CN115277636A - Method and system for analyzing extensive domain name - Google Patents
Method and system for analyzing extensive domain name Download PDFInfo
- Publication number
- CN115277636A CN115277636A CN202211117605.XA CN202211117605A CN115277636A CN 115277636 A CN115277636 A CN 115277636A CN 202211117605 A CN202211117605 A CN 202211117605A CN 115277636 A CN115277636 A CN 115277636A
- Authority
- CN
- China
- Prior art keywords
- sub
- domain name
- list
- resolution
- domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Stored Programmes (AREA)
Abstract
The embodiment of the application discloses a method and a system for analyzing a generic domain name, which are applied to the technical field of computers. The method comprises the following steps: acquiring a sub-domain name list and sub-domain name information of each sub-domain name; traversing all the sub-domain names, and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if so, judging whether the sub domain name with the same survival time value exists in the sub domain name list according to the survival time value of the sub domain name to be traversed; if yes, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and if yes, adding the sub-domain name to be traversed into a non-generic resolution list; and outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed. Whether a domain name is obtained through extensive resolution can be efficiently and simply judged.
Description
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a method and a system for analyzing a domain name.
Background
The decision tree is a supervised learning algorithm based on if-then-else rules, and features which are irrelevant can be processed through the training of the rules of the decision tree, and different types of data are processed at the same time, so that data which are more in line with standards are obtained. The similarity comparison of responsivity is to obtain the similarity of two pages by comparing the phrases, characters, HTML structures and styles of the two pages.
The prior art simply determines whether the domain name is obtained by extensive resolution through enumeration, and the efficiency is too low and all sub-domain names cannot be enumerated completely. Also, a large number of false positives may occur with the method of keeping the IP as a blacklist by recording extensive resolution. For example, an existing domain name resolves to an IP that has been marked as blacklisted, which can result in false positives.
Disclosure of Invention
Therefore, the embodiment of the application provides a method and a system for generic domain name resolution, which can efficiently and simply judge whether a domain name is obtained by generic resolution.
In order to achieve the above object, the embodiments of the present application provide the following technical solutions:
according to a first aspect of an embodiment of the present application, there is provided a method for domain name resolution, the method including:
acquiring a sub-domain name list and sub-domain name information of each sub-domain name; the sub domain name information comprises an analysis record and a survival time value;
traversing all the sub-domain names, and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if not, adding the sub-domain name to be traversed into a non-extensive resolution list;
if yes, judging whether the sub domain names with the same survival time value exist in the sub domain name list according to the survival time value of the sub domain names to be traversed; if not, adding the sub-domain name to be traversed into the non-extensive resolution list;
if yes, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and if yes, adding the sub-domain name to be traversed into the non-extensive resolution list;
and outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed.
Optionally, the determining, according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, whether a response similarity condition is met, and if so, adding the sub-domain name to be traversed to the non-generic resolution list, including:
performing similarity calculation for each sub-domain name in the non-extensive resolution list, and determining the similarity between each sub-domain name and the rest sub-domain names in the non-extensive resolution list;
and adding the sub domain names with the similarity lower than a set threshold value in the non-extensive resolution list into the final non-extensive resolution list and outputting.
Optionally, before the obtaining the sub-domain name list and the sub-domain name information of each sub-domain name, the method includes:
acquiring a root domain name of the sub-domain name;
judging whether a generic resolution behavior exists according to the root domain name, and if so, performing the next step of obtaining a sub-domain name list and sub-domain name information of each sub-domain name; and if not, finishing the screening of the root domain name.
Optionally, the resolution record of the sub-domain name includes the sub-domain name and the corresponding root domain name, sub-domain name resolution data and resolution times, sub-domain name first resolution time, and sub-domain name last resolution time.
According to a second aspect of embodiments of the present application, there is provided a domain name resolution system, including:
the information acquisition module is used for acquiring a subdomain name list and subdomain name information of each subdomain name; the sub-domain name information comprises an analysis record and a survival time value;
the first judgment module is used for traversing all the sub-domain names and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if not, adding the sub domain name to be traversed into a non-extensive resolution list;
the second judgment module is used for judging whether the sub domain names with the same survival time value exist in the sub domain name list according to the survival time value of the sub domain names to be traversed if the sub domain names exist; if not, adding the sub domain name to be traversed into the non-extensive resolution list;
a third judging module, configured to determine whether a response similarity condition is met according to a response similarity of the sub-domain name to be traversed in the sub-domain name list if the sub-domain name to be traversed exists, and add the sub-domain name to be traversed to the non-generic resolution list if the response similarity condition is met;
and the output module is used for outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed.
Optionally, the third determining module is specifically configured to:
performing similarity calculation on each sub domain name in the non-extensive resolution list, and determining the similarity between each sub domain name and the rest sub domain names in the non-extensive resolution list;
and adding the sub domain names with the similarity lower than a set threshold value in the non-extensive resolution list into the final non-extensive resolution list and outputting.
Optionally, the system further comprises:
the information acquisition module is also used for acquiring the root domain name of the sub-domain name;
judging whether a generic resolution behavior exists according to the root domain name, and if so, performing the next step of obtaining a sub-domain name list and sub-domain name information of each sub-domain name; if not, the screening of the root domain name is finished.
Optionally, the resolution record of the sub domain name includes the sub domain name and the corresponding root domain name, resolution data and resolution times of the sub domain name, first resolution time of the sub domain name, and last resolution time of the sub domain name.
According to a third aspect of embodiments herein, there is provided an electronic device comprising: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor executing the computer program to implement the method of the first aspect.
According to a fourth aspect of embodiments herein, there is provided a computer readable storage medium having stored thereon computer readable instructions executable by a processor to implement the method of the first aspect described above.
In summary, the embodiment of the present application provides a method and a system for analyzing a domain name, which obtains a sub-domain name list and sub-domain name information of each sub-domain name; the sub-domain name information comprises an analysis record and a survival time value; traversing all the sub-domain names, and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if not, adding the sub domain name to be traversed into a non-extensive resolution list; if so, judging whether the sub domain name with the same survival time value exists in the sub domain name list according to the survival time value of the sub domain name to be traversed; if not, adding the sub domain name to be traversed into a non-extensive resolution list; if yes, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and if yes, adding the sub-domain name to be traversed into a non-generic resolution list; and outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed. Whether a domain name is obtained through extensive resolution or not is efficiently and simply judged.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary, and that other embodiments can be derived from the drawings provided by those of ordinary skill in the art without inventive effort.
The structures, ratios, sizes, and the like shown in the present specification are only used for matching with the contents disclosed in the specification, so that those skilled in the art can understand and read the present invention, and do not limit the conditions for implementing the present invention, so that the present invention has no technical significance, and any structural modifications, changes in the ratio relationship, or adjustments of the sizes, without affecting the functions and purposes of the present invention, should still fall within the scope of the present invention.
Fig. 1 is a schematic flowchart of a method for domain name resolution according to an embodiment of the present disclosure;
fig. 2 is a flowchart of domain name resolution provided in an embodiment of the present application;
fig. 3 is a block diagram of a general domain name resolution system according to an embodiment of the present application;
fig. 4 shows a schematic structural diagram of an electronic device provided in an embodiment of the present application;
fig. 5 is a schematic diagram illustrating a computer-readable storage medium according to an embodiment of the present application.
Detailed Description
The present invention is described in terms of specific embodiments, and other advantages and benefits of the present invention will become apparent to those skilled in the art from the following disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 illustrates a domain name resolution method provided in an embodiment of the present application, where the method includes:
step S101: acquiring a sub-domain name list and sub-domain name information of each sub-domain name; the sub-domain name information comprises an analysis record and a survival time value;
step S102: traversing all the sub-domain names, and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if not, adding the sub-domain name to be traversed into a non-extensive resolution list;
step S103: if yes, judging whether the sub domain names with the same survival time value exist in the sub domain name list according to the survival time value of the sub domain names to be traversed; if not, adding the sub domain name to be traversed into the non-extensive resolution list;
step S104: if yes, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and if yes, adding the sub-domain name to be traversed into the non-extensive resolution list;
step S105: and outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed.
In a possible implementation manner, in step S104, the determining, according to the response similarity of the sub domain name to be traversed in the sub domain name list, whether a response similarity condition is met, and if yes, adding the sub domain name to be traversed to the non-generic resolution list includes:
performing similarity calculation on each sub domain name in the non-extensive resolution list, and determining the similarity between each sub domain name and the rest sub domain names in the non-extensive resolution list; and adding the sub domain names with the similarity lower than a set threshold value in the non-extensive resolution list into the final non-extensive resolution list and outputting.
In one possible implementation, before the acquiring the sub-domain name list and the sub-domain name information of each sub-domain name in step S101, the method includes:
acquiring a root domain name of the sub-domain name; judging whether a generic resolution behavior exists according to the root domain name, and if so, performing the next step of obtaining a sub-domain name list and sub-domain name information of each sub-domain name; and if not, finishing the screening of the root domain name.
In one possible embodiment, the resolution record of the sub-domain name includes the sub-domain name and the corresponding root domain name, the resolution data and resolution times of the sub-domain name, the first resolution time and the last resolution time of the sub-domain name.
Fig. 2 shows a schematic diagram of an embodiment of a domain name resolution method provided in an embodiment of the present application, where the method includes the following steps:
step 1: acquiring a sub-domain name list and sub-domain name information of each sub-domain name; the sub-domain name information comprises an analysis record and a survival time value;
step 2: starting to traverse each sub-domain name; for each sub-domain name, firstly, judging whether the sub-domain name with the same resolution record exists in the sub-domain name list according to the resolution record of the sub-domain name to be traversed, and if the sub-domain name is different, marking the sub-domain name as a non-extensive resolution record; if the two are the same, entering step 3;
and 3, step 3: judging whether the sub domain names with the same survival time value exist in the sub domain name list or not according to the TTL (time to live) values of the sub domain names to be traversed, if not, marking as a non-extensive resolution record, and if so, entering the step 4;
and 4, step 4: storing all the non-extensive analysis records obtained in the step 3 in a list;
and 5: comparing all data in the list through response similarity comparison, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and marking all data with the similarity smaller than eighty percent as non-extensive resolution records;
step 6: and counting all the data marked as the non-extensive analysis records, and outputting a document.
To sum up, the embodiment of the present application provides a method for analyzing a domain name, which obtains a sub-domain name list and sub-domain name information of each sub-domain name; traversing all the sub-domain names, and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if yes, judging whether the sub domain names with the same survival time value exist in the sub domain name list according to the survival time value of the sub domain names to be traversed; if yes, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and if yes, adding the sub-domain name to be traversed into a non-generic resolution list; and outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed. Whether a domain name is obtained through extensive resolution is efficiently and simply judged.
Based on the same technical concept, an embodiment of the present application further provides a domain name resolution system, as shown in fig. 3, the system includes:
an information obtaining module 301, configured to obtain a sub-domain name list and sub-domain name information of each sub-domain name; the sub domain name information comprises an analysis record and a survival time value;
the first judging module 302 is configured to traverse all the sub-domain names, and judge whether there is a sub-domain name with the same analysis record in the sub-domain name list according to the analysis record of the sub-domain name to be traversed; if not, adding the sub domain name to be traversed into a non-extensive resolution list;
a second determining module 303, configured to determine, if there is a sub-domain name with the same survival time value in the sub-domain name list, according to the survival time value of the sub-domain name to be traversed; if not, adding the sub-domain name to be traversed into the non-extensive resolution list;
a third determining module 304, configured to determine whether a response similarity condition is met according to a response similarity of the sub-domain name to be traversed in the sub-domain name list if the sub-domain name to be traversed exists in the sub-domain name list, and add the sub-domain name to be traversed into the non-generic resolution list if the response similarity condition is met;
an output module 305, configured to output the non-extensive resolution list until all the sub-domain names in the sub-domain name list are processed.
In a possible implementation manner, the third determining module 304 is specifically configured to:
performing similarity calculation for each sub-domain name in the non-extensive resolution list, and determining the similarity between each sub-domain name and the rest sub-domain names in the non-extensive resolution list; and adding the sub domain names with the similarity lower than a set threshold value in the non-extensive resolution list into the final non-extensive resolution list and outputting.
In one possible embodiment, the system further comprises:
the information obtaining module 301 is further configured to obtain a root domain name of the sub-domain name; judging whether a generic resolution behavior exists according to the root domain name, and if so, performing the next step of acquiring a sub-domain name list and sub-domain name information of each sub-domain name; if not, the screening of the root domain name is finished.
In one possible embodiment, the resolution record of the sub-domain name includes the sub-domain name and the corresponding root domain name, the resolution data and resolution times of the sub-domain name, the first resolution time and the last resolution time of the sub-domain name.
The embodiment of the present application further provides an electronic device 20 corresponding to the method provided in the foregoing embodiment. Referring to fig. 4, a schematic diagram of an electronic device 20 provided in some embodiments of the present application is shown. The electronic device 20 may include: the system comprises a processor 200, a memory 201, a bus 202 and a communication interface 203, wherein the processor 200, the communication interface 203 and the memory 201 are connected through the bus 202; the memory 201 stores a computer program that can be executed on the processor 200, and the processor 200 executes the computer program to perform the method provided by any of the foregoing embodiments of the present application.
The Memory 201 may include a high-speed Random Access Memory (RAM) and may further include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The communication connection between the network element of the system and at least one other network element is realized through at least one physical port (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network and the like can be used.
The processor 200 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 200. The Processor 200 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; but may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software modules may be located in ram, flash, rom, prom, or eprom, registers, etc. as is well known in the art. The storage medium is located in the memory 201, and the processor 200 reads the information in the memory 201 and completes the steps of the method in combination with the hardware thereof.
The electronic device 20 provided by the embodiment of the present application and the method provided by the embodiment of the present application are based on the same inventive concept, and have the same beneficial effects as the method adopted, operated or implemented by the electronic device.
Referring to fig. 5, the computer-readable storage medium is an optical disc 30, on which a computer program (i.e., a program product) is stored, and when the computer program is executed by a processor, the computer program performs the method of any of the foregoing embodiments.
It should be noted that examples of the computer-readable storage medium may also include, but are not limited to, a phase change memory (PRAM), a Static Random Access Memory (SRAM), a Dynamic Random Access Memory (DRAM), other types of Random Access Memories (RAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a flash memory, or other optical and magnetic storage media, which are not described in detail herein.
The computer-readable storage medium provided by the above-mentioned embodiments of the present application and the method provided by the embodiments of the present application have the same advantages as the method adopted, executed or implemented by the application program stored in the computer-readable storage medium.
It should be noted that:
the algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose devices may be used with the teachings herein. The required structure for constructing an arrangement of this type will be apparent from the description above. In addition, this application is not directed to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the present application as described herein, and any descriptions of specific languages are provided above to disclose the best modes of the present application.
In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the application may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the application, various features of the application are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the application and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be construed to reflect the intent: this application is intended to cover such departures from the present disclosure as come within known or customary practice in the art to which this invention pertains. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this application.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the application and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
Various component embodiments of the present application may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in the creation apparatus of a virtual machine according to embodiments of the present application. The present application may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present application may be stored on a computer readable medium or may be in the form of one or more signals. Such a signal may be downloaded from an internet website, or provided on a carrier signal, or provided in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the application, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The application may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above description is only for the preferred embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A method for domain name resolution, the method comprising:
acquiring a sub-domain name list and sub-domain name information of each sub-domain name; the sub-domain name information comprises an analysis record and a survival time value;
traversing all the sub-domain names, and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list according to the analysis record of the sub-domain names to be traversed; if not, adding the sub domain name to be traversed into a non-extensive resolution list;
if yes, judging whether the sub domain names with the same survival time value exist in the sub domain name list according to the survival time value of the sub domain names to be traversed; if not, adding the sub domain name to be traversed into the non-extensive resolution list;
if yes, determining whether a response similarity condition is met according to the response similarity of the sub-domain name to be traversed in the sub-domain name list, and if yes, adding the sub-domain name to be traversed into the non-extensive resolution list;
and outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed.
2. The method of claim 1, wherein the determining whether a response similarity condition is met according to the response similarity of the sub domain name to be traversed in the sub domain name list, and if so, adding the sub domain name to be traversed to the non-flooding resolution list comprises:
performing similarity calculation for each sub-domain name in the non-extensive resolution list, and determining the similarity between each sub-domain name and the rest sub-domain names in the non-extensive resolution list;
and adding the sub domain names with the similarity lower than a set threshold value in the non-extensive resolution list into a final non-extensive resolution list.
3. The method of claim 1, wherein prior to the obtaining the list of subdomain names and the subdomain name information for each subdomain name, the method comprises:
acquiring a root domain name of a sub domain name;
judging whether a generic resolution behavior exists according to the root domain name, and if so, performing the next step of obtaining a sub-domain name list and sub-domain name information of each sub-domain name; and if not, finishing the screening of the root domain name.
4. The method of claim 1, wherein the resolution record of the sub-domain name comprises the sub-domain name and the corresponding root domain name, sub-domain name resolution data and resolution times, sub-domain name first resolution time and last resolution time.
5. A domain name resolution system, the system comprising:
the information acquisition module is used for acquiring a subdomain name list and subdomain name information of each subdomain name; the sub domain name information comprises an analysis record and a survival time value;
the first judgment module is used for traversing all the sub-domain names and judging whether the sub-domain names with the same analysis record exist in the sub-domain name list or not according to the analysis record of the sub-domain names to be traversed; if not, adding the sub-domain name to be traversed into a non-extensive resolution list;
the second judgment module is used for judging whether the sub domain names with the same survival time value exist in the sub domain name list or not according to the survival time value of the sub domain names to be traversed if the sub domain names exist; if not, adding the sub domain name to be traversed into the non-extensive resolution list;
a third judging module, configured to determine whether a response similarity condition is met according to a response similarity of the sub-domain name to be traversed in the sub-domain name list if the sub-domain name to be traversed exists, and add the sub-domain name to be traversed to the non-generic resolution list if the response similarity condition is met;
and the output module is used for outputting the non-extensive resolution list until all the sub domain names in the sub domain name list are processed.
6. The system of claim 5, wherein the third determining module is specifically configured to:
performing similarity calculation for each sub-domain name in the non-extensive resolution list, and determining the similarity between each sub-domain name and the rest sub-domain names in the non-extensive resolution list;
and adding the sub domain names with the similarity lower than a set threshold value in the non-extensive resolution list into the final non-extensive resolution list and outputting.
7. The system of claim 5, wherein the system further comprises:
the information acquisition module is also used for acquiring the root domain name of the sub-domain name;
judging whether a generic resolution behavior exists according to the root domain name, and if so, performing the next step of obtaining a sub-domain name list and sub-domain name information of each sub-domain name; and if not, finishing the screening of the root domain name.
8. The system of claim 5, wherein the resolution record of the sub-domain name comprises the sub-domain name and the corresponding root domain name, sub-domain name resolution data and resolution times, sub-domain name first resolution time and last resolution time.
9. An electronic device, comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor executes when executing the computer program to implement the method according to any of claims 1-4.
10. A computer readable storage medium having computer readable instructions stored thereon which are executable by a processor to implement the method of any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211117605.XA CN115277636B (en) | 2022-09-14 | 2022-09-14 | Method and system for resolving universal domain name |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211117605.XA CN115277636B (en) | 2022-09-14 | 2022-09-14 | Method and system for resolving universal domain name |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115277636A true CN115277636A (en) | 2022-11-01 |
| CN115277636B CN115277636B (en) | 2023-08-01 |
Family
ID=83757077
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211117605.XA Active CN115277636B (en) | 2022-09-14 | 2022-09-14 | Method and system for resolving universal domain name |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115277636B (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130179555A1 (en) * | 2012-01-10 | 2013-07-11 | Thomson Licensing | Method and device for timestamping data and method and device for verification of a timestamp |
| US8832283B1 (en) * | 2010-09-16 | 2014-09-09 | Google Inc. | Content provided DNS resolution validation and use |
| WO2016177284A1 (en) * | 2015-05-07 | 2016-11-10 | 阿里巴巴集团控股有限公司 | Domain name resolution method and device |
| US20180131708A1 (en) * | 2016-11-09 | 2018-05-10 | F-Secure Corporation | Identifying Fraudulent and Malicious Websites, Domain and Sub-domain Names |
| CN108933846A (en) * | 2018-06-21 | 2018-12-04 | 北京谷安天下科技有限公司 | A kind of recognition methods, device and the electronic equipment of general parsing domain name |
| CN109040346A (en) * | 2018-10-30 | 2018-12-18 | 深信服科技股份有限公司 | Screening technique, device and the equipment of effective domain name in a kind of Extensive domain name analysis |
| CN112615945A (en) * | 2020-12-18 | 2021-04-06 | 平安科技(深圳)有限公司 | Domain name resolution record management method and device, computer equipment and storage medium |
| WO2021120355A1 (en) * | 2019-12-18 | 2021-06-24 | 网宿科技股份有限公司 | Domain name parsing method, authoritative domain name server and local domain name server |
| CN113286016A (en) * | 2021-07-20 | 2021-08-20 | 中国人民解放军国防科技大学 | Method and device for analyzing service range of cache domain name system |
| CN113810518A (en) * | 2021-09-15 | 2021-12-17 | 北京知道未来信息技术有限公司 | Effective sub-domain name recognition method and device and electronic equipment |
| CN114124895A (en) * | 2022-01-24 | 2022-03-01 | 中国电子信息产业集团有限公司第六研究所 | Domain name data processing method, domain name description method, electronic device and storage medium |
-
2022
- 2022-09-14 CN CN202211117605.XA patent/CN115277636B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8832283B1 (en) * | 2010-09-16 | 2014-09-09 | Google Inc. | Content provided DNS resolution validation and use |
| US20130179555A1 (en) * | 2012-01-10 | 2013-07-11 | Thomson Licensing | Method and device for timestamping data and method and device for verification of a timestamp |
| WO2016177284A1 (en) * | 2015-05-07 | 2016-11-10 | 阿里巴巴集团控股有限公司 | Domain name resolution method and device |
| US20180131708A1 (en) * | 2016-11-09 | 2018-05-10 | F-Secure Corporation | Identifying Fraudulent and Malicious Websites, Domain and Sub-domain Names |
| CN108933846A (en) * | 2018-06-21 | 2018-12-04 | 北京谷安天下科技有限公司 | A kind of recognition methods, device and the electronic equipment of general parsing domain name |
| CN109040346A (en) * | 2018-10-30 | 2018-12-18 | 深信服科技股份有限公司 | Screening technique, device and the equipment of effective domain name in a kind of Extensive domain name analysis |
| WO2021120355A1 (en) * | 2019-12-18 | 2021-06-24 | 网宿科技股份有限公司 | Domain name parsing method, authoritative domain name server and local domain name server |
| CN112615945A (en) * | 2020-12-18 | 2021-04-06 | 平安科技(深圳)有限公司 | Domain name resolution record management method and device, computer equipment and storage medium |
| CN113286016A (en) * | 2021-07-20 | 2021-08-20 | 中国人民解放军国防科技大学 | Method and device for analyzing service range of cache domain name system |
| CN113810518A (en) * | 2021-09-15 | 2021-12-17 | 北京知道未来信息技术有限公司 | Effective sub-domain name recognition method and device and electronic equipment |
| CN114124895A (en) * | 2022-01-24 | 2022-03-01 | 中国电子信息产业集团有限公司第六研究所 | Domain name data processing method, domain name description method, electronic device and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 时长江;孟晓青;胡炜;张萍;刘国梁;徐君;郭曙超;: "域名解析系统生存时间值的研究", 检验检疫学刊, no. 01 * |
| 黄凯;傅建明;黄坚伟;李鹏伟;: "一种基于字符及解析特征的恶意域名检测方法", 计算机仿真, no. 03 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115277636B (en) | 2023-08-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109347787B (en) | Identity information identification method and device | |
| CN107273269B (en) | Log analysis method and device | |
| JP7242975B2 (en) | Method, digital system, and non-transitory computer-readable storage medium for object classification in a decision tree-based adaptive boosting classifier | |
| CN108234630B (en) | Data reading method and device based on distributed consistency protocol | |
| WO2018001078A1 (en) | Url matching method and device, and storage medium | |
| CN116432604A (en) | Data verification method and device and electronic equipment | |
| CN112328732A (en) | Sensitive word detection method and device and sensitive word tree construction method and device | |
| WO2021169239A1 (en) | Crawler data recognition method, system and device | |
| CN111353580A (en) | Training method of target detection network, electronic device and storage medium | |
| CN111198906A (en) | Data processing method, device and system and storage medium | |
| CN110659019B (en) | Parameter verification method, device and server | |
| CN111258905A (en) | Defect positioning method and device, electronic equipment and computer readable storage medium | |
| CN113129298B (en) | Method for identifying definition of text image | |
| CN115277636A (en) | Method and system for analyzing extensive domain name | |
| CN111291649B (en) | Image recognition method and device and electronic equipment | |
| CN111221823B (en) | Data processing method and device based on link management table | |
| CN115794697A (en) | Memory access method and device | |
| WO2013149155A2 (en) | Incremental contour-extraction scheme for binary image segments | |
| CN113870754B (en) | Method and system for judging defects of panel detection electronic signals | |
| CN115080815A (en) | Enterprise relation visualization method and system | |
| TW201935331A (en) | Task running method and apparatus, and electronic device | |
| CN110059563B (en) | Text processing method and device | |
| CN110443746B (en) | Picture processing method and device based on generation countermeasure network and electronic equipment | |
| CN112765433B (en) | Text keyword scanning method, device, equipment and computer readable storage medium | |
| CN108289084B (en) | Access traffic blocking method and apparatus, and non-transitory computer-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |