Malicious domain detection method and device based on intelligence analysis

A domain name detection and domain name technology, which is applied in the field of network security, can solve problems such as poor adaptability and achieve accurate detection results

Inactive Publication Date: 2015-12-02
COMMUNICATION UNIVERSITY OF CHINA
View PDF6 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, such methods are often accompanied by a large number of false positives and false positives, and have poor adaptability in different user environments and business demand scenarios.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious domain detection method and device based on intelligence analysis
  • Malicious domain detection method and device based on intelligence analysis
  • Malicious domain detection method and device based on intelligence analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In the following description, numerous specific details are given in order to provide a more thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without one or more of these details. In other examples, some technical features known in the art are not described in order to avoid confusion with the present invention.

[0022] It should be understood that the invention can be embodied in different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.

[0023] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms "a", "an" and "the / the" are intended to include...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a malicious domain detection method and device based on intelligence analysis. The method comprises the steps of obtaining communication data in a network; analyzing the communication data to extract the IP of a source host, domain names searched by the source host query and time of searching the domain names; a domain risk level database is searched to determine the domain names searched by the source host is in the domain risk level database; if the domain names searched by the source host is in the domain risk level database, a risk level result corresponding to the domain names is taken out from the domain risk level database and presented; and if the domain names searched by the source host is not in the domain risk level database, evaluation is carried out on domain risk levels and the risk level evaluation result is presented. The risk level evaluation result includes search engine recording status analysis and Internet archive analysis. The malicious domain detection method and device provided by the invention can precisely detect unknown malicious domains.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for detecting a malicious domain name based on intelligence analysis. Background technique [0002] With the rapid development of network technology and the arrival of the network age, the vast and rich resources contained in the network have brought a lot of convenience to human society. However, while people's lives are becoming more and more dependent on the Internet, network security incidents driven by interests are emerging one after another. Seriously affected the normal use of the network, but also brought great harm to all sectors of society, so the detection of these events is extra important. [0003] The domain name system is one of the important infrastructures of the current Internet, and a large number of network services rely on domain name services to carry out. Domain Name Resolution Service (DNS) maps abstract IP addresses into ea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1416
Inventor 安靖黄玮范文庆李美聪王永滨隋爱娜邹权臣李建方
Owner COMMUNICATION UNIVERSITY OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap