Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for defending against dns rebinding attack

A domain name and current page technology, applied in the field of network security, can solve problems such as account and privacy theft, achieve low false positives, wide coverage, and reduce the risk of misjudgment

Active Publication Date: 2020-12-15
广东安创信息科技开发有限公司
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Vulnerabilities in browsers may lead to the account and privacy of users' online payment, banking, and personal sensitive information being stolen by hackers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for defending against dns rebinding attack
  • Method and device for defending against dns rebinding attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0051] The invention relates to a browser security technology.

[0052] see figure 1 , is a schematic flowchart of the first embodiment of the method for defending against DNS rebinding attacks provided by the present invention, the method is applied to browser extensions, such as figure 1 As shown, the method includes:

[0053] Step S1, in response to the browser's request for the current page, obtain the ID of the current page, the domain name and request type ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for defending against DNS rebinding attacks, which includes: responding to the request of the current page of the browser, obtaining the ID of the current page, the requested domain name and the request type; obtaining the resolution IP of the domain name from the domain name resolution server; When it is determined that the request type is the main page and the domain name is different from the domain name of the main page, obtain the parsed IP and TTL values ​​and store them in the array; when it is determined that the request type is not the main page and the domain name is the same as the domain name of the main page, obtain the last time from the array The ID of the main page whose domain name is the same as the domain name requested by the current page; when it is determined that the ID of the main page is the same as the previous ID, the TTL value and resolution IP of the domain name requested by the current page are obtained; when it is determined that the resolution IP is the same as the previous When the IPs are not similar and the TTL value is less than the preset value, the current page will be blocked. The method of the invention can help browsers defend against DNS rebinding attacks, and the invention also provides a device for defending against DNS rebinding attacks.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for defending against DNS rebinding attacks. Background technique [0002] With the development of Internet technology, more and more people are beginning to use the Internet, and browser software is the first entrance to the Internet. Hundreds of millions of people use browser software every day, which makes browser security more and more important. . Vulnerabilities in the browser may lead to the account and privacy of users' online payment, banking, and personal sensitive information being stolen by hackers. The same-origin-policy (Same-Origin-Policy, SOP) is a convention. It is the core and most basic security function of the browser. It means that the domain name, protocol, and port are the same. When the browser's tab page executes a script, it will check which page the script belongs to, that is, check whether it is of the same origin, and on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1408H04L63/1441H04L67/02H04L61/4511
Inventor 李镇辉
Owner 广东安创信息科技开发有限公司