Method and system for protecting domain name system (DNS)

A domain name system, domain name technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as DNS unserviceability, long troubleshooting time, and inability to detect attacks.

Active Publication Date: 2014-10-01
CHINA MOBILE GRP BEIJING
View PDF9 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0022] In order to solve the technical problems of being unable to detect attacks and taking a long time to deal with faults in the prior art, the present invention proposes a method and system for domain name system protection, which can automatically identify abnormal traffic, and take different treatments according to different types of abnormal traffic The mechanism avoids the problem that the DNS service cannot be served for a long period of time between the occurrence of a DNS failure and the activation of the DNS server in the backup center caused by the existing solution.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for protecting domain name system (DNS)
  • Method and system for protecting domain name system (DNS)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0038]The technical solution of the present invention is to construct (IP address group, domain name group) two-dimensional matrix A(i,j) and its related three-term function A(i,j).QPS, A(i,j).Delay , A(i,j).SuccessRate self-learns the DNS traffic characteristics of each (IP address group, domain name group), and can judge the two-dimensional matrix elements by comparing the traffic characteristics with the function A(i,j).Threshold_QPS DNS traffic is abnormal, and then judge which part of the domain name and which source IP address DNS request traffic is abnormal through the relationship between the elements in the matrix. After judging the abnormal A(i,∑), A(∑,j) and A( After the i,j) element, through the comparative analysis of the other two functions A(i,j).Threshold_Delay and A(i,j).Threshold_SuccessRate, it can be found that the abnormal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for protecting a domain name system (DNS). The DNS traffic characteristics of an IP (Internet Protocol) address group and a domain name group are learned, two-dimensional matrix elements with abnormal DNS traffics are identified automatically, abnormal elements are judged through relations among elements in a matrix, and comparative analysis is performed on two functions, namely, a resolving delay threshold and a resolving success rate threshold, so that the abnormal traffics can be classified, and different processing mechanisms are triggered. By adopting two processing mechanisms, the problem of unavailable service of the DNS in a very long time period from the occurrence of a DNS failure to the startup of a backup center DNS server caused by the conventional scheme is solved.

Description

technical field [0001] The invention relates to the technical fields of transmission and IP, in particular to a domain name system protection method and system. Background technique [0002] The DNS resolution process in the current specification is as follows (take www.sina.com.cn resolution as an example): [0003] (1) The user host sends the domain name query request to the local DNS server; [0004] (2) After receiving the request, the local DNS server searches in the local domain name database and cache, and if it finds relevant records, it sends the IP address corresponding to the domain name to the user host; [0005] (3) If the DNS server does not find relevant records in the local domain name database and cache, the local DNS server sends a resolution request to its own root domain server; [0006] (4) The DNS server in the root domain returns the IP address of the DNS server in the cn domain; [0007] (5) The local DNS server sends the request to the DNS server ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/12
Inventor 姜欣杜建凤郭志刚吴茜李旬李鹏李可
Owner CHINA MOBILE GRP BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap