Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for domain name system protection

A domain name system and domain name technology, which is applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as DNS inability to serve, long troubleshooting time, and inability to detect attacks

Active Publication Date: 2017-09-15
CHINA MOBILE GRP BEIJING
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0022] In order to solve the technical problems of being unable to detect attacks and taking a long time to deal with faults in the prior art, the present invention proposes a method and system for domain name system protection, which can automatically identify abnormal traffic, and take different treatments according to different types of abnormal traffic The mechanism avoids the problem that the DNS service cannot be served for a long period of time between the occurrence of a DNS failure and the activation of the DNS server in the backup center caused by the existing solution.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for domain name system protection
  • Method and system for domain name system protection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0038]The technical solution of the present invention is to construct (IP address group, domain name group) two-dimensional matrix A(i,j) and its related three-term function A(i,j).QPS, A(i,j).Delay , A(i,j).SuccessRate self-learns the DNS traffic characteristics of each (IP address group, domain name group), and can judge the two-dimensional matrix elements by comparing the traffic characteristics with the function A(i,j).Threshold_QPS DNS traffic is abnormal, and then judge which part of the domain name and which source IP address DNS request traffic is abnormal through the relationship between the elements in the matrix. After judging the abnormal A(i,∑), A(∑,j) and A( After the i,j) element, through the comparative analysis of the other two functions A(i,j).Threshold_Delay and A(i,j).Threshold_SuccessRate, it can be found that the abnormal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for protecting a domain name system. By self-studying the DNS traffic characteristics of IP address groups and domain name groups, and automatically identifying which two-dimensional matrix elements have abnormal DNS traffic, and then passing the DNS traffic between elements in the matrix Abnormal elements can be judged by the relationship. Through the comparative analysis of the analysis delay threshold and analysis success rate threshold of the two functions, the abnormal traffic can be classified and different processing mechanisms can be triggered. Both processing mechanisms avoid DNS failures caused by existing solutions. There will be a long period of time between the DNS server in the backup center and the DNS server being unable to serve the problem.

Description

technical field [0001] The invention relates to the technical fields of transmission and IP, in particular to a domain name system protection method and system. Background technique [0002] The DNS resolution process in the current specification is as follows (take www.sina.com.cn resolution as an example): [0003] (1) The user host sends the domain name query request to the local DNS server; [0004] (2) After receiving the request, the local DNS server searches in the local domain name database and cache, and if it finds relevant records, it sends the IP address corresponding to the domain name to the user host; [0005] (3) If the DNS server does not find relevant records in the local domain name database and cache, the local DNS server sends a resolution request to its own root domain server; [0006] (4) The DNS server in the root domain returns the IP address of the DNS server in the cn domain; [0007] (5) The local DNS server sends the request to the DNS server ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24H04L29/12
Inventor 姜欣杜建凤郭志刚吴茜李旬李鹏李可
Owner CHINA MOBILE GRP BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products