| 发明名称 |
DNS SNOOPING TO CREATE IP ADDRESS-BASED TRUST DATABASE USED TO SELECT DEEP PACKET INSPECTION AND STORAGE OF IP PACKETS |
| 摘要 |
At a network device through which client devices communicate with a network, a database is created that maps Internet Protocol (IP) addresses each to a respective trust metric for a domain name associated with the IP address. An IP packet sent from a client device to the network and that indicates a destination IP address for a network-accessible resource associated with a domain name is intercepted. Using the destination IP address in the intercepted IP packet, the domain name trust metric mapped to the destination IP address is retrieved from the database. IP packets received from the destination IP address are processed based on the retrieved domain name trust metric and a predetermined trust metric criterion. |
| 申请公布号 |
US2016373409(A1) |
申请公布日期 |
2016.12.22 |
| 申请号 |
US201514746155 |
申请日期 |
2015.06.22 |
| 申请人 |
Cisco Technology, Inc. |
发明人 |
Zhu Peter;Thirunarayanan Ashok |
| 分类号 |
H04L29/06;H04L29/12;G06F17/30;H04L29/08 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method comprising:
at a network device through which client devices communicate with a network:
creating an Internet Protocol (IP) address-based trust database that maps IP addresses each to a respective trust metric for a domain name associated with the IP address;intercepting an IP packet sent from a client device to the network and that indicates a destination IP address for a network-accessible resource associated with a domain name;using the destination IP address in the intercepted IP packet, retrieving from the IP address-based trust database the domain name trust metric mapped to the destination IP address; andprocessing IP packets received from the destination IP address based on the retrieved domain name trust metric and a predetermined trust metric criterion. |
| 地址 |
San Jose CA US |
