A method of collecting plaintext data of ssl/tls protocol based on mirror stream

A technology of plaintext data and collection method, applied in the field of network security communication, can solve the problems of reduced throughput rate and longer system response time, and achieves the effect of good scalability

Active Publication Date: 2020-02-04
ZHENGZHOU SEANET TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the SSL / TLS proxy server needs to obtain the data, decrypt it to obtain the plaintext data, and then encrypt the plaintext data and send it to the client, the additional encryption operation brings a burden to the system, resulting in longer system response time and lower throughput.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of collecting plaintext data of ssl/tls protocol based on mirror stream
  • A method of collecting plaintext data of ssl/tls protocol based on mirror stream
  • A method of collecting plaintext data of ssl/tls protocol based on mirror stream

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The present invention will be described in detail below in conjunction with the accompanying drawings and preferred embodiments.

[0045] Such as figure 2 Shown, a kind of SSL / TLS protocol plaintext data collection method based on image flow, described method comprises:

[0046] Step 1) receive the mirrored SSL / TLS packet, extract the records in the packet, generate several complete records, and put them into the record queue; specifically include:

[0047] Step 101) receiving the mirrored SSL / TLS packet;

[0048] Step 102) extract the first record from the data packet, check whether there is a cache record in the record buffer area, if there is no cache record, then directly calculate the length of the first record received; if there is a cache record in the record buffer area, After splicing the data packet into the cache record, calculate the length of the first record in the current cache;

[0049] The SSL / TLS protocol record encapsulation format is shown in Table...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an SSL / TLS protocol plaintext data acquisition method based on a mirror image flow, comprising the following steps: (1) receiving SSL / TLS data packets of mirror images, extracting records in the data packets, generating a plurality of complete records, and putting the records in a record queue; (2) extracting a plurality of complete messages from the records in the record queue, and putting the messages in a message queue; and (3) analyzing the messages in the message queue to get plaintext data. According to the method of the invention, the data packets are spliced into complete records according to the package format of an SSL / TLS protocol, and complete single messages are extracted and processed. There is no need for a server to synthesize multiple messages into one record or package a single message into multiple records. New messages needing analysis can be selected and added flexibly. The method is of good scalability. Plaintext data is obtained by processing image data of a switch without interfering with the original service of the system or affecting the system performance.

Description

technical field [0001] The invention belongs to the technical field of network security communication, and in particular relates to a mirror flow-based SSL / TLS protocol plaintext data collection method. Background technique [0002] The SSL protocol and its successor, the TLS protocol, are a security protocol that provides security and data integrity for network security. The SSL / TLS protocol is located between the TCP / IP protocol and the application layer protocol, and can provide security guarantees for various application layer protocols, such as FTP and TELNET protocols. Currently, the most widely used SSL / TLS protocol is to protect the security of the HTTP protocol. The SSL / TLS protocol includes two layers: the record layer protocol and the handshake protocol. The recording protocol provides basic security services for the high-level handshake protocol to ensure data integrity, including compression and decompression, encryption and decryption, calculation and verifica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0428H04L63/168
Inventor 宋磊闫露董海韬伍洪桥叶晓舟
Owner ZHENGZHOU SEANET TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap