CN103780410B - A kind of content obtaining system and method for encrypting application - Google Patents
A kind of content obtaining system and method for encrypting application Download PDFInfo
- Publication number
- CN103780410B CN103780410B CN201210401185.8A CN201210401185A CN103780410B CN 103780410 B CN103780410 B CN 103780410B CN 201210401185 A CN201210401185 A CN 201210401185A CN 103780410 B CN103780410 B CN 103780410B
- Authority
- CN
- China
- Prior art keywords
- client
- content
- auditing device
- connection request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to encrypt the content obtaining system and method for application, wherein the content obtaining system for encrypting application includes:Content auditing device, the client being connected with content auditing device, the server being connected with client;User end to server sends connection request;Content auditing device includes the trapping module and the judge module of trapping module connection and the monitoring module of judging unit connection and die-filling piece of the deception package of judging unit connection that link block and link block are connected.By the content obtaining system and method using encryption application of the invention, content auditing device is monitored to the transmission data between client and server, to the encryption application between client and server, parsed by secret key, and then internet content is obtained, realize the comprehensively complete internet content for getting client.
Description
Technical field
The present invention relates to network audit field, more specifically to a kind of content obtaining system for encrypting application and its
Method.
Background technology
Network audit is widely used in Public place and enterprises and institutions, mainly to the audit of network behavior, to visitor
The internet behavior at family end(Seen a film including surfing the web, chatting on line, surf the Net)Detailed record and statistics are carried out, has been easy to pipe
Behavior of the reason person to employee carries out detailed monitoring, unlawful practice can be alerted with the network traffics of monitor client
Or punishment.The internet content of each terminal user is obtained by network audit, so that the audit function traced to its source is realized,
But there are various applications, the application of plaintext, after content, but some encryptions can be directly obtained by parsing packet on network
Using, due to that cannot get encryption key, the packet for getting cannot be parsed, internet content just audit less than so that
Cause the internet content for getting each terminal user that Network Content Audit equipment cannot be comprehensively complete.
The content of the invention
The technical problem to be solved in the present invention is that the network audit for prior art cannot enter to the application after encryption
A kind of drawbacks described above of row parsing monitoring, there is provided content obtaining system and method for encryption application.
The technical solution adopted for the present invention to solve the technical problems is:A kind of content obtaining system for encrypting application of construction
System, including content auditing device, the client being connected with the content auditing device, the server being connected with the client;
The client sends connection request to the server;The content auditing device includes link block, trapping module, judgement
Module, monitoring module, die-filling piece of package of deception;Wherein:
Link block:It is connected with the client by data wire;
Trapping module:It is connected with the link block, captures what user end to server sent by the link block
Connection request packet, and the connection request packet of acquisition is sent to judge module;
Judge module:It is connected with the trapping module, whether the connection request packet for judging to receive is encryption
Using if it is, determining whether whether content auditing device has obtained the secret key of client;
Monitoring module:It is connected with the judge module, for the connection request packet for judging to receive in judge module
When being that encryption is applied and content auditing device has obtained the secret key of client, the data of monitor client and server are passed
It is defeated, obtain application content;
Deception bag module units;It is connected with the judge module, for the connection request for judging to receive in judge module
When packet is that encryption is applied and content auditing device does not obtain the secret key of client, assembling deception bag, and the deception bag is led to
Cross link block and be sent to client.
It is of the present invention encryption application content obtaining system in, the judge module include the first judging unit and
Second judging unit, first judging unit is connected with the trapping module, for the connection request data for judging to receive
Whether it is encryption application;Second judging unit is connected with first judging unit, for judging that content auditing device is
The no secret key for having obtained client.
In the content obtaining system of encryption application of the present invention, the deception bag module units is sent out according to client
The form assembling deception bag of the connection request packet for sending.
In the content obtaining system of encryption application of the present invention, the monitoring module further includes that parsing is single
Unit, the resolution unit is used to parse the transferring content between client and server.
In the content obtaining system of encryption application of the present invention, the content auditing device also includes memory,
The memory is used to store secret key.
The present invention also constructs a kind of content acquisition method for encrypting application, comprises the following steps:
S1, user end to server send connection request;
S2, the trapping module of content auditing device capture the connection request that user end to server sends by link block
Packet, and the connection request packet of acquisition is sent to judge module;
S3, the first judging unit of content auditing device judge whether the connection request packet for receiving is that encryption should
With if it is, performing step S4;If it is not, then performing step S5;
S4, the second judging unit of content auditing device judge whether content auditing device has obtained the close of client
Spoon, if it is, performing step S5;If it is not, then performing step S6;
S5, the monitoring module monitor client of content auditing device and the data transfer of server, obtain application content;
The deception bag module units assembling deception bag of S6, content auditing device, and the deception bag is sent out by link block
Give client;
After S7, client receive deception bag, connection request is initiated to server again, content auditing device obtains client
Secret key, the monitoring module of content auditing device continues the data transfer of monitor client and server, obtains application content.
In the content acquisition method of encryption application of the present invention, the deception bag module units in the step S6 is pressed
The form assembling deception bag of the connection request packet sent according to client.
In the content acquisition method of encryption application of the present invention, the monitoring module further includes that parsing is single
Unit, the resolution unit is used to parse the transferring content between client and server.
In the content acquisition method of encryption application of the present invention, in the step S4, content auditing device
Second judging unit judges whether content auditing device has obtained the secret key of client, further comprising the steps:
S41, the second judging unit of the content auditing device read secret key in memory, judge whether to store the visitor
The corresponding secret key in family end.
In the content acquisition method of encryption application of the present invention, in the step S7, further include:
After S71, content auditing device obtain secret key, by secret key storage in memory.
Implement the content obtaining system and method for encryption application of the invention, have the advantages that:Examined by content
Counter device is monitored to the transmission data between client and server, to the encryption application between client and server,
Parsed by secret key, and then obtained internet content, realized the comprehensively complete internet content for getting client.
Brief description of the drawings
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the structured flowchart of the content obtaining system of encryption application of the invention;
Fig. 2 is the flow chart of the content acquisition method of encryption application of the invention.
Specific embodiment
In order that the purpose of the present invention becomes more apparent, below in conjunction with drawings and Examples, traveling one is entered to the present invention
Step is described in detail.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to limit this hair
It is bright.
As shown in figure 1, in the structured flowchart of the content obtaining system of encryption application of the invention, including content auditing dress
100 are put, the client 200 being connected with content auditing device 100, the server 300 being connected with client 200;Client is to clothes
Business device sends connection request, and the connection request includes surfing the web, chatting on line, surfs the Net and see a film etc., and server 300 is connecing
After receiving connection request, relevant information is sent to client 200.Content auditing device 100 is used for the online of monitor client 200
The interaction data between server of content, i.e. monitor client, and then understand the internet content of client, can also monitor
Flow.
In specific implementation process, content auditing device 100 include link block 10, trapping module 20, judge module 30,
Die-filling piece 50 of monitoring module 40, deception package;Link block 10 is connected by data wire with client 200, is communicated;Capture
Module 20 is connected with link block 10, and the connection request packet that user end to server sends is captured by link block 10,
And the connection request packet of acquisition is sent to judge module;Judge module 30 is connected with trapping module 20, for judging to connect
Whether whether the connection request packet for receiving is encryption application, if it is, determining whether content auditing device 100
Obtain the secret key of client;Monitoring module 40 is connected with judge module 30, for the connection for judging to receive in judge module
Request data package is encryption application and content auditing device when having obtained the secret key of client, monitor client and server
Data transfer, obtain application content;Deception bag module units 50 is connected with judge module 30, for judging to connect in judge module
When the connection request packet for receiving is that encryption is applied and content auditing device does not obtain the secret key of client, assembling deception bag,
And the deception bag is sent to client by link block 10.The connection request that further judge module is received in judgement
When packet is that encryption is applied and content auditing device does not obtain the secret key of client, the connection of client and server is interrupted,
Then deception bag module units assembling deception bag is sent to client, and client sends connection request to server again again, interior
Hold audit device and obtain secret key, then content auditing device is entered by the interaction data between the secret key pair client and server
Row parsing.Monitoring module 40 when it is non-encrypted application that judge module judges the connection request packet that receives, also to client
Transmission data between end and server are monitored, and obtain application content.
Further, judge module 30 includes the first judging unit 31 and the second judging unit 32, the first judging unit 31
It is connected with trapping module 20, whether the connection request data for judging to receive are encryption applications;Second judging unit 32 with
First judging unit 31 is connected, for judging whether content auditing device has obtained the secret key of client.
Further, the form of the connection request packet that deception bag module units 50 sends according to client assembles deception
Bag.
Further, monitoring module 40 further includes resolution unit, and the resolution unit is used to parse client with service
Transferring content between device.
Further, content auditing device also includes memory 60, and memory is used to store secret key.Second judging unit from
Secret key is read in memory, judges whether to store the corresponding secret key of the client, if it is present parsing client by secret key
Transmission data between server.
By the content obtaining system using the encryption application, content auditing device passes through secret key pair client and server
Between transmission data parsed, the internet behavior of monitor client such as surfs the web, chats on line, surfing the Net and see a film
Etc..
As shown in Fig. 2 being the flow chart of the content acquisition method of encryption application of the invention, the content of the encryption application is obtained
The content obtaining system that method uses encryption application as shown in Figure 1 is taken, is comprised the following steps:
S1, client 200 send connection request to server 300;
S2, the trapping module 20 of content auditing device 100 capture what user end to server sent by link block 10
Connection request packet, and the connection request packet of acquisition is sent to judge module 30;
S3, first judging unit 31 of content auditing device 100 judge whether the connection request packet for receiving is to add
Close application, if it is, performing step S4;If it is not, then performing step S5;
S4, the second judging unit 32 of content auditing device 100 judge whether content auditing device has obtained client
The secret key at end, if it is, performing step S5;If it is not, then performing step S6;
S5, the monitor client of monitoring module 40 of content auditing device 100 and the data transfer of server, obtain in application
Hold;
The assembling deception bag of deception bag module units 50 of S6, content auditing device 100, and the deception bag is passed through into connection mode
Block 10 is sent to client;
After S7, client receive deception bag, connection request is initiated to server again, content auditing device obtains client
Secret key, the monitoring module of content auditing device continues the data transfer of monitor client and server, obtains application content.
Further, the lattice of the connection request packet that deception bag module units in step s 6 sends according to client
Formula assembling deception bag.
Monitoring module 40 further includes resolution unit, and the resolution unit is used to parse the biography between client and server
Defeated content.
Further, in step s 4, whether the judge module 30 of content auditing device 100 judge content auditing device
It is further comprising the steps of through obtaining the secret key of client:
S41, the judge module 30 of content auditing device read secret key in memory, judge whether to store the client pair
The secret key answered,
Further, in the step s 7, also include:
After S71, content auditing device obtain secret key, by secret key storage in memory.
Using the content acquisition method of above-mentioned encryption application, by content auditing device between client and server
Transmission data be monitored, to the encryption application between client and server, parsed by secret key, so obtain on
Net content, realizes the comprehensively complete internet content for getting client.
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the invention, it is all in essence of the invention
Any modification, equivalent and improvement made within god and principle etc., should be included within the scope of the present invention.
Claims (2)
1. a kind of content obtaining system for encrypting application, including content auditing device (100), with the content auditing device
(100) client (200) of connection, the server (300) being connected with the client (200);The client is to the clothes
Business device sends connection request;Characterized in that, the content auditing device (100) includes link block (10), trapping module
(20), judge module (30), monitoring module (40), die-filling piece of package of deception (50);Wherein:
Link block (10):It is connected with the client (200) by data wire;
Trapping module (20):It is connected with the link block (10), capturing user end to server by the link block sends out
The connection request packet for sending, and the connection request packet of acquisition is sent to judge module;
Judge module (30):It is connected with the trapping module, whether the connection request packet for judging to receive is encryption
Using if it is, determining whether whether content auditing device has obtained the secret key of client;The judge module
(30) including the first judging unit (31) and the second judging unit (32), first judging unit and the trapping module (20)
Connection, whether the connection request data for judging to receive are encryption applications;Second judging unit is sentenced with described first
Disconnected unit connection, for judging whether content auditing device has obtained the secret key of client;
Monitoring module (40):It is connected with the judge module, for the connection request packet for judging to receive in judge module
When being that encryption is applied and content auditing device has obtained the secret key of client, the data of monitor client and server are passed
It is defeated, obtain application content;The monitoring module (40) further includes resolution unit, the resolution unit be used for parse client with
Transferring content between server;
Die-filling piece of package of deception (50):It is connected with the judge module, for the connection request for judging to receive in judge module
When packet is that encryption is applied and content auditing device does not obtain the secret key of client, assembling deception bag, and the deception bag is led to
Cross link block (10) and be sent to client;The connection request data that die-filling piece of package of the deception (50) sends according to client
The form assembling deception bag of bag;
The content auditing device also includes memory, and the memory is used to store secret key.
2. it is a kind of to encrypt the content acquisition method applied, it is characterised in that to comprise the following steps:
S1, client (200) send connection request to server (300);
S2, the trapping module (20) of content auditing device (100) capture user end to server and send by link block (10)
Connection request packet, and the connection request packet of acquisition is sent to judge module (30);
S3, first judging unit (31) of content auditing device (100) judge whether the connection request packet for receiving is to add
Close application, if it is, performing step S4;If it is not, then performing step S5;
S4, second judging unit (32) of content auditing device (100) judge whether content auditing device has obtained client
The secret key at end, if it is, performing step S5;If it is not, then performing step S6;In the step S4, content auditing device
(100) the second judging unit (32) judges whether content auditing device has obtained the secret key of client, further includes
Following steps:
S41, second judging unit (32) of the content auditing device read secret key in memory, judge whether to store the visitor
The corresponding secret key in family end;
S5, monitoring module (40) monitor client of content auditing device (100) and the data transfer of server, obtain in application
Hold;The monitoring module further includes resolution unit, and the resolution unit is used to parse the transmission between client and server
Content;
Die-filling piece of deception package (50) the assembling deception bag of S6, content auditing device (100), and the deception bag is passed through into connection mode
Block (10) is sent to client;Die-filling piece of connection request packet sent according to client of deception package in the step S6
Form assembling deception bag;
After S7, client receive deception bag, connection request is initiated to server again, content auditing device obtains the close of client
Spoon, the monitoring module of content auditing device continues the data transfer of monitor client and server, obtains application content;Described
In step S7, further include:
After S71, content auditing device obtain secret key, by secret key storage in memory.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210401185.8A CN103780410B (en) | 2012-10-19 | 2012-10-19 | A kind of content obtaining system and method for encrypting application |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210401185.8A CN103780410B (en) | 2012-10-19 | 2012-10-19 | A kind of content obtaining system and method for encrypting application |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103780410A CN103780410A (en) | 2014-05-07 |
CN103780410B true CN103780410B (en) | 2017-06-06 |
Family
ID=50572281
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210401185.8A Active CN103780410B (en) | 2012-10-19 | 2012-10-19 | A kind of content obtaining system and method for encrypting application |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103780410B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106209767B (en) * | 2016-06-20 | 2020-03-17 | Tcl海外电子(惠州)有限公司 | Data transmission method and system |
CN107528820A (en) * | 2017-06-07 | 2017-12-29 | 中国银联股份有限公司 | For the encipher-decipher method of application program, device and method for auditing safely and platform |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101325519A (en) * | 2008-06-05 | 2008-12-17 | 华为技术有限公司 | Content auditing method, system based on safety protocol and content auditing equipment |
CN101588275A (en) * | 2008-12-25 | 2009-11-25 | 深圳市宇沃德信息技术有限公司 | Method for information monitoring of network application layer |
-
2012
- 2012-10-19 CN CN201210401185.8A patent/CN103780410B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101325519A (en) * | 2008-06-05 | 2008-12-17 | 华为技术有限公司 | Content auditing method, system based on safety protocol and content auditing equipment |
CN101588275A (en) * | 2008-12-25 | 2009-11-25 | 深圳市宇沃德信息技术有限公司 | Method for information monitoring of network application layer |
Non-Patent Citations (1)
Title |
---|
即时通信信息检测监控技术的研究与实现;吴琼;《中国优秀硕士学位论文全文数据库信息科技辑》;20120315;第58-62页,第45-53页,图33-35 * |
Also Published As
Publication number | Publication date |
---|---|
CN103780410A (en) | 2014-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107124281B (en) | Data security method and related system | |
CN103825887B (en) | Website programming method and system based on HTTPS encryptions | |
CN103632293B (en) | Technology for the context of monetizing anonymized | |
CN101299753B (en) | Web service security control mechanism based on proxy server | |
CN109218825B (en) | Video encryption system | |
CN107483505B (en) | Method and system for protecting user privacy in video chat | |
US8190764B2 (en) | Method and system for an intercept chain of custody protocol | |
CN109151508B (en) | Video encryption method | |
CN107070942B (en) | Data security method and related system | |
US20110320359A1 (en) | secure communication method and device based on application layer for mobile financial service | |
CN102970676B (en) | A kind of method handled initial data, Internet of things system and terminal | |
CN105959729A (en) | Method and system for carrying out statistics on online user number in live broadcast platform | |
Abdullaziz et al. | Network packet payload parity based steganography | |
CN104539636B (en) | video evidence service system | |
CN103780410B (en) | A kind of content obtaining system and method for encrypting application | |
CN106789092A (en) | Cipher key transmission methods, cipher key delivery device, server and communication equipment | |
CN108810475B (en) | Android video monitoring device based on Onvif standard and Sip protocol | |
CN106031097A (en) | Service processing method and device | |
TWI294087B (en) | Systems and methods for file transfer management | |
CN113987530A (en) | Data transmission method and system based on block chain | |
CN103634292B (en) | Method and system for communication information transmission | |
Artail et al. | A privacy-preserving framework for managing mobile ad requests and billing information | |
CN107979596B (en) | Method and system for preventing people from being refreshed in live broadcast | |
CN101217532B (en) | An anti-network attack data transmission method and system | |
CN104394005B (en) | A kind of active group's categorizing system based on background server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |