IPSec VPN protocol depth detection method based on packet offset matching

An in-depth detection and offset technology, applied in the field of network security, can solve the problems such as literature reports and misplacement that the string matching is not useful, and the IPSecVPN in-depth detection method has not yet been found.

Active Publication Date: 2008-10-29
SHANGHAI JIAO TONG UNIV
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this method has advantages in speed and scalability, for non-standard format messages, due to the interference of non-standard headers, the protocol type of the message has become unrecognizable, and the contents of the fields inside are also

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec VPN protocol depth detection method based on packet offset matching
  • IPSec VPN protocol depth detection method based on packet offset matching
  • IPSec VPN protocol depth detection method based on packet offset matching

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The embodiments of the present invention are described in detail below in conjunction with the accompanying drawings: this embodiment is implemented on the premise of the technical solution of the present invention, and detailed implementation methods and specific operating procedures are provided, but the protection scope of the present invention is not limited to the following the described embodiment.

[0058] Such as figure 1 As shown, the IPSec VPN monitoring system is divided into two parts, the central end and the agent end, and this embodiment is specifically described in conjunction with the IPSec VPN monitoring system:

[0059] The agent end is distributed and configured on the switch mirror ports in the border network of each unit. The agent end has two network interfaces, one is used to capture packets, and the other is used to communicate with the central end. The IPSec VPN traffic will flow through the switch of the border network and be captured by the a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a depth-detecting method based on an IPSec VPN protocol which is matched with the offset of messages, being used for the field of network security. The method of the invention comprises the steps that: firstly, circular monitoring is carried out by opening the promiscuous mode of a network card on an intelligent agent or probe machines; a BPF filter is arranged to fetch IPSec VPN messages, to which depth detection is carried out. The algorithm can identify and analyze that whether the IPSec VPN messages are fabricated and whether the format of the IPSec VPN messages are standard or not. The method of the invention can not only detect a standard ISAKMP data packet, but also can correctly analyze the ISAKMP data packet which is non-standard IPSec and is added with padding data with unknown length, thereby realizing the detecting method generally used for detecting the IPSec messages. The same idea can be popularized for detecting other protocols.

Description

technical field [0001] The invention relates to a detection method in the field of network security, in particular to an IPSec VPN protocol depth detection method based on message offset matching. Background technique [0002] IPSec is an infrastructure security technology. Using IPSec can provide security features not in the original IP protocol: confidentiality, integrity, identity verification, anti-traffic analysis, etc. The IPSec VPN uses the IPSec security protocol to establish a VPN tunnel, which can establish a secure virtual channel on the public network for remote access. [0003] There are many international standards for various aspects of IPSec VPN technology. IPSec protocol has (IPSecurity-RFC 2401~2411, 2451) standards; encryption has ESP DES and 3DES (RFC 2406, 2451) standards, and authentication has X.509 digital certificate ( RSA signature), shared key, simple certificate enrollment protocol and other standards; integrity has HMAC-MD5 & HMAC-SHA-1 (RFC 24...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/56H04L1/00H04L12/46
Inventor 蒋兴浩周志洪张月国蔡伟黄鹏
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap