Check patentability & draft patents in minutes with Patsnap Eureka AI!

A dnssec analysis method based on complex network

A parsing method and technology of complex networks, applied in electrical components, transmission systems, etc., can solve the problems that domain names cannot be resolved, the transmission of DNSSEC data packets is blocked, and the router does not support DNS packets larger than 1500 bytes. Reachability and risk reduction effect

Active Publication Date: 2017-10-31
CHINA INTERNET NETWORK INFORMATION CENTER
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although EDNS0 technology expands the size of DNS packets, some routers do not support DNS packets larger than 1500 bytes, and some firewalls do not support EDNS0 protocol
These restrictions will directly block the transmission of DNSSEC data packets on the Internet, and eventually cause the corresponding domain name to be unresolvable

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dnssec analysis method based on complex network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The process of this embodiment is shown in the figure. Its steps are described as follows:

[0025] After the DNSSEC verification function is enabled on the recursive server, the query will be performed as follows:

[0026] 1) The recursive server receives the user's DNS query request. After receiving the user's DNS query request, query the cached data. If the cached data has the information, return the information to the user; if the cached data does not have the information, skip to step 2.

[0027] 2) Using UDP protocol, use ENDS0 to query DNSSEC data from the authoritative server. If you have this data, skip to step 5.

[0028] 3) When no data is returned in step 2, use the transport protocol selected by the dynamic selection strategy to query the DNSSEC data from the authoritative server, and skip to step 5 if the data is obtained.

[0029] 4) When no data is returned in step 3, the transmission protocol is dynamically selected again, and DNS data is queried to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DNSSEC analysis method based on complex network. This method is as follows: 1) The recursive server queries the cached data according to the DNS request, and returns the corresponding cached data to the user if there is any; if not, it goes to 2); 2) queries the DNSSEC data from the authoritative server according to the DNS request; if the data is not obtained, Then go to 3); if obtained, go to 5); 3) the recursive server uses the transport protocol selected by the dynamic selection strategy to query the authoritative server for DNSSEC data; if not obtained, go to 4); if obtained, go to 5); 4) use the dynamic selection strategy The selected transmission protocol uses a non-DNSSEC method to query DNS data, and if obtained, returns DNS data without AD bits; otherwise, returns a failure message; 5) verifies the DNS data, and returns DNS data containing AD bits if passed; otherwise, returns a failure message. The invention improves the reachability and service stability of DNS data messages.

Description

technical field [0001] The invention relates to a DNSSEC resolution method based on a complex network, belonging to the technical field of computer networks. Background technique [0002] In recent years, DNSSEC (Domain Name System Security Extensions) protocol has been widely deployed and has become a trend in order to solve the security vulnerabilities of the DNS domain name system (such as man-in-the-middle attacks). It uses public key encryption technology and digital signature technology to provide endpoint authentication and data integrity protection for DNS (RFC 4034, RFC4035). At present, top-level domain names such as root node, com, us and cn have been deployed. [0003] After the DNSSEC function is introduced, the DNS packet will increase significantly, and the size of the data packet will exceed 512 bytes, or even exceed 1500 bytes. Although EDNS0 technology expands the size of DNS packets, some routers do not support DNS packets larger than 1500 bytes, and some...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12H04L29/06
Inventor 李晓东张海阔罗策王楠左鹏李洪涛
Owner CHINA INTERNET NETWORK INFORMATION CENTER
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com