Encrypted traffic analysis method, device, electronic device, medium and program

A traffic analysis and program technology, applied in the field of information security, can solve the problems of large consumption of computing resources, easy generation of certificate alarms on terminals, etc., and achieve the effect of avoiding certificate alarms and saving computing resources

Active Publication Date: 2022-07-26
BEIJING QIANXIN TECH
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides an encrypted traffic analysis method, device, electronic equipment, medium and program, which are used to solve the technical defects in the prior art that the gateway equipment consumes large computing resources and the terminal is prone to generate certificate alarms

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted traffic analysis method, device, electronic device, medium and program
  • Encrypted traffic analysis method, device, electronic device, medium and program
  • Encrypted traffic analysis method, device, electronic device, medium and program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] In order to make the objectives, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present invention. , not all examples. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0031] The technical idea of ​​the present invention is briefly described below. The encrypted traffic sent by the network device in the enterprise network can be sent to the external network through the gateway device, and the network device can also receive the encrypted traffic sent by the external network through the gateway device. Most of the existing encrypted traffic analysis solutions create a middleman in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to an encrypted traffic analysis method, device, electronic device, medium and program. The method includes: triggering a memory acquisition function preset in the target process when the target process calls the main read function or the main write function of the secure transmission basic library; wherein the target process is used for running encrypted communication A process that is connected and pre-set with the memory acquisition function; through the memory acquisition function, the master session key is acquired from the target encrypted communication connection; wherein, the target encrypted communication connection is the encrypted communication run by the target process connect. The invention conveniently obtains the master session key corresponding to the encrypted communication connection of the target process through the memory acquisition function set in the target process running at the endpoint, which is used for encrypted data (traffic) analysis, and greatly saves the calculation of the gateway device. Resources, since there is no certificate replacement process, certificate warnings are accordingly avoided.

Description

technical field [0001] The present invention relates to the technical field of information security, and in particular, to a method, device, electronic device, medium and program for analyzing encrypted traffic. Background technique [0002] With the popularity of HTTPS, a large amount of attack traffic is also sent and received using encrypted traffic, which brings difficulties to the traffic analysis of terminals and gateway devices. [0003] Most of the existing encrypted traffic analysis solutions create a middleman in the gateway device of the enterprise network, and use the middleman to forward encrypted traffic for traffic analysis and monitoring. In this way, the encrypted traffic of each encrypted communication connection is decrypted and re-encrypted on the gateway device, which consumes a lot of computing resources, and because the certificate replacement exists for the middleman, the terminal can easily perceive the existence of the middleman process due to the c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1408
Inventor 李博
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products