网络与信息安全学报2024,Vol.10Issue(5):39-55,17.DOI:10.11959/j.issn.2096-109x.2024065
防护性DNS服务关键技术研究综述
Survey on key technologies for protective DNS service
摘要
Abstract
The domain name system(DNS)is a naming service for Internet resources that provides the function of converting from domain names to IP addresses.It serves as the entry point for users to access Internet applications and is also the key point for client-side security threat perception and mitigation.Common DNS abuses and related security threats on the client side include phishing,malware,and other attacks based on DNS.The protective DNS(PDNS)service leverages the existing DNS protocol and architecture to detect and mitigate threats by analyzing DNS queries,thereby protecting users against potential security threads at the source.Currently,a systematic intro-duction and research on PDNS service in academia and industry is lacking.The existing work,application status,and architecture and functions of PDNS were systematically sorted out.The key technologies associated with PDNS,including DNS-related threat mitigation,DNS anomaly detection,threat intelligence management,and data storage and management technology,were reviewed.The issues and challenges faced by PDNS were analyzed,and future development trends and research directions for PDNS were proposed.关键词
域名系统/防护性DNS服务/域名威胁处置/DNS异常检测/威胁情报管理/数据存储管理Key words
domain name system(DNS)/protective DNS(PDNS)service/DNS threat mitigation/DNS anomaly de-tection/threat intelligence management/data storage management分类
信息技术与安全科学引用本文复制引用
马永征,李洪涛,马中胜,胡卫宏,张中献..防护性DNS服务关键技术研究综述[J].网络与信息安全学报,2024,10(5):39-55,17.基金项目
国家重点研发计划(2022YFB3105000) The National Key R&D Program of China(2022YFB3105000) (2022YFB3105000)
