IPSec VPN protocol drastic detecting method based on flows

An in-depth detection and protocol technology, applied in the detection field, can solve the problems of literature reports, parsing errors, and string matching ineffectiveness that have not yet found IPSecVPN in-depth detection methods.

Active Publication Date: 2008-10-15
SHANGHAI JIAO TONG UNIV
View PDF0 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this method has advantages in speed and scalability, for non-standard format messages, due to the interference of non-standard headers, the protocol type of the message has become unrecognizable, and the contents of the fields inside are a...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec VPN protocol drastic detecting method based on flows
  • IPSec VPN protocol drastic detecting method based on flows
  • IPSec VPN protocol drastic detecting method based on flows

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The embodiments of the present invention are described in detail below in conjunction with the accompanying drawings: this embodiment is implemented on the premise of the technical solution of the present invention, and detailed implementation methods and specific operating procedures are provided, but the protection scope of the present invention is not limited to the following the described embodiment.

[0055] Such as figure 1 As shown, the IPSec VPN monitoring system is divided into two parts, the central end and the agent end, and this embodiment is specifically described in conjunction with the IPSec VPN monitoring system:

[0056] The agent end is distributed and configured on the switch mirror ports in the border network of each unit. The agent end has two network interfaces, one is used to capture packets, and the other is used to communicate with the central end. The IPSec VPN traffic will flow through the switch of the border network and be captured by the a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a deep detection method of an IPSec VPN protocol based on stream, which is applied in the network safety field. The deep detection method of the invention firstly carries out cyclic monitoring under the promiscuous mode that network card is opened in an intelligent agent or a probe machine, and a BPF filter is arranged to snatch an IPSec VPN message. The deep inspection method can store and carry out deep detection on the sequence stream of IPSec message, can identify and analyze whether the IPSec VPN message is faked and is the message of non-standard format or not, and can analyze the differences between the message of non-standard format and the message of standard format according to the context of the sequence stream of the IPSec VPN message. The deep detection method provided by the invention based on the session state of the protocol has considerable intelligence and stable performance, can analyze the message of unknown format and can be easily realized and applied in the fields such as supervision agency, firewall, IDS, etc.

Description

technical field [0001] The invention relates to a detection method in the technical field of network security, in particular to a flow-based IPSec VPN protocol depth detection method. Background technique [0002] IPSec is an infrastructure security technology. Using IPSec can provide security features not in the original IP protocol: confidentiality, integrity, identity verification, anti-traffic analysis, etc. The IPSec VPN uses the IPSec security protocol to establish a VPN tunnel, which can establish a secure virtual channel on the public network for remote access. There are many international standards for various aspects of IPSec VPN technology. IPSec protocol has (IPSecurity-RFC 2401~2411, 2451) standards; encryption has ESP DES and 3DES (RFC 2406, 2451) standards, and authentication has X.509 digital certificate ( RSA signature), shared key, simple certificate enrollment protocol and other standards; integrity has HMAC-MD5 & HMAC-SHA-1 (RFC 2403-2404) and other sta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/56H04L12/46H04L29/06
Inventor 周志洪蒋兴浩李建华訾小超张月国
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap