White listing DNS top-talkers
US8935744B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 26, 2013 |
| Grant date | Jan 13, 2015 |
| Priority date | — |
| Expiry date | Sep 26, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/142
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods for creating a list of trustworthy resolvers in a domain name system. A computer receives a resolver profile for a resolver sending queries to a domain name server. The resolver profile is based on any, or a combination, of a top-talker status of the resolver, a normalcy of distribution of domain names queried, a continuity of distribution of query type, and a RD bit status, and information related to query traffic based on the topology of the domain name server. Resolver profiles can be compared to a trust policy to determine whether the resolver is trustworthy. Resolvers deemed trustworthy can be added to a list of trustworthy resolvers. Embodiments can detect the occurrence of a network-based attack. Embodiments can mitigate the effect of a network-based attack by responding only to queries from resolvers on the list of trustworthy resolvers.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.