Method and device for detecting illegal domain name

A domain name, illegal technology, applied in the field of network security, can solve the problem of inability to detect illegal domain names, and achieve the effect of improving the accuracy rate

Inactive Publication Date: 2017-05-24
SANGFOR TECH INC
View PDF4 Cites 48 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The present invention provides a method and device for detecting illegal domain names, the main purpose of which is to solve the technical problem that new illegal domain names cannot be detected in the existing botnet monitoring technology, and improve the accuracy of detecting illegal domain names

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting illegal domain name
  • Method and device for detecting illegal domain name
  • Method and device for detecting illegal domain name

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0052] The invention provides a method for detecting illegal domain names. refer to figure 1 Shown is a flow chart of the first embodiment of the method for detecting illegal domain names in the present invention.

[0053] In this embodiment, the method for detecting an illegal domain name includes:

[0054] Step S10, obtaining the domain name to be detected, analyzing the character composition in the domain name to obtain the characteristic value of the domain name, and obtaining the randomness of the domain name according to the characteristic value.

[0055] Step S20, if the randomness of the domain name is greater than a preset threshold, it is determined that the domain name is an illegal domain name.

[0056] The method for detecting illegal domain names proposed by the embodiments of the present invention ca...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for detecting an illegal domain name. The method includes the following steps that: a domain name to be detected is obtained, character composition in the domain name is analyzed, so that the feature value of the domain name can be obtained, and the degree of randomness of the domain name is obtained according to the feature value; and if the degree of randomness of the domain name is larger than a preset threshold value, it is determined that the domain name is an illegal domain name. The present invention also provides a device for detecting an illegal domain name. With the method and device for detecting the illegal domain name of the invention adopted, the technical problem that an existing botnet monitoring technology cannot detect newly-emerging illegal domain names can be solved, and the accuracy rate of the detection of illegal domain names can be improved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for detecting illegal domain names. Background technique [0002] Botnet virus is one of the important virus types at present. Botnet can initiate DDoS (Distributed Denial of Service, Distributed Denial of Service) attacks, phishing emails, download and spread virus software and other malicious behaviors. Hosts controlled by botnet viruses need to communicate with botnet control servers to obtain new attack targets, download new viruses, obtain new attack instructions, upload files, etc. Hosts controlled by botnets are called meat machines. [0003] To communicate with the C&C server, the meat machine must know the IP address of the C&C server (Command and ControlServer, remote command and control server). Early botnet viruses directly wrote the IP address of the C&C server into the virus program, but directly used the IP address Communications are v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1441H04L2463/144H04L61/4511
Inventor 邓永
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap