Настройки

Укажите год
-

Небесная энциклопедия

Космические корабли и станции, автоматические КА и методы их проектирования, бортовые комплексы управления, системы и средства жизнеобеспечения, особенности технологии производства ракетно-космических систем

Подробнее
-

Мониторинг СМИ

Мониторинг СМИ и социальных сетей. Сканирование интернета, новостных сайтов, специализированных контентных площадок на базе мессенджеров. Гибкие настройки фильтров и первоначальных источников.

Подробнее

Форма поиска

Поддерживает ввод нескольких поисковых фраз (по одной на строку). При поиске обеспечивает поддержку морфологии русского и английского языка
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Укажите год
Укажите год
Применить Всего найдено 211. Отображено 100.
06-06-2013 дата публикации

Discovering Security Devices Located on a Call Path and Extending Bindings at those Discovered Security Devices

Номер: US20130145044A1
Автор: Jennings Cullen, Rosenberg Jonathan D., Wing Daniel G.
Принадлежит: CISCO TECHNOLOGY, INC.

In one embodiment, an endpoint elicits a pattern of STUN responses to identify security devices located on a call path. The endpoint then uses address information from the identified security devices to establish an efficient media flow with a remote endpoint. The endpoint can optimize the number of network devices and network paths that process the endpoint's keepalive message. Additionally, the endpoint may request custom inactivity timeouts with each of the identified security devices for reducing bandwidth consumed by keepalive traffic. 1. An apparatus comprising:one or more processors; anda memory coupled to the one or more processors comprising instructions executable by the processors, the processors operable when executing the instructions to:receive and forward an outgoing address request at a security device;attach a local address for the security device to an incoming response elicited by the outgoing address request;forward the incoming response including the attached local address; andset a timeout duration of a local pinhole according to a setting provided by a generation source of the outgoing address request,wherein the timeout duration is configured using a first default value prior to the setting, and after the setting, the timeout duration has a second different value.2. The apparatus of claim 1 , wherein the processors are operable when executing the instructions to:locally store a Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) transaction identifier included in the outgoing address request; andcompare a value included in the incoming response to the locally stored STUN transaction identifier before attaching the local address to the incoming response.3. The apparatus of claim 2 , wherein the local address is attached to the incoming response only if the value included in the incoming response corresponds to the locally stored STUN transaction identifier.4. The apparatus of claim 1 , wherein the ...

Подробнее
Номер записи: 1
04-01-2018 дата публикации

INTERNET-BASED PROXY SERVICE TO MODIFY INTERNET RESPONSES

Номер: US20180004765A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Tourne Matthieu Philippe François
Принадлежит:

A proxy server receives from a client device a request for a network resource that is hosted at an origin server for a domain. The request is received at the proxy server as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server retrieves the requested network resource. The proxy server determines that the requested resource is an HTML page. The proxy server scans the HTML page to locate one or more modification tokens that each indicates content that is subject to being modified. For at least one of the located modification tokens, the proxy server automatically modifies at least a portion of the content of the HTML page that corresponds to that modification token. The proxy server then transmits the modified HTML page to the client device. 1. A method in a proxy server to modify Internet responses , comprising:receiving, from a client device, a request for a network resource that is hosted at an origin server for a domain, wherein the request is received at the proxy server as a result of a DNS (Domain Name System) request for the domain resolving to the proxy server, and wherein the origin server is one of a plurality of origin servers that belong to different domains that resolve to the proxy server and are owned by different entities;retrieving the requested network resource;determining that the requested network resource is an HTML (HyperText Markup Language) page;scanning the HTML page to locate one or more modification tokens, wherein each modification token indicates content that is subject to being modified;for at least one located modification token, automatically modifying at least a portion of the content of the HTML page that corresponds to that modification token; andtransmitting the modified HTML page to the client device.2. The method of claim 1 , wherein ...

Подробнее
Номер записи: 2
11-01-2018 дата публикации

REAL-TIME MESSAGING METHOD AND APPARATUS

Номер: US20180013704A1
Автор: KATIS Thomas E., PANTTAJA James T., PANTTAJA Mary G., RANNEY Matthew J.
Принадлежит:

A system and method for the late-biding of time-based media in real-time. With late binding, the sender may create time-based media before or at the same time an active delivery route to the recipient is discovered. As soon as the route becomes available, the media is transmitted. The existing DNS and email infrastructure is possibly used for route discovery, while any real-time transmission protocol may be used for the actual delivery of the media. “Progressive” emails may also be used for the real-time delivery of time-based media. 1a messaging module that creates a video message in response to an input indicative of an intent to create and send video to one or more recipients, the video message having a message header containing recipient identification information for the one or more recipients, the recipient information uniquely identifying each of the one or more recipients among a community of users,wherein the messaging module is further arranged to at least partially process separately the message header and the video media of the video message by communicating the message header, including the recipient identification information, to a server node on a communication network before creation of the video media of the video media is complete,wherein the server node uses the recipient identifier information, before creation of the video media is complete, to determine a delivery route to one or more recipient communication devices associated with the one or more recipients so that the video media can be streamed to the one or more recipient communication devices as the video media is streamed by the client communication device.. An application, embedded in a non-transitory tangible computer readable medium, the application intended to run on a client communication device and to support live video messaging, the application including: This application is a Continuation of U.S. application Ser. No. 15/233,325 (P020FC3), filed on Aug. 10, 2016. U.S. application ...

Подробнее
Номер записи: 3
10-01-2019 дата публикации

Proximity Routing For Session Based Applications Using Anycast

Номер: US20190014046A1
Автор: Spatscheck Oliver, Van Der Merwe Jacobus
Принадлежит: AT&T INTELLECTUAL PROPERTY II, L.P.

Certain exemplary embodiments can comprise a method, which can comprise automatically providing content to an information device from a content distribution node of a plurality of content distribution nodes. The information device can be adapted to send a request for the content from the first content distribution node utilizing an Internet Protocol (IP) address of the content distribution node. 1. A system comprising:a memory that stores instructions; providing, in response to a first request from a device for an address associated with content, an anycast internet protocol address;', 'determining whether the content is long-lived content based on the anycast internet protocol address being a first anycast internet protocol address that is associated with the long-lived content rather than a second anycast internet protocol address that is associated with short-lived content;', 'providing, to the device, an unicast internet protocol address of a first content distribution node when the content is determined to be the long-lived content; and', 'transmitting, in response to a second request for the content, the content to the device., 'a processor that executes the instructions to perform operations, the operations comprising2. The system of claim 1 , wherein the operations further comprise receiving the second request for the content claim 1 , wherein the second request comprises the unicast internet protocol address.3. The system of claim 1 , wherein the operations further comprise selecting claim 1 , based on the anycast internet protocol address claim 1 , the first content distribution node from a plurality of content distribution nodes.4. The system of claim 1 , wherein the operations further comprise selecting the first content distribution node based on the first content distribution node being physically nearest to the device claim 1 , based on a logical proximity of the first content distribution node to the device claim 1 , or a combination thereof.5. The ...

Подробнее
Номер записи: 4
16-01-2020 дата публикации

Entity ip mapping

Номер: US20200021612A1
Автор: Aleksandr Yampolskiy, Nick Matviko, Rob Blackin, Samuel Kassoumeh
Принадлежит: SecurityScorecard Inc

Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses.

Подробнее
Номер записи: 5
25-01-2018 дата публикации

SYSTEM AND METHOD FOR AUTOMATIC CONFIGURATION OF DOMAIN NAMES BY THIRD PARTIES

Номер: US20180026937A1
Автор: Blinn Arnold Neil, GUPTA Nitin, Mahajan Rahul
Принадлежит:

Systems and methods for creating custom domain name links are provided. At least one server communicatively coupled to a network receives a request to create a custom domain name link to a third party service. The request identifies a custom domain name. The at least one server retrieves, from a third party service link database, an entry for the third party service specifying how to create the custom domain name link for the third party service and he at least one server creates the custom domain name link in accordance with the entry retrieved from the third party service link database. 1. A method , comprising:receiving, by at least one server communicatively coupled to a network, a request from a third party service to create a custom domain name link to the third party service on behalf of a user, the request identifying a custom domain name and the third party service;accessing, by the at least one server, a third party service link database to identify an entry for the third party service specifying an Internet protocol (IP) address or a domain of the third party service;creating, without further input from the third party service, a DNS entry pointing the custom domain name to a web server accessible to the at least one server; andcreating, on the web server and without further input from the third party service, a URL redirect to redirect Internet traffic directed to the custom domain name to the third party service.2. The method of claim 1 , wherein the entry in the third party service link database includes a variable and the request includes a value and including replacing the variable in the entry with the value when creating the DNS entry.3. The method of claim 1 , wherein creating claim 1 , on the web server claim 1 , the URL redirect to redirect Internet traffic directed to the custom domain name to the third party service includes:determining, using the request, a user account identifier; andincluding the user account identifier in the URL redirect ...

Подробнее
Номер записи: 6
01-02-2018 дата публикации

INTERNET PROTOCOL VERSION 6 CONTENT ROUTING

Номер: US20180034902A1
Автор: Lee Seungjoon, Spatscheck Oliver, Van Der Merwe Jacobus
Принадлежит: AT&T Intellectual Property I, L.P.

A content delivery system includes a cache server, a domain name server, and a redirector. The domain name server is configured to receive a request for a cache server address, and provide an IPv6 anycast address. The redirector is configured to receive a content request addressed to the IPv6 anycast address from a client system, receive load information from the cache server, and determine if the cache server is available. The redirector is further configured to forward the content request to the cache server when the cache server is available. The cache server is configured to receive the content request forwarded from the redirectors, send a response to the content request to a client system, the response including an IPv6 unicast address of the cache server as a source address, an IPv6 unicast address of the client system as a destination address, and the IPv6 anycast address as a home address, and provide the content to the requestor. 1. A system , comprising:a memory that stores instructions; determining whether a local cache server located in a first cache server location is available, wherein the local cache server is available for a request for content when a load of the local cache server is below a first threshold for the local cache server and above a second threshold for the local cache server;', 'determining an alternate optimal cache server location based on a relative distance to each alternate cache server location in a list of alternate optimal cache server locations;', 'forwarding, when the local cache server is determined to not be available, the request for content to the alternate optimal cache server location from the list of alternate optimal cache server locations; and', 'receiving the content from the alternate optimal cache server location., 'a processor that executes the instructions to perform operations, the operations comprising2. The system of claim 1 , wherein the operations further comprise determining the load for the local cache ...

Подробнее
Номер записи: 7
08-02-2018 дата публикации

MALWARE DOMAIN DETECTION USING PASSIVE DNS

Номер: US20180041521A1
Автор: Wang Xinran, Xie Huagang, XU WEI, Zhang Yanxin
Принадлежит:

Techniques for malware domain detection using passive Domain Name Service (DNS) are disclosed. In some embodiments, malware domain detection using passive DNS includes generating a malware association graph that associates a plurality of malware samples with malware source information, in which the malware source information includes a first domain; generating a reputation score for the first domain using the malware association graph and passive DNS information; and determining whether the first domain is a malware domain based on the reputation score for the first domain. 1. (canceled)2. A system for malware domain detection using passive Domain Name Service (DNS) , comprising: generate a malware association graph that associates a plurality of malware samples with malware source information, wherein the malware source information includes a first domain;', 'generate a first cluster of the malware association graph associating Internet Protocol (IP) address related source information and domain related source information with a first malware sample; and', 'determine whether a DNS name server is malicious based on the first cluster; and, 'a processor configured toa memory coupled to the processor and configured to provide the processor with instructions.3. The system recited in claim 2 , wherein the processor is further configured to:generate a reputation score for the first domain using the malware association graph and passive DNS information, wherein the reputation score is based at least in part on a determination that the first domain resolves to a first Internet Protocol (IP) address associated with the first cluster in the malware association graph, and wherein the first domain is determined to be a malware domain if the reputation score for the first domain exceeds a threshold value.4. The system recited in claim 2 , wherein the first cluster of the malware association graph associates related Internet Protocol (IP) address information and related domain ...

Подробнее
Номер записи: 8
07-02-2019 дата публикации

POINT OF PRESENCE MANAGEMENT IN REQUEST ROUTING

Номер: US20190044787A1
Автор: Cormie John, MacCarthaigh Colm, Redman Benjamin W.S., Richardson David R.
Принадлежит:

A system and method for the management of client computing device DNS queries and subsequent resource requests within a content delivery network service provider domain are provided. The management of the DNS queries can include the selection of computing devices corresponding to various Point of Presence locations for processing DNS queries. Additionally, the management of the content requests can include the selection of computing devices corresponding to resource cache components corresponding to various Point of Presence locations for providing requested content. The selection of the computing devices can incorporate logic related to geographic criteria, testing criteria, and the like. 1obtaining at a first domain name system (DNS) server of a content delivery network (CDN), a DNS query from a client computing device, wherein the DNS query corresponds to a requested resource and comprises an original uniform resource locator (URL);identifying, at the first DNS server, two or more alternative DNS servers of the CDN operative to receive DNS queries;selecting, at the first DNS server, a second DNS server from the identified two or more alternative DNS servers, the second DNS server being selected based, at least in part, on a comparison of performance measurement information for the two or more alternative DNS servers relative to a minimum performance threshold;obtaining, at the first DNS server, an alternative URL corresponding to the selected second DNS server, wherein the alternative URL is different from the original URL;causing, by the first DNS server, transmission of the alternative URL to the client computing device; andobtaining a subsequent DNS query from the client computing device at the selected second DNS server of the CDN, wherein the subsequent DNS query corresponds to the alternative URL.. A computer-implemented method to process content requests comprising: This application is a continuation of U.S. patent application Ser. No. 12/892,819, entitled ...

Подробнее
Номер записи: 9
14-02-2019 дата публикации

INTERNET-BASED PROXY SECURITY SERVICES

Номер: US20190052576A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Zatlyn Michelle Marie
Принадлежит:

A proxy server receives from a client device a request to perform an action on an identified resource that is hosted at an origin server for a domain. The proxy server receives the request as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server and the origin servers are owned by different entities. The proxy server analyzes the request to determine whether a visitor belonging to that request poses a threat. If the proxy server determines that the visitor poses a threat, the proxy server blocks the request and transmits a block page to the client device that indicates that the request has been blocked. 1. A method in a proxy server , comprising:receiving, from a client device, a request to perform an action on an identified resource that is hosted at an origin server for a domain as a result of a DNS (Domain Name System) request for the domain resolving to the proxy server, wherein the origin server is one of a plurality of origin servers that belong to different domains that resolve to the proxy server and are owned by different entities, and wherein the proxy server and the plurality of origin servers are owned by different entities;analyzing the request to determine whether a visitor belonging to the request poses a threat; blocking the request, and', 'transmitting a block page to the client device that indicates that the request has been blocked., 'responsive to a determination that the visitor belonging to the request poses a threat, performing the following2. The method of claim 1 , further comprising:customizing the block page based on one or more of: a set of one or more characteristics associated with the request and a set of one or more characteristics associated with the domain.3. The method of claim 1 , wherein analyzing the request to determine whether the visitor ...

Подробнее
Номер записи: 10
01-03-2018 дата публикации

MANAGE ENCRYPTED NETWORK TRAFFIC USING DNS RESPONSES

Номер: US20180063097A1
Автор: Martini Paul Michael, Martini Peter Anthony
Принадлежит:

This present disclosure generally relates to managing encrypted network traffic using Domain Name System (DNS) responses. One example method includes requesting an address associated with the a domain name from a resolution server, the domain name included in a predetermined set of domain names for which secure requests are to be identified domain name from a resolution server; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received one or more addresses; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name. 1. A computer-implemented method executed by one or more processors , the method comprising:requesting an address associated with a domain name from a resolution server, the domain name included in a predetermined set of domain names for which secure requests are to be identified;receiving a response from the resolution server including one or more addresses associated with the domain name;associating with the domain name a particular address selected from the received one or more addresses;receiving a request to resolve the domain name;sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name;receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; anddetermining that the secure request is directed to the domain name based on the association between the ...

Подробнее
Номер записи: 11
07-03-2019 дата публикации

NETWORK DEVICE, NETWORK DEVICE CONTROL METHOD, AND STORAGE MEDIUM

Номер: US20190075077A1
Автор: Shizuno Kaori
Принадлежит:

A network device is available to communicate with an external server managing a combination of an address of a device and identification information identifying the device. The network device selects an address to be registered on the external server from multiple addresses corresponding to the network device and registers the selected address on the external server along with identification information identifying the network device. 116.-. (canceled)17. A network system comprising:a server having a Domain Name System (DNS) function, configured to manage a host name of a communication apparatus, the host name being managed associated with an IP address notified from the communication apparatus; anda communication apparatus to which a plurality of IPv6 addresses are allowed to be set,wherein the communication apparatus notifies the server of a first IPv6 address from among the plurality of IPv6 addresses but does not notify the server of a second IPv6 address from among the plurality of IPv6 addresses based on the setting processing of the IPv6 address.18. A communication apparatus capable of communicating with a server which provides a Domain Name System (DNS) function for managing an IP address associated with a host name , a plurality of IPv6 addresses being allowed to be set to the communication apparatus , the communication apparatus comprising:at least one controller configured to function as:a unit configured to notify the server of a first IPv6 address from among the plurality of IPv6 addresses but does not notify the server of a second IPv6 address from among the plurality of IPv6 addresses based on the setting processing of the IPv6 address.19. The communication apparatus according to claim 18 , whereinthe second IPv6 address is a link local address and the first UPv6 address is an address different than the link local address.20. The communication apparatus according to claim 19 , whereinthe address different than the link local address is any one of a ...

Подробнее
Номер записи: 12
12-03-2020 дата публикации

CUSTOMIZED DOMAIN NAMES IN A CONTENT DELIVERY NETWORK

Номер: US20200084083A1
Автор: Brady Mark, Fullagar David, Hesketh Gifford Neal, Newton Christopher
Принадлежит: LEVEL 3 COMMUNICATIONS, LLC

A computer-implemented method, operable in a content delivery network (CDN) including a plurality of cache servers and domain name servers. At a cache server in the CDN, a first domain name is obtained, the first domain name being associated with a client request for a resource from the cache server. One or more values associated with the client request are determined and a second domain name is generated, including information from the first domain name and information relating to the one or more values associated with the client request. The second domain name is provided to the client. A domain name server in the CDN obtains a request to resolve a first domain name; extracts one or more keys and one or more corresponding values from the first domain name, and generates a second domain name based on the first domain name, the second domain name excluding information from the first domain name relating to the one or more keys and the one or more values. The name server resolves the second domain name using at least some of the one or more values extracted from the first domain name. 110-. (canceled)11. A computer-implemented method , operable in a content delivery network (CDN) comprising a plurality of cache server sites and a domain name system including one or more domain name servers configured to provide domain name resolution , and , the method comprising:(A) at a domain name server in the CDN, obtaining a request to resolve a first domain name;(B) extracting one or more keys and one or more corresponding values from said first domain name;(C) generating a second domain name based on said first domain name, said second domain name excluding information from said first domain name relating to said one or more keys and said one or more values; and(D) resolving said second domain name using at least some of the one or more values extracted from the first domain name.12. The method of wherein the one or more values associated with the client request include one ...

Подробнее
Номер записи: 13
21-03-2019 дата публикации

Multi-Tiered Server Network

Номер: US20190089776A1
Автор: Brady Mark, Hagberg Aric, Koller Jeffrey G., PFITZNER David, Salmon John K., Stolorz Paul E., Warren Michael S., Yevmenkin Maksim
Принадлежит:

A network includes a first tier of servers, a second tier of servers and a third tier of servers. The first tier of servers comprises a plurality of primary servers capable of responding to requests. The plurality of primary servers includes at least one dynamic server having a load share characteristic that is dynamically altered during a first period in time and at least one static server having a constant load share characteristic during the first period in time. The second tier of servers includes at least two first layer overflow servers. Each of the first layer overflow servers is configured to provide response duties in the event that one or more of the primary servers is unavailable or overloaded. The third tier of servers comprising at least two second layer overflow servers. Each of the second layer overflow servers is configured to provide response duties in the event that one or more of the primary servers is unavailable or overloaded and one or more of the first layer overflow servers is unavailable or overloaded. 1 at least one dynamic server having a load share characteristic that is dynamically altered during a first period in time; and', 'at least one static server having a constant load share characteristic during the first period in time;, 'a first tier of servers comprising a plurality of primary servers capable of responding to requests, wherein the plurality of primary servers comprisesa second tier of servers comprising at least two first layer overflow servers, wherein each of the first layer overflow servers is configured to provide response duties in the event that one or more of the primary servers is unavailable or overloaded; anda third tier of servers comprising at least two second layer overflow servers, wherein each of the second layer overflow servers is configured to provide response duties in the event that one or more of the primary servers is unavailable or overloaded and one or more of the first layer overflow servers is ...

Подробнее
Номер записи: 14
19-03-2020 дата публикации

ONLINE PORTAL FOR IMPROVING CYBERSECURITY RISK SCORES

Номер: US20200092320A1
Автор: Blackin Rob, Heid Alexander, Kassoumeh Samuel, Yampolskiy Aleksandr
Принадлежит:

Determining an entity's cybersecurity risk and benchmarking that risk includes non-intrusively collecting one or more types of data associated with an entity. Embodiments further include calculating a security score for at least one of the one or more types of data based, at least in part, on processing of security information extracted from the at least one type of data, wherein the security information is indicative of a level of cybersecurity. Some embodiments also comprise assigning a weight to the calculated security score based on a correlation between the extracted security information and an overall security risk determined from analysis of one or more previously-breached entities in the same industry as the entity. Additional embodiments include calculating an overall cybersecurity risk score for the entity based, at least in part, on the calculated security score and the weight assigned to the calculated security score. 1. A method for comparing an entity's cybersecurity risk using a cybersecurity risk assessment portal , the method comprising:receiving, via the cybersecurity risk assessment portal operating on one or more machines, a request to compare the entity's cybersecurity risk based, at least in part, on a first set of attributes of the entity, the first set of attributes comprising an industry in which the entity operates and an identification of one or more of the entity's competitors;identifying one or more data sources from which to collect one or more types of data relating to the entity's cybersecurity risk and the one or more of the entity's competitors' cybersecurity risk;ranking, based on the one or more types of data collected from the identified one or more data sources, the entity's cybersecurity risk and the one or more of the entity's competitors' cybersecurity risk;transmitting, via the cybersecurity risk assessment portal operating on the one or more machines, data relating to the ranking.2. The method of claim 1 , further ...

Подробнее
Номер записи: 15
01-04-2021 дата публикации

Internet connected household identification for online measurement & dynamic content delivery

Номер: US20210099419A1
Автор: Brian C. DeFrancesco, Christopher J. Vanderhook, Timothy C. Vanderhook
Принадлежит: VIANT TECHNOLOGY LLC

A method, apparatus, system, and computer readable storage medium provide the ability to identify an internet connected household (ICH). An Internet Protocol (IP) address is received at an Internet entity. Determinations are made regarding whether device activity from the IP address does not exceed a defined activity threshold and whether an IP assignment age for the IP address is greater than a defined threshold age. Based on the determinations, the IP address can be identified as belonging to an ICH or not.

Подробнее
Номер записи: 16
26-03-2020 дата публикации

SYSTEM AND METHOD FOR DETECTING AND REPORTING ONLINE ACTIVITY USING REAL-TIME CONTENT-BASED NETWORK MONITORING

Номер: US20200099756A1
Автор: Angeles Patrick
Принадлежит:

A computerized system and method for tracking and reporting online activity across a plurality of clients and servers is disclosed that intercepts and logs secure and non-secure HTTP request and response pages, analyzes each of the received page records, associates each page record to an event type based on user-defined parameters, identifies and extracts user-defined attributes of each page record based on its event type, and reports on the occurrence of the event along with its associated attributes. 130-. (canceled)31. A method of capturing on a computer programmed digital electrical tracking system information about activity of a user browser accessing a Web server , the method comprising:providing, the user browser with a Web page containing a URL specifying both an address of a computer-programmed tracking system and information that specifies a URL on the Web server;upon receipt by the tracking system of a Web page request from the user browser, determining a Web server URL from the Web page request;identifying and extracting captured information, including information indicating that the user browser has requested the Web server URL and content returned to the user's browser, requested from the Web server URL by the user browser;storing the captured information stored within a database;associating the content with at least one site page correlated with at least one event trigger and with a parse method;encoding an original URL as part of the tracking system's URL path to construct at least one rewritten URL;embedding said at least one rewritten URL in a response such that a browser request to at least one said rewritten embedded URL is sent to the tracking system; andcausing the Web page specified by the Web server URL to be returned to the user browser, wherein the causing is carried out such that the Web pagespecified by the Web server URL to be returned to the user includesredirecting the user browser to the Web page on the Web browser; andreporting, via ...

Подробнее
Номер записи: 17
02-06-2022 дата публикации

UPDATING ROUTING INFORMATION BASED ON CLIENT LOCATION

Номер: US20220174010A1
Автор: Marshall Bradley Eugene, Richardson David R., Sivasubramanian Swaminathan
Принадлежит:

A system, method, and computer-readable medium for updating request routing information associated with client location information are provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a resource identifier for requested content from the client computing device. The content delivery network service provider obtains a query IP address corresponding to the client computing device. Based on routing information associated with the query IP address, the content delivery network service provider routes the DNS query. The process further includes monitoring performance data associated with the transmission of the requested resource and updating routing information associated with the query IP address based on the performance data for use in processing subsequent requests form the client computing device. 1. A computer-implemented method comprising:obtaining a first domain name system (DNS) query from a client computing device at a first DNS server, wherein the first DNS query is associated with a first requested resource and wherein the first DNS server is associated with a content delivery network service;obtaining a query interne protocol (IP) address associated with the first DNS query at the first DNS server, wherein the query IP address is associated with the client computing device;obtaining, at the first DNS server from a data store including IP address to location-based identifier mappings, a location-based identifier based on at least a portion of the query IP address;determining a point of presence (POP) associated with the location-based identifier;resolving, by a component at the determined POP, the first DNS query.2. The computer-implemented method as recited in further comprising updating routing information in the routing data store associated with the query IP address based on performance data associated with processing the first DNS query.3. The computer-implemented ...

Подробнее
Номер записи: 18
11-04-2019 дата публикации

SYSTEM AND METHOD FOR IMPLEMENTING APPLICATION FUNCTIONALITY WITHIN A NETWORK INFRASTRUCTURE

Номер: US20190109924A1
Автор: Kouts Michael, Plumb Mark, Vange Mark, Wilson Glenn Sydney
Принадлежит:

A system and method for implementing functionality within a network on behalf of first and second devices communicating with each other through the network. A front-end device is provided within the network that communicates data traffic with the first device. A back-end device is also implemented within the network and communicates data traffic with the second device. A communication channel couples the front-end device and the back-end device. Data traffic may be encoded into a different type or protocol for transport through the communication channel by the front-end device and back-end device. The front-end device and back-end device exchange quality of service information and may alter characteristics of the data traffic through the communication channel according to the quality of service information. 1. A communication network component configured to convert data packets of a first protocol received from N first computing devices into data packets of a second protocol configured for transmission over an enhanced network link to a second computing device , comprising:at least one processor;at least one memory configured to store machine readable code executable by said at least one processor;at least one first communication interface; andmachine readable code stored in said at least one memory and configured to cause said at least one processor to, relative to N data buffers corresponding to said N first computing devices:determine a total number of bytes of data available to be sent from said N buffers;determine a number of bytes of data to be sent from each of said N buffers based upon a weighted proportion of data associated with each N buffer to said total number of bytes;create a data packet of said second protocol comprising obtaining data packets of said first protocol in said determined number of bytes from each of said N buffers and combining said data packets of said first protocol; andtransmit said data packet of said second protocol over said ...

Подробнее
Номер записи: 19
25-04-2019 дата публикации

CANONICAL NAME (CNAME) HANDLING FOR GLOBAL SERVER LOAD BALANCING

Номер: US20190124039A1
Автор: Kommula Sunanda Lakshmi
Принадлежит: Avago Technologies International Sales Pte. Limited

Canonical name (CNAME) handling is performed in a system configured for global server load balancing (GSLB), which orders IP addresses into a list based on a set of performance metrics. When the GSLB switch receives a reply from an authoritative DNS server, the GSLB switch scans the reply for CNAME records. If a CNAME record is detected and it points to a host name configured for GSLB, then a GSLB algorithm is applied to the reply. This involves identifying the host name (pointed to by the CNAME record) in the reply and applying the metrics to the list of returned IP addresses corresponding to that host name, to reorder the list to place the “best” IP address at the top. If the CNAME record in the reply points to a host name that is not configured for GSLB, then the GSLB sends the reply unaltered to the inquiring client. 1. An apparatus configured to perform load balancing in a network , the apparatus comprising: receive a domain name system (DNS) reply to a DNS request to resolve an alias host name that is an alias for a primary domain, wherein the DNS reply includes a canonical name (CNAME) record identifying the primary domain and one or more network addresses that correspond with the primary domain;', 'detect the CNAME record identifying the primary domain in the DNS reply; and', 'apply a load balancing algorithm to the one or more network addresses received in the DNS request to resolve the alias host name., 'circuitry configured to'}2. The apparatus of claim 1 , wherein the processing circuitry is configured to control transmitting claim 1 , to a client that originated the DNS request claim 1 , a response that includes a list of the one or more network addresses ordered according to the load balancing algorithm.3. The apparatus of claim 2 , wherein the list of one or more network addresses provided in the DNS reply includes one or more virtual IP addresses.4. The apparatus of claim 1 , wherein the processing circuitry is configured to apply the load balancing ...

Подробнее
Номер записи: 20
03-06-2021 дата публикации

INTERNET-BASED PROXY SERVICE TO LIMIT INTERNET VISITOR CONNECTION SPEED

Номер: US20210165843A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Pye Ian Gerald
Принадлежит:

A proxy server for limiting Internet connection speed of visitors that pose a threat. The proxy server receives from a client device a request to perform an action on an identified resource that is hosted at an origin server for a domain. The proxy server receives the request as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server analyzes the request to determine whether a visitor belonging to the request poses a threat. If the proxy server determines that the visitor poses a threat, the proxy server reduces the speed at which the proxy server processes the request while keeping a connection to the client device open. 1. A method in a proxy server for limiting Internet connection speed of visitors that pose a threat , comprising:receiving, from a client device, a request to perform an action on an identified resource that is hosted at an origin server for a domain as a result of a DNS (Domain Name System) request for the domain resolving to the proxy server, wherein the origin server is one of a plurality of origin servers that belong to different domains that resolve to the proxy server and are owned by different entities;analyzing the request to determine whether a visitor belonging to the request poses a threat; andresponsive to a determination that the visitor belonging to the request poses a threat, reducing the speed at which the proxy server processes the request while keeping a connection to the client device open.2. The method of claim 1 , wherein analyzing the request to determine whether the visitor poses a threat includes performing the following: a global restricted IP address list that identifies IP addresses that are not allowed to access content of any of the plurality of origin servers, and', 'a local IP restricted address list that identifies IP addresses that ...

Подробнее
Номер записи: 21
09-05-2019 дата публикации

INTERNET-BASED PROXY SERVICE TO LIMIT INTERNET VISITOR CONNECTION SPEED

Номер: US20190138560A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Pye Ian Gerald
Принадлежит:

A proxy server for limiting Internet connection speed of visitors that pose a threat. The proxy server receives from a client device a request to perform an action on an identified resource that is hosted at an origin server for a domain. The proxy server analyzes the request to determine whether a visitor belonging to the request poses a threat. If the proxy server determines that the visitor poses a threat, the proxy server reduces the speed at which the proxy server processes the request while keeping a connection to the client device open. 1. A method in a proxy server for limiting Internet connection speed of visitors that pose a threat , comprising:receiving, from a client device at the proxy server, a request to perform an action on an identified resource that is hosted at an origin server for a domain;analyzing the request to determine whether a visitor associated with the request poses a threat;determining, from the analyzing, that the visitor associated with the request poses a threat; andresponsive to the determining that the visitor associated with the request poses a threat, reducing the speed at which the proxy server processes the request while keeping a connection to the client device open.2. The method of claim 1 , wherein analyzing the request to determine whether the visitor poses a threat includes performing the following: a global restricted IP address list that identifies IP addresses that are not allowed to access content of any of a plurality of origin servers, and', 'a local IP restricted address list that identifies IP addresses that are not allowed to access content of the requested origin server., 'determining whether an IP address of the request is on one or more of3. The method of claim 1 , wherein responsive to the determining that the visitor associated with the request poses a threat claim 1 , further performing the following:blocking the request from being transmitted to the origin server;generating a response that includes a set of ...

Подробнее
Номер записи: 22
30-04-2020 дата публикации

ENTITY IP MAPPING

Номер: US20200137106A1
Автор: Blackin Rob, Kassoumeh Samuel, Matviko Nick, Yampolskiy Aleksandr
Принадлежит:

Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses. 1. A method for mapping Internet Protocol (IP) addresses to an entity , the method comprising:receiving, by one or more processors, one or more domain names associated with the entity;identifying, by the one or more processors, one or more variations of the one or more domain names based on analysis of domain name data collected from one or more domain name data sources;identifying, by the one or more processors, one or more IP addresses pointed to by the identified one or more variations of the one or more domain names based on analysis of IP address data collected from one or more IP address data sources; andmapping at least one of the identified one or more IP addresses to the entity based on a correlation between the identified one or more IP addresses and the identified one or more variations of the one or more domain names.2. The method of where identifying one or more IP addresses comprises collecting one or more IP addresses that map to the one or more variations of the one or more domain names.3. The method of where the correlation is determined by steps comprising:assigning a larger weight to an IP address of the identified one or ...

Подробнее
Номер записи: 23
10-06-2021 дата публикации

CYBERSECURITY RISK ASSESSMENT ON AN INDUSTRY BASIS

Номер: US20210176267A1
Автор: Blackin Rob, Heid Alexander, Kassoumeh Samuel, Yampolskiy Aleksandr
Принадлежит:

Determining an entity's cybersecurity risk and benchmarking that risk includes non-intrusively collecting one or more types of data associated with an entity. Embodiments further include calculating a security score for at least one of the one or more types of data based, at least in part, on processing of security information extracted from the at least one type of data, wherein the security information is indicative of a level of cybersecurity. Some embodiments also comprise assigning a weight to the calculated security score based on a correlation between the extracted security information and an overall security risk determined from analysis of one or more previously-breached entities in the same industry as the entity. Additional embodiments include calculating an overall cybersecurity risk score for the entity based, at least in part, on the calculated security score and the weight assigned to the calculated security score. 1. A method for benchmarking one company's cybersecurity risk against the cybersecurity risks of other companies , the method comprising:collecting, at a cybersecurity scoring system distinct from a plurality of companies, non-intrusive data relating to the plurality of companies, where the non-intrusive data is collected without obtaining permission to collect the non-intrusive data from the plurality of companies by the cybersecurity scoring system;storing, in non-transitory memory of the cybersecurity scoring system, a set of attributes for each of the plurality of companies, the set of attributes comprising at least one of an identity of: the identity of the plurality of companies, a number of employees attributable to the plurality of companies; and an industry of the plurality of companies;calculating, at the cybersecurity scoring system, for each of the plurality of companies, an individual cybersecurity risk score based, at least in part, on the set of attributes stored for a respective company of the plurality of companies; ...

Подробнее
Номер записи: 24
10-06-2021 дата публикации

ENTITY IP MAPPING

Номер: US20210176270A1
Автор: Blackin Rob, Kassoumeh Samuel, Matviko Nick, Yampolskiy Aleksandr
Принадлежит:

Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses. 1. A method for mapping Internet Protocol (IP) addresses to an entity , the method comprising:determining, by one or more processors operating in a network, one or more variations of at least one domain name;identifying, by the one or more processors, one or more IP addresses pointed to by the one or more variations of at least one domain name; and a first weight to an IP address of the identified one or more IP addresses pointed to by a first number of the one or more variations of at least one domain name, and', 'a second weight to an IP address of the identified one or more IP pointed to by a second number of the one or more variations of at least one domain name;, 'assigning, by the one or more processorswhere the first weight is greater than the second weight, andwhere the first number is greater than the second number.2. The method of where identifying one or more IP addresses comprises collecting one or more IP addresses that map to the one or more variations of at least one domain name.3. The method of further comprising:mapping IP addresses to the entity based on analysis of the first weighted IP address and the second weighted IP ...

Подробнее
Номер записи: 25
16-05-2019 дата публикации

SYSTEM AND METHOD FOR AUTOMATIC CONFIGURATION OF DOMAIN NAMES BY THIRD PARTIES

Номер: US20190149507A1
Автор: Blinn Arnold Neil, GUPTA Nitin, Mahajan Rahul
Принадлежит:

Systems and methods for creating custom domain name links are provided. At least one server communicatively coupled to a network receives a request to create a custom domain name link to a third party service. The request identifies a custom domain name. The at least one server retrieves, from a third party service link database, an entry for the third party service specifying how to create the custom domain name link for the third party service and he at least one server creates the custom domain name link in accordance with the entry retrieved from the third party service link database. 1. A method , comprising:receiving, by at least one server communicatively coupled to a network, a request to create a custom domain name link from a custom domain name to a third party service;accessing, by the at least one server, a third party service link database to identify an entry for the third party service specifying either a uniform resource locator (URL) redirect-based custom domain name link or a domain name system (DNS)-based custom domain name link; creating, without further input from a user, a first DNS entry pointing the custom domain name to a web server, and', 'creating, on the web server, a URL redirect to redirect Internet traffic directed to the custom domain name to the third party service; and, 'when the entry specifies the URL redirect-based custom domain name link for the third party servicewhen the entry specifies the DNS-based custom domain name link for the third party service, creating, without further input from the user, a second DNS entry pointing the custom domain name to the third party service.2. The method of claim 1 , further comprising claim 1 , when the entry specifies the DNS-based custom domain name link for the third party service claim 1 , causing the third party service to create a custom domain name mapping that maps the custom domain name to a user account associated with the request.3. The method of claim 1 , wherein creating claim 1 ...

Подробнее
Номер записи: 26
07-06-2018 дата публикации

REQUEST ROUTING BASED ON CLASS

Номер: US20180159769A1
Автор: Marshall Bradley Eugene, Pope Elmore Eugene, Richardson David R., Scofield Christopher L., Sivasubramanian Swaminathan
Принадлежит:

A system and method for management and processing of resource requests is provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a requested resource from the client computing device. The content delivery network service provider associates the client computing device with a cluster of other client computing devices. Based on routing information for the cluster, the content delivery network service provider routes the DNS query. The process can further include monitoring performance data associated with the delivery of the requested resource and updating the routing information for the cluster based on the performance data for use in processing subsequent requests from client computing devices in the cluster. 1. A computer-implemented method comprising:as implemented by one or more computing devices of a content delivery network (CDN) service, the one or more computing devices configured with specific executable instructions,obtaining a Domain Name System (DNS) query from a client computing device at a first DNS server, wherein the DNS query is associated with a requested resource and wherein the first DNS server is associated with the CDN service;determining a class of the client computing device associated with the DNS query; andmodifying routing information for the class based on performance associated with delivery of the requested resource.2. The method as recited in claim 1 , wherein modifying the routing information includes modifying a probability of selection of an individual cache component for delivery of the requested resource.3. The method as recited in claim 1 , wherein modifying the routing information includes modifying a probability of selection of individual DNS servers used for processing the resource request for the determined class.4. The method as recited in claim 1 , wherein modifying the routing information comprises comparing a probability of selection of a ...

Подробнее
Номер записи: 27
24-06-2021 дата публикации

UPDATING ROUTING INFORMATION BASED ON CLIENT LOCATION

Номер: US20210194806A1
Автор: Marshall Bradley Eugene, Richardson David R., Sivasubramanian Swaminathan
Принадлежит:

A system, method, and computer-readable medium for updating request routing information associated with client location information are provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a resource identifier for requested content from the client computing device. The content delivery network service provider obtains a query IP address corresponding to the client computing device. Based on routing information associated with the query IP address, the content delivery network service provider routes the DNS query. The process further includes monitoring performance data associated with the transmission of the requested resource and updating routing information associated with the query IP address based on the performance data for use in processing subsequent requests form the client computing device. 1. A computer-implemented method comprising:obtaining a first domain name system (DNS) query from a client computing device at a first DNS server, wherein the first DNS query is associated with a first requested resource and wherein the first DNS server is associated with a content delivery network service;obtaining a query internet protocol (IP) address associated with the first DNS query at the first DNS server, wherein the query IP address is associated with the client computing device;obtaining, at the first DNS server from a data store including IP address to location-based identifier mappings, a location-based identifier based on at least a portion of the query IP address;resolving the first DNS query based on the location-based identifier;collecting performance data associated with transmission of the first requested resource; andupdating routing information in the routing data store associated with the query IP address based on the performance data.2. The method as recited in claim 1 , wherein the location-based identifier is different from the query IP address.3. The method as ...

Подробнее
Номер записи: 28
21-05-2020 дата публикации

CUSTOM RESPONSES FOR RESOURCE UNAVAILABLE ERRORS

Номер: US20200159791A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Zatlyn Michelle Marie
Принадлежит:

A proxy server receives from a client device a request for a network resource hosted at an origins server for a domain. The request is received at the proxy server as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains and resolve to the proxy server and are owned by different entities. The proxy server requests the network resource from the origin server. The proxy server receives a response from the origin server that indicates that the network resource is unavailable. The proxy server transmits a custom error page to the client device that indicates that the requested resource is unavailable. 1. A method in a proxy server for responding to resource unavailable errors , comprising:receiving, from a client device, a request for a network resource hosted at an origin server for a domain, wherein the request is received at the proxy server as a result of a DNS (Domain Name System) request for the domain resolving to the proxy server, and wherein the origin server is one of a plurality of origin servers that belong to different domains that resolve to the proxy server and are owned by different entities;requesting the network resource from the origin server;receiving a response from the origin server that indicates that the network resource is unavailable; andtransmitting a custom error page to the client device that indicates that the requested resource is unavailable.2. The method of claim 1 , further comprising:determining that the requested network resource has moved to a different location; andincluding in the custom error page a link to the different location for the requested network resource.3. The method of claim 2 , wherein determining that the requested network resource has moved to a different location includes matching a hash of the requested network resource with one of a plurality of hashes of other network resources hosted by the origin server.4. ...

Подробнее
Номер записи: 29
30-05-2019 дата публикации

SYSTEM AND METHOD EMPLOYING AN AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES

Номер: US20190166108A1
Автор: III Robert Dunham, Larson Victor, Munger Edmund Colby, Short, Williamson Michael
Принадлежит:

A method of establishing a secure communication link includes receiving, at a domain name server (DNS), a request to communicate securely, the request including an identifier of a client device and having been sent in response to a determination that a DNS request from the client device corresponds to a first computer configured to communicate securely. The method includes sending a second request to a server computer. In response to second request, the server computer compares the received client device identifier to one or more stored client device identifiers to determine a security level of the client device and determines a security level of the first computer. The sever computer determines, based on a comparison of the security level of the client device and the security level of the first computer, whether the client device is authorized to communicate with the first computer, and generates a resource used to establish the secure communication link between the client device and the first computer. The server computer generates a message in response to determining that the client device is not authorized to communicate with the first compute. The server computer, in response to determining that the client device is authorized to communicate with the first computer, makes the resource available to the client device to automatically establish the secure communication link. 120-. (canceled)21. A method of establishing a secure communication link , comprising:receiving, at a domain name server (DNS), a request to communicate securely, the request including an identifier of a client device and having been sent in response to a determination that a DNS request from the client device corresponds to a first computer configured to communicate securely;sending a second request to a server computer; comparing the received client device identifier to one or more stored client device identifiers to determine a security level of the client device;', 'determining a security ...

Подробнее
Номер записи: 30
06-06-2019 дата публикации

Request routing processing

Номер: US20190173972A1
Автор: Benjamin W.S. Redman, Colm MacCarthaigh, David R. Richardson
Принадлежит: Amazon Technologies Inc

Generally described, the present disclosure is directed to managing request routing functionality corresponding to resource requests for one or more resources associated with a content provider. The processing of the DNS requests by the service provider can include the selective filtering of DNS queries associated with a DNS query-based attack. A service provider can assign DNS servers corresponding to a distributed set of network addresses, or portions of network addresses, such that DNS queries exceeding a threshold, such as in DNS query-based attacks, can be filtered in a manner that can mitigate performance impact on for the content provider or service provider.

Подробнее
Номер записи: 31
27-06-2019 дата публикации

AUTOMATED WEBSITE GENERATION VIA INTEGRATED DOMAIN REGISTRATION, HOSTING PROVISIONING, AND WEBSITE BUILDING

Номер: US20190199681A1
Автор: Curran Nathan, Jilg Justin
Принадлежит:

Methods of the present inventions allow for generating and providing an enhanced domain name. An exemplary method may comprise providing an enhanced domain to a second party. The enhanced domain may comprise a domain name, a web space automatically enabled and associated with the domain name, and at least one application automatically enabled and associated with the domain name. 1. A system , comprising: identify a domain name registered to a registrant, the domain name being associated with a pre-configured application, wherein the pre-configured application requires no additional setup by the registrant to implement a functionality of the pre-configured application in combination with the domain name; and', 'after the domain name is registered to the registrant, and without receiving further requests from the registrant, publish a website at the domain name, the website including the pre-configured application., 'a server communicatively coupled to a network, the server being configured to2. The system of claim 1 , wherein the domain name is associated with a pre-configured hosting service and the website is hosted at the pre-configured hosting service.3. The system of claim 2 , wherein the pre-configured hosting service includes at least one hosting server computer having a bandwidth allotment.4. The system of claim 3 , wherein the domain name is associated with the bandwidth allotment.5. The system of claim 1 , wherein the pre-configured application includes at least one of an email application claim 1 , a blog application claim 1 , and a forum application.6. The system of claim 1 , wherein publishing the website includes installing the pre-configured application into a hosting service and enabling a functionality of the pre-configured application.7. The system of claim 1 , wherein the website includes a control panel configured to display options to configure and manage the pre-configured application.8. The system of claim 7 , wherein the control panel is ...

Подробнее
Номер записи: 32
18-06-2020 дата публикации

Request routing utilizing client location information

Номер: US20200195753A1
Автор: Benjamin W.S. Redman, David R. Richardson, Imran S. Patel, John Cormie, Richard Sheehan
Принадлежит: Amazon Technologies Inc

A system, method, and computer-readable medium for request routing based on client location information are provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a resource identifier for requested content from the client computing device. The content delivery network service provider transmits an alternative resource identifier in response to the client computing device DNS query. The alternative resource identifier is selected as a function of client location information. The client location information is obtained from information corresponding to a mapping of at least partial IP addresses to known locations. The client computing device then issues a second DNS query to the same content delivery network service provider. The content delivery network service provider can then either resolve the second DNS query or transmit another alternative resource identifier.

Подробнее
Номер записи: 33
19-07-2018 дата публикации

REAL-TIME MESSAGING METHOD AND APPARATUS

Номер: US20180205684A1
Автор: KATIS Thomas E., PANTTAJA James T., PANTTAJA Mary G., RANNEY Matthew J.
Принадлежит:

A system and method for the late-binding of time-based media in real-time. With late binding, the sender may create time-based media before or at the same time an active delivery route to the recipient is discovered. As soon as the route becomes available, the media is transmitted. The existing DNS and email infrastructure is possibly used for route discovery, while any real-time transmission protocol may be used for the actual delivery of the media. “Progressive” emails may also be used for the real-time delivery of time-based media. 1. An application , embedded in a non-transitory tangible computer readable medium , the application including instructions configured to run on a first communication device , the application configured to:create a video in response to an input to create and send video content to a recipient using identification information associated with the recipient;communicate the identification information, to a video service available over a network, before creation of the video content of the video is complete; andstart streaming the video content of the video, while the video content is created using the first communication device, without waiting for an end-to-end connection to be first established over the network with a second communication device associated with the recipient so that the video content can be at least partially rendered by the second communication device while the video content is streamed by the first communication device.2. The application of claim 1 , further configured to start the streaming of the video content to the video service before a location of the second communication device is known.3. The application of claim 1 , further configured to start the streaming of the video content without waiting for the video service to determine a location for the second communication device on the network.4. The application of claim 1 , further configured to start the streaming of the video content regardless of whether the ...

Подробнее
Номер записи: 34
29-07-2021 дата публикации

MANAGE ENCRYPTED NETWORK TRAFFIC USING DNS RESPONSES

Номер: US20210234846A1
Автор: Martini Paul Michael, Martini Peter Anthony
Принадлежит:

This present disclosure generally relates to managing encrypted network traffic using Domain Name System (DNS) responses. One example includes requesting an address; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received one or more addresses; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name. 1. A computer-implemented method executed by one or more processors , the method comprising:maintaining, before receiving a request to resolve a domain name, a predetermined set of domain names for which secure requests are to be identified and, for each of the domain names, at least one particular addressesreceiving from a particular client device, the request to resolve the domain name from a network that hosts a plurality of client devices including the particular client device;sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name;receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; anddetermining that the secure request is directed to the domain name based on the association between the particular address and the domain name.2. The method of claim 1 , wherein the domain name is a first domain name claim 1 , the method further comprising:requesting an address associated with a second domain name different than the first domain name from the resolution server; ...

Подробнее
Номер записи: 35
05-08-2021 дата публикации

INTERNET-BASED PROXY SERVICE TO MODIFY INTERNET RESPONSES

Номер: US20210240785A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Tourne Matthieu Philippe François
Принадлежит:

A proxy server receives from a client device a request for a network resource that is hosted at an origin server for a domain. The request is received at the proxy server as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server retrieves the requested network resource. The proxy server determines that the requested resource is an HTML page. The proxy server scans the HTML page to locate one or more modification tokens that each indicates content that is subject to being modified. For at least one of the located modification tokens, the proxy server automatically modifies at least a portion of the content of the HTML page that corresponds to that modification token. The proxy server then transmits the modified HTML page to the client device. 1. A method in a proxy server to modify Internet responses , comprising:receiving, from a client device, a request for a network resource that is hosted at an origin server for a domain, wherein the request is received at the proxy server as a result of a DNS (Domain Name System) request for the domain resolving to the proxy server, and wherein the origin server is one of a plurality of origin servers that belong to different domains that resolve to the proxy server and are owned by different entities;retrieving the requested network resource;determining that the requested network resource is an HTML (HyperText Markup Language) page;scanning the HTML page to locate one or more modification tokens, wherein each modification token indicates content that is subject to being modified;for at least one located modification token, automatically modifying at least a portion of the content of the HTML page that corresponds to that modification token; andtransmitting the modified HTML page to the client device.2. The method of claim 1 , wherein ...

Подробнее
Номер записи: 36
26-07-2018 дата публикации

DETERMINING AN APPLICATION DELIVERY SERVER BASED ON GEO-LOCATION INFORMATION

Номер: US20180212835A1
Автор: CHEN Lee, Chiong John
Принадлежит:

A method for web service load balancing may commence with receiving, from a local DNS server, a request for a web service. The local DNS server may be coupled to a web client requesting the web service. The request may include local DNS server information. The method may continue with determining a geographic location of the local DNS server based on the local DNS server information. The method may further include selecting a web server from a plurality of web servers based on the web service. The method may continue with determining a geographic location of the web server and determining that the geographic location of the local DNS server matches the geographic location of the web server. The method may further include selecting the web server based on the match. The method may continue with sending a response to the local DNS server. 1. A system for web service load balancing , the system comprising:a plurality of web servers; and receive, from the local DNS server, a request for a web service, the local DNS server being coupled to a web client requesting the web service, the request comprising local DNS server information;', 'based on the local DNS server information, determine a geographic location of the local DNS server;', 'based on the web service, select a web server from a plurality of web servers;', 'determine a geographic location of the web server;', 'determine that the geographic location of the local DNS server matches the geographic location of the web server;', 'based on the match, select the web server; and', 'send a response to the local DNS server, the response comprising information on the web server., 'a global load balancer coupled to a local domain name system (DNS) server, wherein the global load balancer is configured to2. The system of claim 1 , wherein the geographic location of the local DNS server comprises one of the following:a geographic location of the web client;a geographic location at which the local DNS server resides; anda ...

Подробнее
Номер записи: 37
26-07-2018 дата публикации

REQUEST ROUTING PROCESSING

Номер: US20180213052A1
Автор: MacCarthaigh Colm, Redman Benjamin W.S., Richardson David R.
Принадлежит:

Generally described, the present disclosure is directed to managing request routing functionality corresponding to resource requests for one or more resources associated with a content provider. The processing of the DNS requests by the service provider can include the selective filtering of DNS queries associated with a DNS query-based attack. A service provider can assign DNS servers corresponding to a distributed set of network addresses, or portions of network addresses, such that DNS queries exceeding a threshold, such as in DNS query-based attacks, can be filtered in a manner that can mitigate performance impact on for the content provider or service provider. 1. A system comprising: determine whether DNS queries associated with an identifiable domain exceed a threshold number of DNS queries that can be processed by a service provider;', 'determine whether to filter one or more DNS queries based on the threshold number of DNS queries;', 'cause the filtering of one or more of the DNS queries, wherein the filtering of one or more of the DNS queries comprises filtering one or more of the DNS queries based on assigned network addresses for a DNS server authoritative for the identified domain;', 'determine whether DNS queries associated with a different identifiable domain exceed a threshold number of DNS queries that can be processed by the service provider; and', 'determine not to filter the one or more DNS queries associated with the different identifiable domain, wherein the determination corresponds to a percentage of DNS queries allowed to be processed., 'a DNS query processor, at a service provider, coupled to memory and operative to2. The system as recited in claim 1 , wherein the DNS query processor selectively filters the DNS queries causing at least one of the one or more DNS queries to be answered by an alternative set of DNS servers.3. The system as recited in claim 2 , wherein the DNS query processor causes at least one of the one or more DNS queries ...

Подробнее
Номер записи: 38
04-07-2019 дата публикации

ENTITY IP MAPPING

Номер: US20190207972A1
Автор: Blackin Rob, Kassoumeh Samuel, Matviko Nick, Yampolskiy Aleksandr
Принадлежит:

Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses. 1. A method for mapping Internet Protocol (IP) addresses to an entity , the method comprising:receiving, by one or more processors, one or more domain names associated with the entity;identifying, by the one or more processors, one or more variations of the one or more domain names based on analysis of domain name data collected from a plurality of domain name data sources;identifying, by the one or more processors, one or more IP addresses pointed to by the identified one or more variations of the one or more domain names based on analysis of IP address data collected from a plurality of IP address data sources;determining, by the one or more processors, a correlation between the identified one or more IP addresses and the identified one or more variations of the one or more domain names; andmapping at least one of the identified one or more IP addresses to the entity based on the determined correlation between the identified one or more IP addresses and the identified one or more variations of the one or more domain names.2. The method of where identifying one or more IP addresses comprises collecting one or more IP addresses that map to the ...

Подробнее
Номер записи: 39
02-08-2018 дата публикации

CLASSIFYING A MESSAGE BASED ON LIKELIHOOD OF SPOOFING

Номер: US20180219774A1
Автор: Koblas David A., Oliver Jonathan J.
Принадлежит:

A technique for determining a boundary IP address is disclosed. The technique includes processing a header to extract candidate IP address, locating a gateway IP address, and selecting the boundary IP address based on the location of the gateway IP address. 1. (canceled)2. A method for classifying messages , the method comprising:receiving an electronic message;identifying an addresses and a domain associated with the electronic message;comparing the identified address and the domain associated with the electronic message with a set of information that cross references at least one of address information or domain information with a good status;identifying that the received electronic message is a good message based at least in part on the comparison of the identified on or more addresses and the domain associated with the electronic message with the set of information that cross references the at least one of the address information or the domain information with the good status; andallowing the electronic message to be sent to a destination based on the at least one of the address information or the domain information with the good status.3. The method of claim 2 , further comprising:identifying that the identified address does not correspond to a known good address and that the identified domain corresponds to a known good domain; andclassifying the electronic message as good based on the identified domain corresponding to the known good domain and based on a preference that allows the domain information to supersede the address information.4. The method of claim 2 , further comprising:classifying an address and a domain associated with a known electronic message sender, wherein the identified address and the identified domain correspond to the address and domain associated with the known electronic message sender; andstoring the address and the domain associated with the known electronic message sender in a table that stores the set of information that cross ...

Подробнее
Номер записи: 40
02-07-2020 дата публикации

Internet-based proxy service to modify internet responses

Номер: US20200210501A1
Автор: Lee Hahn Holloway, Matthew Browning Prince, Matthieu Philippe François Tourne
Принадлежит: Cloudflare Inc

A proxy server receives from a client device a request for a network resource that is hosted at an origin server for a domain. The request is received at the proxy server as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server retrieves the requested network resource. The proxy server determines that the requested resource is an HTML page, automatically modifies the HTML page, and transmits the modified HTML page to the client device.

Подробнее
Номер записи: 41
11-07-2019 дата публикации

Multimedia content provisioning device, system and method

Номер: US20190215561A1
Автор: Robin Dua
Принадлежит: SYNDEFENSE CORP

A multimedia content provisioning device, system and method. The device includes a network interface to communicatively couple to a communications network, to connect to one or more multimedia devices coupled to the communications network, to exchange media processing capabilities between the one or more multimedia devices after establishing a connection therebetween, to generate a list of broadcast media sources and provide the list to each of the one or more multimedia devices in which media processing capabilities are exchanged, to provide a list of broadcast media content receivable from a broadcast media source selected from the generated list at the one or more media devices, and to stream a broadcast media content to the one or more media devices at which a selection from the list of broadcast media content is made, the content being streamed according to the media processing capabilities received therefrom, and to display a multimedia content control user interface at the one or more media devices in which broadcast media content is being streamed.

Подробнее
Номер записи: 42
16-07-2020 дата публикации

ONLINE PORTAL FOR IMPROVING CYBERSECURITY RISK SCORES

Номер: US20200228563A1
Автор: Blackin Rob, Heid Alexander, Kassoumeh Samuel, Yampolskiy Aleksandr
Принадлежит:

Determining an entity's cybersecurity risk and benchmarking that risk includes non-intrusively collecting one or more types of data associated with an entity. Embodiments further include calculating a security score for at least one of the one or more types of data based, at least in part, on processing of security information extracted from the at least one type of data, wherein the security information is indicative of a level of cybersecurity. Some embodiments also comprise assigning a weight to the calculated security score based on a correlation between the extracted security information and an overall security risk determined from analysis of one or more previously-breached entities in the same industry as the entity. Additional embodiments include calculating an overall cybersecurity risk score for the entity based, at least in part, on the calculated security score and the weight assigned to the calculated security score. 1. A method for quantifying a cybersecurity risk level of an entity , the method comprising:identifying, by one or more processors, parameters for quantifying the cybersecurity risk level of the entity, where the parameters comprise information identifying the entity;non-intrusively searching, based on the parameters, by the one or more processors, for data indicative of potential cybersecurity threats to the entity;calculating, by the one or more processors, a cybersecurity risk score for the entity based, at least in part, on the data indicative of cybersecurity threats to the entity; andpresenting, by the one or more processors, data representative of the cybersecurity risk score and one or more actions to improve the cybersecurity risk score, where the one or more actions are based on the data indicative of potential cybersecurity threats to the entity.2. The method of claim 1 , further comprising:categorizing the entity according to the entity's size; anddetermining a cybersecurity ranking for the entity based, at least in part, on a ...

Подробнее
Номер записи: 43
30-07-2020 дата публикации

INTERNET-BASED PROXY SERVICE TO LIMIT INTERNET VISITOR CONNECTION SPEED

Номер: US20200242177A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Pye Ian Gerald
Принадлежит:

A proxy server for limiting Internet connection speed of visitors that pose a threat. The proxy server receives from a client device a request to perform an action on an identified resource that is hosted at an origin server for a domain. The proxy server receives the request as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server analyzes the request to determine whether a visitor belonging to the request poses a threat. If the proxy server determines that the visitor poses a threat, the proxy server reduces the speed at which the proxy server processes the request while keeping a connection to the client device open. 1. A method in a proxy server for limiting Internet connection speed of visitors that pose a threat , comprising:receiving, from a client device, a request to perform an action on an identified resource that is hosted at an origin server for a domain as a result of a DNS (Domain Name System) request for the domain resolving to the proxy server, wherein the origin server is one of a plurality of origin servers that belong to different domains that resolve to the proxy server and are owned by different entities;analyzing the request to determine whether a visitor belonging to the request poses a threat; andresponsive to a determination that the visitor belonging to the request poses a threat, reducing the speed at which the proxy server processes the request while keeping a connection to the client device open.2. The method of claim 1 , wherein analyzing the request to determine whether the visitor poses a threat includes performing the following: a global restricted IP address list that identifies IP addresses that are not allowed to access content of any of the plurality of origin servers, and', 'a local IP restricted address list that identifies IP addresses that ...

Подробнее
Номер записи: 44
07-09-2017 дата публикации

Integrated Adaptive Anycast For Content Distribution

Номер: US20170257294A1
Автор: Brotman Herani, Glasser Alan L., Miros James, Santoro Mario A., Spatscheck Oliver, Van der Merwe Jacobus E.
Принадлежит: AT&T Intellectual Property I, L.P.

A system includes first and second cache servers a domain name server, and a route controller. The cache servers are each configured to respond to an anycast address. Additionally, the first cache server is configured to respond to a first unicast address, and the second cache server is configured to respond to a second unicast address. The router controller configured to determine wither the status of the first cache server is non-overloaded, overloaded, or offline. The route controller is further configured to instruct the domain name server to provide the second unicast address when the status is overloaded or offline, and modify routing of the anycast address to direct a content request sent to the anycast address to the second cache server when the status is offline. The domain name server is configured to receive a request from a requestor for a cache server address. Additionally, the domain name server is configured to provide an anycast address to the requestor when the status of the first cache server is non-overloaded, and provide the second unicast address to the requestor when the status of the first cache server is offline or overloaded. 1. A system , comprising:a memory that stores instructions; identifying a serving region for a requestor associated with a content request based on determining that the requestor is connecting through a same ingress point of a network as other requestors belonging to the serving region; and', 'modifying, in response to a status of a first cache server of the serving region being determined to be an offline status or an overloaded status, routing of an anycast address to direct the content request that is sent to the anycast address to a unicast address of a second cache server of the serving region., 'a processor that executes the instructions to perform operations, the operations comprising2. The system of claim 1 , wherein the operations further comprise instructing claim 1 , when the status of the first cache server ...

Подробнее
Номер записи: 45
15-08-2019 дата публикации

SYSTEM AND METHOD FOR DETECTING AND REPORTING ONLINE ACTIVITY USING REAL-TIME CONTENT-BASED NETWORK MONITORING

Номер: US20190253507A1
Автор: Angeles Patrick
Принадлежит:

A computerized system and method for tracking and reporting online activity across a plurality of clients and servers is disclosed that intercepts and logs secure and non-secure HTTP request and response pages, analyzes each of the received page records, associates each page record to an event type based on user-defined parameters, identifies and extracts user-defined attributes of each page record based on its event type, and reports on the occurrence of the event along with its associated attributes. 130-. (canceled)31. An apparatus comprising: providing to the user browser a Web page containing a URL specifying both an address of a computer-programmed tracking system and information that specifies a URL on the Web server;', 'upon receipt by the tracking system of a Web page request from the user browser, determining a Web server URL from the Web page request;', 'identifying and extracting captured information indicating that the user browser has requested the Web server URL;', 'storing the captured information stored within a database;', 'forming parameter data based upon pre-determined selection parameters from the database;', "encoding an original URL as part of the tracking system's URL path to construct at least one rewritten URL;", 'embedding said at least one rewritten URL in a response such that a browser request to at least one said rewritten embedded URL is sent to the tracking system;', 'providing site management, including associating objects with one another; and', 'causing the Web page specified by the Web server URL to be returned to the user browser, wherein the causing is carried out such that the Web page specified by the Web server URL to be returned to the user includes redirecting the user browser to the Web page on the Web browser., 'a digital tracking system connected to a user browser and a Web server on the Internet, the system adapted to perform operations that include32. The apparatus of claim 31 , wherein the operation of providing site ...

Подробнее
Номер записи: 46
29-08-2019 дата публикации

REQUEST ROUTING BASED ON CLASS

Номер: US20190268265A1
Автор: Marshall Bradley Eugene, Pope Elmore Eugene, Richardson David R., Scofield Christopher L., Sivasubramanian Swaminathan
Принадлежит:

A system and method for management and processing of resource requests is provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a requested resource from the client computing device. The content delivery network service provider associates the client computing device with a cluster of other client computing devices. Based on routing information for the cluster, the content delivery network service provider routes the DNS query. The process can further include monitoring performance data associated with the delivery of the requested resource and updating the routing information for the cluster based on the performance data for use in processing subsequent requests from client computing devices in the cluster. 1. A computer-implemented method comprising:obtaining a first Domain Name System (DNS) query from a client computing device at a first DNS server, wherein the first DNS query is associated with a requested resource and wherein the first DNS server is associated with a content delivery network (CDN) service;determining a class of the client computing device associated with the first DNS query;determining an alternative resource identifier based on routing information for the class, wherein the alternative resource identifier includes information for causing a second DNS query to resolve to a domain associated with the CDN service; andcausing transmission of the alternative resource identifier to the client computing device in response to the first DNS query.2. The computer-implemented method as recited in claim 1 , wherein the alternative resource identifier comprises a canonical name record identifier.3. The computer-implemented method as recited in claim 1 , wherein the alternative resource identifier comprises a uniform resource locator (URL).4. The computer-implemented method as recited in claim 3 , wherein the class is identified in the URL.5. The computer-implemented method as ...

Подробнее
Номер записи: 47
27-09-2018 дата публикации

REQUEST ROUTING UTILIZING CLIENT LOCATION INFORMATION

Номер: US20180278717A1
Автор: Cormie John, Patel Imran S., Redman Benjamin W.S., Richardson David R., Sheehan Richard
Принадлежит:

A system, method, and computer-readable medium for request routing based on client location information are provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a resource identifier for requested content from the client computing device. The content delivery network service provider transmits an alternative resource identifier in response to the client computing device DNS query. The alternative resource identifier is selected as a function of client location information. The client location information is obtained from information corresponding to a mapping of at least partial IP addresses to known locations. The client computing device then issues a second DNS query to the same content delivery network service provider. The content delivery network service provider can then either resolve the second DNS query or transmit another alternative resource identifier. 1. A computer-implemented method comprising: obtaining a domain name system (DNS) query from a client computing device at a first DNS server, wherein the DNS query corresponds to a requested resource associated with an original resource identifier and wherein the first DNS server corresponds to a content delivery network (CDN) service;', 'obtaining a query Internet Protocol (IP) address associated with the DNS query at the first DNS server;', 'obtaining a location-based identifier associated with the query IP address and a confidence factor corresponding to a degree of confidence associated with the accuracy of the location-based identifier to query IP address association;', 'determining whether the confidence factor exceeds a threshold value; and', 'assigning a default location-based identifier if the confidence factor does not exceed the threshold value., 'as implemented by one or more computing devices configured with specific executable instructions2. The method as recited in claim 1 , wherein the location-based ...

Подробнее
Номер записи: 48
12-09-2019 дата публикации

REAL-TIME MESSAGING METHOD AND APPARATUS

Номер: US20190280998A1
Автор: KATIS Thomas E., PANTTAJA James T., PANTTAJA Mary G., RANNEY Matthew J.
Принадлежит:

A system and method for the late-binding of time-based media in real-time. With late binding, the sender may create time-based media before or at the same time an active delivery route to the recipient is discovered. As soon as the route becomes available, the media is transmitted. The existing DNS and email infrastructure is possibly used for route discovery, while any real-time transmission protocol may be used for the actual delivery of the media. “Progressive” emails may also be used for the real-time delivery of time-based media. 1create a video in response to an input to create and send video content to a recipient using identification information associated with the recipient;communicate the identification information, to a video service available over a network, before creation of the video content of the video is complete; andstart streaming the video content of the video, while the video content is created using the mobile communication device, without waiting for an end-to-end connection to be first established over the network with a second communication device associated with the recipient so that the video content can be at least partially rendered by the second communication device while the video content is streamed by the mobile communication device.. An application, embedded in a non-transitory tangible computer readable medium, the application including instructions configured to run on a mobile communication device, the application configured to: This application is a Continuation of U.S. application Ser. No. 15/923,869 (P020FC6), filed on Mar. 16, 2018. U.S. application Ser. No. 15/923,869 is a Continuation of U.S. application Ser. No. 15/710,627 (P020FC5), filed on Sep. 20, 2017. U.S. application Ser. No. 15/710,627 is a Continuation of U.S. application Ser. No. 15/233,325 (P020FC3), filed on Aug. 10, 2016, now U.S. Pat. No. 9,800,528. U.S. application Ser. No. 15/233,325 is a Continuation of U.S. application Ser. No. 15/091,746 (P020FC2), ...

Подробнее
Номер записи: 49
17-09-2020 дата публикации

METHODS AND APPARATUSES FOR PROVIDING INTERNET-BASED PROXY SERVICES

Номер: US20200293584A1
Автор: Holloway Lee Hahn, Prince Matthew Browning, Pye Ian Gerald, Tourne Matthieu Philippe François, Zatlyn Michelle Marie
Принадлежит:

A proxy server receives, from multiple visitors of multiple client devices, a plurality of requests for actions to be performed on identified network resources belonging to a plurality of origin servers. At least some of the origin servers belong to different domains and are owned by different entities. The proxy server and the origin servers are also owned by different entities. The proxy server analyzes each request it receives to determine whether that request poses a threat and whether the visitor belonging to the request poses a threat. The proxy server blocks those requests from visitors that pose a threat or in which the request itself poses a threat. The proxy server transmits the requests that are not a threat and is from a visitor that is not a threat to the appropriate origin server.

Подробнее
Номер записи: 50
18-10-2018 дата публикации

UPDATING ROUTING INFORMATION BASED ON CLIENT LOCATION

Номер: US20180302322A1
Автор: Marshall Bradley Eugene, Richardson David R., Sivasubramanian Swaminathan
Принадлежит:

A system, method, and computer-readable medium for updating request routing information associated with client location information are provided. A content delivery network service provider receives a DNS query from a client computing device. The DNS query corresponds to a resource identifier for requested content from the client computing device. The content delivery network service provider obtains a query IP address corresponding to the client computing device. Based on routing information associated with the query IP address, the content delivery network service provider routes the DNS query. The process further includes monitoring performance data associated with the transmission of the requested resource and updating routing information associated with the query IP address based on the performance data for use in processing subsequent requests form the client computing device. 1. A computer-implemented method comprising:obtaining a first domain name system (DNS) query from a client computing device at a first DNS server, wherein the first DNS query is associated with a first requested resource and wherein the first DNS server is associated with a content delivery network service;obtaining a query internet protocol (IP) address associated with the first DNS query at the first DNS server, wherein the query IP address is associated with the client computing device;obtaining, at the first DNS server from a data store including a full IP address to location-based identifier mapping, an identifier from a plurality of identifiers based, at least in part, on a portion of the obtained query IP address by matching the portion of the query IP address with a portion of the full IP address identified in the full IP address to location-based identifier mapping in the routing data store; andresolving the first DNS query based on the identifier.2. The method as recited in claim 1 , wherein the identifier is different from the obtained query IP address associated with the ...

Подробнее
Номер записи: 51
03-10-2019 дата публикации

Methods and apparatuses for providing internet-based proxy services

Номер: US20190303415A1
Автор: Ian Gerald Pye, Lee Hahn Holloway, Matthew Browning Prince, Matthieu Philippe François Tourne, Michelle Marie Zatlyn
Принадлежит: Cloudflare Inc

A proxy server receives, from multiple visitors of multiple client devices, a plurality of requests for actions to be performed on identified network resources belonging to a plurality of origin servers. At least some of the origin servers belong to different domains and are owned by different entities. The proxy server and the origin servers are also owned by different entities. The proxy server analyzes each request it receives to determine whether that request poses a threat and whether the visitor belonging to the request poses a threat. The proxy server blocks those requests from visitors that pose a threat or in which the request itself poses a threat. The proxy server transmits the requests that are not a threat and is from a visitor that is not a threat to the appropriate origin server.

Подробнее
Номер записи: 52
02-11-2017 дата публикации

CONTENT RESTRICTION COMPLIANCE USING REVERSE DNS LOOKUP

Номер: US20170318003A1
Автор: Shuster Gary Stephen
Принадлежит:

A method for alerting Internet content providers of the age or other personal information of a computer user, which includes receiving a reverse DNS lookup query from an Internet content provider; and providing the age information of the computer user, in addition to a host name, from a reverse map zone file in response to the request. The personal information may be used by the content provider to select appropriate content for the requesting host, for example for complying with content restrictions. A system of alerting an Internet content provider of the age or other personal information of a computer user is also provided. 1providing a network connection for a node having a defined network address;determining at least one user parameter indicating eligibility to receive content at the network address via the network connection; andencoding the at least one user parameter in a zone file, wherein the at least one user parameter is encoded as text characters in a text field of a pointer record for a user associated with the network address.. A method for configuring a zone file of a DNS server to encode data for determining eligibility of a network node to receive requested content, the method comprising: This application is a continuation of U.S. application Ser. No. 14/869,582 filed Sep. 29, 2015, now U.S. Pat. No. 9,705,867, which is a divisional of U.S. patent application Ser. No. 13/893,222, filed May 13, 2013, now U.S. Pat. No. 9,374,352, which is a divisional of U.S. patent application Ser. No. 12/339,763, filed Dec. 19, 2008, now U.S. Pat. No. 8,443,106, issued May 14, 2013, which claims priority pursuant to 35 U.S.C. §119(e) to U.S. provisional application Ser. No. 61/016,440, filed Dec. 21, 2007, which applications are hereby incorporated by reference in their entireties.The invention relates to methods and systems for complying with content restrictions for computer-accessed content, such as restrictions tied to user age, location, preferences or other ...

Подробнее
Номер записи: 53
02-11-2017 дата публикации

SYSTEM AND METHOD FOR DETECTING AND REPORTING ONLINE ACTIVITY USING REAL-TIME CONTENT-BASED NETWORK MONITORING

Номер: US20170318104A1
Автор: Angeles Patrick
Принадлежит:

A computerized system and method for tracking and reporting online activity across a plurality of clients and servers is disclosed that intercepts and logs secure and non-secure HTTP request and response pages, analyzes each of the received page records, associates each page record to an event type based on user-defined parameters, identifies and extracts user-defined attributes of each page record based on its event type, and reports on the occurrence of the event along with its associated attributes. 130-. (canceled)31. A computer programmed digital electrical tracking system apparatus connected to a user browser and a Web server on the Internet , the apparatus adapted to: provide the user browser with a Web page containing a URL specifying both an address of the tracking system and information that specifies a URL on the Web server;', 'upon receipt by the tracking system of one of the HTTP requests comprising a Web page request from the user browser, determine a Web server URL from the Web page request;', 'identify and extract captured information indicating that the user browser has requested the Web server URL, the captured information stored within one or more databases;', "encode an original URL as part of the tracking system's URL path to construct at least one rewritten URL;", 'embed the rewritten URLs in a response such that a browser request to each of the rewritten embedded URLs is sent to the tracking system;', 'cause the Web page specified by the Web server URL to be returned to the user browser; and, 'intercept and log HTTP requests and responses, includingprovide profiling and analysis of at least one session, wherein the apparatus causes a session detail;', 'an event detail;', 'a purchase detail; and', 'a purchase summary., 'the analysis by performing operations comprising reporting at least one of the following32. The apparatus of claim 31 , further including capturing data relating to user activity in a central database;extracting the data from ...

Подробнее
Номер записи: 54
09-11-2017 дата публикации

Ascertaining Per-Hop Network Characteristics

Номер: US20170324659A1
Автор: Liu Chia J.
Принадлежит:

A tool that may be used for querying and obtaining per-hop information along a network path, and/or for verifying the host name of each hop against a data repository such as the DNS. The query and response may be transmitted in, e.g., the destination options header of data packets, such as an IPv6 destination options header. 120.-. (canceled) The present application claims priority to U.S. Provisional Patent Application Ser. No. 61/346,669, filed May 20, 2010, entitled “Ascertaining Per-Hop Network Characteristics,” hereby incorporated by reference herein as to its entirety.Network debugging tools such as Traceroute and Ping may be used to obtain information about network nodes and paths. However, these tools do not provide much information about the experience of a packet at each of multiple hops through a path. For example, no conventional tools adequately identify the autonomous systems, congestion, and other information on a per-hop basis through a path.The problems with the current Traceroute and Ping tools are even more pronounced as Internet Protocol version 6 (IPv6) becomes more widely used, and which is expected to become the standard IP protocol throughout the Internet and other networks. For example, in the context of the Internet, these tools either provide or rely on host names stored in the Domain Name System (DNS). However, it is known that DNS entries, and especially IPv6 entries, may be missing or erroneous. When the returned DNS name of an intermediate hop is erroneous, the Traceroute result can be very confusing to the user. The user may misinterpret the result as a routing issue or other issue that in fact may or may not exist.It may be desirable to provide a tool that allows a user to obtain per-hop information along a path. Such information may include, for example, the host name (which may include the domain name) of each hop, or node in which a routing decision is made, in the path; the autonomous system number (ASN) in which each hop resides ...

Подробнее
Номер записи: 55
16-11-2017 дата публикации

SECURE DNS QUERY

Номер: US20170329850A1
Автор: DIXON WILLIAM, Engdahl Christopher J., Statia Jeromy S., Walker Lee
Принадлежит:

A secure DNS query may be made by establishing a secure connection with a specific DNS server to determine an address for a hostname. A client device may have a database that may contain a record of a secure DNS server for one or more hostnames. When a DNS request contains one of the specified hostnames, an authenticated session may be created with the designated secure DNS server and a network address for the hostname is returned using the session. The authenticated session may authenticate a client device to the server as well as authenticate the server to the client. In some embodiments, the secure DNS server may accept connections from authenticated clients and may disregard connection requests from non authenticated clients. 1. A method , comprising:receiving a first request for a first network address for a first node having a first name;determining, based on information from a local database, an identifier associated with a secure DNS server that is to be employed in resolving the first name;establishing a secure session with the secure DNS server using the identifier;querying the secure DNS server for a network address associated with the first name; andreceiving the first network address in response to the query.2. The method of claim 1 , wherein the identifier associated with the secure DNS server is a second network address.3. The method of claim 1 , further comprising:receiving a second request for a second network address for a second node having a second name;looking up the second name in the local database;not finding the second name in the local database; andquerying another DNS server for the second network address.4. The method of claim 1 , further comprising:receiving a second request for a second network address for a second node having a second name;determining that the local database associates the second name with a second network address for another secure DNS server;attempting to establish a secure session with the other secure DNS server at ...

Подробнее
Номер записи: 56
16-11-2017 дата публикации

SYSTEM AND METHOD FOR IMPLEMENTING APPLICATION FUNCTIONALITY WITHIN A NETWORK INFRASTRUCTURE

Номер: US20170331919A1
Автор: Kouts Michael, Plumb Mark, Vange Mark, Wilson Glenn Sydney
Принадлежит:

A system and method for implementing functionality within a network on behalf of first and second devices communicating with each other through the network. A front-end device is provided within the network that communicates data traffic with the first device. A back-end device is also implemented within the network and communicates data traffic with the second device. A communication channel couples the front-end device and the back-end device. Data traffic may be encoded into a different type or protocol for transport through the communication channel by the front-end device and back-end device. The front-end device and back-end device exchange quality of service information and may alter characteristics of the data traffic through the communication channel according to the quality of service information. 1. A communication network component configured to convert data packets of a first protocol received from a first computing device into data packets of a second protocol configured for transmission over an enhanced network link to a second computing device , comprising:at least one processor;at least one memory configured to storage machine readable code executable by said at least one processor;at least one communication interface configured to receive said data packets of said first protocol and transmit data packet of said second protocol; and receive said data packets of said first protocol from said first computing device;', 'parse a payload portion of said data packets of said first protocol;', 'process said payload portions of said data packets of said first protocol into modified data packets of said second protocol;', 'blend said modified data packets of said second protocol to create data packets of said second protocol having a desired size; and', 'transmit said data packets of said second protocol over said enhanced communication link., 'machine readable code stored in said at least one memory configured to2. A computer program product comprising:a ...

Подробнее
Номер записи: 57
15-11-2018 дата публикации

INTEGRATED ADAPTIVE ANYCAST FOR CONTENT DISTRIBUTION

Номер: US20180331925A1
Автор: Brotman Herani, Glasser Alan L., Miros James, Santoro Mario A., Spatscheck Oliver, Van der Merwe Jacobus E.
Принадлежит: AT&T Intellectual Property I, L.P.

A system includes first and second cache servers a domain name server, and a route controller. The cache servers are each configured to respond to an anycast address. Additionally, the first cache server is configured to respond to a first unicast address, and the second cache server is configured to respond to a second unicast address. The router controller configured to determine wither the status of the first cache server is non-overloaded, overloaded, or offline. The route controller is further configured to instruct the domain name server to provide the second unicast address when the status is overloaded or offline, and modify routing of the anycast address to direct a content request sent to the anycast address to the second cache server when the status is offline. The domain name server is configured to receive a request from a requestor for a cache server address. Additionally, the domain name server is configured to provide an anycast address to the requestor when the status of the first cache server is non-overloaded, and provide the second unicast address to the requestor when the status of the first cache server is offline or overloaded. 1. A system , comprising:a memory that stores instructions; identifying a serving region for a requestor associated with a content request based on determining that the requestor is connecting through a same ingress point of a network as other requestors belonging to the serving region; and', 'determining, based on a status of a first cache server associated with the serving region, a preferred internet protocol address for the content request for the serving region., 'a processor that executes the instructions to perform operations, the operations comprising2. The system of claim 1 , wherein the operations further comprise modifying claim 1 , if the status of the first cache server is an offline status or an overloaded status claim 1 , routing of an anycast address to direct the content request that is sent to the ...

Подробнее
Номер записи: 58
07-11-2019 дата публикации

Robust domain name resolution

Номер: US20190342260A1
Автор: David Ulevitch, Michael Damm, Noah Treuhaft
Принадлежит: Cisco Technology Inc

A recursive DNS nameserver system and related domain name resolution techniques are disclosed. The DNS nameservers utilize a local cache having previously retrieved domain name resolution to avoid recursive resolution processes and the attendant DNS requests. If a matching record is found with a valid (not expired) TTL field, the nameserver returns the cached domain name information to the client. If the TTL for the record in the cache has expired and the nameserver is unable to resolve the domain name information using DNS requests to authoritative servers, the recursive DNS nameserver returns to the cache and accesses the resource record having an expired TTL. The nameserver generates a DNS response to the client device that includes the domain name information from the cached resource record. In various embodiments, subscriber information is utilized to resolve the requested domain name information in accordance with user-defined preferences.

Подробнее
Номер записи: 59
20-12-2018 дата публикации

Generating secure name records

Номер: US20180367430A1
Автор: LIANG Han, Yang Yang
Принадлежит: A10 Networks Inc

Provided are a service gateway and a method for generating secure name records. The method may commence with receiving a name service request from a host. The name service request may include a name. The method may further include obtaining a service server name record from a name service server. The service server name record may include a plurality of name entries corresponding to the name. The method may then continue with generating a plurality of service gateway name records using the name and the plurality of name entries. The method may further include sending a service gateway name record of the plurality of service gateway name records to the host as a response to the name service request.

Подробнее
Номер записи: 60
12-11-2020 дата публикации

CYBERSECURITY RISK ASSESSMENT ON AN INDUSTRY BASIS

Номер: US20200358808A1
Автор: Blackin Rob, Heid Alexander, Kassoumeh Samuel, Yampolskiy Aleksandr
Принадлежит:

Determining an entity's cybersecurity risk and benchmarking that risk includes non-intrusively collecting one or more types of data associated with an entity. Embodiments further include calculating a security score for at least one of the one or more types of data based, at least in part, on processing of security information extracted from the at least one type of data, wherein the security information is indicative of a level of cybersecurity. Some embodiments also comprise assigning a weight to the calculated security score based on a correlation between the extracted security information and an overall security risk determined from analysis of one or more previously-breached entities in the same industry as the entity. Additional embodiments include calculating an overall cybersecurity risk score for the entity based, at least in part, on the calculated security score and the weight assigned to the calculated security score. 1. A method for benchmarking one company's cybersecurity risk against the cybersecurity risks of other companies , the method comprising:collecting, at a cybersecurity scoring system distinct from a plurality of separate companies, non-intrusive data from the plurality of separate companies, where the non-intrusive data is collected without obtaining permission to collect the non-intrusive data from the plurality of separate companies by the cybersecurity scoring system;collecting, at the cybersecurity scoring system, intrusive data from the plurality of separate companies, where the intrusive data is collected by obtaining permission to collect the intrusive data from the plurality of separate companies by the cybersecurity scoring system,where the non-intrusive data, the intrusive data, or both, comprises data representative of cybersecurity risks attributable to network activity of employees of the plurality of separate companies; an identity of each of the plurality of separate companies; and', 'the non-intrusive data and the intrusive ...

Подробнее
Номер записи: 61
28-11-2019 дата публикации

MANAGE ENCRYPTED NETWORK TRAFFIC USING DNS RESPONSES

Номер: US20190364026A1
Автор: Martini Paul Michael, Martini Peter Anthony
Принадлежит:

This present disclosure generally relates to managing encrypted network traffic using Domain Name System (DNS) responses. One example includes requesting an address; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received one or more addresses; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name. 1. A computer-implemented method executed by one or more processors , the method comprising:requesting, by a gateway of a network an address associated with a domain name from a resolution server, the domain name included in a predetermined set of domain names for which secure requests are to be identified, wherein the gateway and the network are both controlled by a controlling entity that owns the network;receiving a response from the resolution server including one or more addresses associated with the domain name;associating with the domain name a particular address selected from the received one or more addresses;receiving over the network, by the gateway and from a particular client device, a request to resolve the domain name, wherein the network hosts a plurality of client devices including the particular client device, and wherein some of the client devices are controlled by the controlling entity and wherein the particular client device is not controlled by the controlling entity;sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain ...

Подробнее
Номер записи: 62
17-12-2020 дата публикации

INTERNET CONNECTED HOUSEHOLD IDENTIFICATION FOR ONLINE MEASUREMENT & DYNAMIC CONTENT DELIVERY

Номер: US20200396203A1
Автор: DeFrancesco Brian C., Vanderhook Christopher J., Vanderhook Timothy C.
Принадлежит: VIANT TECHNOLOGY LLC

A method, apparatus, system, and computer readable storage medium provide the ability to identify an internet connected household (ICH). An Internet Protocol (IP) address is received at an Internet entity. Determinations are made regarding whether device activity from the IP address does not exceed a defined activity threshold and whether an IP assignment age for the IP address is greater than a defined threshold age. Based on the determinations, the IP address can be identified as belonging to an ICH or not. 1. A system for identifying an internet connected household (ICH) , comprising:a computer comprising a memory, a processor and an Internet connection;the processor executing on the computer; receiving an Internet Protocol (IP) address via the Internet connection;', 'determining a residential internet service status based on whether the IP address belongs to an Internet Service Provider (ISP) that provides residential internet service;', 'determining a device activity status based on whether device activity from the IP address does not exceed a defined activity threshold; and', 'based on the device activity status and the residential internet service, determining whether the IP address is associated with an ICH,, 'the memory storing a set of Internet entity instructions, wherein the set of Internet entity instructions, when executed by the processor, cause the processor to perform operations comprising2. The system of claim 1 , wherein the Internet entity instructions determine the residential internet service status by:determining, based on information obtained from a regional internet registry (RIR), the ISP that has been assigned an IP range block that includes the IP address; andclassifying the ISP as providing residential internet service based on publicly available information regarding the ISP.3. The system of claim 1 , wherein the Internet entity instructions determine the residential internet service status by:receiving an additional IP address; ...

Подробнее
Номер записи: 63
24-02-2015 дата публикации

Client-side management of domain name information

Номер: US8966121B2
Автор: Alastair Wolman, Arne Josefsberg, John D Dunagan, Mark D. Scheibel
Принадлежит: Microsoft Corp

An exemplary method includes booting a computing device, in response to the booting, accessing a file that includes domain names and resolving at least one of the domain names by issuing a request to a server where the resolving occurs as a background process. An exemplary method includes receiving a notice to invalidate client DNS resolver cache information for a domain name, accessing a list of client subscribers to an invalidation service for the domain name and issuing an instruction to the client subscribers to invalidate their respective client DNS resolver cache information for the domain name. An exemplary method includes receiving a request to resolve a domain name, resolving the domain name and transmitting information for the resolved domain name and additional information for at least one other domain name. Other methods, devices and systems are also disclosed.

Подробнее
Номер записи: 64
22-03-2016 дата публикации

Methods and apparatus to provision name-servers

Номер: US9294348B2
Автор: F. William Frinder, Jr., Geoffrey R. Zampiello, James Forsyth
Принадлежит: AT&T INTELLECTUAL PROPERTY I LP

Methods and apparatus are disclosed to provision name-servers. An example system disclosed herein includes a name-server evaluator to determine capacities of the plurality of name-servers, a provisioner to compute profile assignment values based on a plurality of subscriber identifiers, and an assignor to assign the subscriber identifiers to one of the plurality of name-servers based on the profile assignment values and the capacities.

Подробнее
Номер записи: 65
03-01-2017 дата публикации

Method for selecting a device in a telecommunications network

Номер: US9537708B2
Автор: Antoine Mouquet, Delphin Barankanira
Принадлежит: ORANGE SA

A method is provided for selecting a device in a telecommunications network in accordance with characteristics relating to the implementation of a telecommunications service, comprising the following steps: a) receiving a set of characteristics relating to said service; b) forming a first symbolic address for querying an address server, using at least one portion of the overall characteristics of the set on the one hand, and an address domain name on the other hand; c) sending the first address to the address server; d) receiving a list of one or more devices compatible with the characteristics; and e) selecting one device from the list.

Подробнее
Номер записи: 66
22-09-2015 дата публикации

Methods, systems, products, and devices for processing DNS friendly identifiers

Номер: US9141717B2
Автор: Eric Schneider
Принадлежит: ESDR Network Solutions LLC

When a request having a keyword is received, a domain name having the keyword can be generated and a network resource corresponding to the domain name can be requested wherein the network resource is adapted to extract the keyword from the domain name. In turn, when a request having a first domain name is received, a second domain name having the first domain name can be generated and a network resource corresponding to the second domain name can be requested wherein the network resource is adapted to extract the first domain name from the second domain name.

Подробнее
Номер записи: 67
26-08-2014 дата публикации

Request routing in a networked environment

Номер: US8819283B2
Автор: Benjamin W. S. Redman, Colm MacCarthaigh, David R. Richardson, John Cormie
Принадлежит: Amazon Technologies Inc

A system, methods, and interfaces for managing request routing functionality associated with resource requests for one or more resources associated with a content provider. The request routing functionality can correspond to the processing of domain name service (“DNS”) requests for resources by computing devices and the resolution of the DNS requests by the identification of a network address of a computing device that will provide the requested resources. Unlike traditional CDN service provider implementation, the processing of resource requests by the service provider is separate from the delivery of the content by the content provider (or on behalf of the content provider).

Подробнее
Номер записи: 68
09-10-2018 дата публикации

Point of presence management in request routing

Номер: US10097398B1
Автор: Benjamin W.S. Redman, Colm MacCarthaigh, David R. Richardson, John Cormie
Принадлежит: Amazon Technologies Inc

A system and method for the management of client computing device DNS queries and subsequent resource requests within a content delivery network service provider domain are provided. The management of the DNS queries can include the selection of computing devices corresponding to various Point of Presence locations for processing DNS queries. Additionally, the management of the content requests can include the selection of computing devices corresponding to resource cache components corresponding to various Point of Presence locations for providing requested content. The selection of the computing devices can incorporate logic related to geographic criteria, testing criteria, and the like.

Подробнее
Номер записи: 69
23-03-2021 дата публикации

Request routing information based on client IP groupings

Номер: US10958501B1
Автор: Benjamin W. S. Redman, Colm MacCarthaigh, David R. Richardson, John Cormie
Принадлежит: Amazon Technologies Inc

Systems and methods for managing requesting routing functionality associated with resource requests for one or more resources associated with a content provider are provided. The request routing functionality can correspond to the processing of domain name service (“DNS”) requests for resources by computing devices by correlating client computing device identifiers, such as an Internet Protocol (“IP”) address, with identifiers (e.g., IP addresses) associated with other components in a content delivery environment, such as DNS resolvers associated with the client computing device. The processing of the DNS requests can also correspond to client computing device clustering or classes of client computing devices.

Подробнее
Номер записи: 70
04-11-2014 дата публикации

Methods and apparatus to enable call completion in internet protocol communication networks

Номер: US8879442B2
Автор: Bernard Ku
Принадлежит: AT&T INTELLECTUAL PROPERTY I LP

Methods and apparatus to enable call completion in Internet protocol communication networks are disclosed. Example methods disclosed herein to process a voice over Internet protocol call include sending a first query to a telephone number mapping server to obtain a session initiation protocol uniform resource identifier associated with a destination device with which the voice over Internet protocol call is to be established. Some such example methods further include, in response to the voice over Internet protocol call failing to be established using the session initiation protocol uniform resource identifier obtained from the first query, sending a second query to the telephone number mapping server to obtain a numeric Internet protocol address associated with the destination device, and using the numeric Internet protocol address obtained from the second query to establish the voice over Internet protocol call with the destination device.

Подробнее
Номер записи: 71
05-05-2015 дата публикации

System and method for using a registered name to connect network devices with a link that uses encryption

Номер: US9027115B2
Автор: Edmund Colby Munger, Michael Williamson, Robert Dunham Short, III, Victor Larson
Принадлежит: Virnetx Inc

A method for connecting a first network device to a second network device includes receiving a request to resolve a network address of the second network device. The request includes a name associated with the second network device that corresponds to the network address. The request is evaluated to confirm that the name is registered with a name service that facilitates resolving the name and facilitates establishing communication links, which use encryption, between the first network device and the second network device over the network. It is determined whether the second network device is available to establish the communication link. If so, the communication link is automatically established, including sending a signal to a provisioning server to provision the first network device or the second network device with a resource for the communication link.

Подробнее
Номер записи: 72
05-05-2015 дата публикации

Systems and methods for traffic management using load metrics reflective of a requested service

Номер: US9026661B2
Автор: Ajit K. Gupta, Eric Sven-Johan Swildens, Richard David Day
Принадлежит: Akamai Technologies Inc

A method for determining metrics of a content delivery and global traffic management network provides service metric probes that determine the service availability and metric measurements of types of services provided by a content delivery machine. Latency probes are also provided for determining the latency of various servers within a network. Service metric probes consult a configuration file containing each DNS name in its area and the set of services. Each server in the network has a metric test associated with each service supported by the server which the service metric probes periodically performs metric tests on and records the metric test results which are periodically sent to all of the DNS servers in the network. DNS servers use the test result updates to determine the best server to return for a given DNS name. The latency probe calculates the latency from its location to a client's location using the round trip time for sending a packet to the client to obtain the latency value for that client. The latency probe updates the DNS servers with the clients' latency data. The DNS server uses the latency test data updates to determine the closest server to a client.

Подробнее
Номер записи: 73
05-01-2016 дата публикации

Differentiated handling of data traffic with adaptation of network address lookup

Номер: US9231867B2
Автор: Ayodele Damola, Per Willars, Reiner Ludwig
Принадлежит: Telefonaktiebolaget LM Ericsson AB

Differentiated Handling of Data Traffic with Adaptation of Network Address Lookup In a method of differentiated handling of data traffic, the data traffic is related to a network resource and is preceded by a lookup procedure for obtaining a network address of the network resource. A message of the lookup procedure is processed for adapting the lookup procedure. Due to the adaptation, the lookup procedure returns a network address of a replacement network resource. The replacement network resource is capable of replacing the network resource in communication of data packets of the data traffic. On the basis of the network address of the replacement network resource, differentiated handling of the data packets in said communication with the replacement network resource is accomplished.

Подробнее
Номер записи: 74
25-07-2017 дата публикации

Automated website generation via integrated domain registration, hosting provisioning, and website building

Номер: US9716610B2
Автор: Justin Jilg, Nathan Curran
Принадлежит: Go Daddy Operating Co LLC

Methods of the present inventions allow for generating and providing an enhanced domain name. An exemplary method may comprise providing an enhanced domain to a second party. The enhanced domain may comprise a domain name, a web space automatically enabled and associated with the domain name, and at least one application automatically enabled and associated with the domain name.

Подробнее
Номер записи: 75
22-09-2015 дата публикации

System and apparatus for local mobility anchor discovery by service name using domain name service

Номер: US9144053B2
Автор: Behcet Sarikaya, Yangsong Xia
Принадлежит: FutureWei Technologies Inc

An apparatus comprising a mobile access gateway (MAG) configured to register an Internet Protocol (IP) address for a mobile node (MN) with a local mobility anchor (LMA) to allow proxy mobile IP version 6 (PMIPv6) mobility management for the MN, wherein the MAG communicates a query message that comprises a PMIPv6 service name to a Domain Name Service (DNS) and obtains the IP address of the LMA from the DNS. Also disclosed is a network component comprising at least one processor coupled to a memory and configured to send a DNS query for a plurality of Service Resource Records (SRV RRs), and receive a DNS reply that comprises a plurality of Fully Qualified Domain Names (FQDNs) for a plurality of LMAs, wherein the DNS query comprises a Proxy Mobile Internet Protocol version 6 (PMIPv6) service name, a protocol name, and a domain name.

Подробнее
Номер записи: 76
07-07-2015 дата публикации

Agile network protocol for secure communications using secure domain names

Номер: US9077694B2
Автор: Edmund Colby Munger, Michael Williamson, Robert Dunham Short, III, Victor Larson
Принадлежит: Virnetx Inc

A client device comprises: (a) a memory, (b) an application program, and (c) a signal processing configuration. The memory is configured and arranged to facilitate a connection of the client device with a target device over a secure communication link created based on (i) an address request generated by the client device, and (ii) a determination as a result of the address request that the target device is a device with which a secure communication link can be established when the requested address is identified in an address lookup. The application program is configured and arranged so as to allow participation in audio/video communications with the target device over the secure communication link once the secure communication link is established. The signal processing configuration is arranged to execute the application program.

Подробнее
Номер записи: 77
07-04-2015 дата публикации

Detecting malicious behaviour on a network

Номер: US9003526B2
Автор: Fadi J El-Moussa
Принадлежит: British Telecommunications plc

An intrusion detection device ( 61 ) for monitoring one or more target devices and detecting malicious software operating on one of the one or more target devices. The intrusion detection device has an interface arrangement ( 61, 10 ) comprising one or more interfaces ( 6110 ) for receiving inward bound traffic destined for the one or more target devices and outward bound traffic originating from the one or more target devices. The intrusion detection device ( 61 ) also includes categorization means ( 6140 ) for categorizing incoming service requests destined for one of the one or more target devices as either harmless or potentially suspicious; monitoring means ( 6150 ) operable, in respect of each incoming service request identified as being potentially suspicious, to monitor the behavior of the associated target device for behavior indicative of the target device operating as a proxy server; and a notifier ( 6160 ) for generating a notification in the event that the monitored behavior is indicative of the device acting as a proxy server.

Подробнее
Номер записи: 78
10-02-2015 дата публикации

Networked computer system for communicating and operating in a virtual reality environment

Номер: US8954527B2
Автор: Ada Mae Edecker, Alex Siyanko, Anatoly P. Syomik
Принадлежит: Xdyne Inc

The present invention relates to interactive virtual reality networked computer systems and methods that facilitate communication and operation in a virtual reality environment. The virtual reality networked computer system has an infrastructure that includes a number of users, hosts and servers. The interconnected hosts and servers allow users to effectively locate, activate, access and interact within virtual reality environments in a variety of different ways. For example, users can establish user groups such that interaction within the virtual reality environment occurs between hosts (accessed by users) without the need of a central or dedicated server.

Подробнее
Номер записи: 79
02-06-2015 дата публикации

Evaluation of DNS pre-registration data to predict future DNS traffic

Номер: US9049229B2
Автор: Matthew Thomas
Принадлежит: Verisign Inc

Methods and systems analyze historical NXD traffic to predict future DNS traffic. In one embodiment, a system may count NXD responses generated by an Authoritative DNS server during a particular time period and calculate the variance in NXD traffic for domains over time. The system may then generate a coefficient of variance (CoV) value for each domain observed. Finally, the system may predict positive domain traffic based upon the calculated CoV data. In other embodiments, the system may also base the prediction on the classification of domains as “original” domains or “re-registered” domains. In another embodiment, the system may also base the prediction on the “size” of name servers. Additionally, or alternatively, the system may determine the number of unique name servers for a domain and base the prediction on the number of unique name servers for a particular domain name.

Подробнее
Номер записи: 80
24-09-2013 дата публикации

Method and apparatus for multiplexing internet domain names

Номер: US8543732B2
Автор: William Kenneth Ryan
Принадлежит: Individual

The current disclosure describes an edge application (user agent) that supports name multiplexing and allows users the convenience of the ‘name*number.com’ format while allowing registration of the real domain name as exemplified by ‘ml-name-number.com’ which parallels the approach standardized for Internationalized Domain Names. Multiplexed domain names allow a virtually unlimited number of domain names under any Internet top level domain. The current improvement requires no new central associated directories, multi-tiered or sub-directories. It does not require modification of the DNS to allow additional characters such as the asterisk. It uses the DNS exactly as it is configured today.

Подробнее
Номер записи: 81
23-06-2015 дата публикации

Systems and method to discover clients associated with local domain name server using sampling

Номер: US9065867B2
Автор: Anestis Karasaridis, Vishwa M. Prasad
Принадлежит: AT&T INTELLECTUAL PROPERTY I LP

A system includes an analyzer module, a content request data collection module, and a domain name server. The content request data collection module is configured to receive a content request sent to a tracking address, collect content request information about the content request, and provide the content request information to the analyzer module. The domain name server is configured to receive an address request from a local domain name server for a cache server address, provide a tracking address to the local domain name server, collect address request information about the address request, and provide the address request information to the analyzer module. The analyzer module is configured to receive the address request information and the content request information, and determine properties of clients served by the local domain name server based on the address request information and the content request information.

Подробнее
Номер записи: 82
22-03-2016 дата публикации

Internet profile service

Номер: US9292612B2
Автор: Alex Holmes, Andrew Simpson, Dave Moston, Eduardo Jimenez, Karthik Shyamsunder, Leonard Linas Orentas, Mark Alan Kosters, Phani Pattapu, Srinivas Sunkara
Принадлежит: Verisign Inc

Systems and methods for creating and using a domain profile include identifying a status of a first page associated with a domain. The first page is retrieved and additional pages from the domain are identified based on hyperlinks from the first page. The status of the additional pages is identified and the hyperlinks are prioritized based on the status and/or a comparison with predetermined data. Content is extracted from the first page and selected pages from among the additional pages. The specific additional pages may be selected based on the prioritization. The retrieved content may be processed through a signature marker set to determine a contextual match. A purpose of the domain is determined according to the status of the first page, the status of the additional pages and results of the processing of the content. The domain profile can be displayed, stored, sent and/or searched to identify web sites or attributes of interest.

Подробнее
Номер записи: 83
18-07-2017 дата публикации

Optimizing security seals on web pages

Номер: US9712532B2
Автор: Barry Ferg, David M'Raihi, Gary Krall, Nicolas Popp
Принадлежит: Symantec Corp

A method of providing web site verification information to a user can include receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also can include accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further can include transmitting a positive identifier to the requester if the host name is associated with a Trust Services customer and transmitting a negative identifier to the requester if the host name is not associated with a Trust Services customer. In a specific embodiment, the Trust Services include issuance of digital certificates.

Подробнее
Номер записи: 84
24-11-2015 дата публикации

Spell checking URLs in a resource

Номер: US9195642B2
Автор: Mark Joseph Hamzy
Принадлежит: International Business Machines Corp

Methods, systems, and computer program products are provided for spell checking URLs in a resource. Embodiments include identifying within a resource a URL, determining whether the URL is valid, and marking the URL as misspelled if the URL is invalid. In typical embodiments, determining whether the URL is valid is carried out by resolving a domain name contained in the URL. Typical embodiments also include suggesting an alternative spelling for the URL. In some embodiments, suggesting an alternative spelling for the URL is carried out by identifying a keyword in the resource, querying a search engine with the identified keyword, and selecting a URL in dependence upon search results returned by the search engine.

Подробнее
Номер записи: 85
21-03-2017 дата публикации

Method of provisioning network elements

Номер: US9602342B2
Автор: Alain D. Durand, John J. Brzozowski, Paul Eugene Schauer, Srinivas Avirneni
Принадлежит: COMCAST CABLE COMMUNICATIONS LLC

A system and method for provisioning network elements, such as but not limited to the type of network elements used in cable television system to facilitate subscriber access to services. The provisioning may be accomplished without communications between multiple provisioning servers. This allows the provisioning to be conducted in a stateless manner.

Подробнее
Номер записи: 86
24-11-2015 дата публикации

Adaptive accelerated application startup

Номер: US9197486B2
Автор: James Roskind
Принадлежит: Google LLC

Embodiments of the present invention include methods and systems for accelerated application startup. A method for accelerating startup of an application is provided. The method includes persistently storing a number of uniform resource locator (URL) hostnames based on one or more hostname requests made by one or more users during use of the application. The method further includes, upon startup of the application, making a DNS lookup call for at least one of the stored hostnames prior to a hostname request initiated by the application, wherein a resolution result for at least one of the stored hostnames is cached in the operating system DNS cache in preparation for the hostname request. A system for accelerating startup of an application is provided. The system includes a hostname storage device, a DNS pre-fetcher and a startup DNS pre-cacher.

Подробнее
Номер записи: 87
21-07-2015 дата публикации

Network device, network device control method, and storage medium

Номер: US9088464B2
Автор: Kaori Shizuno
Принадлежит: Canon Inc

A network device is available to communicate with an external server managing a combination of an address of a device and identification information identifying the device. The network device selects an address to be registered on the external server from multiple addresses corresponding to the network device and registers the selected address on the external server along with identification information identifying the network device.

Подробнее
Номер записи: 88
13-09-2016 дата публикации

Session initiation protocol (SIP) router

Номер: US9444854B2
Автор: Robert Piscopo
Принадлежит: T Mobile USA Inc

Systems and methods for a Session Initiation Protocol (SIP) router are described. In one aspect, the SIP router receives a SIP INVITE for an incoming call to a target mobile subscriber. Responsive to receiving the SIP INVITE, the SIP router identifies, via a Send Routing Information for Short Message (SRI/SM) request to a Home Location Register, a first address of a serving switch in a circuit-switched mobile network; a mobile telephony device associated with the target mobile subscriber is currently location-updated on the serving switch. The SIP router maps the first address to a second address for the serving switch; the second address being a SIP address. Using the SIP address, the SIP router sends the received SIP INVITE to a SIP interface of the serving switch. The serving switch being configured to process the received SIP INVITE and the incoming call to the target mobile subscriber.

Подробнее
Номер записи: 89
09-02-2016 дата публикации

Methods and apparatus to dynamically select a peered voice over internet protocol (VoIP) border element

Номер: US9258268B2
Автор: Bernard Ku, James Jackson, Mehrad Yasrebi
Принадлежит: AT&T INTELLECTUAL PROPERTY I LP

Methods and apparatus to select a dynamically peered voice over Internet protocol (VoIP) border element are disclosed. An example method comprises collecting data representative of a dynamic performance of a voice over Internet protocol network, prioritizing a selection of a peered border element based on the collected data, and modifying a telephone number mapping (ENUM) database based on the prioritized selection.

Подробнее
Номер записи: 90
14-07-2020 дата публикации

Automated website generation via integrated domain registration, hosting provisioning, and website building

Номер: US10715488B2
Автор: Justin Jilg, Nathan Curran
Принадлежит: Go Daddy Operating Co LLC

Methods of the present inventions allow for generating and providing an enhanced domain name. An exemplary method may comprise providing an enhanced domain to a second party. The enhanced domain may comprise a domain name, a web space automatically enabled and associated with the domain name, and at least one application automatically enabled and associated with the domain name.

Подробнее
Номер записи: 91
03-01-2017 дата публикации

Transparent provisioning of network access to an application

Номер: US9537824B2
Автор: Matthew Donald Drown, Peder J. Jungck, Sean M. Goller
Принадлежит: Cloudshield Technologies Inc

An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. A packet interceptor/processor apparatus is coupled with the network so as to be able to intercept and process packets flowing over the network. Further, the apparatus provides external connectivity to other devices that wish to intercept packets as well. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. The apparatus is capable of analyzing any portion of the packet including the header and payload. Actions include releasing the packet unmodified, deleting the packet, modifying the packet, logging/storing information about the packet or forwarding the packet to an external device for subsequent processing. Further, the rules may be dynamically modified by the external devices.

Подробнее
Номер записи: 92
15-12-2015 дата публикации

Terminal device and method for exchanging VoIP signaling

Номер: US9215257B2
Автор: Shin-Hsin Hsu, Yao-Wen Chang
Принадлежит: Hon Hai Precision Industry Co Ltd

A terminal device capable of creating a group for allowing other terminal devices to join the group is provided. When a terminal device not belonging to the group calls a terminal device in the group, any of the terminal devices in the group can answer the call in response a user input. A method for exchanging voice over Internet protocol (VoIP) signaling between the terminal devices within the group is also provided.

Подробнее
Номер записи: 93
04-11-2014 дата публикации

Method and arrangements in a mobile telecommunications system

Номер: US8879486B2
Автор: Jari Vikberg, Johan Rune, Tomas Nylander
Принадлежит: Telefonaktiebolaget LM Ericsson AB

The present invention relates to methods and arrangements for introducing an automatic one-time configuration of the DNS server(s) when a base station gateway, such as an HeNB GW, is deployed, such that the FQDN-to-HeNB GW IP address translation data is proactively configured. This is performed to identify the base station gateway address to which subsequently deployed base stations will be connected. That is, the FQDN-to-HeNB GW IP address translation data for the HeNB IDs of all the HeNBs that may potentially connect to the HeNB GW is proactively configured in the DNS server(s), thereby avoiding frequent and constantly ongoing DNS configuration during normal network operation. This configuration of the DNS allows the eNB to obtain the destination address for an X2 connection without knowing about an eventual HeNB GW, nor the addressing details, such as size/length (or fixed number of bits) of the HeNB GW ID.

Подробнее
Номер записи: 94
10-10-2017 дата публикации

Method, access control node and domain name server in a wireless communication system

Номер: US9788294B2
Автор: Gyorgy Miklos, Johan Rune
Принадлежит: Telefonaktiebolaget LM Ericsson AB

A method in a access control node for selecting of a local gateway co-located with or near a home node is provided. The access control node receives ( 201 ) a connectivity request from a user equipment. The user equipment requests a local or remote connection to the home node. The access control node obtains ( 202 ) an access point name of the home node. The access control node selects the local gateway co-located with or near the home node by the action of sending ( 203 ) a domain name system query to a home node gateway associated with the home node, by addressing a domain name system server. The query comprises a request for an IP address of the local gateway that is associated with the obtained access point name. The access control node selects the local gateway co-located with or near the home node by the further action of receiving ( 204 ) a response from the domain name system server. The response comprising the requested IP address of the local gateway.

Подробнее
Номер записи: 95
26-11-2019 дата публикации

Online portal for improving cybersecurity risk scores

Номер: US10491619B2
Автор: Aleksandr Yampolskiy, Alexander Heid, Rob Blackin, Samuel Kassoumeh
Принадлежит: SecurityScorecard Inc

Determining an entity's cybersecurity risk and benchmarking that risk includes non-intrusively collecting one or more types of data associated with an entity. Embodiments further include calculating a security score for at least one of the one or more types of data based, at least in part, on processing of security information extracted from the at least one type of data, wherein the security information is indicative of a level of cybersecurity. Some embodiments also comprise assigning a weight to the calculated security score based on a correlation between the extracted security information and an overall security risk determined from analysis of one or more previously-breached entities in the same industry as the entity. Additional embodiments include calculating an overall cybersecurity risk score for the entity based, at least in part, on the calculated security score and the weight assigned to the calculated security score.

Подробнее
Номер записи: 96
03-12-2019 дата публикации

Calculating and benchmarking an entity's cybersecurity risk score

Номер: US10498756B2
Автор: Aleksandr Yampolskiy, Alexander Heid, Rob Blackin, Samuel Kassoumeh
Принадлежит: SecurityScorecard Inc

Determining an entity's cybersecurity risk and benchmarking that risk includes non-intrusively collecting one or more types of data associated with an entity. Embodiments further include calculating a security score for at least one of the one or more types of data based, at least in part, on processing of security information extracted from the at least one type of data, wherein the security information is indicative of a level of cybersecurity. Some embodiments also comprise assigning a weight to the calculated security score based on a correlation between the extracted security information and an overall cybersecurity risk determined from analysis of one or more previously-breached entities in the same industry as the entity. Additional embodiments include calculating an overall cybersecurity risk score for the entity based, at least in part, on the calculated security score and the weight assigned to the calculated security score.

Подробнее
Номер записи: 97
23-05-2017 дата публикации

Per-request control of DNS behavior

Номер: US9661108B2
Автор: Noah Treuhaft
Принадлежит: Cisco Technology Inc

In various embodiments, a user or subscriber of a domain name system (DNS) service that provides various DNS resolution options or features, such as misspelling redirection, parental filters, domain blocking, or phishing protection through the DNS process, can influence how requests for domain name (DNS) information are handled on a per-request basis. The user or subscriber may configure the DNS client software of their personal computer or configure their broadband router to provide control information to a DNS server with DNS resolution options that enables the DNS server to resolve DNS queries with the DNS resolution options on a per-request basis. As a result, the user can mitigate exposure to pop-ups, pop-unders, banner ads, fraudulent offers, malware, viruses, or the like, from websites using the domain name system.

Подробнее
Номер записи: 98
14-07-2015 дата публикации

System and method for providing plurality of prioritized email domain names

Номер: US9083669B2
Автор: Darren Gardner, David Jaray Hanson, Rupak Sanjel
Принадлежит: BlackBerry Ltd

The system and method are for provisioning an electronic mail (email) account for allowing access to an electronic mailbox to retrieve email. A mobile office platform includes a configuration module and a communications module which are operative for accessing an electronic mailbox. The communications module is to receive email address parameters of the user and transmit a domain name system (DNS) query to the Internet for returning mail exchange (MX) records, including email domain names, corresponding to the email address parameters of the user. The configuration module is to process returned MX records to determine candidate configuration parameters for accessing the email account of the user to retrieve user email. The configuration module is to determine candidate configuration parameters based upon expanding a plurality of prioritized email domain names of the returned MX records.

Подробнее
Номер записи: 99
26-11-2019 дата публикации

Entity IP mapping

Номер: US10491620B2
Автор: Aleksandr Yampolskiy, Nick Matviko, Rob Blackin, Samuel Kassoumeh
Принадлежит: Securityscorecare Inc

Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses.

Подробнее
Номер записи: 100