Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for recording and playing back desktop operating information of user

A technology for operating information and users, applied in the field of network security, can solve problems such as inconvenient management and impact on clients

Active Publication Date: 2013-04-24
BLUEDON INFORMATION SECURITY TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a method, system and device for recording and replaying the user's desktop operation information, which is used to solve the problem that the existing technology of recording and replaying the user's desktop operation information affects the client and is inconvenient to manage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for recording and playing back desktop operating information of user
  • Method and device for recording and playing back desktop operating information of user
  • Method and device for recording and playing back desktop operating information of user

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0020] Embodiment 1, see figure 1 As shown, the system for recording and replaying the user's desktop operation information in this embodiment includes: a terminal and a terminal server communicating with each other; and an audit server between the terminal and the terminal server.

[0021] The remote desktop protocol (RDP Remote Desktop Protocol) or virtual network computing protocol (VNC Virtual network computing) is used for communication between the terminal and the audit server and between the audit server and the terminal server. Based on the RDP protocol, it allows the terminal to connect to the terminal server to obtain information about the applications running on the server. The display of the terminal and the running interface of the server carry out data exchange and transmission through the RDP protocol. Based on the VNC protocol, it allows the terminal to connect to the terminal server to obtain information about the applications running on the server. The disp...

Embodiment 2

[0023] Embodiment 2, see figure 2 As shown, the audit server in this embodiment includes: an intercepting unit, a splitting unit and a combining unit.

[0024] Wherein, the intercepting unit is configured to intercept the data packets exchanged between the terminal and the terminal server.

[0025] The splitting unit is used to analyze and split the intercepted data packets and save them; specifically, the splitting unit parses and splits the intercepted data packets, and adds a timestamp field in the header of each split data packet , and take data packets as units, in binary mode, and save them in the order of interception.

[0026] The assembly unit is used to reassemble the parsed and split data packets and send them to the opposite end.

Embodiment 3

[0027] Embodiment 3, see image 3 As shown, the audit server in this embodiment includes: a reading unit, an analyzing unit and a playback unit.

[0028] Wherein, the reading unit is used to read the stored data packet information in the order of storage.

[0029] The analysis unit is used to analyze the timestamp field in the data packet information to know the time interval between the preceding and following data packets; analyze the packet header in the data packet information to know the function and content of the data packet; take the RDP protocol data packet as an example: the packet header The meaning of transmission control characters with the following functions: beginning of sequence, beginning of text, end of text, end of sending, inquiry, confirmation, escape, denial, synchronization, and end of block. By analyzing these fields, we can know what the RDP protocol data packet needs to complete In the same way, it can analyze and obtain the content of the RDP proto...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, system and device for recording and playing back desktop operating information of user and relates to the network security field; and the method, system and device are used to solve the problem that the technology used for recording and playing back the desktop operating information of user has an influence on the client and is not convenient to manage. The recording method comprises the following steps: an audit server intercepts data packet between the terminal and the terminal server; the intercepted data packet are analyzed, decomposed and stored; and then the analyzed and decomposed data packet are recombined and transmitted to the opposite terminal. The method for playback comprises the following steps: the audit server reads the stored data packet information according to the storage sequence; time stamps in the data packet information are analyzed to obtain the time interval between the former and later data packets; the packet header in the data packet information is analyzed to obtain the function and content of the data packet information; and the content of each data packet is played back one by one according to the reading order and time interval. The above operations are all completed in the audit server so that the operations can not influence on the client and be convenient to manage.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method, system and equipment for recording and replaying user's desktop operation information. Background technique [0002] With the development of network technology, the demand for network security is gradually increasing. In order to facilitate audit and evidence collection, it is necessary to record the information of the user's operation on the operating system desktop. The solution currently provided is to install a software on the operating system of the client, and this software continuously saves the screen image at a fixed time interval. [0003] It can be seen that this technology needs to install software on the client, which affects the client and is inconvenient to manage. If the user closes the software, recording and playback will not be possible. Contents of the invention [0004] The invention provides a method, system and equipment for recording and repla...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08G06F17/40
Inventor 柯宗贵柯宗庆
Owner BLUEDON INFORMATION SECURITY TECH CO LTD