Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Domain name system (DNS) request authentication method and device

An authentication method and technology for requesting messages, applied in the field of communication, can solve problems such as security risks, interference with the normal service of the DNS server, and the existence of client verification methods.

Active Publication Date: 2013-09-18
CHINACACHE INT HLDG
View PDF6 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] There are security risks in the verification method based on client behavior. Malicious DNS requests can easily forge the verification behavior, thereby interfering with the normal service of the DNS server.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domain name system (DNS) request authentication method and device
  • Domain name system (DNS) request authentication method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The embodiments of the present invention are described in detail below.

[0023] The embodiment of the present invention is applied to a DNS system, and the devices related to the embodiment of the present invention in the system mainly include: a DNS verification device and a DNS server. The DNS verification device is located before the DNS server, that is, the DNS request sent to the DNS server first needs to go through the DNS verification device for legality verification. The DNS verification device can be a physical device in bridge mode, that is, an external device independent of the DNS server. The DNS request sent by the DNS client is received by the DNS verification device and verified for legality. After the verification is passed, it is sent to the DNS server; The verification device can also be a software system running on the lower layer of the DNS server's operating system, that is, the internal module of the DNS server (called the DNS verification module)...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An embodiment of the invention discloses a domain name system (DNS) request authentication method and a device. The authentication method comprises the steps of enabling a DNS verification device to analyze DNS request messages after receiving the DNS request messages; if verification codes are not carried in the DNS request messages, adopting a verification code generating algorithm and utilizing information analyzed from the currently received DNS request messages to generate the verification codes, and returning the generated verification codes carried by answer messages to a DNS client-side; if the verification codes are carried in the DNS request messages, adopting the verification code generating algorithm and utilizing the information analyzed from the currently received DNS request messages to generate the verification codes, verifying validity of the currently received DNS request messages according to the generated verification codes and the verification codes analyzed from the currently received DNS request messages. DNS request authentication safety can be improved through the DNS request authentication method and the device.

Description

technical field [0001] The invention relates to the technical field of communication, in particular to an authentication method and device for a DNS request. Background technique [0002] DNS (Domain Name System, Domain Name System) service is a core service of the Internet. It serves as a distributed database that can map domain names and IP addresses to each other, enabling users to access the Internet more conveniently. [0003] The DNS service uses UDP (User Datagram Protocol, User Datagram Protocol) to exchange information in a clear way. UDP is a connectionless protocol, and the DNS server cannot determine the legitimacy of the DNS client sending the DNS resolution request, which makes the DNS service vulnerable to malicious interference. [0004] At present, the verification method of DNS request mainly adopts the following methods: [0005] Truncated mode: Use the truncated flag (truncated flag) of the DNS protocol to trigger the second DNS interaction. A DNS clie...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 李孟李健松周志军战涛
Owner CHINACACHE INT HLDG
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com