Mimic security method and device for recursive DNS server

A technology of DNS server and recursive server, which is applied in the field of network security, can solve the security threats of DNS recursive server and other problems, and achieve the effect of solving cache poisoning and ensuring reliability and stability

Active Publication Date: 2017-07-18
THE PLA INFORMATION ENG UNIV
View PDF6 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention overcomes the problem in the prior art that DNS recursive servers face security th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mimic security method and device for recursive DNS server
  • Mimic security method and device for recursive DNS server
  • Mimic security method and device for recursive DNS server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] Embodiment one, see figure 1 As shown, a mimic security method and device for a DNS recursive server, comprising the following steps:

[0034] Step 1: Receive the user query request, divert it to the security service chain through the SDN switch for screening, filtering, and attack detection, and the parameter manager obtains the attack detection data and sends the corresponding parameter information to the tuner;

[0035] Step 2: For each query request in the selector query request queue, the selection module selects several DNS servers to send query requests according to the parameters issued by the parameter manager, the status information of each DNS server, and the selection strategy;

[0036] Step 3: The judging module receives the response information from the DNS server and makes a large number judgment on the result. If the judgment is passed, the result is returned to the user; otherwise, the query is re-queried. And update the status information of each DNS ...

Embodiment 2

[0037] Embodiment two, step 1 in embodiment one can be realized in the following manner:

[0038] see figure 2 as shown, figure 2 It is a flow diagram of the security service chain module, including the following steps:

[0039] Step 101: According to the security policy, the SDN controller sends the flow table information to the SDN switch through the flow table manager to divert the query request to the response security service chain;

[0040] Step 102: The request passes through the firewall, deep packet inspection, and DNS attack detection in order to screen and filter, and then sends the query request to the selector, joins the query request queue, and the parameter manager obtains data from the DNS attack detection service for processing and sends it out to the tuner;

[0041] Specifically, the parameter information is the coefficient of the DNS server status information (that is, the coefficient of the reliability and load when calculating the selection factor), a...

Embodiment 3

[0042] Embodiment three, step 2 in embodiment one can be realized in the following manner:

[0043] see image 3 as shown, image 3 It is a flow diagram of the selection module, including the following steps:

[0044] Step 201: Obtain selection factors of each DNS server;

[0045] Specifically, the selection factor is determined by multiplying the reliability, load and the coefficient issued by the parameter manager;

[0046] Step 202: Determine that the number of DNS servers whose selection factor exceeds the threshold is greater than or equal to 3: if it is less than 3, enter step 203: random mode, randomly select a DNS server to send a query request; otherwise, enter step 204: different To construct a redundant mode, randomly select an odd number n greater than or equal to 3, and select n query requests from the DNS servers exceeding the threshold according to the probability of the selection factor.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a mimic security method and a device for a recursive DNS server, overcoming the security threatening problem of the recursive DNS server. The method comprises the following steps: 1) receiving the inquiry requests of users; guiding the inquiry requests through a DNS switch to a security service chain where screening, filtering and attack detecting are performed to the requests; and obtaining the attack detecting data by a parameter manager followed by the delivering of corresponding parameter information to a transferring device; 2) for each inquiry request in the request queue of the transferring device, selecting by the transferring device a plurality of inquiry requests by the DNS server according to the parameter manager delivered parameters, the state information of various DNS servers and the transferring strategy; and 3) receiving the responding information of the DNS servers by a determining module; making the majority decision to the result; and updating the state information of the various servers in the DNS server pool. The method and the device of the invention solve the virus attacks to the cache of a recursive server without the modification of the DNS protocol or DNS inquiry responding procedure.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a mimic security method and device for a DNS recursive server. Background technique [0002] The Domain Name System (DNS) is one of the most critical infrastructures on the Internet. Its main function is to realize the corresponding mapping relationship between domain names and IP addresses and provide routing information for emails. At the beginning of the development of the Internet, there were only a few hundred hosts, so only one hosts file can contain the mapping information of all hosts and domain names. With the rapid development of the Internet, the increase of Internet users, the large scale of the network, and the sudden increase of traffic load make this method unable to respond to all query requests in a timely and correct manner. The domain name system developed later provides mapping services between domain names and IP addresses, which provides convenienc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1466H04L61/4511
Inventor 扈红超王禛鹏程国振刘文彦霍树民梁浩张淼丁瑞浩
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap