Design And Development Of The Malicious Domain Identification System Based On DNS

Domain Name System(DNS) is a system used to solve how to name online machine on the Internet. Like visiting a friend must first know how to reach his house, when a host computer try to visit another one, its address must first be informed. The IP address of TCP/IP is consist of four figure part which separated by ".".It is more difficult the names for people to remember. Domain Name System as a distributed database that domain names and IP addresses can be mapped to each other, are able to make it easier for people to access the Internet, without having to remember the IP number string which the machines can directly read.However, as a forepart Internet protocol, Domain Name System was established on the basis of mutual trust model from initial design, and it was a completely exoteric collaboration system. Domain Name System dose exist lots of deficiencies. As a result, it becomes an important part of malicious network behavior, such as botnets, phishing sites and so on. With the growing popularity of Internet applications and the continuous increase in the number of Internet users, web planting Trojan technology continues to develop, the malicious website security threats to Internet users is increasing rapidly. In order to respond to such malicious network behavior, people through the way of domain name blacklist to prevent malicious domain activities as a traditional method. However, with the application of some new network technologies, the use of malicious domain name becomes more and more flexible. Large numbers of short life cycle malicious domain names, and corresponding relationship between rapid changed domain names and IP addresses make it difficult to cope with the traditional way. When malicious domain names introduce flexibility for its malicious behavior, they also introduce some characteristics different from the normal domain name inevitably. We can identify them with a certain accuracy by statistics and analysis for huge amounts of data. This article designed a system through the analysis of relevant domain feature information and then identify malicious domain name.Firstly, this paper bases on the discussing of Malicious Domain Identification System, analyses the functional and non-functional requirement, and describes particularly the system requirement by the use case.According to the requirement analyzing, this paper gives the system architecture design. Based on the system requirements, this paper puts up the system design goals and principles, and then separately discusses the technology and functional structures.And then we do amply design of the system. This part describes each part of the system by flow diagram, statement diagram and timing diagram. Besides, it amply describes the database design for the system, which includes database requirement analysis, database conceptual structure design and database logic structure design.At the4th part, we give the realization of each module on the basis of amply design. We emphasize the key feature of each module with code and show the realization interface.Finally, the realization of the Domain Dame Identification System is briefly described, and further improvements are advanced.To sum up, we design and realize Domain Name Identification System on the basis of more profound understanding to the malicious domain identification.