Supercharge Your Innovation With Domain-Expert AI Agents!

A kind of private encrypted data identification method and system

A technology of encrypted data and identification method, applied in the field of private encrypted data identification, can solve the problem of low accuracy and efficiency of encrypted data, and achieve the effect of dynamic analysis and rapid identification

Active Publication Date: 2022-07-15
永信至诚科技集团股份有限公司 +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] To this end, the present invention provides a private encrypted data identification method and system, which is suitable for the capture, filtering, and identification of network encrypted data. On the basis of the original information entropy idea, a binary discrete method is proposed to solve the problem of traditional port-based identification and feature code identification. The problem of low accuracy and efficiency of encrypted data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of private encrypted data identification method and system
  • A kind of private encrypted data identification method and system
  • A kind of private encrypted data identification method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0061] In this embodiment 1, during the loading process of the data to be identified, data collection is performed through a Gigabit (or 10 Gigabit network port) and a high-speed drive module of a network card.

[0062] According to the collected data, analyze according to the four-layer protocol of TCP / IP (Ethernet layer, network layer, transport layer, application layer) to obtain standard protocol fields, and use the standard protocol fields as the comparison object as the basis for the private protocol identification logic judgment . The specific analysis process and content of different layer protocols are as follows:

[0063] 1) Ethernet layer protocol analysis:

[0064] Analyze VLAN protocol, PPPOE protocol, MPLS protocol, parse user-defined Ethernet protocol or add additional private protocol data to Ethernet; parse to get mac address, vlan id, network layer protocol id and other fields.

[0065] 2) Network layer protocol analysis:

[0066] Analyze IPV4, IPV6, ARP, ...

Embodiment 2

[0090] see image 3 , Embodiment 2 of the present invention also provides a private encrypted data identification system, including:

[0091] A data access unit 1, configured to obtain the parsed data to be identified, and preset a blacklist IP list and a whitelist IP list;

[0092] The first destination IP judgment unit 2 is used to judge whether the destination IP in the data to be identified exists in the blacklist IP list:

[0093] If the destination IP exists in the blacklist IP list, the to-be-identified data is regarded as non-classified private encrypted data;

[0094] If the destination IP does not exist in the blacklist IP list, then determine whether the destination IP exists in the whitelist IP list;

[0095] The second destination IP judgment unit 3 is used to judge whether the destination IP in the data to be identified exists in the whitelist IP list:

[0096] If the destination IP exists in the whitelist IP list, take the data to be identified as a class of ...

Embodiment 3

[0111] Embodiment 3 of the present invention provides a non-transitory computer-readable storage medium, where a program code of a private encrypted data identification method is stored in the computer-readable storage medium, and the program code includes a program code for executing Embodiment 1 or any one thereof Instructions for possible implementations of private encrypted data identification methods.

[0112] A computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device such as a server, a data center, or the like that includes an integration of one or more available media. The usable media may be magnetic media (eg, floppy disks, hard disks, magnetic tapes), optical media (eg, DVD), or semiconductor media (eg, Solid State Disk (SSD)), and the like.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A private encrypted data identification method and system, by acquiring the parsed data to be identified, to determine whether a destination IP in the to-be-identified data exists in a blacklist IP list: if the destination IP exists in the blacklist IP list, the to-be-identified IP list is determined. The data is regarded as non-classified private encrypted data; if the destination IP does not exist in the blacklist IP list, judge whether the destination IP exists in the whitelist IP list; judge whether the destination IP in the data to be identified exists in the whitelist IP list : If the destination IP exists in the whitelist IP list, the data to be identified is treated as a type of private encrypted data and reported to the engine; if the destination IP does not exist in the whitelist IP list, the TCP load of the data to be identified is calculated by binary discrete method , to judge the discrete degree of TCP load. The invention can identify private encrypted data efficiently and quickly, and realize dynamic analysis of specific private encrypted data.

Description

technical field [0001] The invention relates to a private encrypted data identification method and system, belonging to the technical field of encrypted data processing. Background technique [0002] At present, the identification of private encrypted data mainly includes the following schemes: [0003] First, use the signature to identify encrypted data. Mainly by judging whether the byte offset of the TCP payload is a specific value, if it is equal to a certain value, the data is considered encrypted data, if not, the data is considered not encrypted data. [0004] Second, use the port to identify encrypted data. The client communicates with the server, passing encrypted information. Before establishing a communication connection, the server needs to listen on a certain port and wait for the connection from the client. In this way, encrypted data can be identified using the port signature. Typically, these ports are not the usual service ports (0-1024). [0005] Thir...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/101H04L63/0236H04L63/0428
Inventor 蔡晶晶陈俊张雪峰康传鹏于秋梅
Owner 永信至诚科技集团股份有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com