公开(公告)号：US20180176248A1

公开(公告)日：2018-06-21

申请号：US15385977

申请日：2016-12-21

申请人： VERISIGN, INC.

发明人： Ashkan Nikravesh ,  Matthew Thomas ,  Danny McPherson ,  Eric Osterweil ,  Gautam Gudavalli ,  Tomofumi Okubo

IPC分类号： H04L29/06 ,  H04L12/733 ,  G06F17/30

CPC分类号： H04L63/1466 ,  G06F17/30864 ,  H04L45/20 ,  H04L47/286 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/1458

摘要： Systems and methods for detecting spoofed traffic include determining a first hop count of a first data query from a first transmitting device to a first server, determining a second hop count of a second data query from the first transmitting device to a second server, determining a third hop count of a third data query appearing to be from the first transmitting device to the first server, and determining a fourth hop count of a fourth data query appearing to be from the first transmitting device to the second server. The third and fourth hop counts are compared to the first and second hop counts, respectively. It is determined whether the third hop count differs from the first hop count by more than a predetermined amount.

公开(公告)号：US09342698B2

公开(公告)日：2016-05-17

申请号：US14531424

申请日：2014-11-03

申请人： VERISIGN, INC.

发明人： Danny McPherson ,  Eric Osterweil

IPC分类号： G06F15/16 ,  G06F21/60 ,  G06F17/30 ,  H04L29/12 ,  H04L29/06

CPC分类号： G06F21/60 ,  G06F17/30864 ,  H04L61/1511 ,  H04L61/305 ,  H04L63/0407

摘要： An apparatus and a non-transitory computer-readable medium may perform a method of minimizing the disclosure of a domain name contained in a DNS query. The method may include determining a first label and a second label associated with a domain name included in a DNS query. A first nameserver may be queried for a first resource record type associated with the first label without revealing information related to the second label by removing information related to the second label from the DNS query. A response may be received from the first nameserver, and the response may include the first resource record type which directs a resolver to a second nameserver. The second nameserver may be queried for a second resource record type associated with the first label and the second label.

摘要翻译： 一种装置和非暂时计算机可读介质可以执行最小化包含在DNS查询中的域名的公开的方法。 该方法可以包括确定与包括在DNS查询中的域名相关联的第一标签和第二标签。 可以通过从DNS查询中移除与第二标签相关的信息来查询与第一标签相关联的第一资源记录类型，而不透露与第二标签相关的信息。 可以从第一名称服务器接收响应，并且响应可以包括将解析器指向第二名称服务器的第一资源记录类型。 可以查询与第一标签和第二标签相关联的第二资源记录类型的第二名称服务器。

公开(公告)号：US11943197B1

公开(公告)日：2024-03-26

申请号：US17958085

申请日：2022-09-30

申请人： VeriSign, Inc.

发明人： Danny McPherson ,  Eric Osterweil

IPC分类号： H04L61/4511 ,  H04W4/021 ,  H04W4/80

CPC分类号： H04L61/4511 ,  H04W4/021 ,  H04W4/80

摘要： Embodiments relate to systems, devices, non-transitory computer-readable storage media, and computer-implemented methods for resolving DNS requests by receiving a first Domain Name System (DNS) resolution request, extracting first contextual data from the first DNS resolution request, determining to apply a first resolution rule based on the first contextual data and a contextual condition, forwarding the first DNS resolution request to a DNS resolver based on applying the first resolution rule, receiving a second DNS resolution request, extracting second contextual data from the second DNS resolution request, determining to apply a second resolution rule based on the second contextual data and the contextual condition, and retrieving a resource in response to the second DNS resolution request based on applying the second resolution rule.

公开(公告)号：US11882109B2

公开(公告)日：2024-01-23

申请号：US17062147

申请日：2020-10-02

申请人： VERISIGN, INC.

发明人： Danny McPherson ,  Joseph Waldron ,  Eric Osterweil

IPC分类号： G07F19/00 ,  H04L9/40 ,  H04L61/4511

CPC分类号： H04L63/0823 ,  H04L61/4511 ,  H04L63/083

摘要： A method, system, and computer-readable memory containing instructions include receiving a DNS request containing authentication information, validating the authentication information, determining an appropriate action to take based on the validating status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.

公开(公告)号：US20180183677A1

公开(公告)日：2018-06-28

申请号：US15901685

申请日：2018-02-21

申请人： VERISIGN, INC.

发明人： Danny McPherson

IPC分类号： H04L12/24 ,  H04L29/06 ,  H04L29/12

CPC分类号： H04L41/12 ,  H04L41/50 ,  H04L61/1511 ,  H04L61/1552 ,  H04L63/0823 ,  H04L63/168

摘要： A Domain Name System (“DNS”) package and a method for providing domain name resolution services in a partitioned network are disclosed. The system may include one or more built-in root name servers; one or more built-in top level domain (“TLD”) name servers; and a recursive name server. The recursive name server may be configured to query the one or more built-in root name servers during domain name resolution. Moreover, the one or more built-in root name servers may be configured to provide a network address corresponding to one of the built-in TLD name servers in response to a domain name resolution query sent by the recursive name server.

公开(公告)号：US20170019371A1

公开(公告)日：2017-01-19

申请号：US15147387

申请日：2016-05-05

申请人： VERISIGN, INC.

发明人： Eric Osterweil ,  G. Craig Murray ,  Abedelaziz Mohaisen ,  Danny McPherson

IPC分类号： H04L29/12 ,  H04L29/08

CPC分类号： H04L61/1511 ,  H04L63/126 ,  H04L67/2842

摘要： Systems, devices and methods for a Domain Name Data Networking (DNDN) content delivery system are disclosed. Embodiments perform operations including obtaining a content object having a unique identifier. The operations also include storing a local instance of the content object in association with DNS resource records and the unique identifier. The operations further include providing the local instance of the content to a client in response to receiving a request from the client including the unique identifier.

摘要翻译： 公开了域名数据网络（DNDN）内容传送系统的系统，设备和方法。 实施例执行包括获得具有唯一标识符的内容对象的操作。 这些操作还包括与DNS资源记录和唯一标识符相关联地存储内容对象的本地实例。 这些操作进一步包括响应于从客户端接收包括唯一标识符的请求，向客户端提供内容的本地实例。

公开(公告)号：US11477159B1

公开(公告)日：2022-10-18

申请号：US15392530

申请日：2016-12-28

申请人： VERISIGN, INC.

发明人： Danny McPherson ,  Eric Osterweil

IPC分类号： H04L61/4511 ,  H04W4/021 ,  H04W4/80

摘要： Embodiments relate to systems, devices, non-transitory computer-readable storage media, and computer-implemented methods for resolving DNS requests by receiving a first Domain Name System (DNS) resolution request, extracting first contextual data from the first DNS resolution request, determining to apply a first resolution rule based on the first contextual data and a contextual condition, forwarding the first DNS resolution request to a DNS resolver based on applying the first resolution rule, receiving a second DNS resolution request, extracting second contextual data from the second DNS resolution request, determining to apply a second resolution rule based on the second contextual data and the contextual condition, and retrieving a resource in response to the second DNS resolution request based on applying the second resolution rule.

公开(公告)号：US10819697B1

公开(公告)日：2020-10-27

申请号：US16354043

申请日：2019-03-14

申请人： VERISIGN, INC.

发明人： Danny McPherson ,  Joseph Waldron ,  Eric Osterweil

IPC分类号： G07F19/00 ,  H04L29/06 ,  H04L29/12

摘要： A method, system, and computer-readable memory containing instructions include receiving a DNS request containing authentication information, validating the authentication information, determining an appropriate action to take based on the validating status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.

公开(公告)号：US10560339B2

公开(公告)日：2020-02-11

申请号：US15901685

申请日：2018-02-21

申请人： VERISIGN, INC.

发明人： Danny McPherson

IPC分类号： H04L12/24 ,  H04L29/12 ,  H04L29/06

摘要： A Domain Name System (“DNS”) package and a method for providing domain name resolution services in a partitioned network are disclosed. The system may include one or more built-in root name servers; one or more built-in top level domain (“TLD”) name servers; and a recursive name server. The recursive name server may be configured to query the one or more built-in root name servers during domain name resolution. Moreover, the one or more built-in root name servers may be configured to provide a network address corresponding to one of the built-in TLD name servers in response to a domain name resolution query sent by the recursive name server.

公开(公告)号：US11824829B2

公开(公告)日：2023-11-21

申请号：US17882414

申请日：2022-08-05

申请人： VeriSign, Inc.

发明人： Eric Osterweil ,  G. Craig Murray ,  Abedelaziz Mohaisen ,  Danny McPherson

IPC分类号： H04L61/4511 ,  H04L67/568 ,  H04L61/58 ,  H04L9/40

CPC分类号： H04L61/4511 ,  H04L61/58 ,  H04L67/568 ,  H04L63/126

摘要： Systems, devices and methods for a Domain Name Data Networking (DNDN) content delivery system are disclosed. Embodiments perform operations including obtaining a content object having a unique identifier. The operations also include storing a local instance of the content object in association with DNS resource records and the unique identifier. The operations further include providing the local instance of the content to a client in response to receiving a request from the client including the unique identifier.