DDoS attack defense method and system for DNS service

A technology of DNS service and DNS server, applied in the direction of transmission system, electrical components, etc., to achieve the effect of accurate processing, zero impact on service, and enhanced processing timeliness

Active Publication Date: 2018-10-16
GUIZHOU BAISHANCLOUD TECH CO LTD
View PDF7 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In order to solve the problem of defending against DDoS attacks in the prior art, a method and system for defending against DDoS attacks for DNS services are proposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack defense method and system for DNS service
  • DDoS attack defense method and system for DNS service
  • DDoS attack defense method and system for DNS service

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined arbitrarily with each other.

[0047] In order to illustrate the level of the domain name, figure 1 A schematic diagram representing each domain name level is shown. Among them, A represents an un...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DDoS attack defense method and system for DNS service. The method comprises the following steps: step one, receiving a DNS request message including access target domain nameinformation; step two, extracting a parent domain at an appointed level of the access target domain name from the DNS request message; and step three, judging whether the DNS request number pointingto the parent domain at the appointed level in the first predetermined duration is greater than a preset first threshold, abandoning the DNS request and adding the parent domain at the appointed levelto a blacklist if the DNS request number pointing to the parent domain at the appointed level in the first predetermined duration is greater than the preset first threshold, otherwise, forwarding theDNS request pointing to the parent domain at the appointed level to a DNS server. The method and system disclosed by the invention are more beneficial to the attack judgment of the DNS system and theperforming of more effective attack defense.

Description

technical field [0001] The invention relates to the field of wireless network communication, in particular to a DDoS attack defense method and system for DNS services. Background technique [0002] DNS (Domain Name System, Domain Name System) is a distributed database on the Internet that maps domain names and IP addresses to each other, enabling users to access the Internet more conveniently. Domain name resolution is a service that points domain names to IP addresses, allowing people to easily access websites through registered domain names. The domain name resolution work is completed by the DNS server, which is the server that converts the domain name and its corresponding IP address. [0003] DoS (Denial of Service, denial of service) attack refers to the attack behavior that causes DoS, and its purpose is to make the computer or network unable to provide normal services. The most common DoS attacks are computer network bandwidth attacks and connectivity attacks. DoS...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1458H04L61/4511
Inventor 符立佳苗辉
Owner GUIZHOU BAISHANCLOUD TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap