Unlock instant, AI-driven research and patent intelligence for your innovation.

A detection method and device for dns full traffic hijacking risk

A detection method and technology of a detection device are applied in the computer field and can solve the problems of low detection accuracy and the inability to record risky IP addresses in a blacklist database.

Active Publication Date: 2020-05-26
三六零数字安全科技集团有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, criminals usually control multiple IP addresses, and even hijack new IP addresses continuously, which makes the blacklist database unable to record all risky IP addresses
Therefore, the method for detecting the risk of DNS full traffic hijacking through the above method has the technical problem of low detection accuracy.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A detection method and device for dns full traffic hijacking risk
  • A detection method and device for dns full traffic hijacking risk
  • A detection method and device for dns full traffic hijacking risk

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0087] Embodiments of the present invention provide a method and device for detecting DNS full-flow hijacking risks, which are used to improve the detection accuracy of DNS full-flow hijacking risks.

[0088] In order to solve the above technical problems, the general idea of ​​the technical solution provided by the present invention is as follows:

[0089] In the technical solution of the embodiment of the present invention, one or more target domain names used to detect the risk of DNS full traffic hijacking are obtained, and then DNS analysis is performed on one or more target domain names to obtain the target IP address corresponding to each target domain name, Then, one or more target IP addresses are obtained, and then, if the one or more target domain names are WAN domain names, it is judged whether there is a LAN address in the one or more target IP addresses, and if there is a LAN address, it is determined that the UE exists DNS full traffic hijacking risk; or, if the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Embodiments of the present invention provide a method and device for detecting DNS full-flow hijacking risks, which are used to improve the detection accuracy of DNS full-flow hijacking risks. The method includes: obtaining one or more target domain names used to detect the risk of domain name system DNS full traffic hijacking; wherein, the one or more target domain names are specifically wide area network domain names; performing DNS on the one or more target domain names Analyzing, obtaining the target Internet protocol IP address corresponding to each of the target domain names, and then obtaining one or more target IP addresses; judging whether there is a LAN address in the one or more target IP addresses; when the one or more target IP addresses When there is a LAN address in the target IP address, it is determined that the user equipment UE has a DNS full traffic hijacking risk.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a method and device for detecting the risk of DNS full traffic hijacking. Background technique [0002] With the promotion and in-depth application of the Internet, all kinds of information in people's daily life are more closely integrated with the Internet. Because of this, the detection of network security has to be more important. [0003] Taking DNS (Domain Name System, Domain Name System) full-traffic hijacking detection as an example, some related technologies are detected in the following way: first, electronic devices or servers are stored in a blacklist database, and multiple DNS full-traffic hijacking risks are recorded in the blacklist database. IP (Internet Protocol, Internet Protocol) address. Analyze the target domain name to obtain the corresponding IP address, and then compare whether the resolved IP address is in the blacklist database. If the resolved IP a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1408H04L61/4511
Inventor 高永岗张建新刘天
Owner 三六零数字安全科技集团有限公司