Encrypted traffic analysis method and device, electronic equipment, medium and program

A traffic analysis and program technology, applied in the field of information security, can solve the problems that terminals are prone to generate certificate alarms and consume large computing resources, and achieve the effect of avoiding certificate alarms and saving computing resources.

Active Publication Date: 2022-03-04
BEIJING QIANXIN TECH
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides an encrypted traffic analysis method, device, electronic equipment, medium and program, which are used to solve the technical defects in the prior art that the gateway equipment consumes large computing resources and the terminal is prone to generate certificate alarms

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted traffic analysis method and device, electronic equipment, medium and program
  • Encrypted traffic analysis method and device, electronic equipment, medium and program
  • Encrypted traffic analysis method and device, electronic equipment, medium and program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] In order to make the purpose, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the present invention. Obviously, the described embodiments are part of the embodiments of the present invention , but not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0031] The following is a brief description of the technical idea of ​​the present invention. The encrypted traffic sent by the network device in the enterprise network can be sent to the external network through the gateway device, and the network device can also receive the encrypted traffic sent by the external network through the gateway device. Most of the existing encrypted traffic anal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an encrypted traffic analysis method and device, electronic equipment, a medium and a program. The method comprises the steps that under the condition that a target process calls a main reading function or a main writing function of a secure transmission basic library, a memory obtaining function preset in the target process is triggered; wherein the target process is a process which is used for running encrypted communication connection and is provided with the memory acquisition function in advance; obtaining a main session key from a target encrypted communication connection through the memory obtaining function; wherein the target encrypted communication connection is the encrypted communication connection operated by the target process. According to the method, the main session key corresponding to the encrypted communication connection of the target process is conveniently acquired through the memory acquisition function set in the target process running at the endpoint, the main session key is used for encrypted data (flow) analysis, computing resources of gateway equipment are greatly saved, and certificate alarm is correspondingly avoided due to the absence of a certificate replacement process.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to an encrypted traffic analysis method, device, electronic equipment, medium and program. Background technique [0002] With the popularization of HTTPS, a large amount of attack traffic is also sent and received using encrypted traffic, which brings difficulties to the traffic analysis of terminals and gateway devices. [0003] Most of the existing encrypted traffic analysis solutions are to create a middleman in the gateway device of the enterprise network, and use the middleman to forward encrypted traffic for traffic analysis and monitoring. In this way, the encrypted traffic of each encrypted communication connection has a decryption and re-encryption process on the gateway device, which consumes a lot of computing resources, and because there is a certificate replacement in the middleman, the terminal is likely to perceive the existence of the middleman p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1408
Inventor 李博
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap