Method, equipment and system for positioning controlled host in internal network

An intranet host and intranet technology, applied in the field of network security, can solve problems such as low efficiency, poor compatibility, and poor real-time performance, and achieve the effects of high processing efficiency, good real-time performance, and large degrees of freedom

Active Publication Date: 2018-10-09
HUAWEI TECH CO LTD
View PDF6 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The embodiment of the present application provides a method, device and system for locating a controlled host in an intranet, which are used to solve the problems of low efficiency, poor real-time performance and problems existing in the method for locating a controlled host in an intranet provided by the prior art. The problem of poor compatibility

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, equipment and system for positioning controlled host in internal network
  • Method, equipment and system for positioning controlled host in internal network
  • Method, equipment and system for positioning controlled host in internal network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purpose, technical solutions and advantages of the present application clearer, the technical solutions in the embodiments of the present application will be described below in conjunction with the accompanying drawings.

[0040] Before introducing and explaining the technical solution provided by this application, a brief introduction to "external network" and "intranet" is firstly made. The extranet is also called the public network, which refers to the wide area network, also known as the Internet (Internet). Intranet is also called a private network, which refers to a local area network. Compared with a wide area network, a local area network mainly refers to a small-scale computer interconnection network, such as the internal network established by governments, enterprises, government agencies, universities, shopping malls, and families. The external network and the internal network can use different address spaces. Generally speaking, the pack...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method, equipment and a system for positioning a controlled host in an internal network are disclosed. The method comprises the following steps of the detection device of an external network obtainsa target domain name carried in a DNS request message sent by an internal network host to a DNS server in the external network and the identification replacement information of the internal network host; when detecting that the target domain name is a malicious domain name and the internal network host is the controlled internal network host, the detecting device sends a query request to a querydevice in the internal network, and the query request includes the target domain name and the identification replacement information of the controlled internal network host; and the query device inquires a mapping table and acquires the identification information of the controlled internal network host according to the target domain name and the identification replacement information of the controlled internal network host, and sends the identification information of the controlled internal network host to the detection device. In the invention, under the condition of ensuring the safety of the private data of the internal network, the identification information of the controlled internal network host is quickly positioned and obtained.

Description

technical field [0001] The embodiments of the present application relate to the technical field of network security, and in particular to a method, device and system for locating a controlled host in an intranet. Background technique [0002] Advanced Persistent Threat (APT) attack refers to an attack method in which some professional and organized hackers use advanced attack methods to carry out long-term persistent network attacks on specific targets. After the networks of some key institutions (such as governments, enterprises, agencies, etc.) are attacked by APT, the control hosts located on the external network can use command and control (Command and Control, C&C) instructions to the controlled hosts in the internal network (the following It is called "controlled intranet host") for control, such as controlling the controlled intranet host to update local files, detecting other hosts in the intranet, and so on. [0003] The C&C anomaly detection method based on domain...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/0236H04L63/1466H04L61/4511
Inventor 杨延城王雨晨李鹏华
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap