A method for dns protection and data leakage prevention based on metadata analysis

A technology of data leakage and metadata, applied in the field of network security analysis, can solve the problem of insufficient security analysis, and achieve the effect of realizing evidence preservation, improving accuracy and reducing false positive rate.

Active Publication Date: 2020-10-09
北京大天信息技术有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, in the aspect of illegal DNS data transmission, especially the security analysis based on DNS remote command and control and malicious data transmission has become stretched.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for dns protection and data leakage prevention based on metadata analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The method for DNS protection and data leakage prevention based on metadata analysis of the present invention will be described in detail below with reference to the accompanying drawings.

[0033] Such as figure 1 As shown, it shows a preferred implementation of the method for DNS protection and data leakage prevention based on metadata analysis in the present invention.

[0034] A method for DNS protection and data leakage prevention based on metadata analysis, comprising the following steps:

[0035] S1: capture the full amount of DNS data;

[0036] S2: distinguishing the full amount of DNS data captured in step S1 and identifying the data flow direction;

[0037] The way to distinguish the full amount of DNS data is to distinguish and judge by customizing labels or mac addresses in data packets. If you use the data capture product of Datian Information, you can customize the label for the data while capturing; if you have an existing product at the user site, you...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for DNS protection and data leakage prevention based on metadata analysis. The method first extracts the original data and metadata of the full amount of DNS data and stores them in scientific classification; The extended metadata knowledge base (IP, AS domain owner, etc.) that comes with the system can easily and quickly locate and find various DNS security events; at the same time, through cross-validation between sub-datasets, seemingly unrelated DNS data behavior is accurately and quickly defined as malicious data behavior, such as covert covert data transmission or remote control behavior. Through the invention, the DNS behavior in the deployed network environment can be scientifically and reasonably supervised and visualized. Provide highly accurate technical support for security management and policy implementation.

Description

technical field [0001] The invention relates to the field of network security analysis, in particular to a method for DNS protection and data leakage prevention based on metadata analysis. Background technique [0002] Most of the current mainstream DNS security technologies are oriented towards technologies such as DDOS-like attacks, DNS poisoning, and DNS hijacking and deception. [0003] The current mainstream DNS security technology uses methods such as real-time analysis of the DNS resolution failure rate, the ratio of DNS response messages to request messages, etc. to identify and defend against various DDoS attacks against DNS. Simply locate hijacking through DNS server attributes and status, and judge DNS poisoning through timestamps. The above-mentioned DNS security technologies fully meet the analysis requirements based on single-packet matching or single DNS malicious behavior. [0004] However, in the aspect of illegal DNS data transmission, especially the secur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1408H04L63/1441H04L61/4511
Inventor 于华池
Owner 北京大天信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap