An Online Recognition Method of Recursive Domain Name Server Based on Estimation of Connectivity
A domain name server and identification method technology, which is applied in the field of recursive domain name server online identification based on connection degree estimation, can solve problems such as high cost, achieve high identification accuracy, and ensure real-time effects
Active Publication Date: 2019-02-15
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF4 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
But the active method also has many disadvantages: in the first method, a large number of IP addresses need to be obtained in advance before active detection; in the second method, many recursive domain name servers currently have security settings to prevent any The domain name query of the host, the domain name query request may be filtered by it, resulting in a proactive method that consumes a lot of resources to detect IP addresses that do not respond
Large traffic and limited online resources pose great challenges to online analysis traffic
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0042] The system of the present invention operates as a plug-in of the online network device, and the present invention will be described in detail below in conjunction with the drawings and specific embodiments.
[0043] like image 3 As shown, a recursive domain name server online identification method deployment based on connection degree estimation, the experimental steps are as follows:
[0044] Step 1): Obtain the DNS traffic of an education network gateway (EDU) and an enterprise network gateway (ISP) within 24 hours, analyze the DNS data set, and obtain the source IP, destination IP, domain name and other attributes in the traffic.
[0045] Step 201): According to figure 2 As shown in the flow chart of the connectivity estimation algorithm, taking Src-con as an example, a large shared bit array B with a bit value of 0 is applied for when the program is initialized. A hash function to map the source IP address, assign s bits in the array B to the source IP address, ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a recursive domain name server online identification method based on connection degree estimation. The method is as follows: 1) performing protocol analysis on the acquired network traffic within a set time period to obtain a DNS traffic data set; 2) analyzing the DNS traffic in the DNS traffic data set to obtain attribute information of the DNS traffic; 3 ) Calculate the Src-con value and Dom-con value of each source IP according to the attribute information; the Src-con value is the source IP connection degree, that is, the number of different destination IP addresses corresponding to the source IP address in DNS traffic; the Dom-con value is the domain name connection degree, that is, the number of different domain names corresponding to the source IP address; 4) If the Src-con value corresponding to the same source IP is higher than the source IP connection degree threshold, and the Dom-con value is higher than the domain name connection degree threshold; then the The server corresponding to the source IP is used as the recursive domain name server. The invention has high recognition accuracy.
Description
technical field [0001] The invention belongs to the technical field of network measurement, and in particular relates to a recursive domain name server online identification method based on connection degree estimation. Background technique [0002] The Domain Name System (Domain Name System) is the core service of the Internet. It resolves the domain name to an IP address through the domain name server, making it easier for users to access the Internet. The resolution process is as follows: figure 1 shown. At present, domain name servers can be divided according to service types: Root-DNS: root domain name server, the highest-level domain name server in the domain name resolution system, responsible for returning the authoritative domain name server address of the top-level domain name; Authoritative DNS (ADNS): authoritative domain name server, responsible for management For a certain area, the domain name query of this area is directly searched and responded from the loc...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/12
CPCH04L43/16H04L61/4511
Inventor 孙永黄彩云刘晓梅刘庆云郭莉秦鹏刘洋刘俊朋
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI