Unlock instant, AI-driven research and patent intelligence for your innovation.

Method, device and computer-readable storage medium for detecting malicious domain name

A domain name and malicious technology, applied in the field of information security, can solve problems such as improving the life cycle of domain names, high false negatives, and high false positives

Active Publication Date: 2021-05-07
CHINA TELECOM CORP LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] From the perspective of the development of botnets, attackers usually use technologies such as automatic domain name generation and rapid transformation of mapping between domain names and IP addresses to avoid domain name detection. Existing malicious domain name detection has high false positives and false positives. , which greatly improves the life cycle of the domain name, and finally builds a super-large distributed botnet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and computer-readable storage medium for detecting malicious domain name
  • Method, device and computer-readable storage medium for detecting malicious domain name
  • Method, device and computer-readable storage medium for detecting malicious domain name

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037]The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0038] The relative arrangements of components and steps, numerical expressions and numerical values ​​set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.

[0039] At the same time, it should be understood that, for the convenience of description, the sizes of the various parts shown in the drawings are not drawn according to the actual proportional relationship.

[0040] Techniques, methods and device...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious domain name detection method, device and computer-readable storage medium, and relates to the technical field of information security. The method includes: obtaining a response message returned by the domain name server to the client in response to the domain name resolution request of the client; extracting the domain name, domain name IP address, domain name lifetime and payload from the response message; One or more pieces of information in , domain name IP address, domain name lifetime and payload determine whether the domain name is a malicious domain name. The invention can improve the detection accuracy of malicious domain names.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method, device and computer-readable storage medium for detecting malicious domain names. Background technique [0002] Botnet refers to the use of one or more means of transmission to infect a large number of hosts with bot virus, thus forming a one-to-many control network between attackers and infected hosts. [0003] From the perspective of the development of botnets, attackers usually use technologies such as automatic domain name generation and rapid transformation of mapping between domain names and IP addresses to avoid domain name detection. Existing malicious domain name detection has high false positives and false positives. , which greatly improves the life cycle of the domain name, and finally builds a super-large distributed botnet. [0004] Therefore, it is necessary to propose a malicious domain name detection scheme to effectively curb the developm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1441H04L61/4511
Inventor 刘东鑫张昊迪邓博仁李诗旸汪来富肖宇峰
Owner CHINA TELECOM CORP LTD