Unlock instant, AI-driven research and patent intelligence for your innovation.

Encrypted traffic analysis method based on man-in-the-middle hijacking technology

A parsing method and man-in-the-middle technology, applied in the field of network information security, can solve problems such as effective supervision of encrypted traffic, and achieve the effects of protecting computer security, responding quickly, and protecting enterprise security.

Inactive Publication Date: 2021-05-04
JIANGSU BOZHI SOFTWARE TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the invention is to solve the problem of effective supervision of encrypted traffic in the prior art, and propose a method for analyzing encrypted traffic based on man-in-the-middle hijacking technology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted traffic analysis method based on man-in-the-middle hijacking technology
  • Encrypted traffic analysis method based on man-in-the-middle hijacking technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The technical solutions in the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the above-described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments.

[0019] refer to figure 1 , an encrypted traffic analysis method based on man-in-the-middle hijacking technology, the method consists of two parts, one is the proxy client program, and the other is serving the monitoring center. The client program is uniformly pushed by the domain administrator and installed silently. The working principle of the proxy client is: forging a digital certificate to deceive the browser and the real server in both directions, and the forged digital certificate must be signed by the root certificate imported by the client during installation, otherwise the browser will warn that it is not trusted.

[0020] Step 1. Silent push installation of proxy client through domai...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an encrypted traffic analysis method based on a man-in-the-middle hijacking technology, which adopts a man-in-the-middle means to carry out encrypted traffic supervision, implants a digital certificate into a system trusted root certificate list through a client, and filters concerned applications to an agent program in a PAC automatic agent script mode, and the agent program is responsible for recording and forwarding the data message. Analysis and restoration detection is performed on the recorded application message, and a result is sent to a monitoring center for display. Through a local client deployment mode, a root certificate is imported into a system when a client is installed, and in an actual hijacking process, digital certificates are generated for different websites by utilizing the imported root certificate, so that the purpose of bidirectional cheating is achieved. And meanwhile, the internal content of the encrypted traffic is accurately identified, and the safety of enterprises and countries is further protected. Meanwhile, the controlled terminal can make a response quickly once a crisis occurs.

Description

technical field [0001] The invention relates to the security of network information, in particular to the field of encrypted traffic analysis. Background technique [0002] As more and more websites use https for message communication, the detection of encrypted traffic becomes more and more important, and the existing intrusion detection systems and intrusion prevention systems have limited ability to parse encrypted traffic and cannot identify encrypted traffic. The internal information of the traffic, or the forwarding of messages by means of a serial device through a man-in-the-middle, but it is difficult to successfully deceive the client browser by forging a third-party certificate by itself. In some cases, it will even affect the normal office of the user. network. SUMMARY OF THE INVENTION [0003] The purpose of the invention is to solve the problem of effective supervision of encrypted traffic in the prior art, and propose a method for analyzing encrypted traffic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0823H04L63/1408H04L63/1466H04L63/205
Inventor 胡燕傅涛郑轶王力王路路陆陈飞
Owner JIANGSU BOZHI SOFTWARE TECH CO LTD