Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for identifying and defending against dns SERVFAIL attacks

A level and identification technology, applied in transmission systems, electrical components, etc., can solve problems such as legal domain name query failures

Active Publication Date: 2019-04-23
INTERNET DOMAIN NAME SYST BEIJING ENG RES CENT
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides a method and device for identifying and defending against DNS SERVFAIL attacks, which are used to solve the problem in the prior art that the legal domain name query of some areas with a large number of visits fails due to the use of static speed limit methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for identifying and defending against dns SERVFAIL attacks
  • Method and device for identifying and defending against dns SERVFAIL attacks
  • Method and device for identifying and defending against dns SERVFAIL attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0038] figure 1 It is a schematic flowchart of Embodiment 1 of the method for identifying and defending against DNS SERVFAIL attacks provided by the present invention. The execution subject of the method is a recursive server, such as figure 1 As shown, the method includes:

[0039] S101. Receive the domain name query request sent by the client, the domain name query request carries the domain name to be queried and the identifier of the zone to which the dom...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method and device for identifying and defending against DNS SERVFAIL attacks. The method includes: receiving a domain name query request sent by a client, the domain name query request carrying the domain name to be queried and the identifier of the domain to which the domain name belongs; according to the above domain name Query request to obtain the level corresponding to the zone to which the domain name belongs; obtain the query authority of the zone to which the domain name belongs according to the above level, query the domain name according to the query authority, and update the level count of the zone to which the domain name belongs according to the query result. This method adjusts the level of the zone to which the domain name belongs when the level count reaches a certain value, so that the query resources owned by the zone to which the domain name belongs change, thus realizing the dynamic search for the domain name according to the historical query results of the zone to which the domain name belongs The region to which it belongs allocates query resources, which not only guarantees the legal domain name query of some legal regions, but also intercepts the illegal domain name query of some illegal regions.

Description

technical field [0001] The invention relates to domain name query technology, in particular to a method and device for identifying and defending against DNS SERVFAIL attacks. Background technique [0002] The recursive server is used for recursive query during domain name query, and the recursive server will occupy a lot of system resources when performing recursive query. Therefore, the recursive server usually relies on the cache mechanism to avoid intensive recursive query as much as possible. And when the remote server requested by the recursive server does not respond, the recursive server cannot determine whether there is a problem with the remote server, so the recursive server will keep a certain waiting time and perform a certain number of retries, and will not respond to unresponsive The results are cached. Domain Name System Service Fail (DNS SERVFAIL for short) attack is to use the above-mentioned recursive server processing mechanism to use one or more problema...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12H04L29/06
CPCH04L63/1466H04L61/4511
Inventor 陈超郄少杰张绍峰吴琦毛伟邢志杰
Owner INTERNET DOMAIN NAME SYST BEIJING ENG RES CENT