Flow rate security detection method, equipment and system

Abstract

The invention discloses an Internet protocol security (IPSec) flow rate security detection method, equipment and a system. The method comprises the following steps that: when an initiation party initiates an Internet key exchange (IKE) request of the IPsec communication to a response party through gateway equipment, and the gateway equipment intercepts and captures the IKE request, extracts the source address of the request and the corresponding target address of the response party and stores the source address of the request and the corresponding target address of the response party into a local data list; the encryption consultation is respectively carried out with the initiation party and the response party, and in addition, IPsec security channels with the initiation party and the response party are respectively built; the initiation party encrypts a data packet to be sent to the response party by a gateway equipment consultation encryption method and sends the data packet to the gateway equipment through the IPsec security channel built with the gateway equipment; after the gateway equipment receives the data packet, the deep packet detection is carried out after the data packet is decrypted by an encryption method negotiated with the initiation party; when the deep packet detection is passed, the gateway equipment encrypts the data packet by the encryption method negotiated with the response party, and the data packet is sent to the response party through the IPsec security channel built with the response party.

Description

technical field [0001] The present invention relates to network communication technology, in particular to an Internet Protocol Security (IPSec, Internet Protocol Security) flow security detection method, device and system. Background technique [0002] In the past two decades, the rapid increase in the number of Internet users and terminals, and the rapid progress of network technology have proved the great success of the Internet with a simple and open design concept. However, precisely because of the simplicity and openness of the Internet, the Internet is also facing more and more new requirements and challenges, such as poor security, difficulty in control and management, and difficulty in responding to failures and attacks in a timely manner. With the further popularization of the Internet, these problems have become more and more noticeable, and the threats that network survivability needs to deal with have also expanded from simple random failures to various abnormal...

AI Technical Summary

Problems solved by technology

[0009] Although the existing technology can identify and analyze whether the IPsec VPN message is forged and whether it is a non-standard format message, the above two schemes can only analyze the encryption method and whether it meets the standard through the format in the sequence, that is, only Support for detection of encrypted formats

However, the encrypted content stil

Images