Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and system for identifying and classifying massive network malicious domain names

A classification method and domain name technology, which is applied in the field of massive malicious domain name identification classification method and system, can solve the problems of large amount of calculation, low calculation efficiency, low accuracy rate of malicious domain name identification, etc., to reduce the amount of data calculation and reduce the amount of calculation Effect

Active Publication Date: 2020-09-15
邑客得(上海)信息技术有限公司
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the amount of domain name access data in the actual network is very large every day. If the domain name detection is performed on all DNS accesses, it will cost a huge amount of computing resources.
Therefore, the existing malicious domain name identification technology has a large amount of calculation when processing massive domain name data, and the calculation efficiency is not high or the accuracy of malicious domain name identification is not high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for identifying and classifying massive network malicious domain names
  • A method and system for identifying and classifying massive network malicious domain names

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to make the above objects, features and advantages more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0043] First, based on a province’s massive domain name access traffic data packets, use the domain name traffic analysis engine to analyze the traffic in real time, obtain massive domain name access logs, and store them in the data warehouse. Use the map and filter operators of the Spark big data analysis engine to analyze the logs. Filter records with errors in domain name characters in order to achieve the purpose of data cleaning for massive domain name access logs;

[0044] The second step is to group domain name access logs according to domain name resolution results to obtain unregistered domain name categories and registered domain name categories. The specific method is to judge whether the domain name is registered according to the value of rcod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a malicious domain name identification and classification method and system based on massive domain name access logs, which detects malicious domain names and identifies infected zombie hosts by parsing unregistered domain names from domain name server response packets in domain name access logs; From the collection of domain names accessed by the zombie host, the virus infected by the zombie host and the communication control malicious domain name used by the control terminal communication are detected. By adopting the technical solution of the present invention, the calculation complexity is low, and the amount of data calculation is also greatly reduced, and is suitable for the application scenario of efficient identification of malicious domain names in massive domain name access logs.

Description

technical field [0001] The invention relates to the technical fields of network security and network domain name identification, in particular to a method and system for identifying and classifying massive malicious domain names. Background technique [0002] Domain Name System (Domain Name system) is a technology that maps domain names (host names) to IP addresses, enabling users to access the Internet conveniently. Malicious network attacks often use malicious domain names to spread bot viruses and steal network resources. Moreover, in order to improve their own survivability, botnets usually use IP migration or domain name migration technology to bypass traditional blacklist interception defense technology. [0003] IP migration refers to changing the IP address pointed to by a domain name regularly or irregularly by changing resource records. Its advantage is that it can hide the botnet control terminal through IP conversion and bypass the defense system based on IP bl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12G06F16/35G06K9/62
CPCH04L63/1408H04L63/145H04L69/22G06F16/35H04L61/4511G06F18/214
Inventor 司俊俊羊晋刘智超涂波
Owner 邑客得(上海)信息技术有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com