Unlock instant, AI-driven research and patent intelligence for your innovation.

A method, device, device and readable medium for obtaining https data in a sandbox

A sandbox and data technology, applied in the field of data security, can solve problems such as troublesome, non-universal, and different implementation methods of encryption modules, and achieve the effect of strong versatility and improved security

Active Publication Date: 2020-06-26
XIAMEN ANSCEN NETWORK TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] There are two existing detection methods for detecting https in the sandbox: 1. Deploy a packet capture tool (such as Fiddler) outside the sandbox, connect the sandbox to the machine of the packet capture tool through a proxy, and the packet capture tool The tool acts as an intermediate agent to intercept communication data. This method needs to deploy external devices separately, which is troublesome
2. Obtain the data before encryption through the hook ssl function. Due to the different implementation methods of the encryption module, it cannot be used universally

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method, device, device and readable medium for obtaining https data in a sandbox
  • A method, device, device and readable medium for obtaining https data in a sandbox
  • A method, device, device and readable medium for obtaining https data in a sandbox

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045]HTTPS (full name: Hyper Text Transfer Protocol over Secure Socket Layer) is an HTTP channel aimed at security, and it is simply a secure version of HTTP. That is, the SSL layer is added under HTTP, and the security basis of HTTPS is SSL, so the detailed content of encryption requires SSL. It is a URI scheme (abstract identifier system), the syntax is similar to the http: system. For secure HTTP data transfer. The https: URL indicates that it uses HTTP, but HTTPS has a default port different from HTTP and an encryption / authentication layer (between HTTP and TCP). It is widely used for security-sensitive communications on the World Wide Web, such as payment transactions. However, it becomes more difficult to analyze the data content transmitted by the https protocol, and the present invention proposes an easy-to-operate method for extracting the data content transmitted by the https protocol.

[0046] Attached below Figure 1-7 Be specific.

[0047] figure 1 A method...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method, device, device and computer-readable medium for obtaining https data in a sandbox. The method includes: a receiving step of receiving an access request from a client through the sandbox; a processing step of judging the access request Whether it is an https request, if yes, use the VPN deployed in the sandbox to obtain the data content transmitted in the https protocol, if not, use the VPN deployed in the sandbox to directly forward the non-https request to the server or include the non-https request The content of the data is dumped, analyzed and then forwarded to the server. In the present invention, a sandbox is set between the server and the client, and a VPN based on the interface provided by VpnService is deployed in the sandbox, and the data content transmitted by the client and the server using the https protocol is obtained through the VPN, and then the data is processed. The content is analyzed to identify malicious software, which improves the security of the system, and the deployment of VPN does not require the deployment of external tools, which is highly versatile.

Description

technical field [0001] The present invention relates to the technical field of data security, in particular to a method, device, device and computer-readable medium for acquiring https data in a sandbox. Background technique [0002] With the popularization and development of the Android system, the game between malware on the Android platform and security vendors is intensifying. In the early days of Android development, malware mostly used unencrypted protocols such as http to communicate with the server. With the direct attack and defense with security vendors, in order to avoid being detected and killed, the communication protocol was changed from unencrypted to encrypted, resulting in the Android dynamic sandbox. Obtaining communication data is much more difficult than before, in order to quickly and conveniently obtain encrypted communication data and decrypt the original data. [0003] There are two existing detection methods for detecting https in the sandbox: 1. De...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/53G06F21/56
CPCH04L63/0272H04L67/02G06F21/53G06F21/566H04L67/562
Inventor 刘星魏丽珍邱建梁煜麓罗佳罗雅英
Owner XIAMEN ANSCEN NETWORK TECH CO LTD