摘要
DNS是Internet应用基础,通过DNS映射主机名和IP地址信息来保证两者间正常解析,但DNS设计有先天缺陷,使得其成为被网络攻击的首要对象。为了研究DNS攻击检测方法,从网络遭受DNS攻击的特性等方面分析,提出将捕获到的数据包进行过滤,并将过滤后数据信息通过K-means聚类算法分为不同类别,再用相应算法判定该类数据是否为DNS攻击。
DNS is the basis of Intemet application. In order to ensure the normal parsing information between the hostname and IP address, the DNS using mapping methods. But DNS makes it the primary object of network attack because of its birth defects. In order to study the DNS attack detection methods, the article analyzes the characteristics of DNS attack from networks, proposes to filter the captured data packets, and divide these data into different categories by using K-means methods, and then whether the data is DNS attack is determined by the corresponding algorithm.
出处
《计算机时代》
2016年第7期31-33,共3页
Computer Era