Domain name service risk assessment method and system based on DNS resolution dependence

• Main Authors: LUO MENG, WANG QIUYUN, REN FANGLI, XIN LILING, WANG SHUWEI, JIANG ZHENGWEI
• Format: Patent
• Language: Chinese; English
• Published: 19.11.2019
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

The invention discloses a domain name service risk assessment method and a system based on DNS (Domain Name System) resolution dependence, which are used for determining a region, a domain name and aserver which are depended in the resolution process of a given domain name, and can calculate the risk of successful resolution of the given domain name under the condition of knowing the risk of related servers. The method comprises the following steps: extracting four types of resource records of A, AAA, CNAME and NS from passively acquired DNS data; constructing a resource record dependence graph of given domain name resolution by utilizing parent region dependence, name server dependence, alias dependence and server dependence in the domain name resolution process; converting the domain name resolution resource record dependency graph into a logic relationship tree by utilizing the relationship among the four dependencies; and calculating a risk value of normal resolution of the givendomain name from bottom to