公开(公告)号：EP2659414A1

公开(公告)日：2013-11-06

申请号：EP11808990.3

申请日：2011-12-12

申请人： Verisign, Inc.

发明人： PANDRANGI, Ramakant ,  SCALZO, Frank

IPC分类号： G06F21/00 ,  H04L9/08

CPC分类号： G06F21/6209 ,  G06F2221/2131 ,  H04L9/0894

摘要： Methods and systems for providing a secure SSL certificate escrow service comprise: providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key; receiving the encrypted copy of the private key from the private key holder via the secure upload webpage; storing the encrypted copy of the private key in memory; providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key; receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage; and decrypting the private key in response to the instruction to decrypt the private key.

摘要翻译： 用于提供安全SSL证书托管服务的方法和系统包括：为私钥持有者提供安全上传网页以上传私钥的加密副本; 通过安全上传网页从私钥持有者接收私钥的加密副本; 将私钥的加密副本存储在存储器中; 提供用于私钥持有者的安全解密网页，以使私钥托管服务能够解密私钥; 从所述私钥持有者通过所述安全解密网页接收解密所述私钥的指令; 以及响应于解密所述私钥的指令来解密所述私钥。

公开(公告)号：EP2619958A1

公开(公告)日：2013-07-31

申请号：EP11764451.8

申请日：2011-09-23

申请人： Verisign, Inc.

发明人： PANDRANGI, Ramakant

IPC分类号： H04L29/06 ,  H04L12/56

CPC分类号： H04L47/10 ,  H04L63/0227 ,  H04L63/1416 ,  H04L63/1458

摘要： A method and system to mitigate an attack over the Internet includes collecting information related to a plurality of client IP addresses from a plurality of sources and analyzing the collected information to determine confidence scores for the plurality of client IP addresses. The method and system also include receiving network traffic from the Internet and limiting network traffic from a first subset of the plurality of client IP addresses characterized by a confidence score less than a first threshold. The method, and system further include determining a level of the network traffic and limiting network traffic from a second subset of the plurality of client IP addresses characterized by a confidence score less than a second threshold greater than the first threshold

公开(公告)号：EP3062465A1

公开(公告)日：2016-08-31

申请号：EP16157741.6

申请日：2016-02-26

申请人： VeriSign, Inc.

发明人： LABROU, Yannis ,  SCALZO, Frank ,  PANDRANGI, Ramakant

IPC分类号： H04L12/26

CPC分类号： H04L41/0816 ,  H04L43/0852 ,  H04L61/1511 ,  H04L61/6004

摘要： Systems, methods, and computer-readable mediums are provided that access a set of data related to a plurality of domain name system (DNS) requests for a plurality of subnets in a network. A subset of the set of data that is a representative sample of the set of data is selected. Latency of the subset of the data is estimated and latency is estimated for the totality of the data. A portion of the network is modified based on the estimated latency of the totality of the data.

摘要翻译： 提供了访问与网络中的多个子网的多个域名系统（DNS）请求相关的一组数据的系统，方法和计算机可读介质。 选择作为该组数据的代表性样本的一组数据的子集。 估计数据子集的延迟，并估计数据的总数。 基于所估计的数据总和的等待时间来修改网络的一部分。

公开(公告)号：EP2659614A1

公开(公告)日：2013-11-06

申请号：EP11808991.1

申请日：2011-12-12

申请人： Verisign, Inc.

发明人： BHOGAVILLI, Suresh ,  GUIMARAES, Roberto ,  PANDRANGI, Ramakant ,  SCALZO, Frank

IPC分类号： H04L9/32 ,  H04L29/06

CPC分类号： H04L63/1416 ,  H04L9/0825 ,  H04L63/0428 ,  H04L63/1458 ,  H04L67/02 ,  H04L2463/141 ,  H04L2463/144

摘要： Methods and systems for detecting and responding to Denial of Service (“DoS”) attacks comprise: detecting a DoS attack or potential DoS attack against a first server system comprising one or more servers; receiving, at a second server system comprising one or more servers, network traffic directed to the first server system; subjecting requesting clients to one or more challenge mechanisms, the challenge mechanisms including one or more of challenging requesting clients to follow through HTTP redirect responses, challenging requesting clients to request Secure Sockets Layer (SSL) session resumption, or challenging requesting clients to store and transmit HTTP cookies; identifying one or more non-suspect clients, the one or more suspect clients corresponding to requesting clients that successfully complete the one or more challenge mechanisms; identifying one or more suspect clients, the one or more suspect clients corresponding to requesting clients that do not successfully complete the one or more challenge mechanisms; and forwarding, by the second server system, traffic corresponding to the one or more non-suspect clients to the first server system. Once a client has been validated, clients may communicate directly with application servers in a secure manner by transparently passing through one or more intermediary proxy servers.

公开(公告)号：EP2569711A1

公开(公告)日：2013-03-20

申请号：EP11781340.2

申请日：2011-05-13

申请人： VeriSign, Inc. ,  Georgia Tech Research Corporation

发明人： PANDRANGI, Ramakant ,  FEAMSTER, Nicholas G. ,  HAO, Shuang

IPC分类号： G06F15/173

CPC分类号： H04L63/1425 ,  H04L63/1416

摘要： Systems and methods are disclosed for identifying domains as malicious based on Internet-wide DNS lookup patterns. Disclosed embodiments look for variance in the servers that look up a domain and also look at the popularity growth (quantity of queries from unique addresses) of a domain after registration to identify malicious domains. Other disclosed embodiments measure the similarity of servers that query a domain and cluster domains based on the similarity of those servers. Disclosed embodiments may use such temporal and spatial lookup patterns as input to a blacklist process to more effectively and quickly blacklist domains based on their Internet-wide lookup patterns.

公开(公告)号：EP2619958B1

公开(公告)日：2018-02-21

申请号：EP11764451.8

申请日：2011-09-23

申请人： Verisign, Inc.

发明人： PANDRANGI, Ramakant

IPC分类号： H04L29/06 ,  H04L12/801

CPC分类号： H04L47/10 ,  H04L63/0227 ,  H04L63/1416 ,  H04L63/1458

摘要： A method and system to mitigate an attack over the Internet includes collecting information related to a plurality of client IP addresses from a plurality of sources and analyzing the collected information to determine confidence scores for the plurality of client IP addresses. The method and system also include receiving network traffic from the Internet and limiting network traffic from a first subset of the plurality of client IP addresses characterized by a confidence score less than a first threshold. The method, and system further include determining a level of the network traffic and limiting network traffic from a second subset of the plurality of client IP addresses characterized by a confidence score less than a second threshold greater than the first threshold

公开(公告)号：EP3113460A3

公开(公告)日：2017-04-19

申请号：EP16176731.4

申请日：2016-06-28

申请人： Verisign, Inc.

发明人： PANDRANGI, Ramakant ,  PHILLIPS, Denis

IPC分类号： H04L29/12 ,  H04L29/08 ,  H04L29/06

CPC分类号： H04L61/1511 ,  H04L43/04 ,  H04L47/16 ,  H04L61/106 ,  H04L63/10 ,  H04L67/1097 ,  H04L67/2814

摘要： Systems (100) and methods for enhanced monitoring and adaptive management of inter-network Domain Name System ("DNS") traffic include an information capture device (140) in a monitored network. The information capture device receives a redirected connection request originated by a client machine in the monitored network (15) in response to a modified DNS answer from a recursive name server outside of the monitored network, captures detailed information associated with the redirected connection request that is inaccessible to the recursive name server, and sends the captured information to a data storage accessible to the recursive name server for storage as augmented DNS data associated with the client machine and/or the redirected connection request. The information capture device further provides, in response to the redirected connection request, an adaptive answer generated based on the augmented DNS data to the client machine.

摘要翻译： 用于网络间域名系统（“DNS”）流量的增强监控和自适应管理的系统（100）和方法包括被监控网络中的信息捕获设备（140）。 信息捕获设备响应来自被监视网络外部的递归名称服务器的修改的DNS应答，接收受监控网络（15）中的客户机发起的重定向连接请求，捕获与被重定向的连接请求相关联的详细信息，该重定向连接请求是 递归名称服务器无法访问，并将捕获的信息发送到递归名称服务器可访问的数据存储器，作为与客户端计算机和/或重定向连接请求相关联的扩充DNS数据进行存储。 信息捕获设备还响应于重定向的连接请求，向客户机提供基于增强的DNS数据产生的自适应答案。

公开(公告)号：EP3113460A2

公开(公告)日：2017-01-04

申请号：EP16176731.4

申请日：2016-06-28

申请人： Verisign, Inc.

发明人： PANDRANGI, Ramakant ,  PHILLIPS, Denis

IPC分类号： H04L29/12 ,  H04L29/08 ,  H04L29/06

CPC分类号： H04L61/1511 ,  H04L43/04 ,  H04L47/16 ,  H04L61/106 ,  H04L63/10 ,  H04L67/1097 ,  H04L67/2814

摘要： Systems (100) and methods for enhanced monitoring and adaptive management of inter-network Domain Name System ("DNS") traffic include an information capture device (140) in a monitored network. The information capture device receives a redirected connection request originated by a client machine in the monitored network (15) in response to a modified DNS answer from a recursive name server outside of the monitored network, captures detailed information associated with the redirected connection request that is inaccessible to the recursive name server, and sends the captured information to a data storage accessible to the recursive name server for storage as augmented DNS data associated with the client machine and/or the redirected connection request. The information capture device further provides, in response to the redirected connection request, an adaptive answer generated based on the augmented DNS data to the client machine.

摘要翻译： 用于对网络间域名系统（“DNS”）业务进行增强监控和自适应管理的系统（100）和方法包括被监控网络中的信息捕获设备（140）。 信息捕获设备响应于来自被监测网络外部的递归名称服务器的修改的DNS应答，接收由被监控网络（15）中的客户机发起的重定向连接请求，捕获与重定向连接请求相关联的详细信息， 所述递归名称服务器不可访问，并且将所捕获的信息发送到所述递归名称服务器可访问的数据存储器，以存储为与所述客户机器和/或所述重定向连接请求相关联的扩充DNS数据。 信息俘获装置响应于重定向连接请求而进一步提供基于扩充的DNS数据产生到客户端机器的自适应答案。