Method for detecting HTTP tunnel data based on conversation and HTTP protocol standard

An HTTP protocol and standard technology, applied in the field of computer networks, can solve problems such as controlling HTTP tunnel data, users cannot browse web pages, and threats to internal network security

Inactive Publication Date: 2014-12-24
金琥
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Both HTTP protocol data and HTTP tunnel data use the same port, so the HTTP tunnel data cannot be controlled simply by closing the port, otherwise users will not be able to browse the web
Traditional port control methods have been unable to cope with HTTP tunnel penetration technology, and unauthorized access to the external network seriously threatens the security of the internal network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting HTTP tunnel data based on conversation and HTTP protocol standard
  • Method for detecting HTTP tunnel data based on conversation and HTTP protocol standard
  • Method for detecting HTTP tunnel data based on conversation and HTTP protocol standard

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The present invention will be further described in detail below in conjunction with the accompanying drawings.

[0032] System network deployment method:

[0033] see figure 1 , the system of the present invention is usually deployed at the egress gateway where the local area network is connected to the Internet, and captures the data packets of the specified port from the network. The port is generally TCP80, and other ports can be specified or added if necessary.

[0034] Maintenance of session connection table:

[0035] see figure 2 , the system captures the specified port data packet from the network, extracts information such as SrcIP, DstIP, SrcPort, and DstPort from the data packet, and compares it with the existing items in the session connection table. If the session record does not exist in the session connection table, the current session information is added to the session connection table. If the session connection record already exists, update the la...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of computer networks, and provides a method for detecting HTTP tunnel data based on a conversation and the HTTP protocol standard. A system captures a data packet of an HTTP port and establishes a conversation linked list according to the IP address and the port. When the data packet arrives at a detection system, firstly, the system examines and maintains the conversation linked list, a record is added if not record exists, and the record is deleted from the conversation linked list if the RST data packet or the FIN data packet exists; secondly, the system examines the content of the data packet and judges whether the conversation connection meets the standard HTTP protocol, such as a client-side command GET, a client-side command POST, a server-side response HTTP / 1.0 and a server-side response HTTP / 1.1, or not, if the conversation connection meets the standard HTTP protocol, the conversation is marked as HTTP protocol data, and if the conversation connection does not meet the standard HTTP protocol, the conversation is marked as HTTP tunnel data. By means of the method, the HTTP tunnel data can be recognized, differential service can be conducted on the HTTP tunnel data, or data which are not the HTTP protocol data can be prevented from penetrating through the HTTP port.

Description

technical field [0001] The invention belongs to the technical field of computer networks, and relates to a method for distinguishing standard HTTP protocol data and HTTP tunnel data. Background technique [0002] With the development of Internet technology, how to control intranet users' access to the Internet has become the focus of network management. Traditional network management uses ports to distinguish various network services, and controls external network access by opening or closing certain ports. WEB browsing, as the most basic Internet service, usually needs to be opened to users. It uses the HTTP protocol, and the default port is TCP80. In view of the fact that HTTP ports are generally open, various software have used HTTP tunneling technology to establish connections with the outside world. Both the HTTP protocol data and the HTTP tunnel data use the same port, so the HTTP tunnel data cannot be controlled simply by closing the port, otherwise the user will no...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26
Inventor 金琥
Owner 金琥
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap