Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Massive network malicious domain name identification and classification method and system

A classification method and domain name technology, which is applied in the field of massive malicious domain name identification classification method and system, can solve the problems of large amount of calculation, low calculation efficiency, and low accuracy rate of malicious domain name identification, and achieve the reduction of data calculation amount and calculation amount Effect

Active Publication Date: 2020-05-08
邑客得(上海)信息技术有限公司
View PDF9 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the amount of domain name access data in the actual network is very large every day. If the domain name detection is performed on all DNS accesses, it will cost a huge amount of computing resources.
Therefore, the existing malicious domain name identification technology has a large amount of calculation when processing massive domain name data, and the calculation efficiency is not high or the accuracy of malicious domain name identification is not high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Massive network malicious domain name identification and classification method and system
  • Massive network malicious domain name identification and classification method and system
  • Massive network malicious domain name identification and classification method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to make the above objects, features and advantages more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0043] First, based on a province’s massive domain name access traffic data packets, use the domain name traffic analysis engine to analyze the traffic in real time, obtain massive domain name access logs, and store them in the data warehouse. Use the map and filter operators of the Spark big data analysis engine to analyze the logs. Filter records with errors in domain name characters in order to achieve the purpose of data cleaning for massive domain name access logs;

[0044] The second step is to group domain name access logs according to domain name resolution results to obtain unregistered domain name categories and registered domain name categories. The specific method is to judge whether the domain name is registered according to the value of rcod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious domain name recognition and classification method and system based on massive domain name access logs, and the method comprises the steps: obtaining an unregistereddomain name by analyzing a domain name server response data packet in a domain name access log, detecting a malicious domain name, and recognizing an infected zombie host; and detecting viruses infected by the zombie host and communication control malicious domain names used for communication of the control end from the domain name set accessed by the zombie host. By adopting the technical schemeof the invention, the calculation complexity is relatively low, the data calculation amount is greatly reduced, and the method is suitable for efficiently identifying malicious domain names in massive domain name access logs.

Description

technical field [0001] The invention relates to the technical fields of network security and network domain name identification, in particular to a method and system for identifying and classifying massive malicious domain names. Background technique [0002] Domain Name System (Domain Name system) is a technology that maps domain names (host names) to IP addresses, enabling users to access the Internet conveniently. Malicious network attacks often use malicious domain names to spread bot viruses and steal network resources. Moreover, in order to improve their own survivability, botnets usually use IP migration or domain name migration technology to bypass traditional blacklist interception defense technology. [0003] IP migration refers to changing the IP address pointed to by a domain name regularly or irregularly by changing resource records. Its advantage is that it can hide the botnet control terminal through IP conversion and bypass the defense system based on IP bl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12G06F16/35G06K9/62
CPCH04L63/1408H04L63/145H04L69/22G06F16/35H04L61/4511G06F18/214
Inventor 司俊俊羊晋刘智超涂波
Owner 邑客得(上海)信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com