CAJ | 학술논문

域名信息探测是企业网络安全评估和渗透测试的重要内容。针对当前蛮力扫描和 DNSenum 等基于字典的探测方法普遍存在获取信息不全、过度依赖数据字典的问题，建立了基于 Markov 链的域名结构模型，提取出域名起始字符集合与分布、状态转移矩阵等域名统计与分布特征，提出了一种新域名的生成算法。对．com、．net 和．org 三类通用域名进行抽样探测，实验结果表明，该算法在探测域名数量、探测域名集的区分度和探测效率上优于现有方法 DNSenum。
역명신식탐측시기업망락안전평고화삼투측시적중요내용。침대당전만력소묘화 DNSenum 등기우자전적탐측방법보편존재획취신식불전、과도의뢰수거자전적문제，건립료기우 Markov 련적역명결구모형，제취출역명기시자부집합여분포、상태전이구진등역명통계여분포특정，제출료일충신역명적생성산법。대．com、．net 화．org 삼류통용역명진행추양탐측，실험결과표명，해산법재탐측역명수량、탐측역명집적구분도화탐측효솔상우우현유방법 DNSenum。
Domain name system (DNS)information detection is an important issue of network security assessment and penetration testing for enterprises.As current brute force scanning and the dictionary-based detection methods such as DNSenum,etc.commonly have the prob-lems of incomplete information acquisition and being over-dependent on data dictionaries,we build the Markov chain-based domains structure model,extract the statistics and distribution features of domain names such as its starting character sets and state transition matrix,and pro-pose a new domains generation algorithm.At last,sampling survey is conducted on three common domain names of .com,.net and .org,ex-perimental result demonstrates that our algorithm performs better than the existing method of DNSenum in terms of the number of domain names detected,the differentiation of detected domain name sets and the detection efficiency.