Proxy detection method and device based on domain name generic resolution, equipment and medium

A detection method and a pan-analysis technology, applied in the Internet field, can solve the problems of high false alarm rate, information is easy to be forged, and high delay, and achieve the effect of enhancing protection detection, shortening judgment time, and improving accuracy

Active Publication Date: 2020-04-24
HANGZHOU FRAUDMETRIX TECH CO LTD
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these proxy detection methods have the problems of forged detection results, high delay, and low accuracy to varying degrees. For example, it takes more than a few minutes to scan the port opening status of the source IP of the access request. Too many cases are related to network delay problems, so it is impossible to judge the acc

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Proxy detection method and device based on domain name generic resolution, equipment and medium
  • Proxy detection method and device based on domain name generic resolution, equipment and medium
  • Proxy detection method and device based on domain name generic resolution, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] This embodiment provides a proxy detection method based on domain name pan-analysis, based on the principle that proxy access does not perform local DNS resolution, but performs DNS resolution on the proxy server, and judges the access request according to whether DNS local resolution is performed in the front-end access Whether a proxy is used. When the agent is not used for resource access, the time-consuming of DNS local resolution is a non-zero long long number of milliseconds, and when the agent is used for resource access, the time-consuming of DND local resolution is always equal to 0, because when the agent is used for When accessing, the relevant domain name information is encapsulated in proxy traffic and sent to the proxy client, DNS resolution is performed at the remote end, and DNS resolution is not performed locally, so the time-consuming local DNS resolution can determine whether the access request is a proxy access.

[0031] However, when the time-consum...

Embodiment 2

[0055] This embodiment discloses a device corresponding to the proxy detection method based on domain name universal analysis in Embodiment 1, which is a virtual structure device. In this embodiment, as figure 2 shown, including:

[0056] The request receiving module 210 is configured to receive an access request, and the access request includes a pan-analyzed random domain name;

[0057] DNS resolution time-consuming collection module 220, used to collect the DNS local resolution time of the random domain name through the front end;

[0058] The judging module 230 is configured to judge the difference of the DNS resolution time, if the DNS difference is equal to 0, then the access request is a proxy access.

[0059] The above-mentioned DNS resolution time-consuming collection module 220 obtains the time point when the DNS local resolution starts by calling the front-end PerformanceTiming.domainLookupStart interface, that is, obtains the query start time; by calling the Perf...

Embodiment 3

[0061] image 3 A schematic structural diagram of an electronic device provided by Embodiment 3 of the present invention, such as image 3 As shown, the electronic device includes a processor 310, a memory 320, an input device 330, and an output device 340; the number of processors 310 in a computer device may be one or more, image 3 Take a processor 310 as an example; the processor 310, memory 320, input device 330 and output device 340 in the electronic device can be connected by bus or other methods, image 3 Take connection via bus as an example.

[0062] The memory 320, as a computer-readable storage medium, can be used to store software programs, computer-executable programs, and modules, such as program instructions / modules corresponding to the proxy detection method based on domain name pan resolution in the embodiment of the present invention (for example, domain name-based The request receiving module 210, the DNS resolution time-consuming acquisition module 220 a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an agent detection method based on domain name generic resolution, relates to the technical field of the Internet, and aims to judge whether an access request for a generic domain name is agent access or not by collecting DNS local resolution time of the generic domain name through a front end, shorten judgment time of agent detection and improve judgment accuracy. The method comprises the following steps: receiving an access request, wherein the access request is initiated to a random domain name after extensive resolution; collecting DNS local resolution time of the random domain name through a front end; and performing difference value judgment on the DNS resolution time, and if the DNS difference value is equal to 0, determining that the access request is proxyaccess. The invention further discloses an agent detection device based on domain name generic resolution, electronic equipment and a computer storage medium.

Description

technical field [0001] The present invention relates to the technical field of the Internet, in particular to a proxy detection method, device, equipment and medium based on domain name pan resolution. Background technique [0002] In Internet access, a large number of accesses are performed by using a proxy server. A proxy server is a server that sits between a client application (such as an Internet web browser) and an actual Internet content server. It intercepts all requests to the real server to see if it can fulfill them itself. If not, it forwards the request to the real server. [0003] At present, the commonly used proxy detection methods mainly include the following: proxy detection by detecting whether the source IP is open to port 80 or 8080 through reverse detection technology, and proxy detection by detecting the X-Forward-For information in the HTTP header information of the access source Detection, proxy detection by detecting Keep-alive message informatio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/12H04L29/08H04L12/26
CPCH04L43/08H04L61/4511H04L67/56
Inventor 焦小齐李克勤
Owner HANGZHOU FRAUDMETRIX TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap