Method for detecting previous connection of network based on DNS hijacking technology

A detection method and network technology, applied in the field of network security, can solve problems such as being unable to be captured, and achieve the effect of improving accuracy

Active Publication Date: 2017-11-03
ZHEJIANG YUANWANG INFORMATION CO LTD
View PDF7 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Some traces left by connecting to the Internet cannot be captured because the current device is within the normal intranet or permitted network range

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting previous connection of network based on DNS hijacking technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. However, it should be understood that the specific embodiments described here are only used to explain the present invention, and are not intended to limit the scope of the present invention. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concept of the present invention.

[0020] refer to figure 1 , the embodiment of the present invention provides a network connection detection method based on DNS hijacking technology, comprising the following steps:

[0021] S1). A gateway hardware is bypassed on the gateway, and all intranet data is monitored and mirrored through the gateway hardware.

[0022] S2), the gateway hardware analyzes the mirrored data stream conta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting a previous connection of a network based on a DNS hijacking technology. The method comprises the following steps that a gateway hardware is arranged on a bypass on a gateway; the gateway hardware carries out monitoring and mirroring on data on the gateway and analyzes the data after mirroring through the gateway hardware; once data flow including an HTTP protocol is discovered, the gateway hardware carries out hijacking; the gateway hardware forges a corresponding HTTP response packet for a HTTP protocol request and sends the HTTP response packet to a terminal device requesting an Internet connection; as long as the terminal device runs the HTTP response packet, the gateway hardware receives a DNS resolution request and responds, and returns an IP address on an appointed cheat server; when the terminal device initializes a request of the IP address, the cheat server can obtain and record Internet access data left by the terminal device; and the cheat server can judge whether the terminal device is connected previously or a previously connected time node of the terminal device through analysis of history access data. Through adoption of a passive monitoring way, the accuracy of detection can be extremely improved.

Description

【Technical field】 [0001] The invention relates to the technical field of network security, in particular to a network connection detection method based on DNS hijacking technology. 【Background technique】 [0002] The rapid development of Internet information has brought convenience and speed to people's lives, but with the deepening of information technology development, the security challenges faced by the intranets of government agencies, enterprises and institutions are becoming more and more severe. According to the statistics of security incidents in recent years, various types of illegal access, illegal interconnection, information leakage and other behaviors on the intranet have intensified, burying many security risks, especially Internet behaviors on the internal and external networks, which may even cause the intranet to be blocked by the Internet. Hackers, foreign intelligence agencies, etc. directly invade and destroy, causing irreversible damage. For Internet Z...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/302H04L63/308H04L63/1483H04L63/1466H04L61/4511
Inventor 傅如毅沈立金张强吴建峰
Owner ZHEJIANG YUANWANG INFORMATION CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap