该网站使用 Cookie 区分您与网站的其他用户。使用 Cookie 可帮助我们为您提供特定服务、方便网站使用、了解访问者和向您宣传。继续浏览网站即代表您同意使用 Cookie。在我们的隐私声明中了解更多信息。

Verisign Labs

我们承诺为人们开展业务和相互交流提供一个安全可靠的互联网平台。

LEADING THE INTERNET WITH TECHNOLOGY DEVELOPMENT

At Verisign Labs, research is not just for the sake of exploration, but to develop technologies that will play a significant role in the evolution of the Internet. Our research spans a wide range of technical disciplines and our researchers collaborate closely with engineering, platform developers, data architects and operations experts. Verisign Labs initiatives are deeply embedded in Verisign's business areas. A selection of our ongoing research projects is listed here, along with the publications of individual Verisign Labs researchers.

Featured Project

MitM Attack by Name Collision

MitM Attack by Name Collision: Cause Analysis and WPAD Vulnerability Assessment in the New gTLD Era. Recently, Man in the Middle (MitM) attacks on web browsing have become easier than they have ever been before because of a problem called “Name Collision” and a protocol called the Web Proxy Auto-Discovery (WPAD) protocol. This name collision attack can cause all web traffic of an Internet user to be redirected to a MitM proxy automatically right after the launching of a standard browser. The underlying problem of this attack is internal namespace WPAD query leakage, which itself is a known problem for years. However, it remains understudied since it was not easily exploitable before the recent new gTLD (generic Top-Level Domains) delegation.

In this paper, researchers from Verisign Labs and the University from Michigan focus on this newly-exposed MitM attack vector and perform the first systematic study of the underlying problem causes and its vulnerability status in the wild.


Registration Data Access Protocol (RDAP)

A new protocol is being designed from the ground-up to address the deficiencies of WHOIS. That protocol is known as the Registration Data Access Protocol, or RDAP. Verisign’s Registry Services Lab has been actively involved with IETF and ICANN efforts to support RDAP standardization and adoption.

Learn more