METHOD AND APPARATUS FOR FINDING HIDDEN IP ADDRESS IN MALICIOUS SITE USING DNS SERVICE

The present disclosure provides a method for finding a hidden IP address in a malicious site using a domain name system (DNS) service, which is executed by a computer. The method includes the operations of: collecting real IP addresses for servers based on a predefined service port; extracting a fir...

Full description

Saved in:
Bibliographic Details
Main Authors KANG, Byung Tak, CHOI, Dong Sik
Format Patent
LanguageEnglish
Published 31.08.2023
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:The present disclosure provides a method for finding a hidden IP address in a malicious site using a domain name system (DNS) service, which is executed by a computer. The method includes the operations of: collecting real IP addresses for servers based on a predefined service port; extracting a first IP address candidate group by performing banner filtering from the real IP addresses based on response information of a malicious site using a DNS service; extracting a second IP address candidate group by performing HTML filtering to verify whether the first IP address candidate group is similar to a HTML source of the malicious site; extracting a final IP address by performing image filtering to verify whether the second IP address candidate group is similar to an image of the malicious site; and determining whether the final IP address is a real IP address of the malicious site.
Bibliography:Application Number: US202218056517