Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and system for monitoring messages in domain name resolution service DNS system

A domain name resolution and DNS query technology, applied in the field of network security, can solve problems such as limited protection capabilities, strong limitations, and low accuracy, and achieve the effect of improving accuracy

Active Publication Date: 2014-12-24
CHINA MOBILE COMM GRP CO LTD
View PDF8 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The second attack method is abnormal request access attack
[0006] The third attack method is DNS hijacking attack
[0007] The fourth attack method is that the attacker uses DNS to attack
The disadvantage of this protection method is that some attacks, such as DDoS attacks and man-in-the-middle attacks, can be prevented by setting DNS service rules on the firewall, but it is helpless for most special attacks against DNS
The disadvantage of this method is that the traffic cleaning system can better distinguish DoS / DDoS traffic and normal business traffic to ensure normal service of DNS, but it cannot distinguish special attacks on DNS, such as DNS cache poisoning attacks
The disadvantage of this method is that it can only detect certain specific attacks and has limited protection capabilities.
[0013] To sum up, the implementation method of DNS security monitoring proposed above cannot provide comprehensive monitoring and protection capabilities for existing special attacks against DNS, and has strong limitations and low accuracy.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for monitoring messages in domain name resolution service DNS system
  • Method, device and system for monitoring messages in domain name resolution service DNS system
  • Method, device and system for monitoring messages in domain name resolution service DNS system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0026] Embodiment 1 of the present invention proposes a system for monitoring messages in a DNS system, which is used in the DNS system, including at least one DNS, at least one DNS monitoring device, and at least one user terminal for message transmission with the DNS.

[0027] Wherein, the DNS monitoring device can be connected in series with the DNS in the transmission link, and can also be connected in parallel with the DNS in the transmission link. Preferably, in the technical solution proposed here in Embodiment 1 of the present invention, the DNS monitoring device and the DNS are connected in series The transmission link is taken as an example to elaborate in detail. The DNS monitoring device and the DNS are connected in series in the transmission link, and when the monitored data flow that attacks the DNS exists in the transmission link, the transmission of the message to the DNS can be prohibited, thereby improving the security of the DNS.

[0028] Preferably, a DNS m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, device and system for monitoring messages in a domain name resolution service DNS system. The method, the device and the system can provide comprehensive monitoring and protecting abilities for existing special attacks for a DNS, and improve the monitoring accuracy. The method comprises the steps that a first preset length of time is used as a sampling period, and the messages transmitted between the domain name resolution service DNS and any user terminal are obtained; for any obtained messages in the current sampling period, the message types of the messages are determined; according to the determined message types, the message length values and the number of access times of the messages and at least two parameters in a life period are determined; according to the determined message length values, the number of the access times and the two parameters in the life period, monitoring assessment values corresponding to the messages in the current sampling period are determined; according to the determined monitoring assessment values, the messages transmitted between the DNS and any user terminal are monitored.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method, device and system for monitoring messages in a domain name resolution service DNS system. Background technique [0002] As an early Internet protocol, considering the distribution of hosts at that time, the DNS system based on the Domain Name Service (DNS, Domain Name Service) protocol at the beginning of the design was based on mutual trust and was a completely open collaboration system. Various types of data transmitted in the system are not encrypted, proper information protection and authentication mechanisms are not provided, and various queries are not accurately identified. At the same time, the protection of network infrastructure and core backbone equipment is not paid enough attention, resulting in In the later stage, the DNS system is vulnerable to attacks and has poor security. [0003] Among them, the attack methods on the DNS system mainly includ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
Inventor 卢楠张峰付俊杨光华
Owner CHINA MOBILE COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com