A domain name hijacking detection and linkage processing method and system

A domain name hijacking and disposal method technology, applied in the network field, can solve problems such as high false positive rate, complex address database maintenance, lack of linkage disposal means, etc., to achieve the effects of reducing false positives, improving emergency response efficiency, and optimizing domain name hijacking judgment technology

Active Publication Date: 2020-03-03
ZHEJIANG PONSHINE INFORMATION TECH CO LTD
View PDF13 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technical problem to be solved by the present invention is to provide a domain name hijacking detection and linkage disposal method and system to solve the existing domain name hijacking detection technology address library maintenance complexity, high false alarm rate and lack of effective linkage disposal means

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A domain name hijacking detection and linkage processing method and system
  • A domain name hijacking detection and linkage processing method and system
  • A domain name hijacking detection and linkage processing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055] This embodiment provides a domain name hijacking detection and linkage processing method, such as figure 1 shown, including steps:

[0056] S11: Create detection tasks for websites that require domain name hijacking protection;

[0057] S12: Perform domain name resolution and dial-up test on the website;

[0058] S13: Determine whether the website is hijacked by the domain name according to the A record address, the authorization server domain name information and the alias information.

[0059] Domain name hijacking refers to intercepting domain name resolution requests within the scope of the hijacked network, analyzing the requested domain name, and releasing requests outside the scope of review, otherwise returning a false IP address or doing nothing to make the request unresponsive, the effect is to Specific networks do not respond or visit fake URLs.

[0060] The prior art has disadvantages such as complicated address database maintenance and high false positiv...

Embodiment 2

[0089] This embodiment provides a domain name hijacking detection and linkage processing method, such as image 3 shown, including steps:

[0090] S31: Create a detection task for a website that requires domain name hijacking protection;

[0091] S32: Perform domain name resolution and dial-up test on the website;

[0092] S33: Determine whether the A record address exists in the domain name knowledge base, if so, determine that it is not hijacked;

[0093] S34: If the A record address does not exist in the domain name knowledge base, determine whether there is alias information, if yes, determine whether the suffix of the alias information is a preset alias in the domain name knowledge base, if so, determine that it is not hijacked, otherwise, determine that it is high risk suspected hijacking;

[0094] S35: If there is no alias information, determine whether the domain name information of the authorized server is consistent with the domain name information of the authoriz...

Embodiment 3

[0118] This embodiment provides a domain name hijacking detection and linkage processing method, such as Figure 5 shown, including steps:

[0119] S51: Create a detection task for a website that requires domain name hijacking protection;

[0120] S52: Perform domain name resolution dial-up test on the website;

[0121] S53: Determine whether the A record address exists in the domain name knowledge base, if so, determine that it is not hijacked;

[0122] S54: If the A record address does not exist in the domain name knowledge base, determine whether there is alias information, if yes, determine whether the suffix of the alias information is a default alias in the domain name knowledge base, if so, determine that it is not hijacked, otherwise, determine that it is high risk suspected hijacking;

[0123] S55: If there is no alias information, determine whether the domain name information of the authorized server is consistent with the domain name information of the authorized s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and system for domain name hijacking detection and linkage disposal, which are used to solve the problems of complicated address database maintenance, high false alarm rate and lack of effective linkage disposal means in the existing domain name hijacking detection technology. The method includes: S1, creating a detection task for a website that needs domain name hijacking protection; S2, performing domain name resolution and dialing test on the website; S3, judging whether the website is blocked by the domain name according to the A record address, authorized server domain name information and alias information hijack. The present invention further optimizes the domain name hijacking judgment technology, introduces a comprehensive judgment mechanism for authorized server domain names and aliases, and at the same time cooperates with intelligent domain name redirection technology to realize domain name hijacking monitoring and disposal, effectively reducing the problems of traditional monitoring methods such as false positives and missed positives, and at the same time It can be quickly linked to deal with and improve the emergency response efficiency of domain name hijacking incidents.

Description

technical field [0001] The present invention relates to the field of network technology, in particular to a domain name hijacking detection and linkage processing method and system. Background technique [0002] Domain name hijacking, also known as DNS hijacking, refers to intercepting domain name resolution requests within the hijacked network range, analyzing the requested domain name, and releasing requests outside the scope of review, otherwise returning a false IP address or doing nothing to make the request unresponsive. The effect is that a specific network does not respond or visits a fake URL. [0003] Domain name hijacking can be regarded as a form of network attack, and the security risks caused by it cannot be underestimated. On the one hand, it may affect the user's online experience, and users cannot normally access the websites they want. On the other hand, if the domain name is resolved to a phishing website, Not only will it cause user losses, but it will a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1466H04L61/4511
Inventor 陈晓莉章亮马峰林建洪
Owner ZHEJIANG PONSHINE INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products