Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Detection system and method for realizing DNS service defense

A DNS service and detection system technology, applied in the computer field, can solve problems such as difficult dynamic implementation, difficult deployment, DNS protocol security vulnerabilities, etc., to achieve the effect of reducing workload, reducing exposure time, and ensuring balanced use

Inactive Publication Date: 2019-09-17
BEIJING RUNSTONE TECH
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) There are security loopholes in the DNS protocol itself. Most mainstream DNS analysis software is open source, and the defects in the code are easily exposed;
[0006] (2) Due to the scattered deployment, if any DNS server has a domain name security problem, some users will be directly affected;
[0007] (3) Due to the complexity of management and high requirements for network bandwidth, the DNS security expansion protocol has certain difficulties in the actual deployment process, and it is easy to introduce problems such as amplification attacks;
[0008] (4) Conventional domain name monitoring methods can carry out comparative analysis of domain name resolution results before and after changes, but they are mostly used for key domain names, and it is difficult to dynamically implement within the scope of the entire domain name

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detection system and method for realizing DNS service defense
  • Detection system and method for realizing DNS service defense
  • Detection system and method for realizing DNS service defense

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The implementation of the present invention will be described in detail below in conjunction with the accompanying drawings and examples, so as to fully understand and implement the process of how to apply technical means to solve technical problems and achieve technical effects in the present invention. It should be noted that, as long as there is no conflict, each embodiment and each feature of each embodiment in the present invention can be combined with each other, and the formed technical solutions are all within the protection scope of the present invention.

[0048] In addition, the steps shown in the flow diagrams of the figures may be performed in a computer system, such as a set of computer-executable instructions, and, although a logical order is shown in the flow diagrams, in some cases, the sequence may be different. The steps shown or described are performed in the order herein.

[0049] Such as figure 1 As shown, the present invention aims to establish a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a detection system and method for realizing DNS (Domain Name System) service defense, and the system comprises a plurality of heterogeneous DNS recursive analysis servers, and the DNS recursive analysis servers form an equivalent server pool of a heterogeneous executor; the executor can be used as a recursive server or an authorization server and is used for providing domain name resolution of the local or public internet; the DNS distribution decision server is used for receiving the analysis request transmitted from the analysis acceleration server and distributing the analysis request to each executor; an analysis result of the dynamically selected heterogeneous executor is collected, and a most correct result is selected through a preset algorithm and returned to the analysis acceleration server; and the analysis acceleration server is used for transmitting the analysis request, receiving a result transmitted by the DNS distribution decision server and storing a result returned by the distribution decision, and can directly request a user to return the analysis result, so that the calculation pressure of the distribution decision is reduced.

Description

technical field [0001] The invention belongs to the field of computers, in particular to a detection system and method for realizing DNS service defense. Background technique [0002] With the continuous development of my country's basic communications, DNS, as the core basic service software of the Internet, has also seen a rapid growth in its business volume. The domain name service system is used to realize the translation of network domain names to IP addresses. It is the portal for users to enter the Internet. It has the characteristics of open protocol, scattered deployment, huge data, and wide use. It has always been one of the main targets of attacks on the Internet. In recent years, there have been frequent network attacks targeting DNS protocol security vulnerabilities, resulting in huge losses and seriously affecting the security and stability of national network development. [0003] In addition to common DNS DOS attacks on the Internet, hijacking and tampering ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L63/1441H04L61/4511
Inventor 王立俊贺磊张若鸿孙萍
Owner BEIJING RUNSTONE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products