Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DNS (Domain Name Server) safety monitoring system and method

A security monitoring system and security monitoring technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as being directed to phishing websites, buffer pool pollution, firewalls that do not have application layer protocol inspection and filtering functions, etc. Effects of Stability and Reliability

Active Publication Date: 2011-06-01
CHINA MOBILE GROUP SICHUAN
View PDF3 Cites 59 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the firewall does not have the function of checking and filtering the application layer protocol, and cannot respond to DNS attacks
In other words, since the firewall does not have a deep packet inspection mechanism, it is useless to DNS attacks
Furthermore, the current IPS attack prevention method is mainly to defend against attack intrusion and distributed denial of service (Distribution Denial of service, DDOS) attacks by querying the attack signature database, but most IPSs do not include the DNS attack signature database
In other words, traditional firewalls / IPS are not fully suitable for protecting the security of the DNS architecture
[0004] In addition, the DNS server itself will also pose certain security risks, such as buffer pool pollution, data tampering and user requests being directed to phishing websites, etc., and these problems are more hidden
Without a third-party detection method, the DNS server cannot judge whether its own resolution result is correct
[0005] It can be seen that if we want to ensure that DNS becomes a stable part of the Internet architecture, the current security protection for DNS is not enough

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DNS (Domain Name Server) safety monitoring system and method
  • DNS (Domain Name Server) safety monitoring system and method
  • DNS (Domain Name Server) safety monitoring system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and examples.

[0039] The present invention adds a DNS security monitoring system to the existing Internet architecture, which is specially oriented to the DNS server, collects and analyzes the daily operation information of the DNS server, displays the operating status of the DNS, analyzes the user behavior of the DNS, and monitors the DNS when the user behavior is abnormal. Emergency handling of abnormal users is carried out in order to provide security for the stable operation of the DNS server. The DNS security monitoring system is a third-party network entity independent of the DNS server deployed in the Internet architecture. It mainly implements the following functions in terms of DNS security protection:

[0040] 1. Set up a domain name policy library that sto...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DNS (Domain Name Server) safety monitoring system and method of a domain name resolution system. The DNS safety monitoring system comprises a data acquisition module and an event analysis module, wherein the data acquisition module is used for acquiring the network data of a DNS and providing the network data to the event analysis module; and the event analysis module isused for analyzing the network data and generating a monitoring result. The system and the method can be used for preventing network attacks such as domain name hijacks, site phishing, zombie attacks, and the like and improving the running stability and reliability of the DNS.

Description

technical field [0001] The invention relates to the technical field of data services, in particular to a DNS security monitoring system and method. Background technique [0002] Domain Name System (DNS, Domain Name System) is a key component of the Internet (Internet) architecture, and its performance and security are crucial to the application of the Internet. How to improve the security level of DNS server on the premise of ensuring its performance has become a key issue. [0003] As far as DNS security is concerned, traditional means only consider the security protection of the DNS server itself, such as using a firewall or an Intrusion Prevention System (Intrusion Prevention System, IPS) to protect the DNS. However, the firewall does not have the function of checking and filtering the application layer protocol, and cannot respond to DNS attacks. In other words, since the firewall does not have a deep packet inspection mechanism, it is useless to DNS attacks. Furtherm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/12H04L29/06H04L12/26
Inventor 曾为民杨梅影刘晟叶耘恺苏伟杰
Owner CHINA MOBILE GROUP SICHUAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com