CN103780410B - A kind of content obtaining system and method for encrypting application - Google Patents

A kind of content obtaining system and method for encrypting application Download PDF

Info

Publication number
CN103780410B
CN103780410B CN201210401185.8A CN201210401185A CN103780410B CN 103780410 B CN103780410 B CN 103780410B CN 201210401185 A CN201210401185 A CN 201210401185A CN 103780410 B CN103780410 B CN 103780410B
Authority
CN
China
Prior art keywords
client
content
auditing device
connection request
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210401185.8A
Other languages
Chinese (zh)
Other versions
CN103780410A (en
Inventor
景晓军
程海龙
刘福林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SURFILTER NETWORK TECHNOLOGY Co Ltd
Original Assignee
SURFILTER NETWORK TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SURFILTER NETWORK TECHNOLOGY Co Ltd filed Critical SURFILTER NETWORK TECHNOLOGY Co Ltd
Priority to CN201210401185.8A priority Critical patent/CN103780410B/en
Publication of CN103780410A publication Critical patent/CN103780410A/en
Application granted granted Critical
Publication of CN103780410B publication Critical patent/CN103780410B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to encrypt the content obtaining system and method for application, wherein the content obtaining system for encrypting application includes:Content auditing device, the client being connected with content auditing device, the server being connected with client;User end to server sends connection request;Content auditing device includes the trapping module and the judge module of trapping module connection and the monitoring module of judging unit connection and die-filling piece of the deception package of judging unit connection that link block and link block are connected.By the content obtaining system and method using encryption application of the invention, content auditing device is monitored to the transmission data between client and server, to the encryption application between client and server, parsed by secret key, and then internet content is obtained, realize the comprehensively complete internet content for getting client.

Description

A kind of content obtaining system and method for encrypting application
Technical field
The present invention relates to network audit field, more specifically to a kind of content obtaining system for encrypting application and its Method.
Background technology
Network audit is widely used in Public place and enterprises and institutions, mainly to the audit of network behavior, to visitor The internet behavior at family end(Seen a film including surfing the web, chatting on line, surf the Net)Detailed record and statistics are carried out, has been easy to pipe Behavior of the reason person to employee carries out detailed monitoring, unlawful practice can be alerted with the network traffics of monitor client Or punishment.The internet content of each terminal user is obtained by network audit, so that the audit function traced to its source is realized, But there are various applications, the application of plaintext, after content, but some encryptions can be directly obtained by parsing packet on network Using, due to that cannot get encryption key, the packet for getting cannot be parsed, internet content just audit less than so that Cause the internet content for getting each terminal user that Network Content Audit equipment cannot be comprehensively complete.
The content of the invention
The technical problem to be solved in the present invention is that the network audit for prior art cannot enter to the application after encryption A kind of drawbacks described above of row parsing monitoring, there is provided content obtaining system and method for encryption application.
The technical solution adopted for the present invention to solve the technical problems is:A kind of content obtaining system for encrypting application of construction System, including content auditing device, the client being connected with the content auditing device, the server being connected with the client; The client sends connection request to the server;The content auditing device includes link block, trapping module, judgement Module, monitoring module, die-filling piece of package of deception;Wherein:
Link block:It is connected with the client by data wire;
Trapping module:It is connected with the link block, captures what user end to server sent by the link block Connection request packet, and the connection request packet of acquisition is sent to judge module;
Judge module:It is connected with the trapping module, whether the connection request packet for judging to receive is encryption Using if it is, determining whether whether content auditing device has obtained the secret key of client;
Monitoring module:It is connected with the judge module, for the connection request packet for judging to receive in judge module When being that encryption is applied and content auditing device has obtained the secret key of client, the data of monitor client and server are passed It is defeated, obtain application content;
Deception bag module units;It is connected with the judge module, for the connection request for judging to receive in judge module When packet is that encryption is applied and content auditing device does not obtain the secret key of client, assembling deception bag, and the deception bag is led to Cross link block and be sent to client.
It is of the present invention encryption application content obtaining system in, the judge module include the first judging unit and Second judging unit, first judging unit is connected with the trapping module, for the connection request data for judging to receive Whether it is encryption application;Second judging unit is connected with first judging unit, for judging that content auditing device is The no secret key for having obtained client.
In the content obtaining system of encryption application of the present invention, the deception bag module units is sent out according to client The form assembling deception bag of the connection request packet for sending.
In the content obtaining system of encryption application of the present invention, the monitoring module further includes that parsing is single Unit, the resolution unit is used to parse the transferring content between client and server.
In the content obtaining system of encryption application of the present invention, the content auditing device also includes memory, The memory is used to store secret key.
The present invention also constructs a kind of content acquisition method for encrypting application, comprises the following steps:
S1, user end to server send connection request;
S2, the trapping module of content auditing device capture the connection request that user end to server sends by link block Packet, and the connection request packet of acquisition is sent to judge module;
S3, the first judging unit of content auditing device judge whether the connection request packet for receiving is that encryption should With if it is, performing step S4;If it is not, then performing step S5;
S4, the second judging unit of content auditing device judge whether content auditing device has obtained the close of client Spoon, if it is, performing step S5;If it is not, then performing step S6;
S5, the monitoring module monitor client of content auditing device and the data transfer of server, obtain application content;
The deception bag module units assembling deception bag of S6, content auditing device, and the deception bag is sent out by link block Give client;
After S7, client receive deception bag, connection request is initiated to server again, content auditing device obtains client Secret key, the monitoring module of content auditing device continues the data transfer of monitor client and server, obtains application content.
In the content acquisition method of encryption application of the present invention, the deception bag module units in the step S6 is pressed The form assembling deception bag of the connection request packet sent according to client.
In the content acquisition method of encryption application of the present invention, the monitoring module further includes that parsing is single Unit, the resolution unit is used to parse the transferring content between client and server.
In the content acquisition method of encryption application of the present invention, in the step S4, content auditing device Second judging unit judges whether content auditing device has obtained the secret key of client, further comprising the steps:
S41, the second judging unit of the content auditing device read secret key in memory, judge whether to store the visitor The corresponding secret key in family end.
In the content acquisition method of encryption application of the present invention, in the step S7, further include:
After S71, content auditing device obtain secret key, by secret key storage in memory.
Implement the content obtaining system and method for encryption application of the invention, have the advantages that:Examined by content Counter device is monitored to the transmission data between client and server, to the encryption application between client and server, Parsed by secret key, and then obtained internet content, realized the comprehensively complete internet content for getting client.
Brief description of the drawings
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the structured flowchart of the content obtaining system of encryption application of the invention;
Fig. 2 is the flow chart of the content acquisition method of encryption application of the invention.
Specific embodiment
In order that the purpose of the present invention becomes more apparent, below in conjunction with drawings and Examples, traveling one is entered to the present invention Step is described in detail.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to limit this hair It is bright.
As shown in figure 1, in the structured flowchart of the content obtaining system of encryption application of the invention, including content auditing dress 100 are put, the client 200 being connected with content auditing device 100, the server 300 being connected with client 200;Client is to clothes Business device sends connection request, and the connection request includes surfing the web, chatting on line, surfs the Net and see a film etc., and server 300 is connecing After receiving connection request, relevant information is sent to client 200.Content auditing device 100 is used for the online of monitor client 200 The interaction data between server of content, i.e. monitor client, and then understand the internet content of client, can also monitor Flow.
In specific implementation process, content auditing device 100 include link block 10, trapping module 20, judge module 30, Die-filling piece 50 of monitoring module 40, deception package;Link block 10 is connected by data wire with client 200, is communicated;Capture Module 20 is connected with link block 10, and the connection request packet that user end to server sends is captured by link block 10, And the connection request packet of acquisition is sent to judge module;Judge module 30 is connected with trapping module 20, for judging to connect Whether whether the connection request packet for receiving is encryption application, if it is, determining whether content auditing device 100 Obtain the secret key of client;Monitoring module 40 is connected with judge module 30, for the connection for judging to receive in judge module Request data package is encryption application and content auditing device when having obtained the secret key of client, monitor client and server Data transfer, obtain application content;Deception bag module units 50 is connected with judge module 30, for judging to connect in judge module When the connection request packet for receiving is that encryption is applied and content auditing device does not obtain the secret key of client, assembling deception bag, And the deception bag is sent to client by link block 10.The connection request that further judge module is received in judgement When packet is that encryption is applied and content auditing device does not obtain the secret key of client, the connection of client and server is interrupted, Then deception bag module units assembling deception bag is sent to client, and client sends connection request to server again again, interior Hold audit device and obtain secret key, then content auditing device is entered by the interaction data between the secret key pair client and server Row parsing.Monitoring module 40 when it is non-encrypted application that judge module judges the connection request packet that receives, also to client Transmission data between end and server are monitored, and obtain application content.
Further, judge module 30 includes the first judging unit 31 and the second judging unit 32, the first judging unit 31 It is connected with trapping module 20, whether the connection request data for judging to receive are encryption applications;Second judging unit 32 with First judging unit 31 is connected, for judging whether content auditing device has obtained the secret key of client.
Further, the form of the connection request packet that deception bag module units 50 sends according to client assembles deception Bag.
Further, monitoring module 40 further includes resolution unit, and the resolution unit is used to parse client with service Transferring content between device.
Further, content auditing device also includes memory 60, and memory is used to store secret key.Second judging unit from Secret key is read in memory, judges whether to store the corresponding secret key of the client, if it is present parsing client by secret key Transmission data between server.
By the content obtaining system using the encryption application, content auditing device passes through secret key pair client and server Between transmission data parsed, the internet behavior of monitor client such as surfs the web, chats on line, surfing the Net and see a film Etc..
As shown in Fig. 2 being the flow chart of the content acquisition method of encryption application of the invention, the content of the encryption application is obtained The content obtaining system that method uses encryption application as shown in Figure 1 is taken, is comprised the following steps:
S1, client 200 send connection request to server 300;
S2, the trapping module 20 of content auditing device 100 capture what user end to server sent by link block 10 Connection request packet, and the connection request packet of acquisition is sent to judge module 30;
S3, first judging unit 31 of content auditing device 100 judge whether the connection request packet for receiving is to add Close application, if it is, performing step S4;If it is not, then performing step S5;
S4, the second judging unit 32 of content auditing device 100 judge whether content auditing device has obtained client The secret key at end, if it is, performing step S5;If it is not, then performing step S6;
S5, the monitor client of monitoring module 40 of content auditing device 100 and the data transfer of server, obtain in application Hold;
The assembling deception bag of deception bag module units 50 of S6, content auditing device 100, and the deception bag is passed through into connection mode Block 10 is sent to client;
After S7, client receive deception bag, connection request is initiated to server again, content auditing device obtains client Secret key, the monitoring module of content auditing device continues the data transfer of monitor client and server, obtains application content.
Further, the lattice of the connection request packet that deception bag module units in step s 6 sends according to client Formula assembling deception bag.
Monitoring module 40 further includes resolution unit, and the resolution unit is used to parse the biography between client and server Defeated content.
Further, in step s 4, whether the judge module 30 of content auditing device 100 judge content auditing device It is further comprising the steps of through obtaining the secret key of client:
S41, the judge module 30 of content auditing device read secret key in memory, judge whether to store the client pair The secret key answered,
Further, in the step s 7, also include:
After S71, content auditing device obtain secret key, by secret key storage in memory.
Using the content acquisition method of above-mentioned encryption application, by content auditing device between client and server Transmission data be monitored, to the encryption application between client and server, parsed by secret key, so obtain on Net content, realizes the comprehensively complete internet content for getting client.
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the invention, it is all in essence of the invention Any modification, equivalent and improvement made within god and principle etc., should be included within the scope of the present invention.

Claims (2)

1. a kind of content obtaining system for encrypting application, including content auditing device (100), with the content auditing device (100) client (200) of connection, the server (300) being connected with the client (200);The client is to the clothes Business device sends connection request;Characterized in that, the content auditing device (100) includes link block (10), trapping module (20), judge module (30), monitoring module (40), die-filling piece of package of deception (50);Wherein:
Link block (10):It is connected with the client (200) by data wire;
Trapping module (20):It is connected with the link block (10), capturing user end to server by the link block sends out The connection request packet for sending, and the connection request packet of acquisition is sent to judge module;
Judge module (30):It is connected with the trapping module, whether the connection request packet for judging to receive is encryption Using if it is, determining whether whether content auditing device has obtained the secret key of client;The judge module (30) including the first judging unit (31) and the second judging unit (32), first judging unit and the trapping module (20) Connection, whether the connection request data for judging to receive are encryption applications;Second judging unit is sentenced with described first Disconnected unit connection, for judging whether content auditing device has obtained the secret key of client;
Monitoring module (40):It is connected with the judge module, for the connection request packet for judging to receive in judge module When being that encryption is applied and content auditing device has obtained the secret key of client, the data of monitor client and server are passed It is defeated, obtain application content;The monitoring module (40) further includes resolution unit, the resolution unit be used for parse client with Transferring content between server;
Die-filling piece of package of deception (50):It is connected with the judge module, for the connection request for judging to receive in judge module When packet is that encryption is applied and content auditing device does not obtain the secret key of client, assembling deception bag, and the deception bag is led to Cross link block (10) and be sent to client;The connection request data that die-filling piece of package of the deception (50) sends according to client The form assembling deception bag of bag;
The content auditing device also includes memory, and the memory is used to store secret key.
2. it is a kind of to encrypt the content acquisition method applied, it is characterised in that to comprise the following steps:
S1, client (200) send connection request to server (300);
S2, the trapping module (20) of content auditing device (100) capture user end to server and send by link block (10) Connection request packet, and the connection request packet of acquisition is sent to judge module (30);
S3, first judging unit (31) of content auditing device (100) judge whether the connection request packet for receiving is to add Close application, if it is, performing step S4;If it is not, then performing step S5;
S4, second judging unit (32) of content auditing device (100) judge whether content auditing device has obtained client The secret key at end, if it is, performing step S5;If it is not, then performing step S6;In the step S4, content auditing device (100) the second judging unit (32) judges whether content auditing device has obtained the secret key of client, further includes Following steps:
S41, second judging unit (32) of the content auditing device read secret key in memory, judge whether to store the visitor The corresponding secret key in family end;
S5, monitoring module (40) monitor client of content auditing device (100) and the data transfer of server, obtain in application Hold;The monitoring module further includes resolution unit, and the resolution unit is used to parse the transmission between client and server Content;
Die-filling piece of deception package (50) the assembling deception bag of S6, content auditing device (100), and the deception bag is passed through into connection mode Block (10) is sent to client;Die-filling piece of connection request packet sent according to client of deception package in the step S6 Form assembling deception bag;
After S7, client receive deception bag, connection request is initiated to server again, content auditing device obtains the close of client Spoon, the monitoring module of content auditing device continues the data transfer of monitor client and server, obtains application content;Described In step S7, further include:
After S71, content auditing device obtain secret key, by secret key storage in memory.
CN201210401185.8A 2012-10-19 2012-10-19 A kind of content obtaining system and method for encrypting application Active CN103780410B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210401185.8A CN103780410B (en) 2012-10-19 2012-10-19 A kind of content obtaining system and method for encrypting application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210401185.8A CN103780410B (en) 2012-10-19 2012-10-19 A kind of content obtaining system and method for encrypting application

Publications (2)

Publication Number Publication Date
CN103780410A CN103780410A (en) 2014-05-07
CN103780410B true CN103780410B (en) 2017-06-06

Family

ID=50572281

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210401185.8A Active CN103780410B (en) 2012-10-19 2012-10-19 A kind of content obtaining system and method for encrypting application

Country Status (1)

Country Link
CN (1) CN103780410B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106209767B (en) * 2016-06-20 2020-03-17 Tcl海外电子(惠州)有限公司 Data transmission method and system
CN107528820A (en) * 2017-06-07 2017-12-29 中国银联股份有限公司 For the encipher-decipher method of application program, device and method for auditing safely and platform

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101325519A (en) * 2008-06-05 2008-12-17 华为技术有限公司 Content auditing method, system based on safety protocol and content auditing equipment
CN101588275A (en) * 2008-12-25 2009-11-25 深圳市宇沃德信息技术有限公司 Method for information monitoring of network application layer

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101325519A (en) * 2008-06-05 2008-12-17 华为技术有限公司 Content auditing method, system based on safety protocol and content auditing equipment
CN101588275A (en) * 2008-12-25 2009-11-25 深圳市宇沃德信息技术有限公司 Method for information monitoring of network application layer

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
即时通信信息检测监控技术的研究与实现;吴琼;《中国优秀硕士学位论文全文数据库信息科技辑》;20120315;第58-62页,第45-53页,图33-35 *

Also Published As

Publication number Publication date
CN103780410A (en) 2014-05-07

Similar Documents

Publication Publication Date Title
CN107124281B (en) Data security method and related system
CN103825887B (en) Website programming method and system based on HTTPS encryptions
CN103632293B (en) Technology for the context of monetizing anonymized
CN101299753B (en) Web service security control mechanism based on proxy server
CN109218825B (en) Video encryption system
CN107483505B (en) Method and system for protecting user privacy in video chat
US8190764B2 (en) Method and system for an intercept chain of custody protocol
CN109151508B (en) Video encryption method
CN107070942B (en) Data security method and related system
US20110320359A1 (en) secure communication method and device based on application layer for mobile financial service
CN102970676B (en) A kind of method handled initial data, Internet of things system and terminal
CN105959729A (en) Method and system for carrying out statistics on online user number in live broadcast platform
Abdullaziz et al. Network packet payload parity based steganography
CN104539636B (en) video evidence service system
CN103780410B (en) A kind of content obtaining system and method for encrypting application
CN106789092A (en) Cipher key transmission methods, cipher key delivery device, server and communication equipment
CN108810475B (en) Android video monitoring device based on Onvif standard and Sip protocol
CN106031097A (en) Service processing method and device
TWI294087B (en) Systems and methods for file transfer management
CN113987530A (en) Data transmission method and system based on block chain
CN103634292B (en) Method and system for communication information transmission
Artail et al. A privacy-preserving framework for managing mobile ad requests and billing information
CN107979596B (en) Method and system for preventing people from being refreshed in live broadcast
CN101217532B (en) An anti-network attack data transmission method and system
CN104394005B (en) A kind of active group's categorizing system based on background server

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant