최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0629433 (2015-02-23) |
등록번호 | US-9930131 (2018-03-27) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 21 인용 특허 : 454 |
Generally described, the present disclosure is directed to managing request routing functionality corresponding to resource requests for one or more resources associated with a content provider. The processing of the DNS requests by the service provider can include the selective filtering of DNS que
Generally described, the present disclosure is directed to managing request routing functionality corresponding to resource requests for one or more resources associated with a content provider. The processing of the DNS requests by the service provider can include the selective filtering of DNS queries associated with a DNS query-based attack. A service provider can assign DNS servers corresponding to a distributed set of network addresses, or portions of network addresses, such that DNS queries exceeding a threshold, such as in DNS query-based attacks, can be filtered in a manner that can mitigate performance impact on for the content provider or service provider.
1. A computer-implemented method for managing DNS queries comprising: determining, at a service provider, whether DNS queries associated with an identifiable domain exceed a threshold number of DNS queries that can be processed by a service provider;determining, at the service provider, whether to f
1. A computer-implemented method for managing DNS queries comprising: determining, at a service provider, whether DNS queries associated with an identifiable domain exceed a threshold number of DNS queries that can be processed by a service provider;determining, at the service provider, whether to filter the one or more DNS queries based on the threshold number of DNS queries; andcausing, at the service provider, the filtering of at least one of the one or more DNS queries based on the threshold number of DNS queries, wherein the filtering of the at least one or more DNS queries comprises filtering at least one of the one or more DNS queries based on assigned network addresses for a DNS server authoritative for the identified domain, and wherein causing the filtering of at least one of the one or more DNS queries based on the threshold number of DNS queries comprises causing the filtering of at least one or more DNS queries received at the service provider and directed to one or more assigned network address subdivisions or zones available to the service provider based on access control lists. 2. The computer-implemented method as recited in claim 1, wherein causing the filtering of at least one of the one or more DNS queries includes causing at least one of the one or more DNS queries to be answered by an alternative set of DNS servers. 3. The computer-implemented method as recited in claim 1, wherein causing the filtering of at least one of the one or more DNS queries includes transmitting a request to filter one or more DNS queries for domains in which service provider DNS servers are authoritative. 4. The computer-implemented method as recited in claim 1, wherein determining whether to filter the one or more DNS queries includes determining whether to filter based on a percentage of DNS queries allowed to be processed. 5. The computer-implemented method as recited in claim 1 further comprising obtaining, at the service provider, at least a portion of the one or more DNS queries associated with the identifiable domain. 6. The computer-implemented method as recited in claim 1 further comprising: determining, at the service provider, whether DNS queries associated with a different identifiable domain exceed a threshold number of DNS queries that can be processed by a service provider; anddetermining, by the service provider, not to filter the one or more DNS queries associated with a different identifiable domain, wherein the determination corresponds to a percentage of DNS queries allowed to be processed. 7. The computer-implemented method as recited in claim 2, wherein causing at least one of the one or more DNS queries to be answered by an alternative set of DNS servers includes forwarding the at least one of the one or more DNS queries to the alternative set of DNS servers. 8. A system for DNS query processing comprising: a DNS query processor, at a service provider, coupled to memory and operative to: obtain registration information for registering one or more content providers with the service provider, the registration corresponding to hosting at least a portion of request routing functionality associated with one or more resources provided by the content provider;determine whether DNS queries associated with an identifiable domain exceed a threshold number of DNS queries that can be processed by the service provider;determine whether to filter the one or more DNS queries based on the threshold number of DNS queries; andcause the filtering of at least one of the one or more DNS queries based on the threshold number of DNS queries, wherein the filtering of the at least one or more DNS queries comprises filtering at least one of the one or more DNS queries based on assigned network addresses for a DNS server authoritative for the identified domain, and wherein causing the filtering of at least one of the one or more DNS queries based on the threshold number of DNS queries comprises causing the filtering of at least one or more DNS queries received at the service provider and directed to one or more assigned network address subdivisions or zones available to the service provider based on access control lists. 9. The system as recited in claim 8, wherein the range of available service provider network addresses corresponds to a plurality of network address zone such that each network address zone is defined according to a division of available network addresses for service provider DNS server components. 10. The system as recited in claim 8, wherein the DNS query processor is further operative to: obtain one or more additional DNS queries, the additional DNS queries corresponding to the identifiable domain, wherein the DNS server component corresponds to a different assigned network from a range of available service provider network addresses;associate the one or more DNS queries with the identified set of DNS queries exceeding a threshold number of DNS queries that can be processed by a service provider; anddetermine not to filter the one or more DNS queries. 11. The system as recited in claim 8, wherein the DNS query processor selectively filters the DNS queries causing at least one of the one or more DNS queries to be answered by an alternative set of DNS servers. 12. The system as recited in claim 11, wherein the DNS query processor causes at least one of the one or more DNS queries to be answered by an alternative set of DNS servers by forwarding the at least one of the one or more DNS queries to the alternative set of DNS servers. 13. The system as recited in claim 8, wherein the DNS query processor determines whether to filter the one or more DNS queries based on the associated set of DNS queries based on a percentage of DNS queries allowed to be processed. 14. A non-transitory, computer-readable storage medium having one or more computer-executable components for managing DNS queries, the one or more computer-executable components comprising computer-executable instructions to: determine, at a service provider, whether DNS queries associated with an identifiable domain exceed a threshold number of DNS queries that can be processed by a service provider;determine, at the service provider, whether to filter the one or more DNS queries based on the threshold number of DNS queries; andcause, at the service provider, the filtering of at least one of the one or more DNS queries based on the threshold number of DNS queries, wherein the filtering of the at least one or more DNS queries comprises filtering at least one of the one or more DNS queries based on assigned network addresses for a DNS server authoritative for the identified domain, and wherein causing the filtering of at least one of the one or more DNS queries based on the threshold number of DNS queries comprises causing the filtering of at least one or more DNS queries received at the service provider and directed to one or more assigned network address subdivisions or zones available to the service provider based on access control lists. 15. The computer-readable storage medium as recited in claim 14, wherein determining whether to filter the one or more DNS queries includes determining whether to filter based on a percentage of DNS queries allowed to be processed. 16. The computer-readable storage medium as recited in claim 14, wherein causing the filtering of at least one of the one or more DNS queries includes causing at least one of the one or more DNS queries to be answered by an alternative set of DNS servers. 17. The computer-readable storage medium as recited in claim 16, wherein causing at least one of the one or more DNS queries to be answered by an alternative set of DNS servers includes forwarding the at least one of the one or more DNS queries to the alternative set of DNS servers. 18. The computer-readable storage medium as recited in claim 14, wherein causing the filtering of at least one of the one or more DNS queries includes transmitting a request to filter one or more DNS queries for domains in which service provider DNS servers are authoritative.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.