| 发明名称 | Manage encrypted network traffic using DNS responses | ||
| 摘要 | Managing encrypted network traffic using Domain Name System responses includes requesting an address associated with a domain name from a resolution server, the domain name included in a predetermined set of domain names for which secure requests are to be identified; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received addresses; receiving a request to resolve the domain name; sending a response to the domain name resolution request, the response including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name. | ||
| 申请公布号 | US9525660(B2) | 申请公布日期 | 2016.12.20 |
| 申请号 | US201514848219 | 申请日期 | 2015.09.08 |
| 申请人 | iboss, Inc. | 发明人 | Martini Paul Michael;Martini Peter Anthony |
| 分类号 | H04L29/06;H04L29/12;H04L12/24;H04L29/08 | 主分类号 | H04L29/06 |
| 代理机构 | Fish & Richardson P.C. | 代理人 | Fish & Richardson P.C. |
| 主权项 | 1. A computer-implemented method executed by one or more processors, the method comprising: requesting an address associated with a domain name from a resolution server, the domain name included in a predetermined set of domain names for which encrypted requests are to be identified; receiving a response from the resolution server including two or more different corresponding addresses for the domain name; selecting a particular address from among the two or more different corresponding addresses received from the resolution server; associating the selected particular address with the domain name; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name; receiving an encrypted request for a resource, the encrypted request directed to the particular address associated with the domain name; and determining that the encrypted request is directed to the domain name based on the association between the particular address and the domain name, wherein the determination is performed without decrypting the encrypted request, wherein the domain name is a first domain name, the method further comprising: requesting an address associated with a second domain name different than the first domain name from the resolution server;receiving a second response from the resolution server including one or more addresses associated with the second domain name, wherein the one or more addresses associated with the second domain name includes the particular address; andmodifying the second response to remove the particular address. | ||
| 地址 | San Diego CA US | ||