Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Prevention method and device for domain name system (DNS) denial of service

A denial of service attack, DNS server technology, applied in electrical components, transmission systems, etc., can solve problems such as exhaustion of recursive resolver resources, recursive resolution of domain name requests, etc., to improve the success rate of resolution and reduce the impact of normal resolution , the effect of enhancing reliability

Inactive Publication Date: 2014-08-06
SHANGHAI JIAO TONG UNIV
View PDF2 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

A large number of random domain names generated by denial of service attacks will exhaust the recursive resolver resources of the DNS server, so that normal domain name requests cannot be recursively resolved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Prevention method and device for domain name system (DNS) denial of service
  • Prevention method and device for domain name system (DNS) denial of service
  • Prevention method and device for domain name system (DNS) denial of service

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Embodiments of the present invention will be specifically described below in conjunction with the accompanying drawings.

[0025] Such as figure 1 As shown, a defense method for DNS denial-of-service attacks includes a server denial-of-service attack detection step and a denial-of-service attack defense step. First, start the denial of service attack detection step, detect whether the DNS server is in the state of being attacked by denial of service, if it is detected that the DNS server is in the state of being attacked by denial of service, then send the signal of starting denial of service attack defense to the DNS server , if it is detected that the DNS server is not under a denial of service attack, then sending a signal to disable denial of service attack defense to the DNS server. After the DNS server receives the signal for activating or deactivating the denial-of-service attack defense, it activates or deactivates the cache hardening function to defend or stop...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a prevention method and a prevention device for domain name system (DNS) denial of service. The prevention method for the DNS denial of service includes detecting a denial of service detection step and a denial of service prevention step when the DNS server is in a denial of service state, wherein the prevention of the denial of service is achieved through a cache curing function in the denial of service prevention step. A DNS denial of service prevention device comprises a denial of service detection module for detecting whether the DNS server is in the denial of service state and a denial of service prevention module for preventing denial of service, wherein the denial of service prevention module achieves the prevention of the denial of service through activating the inner cache curing function. According to the prevention method and a prevention device for the DNS denial of service, when the DNS server is in a denial of service state, the resource waste of a recursive parser of the DNS server is substantially reduced, and the resolution success rate of common domain names is improved.

Description

technical field [0001] The invention relates to the field of defense against denial of service attacks, in particular to a defense method and device for DNS denial of service attacks. Background technique [0002] DNS (Domain Name System) is a distributed database system used to manage the mapping of host names and address information. It corresponds easy-to-remember domain names with IP addresses, enabling people to access the Internet conveniently and providing fundamental information for many network applications. support. [0003] The stability and reliability of DNS service is the guarantee for the normal operation of the Internet, and attacks against DNS servers will affect the normal domain name resolution, thus causing serious impact on the entire Internet. Attacks against DNS servers mainly include denial of service attacks, which usually have the characteristics of forging source IP addresses, randomizing TTL (Time-to-live) of IP data packets, and randomizing requ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 邹福泰王鲁华章思宇李建华
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products