Special data filtering method for eliminating denial-of-service attacks to DNS (domain name system) service

A denial of service attack, DNS service technology, applied in the field of network security, can solve the problems of low precision, poor defense, and high economic cost, achieve the effect of low calculation amount and deployment cost, achieve congestion control, and high degree of intelligence
CN102882881BActive Publication Date: 2015-06-24CHANGZHOU XIAOGUO INFORMATION SERVICES
3 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHANGZHOU XIAOGUO INFORMATION SERVICES
Publication Date
2015-06-24

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a special data filtering method for eliminating denial-of-service attack to DNS (domain name system) service. The special data filtering method includes steps of firstly, capturing a network data sample of a DNS server; secondly, extracting characteristic attributes of the captured network data sample; thirdly, determining a time function which is a piecewise time function; fourthly, creating a training data matrix of a normal flow and a train data matrix of an attack flow according to the captured network data sample; fifthly, continuing capturing traffic data packets on the DNS server in real time, and classifying and detecting the traffic data packets by a Bayes classifier; sixthly, filtering classification results, judging whether a data flow is the attack flow or not, completely abandoning the data flow if the data flow is the attack flow, and adopting a filtering method based on classification probability according to the congestion condition of the DNS server if the data flow is the normal flow; and seventhly, turning to the fifth step to carry out the same process. By the special data filtering method, data are filtered and processed after the denial-of-service attack flow is detected, and influence of the denial-of-service attack on the DNS server is eliminated.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] The invention belongs to the technical field of network security, and in particular relates to a data filtering method for denial of service attacks against DNS services. Background technique

[0002] DNS (domain name system) is a key infrastructure of the Internet and a weak link in Internet security. Due to the defects in the initial design of the DNS protocol and the limited query capability of the DNS server itself, the DNS server has become one of the main targets of hackers launching denial of service attacks. Denial of service attacks use the master computer to control the puppets on the network and launch attacks on the target at the same time, exhausting server resources. The essence of this kind of attack is to make the server process the amount of data that exceeds its normal limit. Therefore, the implementation of monitoring and analyzing changes in the amount of data to distinguish between normal and abnormal data is an effective way to detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More