CN108900654A - A kind of DNS dynamic dispatching method based on mimicry name server - Google Patents

A kind of DNS dynamic dispatching method based on mimicry name server Download PDF

Info

Publication number
CN108900654A
CN108900654A CN201810880953.XA CN201810880953A CN108900654A CN 108900654 A CN108900654 A CN 108900654A CN 201810880953 A CN201810880953 A CN 201810880953A CN 108900654 A CN108900654 A CN 108900654A
Authority
CN
China
Prior art keywords
execution body
execution
safety gain
cur
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810880953.XA
Other languages
Chinese (zh)
Other versions
CN108900654B (en
Inventor
陈博
伊鹏
高洁
马海龙
张震
卜佑军
于洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Engineering University of PLA Strategic Support Force
Original Assignee
Information Engineering University of PLA Strategic Support Force
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Engineering University of PLA Strategic Support Force filed Critical Information Engineering University of PLA Strategic Support Force
Priority to CN201810880953.XA priority Critical patent/CN108900654B/en
Publication of CN108900654A publication Critical patent/CN108900654A/en
Application granted granted Critical
Publication of CN108900654B publication Critical patent/CN108900654B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Hardware Redundancy (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention provides a kind of DNS dynamic dispatching method based on mimicry name server, including:Step 1.1, initialization Ccur;Step 1.2, from ChK physical server of middle selection forms candidate collection Hk, from HkMiddle selection Execution body subpool in selection execute body c be added Ccur;If step 1.3, HkIn there is no a candidate physical server, execute step 1.5;Otherwise execute step 1.4;Step 1.4, from HkMiddle selectionAccording to default safety gain algorithm,Execution body subpool in determine and make maximum the executions body c ' of system safety gain, addition Ccur, execute step 1.6;Current remaining all execution body executed in body place execution body subpool of step 1.5, traversal, according to default safety gain algorithm, determining in remaining described all execution body makes the maximum execution body c ' of system safety gain, and C is addedcur;Step 1.6 repeats step 1.3, until CcurExecution body number reach m.The present invention is based on safety gains to select online execution body, so as to maximize system safety gain.

Description

A kind of DNS dynamic dispatching method based on mimicry name server
Technical field
The present invention relates to technical field of network security more particularly to a kind of DNS dynamic based on mimicry name server to adjust Degree method.
Background technique
Domain name system (Domain Name System;DNS it) as one of most important infrastructure in internet, maintains The mutual mapping relations of domain name system and IP address space.However, domain name system is inevitably present unknown loophole and back door, It is vulnerable.
Domain name system is a kind of information system, and the service mode of information system is a kind of " input-processing-output " (IPO) model, mimicry defence are exactly that dynamic, isomerism and redundancy enhancing system are introduced on the basis of the model, to It defends unknown loophole, back door and solves the problems, such as random faule.
Mimicry domain name system is a basic application of mimicry defence.As shown in Figure 1, mimicry domain name system passes through multiple domains The services client request simultaneously of name server selects unique relatively correct result to client by resolver, therefore, even if one Or several name server failures will not influence normally to service.In addition, operation name server according to scheduling strategy with Time and service device state dynamic change, though certain name servers by Domain Hijacking, caching poison, DNS cheat etc. attack Hit the normal request that will not influence user.
However, different scheduling strategy safety gains is also different, current scheduling strategy be mainly based upon random schedule and It is dispatched based on body trust value is executed, the former controllability is very poor, and the latter relies on the single execution body of historical information quantization for executing body Confidence level not from the safety of global angular quantification system, therefore can not maximize the safety gain of mimicry domain name system.
Summary of the invention
To solve the above-mentioned problems in the prior art, the present invention provides a kind of DNS based on mimicry name server Dynamic dispatching method can maximize the safety gain of mimicry domain name system.
The present invention provides a kind of DNS dynamic dispatching method based on mimicry name server, the mimicry name server Body pond is executed including more physical servers and one, the execution body pond includes multiple execution body subpools, and this method includes:
Step 1.1, the online execution body set C of initializationcur
Step 1.2, from system physical server set ChK physical server of middle selection forms candidate physical server set Close Hk, from HkOne physical server of middle selection?Selection one executes body c and C is added in corresponding execution body subpoolcur, and Update Hk, wherein h and k is positive integer, h >=k;
If step 1.3, HkIn there is no candidate physical server, then follow the steps 1.5;Otherwise then follow the steps 1.4;
Step 1.4, from HkOne physical server of middle selectionAccording to default safety gain algorithm,Corresponding execution Determination makes the maximum execution body c ' of system safety gain in body subpool, and C is added in c 'cur, and update Hk, execute step 1.6;
Current remaining all execution body executed in body place execution body subpool of step 1.5, traversal, increase according to default safety Beneficial algorithm, determination makes the maximum execution body c ' of system safety gain in remaining described all execution body, and C is added in c 'cur
Step 1.6 repeats step 1.3, until CcurIn execution body number reach predetermined number m.
Further, this method further includes:If C is known in judgementcurIt is middle to there is abnormal execution body, then it is selected from execution body pond Select the new execution body replacement abnormal execution body.
Further, described that the new execution body replacement abnormal body that executes is selected to specifically include from execution body pond:
Step 2.1 determines physical server p corresponding to abnormal execution body, determines abnormal in the corresponding execution body subpool of p Execute body number pmIf pm>=2, step 2.2 is executed, otherwise thens follow the steps 2.3;
Step 2.2, from remaining physics server set CresOne physical server ph of middle selection replaces p, according to default safety Gain algorithm selects p from the corresponding execution body subpool of ph one by onemIt is a to make the maximum execution body replacement C of system safety gaincur In it is abnormal execute body, update Cres
Step 2.3, basis preset safety gain algorithm, and selection makes system safety gain from p corresponding execution body subpool Maximum execution body replaces abnormal execution body.
Further, the default safety gain algorithm specifically includes:It executes body x and executes the safety gain between body y GxyAccording to the following formula
Gxy=σ * ksxy+θ*(kvoxy+koxy)+δ*kvtxy
It determines;Wherein, θ indicates that the safety gain of mimicry name server under different operating system, δ indicate different virtualization softwares The safety gain of lower mimicry name server, σ indicate the safety gain of mimicry name server under different name server softwares;
If it is different with the virtual opetrating system type of body y is executed to execute body x, kvoxy=1, on the contrary kvoxy=0;If executing body x It is different with the physical operating system type of body y is executed, then koxy=1, on the contrary koxy=0;If executing body x and executing the domain name of body y Server software type is different, then ksxy=1, on the contrary ksxy=0;If executing body x and executing the virtualization software type of body y not Together, then kvtxy=1, on the contrary kvtxy=0;
The system safety gain is new execution body and current time CcurIn it is each it is existing execute body between safety gain it is total With.
Beneficial effects of the present invention:
A kind of DNS dynamic dispatching method based on mimicry name server provided by the invention is randomly selecting first execution After body, the execution body then chosen then based on new execution body and has and executes the safety gain between body and determine, thus most Bigization system safety gain;Also, when selecting new execution body replacement exception to execute body, pass through the peace for assessing physical server Quan Xing prevents attacker from attacking physical server and causes the threat of multiple execution bodies failures, actually and in physical services Secondary mimicry defence is realized on device level, by mimicry defense mechanism, attacker's implementation Domain Hijacking, Cache Poisoning, DNS are taken advantage of The attacks such as deceiving all will failure;In addition, the computation complexity of the method for the invention can satisfy the requirement of system real time.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of existing mimicry domain name system;
Fig. 2 is the structural schematic diagram of mimicry name server provided in an embodiment of the present invention;
Fig. 3 is a kind of process signal of DNS dynamic dispatching method based on mimicry name server provided in an embodiment of the present invention Figure;
Fig. 4 is the abnormal schematic diagram for executing body of replacement provided in an embodiment of the present invention.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached in the embodiment of the present invention Figure, technical solution in the embodiment of the present invention are explicitly described, it is clear that described embodiment is a part of the invention Embodiment, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making wound Every other embodiment obtained under the premise of the property made labour, shall fall within the protection scope of the present invention.
Fig. 2 is the structural schematic diagram of mimicry name server provided in an embodiment of the present invention.As shown in Fig. 2, more physics Server and one executes body pond;Every physical server is configured with physical operating system and virtualization software, described virtual Change software for building multiple virtual opetrating systems on every physical server, pacifies in each virtual opetrating system Equipped with multiple name server softwares;The execution body pond includes multiple execution body subpools, and an execution body subpool is corresponding One physical server, each execution body subpool includes multiple execution bodies, and each execution body is taken by domain name Business device software, physical operating system, virtualizing operating systems and physical server are built to obtain.
Specifically, virtual opetrating system may include CentOS, Ubuntu, Windows Server 2008;Domain name service Device software may include BIND, PowerDNS, Microsoft DNS;DNS-1, DNS-2 in Fig. 2 ..., DNS-a ..., DNS-d can With the execution body being interpreted as in the embodiment of the present invention.
Physical server 1 is corresponding to execute body subpool { DNS-1, DNS-2 ..., DNS-a };Physical server 2 is corresponding to be executed Body subpool { DNS-a+1, DNS-a+2 ..., DNS-b };... physical server i is corresponding to execute body subpool { DNS-c+1, DNS- c+2、……、DNS-d}。
Mimicry name server in the embodiment of the present invention is based on the other construction of virtual machine-level, by mimicry name server The structure for regarding a kind of stratification as may include server layer, virtualization layer, physical operating system layer from top to bottom.Each physics Server carries a kind of virtualization software, and builds multiple virtual opetrating systems, and different domains is installed in virtual opetrating system Name server software, each name server software, operating system, the physical server hardware composition of virtualization software and bottom One execution body, all execute are collectively referred to as executing body pond collecting for body.
The embodiment of the present invention is based on stratification and diversity constructs mimicry name server, the mimicry name server and biography System name server is compared, and multiple execution bodies can be virtually turned on a physical server, can so substantially reduce mimicry defence Cost of implementation.Body is executed based on multi-level composite construction, the mimicry name server that gained executes body combination can effectively be prevented Imperial attacker is based on known to each level or the attack of unknown loophole, back door, the stratification combination are not limited only to described in this patent Several levels, all software and hardware conditions for influencing domain name Server Securities all can be used as a part of distinguishing hierarchy.
Fig. 3 is a kind of process of the DNS dynamic dispatching method based on mimicry name server provided in an embodiment of the present invention Schematic diagram.In conjunction with Fig. 2 and Fig. 3, this method includes:
S101, the online execution body set C of initializationcur
Specifically, the structure based on above-mentioned mimicry name server, after mimicry name server receives client's request, Before handling client request, it is thus necessary to determine that online to execute body set Ccur, that is, need to determine from execution pond and adjust Spend which execution body goes to handle above-mentioned client's request.
S102, from system physical server set ChK physical server of middle selection forms candidate physical server set Hk, from HkOne physical server of middle selection?Selection one executes body c and C is added in corresponding execution body subpoolcur, and more New Hk, wherein h and k is positive integer, h >=k;
Specifically, system physical server set ChIndicate that mimicry name server includes the convinced device of h physics.This step In, determining HkWhen, randomly selected mode can be taken, i.e., from ChMiddle k physical server of random selection.Then, from HkIn Select a physical serverAfterwards, describedThen from current HkMiddle deletion, that is, updateAt this point, Selection one executes body c and C is added in corresponding execution body subpoolcur, the C at current timecurIncluding executing body c.
If S103, HkIn there is no candidate physical server, then execute S105;It is on the contrary then execute S104;
S104, from HkOne physical server of middle selectionAccording to default safety gain algorithm,Corresponding execution body Determination makes the maximum execution body c ' of system safety gain in subpool, and C is added in c 'cur, and update Hk, execute S106;
Current remaining all execution body executed in body place execution body subpool of S105, traversal, according to default safety gain Algorithm, determination makes the maximum execution body c ' of system safety gain in remaining described all execution body, and C is added in c 'cur
S106, S103 is repeated, until CcurIn execution body number reach predetermined number m.
A kind of DNS dynamic dispatching method based on mimicry name server provided in an embodiment of the present invention, is randomly selecting After first execution body, the execution body then chosen then based on new execution body and having execute the safety gain between body come it is true It is fixed, to maximize system safety gain.
On the basis of the above embodiments, this method further includes:If C is known in judgementcurIt is middle exist it is abnormal execute body, then from It executes and new execution body is selected to replace the abnormal execution body in body pond.
On the basis of the above embodiments, described that new execution body is selected to replace the abnormal execution body from execution body pond It specifically includes:
S201, it determines physical server p corresponding to abnormal execution body, determines and held extremely in the corresponding execution body subpool of p Row body number pmIf pm>=2, S202 is executed, it is on the contrary then execute S203;
S202, from remaining physics server set CresOne physical server ph of middle selection replaces p, is increased according to default safety Beneficial algorithm selects p from the corresponding execution body subpool of ph one by onemIt is a to make the maximum execution body replacement C of system safety gaincurIn It is abnormal execute body, update Cres
Specifically, in this step, when selection replaces and executes body, using selection mode one by one, principle and step S105 class Seemingly.For example, if there are 2 abnormal execution body Y1 and Y2 in execution body subpool P corresponding to p, from corresponding execution body of ph The process that replacement execution body is chosen in the PH of pond is as follows:
Firstly, traversal executes all execution bodies in body subpool PH, according to default safety gain algorithm, in all execution bodies Middle determination makes the maximum execution body T1 of system safety gain, then replaces Y1 or Y2 with T1;
Then, traversal executes all execution bodies in addition to T1 in body subpool PH again, according to default safety gain algorithm, Determination makes the maximum execution body T2 of system safety gain in all execution bodies in addition to T1, then replaces Y2 or Y1 with T2.
For example, having 2 execution bodies abnormal on physical server 3, then object of recruiting again as shown in the dotted line 2 in Fig. 4 Server i is managed, is replacing physical services from the corresponding 2 new execution bodies of recruiting one by one in body subpool that execute of the physical server 2 abnormal execution bodies on device 3.
S203, basis preset safety gain algorithm, and selection keeps system safety gain maximum from p corresponding execution body subpool Execution body, replace and abnormal execute body.
Specifically, as shown in the dotted line 1 in Fig. 4, for example, only having one in the corresponding execution body subpool of physical server 1 Execute the abnormal execution body of execution body replacement that body is abnormal, then recruits new from the execution body subpool.
Fig. 4 is the abnormal schematic diagram for executing body of replacement provided in an embodiment of the present invention.One kind provided in an embodiment of the present invention DNS dynamic dispatching method based on mimicry name server passes through assessment when selecting new execution body replacement exception to execute body The safety of physical server prevents attacker from attacking physical server and causes the threat of multiple execution bodies failures, actually And the defence of secondary mimicry is realized on physical server level, by mimicry defense mechanism, attacker implement Domain Hijacking, The attacks such as Cache Poisoning, DNS deception all will failure.
If known CcurSize m, HkSize k is abnormal to execute body number e, physical server number h, each physical server Middle execution body number s executes body selection using the method for traversal, and computation complexity when physical server is offline is O ((ks- m)e), computation complexity when physical server is not offline is O (((h-k) s)e).The safety gain of mimicry framework is exponentially to increase It is long, under normal circumstances, it is only necessary to a small amount of execution body ensure that system highly reliably resist collaboration based on loophole back door or Miscoordination attack, therefore, under normal circumstances, takes 3≤h≤10,3≤m≤10;Secondly, consider the performance issue of physical server, The quantity of built virtual machine can also be limited as the case may be thereon, under normal circumstances, take s≤10;Finally, due to mimicry Framework uses majority decision algorithm, it is desirable that e≤m/2, therefore the computation complexity of the method for the invention can receive completely, it is full The requirement of pedal system real-time.
On the basis of the various embodiments described above, the default safety gain algorithm is specifically included:It executes body x and executes body y Between safety gain GxyAccording to the following formula
Gxy=σ * ksxy+θ*(kvoxy+koxy)+δ*kvtxy
It determines;Wherein, θ indicates that the safety gain of mimicry name server under different operating system, δ indicate different virtualization softwares The safety gain of lower mimicry name server, σ indicate the safety gain of mimicry name server under different name server softwares;
If it is different with the virtual opetrating system type of body y is executed to execute body x, kvoxy=1, on the contrary kvoxy=0;If holding Row body x is different with the physical operating system type of body y is executed, then koxy=1, on the contrary koxy=0;If executing body x and executing body y Name server software type it is different, then ksxy=1, on the contrary ksxy=0;If executing body x and executing the virtualization software of body y Type is different, then kvtxy=1, on the contrary kvtxy=0;
The system safety gain is new execution body and current time CcurIn it is each it is existing execute body between safety gain it is total With.
Specifically, for example, the execution body set sizes m=4 of systemic presupposition, selects new execution body c3 in executing body pond When, the current body collection that executes is { c1, c2 }, system safety gain G=G31+G32;New execution body c4 is selected in executing body pond When, the current body collection that executes is { c1, c2, c3 }, system safety gain G=G41+G42+G43;And so on, system safety gain is New execution body and current time CcurIn it is each it is existing execute body between safety gain summation.For example, selecting new execution body c5 Replacement is abnormal to execute body c1, and the current body collection that executes is { c2, c3 }, then executing system safety gain G=G after scheduling strategy52+ G53
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that:It still may be used To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features; And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and Range.

Claims (4)

1. a kind of DNS dynamic dispatching method based on mimicry name server, the mimicry name server includes more physics Server and one executes body pond, and the execution body pond includes multiple execution body subpools, which is characterized in that the method includes:
Step 1.1, the online execution body set C of initializationcur
Step 1.2, from system physical server set ChK physical server of middle selection forms candidate physical server set Hk, From HkOne physical server of middle selection?Selection one executes body c and C is added in corresponding execution body subpoolcur, and update Hk, wherein h and k is positive integer, h >=k;
If step 1.3, HkIn there is no candidate physical server, then follow the steps 1.5;Otherwise then follow the steps 1.4;
Step 1.4, from HkOne physical server of middle selectionAccording to default safety gain algorithm,Corresponding execution body Determination makes the maximum execution body c ' of system safety gain in pond, and C is added in c 'cur, and update Hk, execute step 1.6;
Current remaining all execution body executed in body place execution body subpool of step 1.5, traversal, are calculated according to default safety gain Method, determination makes the maximum execution body c ' of system safety gain in remaining described all execution body, and C is added in c 'cur
Step 1.6 repeats step 1.3, until CcurIn execution body number reach predetermined number m.
2. the method according to claim 1, wherein further including:
If C is known in judgementcurIt is middle to there is abnormal execution body, then it selects new execution body to replace the exception from execution body pond and holds Row body.
3. according to the method described in claim 2, it is characterized in that, described select new execution body to replace institute from execution body pond The abnormal body that executes is stated to specifically include:
Step 2.1 determines physical server p corresponding to abnormal execution body, determines and executes extremely in the corresponding execution body subpool of p Body number pmIf pm>=2, step 2.2 is executed, otherwise thens follow the steps 2.3;
Step 2.2, from remaining physics server set CresOne physical server ph of middle selection replaces p, according to default safety gain Algorithm selects p from the corresponding execution body subpool of ph one by onemIt is a to make the maximum execution body replacement C of system safety gaincurIn It is abnormal to execute body, update Cres
Step 2.3, basis preset safety gain algorithm, and selection keeps system safety gain maximum from p corresponding execution body subpool Execution body, replace and abnormal execute body.
4. method according to claim 1 to 3, which is characterized in that the default safety gain algorithm specifically includes: It executes body x and executes the safety gain G between body yxyAccording to the following formula
Gxy=σ * ksxy+θ*(kvoxy+koxy)+δ*kvtxy
It determines;Wherein, θ indicates that the safety gain of mimicry name server under different operating system, δ indicate different virtualization softwares The safety gain of lower mimicry name server, σ indicate the safety gain of mimicry name server under different name server softwares;
If it is different with the virtual opetrating system type of body y is executed to execute body x, kvoxy=1, on the contrary kvoxy=0;If executing body x It is different with the physical operating system type of body y is executed, then koxy=1, on the contrary koxy=0;If executing body x and executing the domain name of body y Server software type is different, then ksxy=1, on the contrary ksxy=0;If executing body x and executing the virtualization software type of body y not Together, then kvtxy=1, on the contrary kvtxy=0;
The system safety gain is new execution body and current time CcurIn it is each it is existing execute body between safety gain summation.
CN201810880953.XA 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server Active CN108900654B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810880953.XA CN108900654B (en) 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810880953.XA CN108900654B (en) 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server

Publications (2)

Publication Number Publication Date
CN108900654A true CN108900654A (en) 2018-11-27
CN108900654B CN108900654B (en) 2021-07-23

Family

ID=64353227

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810880953.XA Active CN108900654B (en) 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server

Country Status (1)

Country Link
CN (1) CN108900654B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109818951A (en) * 2019-01-18 2019-05-28 中国人民解放军战略支援部队信息工程大学 A kind of function equivalence executes body credibility evaluation method and device
CN110011965A (en) * 2019-02-28 2019-07-12 中国人民解放军战略支援部队信息工程大学 A kind of execution body based on confidence level non-uniform output judging method and device completely
CN110247932A (en) * 2019-07-04 2019-09-17 北京润通丰华科技有限公司 A kind of detection system and method for realizing DNS service defence
CN111628978A (en) * 2020-05-21 2020-09-04 河南信大网御科技有限公司 Mimicry normalization decision making system, method and readable storage medium
CN116455654A (en) * 2023-04-26 2023-07-18 之江奇安科技有限公司 Security reinforcement method and device for business information system based on endophytic security

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105049419A (en) * 2015-06-19 2015-11-11 中国人民解放军信息工程大学 Mimicry-network step-by-step exchange routing system based on heterogeneous diversity
CN106789360A (en) * 2017-02-15 2017-05-31 中国互联网络信息中心 A kind of DNS flow simulations system
CN106874755A (en) * 2017-01-22 2017-06-20 中国人民解放军信息工程大学 The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks
CN106878254A (en) * 2016-11-16 2017-06-20 国家数字交换***工程技术研究中心 Improve the method and device of DNS securities of system
US20170187686A1 (en) * 2015-12-25 2017-06-29 Sanctum Networks Limited Enhancing privacy and security on a SDN network using SND flow based forwarding control
CN108011994A (en) * 2017-12-15 2018-05-08 网宿科技股份有限公司 A kind of method and system of inquiry DNS records

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105049419A (en) * 2015-06-19 2015-11-11 中国人民解放军信息工程大学 Mimicry-network step-by-step exchange routing system based on heterogeneous diversity
US20170187686A1 (en) * 2015-12-25 2017-06-29 Sanctum Networks Limited Enhancing privacy and security on a SDN network using SND flow based forwarding control
CN106878254A (en) * 2016-11-16 2017-06-20 国家数字交换***工程技术研究中心 Improve the method and device of DNS securities of system
CN106874755A (en) * 2017-01-22 2017-06-20 中国人民解放军信息工程大学 The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks
CN106789360A (en) * 2017-02-15 2017-05-31 中国互联网络信息中心 A kind of DNS flow simulations system
CN108011994A (en) * 2017-12-15 2018-05-08 网宿科技股份有限公司 A kind of method and system of inquiry DNS records

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CUICUI WANG,WEIMIN LI , FANG LIU, ZHENMING LEI: "RESEARCH OF DOMAIN NAME MAPPED IP-ADDRESS", 《PROCEEDINGS OFIC-NIDC2012》 *
王禛鹏,扈红超,程国振: "一种基于拟态安全防御的DNS框架设计", 《电子学报》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109818951A (en) * 2019-01-18 2019-05-28 中国人民解放军战略支援部队信息工程大学 A kind of function equivalence executes body credibility evaluation method and device
CN109818951B (en) * 2019-01-18 2021-08-03 中国人民解放军战略支援部队信息工程大学 Functional equivalent executive body reliability assessment method and device
CN110011965A (en) * 2019-02-28 2019-07-12 中国人民解放军战略支援部队信息工程大学 A kind of execution body based on confidence level non-uniform output judging method and device completely
CN110011965B (en) * 2019-02-28 2021-09-24 中国人民解放军战略支援部队信息工程大学 Execution body complete non-uniform output arbitration method and device based on credibility
CN110247932A (en) * 2019-07-04 2019-09-17 北京润通丰华科技有限公司 A kind of detection system and method for realizing DNS service defence
CN111628978A (en) * 2020-05-21 2020-09-04 河南信大网御科技有限公司 Mimicry normalization decision making system, method and readable storage medium
CN111628978B (en) * 2020-05-21 2022-02-22 河南信大网御科技有限公司 Mimicry normalization decision making system, method and readable storage medium
CN116455654A (en) * 2023-04-26 2023-07-18 之江奇安科技有限公司 Security reinforcement method and device for business information system based on endophytic security
CN116455654B (en) * 2023-04-26 2024-05-28 之江奇安科技有限公司 Security reinforcement method, device and equipment for business information system based on endophytic security and readable storage medium

Also Published As

Publication number Publication date
CN108900654B (en) 2021-07-23

Similar Documents

Publication Publication Date Title
CN108900654A (en) A kind of DNS dynamic dispatching method based on mimicry name server
JP7408725B2 (en) Automatic operation management of computer systems
Zhuang et al. Investigating the application of moving target defenses to network security
US8886929B2 (en) Generating a chain of trust for a virtual endpoint
US8955111B2 (en) Instruction set adapted for security risk monitoring
US8843914B1 (en) Distributed update service
CN110348224B (en) Dynamic measurement method based on dual-architecture trusted computing platform
US20200106806A1 (en) Preventing distributed denial of service attacks in real-time
Mendonça et al. Performability analysis of services in a software-defined networking adopting time-based moving target defense mechanisms
Ge et al. Evaluating security and availability of multiple redundancy designs when applying security patches
Patra et al. Using online planning and acting to recover from cyberattacks on software-defined networks
KR101994664B1 (en) Vulnerability checking system based on cloud service
US11245640B1 (en) Systems, methods, and apparatuses for predicting availability of a resource
Zunnurhain Fapa: a model to prevent flooding attacks in clouds
Azzedin et al. Trust brokering and its use for resource matchmaking in public-resource grids
Torquato et al. Software rejuvenation meets moving target defense: Modeling of time-based virtual machine migration approach
CN107231339A (en) The detection method and device of a kind of ddos attack
Sauber et al. A novel hadoop security model for addressing malicious collusive workers
Torquato et al. Towards models for availability and security evaluation of cloud computing with moving target defense
CN114760136B (en) Safety early warning system and method based on micro-isolation
Ayanboye et al. An assessment of security techniques for denial of service attack in virtualized environments
Li et al. Ratel: MPC-extensions for Smart Contracts

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant