Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A mimic security method and device for dns recursive server

A technology of DNS server and recursive server, which is applied in the field of network security, can solve the security threats of DNS recursive server and other problems, and achieve the effect of solving cache poisoning and ensuring reliability and stability

Active Publication Date: 2020-06-05
THE PLA INFORMATION ENG UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention overcomes the problem in the prior art that DNS recursive servers face security threats, and provides a mimic security method and device for DNS recursive servers with high security performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A mimic security method and device for dns recursive server
  • A mimic security method and device for dns recursive server
  • A mimic security method and device for dns recursive server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] Embodiment one, see figure 1 As shown, a mimic security method and device for a DNS recursive server, comprising the following steps:

[0034] Step 1: Receive the user query request, divert it to the security service chain through the SDN switch for screening, filtering, and attack detection, and the parameter manager obtains the attack detection data and sends the corresponding parameter information to the tuner;

[0035] Step 2: For each query request in the selector query request queue, the selection module selects several DNS servers to send query requests according to the parameters issued by the parameter manager, the status information of each DNS server, and the selection strategy;

[0036] Step 3: The judging module receives the response information from the DNS server and makes a large number judgment on the result. If the judgment is passed, the result is returned to the user; otherwise, the query is re-queried. And update the status information of each DNS ...

Embodiment 2

[0037] Embodiment two, step 1 in embodiment one can be realized in the following manner:

[0038] see figure 2 as shown, figure 2 It is a flow diagram of the security service chain module, including the following steps:

[0039] Step 101: According to the security policy, the SDN controller sends the flow table information to the SDN switch through the flow table manager to divert the query request to the response security service chain;

[0040] Step 102: The request passes through the firewall, deep packet inspection, and DNS attack detection in order to screen and filter, and then sends the query request to the selector, joins the query request queue, and the parameter manager obtains data from the DNS attack detection service for processing and sends it out to the tuner;

[0041] Specifically, the parameter information is the coefficient of the DNS server status information (that is, the coefficient of the reliability and load when calculating the selection factor), a...

Embodiment 3

[0042] Embodiment three, step 2 in embodiment one can be realized in the following manner:

[0043] see image 3 as shown, image 3 It is a flow diagram of the selection module, including the following steps:

[0044] Step 201: Obtain selection factors of each DNS server;

[0045] Specifically, the selection factor is determined by multiplying the reliability, load and the coefficient issued by the parameter manager;

[0046] Step 202: Determine that the number of DNS servers whose selection factor exceeds the threshold is greater than or equal to 3: if it is less than 3, enter step 203: random mode, randomly select a DNS server to send a query request; otherwise, enter step 204: different To construct a redundant mode, randomly select an odd number n greater than or equal to 3, and select n query requests from the DNS servers exceeding the threshold according to the probability of the selection factor.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a mimic security method and device for a DNS recursive server, which overcomes the problem that the DNS recursive server faces security threats. The invention includes step 1: receiving user query requests, diverting them to the security service chain through the SDN switch, screening, filtering and attack detection, and the parameter manager sends the corresponding parameter information to the tuner after obtaining the attack detection data; Step 2: For each query request in the query request queue of the selector, the selection module selects several DNS servers to send query requests according to the parameters issued by the parameter manager, the status information of each DNS server and the selection strategy; Step 3: The judgment module receives The response information of the DNS server, a large number judgment is made on the result, and the status information of each server in the DNS server pool is updated. The invention solves the cache poisoning of the recursive server without changing the DNS protocol and the DNS query response flow.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a mimic security method and device for a DNS recursive server. Background technique [0002] The Domain Name System (DNS) is one of the most critical infrastructures on the Internet. Its main function is to realize the corresponding mapping relationship between domain names and IP addresses and provide routing information for emails. At the beginning of the development of the Internet, there were only a few hundred hosts, so only one hosts file can contain the mapping information of all hosts and domain names. With the rapid development of the Internet, the increase of Internet users, the large scale of the network, and the sudden increase of traffic load make this method unable to respond to all query requests in a timely and correct manner. The domain name system developed later provides mapping services between domain names and IP addresses, which provides convenienc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1466H04L61/4511
Inventor 扈红超王禛鹏程国振刘文彦霍树民梁浩张淼丁瑞浩
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com