Check patentability & draft patents in minutes with Patsnap Eureka AI!

DNS analysis method based on complex network

A complex network and analysis method technology, applied in the field of digital information transmission, can solve the problems of missed reporting and low efficiency, and achieve high-efficiency mining, avoiding false positives and false negatives.

Active Publication Date: 2020-04-17
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] In summary, the current DNS black domain name and black IP discovery is mainly based on network security knowledge, in the current large amount of data, the efficiency is low, and there are many cases of false positives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DNS analysis method based on complex network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] The present invention will be described in further detail below in conjunction with the examples, but the protection scope of the present invention is not limited thereto.

[0066] The invention relates to a complex network-based DNS analysis method, which includes the following steps.

[0067] Step 1: Read DNS data.

[0068] In the present invention, 30,000 sample data can be randomly extracted from Hive for processing.

[0069] Step 2: Perform preprocessing based on the domain name and resolved IP in the DNS data.

[0070] Described step 2 comprises the following steps:

[0071] Step 2.1: Extract the DNS data to obtain the domain name and resolution IP of any DNS;

[0072] In the step 2.1, the obtained domain name is backtracked to obtain the real domain name.

[0073] Step 2.2: Expand the same domain name but with multiple analytical IPs;

[0074] Step 2.3: Deduplicate the domain name, build a new matrix with the deduplicated domain name, and each element in the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a DNS analysis method based on a complex network. The method comprises steps of: reading DNS data and performing preprocessing based on the DNS data, respectively establishinga domain name resolution IP matrix and a source IP, an access domain name and an access frequency matrix and a source IP and a resolution IP matrix, searching a community by using a complex network,mining a new malicious domain name, a new malicious IP or a hacker gang in combination with a threat information library, and finally writing related analysis conclusion data into a database. A complex network theory is adopted to discover communities in the network, the threat information library is then combined and analyzed, and the method can be applied to large-scale DNS data analysis and canalso be used for efficiently mining and discovering unknown domain names and IPs which do not exist in the threat information library through community discovery, and meanwhile, due to the fact thatlocking of related communities is based on high-reliability data such as the threat information library, the realistic situations of misinformation and high missing information are also avoided.

Description

technical field [0001] The present invention relates to the transmission of digital information, such as the technical field of telegram communication, in particular to a DNS analysis method based on complex network. Background technique [0002] A complex network refers to a network with some or all of the properties of self-organization, self-similarity, attractor, small world, and scale-free. Its main manifestations are structural complexity, network evolution, connection diversity, dynamic complexity, and node diversity. [0003] DNS is the foundation of modern networks. Once there is a problem with the basic network, there is no security at all for upper-layer applications. [0004] In the prior art, the general DNS data analysis thinking has the following steps: [0005] 1. Perform batch query on domain names for their A records, CNAME and pan-analysis; [0006] 2. Analyze whether the domain name adopts CDN, cloud protection and other related equipment; [0007] 3....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1408H04L63/1441H04L61/4511
Inventor 刘晶范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com