Unlock instant, AI-driven research and patent intelligence for your innovation.

A method of extracting tls data blocks in encrypted network traffic

A technology for encrypting data and network traffic, which is applied in the field of network security, can solve the problems of poor applicability of the model, and achieve the effect of improving applicability

Active Publication Date: 2021-12-14
SOUTHEAST UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The same application has different message characteristics in different transmission environments, so the existing model is not widely applicable

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of extracting tls data blocks in encrypted network traffic
  • A method of extracting tls data blocks in encrypted network traffic
  • A method of extracting tls data blocks in encrypted network traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] The technical solutions of the present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0059] The present invention proposes a method for extracting TLS data blocks in encrypted network traffic. The method specifically includes the following steps:

[0060] (1) Obtain the encrypted data of the target application;

[0061] (2) Filter out the TCP stream data that contains the target TLS data block from the encrypted data obtained;

[0062] (3) traverse each recorded TCP flow in turn, generate a corresponding TCP flow record file, then read the TLS message load of each flow, and write the TCP flow record file;

[0063] (4) Reassemble and record TLS data blocks from each TCP flow record file.

[0064] In one embodiment of the method of the present invention, in step (1), the method for obtaining the encrypted data of the target application is as follows:

[0065] (1.1) Select the corresponding network access meth...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for extracting TLS data blocks in encrypted network traffic. The network transmission data needs to increase the information of the network transmission protocol. When the data is encrypted and transmitted using the TLS protocol, the encrypted network message load is mixed with the transmission protocol and encrypted data. Protocol and data information, the increased transmission protocol information is related to many factors, which brings great interference to the analysis of encrypted data. This method first collects encrypted data on the target application, and then filters out the TCP flow containing the target TLS data block from the encrypted data, and then creates a flow record file for each filtered TCP flow, and records the TLS data belonging to each TCP flow. The payload of the packet is recorded, and finally the TLS data block is extracted according to the payload of the TLS packet stored in the flow record file. The invention has universality, and can extract the TLS encrypted data block generated by the terminal from the encrypted transmission flow of the network application.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a method for extracting TLS data blocks in encrypted network traffic. Background technique [0002] In order to protect user data privacy and data transmission security, data encryption before transmission has been widely adopted. According to a Cisco survey, the proportion of encrypted traffic in Internet traffic increased from 38% to 50% from 2016 to 2017, and the proportion of encrypted Internet traffic will exceed 80% in 2019. However, while data encryption technology brings security to data, it is also easy to be used maliciously. A large number of malicious attacks also use encryption technology to disguise the attack traffic in order to increase the probability of success, so data encryption also brings great challenges to identifying malicious attacks. [0003] At present, Transport Layer Security (TLS) is the most important protocol for providing encryption fo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/166H04L63/1408
Inventor 吴桦于振华程光
Owner SOUTHEAST UNIV