DNS (Domain Name Server) safety querying method and device

A query method, DNS server technology, applied in transmission systems, electrical components, etc., can solve problems such as no chain of trust or verification process of data authenticity and integrity, domain name resolution results are risky, and DNS spoofing cannot be identified. , to avoid DNS hijacking and spoofing problems

Active Publication Date: 2015-06-10
三六零数字安全科技集团有限公司
View PDF1 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, even if DNSSEC is deployed on the above-mentioned resolution servers at all levels, there is no trust chain or verification process of data authenticity and integrity between the client and the resolution server nodes that directly interact with the client
Therefore, DNSSEC cannot identify the DNS spoofing that occurs here, and the domain name resolution results obtained by the client are still at risk

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DNS (Domain Name Server) safety querying method and device
  • DNS (Domain Name Server) safety querying method and device
  • DNS (Domain Name Server) safety querying method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0028] Before describing the various embodiments of the present invention, the principles of DNS and DNSSEC closely related to the present invention will be briefly introduced.

[0029] When a user accesses a certain website with a domain name, the client generally converts the domain name into an IP address through a domain name resolution server. The domain name resolution server generally needs to query the root domain name serv...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DNS (Domain Name Server) safety querying method and device. The method comprises the steps of capturing a DNS request data packet to be sent by a client; converting the DNS request data packet into a corresponding DNSSEC (Domain Name System Security Extensions) request data packet; sending the DNSSEC request data to a DNS server to receive a DNSSEC response data packet returned by the DNS server; capturing the DNSSEC response data packet received by the client; verifying to a digital signature in the DNSSEC response data packet through a public key provided by the DNS server; if passing the digital signature passes the verification, converting the DNSSEC response data packet into the corresponding DNS response data packet; performing DNS querying processing according to the DNS response data packet. According to the scheme, the method has the advantages that the DNSSEC verification process is applied to the client, and a trust relationship between the client and the closest DNS server is configured, so as to form a complete trust chain with the DNS servers at each level; the truth and integrity of the data can be verified through the client, and thus the problems of DNS hijacking and cheating can be further avoided.

Description

technical field [0001] The invention relates to the field of computer networks, in particular to a DNS security query method and device. Background technique [0002] The Domain Name System (DNS for short) is a distributed database on the Internet that maps domain names and IP addresses to each other, enabling users to access the Internet more conveniently without having to remember the IP numbers that can be directly read by machines. string. The process of finally obtaining the IP address corresponding to the host name through the host name is called domain name resolution (or host name resolution) process. [0003] The DNS protocol runs on the User Datagram Protocol (UDP for short), and like other protocols or systems on the Internet, it works well in a trusted and pure environment. However, today's Internet environment is extremely complex, full of various frauds and attacks, and the DNS protocol shows its vulnerability. [0004] In order to avoid the above-mentioned ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/12H04L29/06
CPCH04L63/0869H04L63/123H04L61/4511H04L61/00
Inventor 郑劲松肖鹏
Owner 三六零数字安全科技集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap