Access control and virus defense method and system based on dns protocol

An access control and virus technology, applied in the field of network security, can solve problems such as high superimposed costs, professional influence, abnormal access to secondary domain names, etc., to increase flexibility and comprehensiveness, expand matching strength, and enrich the system feature library Effect

Active Publication Date: 2021-03-12
孙晨
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

From 07:00 to 12:00 on January 12, 2010, Baidu encountered abnormal access to the top-level domain name baidu.com and its second-level domain names, and all of them were resolved to other addresses for a long time, resulting in many users around the world not using normal Visit Baidu
[0003] Existing technical solutions either transfer illegal traffic, or can only ensure the normal access of the path from the switch or router of the enterprise to the web server during DDOS attacks, and do not fundamentally solve the problem of malicious code and attacks using the DNS protocol. The security prevention and defense of the entire link; the superimposed cost of the two systems is very expensive, and it only solves the DDoS attack, and other defenses may require the use of other security equipment, which will affect professionalism

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control and virus defense method and system based on dns protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be described in detail below, and the technical schemes in the embodiments of the present invention will be clear and complete, and it is apparent that the described embodiments are merely the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, there are all other embodiments obtained without making creative labor without making creative labor premises.

[0034] For the shortcomings of the prior art, it is an object of the present invention to provide an access control and a viral defense method based on a DNS protocol, which includes the following steps:

[0035] (1) Terminal sends DNS request;

[0036] (2) The DNS request matches the strategy of the settings, if you match the whitelist match; if you don't match the whitelist, enable honeypot;

[0037] (3) For the matching DNS request to continue analysis, record the time, source IP address, query domain name, and correlation analys...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a method and system for access control and virus attack defense, which analyzes the matching DNS request, discards it if it is abnormal, and continues to operate if it passes; it analyzes the passed DNS request to determine whether there are viruses and illegal attacks , through analysis, block viruses and attacks and locate their IP addresses, return a special IP address, record its domain name, and add it to the malicious domain name resolution library; if the DNS request is suspicious, deliver it to the honeypot system, the honeypot system Through the interaction protocol that has been customized in advance, the honeypot system returns a honeypot IP address, and the honeypot system traces back. If the terminal attacks the honeypot IP address, it is judged that the terminal has been infected with a virus or a Trojan horse, and the system Treat accordingly. The present invention can comprehensively solve the security problem based on the DNS protocol.

Description

Technical field [0001] The present invention relates to network security, and more particularly to a DNS-based access control and a virus defense system. Background technique [0002] DNS is an abbreviation for domainnamesystems, which is used to naming organizations and network services to domain hierarchies. The domain name is made of a string or abbreviation by a circle. Each domain name corresponds to a unique IP address, and between the domain name and IP address, DNS is a server for domain name resolution. DNS named Find Computers and services through the User-friendly names for the TCP / IP network of Internet. DNS is a core service of the Internet, which is a distributed database that can map domain names and IP addresses. From January 12, 2010, from 07:00 to 12, Baidu had encountered a top-level domain name baidu.com and the second-level domain access to an abnormality. All resolved to other addresses for a longer period of time, resulting in multiple users in the world ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/101H04L63/145H04L63/1458H04L61/4511
Inventor 孙晨
Owner 孙晨
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap