Method and device for detecting hijacking of DNS (Domain Name Server)

A DNS server and legitimacy verification technology, applied in the field of DNS server hijacking detection, can solve problems such as terminal access address errors, errors, threats to terminal or user information security, and achieve the effect of improving security

Inactive Publication Date: 2014-09-24
XIAOMI INC
View PDF2 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In actual use, the DNS server will have the situation that the corresponding relationship between the domain name and the IP address is maliciously tampered with by a malicious application or hacker attack, causing the domain name in the domain name resolution request sent by the terminal to be resolved to the wrong IP address, and then Cause address errors in terminal access, and even threaten the security of terminal or user information

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting hijacking of DNS (Domain Name Server)
  • Method and device for detecting hijacking of DNS (Domain Name Server)
  • Method and device for detecting hijacking of DNS (Domain Name Server)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] An embodiment of the present disclosure provides a method for detecting DNS server hijacking, see figure 1 , the method flow includes:

[0029] In step 101, according to the first domain name system DNS server address set in the terminal, a domain name resolution request carrying a first domain name is sent to the first DNS server. The first domain name is a domain name that does not exist in the network. The method of this embodiment used in the terminal;

[0030] In step 102, the resolution result of the first domain name returned by the first DNS server is received, and if there is a first address list corresponding to the first domain name in the resolution result of the first domain name, then the address list carrying the second domain name is sent to the first DNS server. The domain name resolution request, the second domain name is the domain name that exists in the network that needs to be accessed by the target application, and the method of this embodiment i...

Embodiment 2

[0034] An embodiment of the present disclosure provides a method for detecting DNS server hijacking, see figure 2 , the method flow includes:

[0035] In step 201, according to the first domain name system DNS server address set in the terminal, a domain name resolution request carrying a first domain name is sent to the first DNS server. The first domain name is a domain name that does not exist in the network. The method of this embodiment used in the terminal.

[0036] Wherein, the first domain name is a domain name that does not exist in the network in the embodiment of the present disclosure, and the first domain name is a preset determination factor for determining whether the DNS server is hijacked. For example: the first domain name can be "www.zhegeyumingbucunzai123456789.com". Normally, the DNS server cannot obtain the IP address corresponding to the first domain name after analyzing the first domain name.

[0037] The purpose of setting the first domain name and...

Embodiment 3

[0056] An embodiment of the present disclosure provides a method for detecting DNS server hijacking, see image 3 , the method flow includes:

[0057] In step 301, according to the first domain name system DNS server address set in the terminal, a domain name resolution request carrying a first domain name is sent to the first DNS server. The first domain name is a domain name that does not exist in the network. The method of this embodiment used in the terminal.

[0058] Wherein, the first domain name is a domain name that does not exist in the network in the embodiment of the present disclosure, and the first domain name is a preset determination factor for determining whether the DNS server is hijacked. For example: the first domain name can be "www.zhegeyumingbucunzai123456789.com". Normally, the DNS server cannot obtain the IP address corresponding to the first domain name after analyzing the first domain name.

[0059] The purpose of setting the first domain name and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for detecting hijacking of a DNS (Domain Name Server), and belongs to the technical field of Internet. The method comprises the following steps: sending a domain name solving request which carries a first domain name to a first DNS, wherein the first domain name is a domain name which does not exist in a network; receiving the solving result of the first domain name returned by the first DNS, and sending a domain name solving request which carries a second domain name to the first DNS if a first address list corresponding to the first domain name exists in the solving result of the first domain name, wherein the second domain name is a domain name which exists in a network needing to be accessed in a target application; receiving a solving result of the second domain name returned by the first DNS, and determining that hijacking of the first DNS is detected if the same addresses exist in a second address list corresponding to the second domain name in the solving result of the second domain name and the first address list. By adopting the method and the device, the function of actively detecting the DNS server is realized, threat caused by access to the Internet by a terminal after hijacking of the DNS is avoided, and the security of the terminal is enhanced.

Description

technical field [0001] The present disclosure relates to the technical field of the Internet, in particular to a method and device for detecting DNS server hijacking. Background technique [0002] With the development of Internet technology, users' demand for Internet access is increasing. When a user accesses the Internet through a browser or an application, he or she will enter the domain name of the website to be accessed or directly access the Internet through the domain name of the website to be accessed preset in the application. [0003] When accessing the Internet through the domain name of the website to be visited, the terminal will send a domain name resolution request carrying the domain name of the website to be visited to the domain name server according to the address of the preset DNS (DomainName System, Domain Name System) server, and the DNS server will treat the website to be visited The domain name is analyzed, and the IP address corresponding to the dom...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/12H04L29/06H04L12/26
Inventor 江波
Owner XIAOMI INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap