Method and system for detecting false attack sources

An attack source, fake technology, applied in the field of Internet security, it can solve the problems of unable to obtain domain name query results, unable to pass authentication, inconvenient program implementation, etc.

Active Publication Date: 2013-11-13
SHENZHEN TENCENT COMP SYST CO LTD
View PDF2 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] This method in the prior art is to forcibly convert requests based on the UDP protocol to requests based on the TCP protocol. However, the current network environment of most of the existing caching domain name servers does not support queries based on the TCP protocol, resulting in its Unable to pass the authentication, unable to get the query result of the domain name, whic...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting false attack sources
  • Method and system for detecting false attack sources
  • Method and system for detecting false attack sources

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The solution of the present invention will be described in detail below in combination with the preferred embodiments thereof.

[0022] figure 2 A schematic flowchart of an embodiment of a method for detecting a false attack source of the present invention is shown in . In this embodiment, the further operation and processing process after determining that the two cookie values ​​are the same is used as an example for illustration. Those skilled in the art can know that, in the case of only needing to identify and determine whether it is a false attack source , it is only necessary to determine the cookie value twice, therefore, the description in the following embodiment is not intended to limit the solution of the present invention.

[0023] Such as figure 2 As shown, the method in this embodiment includes steps:

[0024] Step S201: Intercept and receive the first domain name query request information sent to the protected authoritative domain name server, the fi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and system for detecting false attack sources. The method includes the steps that first domain name query request information sent by a cache domain name server to an authoritative domain name server is intercepted and received; a first cookie value is determined according to the source IP address and the destination IP address of the first domain name query request information, and virtual domain name information of the authoritative domain name server is generated according to the first cookie value and then sent back to the cache domain name server; second domain name query request information sent by the cache domain name server to the authoritative domain name server is intercepted and received; a second cookie value is determined according to the source IP address and the destination IP address of the second domain name query request information, and the second cookie value is compared with the first cookie value carried by the second domain name query request information. According to the method and system for detecting false attack sources, the false attack sources can be accurately recognized, the authoritative domain name server can be effectively protected from attack by false IP sources and can normally work, and normal domain name query requests can not be affected.

Description

technical field [0001] The invention relates to the technical field of Internet security, in particular to a method for detecting false attack sources and a system for detecting false attack sources. Background technique [0002] DNS (Domain Name System, domain name service system) is an important infrastructure of the Internet, which completes the mapping function from domain names to IP addresses. Among them, the authoritative domain name server refers to the domain name server that provides authoritative name resolution. At present, a common attack method against DNS servers is false source flooding attack. False source flooding attack means that fake IP addresses initiate a large number of domain name query requests to DNS servers, making the load far exceed the capacity of DNS servers, resulting in The DNS server cannot provide services normally, affecting network availability. In the prior art, when detecting the false attack source of the authoritative domain name se...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 白惊涛罗喜军
Owner SHENZHEN TENCENT COMP SYST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap