Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for controlling malicious domain name and illegal access

A technology of illegal access and control methods, applied in electrical components, transmission systems, etc., can solve problems such as being unsuitable for black and white list filtering services, affecting system availability, and small number of users, improving storage and search efficiency, and shortening single locks. Time, deployment and flexible effects

Active Publication Date: 2017-12-12
HARBIN INST OF TECH AT WEIHAI
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the prior art, processing technologies for malicious domain names mainly include four types: (1) Using domain name resolution software: Currently, more than 95% of domain name resolution software uses BIND, which has a blacklist filtering function, but has the following defects: blacklist The update needs to stop the domain name resolution service, which greatly affects the availability of the system; when the amount of data is large, it affects the performance of the system, and the number of blacklists is limited
(2) Gateway system for DNS filtering: Cheswick and others at Bell Labs proposed a security gateway system for DNS filtering, which runs in the network in the form of a firewall. The disadvantage is that it uses filtering rules for processing, and the speed and efficiency are relatively low Low, when there are many filtered domain names, the availability of domain name resolution services will be greatly reduced
(3) DNS systems with security functions, such as OpenDNS, filter malicious websites through the list of malicious websites it collects. Although the security is improved, its scope of application is small, the number of users is very small, and its versatility is poor
Disadvantage: It can only perform corresponding configuration filtering for specific access areas, but cannot perform effective security filtering for DNS servers. At the same time, because most of them use router-based filtering rules, it is not suitable for processing large-scale massive black and white lists. Filtering business cannot meet real-time processing requirements
(5) The secure domain name server technology has been modified on the BIND source code, breaking the integrity of the domain name server
The above-mentioned existing malicious domain name control technology has certain problems in terms of usability, versatility and controllability, so there is an urgent need for a control method that does not affect the normal service of domain name resolution and can ensure security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling malicious domain name and illegal access
  • Method and device for controlling malicious domain name and illegal access
  • Method and device for controlling malicious domain name and illegal access

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention will be further described below in conjunction with the accompanying drawings.

[0039] Aiming at the deficiencies of the prior art, the present invention proposes a control method and device for malicious domain names and illegal access that can efficiently control malicious domain names and illegal access, wherein the secure domain name server middleware 1 is deployed on the DNS server, such as attached figure 1 As shown, it includes a kernel mode protocol stack packet interception module 3, a user mode DNS parsing module 5, a black / white list matching module 4, a black / white list index database 9, a control policy module 6 and a log module 7. The kernel mode protocol stack data packet interception module 3 is connected with the user mode DNS analysis module 5, the user mode DNS resolution module 5 is connected with the control strategy module 6, the control strategy module 6 is connected with the blacklist matching module 4, and the blacklist ma...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network security, in particular to a method and device for controlling a baleful domain name and illegal access. The device is characterized in that middleware comprises a kernel mode protocol stack data packet intercepting module, a user mode DNS (Domain Name Server) resolution module, a control strategy module, a black / white list index database module, a black / white list matching module, and a log module, wherein the kernel mode protocol stack data packet intercepting module is located at the front end of the user mode DNS resolution module; the control strategy module is connected with the output of the user mode DNS resolution module; the output end of the control strategy module is connected with the log module; the control strategy module is connected with the black / white list matching module; the black / white list matching module is connected with the black / white list matching index database module. Compared with the prior art, the method and device can improve the security of domain name service from aspects of universality, usability, controllability, security, timeliness, effectiveness and the like.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method of efficiently blocking and isolating malicious domain name access by deploying a secure domain name server middleware on a server running DNS server software (BIND 9). A method and device for controlling malicious domain names and illegal access that can also effectively control illegal visitors. Background technique [0002] DNS is the Domain Name System (Domain Name System), which is a hierarchically authorized distributed data query system. It is mainly used to complete the translation and conversion function of domain names to IP addresses. The vast majority of Internet communications must first complete the addressing conversion from domain names to IP addresses through the domain name system, so the domain name system has become one of the key infrastructures for the normal operation of the entire Internet. [0003] Currently, DNS has become the weakest ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12H04L29/06
Inventor 张兆心许海燕闫健恩李挺郭承青李正民黄道超
Owner HARBIN INST OF TECH AT WEIHAI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com