Apparatus and Method for Domain Name Resolution
Abstract
An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. Multiple edge servers and edge caches are provided at the edge of the network so as to cover and monitor all points of presence. The edge servers selectively intercept domain name translation requests generated by downstream clients, coupled to the monitored points of presence, to subscribing Web servers and provide translations which either enhance content delivery services or redirect the requesting client to the edge cache to make its content requests. Further, network traffic monitoring is provided in order to detect malicious or otherwise unauthorized data transmissions.
Claims
exact text as granted — not AI-modifiedWe claim:
1 . An apparatus for facilitating communications between a client and a server over a network, said apparatus comprising:
a processor coupled with said network, said network operative to transmit a plurality of translation requests including a translation request generated by said client, said translation request comprising an address identifying said server, said translation request being directed, by said client, to an address translator separate from said processor, said address translator being coupled with said network; said processor being operative to selectively intercept said translation request from among said plurality of translation requests prior to receipt by said address translator, said selective interception being determined based on a criteria other than only that said translation request is one of said plurality of translation requests; wherein said address translator is operative to translate said address into a translated address when said translation request is not selectively intercepted, and return said translated address to said client via said network thereby facilitating said communications between said client and said server; and said processor being operative to analyze said selectively intercepted translation request and delete said selectively intercepted translation request based on said analysis.
2 . The apparatus of claim 1 , wherein said processor is operative to detect a security attack based on said intercepted translation request and absorb said detected security attack.
3 . The apparatus of claim 1 , wherein said analysis comprises determining that said intercepted translation request is one of a plurality of translation requests directed to said server, and determining whether a capacity of said address translator is exceeded by a quantity of translation requests of said plurality of translation requests.
4 . The apparatus of claim 1 , wherein said processor is operative to analyze said selectively intercepted translation request to determine whether said translation request is malicious, and delete said selectively intercepted translation request when said translation request is malicious.
5 . The apparatus of claim 4 , wherein said processor is further operative to determine an origin of said selectively intercepted translation request, said determination of whether said selectively intercepted translation request is malicious being based on said determined origin of said selectively intercepted translation request.
6 . The apparatus of claim 4 , wherein said analysis comprises a comparison of said selectively intercepted translation request to previously identified malicious data, and wherein said processor is further operative to receive said previously identified malicious data from said server, a separate server, or a combination thereof.
7 . The apparatus of claim 6 , wherein said previously identified malicious data comprises unauthorized data or forged data.
8 . The apparatus of claim 1 , wherein said translated address is a first translated address, and
wherein said processor is further operative to modify said address of said translation request to a modified address when selectively intercepted, wherein said processor is further operative to forward said selectively intercepted translation request having said modified address to said address translator, wherein said address translator, upon receipt of said translation request having said modified address, being operative to translate said modified address into a second translated address and to return said second translated address to said client via said network, wherein said first translated address returnable to said client by said address translator is different from said second translated address returnable to said client by said address translator.
9 . The apparatus of claim 1 , wherein said network comprises the Internet.
10 . The apparatus of claim 1 , wherein said client comprises a computer.
11 . The apparatus of claim 1 , wherein said client comprises a private network.
12 . The apparatus of claim 11 , wherein said private network further comprises a private address translator operative to generate said translation request.
13 . The apparatus of claim 1 , wherein said processor is coupled with a network router.
14 . The apparatus of claim 1 , further comprising a traffic monitor coupled with said network, wherein said network is further operative to transmit data between said client and said server, said traffic monitor operative to monitor said transmitted data.
15 . The apparatus of claim 14 , wherein said traffic monitor is further operative to detect malicious program code within said transmitted data.
16 . The apparatus of claim 14 , wherein said traffic monitor is further operative to detect unauthorized data within said transmitted data.
17 . The apparatus of claim 16 , wherein said traffic monitor is further operative to detect forged communications within said transmitted data.
18 . A method of facilitating communications over a network, said network comprising a server and at least one sub-network coupled with said server, said at least one sub-network coupled with an address translator and a client, said method comprising:
monitoring said at least one sub-network for a translation request of a plurality of translation requests, said translation request being generated by said client and directed by said client to said address translator, said translation request comprising an address intended to be translated into a translated address by said address translator; intercepting, selectively by a device separate from said address translator, said translation request from among said plurality of translation requests prior to receipt by said address translator and prior to translation of said address thereby, said selective interception being based on a criteria other than only that said translation request is one of said plurality of translation requests; and detecting a security attack based on said intercepted translation request and absorbing said detected security attack.
19 . The method of claim 18 , wherein said detecting comprises determining that said intercepted translation request is one of a plurality of translation requests directed to said server, and determining whether a capacity of said address translator is exceeded by a quantity of translation requests of said plurality of translation requests.
20 . The method of claim 18 , wherein said detecting comprises analyzing said selectively intercepted translation request to determine whether said translation request is malicious, and
wherein said absorbing comprises deleting said selectively intercepted translation request when said selectively intercepted translation request is determined to be malicious.
21 . The method of claim 18 , wherein said absorbing comprises responding to said intercepted translation request or deleting said intercepted translation request.
22 . The method of claim 20 , further comprising determining an origin of said selectively intercepted translation request, said determination of whether said selectively intercepted translation request is malicious being based on said determined origin of said selectively intercepted translation request.
23 . The method of claim 20 , wherein said analyzing comprises comparing said selectively intercepted translation request to previously identified malicious data, and wherein the method further comprises receiving said previously identified malicious data from said server, a separate server, or a combination thereof.
24 . The method of claim 23 , wherein said previously identified malicious data comprises unauthorized data or forged data.
25 . The method of claim 18 , wherein said translated address is a first translated address, and
wherein the method further comprises modifying said address of said selectively intercepted translation request to a modified address and forwarding said translation request having said modified address to said address translator, said modified address intended to be translated by said address translator into a second translated address different from said first translated address, wherein said second translated address is generated when said translation request is selectively intercepted and said first translated address is generated when said translation request is not selectively intercepted.
26 . The method of claim 25 , wherein said address is a domain name, said first translated address is a first internet protocol address and said second translated address is a second internet protocol address different from said first internet protocol address.
27 . The method of claim 25 , wherein said second translated address is associated with a cache affiliated with said server.
28 . The method of claim 25 , wherein said modifying further comprises determining said second translated address to be an address associated with a proximately optimal cache affiliated with said server relative to said client.
29 . The method of claim 28 , wherein said cache is geographically optimal.
30 . The method of claim 28 , wherein said cache is proximately optimal based on a topology of said network.
31 . An apparatus for facilitating communications between a client and a server over a network, said apparatus comprising:
a processor coupled with said network, said network operative to transmit a plurality of translation requests including a translation request generated by said client, said translation request comprising an address identifying said server, said translation request being directed, by said client, to an address translator separate from said processor, said address translator being coupled with said network; said processor being operative to selectively intercept said translation request from among said plurality of translation requests prior to receipt by said address translator, said selective interception being determined based on a criteria other than only that said translation request is one of said plurality of translation requests; wherein said address translator is operative to translate said address into a translated address when said translation request is not selectively intercepted, and return said translated address to said client via said network thereby facilitating said communications between said client and said server; and said processor being operative to analyze said selectively intercepted translation request and absorb said selectively intercepted translation request based on said analysis, said analysis comprising a determination that said intercepted translation request is one of a plurality of translation requests directed to said server, and a determination of whether a capacity of said address translator is exceeded by a quantity of translation requests of said plurality of translation requests.Join the waitlist — get patent alerts
Track US2013179969A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.