Network attack defense method based on dns intelligent analysis system

A network attack and intelligent analysis technology, applied in transmission systems, electrical components, etc., can solve the problems of slow effective time, increased data cleaning costs, manual analysis, etc., and achieve the effect of reducing resource consumption

Active Publication Date: 2019-05-10
恩亿科(北京)数据科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 3. It is necessary to use expensive seventh-layer equipment to deeply analyze the data packets before distinguishing between attack requests and normal requests, which increases the cost of data cleaning;
[0006] 4. The difference between attack requests and normal requests often requires manual analysis, and the deployment of defenses takes a long time to take effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack defense method based on dns intelligent analysis system
  • Network attack defense method based on dns intelligent analysis system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Attached below figure 1 And attached figure 2 The network attack defense method based on the DNS intelligent resolution system of the present invention is described in detail.

[0025] Such as figure 1 As shown, the network attack defense method based on the DNS intelligent resolution system includes the following steps:

[0026] Step 11: collecting network service requests;

[0027] Step 12: through the service sub-domain name automatic configuration module, assign corresponding sub-domain names to different network service requests;

[0028] Step 13: Determine whether the subdomain name exists in the attacking subdomain name blacklist database, and if so, perform step 20; otherwise, proceed to the next step;

[0029] Step 14: Perform IP region analysis on the network service request through the DNS IP region analysis module to obtain the corresponding IP region;

[0030] Step 15: Determine whether the IP region exists in the attacking IP subdomain name blacklist...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network attack defense method based on a DNS intelligent analysis system. The network attack defense method comprises the steps: collecting network service requests, and respectively distributing corresponding subdomain names for different network service requests; judging whether a subdomain name exists in an attack subdomain name blacklist database, if so, rejecting the network service request and if not, performing IP region analysis on the network service request to obtain the corresponding IP region; judging whether the IP region exists in an attack IP subdomain name blacklist database, if so, rejecting the network service request and if not, filtering the network service request to obtain the request information; judging whether the request information exists in an attack mode database; if so, determining that the request information is an attack request and rejecting the network service request; and if not, allowing normal operation of the network service request. The network attack defense method based on a DNS intelligent analysis system can individually analyze the attack request after completing quick distribution of attack and normal requests, and can reduce resource consumption for identification of request modes.

Description

technical field [0001] The invention relates to a network attack defense method, in particular to a network attack defense method based on a DNS intelligent resolution system. Background technique [0002] With the development of computer network technology, the popularity of computer network has increased rapidly, but it has also brought about network security problems while improving resource sharing. With the development of network attack technology, computer network security is also facing a great threat. For the main types of Dos denial of service attacks, program attacks, electronic spoofing attacks, and attacks on network protocol weaknesses, there are relatively mature network attack defense methods. However, the existing defense methods have relatively large disadvantages: [0003] 1. Different services often use the same domain name or even device port; [0004] 2. The network attack defense equipment has already consumed the access bandwidth when an attack is d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 洪倍
Owner 恩亿科(北京)数据科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products