This website uses cookies to distinguish you from other users of our website. The use of cookies helps us to provide you with a specific service, to facilitate website use, to understand our visitors and to advertise to you. By continuing to browse the site you are giving consent to our use of cookies. Learn more in our Privacy Statement.

Innovation
Verisign Labs

We are committed to making the Internet a safe and reliable place for people to do business and interact.

LEADING THE INTERNET WITH TECHNOLOGY DEVELOPMENT

At Verisign Labs, research is not just for the sake of exploration, but to develop technologies that will play a significant role in the evolution of the Internet. Our research spans a wide range of technical disciplines and our researchers collaborate closely with engineering, platform developers, data architects and operations experts. Verisign Labs initiatives are deeply embedded in Verisign's business areas. A selection of our ongoing research projects is listed here, along with the publications of individual Verisign Labs researchers.

Featured Project

MitM Attack by Name Collision

MitM Attack by Name Collision: Cause Analysis and WPAD Vulnerability Assessment in the New gTLD Era. Recently, Man in the Middle (MitM) attacks on web browsing have become easier than they have ever been before because of a problem called “Name Collision” and a protocol called the Web Proxy Auto-Discovery (WPAD) protocol. This name collision attack can cause all web traffic of an Internet user to be redirected to a MitM proxy automatically right after the launching of a standard browser. The underlying problem of this attack is internal namespace WPAD query leakage, which itself is a known problem for years. However, it remains understudied since it was not easily exploitable before the recent new gTLD (generic Top-Level Domains) delegation.

In this paper, researchers from Verisign Labs and the University from Michigan focus on this newly-exposed MitM attack vector and perform the first systematic study of the underlying problem causes and its vulnerability status in the wild.


Registration Data Access Protocol (RDAP)

A new protocol is being designed from the ground-up to address the deficiencies of WHOIS. That protocol is known as the Registration Data Access Protocol, or RDAP. Verisign’s Registry Services Lab has been actively involved with IETF and ICANN efforts to support RDAP standardization and adoption.

Learn more