Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DNS reflection amplification attack detection method, device and system

A technology of attack detection and DNS query, applied in transmission systems, electrical components, etc., can solve problems such as bandwidth impact, DNS server response bandwidth impact, and failure to provide services normally, and achieve the effect of eliminating impact

Inactive Publication Date: 2017-09-05
CHINA INTERNET NETWORK INFORMATION CENTER
View PDF3 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The second attack method is abnormal request (such as super long domain name request, abnormal domain name request, etc.) access attack
[0007] The third attack method is DNS hijacking attack
[0008] The fourth attack method is that the attacker uses DNS to attack the victim
[0009] The above-mentioned fourth attack method will not only cause the service and bandwidth of the victim to be affected by the attack traffic, so that the service cannot be provided normally, but also affect the response bandwidth of the DNS server itself, so that the DNS server cannot provide normal traffic. DNS resolution service

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DNS reflection amplification attack detection method, device and system
  • DNS reflection amplification attack detection method, device and system
  • DNS reflection amplification attack detection method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present invention are shown in the drawings, it should be understood that the invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present invention and to fully convey the scope of the present invention to those skilled in the art.

[0033] figure 1 A schematic diagram of a system with a DNS reflection amplification attack detection function according to an embodiment of the present invention is shown. Such as figure 1 As shown, the difference between the system with the DNS reflection amplification attack detection function according to the embodiment of the present invention and the existing system is that a DNS packet analyzer is introduced, and the DNS packet analyzer ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a DNS reflection amplification attack detection method, device and system. The method includes the steps that a DNS response message of a mirror image is received; DNS response message information in the DNS response message is analyzed, numeric statistics is carried out, and the statistic is obtained; an attack alarm is given when the statistic exceeds a set threshold value corresponding to the statistic. By means of the detection method, device and system, occurrence of DNS amplification attacks can be detected in time, and the alarm is given.

Description

technical field [0001] The invention relates to the technical field of distributed denial-of-service attack detection, in particular to a DNS reflection amplification attack detection method, device and system. Background technique [0002] In computer network communication, hosts need to know the IP address of the communication peer to be able to communicate with each other through the IP network. However, the 32-bit IPv4 address (the IPv6 address is 128 bits) is not easy for communication participants to remember. Therefore, more intuitive domain names (such as www.google.com.hk) are widely used to solve the problem of difficult memory of IP addresses. At the same time, network communication is based on the IP protocol, and the host to be accessed cannot be directly found only through the domain name. Therefore, the host needs to convert the domain name entered by the user into an IP address. This process is called domain name resolution. [0003] In order to complete d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L63/1458H04L69/22H04L61/4511
Inventor 张恒张鹏姜涛孙才杨鞠华
Owner CHINA INTERNET NETWORK INFORMATION CENTER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com