IP address filter method, device and system, and DNS server

A DNS server and IP address technology, applied in the field of network security, can solve the problems of incomplete protection, application filtering domain name is not very professional, no solution has been proposed, and achieve the effect of solving the high rate of false positives

Inactive Publication Date: 2018-08-17
ALIBABA GRP HLDG LTD
View PDF11 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the industry provides different solutions for the following three threats faced by users, terminals based on iOS system and terminals based on Android (android). However, in the above solutions, the accessed application itself is often intercepted. The application filtering domain name is not very professional, and its filtering scheme is not very perfect. Therefore, the protection is not comprehensive and the false positive rate is high
[0005] For the above problems, no effective solution has been proposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP address filter method, device and system, and DNS server
  • IP address filter method, device and system, and DNS server
  • IP address filter method, device and system, and DNS server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] In related technologies, end users often receive malicious website links, and then make end users access to malicious websites. There are many ways to send malicious website links, for example: 1) The malicious website link is attached to the text message received by the user (Pseudo-base station scams that are popular now are generally of this type); for this kind of situation, IOS-based terminals are currently unable to defend, and andorid-based terminals can often be intercepted by listening to SMS events and scanning links in the SMS. 2) The chat content received through an instant messaging tool (such as QQ) contains malicious website links. In this case, the terminal often relies on the blocking function of the instant messaging tool. However, because the security defense function is not such a The focus of the software, so the false negative rate is high. 3) The received email contains links to malicious websites. In this case, it often depends on the interceptio...

Embodiment 2

[0071] According to the embodiment of the present application, a method embodiment of an IP address filtering method is also provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions , and, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0072] The embodiment of the network attack processing method provided in this application can be applied to the IP address filtering system provided in Embodiment 1 of this application, and is applicable to the business scenario of filtering and intercepting domain names and IP addresses of malicious websites.

[0073] Under the above-mentioned business environment, in order to solve the above-mentioned technical problems, the embodiment of the present application provides a filtering method of I...

Embodiment 3

[0093] The embodiment of this application provides a first DNS server, which is used to implement the method described in Embodiment 2, such as Figure 6a As shown, the first DNS server includes: a communication device 60 and a processor 62, wherein:

[0094] The communication device 60 is connected to the terminal device 20 and the second DNS server 24, and is used to receive the domain name request sent by the terminal device; The request is forwarded to a second DNS server, wherein the above-mentioned domain name request carries a domain name to be resolved, and the above-mentioned second DNS server is used to find the IP address corresponding to the above-mentioned domain name information, and feed back the above-mentioned IP address as the target access IP address;

[0095] The processor 62 is configured to judge whether the above-mentioned domain name to be resolved needs to be intercepted, and notify the above-mentioned communication device of the judgment result.

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an IP address filter method, device and system, and a DNS server. The method comprises the steps that a first DNS server receives a domain name request sent by a terminal device; the first DNS server determines whether a preset database stores an IP address corresponding to domain name information in the domain name request; and the first DNS server determines, according toa determining result, whether to intercept the IP address corresponding to the domain name information.

Description

technical field [0001] The present application relates to the field of network security, in particular, to an IP address filtering method, device, system, and DNS server. Background technique [0002] Users often visit malicious websites when using mobile devices, such as phishing websites, pornographic websites, gambling websites, etc. [0003] Users may access these malicious websites through the following methods: the content of the received text messages is accompanied by malicious website links (now popular fake base station scams are generally of this type); the chat content received through instant messaging tools is accompanied by malicious website links ; The content of the received email is accompanied by a link to a malicious website. [0004] At present, the industry provides different solutions for the following three threats faced by users, terminals based on iOS system and terminals based on Android (android). However, in the above solutions, the accessed app...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/0236H04L61/4511
Inventor 张美超邓志坚
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap