Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.

Abstract: A method for validating SRS registry transaction data includes receiving OLTP transaction data from a first database, parsing the OLTP transaction data, and comparing the parsed OLTP transaction data to one or more of a set of profiles. Each of the one or more of the set of profiles includes metadata in XML files. The method also includes caching the parsed OLTP transaction data in a first data cache, receiving log data associated with the OLTP transaction data; and caching the log data in a second data cache. The method further includes correlating the parsed transaction data cached in the first data cache with the log data cached in the second data cache.

Abstract: Systems and methods are provided for using a hidden audio signal. In one exemplary embodiment, the method includes receiving, by a user device, media associated with at least one identifier. The identifier includes at least one identifier segment associated with at least one channel identifier. The method further includes causing the at least one identifier to be decoded, and sending a request including the at least one identifier to a resolution provider. In addition, the method include receiving information from the resolution provider, where the information is associated with the at least one identifier. Additionally, the method includes identifying, by the user device, at least one application operating on the user device that is authorized to receive the information associated with the at least one identifier, based on at least one of the content of the identifier or the channel identifier, and delivering the information to the at least one application that is identified.

Abstract: Systems and methods are disclosed for collecting network traffic logs from a plurality of network servers, such as DNS name servers, and storing extracted data from the logs in a central repository. In one implementation, a system includes a processor and a memory. The memory stores instructions that cause the processor to retrieve PCAP files from a plurality of servers and extract data from the PCAP files. The data comprises header data and digest data. The processor stores the header data and the digest data in a header/digest pair. In another aspect, the processor retrieves a sample of the PCAP files from each of the plurality of servers rather than retrieving all PCAP files.

Abstract: Methods and systems for analyzing network traffic related to domain names, including Non-Existent Domain names, comprise: storing network traffic data associated with DNS requests for NXDs; receiving an analysis request associated with a domain name; creating, based on the stored network traffic data, an NXD list comprising NXDs that received at least one DNS request during a specified time period; computing, based on the stored network traffic data, a similarity metric for each NXD listed in the NXD list; and providing an analysis report identifying potentially valuable NXDs based on the computed similarity metrics.

Abstract: Method and system for routing EPP requests over a network are provided. The EPP request can include XML namespace information and optionally XML sub-product information. A gateway can receive the request and analyze the namespace and in some instances, sub-product information to determine the service to which the request is directed. Thereupon, the gateway can route the request to the appropriate service by consulting a routing table that can have status and connectivity information for all the available services.

Abstract: Systems and methods for creating a list of trustworthy resolvers in a domain name system. A computer receives a resolver profile for a resolver sending queries to a domain name server. The resolver profile is based on any, or a combination, of a top-talker status of the resolver, a normalcy of distribution of domain names queried, a continuity of distribution of query type, and a RD bit status, and information related to query traffic based on the topology of the domain name server. Resolver profiles can be compared to a trust policy to determine whether the resolver is trustworthy. Resolvers deemed trustworthy can be added to a list of trustworthy resolvers. Embodiments can detect the occurrence of a network-based attack. Embodiments can mitigate the effect of a network-based attack by responding only to queries from resolvers on the list of trustworthy resolvers.

Abstract: A method, system, and computer-readable memory containing instructions include receiving a DNS request containing information related to user-specific information, device-specific information, and/or authentication information, analyzing the information, determining an appropriate action to take based on analyzing the status, and taking the appropriate action. Actions may include responding with an individualized network layer address or service location address, delaying sending a response message, sending a network layer address or service location address corresponding to a site containing authentication information, and sending a response with a network layer address or service location address with a web address configured to mimic the website related to the requested resource.

Abstract: Systems and methods are disclosed for integrating JAVA objects, such as handlers, into a scripting language to be used as part of a test automation environment including a test automation tool. The environment can access and execute one or more script files coded using diverse scripting languages designed to exercise and test DNS servers, registries, and/or other network entities. The test automation tool can invoke a set of generalized handlers that may comprise compiled JAVA objects configured to perform specific testing functions. The test automation tool may load a script for a test case and a scripting language, establish a controller, and interface the script to the intermediate JAVA handlers to abstract individual script files for use in a more universal fashion, avoiding incompatibilities that can arise between various script languages.

Abstract: Methods and systems are disclosed for generating and authenticating barcodes and in particular generating trusted barcodes. In one embodiment, a method, performed by a certificate authority for creating a trusted content, comprises receiving, via a receiver, a target content and verifying the target content to determine whether the target content is safe or appropriate. Further, the method comprises, based on a result of the verifying, generating and storing, in a storage medium, response data; generating, via a processor, and storing in the storage medium an identifier corresponding to the response data; generating, via the processor, resolution data, the resolution data including the identifier and an address of the certificate authority; and transmitting, via a transmitter, the resolution data as the trusted content.

Abstract: Incoming data streams are managed by receiving a data stream on at least one network interface card (NIC) and performing operations on the data stream using a first process running several first threads for each network interface card and at least one group of second multiple processes each with an optional group of second threads. The first process and the one or more groups of second multiple processes are independent and communicate via the shared memory. The first threads for each network interface card are different than the group of second threads. The system includes at least one network interface card that receives a data stream, a first processor that runs a first process that uses a plurality of first threads for each network interface card and a second processor that runs at least one group of second multiple processes each with an optional group of second threads. The first process and the one or more groups of second multiple processes are independent and communicate via the shared memory.

Abstract: A method for determining probability of a domain name registration renewal includes receiving a plurality of inputs associated with the domain name and assigning each of the plurality of inputs to at least one category from among a plurality of categories. The method also includes assigning a weighted value to each of the plurality of categories and calculating the probability of the domain name registration renewal based in part on the weighted value of each category.

Abstract: A method for passing data from a first processing thread to a second processing thread, wherein the first processing thread produces data to be processed by the second processing thread. The data from the first processing thread may be inserted into objects that in turn are inserted into a queue of objects to be processed by the second thread. The queue may be a circular array, wherein the array includes a pointer to a head and a pointer to a tail, wherein only the first processing thread modifies the tail pointer and only the second processing thread modifies the head pointer.

Abstract: Systems and methods for analyzing domain name system lookup data are disclosed. The method may include: calculating traffic scores for a network address based on a set of DNS lookup data associated with the network address, where the set of DNS lookup data includes a plurality of query records having one or more queried network addresses; calculating a first variance and a second variance for the network address based on the traffic scores for the network address; and determining a rank of the network address based on the first and second variances.

Abstract: Embodiments of the present teachings relate to systems and methods for generating pronounceable domain names. The method includes proving a list of character strings; filtering the list of character strings through a first filter based on a phonetic model to produce a first filtered list of character strings; filtering the list of character strings through a second filter based on a character order mode to produce a second filtered list of character strings; and generating, by a processor, a list of pronounceable domain names based on the first filtered list of character strings and the second filtered list of character strings.

Abstract: A method of triggering crawling of a domain includes receiving information related to a domain from a registrar and processing the information related to the domain. The method also includes storing the processed information in a registry zone file and forming a list of registry data based on the processed information. The list of registry data comprises a subset of the registry zone file. The method further includes crawling one or more of the domains in the list of registry data.

Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.

Abstract: A method of filtering a plurality of DNS queries, wherein each DNS query includes a query name and a resource record type, includes defining a filter rule including a domain name, a filter type, and a throttle percentage and forming a filter file including the filter rule. The method also includes transmitting the filter file from a server to a plurality of filter proxies, transmitting the filter file from each of the plurality of filter proxies to one or more processing engines, and receiving the plurality of DNS queries at one of the one or more processing engines. The method includes determining a match between the domain name and the query name and between the resource record type and the filter type for a subset of the plurality of DNS queries, and blocking a predetermined percentage (equal to the throttle percentage) of the subset of the plurality of DNS queries.

Abstract: A method for determining probability of a domain name registration renewal includes receiving a plurality of inputs associated with the domain name and assigning each of the plurality of inputs to at least one category from among a plurality of categories. The method also includes assigning a weighted value to each of the plurality of categories and calculating the probability of the domain name registration renewal based in part on the weighted value of each category.

Abstract: A first user (110) requests a service provider (130) to create (200,400) a record of a transaction. The service provider (130) creates (230,430) a digital receipt (300,700,900), which includes a description (310,710,720,910,1020) of the transaction understandable by humans, tamper-proof evidence (320) of the transaction, and a verification prompt (330,740,940,1030). A second user (120) who desires to verify the transaction displays (265,465) the digital receipt (300,700,900) and activates (270,470) the verification prompt (330,740,940,1030). Upon activation, the tamper-proof evidence (320) is verified without requiring further human interaction to identify the tamper-proof evidence.