作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2019, Vol. 45 ›› Issue (11): 24-31. doi: 10.19678/j.issn.1000-3428.0055140

所属专题: 区块链技术专题

• 区块链技术专题 • 上一篇    下一篇

基于超级账本的DNS协同防御体系研究

叶崛宇, 岳巧丽, 王骞, 张海阔   

  1. 中国互联网络信息中心, 北京 100190
  • 收稿日期:2019-06-07 修回日期:2019-07-22 发布日期:2019-07-26
  • 作者简介:叶崛宇(1983-),男,硕士,主研方向为区块链技术、信息安全;岳巧丽、王骞(通信作者),硕士;张海阔,博士。
  • 基金资助:
    国家自然科学基金(61303242)。

Research on DNS Collaborative Defense System Based on Hyperledger

YE Jueyu, YUE Qiaoli, WANG Qian, ZHANG Haikuo   

  1. China Internet Network Information Center, Beijing 100190, China
  • Received:2019-06-07 Revised:2019-07-22 Published:2019-07-26

摘要: 针对传统域名系统(DNS)防御体系难以有效抵抗饱和流量攻击和域名劫持攻击的问题,建立网络流及状态迁移模型,从理论上分析并研究遏制网络攻击的关键因素,进而提出基于超级账本的DNS协同防御体系。通过联盟链整合多方资源共同对抗网络攻击,并利用超级账本的通道架构和背书策略实现隐私保护,促进网络信息共享。分析结果表明,该协同防御体系在数据层面和业务层面均具有较强的安全性,为解决域名行业安全问题提供了借鉴作用。

关键词: 域名系统, 区块链, 超级账本, 隐私保护, 协同防御

Abstract: Traditional defense system based on Domain Name System(DNS) is vulnerable to saturated traffic attacks and DNS hijacking attacks.To address the problem,this paper performs theoretical analysis and research on key factors in preventing network attacks,and constructs a model for network flows and state transitions.On this basis,a DNS collaborative defense system based on hyperledger is proposed.In the system,multi-lateral resources are integrated through consortium blockchains for collaborative resistance to network attacks.The channel architecture and endorsement policies of hyperledger are used to implement privacy protection and network information sharing.Analysis results show that the collaborative defense system is highly safe at the data level and the service level,providing a feasible solution to security threats in the domain name industry.

Key words: Domain Name System(DNS), blockchain, hyperledger, privacy protection, collaborative defense

中图分类号: