Safety audit method and PC (Personal Computer) terminal

A security audit and terminal technology, applied in the field of network security, can solve problems such as inability to audit and monitor

Active Publication Date: 2017-02-22
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the application program on the mobile terminal needs to support the proxy service, if an application program on the mobile terminal does not support the proxy service, auditing and monitoring cannot be performed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety audit method and PC (Personal Computer) terminal
  • Safety audit method and PC (Personal Computer) terminal
  • Safety audit method and PC (Personal Computer) terminal

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0030] In the first embodiment of the present invention, a method for security auditing, such as figure 1 shown, including the following specific steps:

[0031] Step S101: Redirect the request message sent by the application program in the PC terminal to the SOCKET proxy in the PC terminal through the network redirector in the PC terminal.

[0032] Specifically, step S101 includes:

[0033] Intercepting the request message sent by the application program through the network redirector, modifying the original destination address in the request message to the interface address of the SOCKET proxy and sending it to the SOCKET proxy. The original destination address of the request message is modified to prevent the request message from being sent to the target server.

[0034] Step S102: Perform a security audit on the request message through the SOCKET proxy, and send the request message to a target server if the request message satisfies a preset security audit requirement. ...

no. 2 example

[0043] In the second embodiment of the present invention, a method for security auditing includes the following specific steps:

[0044] Step S201: the application program in the PC terminal sends a request message to the target server, and the original destination address of the request message is the interface address of the target server.

[0045] Step S202: The TDI (Transport Driver Interface, transmission driver interface) driver component intercepts the request message, and modifies the original destination address in the request message to the interface address of the SOCKET agent, thereby preventing the request message from being sent to the target server. The TDI driver component is equivalent to the network redirector in the first embodiment of the present invention, and is used to redirect application-level request messages to the SOCKET proxy.

[0046] Step S203: The TDI driver component sends the modified request message to the SOCKET agent.

[0047] Specificall...

no. 3 example

[0060] In the third embodiment of the present invention, a PC device, such as Figure 4 shown, including the following components:

[0061] 1) The network redirector 401 is used to redirect the request message sent by the application program in the PC terminal to the SOCKET proxy.

[0062] Specifically, the network redirector 401 is used for:

[0063] Intercepting the request message sent by the application program, modifying the original destination address in the request message to the interface address of the SOCKET agent and sending it to the SOCKET agent. The network redirector 401 prevents the request message from being sent to the target server by modifying the original destination address in the request message.

[0064] 2) SOCKET proxy 402, configured to perform security audit on the request message, and send the request message to the target server if the request message meets the preset security audit requirements.

[0065] Specifically, the SOCKET proxy 402 is u...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a safety audit method and a PC (Personal Computer) terminal. The method comprises the following steps: redirecting a request message sent by an application in the PC terminal to a SOCKET proxy in the PC terminal through a network redirector in the PC terminal; and performing safety audit on the request message through the SOCKET proxy, and if the request message meets a preset safety audit requirement, sending the request message to a target server. The network redirector can automatically redirect the request message of the application to the SOCKET proxy without a need of adding any component into the application, so that conflicts with safety software in the application are avoided, and normal work of the application is ensured. The SOCKET proxy can receive a complete request message of the application, so that the whole request message is audited and monitored.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a security audit method and a PC terminal. Background technique [0002] At present, methods for auditing and monitoring network communication content on mobile terminals mainly include HOOK technology and local general agent technology. HOOK is a system mechanism provided in Windows to replace the "interrupt" under DOS. It is translated into "hook" or "hook" in Chinese. The SOCKET API interface acquires the application protocol of any application program on the mobile terminal, and uses HOOK technology to audit and monitor the application protocol. However, if the message of the application protocol is relatively large, the SOCKETAPI interface only needs to obtain a part of the message of the application protocol, so it is difficult to use the HOOK technology to audit and monitor the full text of the message of the application protocol. Moreover, the security software...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/306H04L69/162H04L67/563
Inventor 李朝中
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap