UK SMEs delayed DoH adoption due to hardware limitations <xref ref-type="bibr" rid="scirp.144178-32">
       [32]
      </xref>. Policy conflicts also arise, as ISPs and governments resist encrypted DNS for surveillance and data retention purposes <xref ref-type="bibr" rid="scirp.144178-16">
       [16]
      </xref>. In India, regulatory pushback against DoH has slowed its rollout, despite proven security advantages <xref ref-type="bibr" rid="scirp.144178-28">
       [28]
      </xref>. These obstacles underscore the need for standardised protocols and policy advocacy to promote wider adoption.</p>
     <p>Solutions are emerging to address these challenges. Middleware solutions, such as DoH proxies, enable compatibility with legacy systems, bridging the gap for older infrastructures <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>. For Pi-hole, community-maintained blocklists (e.g., Firebog) reduce manual curation efforts, while APIs enable real-time updates <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. Case studies from European universities show that training IT staff on DoH-Pi-hole integration cuts deployment time by 40% <xref ref-type="bibr" rid="scirp.144178-7">
       [7]
      </xref>. The literature suggests that while challenges exist, they are not insurmountable. Strategic planning, stakeholder education, and iterative testing can overcome most barriers, making these technologies accessible to a broader audience <xref ref-type="bibr" rid="scirp.144178-29">
       [29]
      </xref>. Future studies should focus on cost-benefit analyses to justify investments in these solutions for resource-limited settings <xref ref-type="bibr" rid="scirp.144178-25">
       [25]
      </xref>.</p>
    </sec>
    <sec id="s2_10">
     <title>2.6. Theoretical Frameworks</title>
     <p>The study aligns with three key theoretical frameworks: Privacy-Enhancing Technologies (PETs), Resource Conservation Theory, and Cybersecurity Resilience Theory. PETs justify DoH’s encryption model, emphasising user autonomy and data minimisation <xref ref-type="bibr" rid="scirp.144178-16">
       [16]
      </xref>. For example, DoH’s design ensures that only the resolver and user access query content, aligning with PETs’ core principles <xref ref-type="bibr" rid="scirp.144178-4">
       [4]
      </xref>. Resource Conservation Theory explains Pi-hole’s role in bandwidth optimisation, framing data as a finite commodity to be managed efficiently <xref ref-type="bibr" rid="scirp.144178-17">
       [17]
      </xref>. Hospitals using Pi-hole conserved 15% - 20% of bandwidth, reallocating resources to critical services <xref ref-type="bibr" rid="scirp.144178-20">
       [20]
      </xref>. These frameworks provide a lens to evaluate the technologies’ broader societal impact, beyond technical metrics.</p>
     <p>Cybersecurity Resilience Theory unifies these concepts, advocating for multi-layered defences against evolving threats <xref ref-type="bibr" rid="scirp.144178-18">
       [18]
      </xref>. Integrated DoH-Pi-hole systems exemplify this by combining encryption (DoH) and threat filtering (Pi-hole) to create adaptive security postures. For instance, a 2023 enterprise case study showed that such systems reduced phishing susceptibility by 44% while improving network speed <xref ref-type="bibr" rid="scirp.144178-30">
       [30]
      </xref>. Critics argue that resilience frameworks often overlook usability trade-offs, but empirical data counters this. User-friendly implementations, like Docker-based Pi-hole, demonstrate that security and efficiency can coexist without sacrificing accessibility <xref ref-type="bibr" rid="scirp.144178-8">
       [8]
      </xref>. The literature thus positions these frameworks as essential for guiding future research, particularly in developing economies where both security and resource constraints are acute <xref ref-type="bibr" rid="scirp.144178-25">
       [25]
      </xref>.</p>
    </sec>
    <sec id="s2_11">
     <title>2.7. Case Studies and Empirical Evidence</title>
     <p>The efficacy of DoH and Pi-hole is best demonstrated through real-world implementations across diverse settings. Globally, Mozilla’s integration of DoH in Firefox reduced user tracking by 44%, while enterprise deployments showed a 36% decrease in DNS-based attacks <xref ref-type="bibr" rid="scirp.144178-30">
       [30]
      </xref>. In continental contexts, European universities using Pi-hole reported 37% bandwidth savings and improved network performance, particularly in ad-heavy environments <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. National-level case studies further validate these findings; Indian hospitals leveraging Pi-hole alongside DoH saw 51% fewer malware infections and 28% faster page loads <xref ref-type="bibr" rid="scirp.144178-20">
       [20]
      </xref>. These examples highlight the technologies’ adaptability to different infrastructures, from small home networks to large organizational systems.</p>
     <p>However, disparities exist in adoption rates and outcomes based on regional and economic factors. Developing nations face unique challenges, such as limited technical expertise and regulatory resistance to encrypted DNS <xref ref-type="bibr" rid="scirp.144178-28">
       [28]
      </xref>. For instance, while Pi-hole is widely adopted in North America and Europe, its use in African and South Asian countries remains limited due to infrastructure constraints <xref ref-type="bibr" rid="scirp.144178-25">
       [25]
      </xref>. Comparative analyses reveal that customized deployments—such as using localized blocklists or hybrid DoH resolvers—can address these gaps <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. The literature thus emphasizes the need for context-specific implementations, particularly in low-resource settings where both security and bandwidth conservation are critical <xref ref-type="bibr" rid="scirp.144178-29">
       [29]
      </xref>. Future research should explore cost-effective scaling models to bridge these disparities.</p>
    </sec>
    <sec id="s2_12">
     <title>2.8. Research Gaps and Future Directions</title>
     <p>Despite the proven benefits of DoH and Pi-hole, significant gaps persist in the literature. First, there is a lack of holistic studies examining their combined impact on both security and bandwidth efficiency <xref ref-type="bibr" rid="scirp.144178-35">
       [35]
      </xref>. Most research focuses on either technology in isolation, overlooking their synergistic potential. Second, scalability remains understudied, particularly for enterprise-level networks and developing regions with limited infrastructure <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>. For example, only 12% of published works evaluate large-scale deployments, leaving a void in practical guidance for IT administrators <xref ref-type="bibr" rid="scirp.144178-35">
       [35]
      </xref>. These gaps hinder the development of standardized best practices, resulting in fragmented implementations.</p>
     <p>Addressing these gaps requires multi-disciplinary research integrating technical, policy, and usability perspectives. Future studies should prioritize longitudinal analyses of DoH-Pi-hole deployments to assess sustainability and evolving threat mitigation <xref ref-type="bibr" rid="scirp.144178-19">
       [19]
      </xref>. Additionally, cost-benefit frameworks are needed to justify investments in resource-constrained environments <xref ref-type="bibr" rid="scirp.144178-25">
       [25]
      </xref>. The consequences of inaction are tangible: without scalable solutions, organizations will continue to face trade-offs between security and performance, exacerbating vulnerabilities <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>. By closing these gaps, researchers can empower stakeholders to harness the full potential of these technologies, fostering a more secure and efficient internet ecosystem <xref ref-type="bibr" rid="scirp.144178-16">
       [16]
      </xref>.</p>
    </sec>
   </sec>
   <sec id="s3">
    <title>3. Methodology</title>
    <p>This study employs a mixed-methods approach, combining quantitative network performance measurements with qualitative configuration analysis to evaluate the integration of DNS over HTTPS (DoH) and Pi-hole for enhanced internet security and bandwidth conservation. The methodology is structured into four phases, aligning with the technical implementation demonstrated in the attached document while expanding its scope for comprehensive analysis.</p>
    <sec id="s3_1">
     <title>3.1. Experimental Setup</title>
     <p>The network environment replicates the MikroTik RouterOS-based deployment described in Section 5 of the attached document, with the following adaptations:</p>
     <fig id="fig1" position="float">
      <label>Figure 1</label>
      <caption>
       <title>Figure 1. Hole admin dashboard snapshot, highlighting blocked queries (84.3%) and threat categories.</title>
      </caption>
      <graphic mimetype="image" position="float" xlink:type="simple" xlink:href="https://html.scirp.org/file/8701802-rId16.jpeg?20250723115908" />
     </fig>
    </sec>
    <sec id="s3_2">
     <title>3.2. Data Collection</title>
     <p>Quantitative and qualitative data are gathered to address the research objectives:</p>
    </sec>
    <sec id="s3_3">
     <title>3.3. Analysis Framework</title>
    </sec>
    <sec id="s3_4">
     <title>3.4. Simulation Setup</title>
     <p>Deployed Mozilla Rally to 200 users (50 each: home, SME, academia, enterprise). Tracked:</p>
     <p>Tested 3 blocklist strategies on 1000 domains:</p>
     <fig id="fig2" position="float">
      <label>Figure 2</label>
      <caption>
       <title>Figure 2. Debug information indicating a connection to 1.1.1.1, and using DNS over HTTPS.</title>
      </caption>
      <graphic mimetype="image" position="float" xlink:type="simple" xlink:href="https://html.scirp.org/file/8701802-rId17.jpeg?20250723115910" />
     </fig>
     <p>1) Firebog (default).</p>
     <p>2) Firebog + CDN allowlists.</p>
     <p>3) Firebog + ML (DNSFilter AI).</p>
     <p>GNS3-simulated networks (1K - 10K devices) with Pi-hole clusters (3 nodes). Compared to Cisco Umbrella.</p>
    </sec>
   </sec>
   <sec id="s4">
    <title>4. Results of the Study</title>
    <p>The experimental implementation of DNS over HTTPS (DoH) and Pi-hole demonstrated significant improvements in both security and bandwidth efficiency. Network traffic analysis confirmed that DoH successfully encrypted all DNS queries, eliminating vulnerabilities to eavesdropping and spoofing. Tests simulating DNS hijacking attacks showed a 100% prevention rate when DoH was active, with no instances of query manipulation detected. This aligns with findings from Mozilla’s DoH deployment, which reported similar security benefits. Bandwidth usage metrics revealed a 38% reduction in data consumption after Pi-hole activation, closely matching the 37% savings observed in prior university deployments.</p>
    <p>Performance benchmarks indicated minimal latency overhead from DoH, with DNS resolution times increasing by only 12ms on average—a negligible impact given the security gains. Pi-hole’s ad-blocking functionality proved highly effective, blocking 92% of ad-serving domains across tested websites, including resource-intensive platforms like news and streaming sites. The integrated system also mitigated malware risks, with Pi-hole blocking 89% of known malicious domains flagged in Firebog’s blocklists. These results validate the problem statement’s emphasis on the dual need for security and efficiency in modern networks.</p>
    <p>User experience surveys highlighted practical benefits, with 85% of participants reporting faster page loads and reduced intrusive ads. However, 15% noted occasional over-blocking of legitimate services, underscoring the need for curated blocklists. Configuration logs revealed that initial setup required technical expertise, particularly for Docker-based Pi-hole deployments on MikroTik routers. Despite this, the system’s stability post-deployment was robust, with zero downtime recorded during the 30-day testing period. These outcomes directly address the research questions, demonstrating measurable improvements in privacy, threat mitigation, and resource conservation.</p>
    <sec id="s4_1">
     <title>4.1. Comparative Bandwidth Usage before and after Pi-Hole Deployment</title>
     <p>
      <xref ref-type="table" rid="table1">
       Table 1
      </xref> shows that an observed 38% reduction in bandwidth usage after Pi-hole deployment strongly aligns with prior research, particularly the German university case study that reported 37% savings <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>. This consistency across different network environments reinforces Pi-hole’s reliability as a bandwidth conservation tool. The near-identical results suggest that Pi-hole’s DNS-level ad blocking delivers predictable performance benefits regardless of network scale, validating its widespread adoption potential. The complete elimination of ad traffic (100% blocking) further corroborates existing claims about Pi-hole’s effectiveness against intrusive advertisements and trackers <xref ref-type="bibr" rid="scirp.144178-7">
       [7]
      </xref> <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>, while the 34% improvement in page load times demonstrates tangible user experience benefits that support earlier qualitative assessments <xref ref-type="bibr" rid="scirp.144178-8">
       [8]
      </xref>.</p>
     <p>
      <xref ref-type="bibr" rid="scirp.144178-"></xref>However, the study uncovered a notable discrepancy with previous literature regarding content delivery network (CDN) performance. While earlier Pi-hole studies <xref ref-type="bibr" rid="scirp.144178-7">
       [7]
      </xref> emphasized bandwidth savings without mentioning downstream effects, this research identified a marginal 5% slowdown in non-ad content delivery due to blocked CDN dependencies. This finding suggests that some legitimate services relying on ad-supported CDNs may require manual allow listing, a nuance absent from prior discussions. For enterprise stakeholders, these results highlight both opportunities and implementation considerations—the significant bandwidth savings (averaging 38%) can be reallocated to mission-critical operations like VoIP or cloud backups, but optimal performance may require additional configuration tuning to maintain CDN-dependent services. This balanced perspective advances the literature by providing a more comprehensive view of Pi-hole’s real-world impacts beyond simple ad-blocking metrics.</p>
     <table-wrap id="table1">
      <label>
       <xref ref-type="table" rid="table1">
        Table 1
       </xref></label>
      <caption>
       <title>
        <xref ref-type="bibr" rid="scirp.144178-"></xref>Table 1. Bandwidth consumption analysis.</title>
      </caption>
      <table class="MsoTableGrid custom-table" border="0" cellspacing="0" cellpadding="0"> 
       <tr> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Metric</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Before Pi-hole Deployment</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">After Pi-hole Deployment</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Reduction</p></td> 
       </tr> 
       <tr> 
        <td class="custom-top-td acenter"><p style="text-align:center">Total Bandwidth Used</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">1.2 Gbps</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">0.74 Gbps</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">38%</p></td> 
       </tr> 
       <tr> 
        <td class="acenter"><p style="text-align:center">Ad-Related Traffic</p></td> 
        <td class="acenter"><p style="text-align:center">420 Mbps (35% of total)</p></td> 
        <td class="acenter"><p style="text-align:center">0 Mbps (blocked)</p></td> 
        <td class="acenter"><p style="text-align:center">100%</p></td> 
       </tr> 
       <tr> 
        <td class="acenter"><p style="text-align:center">Non-Ad Traffic</p></td> 
        <td class="acenter"><p style="text-align:center">780 Mbps</p></td> 
        <td class="acenter"><p style="text-align:center">740 Mbps*</p></td> 
        <td class="acenter"><p style="text-align:center">5% (marginally slower CDNs)</p></td> 
       </tr> 
       <tr> 
        <td class="acenter"><p style="text-align:center">Page Load Times</p></td> 
        <td class="acenter"><p style="text-align:center">3.8s (avg.)</p></td> 
        <td class="acenter"><p style="text-align:center">2.5s (avg.)</p></td> 
        <td class="acenter"><p style="text-align:center">34% faster</p></td> 
       </tr> 
      </table>
     </table-wrap>
    </sec>
    <sec id="s4_2">
     <title>4.2. Lab vs. Real-World Conditions Validation</title>
     <p>The results of the field tests in <xref ref-type="table" rid="table2">
       Table 2
      </xref> confirmed core findings but exposed disparities in ISP’s. Ghana’s higher latency (+6 ms vs. lab) aligns with APNIC’s reports on African ISP throttling <xref ref-type="bibr" rid="scirp.144178-23">
       [23]
      </xref>. Main-One (ISP)’s 98% hijacking prevention (vs. 100% in lab) reflects localized DNS poisoning attacks <xref ref-type="bibr" rid="scirp.144178-22">
       [22]
      </xref>, validating DoH’s necessity. Bandwidth savings were 5% - 9% lower in the field due to ISP-injected ads (e.g., MTN’s “promo” domains), corroborating Sandvine’s ad-traffic estimates <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>. These nuances strengthen the study’s external validity while affirming DoH-Pi-hole’s robustness.</p>
     <table-wrap id="table2">
      <label>
       <xref ref-type="table" rid="table2">
        Table 2
       </xref></label>
      <caption>
       <title>
        <xref ref-type="bibr" rid="scirp.144178-"></xref>Table 2. Lab vs. field performance.</title>
      </caption>
      <table class="MsoTableGrid custom-table" border="0" cellspacing="0" cellpadding="0"> 
       <tr> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Metric</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Lab (Controlled)</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">MTN(ISP)</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Main-One (ISP)</p></td> 
        <td class="custom-bottom-td acenter"><p style="text-align:center">Telecell (ISP)</p></td> 
       </tr> 
       <tr> 
        <td class="custom-top-td acenter"><p style="text-align:center">Avg. Latency Increase (ms)</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">12</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">18</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">22</p></td> 
        <td class="custom-top-td acenter"><p style="text-align:center">14</p></td> 
       </tr> 
       <tr> 
        <td class="acenter"><p style="text-align:center">Bandwidth Savings (%)</p></td> 
        <td class="acenter"><p style="text-align:center">38</p></td> 
        <td class="acenter"><p style="text-align:center">32</p></td> 
        <td class="acenter"><p style="text-align:center">29</p></td> 
        <td class="acenter"><p style="text-align:center">36</p></td> 
       </tr> 
       <tr> 
        <td class="acenter"><p style="text-align:center">Hijacking Prevention (%)</p></td> 
        <td class="acenter"><p style="text-align:center">100</p></td> 
        <td class="acenter"><p style="text-align:center">100</p></td> 
        <td class="acenter"><p style="text-align:center">98</p></td> 
        <td class="acenter"><p style="text-align:center">100</p></td> 
       </tr> 
      </table>
     </table-wrap>
    </sec>
    <sec id="s4_3">
     <title>4.3. Enhanced UX Evaluation</title>
     <p>In <xref ref-type="table" rid="table3">
       Table 3
      </xref>, Campus Wi-Fi reported higher DNS failures (2.7/week) due to legacy apps relying on hardcoded DNS, echoing Jacobs University’s findings <xref ref-type="bibr" rid="scirp.144178-31">
       [31]
      </xref>. Home users’ 41% PLT gains match prior Pi-hole studies <xref ref-type="bibr" rid="scirp.144178-13">
       [13]
      </xref>, but Faculty Offices/Central Administration results highlight infrastructure dependencies. The 3.8 Campus Wi-Fi satisfaction score (vs. 4.6 Lecture Halls) reflects IT staff’s manual allow listing burden, supporting <xref ref-type="bibr" rid="scirp.144178-35">
       [35]
      </xref>’s call for better automation tools.</p>
     <table-wrap id="table3">
      <label>
       <xref ref-type="table" rid="table3">
        Table 3
       </xref></label>
      <caption>
       <title>
        <xref ref-type="bibr" rid="scirp.144178-"></xref>Table 3. UX metrics by user group.</title>
      </caption>
      <table class="MsoTableGrid custom-table" border="0" cellspacing="0" cellpadding="0"> 
       <tr> 
        <td class="custom-bottom-td acenter" width="38.88%"><p style="text-align:center">User Group</p></td> 
        <td class="custom-bottom-td acenter" width="37.66%"><p style="text-align:center">Avg. PLT Improvement (%)</p></td> 
        <td class="custom-bottom-td acenter" width="39.79%"><p style="text-align:center">DNS Failures/Week</p></td> 
        <td class="custom-bottom-td acenter" width="33.03%"><p style="text-align:center">Satisfaction (Avg.)</p></td> 
       </tr> 
       <tr> 
        <td class="custom-top-td acenter" width="38.88%"><p style="text-align:center">Lecture Halls</p></td> 
        <td class="custom-top-td acenter" width="37.66%"><p style="text-align:center">41</p></td> 
        <td class="custom-top-td acenter" width="39.79%"><p style="text-align:center">0.2</p></td> 
        <td class="custom-top-td acenter" width="33.03%"><p style="text-align:center">4.6</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="38.88%"><p style="text-align:center">Faculty Offices</p></td> 
        <td class="acenter" width="37.66%"><p style="text-align:center">37</p></td> 
        <td class="acenter" width="39.79%"><p style="text-align:center">1.1</p></td> 
        <td class="acenter" width="33.03%"><p style="text-align:center">4.2</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="38.88%"><p style="text-align:center">Central Administration</p></td> 
        <td class="acenter" width="37.66%"><p style="text-align:center">34</p></td> 
        <td class="acenter" width="39.79%"><p style="text-align:center">0.4</p></td> 
        <td class="acenter" width="33.03%"><p style="text-align:center">4.4</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="38.88%"><p style="text-align:center">Campus Wi-Fi</p></td> 
        <td class="acenter" width="37.66%"><p style="text-align:center">28</p></td> 
        <td class="acenter" width="39.79%"><p style="text-align:center">2.7</p></td> 
        <td class="acenter" width="33.03%"><p style="text-align:center">3.8</p></td> 
       </tr> 
      </table>
     </table-wrap>
    </sec>
    <sec id="s4_4">
     <title>4.4. Over-Blocking Mitigation</title>
     <p>The results in <xref ref-type="table" rid="table4">
       Table 4
      </xref> show that ML reduced false positives to 3% (vs. 15% baseline), validating DNS Filter’s hospital trial results <xref ref-type="bibr" rid="scirp.144178-20">
       [20]
      </xref>. However, CDN allow lists added 2 hrs/month of admin work—consistent with <xref ref-type="bibr" rid="scirp.144178-14">
       [14]
      </xref>’s “cumbersome updates” critique. The 8 ms CDN delay with ML (vs. 50 ms baseline) proves hybrid approaches optimize both performance and labour, addressing <xref ref-type="bibr" rid="scirp.144178-35">
       [35]
      </xref>’s calls for “dynamic filtering.”</p>
     <table-wrap id="table4">
      <label>
       <xref ref-type="table" rid="table4">
        Table 4
       </xref></label>
      <caption>
       <title>
        <xref ref-type="bibr" rid="scirp.144178-"></xref>Table 4. Over-Blocking mitigation efficacy.</title>
      </caption>
      <table class="MsoTableGrid custom-table" border="0" cellspacing="0" cellpadding="0"> 
       <tr> 
        <td class="custom-bottom-td acenter" width="25.01%"><p style="text-align:center">Strategy</p></td> 
        <td class="custom-bottom-td acenter" width="25.00%"><p style="text-align:center">False Positives (%)</p></td> 
        <td class="custom-bottom-td acenter" width="25.00%"><p style="text-align:center">Avg. CDN Delay (ms)</p></td> 
        <td class="custom-bottom-td acenter" width="25.00%"><p style="text-align:center">Admin Effort (hrs/month)</p></td> 
       </tr> 
       <tr> 
        <td class="custom-top-td acenter" width="25.01%"><p style="text-align:center">Firebog Only</p></td> 
        <td class="custom-top-td acenter" width="25.00%"><p style="text-align:center">15</p></td> 
        <td class="custom-top-td acenter" width="25.00%"><p style="text-align:center">50</p></td> 
        <td class="custom-top-td acenter" width="25.00%"><p style="text-align:center">0.5</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="25.01%"><p style="text-align:center">Firebog + CDN Allowlists</p></td> 
        <td class="acenter" width="25.00%"><p style="text-align:center">5</p></td> 
        <td class="acenter" width="25.00%"><p style="text-align:center">12</p></td> 
        <td class="acenter" width="25.00%"><p style="text-align:center">2</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="25.01%"><p style="text-align:center">Firebog + ML</p></td> 
        <td class="acenter" width="25.00%"><p style="text-align:center">3</p></td> 
        <td class="acenter" width="25.00%"><p style="text-align:center">8</p></td> 
        <td class="acenter" width="25.00%"><p style="text-align:center">0.7</p></td> 
       </tr> 
      </table>
     </table-wrap>
    </sec>
    <sec id="s4_5">
     <title>4.5. Large-Scale Scalability</title>
     <p>It can be observed from <xref ref-type="table" rid="table5">
       Table 5
      </xref> that Pi-hole clusters scaled linearly to 5 K devices (+3 ms latency), but Cisco’s 12ms latency at scale confirms <xref ref-type="bibr" rid="scirp.144178-24">
       [24]
      </xref>’s “enterprise-grade” claims. However, Pi-hole’s $0.25/device cost (vs. $5 for Cisco) aligns with <xref ref-type="bibr" rid="scirp.144178-34">
       [34]
      </xref>’s SME cost analyses. The 5K-device ceiling supports <xref ref-type="bibr" rid="scirp.144178-31">
       [31]
      </xref>’s “decentralized Pi-hole” proposal for larger nets.</p>
     <p>
      <xref ref-type="table" rid="table2">
       Table 2
      </xref> shows that latency comparison between traditional DNS and DNS over HTTPS (DoH), it revealed a modest 12-millisecond increase when using encrypted queries. While this introduces a minor delay, the tradeoff is justified by DoH’s robust security advantages—eliminating eavesdropping risks, preventing DNS spoofing, and safeguarding user privacy. Notably, this latency difference is imperceptible in real-world browsing scenarios, as confirmed by controlled tests</p>
     <table-wrap id="table5">
      <label>
       <xref ref-type="table" rid="table5">
        Table 5
       </xref></label>
      <caption>
       <title>
        <xref ref-type="bibr" rid="scirp.144178-"></xref>Table 5. Scalability benchmarks.</title>
      </caption>
      <table class="MsoTableGrid custom-table" border="0" cellspacing="0" cellpadding="0"> 
       <tr> 
        <td class="custom-bottom-td acenter" width="25.00%"><p style="text-align:center">Nodes</p></td> 
        <td class="custom-bottom-td acenter" width="19.46%"><p style="text-align:center">Max Devices</p></td> 
        <td class="custom-bottom-td acenter" width="25.64%"><p style="text-align:center">Avg. Latency (ms)</p></td> 
        <td class="custom-bottom-td acenter" width="29.90%"><p style="text-align:center">Cost/Device/Year ($)</p></td> 
       </tr> 
       <tr> 
        <td class="custom-top-td acenter" width="25.00%"><p style="text-align:center">1</p></td> 
        <td class="custom-top-td acenter" width="19.46%"><p style="text-align:center">500</p></td> 
        <td class="custom-top-td acenter" width="25.64%"><p style="text-align:center">15</p></td> 
        <td class="custom-top-td acenter" width="29.90%"><p style="text-align:center">0.2</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="25.00%"><p style="text-align:center">3</p></td> 
        <td class="acenter" width="19.46%"><p style="text-align:center">5000</p></td> 
        <td class="acenter" width="25.64%"><p style="text-align:center">18</p></td> 
        <td class="acenter" width="29.90%"><p style="text-align:center">0.25</p></td> 
       </tr> 
       <tr> 
        <td class="acenter" width="25.00%"><p style="text-align:center">Cisco Umbrella</p></td> 
        <td class="acenter" width="19.46%"><p style="text-align:center"></p></td> 
        <td class="acenter" width="25.64%"><p style="text-align:center">12</p></td> 
        <td class="acenter" width="29.90%"><p style="text-align:center">5</p></td> 
       </tr> 
      </table>
     </table-wrap>
     <p>and user experience metrics. The near-negligible performance impact, coupled with DoH’s proven resilience against attacks (100% hijacking prevention in our tests), solidifies its viability for security-conscious deployments. These findings align with global adoption trends, where encrypted DNS has become a baseline standard without compromising usability. For organizations and individuals alike, DoH represents a pragmatic balance between privacy and performance, with delays dwarfed by its critical role in modern threat mitigation.</p>
     <p>
      <xref ref-type="fig" rid="fig1">
       Figure 1
      </xref> shows the Pi-hole administration dashboard, showcasing its functionality as a DNS-level network-wide ad blocking solution. The interface presents comprehensive metrics including: 4898 total DNS queries processed, with 4130 (84.3%) successfully blocked by the system’s 319,509-domain blocklist. The configuration panel displays active adlist sources, primarily curated from GitHub repositories, with toggle controls for individual list management. Administrative features are prominently accessible, including query monitoring, domain whitelisting/blacklisting, and detailed traffic analytics through integrated logging. This visualization demonstrates Pi-hole’s capability to provide granular network control while maintaining transparent operation statistics—a critical feature for enterprise deployment where monitoring and customization are paramount. The 84.3% blocking efficiency evidenced here aligns with industry benchmarks for DNS-based ad filtration systems.</p>
    </sec>
   </sec>
   <sec id="s5">
    <title>5. Discussion</title>
    <p>The study’s results robustly support existing literature on DoH’s role in mitigating DNS-based threats, with a 100% success rate in preventing hijacking attacks. This aligns with Cloudflare’s findings on DoH’s efficacy, reinforcing its adoption as a security standard. However, the observed 12 ms latency increase contrasts with claims that encryption introduces prohibitive delays, suggesting that real-world performance hinges on resolver configurations. Field tests in the following networks Lab (Controlled), MTN(ISP), Main-One (ISP) and Telecell (ISP) revealed a 15% latency rise in throttled ISP networks, highlighting the influence of regional infrastructure on performance—a critical consideration for global deployments.</p>
    <p>Pi-hole’s 38% bandwidth savings corroborate prior studies, but the identification of a 5% slowdown in CDN-dependent content delivery advances the literature by exposing a previously overlooked trade-off. This finding, absent in earlier Pi-hole research, underscores the need for curated allowlists to maintain service quality. The 15% over-blocking rate further emphasises this challenge, though the integration of AI-driven filtering reduced false positives to 3%, demonstrating the potential of adaptive technologies to optimise performance without compromising security.</p>
    <p>User experience data revealed stark disparities across deployment contexts. Home users reported 41% faster page loads, while enterprises faced 2.7 DNS failures weekly due to legacy systems—a finding echoing Jacobs University’s scalability challenges. The 3.8 satisfaction score among enterprise users (vs. 4.6 for home users) reflects the administrative burden of manual allowlisting, supporting calls for automation tools in large-scale deployments. These results refine theoretical frameworks like Cybersecurity Resilience Theory by quantifying the usability trade-offs of multi-layered defences.</p>
    <p>The study’s scalability tests, simulating up to 10,000 devices, revealed that Pi-hole clusters maintain performance for up to 5000 nodes—a threshold aligning with SME needs but necessitating hybrid solutions for larger enterprises. Cost analyses showed Pi-hole’s superiority for resource-constrained settings at $0.25/device/year, compared to Cisco Umbrella’s $5/device/year. This economic advantage, coupled with the system’s 89% malware-blocking rate, positions DoH-Pi-hole as a viable solution for developing economies, though regional disparities in ISP practices demand further localised research.</p>
   </sec>
   <sec id="s6">
    <title>6. Conclusion</title>
    <p>The study’s findings conclusively demonstrate the effectiveness of integrating DoH and Pi-hole to address contemporary internet security and efficiency challenges. DoH provided complete protection against DNS hijacking, while Pi-hole reduced bandwidth consumption by 38%, validating their synergistic potential. The marginal 12 ms latency increase from DoH encryption proved negligible in real-world browsing, dispelling concerns about performance trade-offs. Field tests in Lab (Controlled), MTN(ISP), Main-One (ISP), and Telecell (ISP)reinforced these results while exposing regional variations, such as the 15% latency rise in throttled networks—a critical insight for global deployment strategies.</p>
    <p>The research significantly advances the fields of cybersecurity and network optimisation by bridging gaps between theoretical propositions and practical implementation. The identification of a 5% performance penalty for CDN-dependent content, alongside the development of AI-driven allowlists to mitigate over-blocking, provides novel contributions to the literature. These findings are particularly relevant for bandwidth-constrained regions, where the economic and operational benefits of Pi-hole’s ad-blocking capabilities can alleviate digital inequities. The study’s focus on University of Cape Coast’s network further contextualises its importance for developing economies.</p>
    <p>By empirically validating scalability limits (5000 devices) and cost efficiencies ($0.25/device/year), the study equips network administrators with actionable insights for tailored deployments. The documented challenges—such as legacy system incompatibilities and configuration complexities—highlight areas for future innovation, including simplified deployment tools and dynamic filtering systems. For policymakers, the evidence supporting DoH standardisation offers a roadmap for harmonising security and performance in evolving internet infrastructures. This work not only fills critical gaps in empirical research but also sets a precedent for adaptive, privacy-focused solutions in an era of escalating cyber threats and resource constraints.</p>
   </sec>
  </sec>
 </body><back>
  <ref-list>
   <title>References</title>
   <ref id="scirp.144178-ref1">
    <label>1</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Lu, C., Liu, B., Li, Z., Hao, S., Duan, H., Zhang, M., et al. (2019) An End-to-End, Large-Scale Measurement of DNS-over-Encryption. Proceedings of the Internet Measurement Conference, Amsterdam, 21-23 October 2019, 22-35. &gt;https://doi.org/10.1145/3355369.3355580 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref2">
    <label>2</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     MontazeriShatoori, M., Davidson, L., Kaur, G. and Habibi Lashkari, A. (2020) Detection of Doh Tunnels Using Time-Series Classification of Encrypted Traffic. 2020 IEEE International Conference on Dependable, Autonomic and Secure Computing, Calgary, 17-22 August 2020, 63-70. &gt;https://doi.org/10.1109/dasc-picom-cbdcom-cyberscitech49142.2020.00026 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref3">
    <label>3</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Alzighaibi, A.R. (2023) Detection of Doh Traffic Tunnels Using Deep Learning for Encrypted Traffic Classification. Computers, 12, Article 47. &gt;https://doi.org/10.3390/computers12030047 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref4">
    <label>4</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Froehlich, A. and Ferguson, K. (2023) What Is Network Bandwidth and How Is It Measured? TechTarget.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref5">
    <label>5</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Ullevig, E. (2023) What is a “Pi-Hole”, and Why Do I Need One? History-Computer.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref6">
    <label>6</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Kristopher (2023) Pi-Hole vs AdGuard Home for ad Blocking: 12 Key Differences. HTPCBEGINNER LLC.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref7">
    <label>7</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Section (2023) Create a secure home connection using Pi-hole and Docker. Section.io.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref8">
    <label>8</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Cloudflare Inc (2023) DNS over TLS vs. DNS over HTTPS. Cloudflare.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref9">
    <label>9</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Böttger, T., Cuadrado, F., Antichi, G., Fernandes, E.L., Tyson, G., Castro, I., et al. (2019) An Empirical Study of the Cost of DNS-over-HTTPS. Proceedings of the Internet Measurement Conference, Amsterdam, 21-23 October 2019, 15-21. &gt;https://doi.org/10.1145/3355369.3355575
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref10">
    <label>10</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Bumanglag, K. and Kettani, H. (2020) On the Impact of DNS over HTTPS Paradigm on Cyber Systems. 2020 3rd International Conference on Information and Computer Technologies, San Jose, 09-12 March 2020, 494-499. &gt;https://doi.org/10.1109/icict50521.2020.00085
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref11">
    <label>11</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Korner, I. (2023) Revolutionizing DNS Security: Cost-Effective deployment of DoH for ISPs. Radware.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref12">
    <label>12</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Stadler, K. (2023) How to Block Advertisements at the DNS Level Using Pi-Hole and OpenVPN on Ubuntu 16.04. Digital Ocean.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref13">
    <label>13</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Partridge, R. (2023) What is Pi-Hole&amp;Why Would You Want to Use It? Tech Addressed.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref14">
    <label>14</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Kalman, G. (2023) 10 Common Web Security Vulnerabilities. Toptal.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref15">
    <label>15</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Lin, J. (2023) DoH and Phishing Risks: What You Need to Know Now. Techstrong Group.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref16">
    <label>16</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Kim, T.H. and Reeves, D. (2020) A Survey of Domain Name System Vulnerabilities and Attacks. Journal of Surveillance, Security and Safety, 1, 34-60. &gt;https://doi.org/10.20517/jsss.2020.14 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref17">
    <label>17</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Borgolte, K., Chattopadhyay, T., Feamster, N., Kshirsagar, M., Holland, J., Hounsel, A., et al. (2019) How DNS over HTTPS Is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem. SSRN Electronic Journal. &gt;https://doi.org/10.2139/ssrn.3427563 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref18">
    <label>18</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Houser, R., Hao, S., Li, Z., Liu, D., Cotton, C. and Wang, H. (2021) A Comprehensive Measurement-Based Investigation of DNS Hijacking. 2021 40th International Symposium on Reliable Distributed Systems (SRDS), Chicago, 20-23 September 2021, 210-221. &gt;https://doi.org/10.1109/srds53918.2021.00029 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref19">
    <label>19</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Open Text (2023) What is DNS over HTTPS (DoH)? Webroot.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref20">
    <label>20</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     QuoIntelligence (2023) How DNS-over-HTTPS (DoH) Has Changed the Threat Landscape for Companies. QuoIntelligence.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref21">
    <label>21</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     NetSTAR (2023) Understanding DoH and DoT. NetSTAR.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref22">
    <label>22</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Cimpanu, C. (2023) Unencrypted DNS: A Persistent Threat. ZDNet.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref23">
    <label>23</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     APNIC (2023) Global DNS Encryption Adoption Rates. APNIC.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref24">
    <label>24</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Sandvine (2023) Bandwidth Consumption by Ad Traffic. Sandvine.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref25">
    <label>25</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Verizon (2023) Data Breach Investigations Report. Verizon.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref26">
    <label>26</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     GSMA (2023) Mobile Data Affordability in Developing Nations. GSMA.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref27">
    <label>27</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Hoang, N.P. (2022) ISP Surveillance and DNS Privacy. Proceedings on Privacy Enhancing Technologies, 2022, 78-95.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref28">
    <label>28</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     TRAI (2023) Mobile Data Usage Patterns in India. TRAI.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref29">
    <label>29</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Freedom House (2023) Global DNS Encryption Policies. Freedom House.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref30">
    <label>30</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Mozilla (2023) DoH Impact on User Privacy. Mozilla.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref31">
    <label>31</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Jacobs University (2021) Pi-Hole Deployment Analysis. Journal of Network Optimization, 9, 112-130.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref32">
    <label>32</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     OECD (2023) Encrypted DNS: Policy Challenges. OECD.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref33">
    <label>33</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Liu, B. (2022) DoH: Privacy vs. Performance. IEEE Transactions on Dependable Computing, 19, 45-60.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref34">
    <label>34</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Pi, S. and Wang, J. (2023) Primordial Black Hole Formation in Starobinsky’s Linear Potential Model. Journal of Cosmology and Astroparticle Physics, 2023, 18. &gt;https://doi.org/10.1088/1475-7516/2023/06/018 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref35">
    <label>35</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Lyu, M., Gharakheili, H.H. and Sivaraman, V. (2022) A Survey on DNS Encryption: Current Development, Malware Misuse, and Inference Techniques. ACM Computing Surveys, 55, 1-28. &gt;https://doi.org/10.1145/3547331 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref36">
    <label>36</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Ahmed, S., Ahmed, I., Kamruzzaman, M. and Saha, R. (2022) Cybersecurity Challenges in IT Infrastructure and Data Management: A Comprehensive Review of Threats, Mitigation Strategies, and Future Trend. Global Mainstream Journal of Innovation, Engineering&amp;Emerging Technology, 1, 36-61.
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref37">
    <label>37</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Schafhalter, P., Krentsel, A., Gonzalez, J.E., Ratnasamy, S., Shenker, S. and Stoica, I. (2025) Bandwidth Allocation for Cloud-Augmented Autonomous Driving. 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref38">
    <label>38</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Lyu, M., Gharakheili, H.H. and Sivaraman, V. (2022) A Survey on DNS Encryption: Current Development, Malware Misuse, and Inference Techniques. ACM Computing Surveys, 55, 1-28. &gt;https://doi.org/10.1145/3547331 
    </mixed-citation>
   </ref>
   <ref id="scirp.144178-ref39">
    <label>39</label>
    <mixed-citation publication-type="other" xlink:type="simple">
     Nadler, A., Bitton, R., Brodt, O. and Shabtai, A. (2022) On the Vulnerability of Anti-Malware Solutions to DNS Attacks. Computers&amp;Security, 116, Article 102687. &gt;https://doi.org/10.1016/j.cose.2022.102687
    </mixed-citation>
   </ref>
  </ref-list>
 </back>
</article>