METHOD AND APPARATUS FOR FINDING HIDDEN IP ADDRESS IN MALICIOUS SITE USING DNS SERVICE
The present disclosure provides a method for finding a hidden IP address in a malicious site using a domain name system (DNS) service, which is executed by a computer. The method includes the operations of: collecting real IP addresses for servers based on a predefined service port; extracting a fir...
Saved in:
Main Authors | , |
---|---|
Format | Patent |
Language | English |
Published |
31.08.2023
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The present disclosure provides a method for finding a hidden IP address in a malicious site using a domain name system (DNS) service, which is executed by a computer. The method includes the operations of: collecting real IP addresses for servers based on a predefined service port; extracting a first IP address candidate group by performing banner filtering from the real IP addresses based on response information of a malicious site using a DNS service; extracting a second IP address candidate group by performing HTML filtering to verify whether the first IP address candidate group is similar to a HTML source of the malicious site; extracting a final IP address by performing image filtering to verify whether the second IP address candidate group is similar to an image of the malicious site; and determining whether the final IP address is a real IP address of the malicious site. |
---|---|
Bibliography: | Application Number: US202218056517 |