CN107124385B - Mirror flow-based SSL/TLS protocol plaintext data acquisition method - Google Patents

Mirror flow-based SSL/TLS protocol plaintext data acquisition method Download PDF

Info

Publication number
CN107124385B
CN107124385B CN201610101613.3A CN201610101613A CN107124385B CN 107124385 B CN107124385 B CN 107124385B CN 201610101613 A CN201610101613 A CN 201610101613A CN 107124385 B CN107124385 B CN 107124385B
Authority
CN
China
Prior art keywords
record
message
length
protocol
records
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610101613.3A
Other languages
Chinese (zh)
Other versions
CN107124385A (en
Inventor
宋磊
闫露
董海韬
伍洪桥
叶晓舟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinrand Network Technology Co ltd
Institute of Acoustics CAS
Original Assignee
Institute of Acoustics CAS
Beijing Intellix Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Acoustics CAS, Beijing Intellix Technologies Co Ltd filed Critical Institute of Acoustics CAS
Priority to CN201610101613.3A priority Critical patent/CN107124385B/en
Publication of CN107124385A publication Critical patent/CN107124385A/en
Application granted granted Critical
Publication of CN107124385B publication Critical patent/CN107124385B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

本发明提供了一种基于镜像流的SSL/TLS协议明文数据采集方法,所述方法包括:步骤1)接收镜像的SSL/TLS数据包,对数据包中的记录进行提取,生成若干个完整记录,放入记录队列;步骤2)从记录队列里的记录中提取若干个完整消息,放入消息队列;步骤3)对消息队列中的消息进行解析,获取明文数据。本发明的方法根据SSL/TLS协议的封装格式,将数据包拼接成完成记录、进一步提取完整的单个消息之后再处理,对服务器是否将多个消息合成一个记录或者将单个消息封装到多个记录之中没有要求,且可以灵活选择加入需要解析的新消息,可扩展性好;本发明的方法对交换机镜像数据进行处理获取明文数据,不干涉系统原有业务,不影响系统性能。

Figure 201610101613

The present invention provides a method for collecting plaintext data of SSL/TLS protocol based on mirror stream. The method includes: step 1) receiving mirrored SSL/TLS data packets, extracting records in the data packets, and generating several complete records , put into the record queue; step 2) extract several complete messages from the records in the record queue and put them into the message queue; step 3) parse the messages in the message queue to obtain plaintext data. According to the encapsulation format of the SSL/TLS protocol, the method of the present invention splices data packets into a completed record, further extracts a complete single message before processing, and determines whether the server combines multiple messages into one record or encapsulates a single message into multiple records. There is no requirement, and new messages that need to be parsed can be flexibly selected and added, and the expansibility is good; the method of the invention processes the mirror data of the switch to obtain plaintext data, does not interfere with the original business of the system, and does not affect the performance of the system.

Figure 201610101613

Description

一种基于镜像流的SSL/TLS协议明文数据采集方法A method for collecting plaintext data of SSL/TLS protocol based on image stream

技术领域technical field

本发明属于网络安全通信技术领域,具体涉及到一种基于镜像流的SSL/TLS协议明文数据采集方法。The invention belongs to the technical field of network security communication, and in particular relates to a method for collecting plaintext data of SSL/TLS protocol based on mirror stream.

背景技术Background technique

SSL协议及其继任者TLS协议,是为网络安全提供安全性及数据完整性的一种安全协议。SSL/TLS协议位于TCP/IP协议和应用层协议之间,可为各种应用层协议提供安全性保证,例如FTP、TELNET协议等,目前SSL/TLS协议最广泛的应用是保护HTTP协议安全。SSL/TLS协议包括两层:记录层协议和握手协议。记录协议为高层握手协议提供基本的安全服务,保证数据完整性,具体包括压缩解压缩、加解密、计算和校验MAC等。握手层协议包括握手协议、密码参数修改协议、告警协议和应用数据协议,用于通信双方认证、协商加密算法和生成秘钥等。The SSL protocol and its successor, the TLS protocol, are a security protocol that provides security and data integrity for network security. The SSL/TLS protocol is located between the TCP/IP protocol and the application layer protocol, and can provide security guarantees for various application layer protocols, such as FTP and TELNET protocols. Currently, the most widely used SSL/TLS protocol is to protect the security of the HTTP protocol. The SSL/TLS protocol consists of two layers: the record layer protocol and the handshake protocol. The record protocol provides basic security services for the high-level handshake protocol to ensure data integrity, including compression and decompression, encryption and decryption, calculation and verification of MAC, etc. The handshake layer protocol includes a handshake protocol, a password parameter modification protocol, an alarm protocol, and an application data protocol.

由SSL/TLS协议保护的高层协议在客户端与服务器之间传输的为密文数据,并没有明文出现,这为数据审计带来了困难。需采取一些技术手段,将SSL/TLS通信过程中密文数据解密为明文数据,再对相应明文数据进行解析审计。如图1所示,现有技术中,通常在客户端与服务器之间引入SSL/TLS代理服务器,代理服务器串联在客户端与服务器之间,分别与客户端、服务器建立两条SSL/TLS连接。由于SSL/TLS代理服务器需获得数据后,进行解密获得明文数据,再将明文数据加密发送至客户端,额外的加密操作为系统带来了负担,导致系统响应时间变长、吞吐率降低。The high-level protocol protected by the SSL/TLS protocol transmits ciphertext data between the client and the server, and does not appear in plaintext, which brings difficulties to data auditing. Some technical means need to be taken to decrypt the ciphertext data in the SSL/TLS communication process into plaintext data, and then parse and audit the corresponding plaintext data. As shown in Figure 1, in the prior art, an SSL/TLS proxy server is usually introduced between the client and the server, the proxy server is connected in series between the client and the server, and two SSL/TLS connections are established with the client and the server respectively. . Since the SSL/TLS proxy server needs to obtain the data, decrypt it to obtain the plaintext data, and then encrypt the plaintext data and send it to the client. The additional encryption operation brings a burden to the system, resulting in a longer system response time and a lower throughput rate.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于克服目前SSL/TLS通信过程中将密文数据解密为明文数据时存在的上述缺陷,提出了一种基于镜像流的SSL/TLS协议明文数据采集方法,通过该方法可以不通过SSL/TLS代理服务器,直接利用合法持有的服务器证书及私钥对SSL/TLS协议的密文数据进行解析,从而直接获得明文数据,减少了中间环节,提高了明文数据的获取的效率。The purpose of the present invention is to overcome the above-mentioned defects existing when decrypting ciphertext data into plaintext data in the current SSL/TLS communication process, and proposes a method for collecting plaintext data of SSL/TLS protocol based on mirror stream, through which the The SSL/TLS proxy server directly uses the legally held server certificate and private key to parse the ciphertext data of the SSL/TLS protocol, thereby directly obtaining plaintext data, reducing intermediate links and improving the efficiency of plaintext data acquisition.

为了实现上述目的,本发明提出了一种基于镜像流的SSL/TLS协议明文数据采集方法,所述方法包括:In order to achieve the above object, the present invention proposes a method for collecting plaintext data of SSL/TLS protocol based on mirror stream, the method includes:

步骤1)接收镜像的SSL/TLS数据包,对数据包中的记录进行提取,生成若干个完整记录,放入记录队列;Step 1) receive the mirrored SSL/TLS data packets, extract the records in the data packets, generate several complete records, and put them into the record queue;

步骤2)从记录队列里的记录中提取若干个完整消息,放入消息队列;Step 2) extract several complete messages from the records in the record queue and put them into the message queue;

步骤3)对消息队列中的消息进行解析,获取明文数据。Step 3) Parse the message in the message queue to obtain plaintext data.

上述技术方案中,所述步骤1)具体包括:In the above technical solution, the step 1) specifically includes:

步骤101)接收镜像的SSL/TLS数据包;Step 101) receive the mirrored SSL/TLS packet;

步骤102)从数据包中提取出第一条记录,查看记录缓存区是否有缓存记录,若不存在缓存记录,则直接计算接收的第一条记录的长度;若记录缓存区中存在缓存记录,则将数据包拼接至缓存记录后,计算出当前缓存的第一条记录的长度;Step 102) extract the first record from the data packet, check whether the record buffer area has a buffer record, if there is no buffer record, then directly calculate the length of the first record received; if there is a buffer record in the record buffer area, Then, after splicing the data packet to the cache record, calculate the length of the first record in the current cache;

步骤103)将第一条记录的长度和数据包长度进行比较,若第一条记录的长度加记录头长度等于数据包长度,转入步骤104);若第一条记录的长度加记录头长度小于数据包长度,转入步骤105);若第一条记录的长度加记录头长度大于数据包长度,转入步骤106);Step 103) compare the length of the first record with the length of the data packet, if the length of the first record adds the length of the record header and is equal to the length of the data packet, go to step 104); if the length of the first record adds the length of the record head is less than the length of the data packet, go to step 105); if the length of the first record plus the length of the record header is greater than the length of the data packet, go to step 106);

步骤104)将该记录放入记录队列;Step 104) put this record into the record queue;

步骤105)对数据包进行拆分,循环提取单条完整的记录放入记录队列,并将最后不完整的记录放入记录缓存区;Step 105) split the data packet, cyclically extract a single complete record and put it into the record queue, and put the last incomplete record into the record buffer area;

步骤106)将该记录放入记录缓存区;转入步骤101);Step 106) put this record into the record buffer area; go to step 101);

放入记录缓存区的不完整记录等待后续的数据包进行拼接,然后再生成完整记录。Incomplete records placed in the record buffer wait for subsequent packets to be spliced, and then complete records are generated.

上述技术方案中,所述步骤2)具体包括:In the above technical solution, the step 2) specifically includes:

步骤201)从记录队列里取出一个记录作为当前记录,Step 201) take out a record from the record queue as the current record,

步骤202)查看当前记录的类型,若当前记录类型为应用数据协议、改变密码规范协议或告警消息,转入步骤203);若当前记录类型为握手协议,转入步骤204);Step 202) Check the type of the current record, if the current record type is the application data protocol, the change password specification protocol or the alarm message, go to step 203); if the current record type is the handshake protocol, go to step 204);

步骤203)当前记录为单条完整的消息,放入消息队列;Step 203) is currently recorded as a single complete message, put into the message queue;

步骤204)查看消息缓存区是否有缓存消息,若不存在缓存消息,则直接计算当前记录中第一条消息的长度;若缓存中存在缓存消息,则将当前记录拼接至缓存消息后,计算出当前缓存的第一条消息的长度;Step 204) check whether there is a cached message in the message buffer area, if there is no cached message, then directly calculate the length of the first message in the current record; if there is a cached message in the cache, then splicing the current record to the cached message, calculate The length of the first message currently cached;

步骤205)将计算的第一条消息的长度和当前记录长度进行比较,若第一条消息的长度加消息头长度等于当前记录长度,转入步骤206);若第一条消息的长度加消息头长度小于当前记录长度,转入步骤207);若第一条消息的长度加消息头长度大于当前记录长度,转入步骤208);Step 205) compare the length of the first message of the calculation with the current record length, if the length of the first message plus the header length is equal to the current record length, go to step 206); if the length of the first message adds the message The header length is less than the current record length, go to step 207); If the length of the first message plus the message header length is greater than the current record length, go to step 208);

步骤206)当前记录为单条完整消息,放入消息队列;Step 206) is currently recorded as a single complete message, put into the message queue;

步骤207)当前记录内含有多条消息,则对该记录进行拆分,循环提取若干条完整的消息放入消息队列;并将最后不完整的消息放入消息缓存区;Step 207) contains multiple messages in the current record, then this record is split, and several complete messages are extracted circularly and put into the message queue; and the last incomplete message is put into the message buffer area;

步骤208)当前记录为一条不完整的消息,放入消息缓存区,转入步骤201);Step 208) is currently recorded as an incomplete message, put into the message buffer area, and goes to step 201);

放入消息缓存区的不完整消息等待后续的记录进行拼接,然后再生成完整消息。Incomplete messages put into the message buffer wait for subsequent records to be spliced, and then complete messages are generated.

上述技术方案中,所述步骤3)的具体实现过程为:In the above-mentioned technical scheme, the concrete realization process of described step 3) is:

从消息队列中取出一条消息,若消息类型为握手协议,则提取密码规范和秘钥信息;若消息类型为改变密码协议规范,则接下来的记录都会用新协商的密码规范和秘钥来保护;若消息类型为告警消息,则分析消息的严重性与告警描述;若消息类型为应用数据协议,则利用提取的密码规范和秘钥对传输数据进行解密,获取明文数据。A message is taken from the message queue. If the message type is a handshake protocol, the cipher specification and secret key information are extracted; if the message type is a change cipher protocol specification, the following records will be protected by the newly negotiated cipher specification and secret key. ; If the message type is an alarm message, analyze the severity and alarm description of the message; if the message type is an application data protocol, decrypt the transmitted data using the extracted cipher specification and secret key to obtain plaintext data.

上述技术方案中,所述握手协议包括:ClientHello、ServerHello、SeverCertificate、ServerHelloDone、ClientKeyExange、NewSessionTicket和Finished,所述提取密码规范和秘钥信息的具体步骤为:In the above-mentioned technical solution, the handshake protocol includes: ClientHello, ServerHello, SeverCertificate, ServerHelloDone, ClientKeyExange, NewSessionTicket and Finished, and the specific steps for extracting password specification and secret key information are:

步骤301)若握手协议类型为ClientHello,则记录客户端随机数、session_id和session_ticket;Step 301) if the handshake protocol type is ClientHello, then record the client random number, session_id and session_ticket;

步骤302)若握手协议类型为ServerHello,则判断是否发生会话重用,若发生会话重用,则从缓存会话信息中提取主秘钥和加密算法规范,并生成密码参数;若没有发生会话重用,则记录协议版本、服务端随机数、sesseion_id、加密套件和压缩算法;Step 302) If the handshake protocol type is ServerHello, then judge whether session reuse occurs, if session reuse occurs, then extract the master key and encryption algorithm specification from the cached session information, and generate a password parameter; if session reuse does not occur, then record Protocol version, server random number, session_id, cipher suite and compression algorithm;

步骤303)若握手协议类型为SeverCertificate,则提取服务器公钥,查找匹配证书获取服务器私钥;Step 303) if the handshake protocol type is SeverCertificate, then extract the server public key, search for a matching certificate to obtain the server private key;

步骤304)若握手协议类型为ServerHelloDone,则此时服务端已经完成秘钥交换消息;Step 304) if the handshake protocol type is ServerHelloDone, then the server has completed the key exchange message at this time;

步骤305)若握手协议类型为ClientKeyExange,则利用服务器解密预主秘钥,计算主秘钥,并生成安全参数;若该会话为新会话,则将会话信息进行缓存;Step 305) if the handshake protocol type is ClientKeyExange, then utilize the server to decrypt the pre-master key, calculate the master key, and generate security parameters; if the session is a new session, then the session information is cached;

步骤306)若握手协议类型为NewSessionTicket,若此时没有发生会话重用,则填入缓存的会话信息中session_tiket项,若发生会话重用,则将缓存的会话信息中session_tieket项进行更新;Step 306) if the handshake protocol type is NewSessionTicket, if there is no session reuse at this time, then fill in the session_tiket item in the cached session information, if session reuse occurs, then update the session_tieket item in the cached session information;

步骤307)若握手协议类型为Finished,则验证相应方向的全部握手数据,待两方均验证通过后,即可开始应用数据传输。Step 307) If the type of the handshake protocol is Finished, verify all the handshake data in the corresponding direction, and after both parties pass the verification, the application data transmission can be started.

上述技术方案中,所述步骤3)还包括:获取明文数据后,对明文数据进行解析,生成审计日志并进行存储。In the above technical solution, the step 3) further includes: after acquiring the plaintext data, parsing the plaintext data, generating and storing an audit log.

与现有技术相比,本发明的优势在于:Compared with the prior art, the advantages of the present invention are:

1、本发明的方法根据SSL/TLS协议的封装格式,将数据包拼接成完成记录、进一步提取完整的单个消息之后再处理,对服务器是否将多个消息合成一个记录或者将单个消息封装到多个记录之中没有要求,且可以灵活选择加入需要解析的新消息,可扩展性好;1. According to the encapsulation format of the SSL/TLS protocol, the method of the present invention splices data packets into a completed record, further extracts a complete single message, and then processes it, whether the server synthesizes multiple messages into one record or encapsulates a single message into multiple There is no requirement in each record, and new messages that need to be parsed can be flexibly selected, and the scalability is good;

2、本发明的方法对交换机镜像数据进行处理获取明文数据,与传统的引入代理服务器方式相比,不干涉系统原有业务,不影响系统性能。2. The method of the present invention processes the mirror data of the switch to obtain plaintext data. Compared with the traditional method of introducing a proxy server, the method of the present invention does not interfere with the original business of the system and does not affect the performance of the system.

附图说明Description of drawings

图1为现有的SSL/TLS协议明文数据采集系统示意图;Fig. 1 is a schematic diagram of an existing SSL/TLS protocol plaintext data acquisition system;

图2为本发明的基于镜像流的SSL/TLS协议明文数据采集方法的流程图;Fig. 2 is the flow chart of the SSL/TLS protocol plaintext data collection method based on mirror stream of the present invention;

图3为本发明一个实施例的基于镜像流的SSL/TLS协议明文数据采集系统示意图。FIG. 3 is a schematic diagram of an image stream-based SSL/TLS protocol plaintext data collection system according to an embodiment of the present invention.

具体实施方式Detailed ways

下面结合附图和优选实施例对本发明进行详细说明。The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments.

如图2所示,一种基于镜像流的SSL/TLS协议明文数据采集方法,所述方法包括:As shown in Figure 2, a method for collecting plaintext data of SSL/TLS protocol based on image stream, the method includes:

步骤1)接收镜像的SSL/TLS数据包,对数据包中的记录进行提取,生成若干个完整记录,放入记录队列;具体包括:Step 1) Receive the mirrored SSL/TLS data packet, extract the records in the data packet, generate several complete records, and put them into the record queue; specifically include:

步骤101)接收镜像的SSL/TLS数据包;Step 101) receive the mirrored SSL/TLS packet;

步骤102)从数据包中提取出第一条记录,查看记录缓存区是否有缓存记录,若不存在缓存记录,则直接计算接收的第一条记录的长度;若记录缓存区中存在缓存记录,则将数据包拼接至缓存记录后,计算出当前缓存的第一条记录的长度;Step 102) extract the first record from the data packet, check whether the record buffer area has a buffer record, if there is no buffer record, then directly calculate the length of the first record received; if there is a buffer record in the record buffer area, Then, after splicing the data packet to the cache record, calculate the length of the first record in the current cache;

SSL/TLS协议记录封装格式如表1所示,其中记录头共5字节:The SSL/TLS protocol record encapsulation format is shown in Table 1, in which the record header has a total of 5 bytes:

表1Table 1

步骤103)将第一条记录的长度和数据包长度进行比较,若第一条记录的长度加记录头长度等于数据包长度,转入步骤104);若第一条记录的长度加记录头长度小于数据包长度,转入步骤105);若第一条记录的长度加记录头长度大于数据包长度,转入步骤106);Step 103) compare the length of the first record with the length of the data packet, if the length of the first record adds the length of the record header and is equal to the length of the data packet, go to step 104); if the length of the first record adds the length of the record head is less than the length of the data packet, go to step 105); if the length of the first record plus the length of the record header is greater than the length of the data packet, go to step 106);

步骤104)将该记录放入记录队列;Step 104) put this record into the record queue;

放入记录队列中的记录为完整记录。Records placed in the record queue are full records.

步骤105)对数据包进行拆分,循环提取单条完整的记录放入记录队列,并将最后不完整的记录放入记录缓存区;Step 105) split the data packet, cyclically extract a single complete record and put it into the record queue, and put the last incomplete record into the record buffer area;

步骤106)将该记录放入记录缓存区;转入步骤101);Step 106) put this record into the record buffer area; go to step 101);

放入记录缓存区的不完整记录等待后续的数据包进行拼接,然后再生成完整记录。Incomplete records placed in the record buffer wait for subsequent packets to be spliced, and then complete records are generated.

步骤2)从记录队列里的记录中提取若干个完整消息,放入消息队列;Step 2) extract several complete messages from the records in the record queue and put them into the message queue;

由于SSL/TLS协议记录不作为消息的边界,因此在提取出完整记录后,需进一步提取完整消息,所述步骤2)具体包括:Since the SSL/TLS protocol record is not used as the boundary of the message, after the complete record is extracted, the complete message needs to be further extracted, and the step 2) specifically includes:

步骤201)从记录队列里取出一个记录作为当前记录,Step 201) take out a record from the record queue as the current record,

步骤202)查看当前记录的类型,若当前记录类型为应用数据协议、改变密码规范协议或告警消息,转入步骤203);若当前记录类型为握手协议,转入步骤204);Step 202) Check the type of the current record, if the current record type is the application data protocol, the change password specification protocol or the alarm message, go to step 203); if the current record type is the handshake protocol, go to step 204);

SSL/TLS记录握手消息格式如表2所示,其中消息头共4字节:The format of the SSL/TLS record handshake message is shown in Table 2, where the message header has a total of 4 bytes:

表2Table 2

Figure GDA0002241006180000051
Figure GDA0002241006180000051

步骤203)当前记录为单条完整的消息,放入消息队列;Step 203) is currently recorded as a single complete message, put into the message queue;

步骤204)查看消息缓存区是否有缓存消息,若不存在缓存消息,则直接计算当前记录中第一条消息的长度;若缓存中存在缓存消息,则将当前记录拼接至缓存消息后,计算出当前缓存的第一条消息的长度;Step 204) check whether there is a cached message in the message buffer area, if there is no cached message, then directly calculate the length of the first message in the current record; if there is a cached message in the cache, then splicing the current record to the cached message, calculate The length of the first message currently cached;

步骤205)将计算的第一条消息的长度和当前记录长度进行比较,若第一条消息的长度加消息头长度等于当前记录长度,转入步骤206);若第一条消息的长度加消息头长度小于当前记录长度,转入步骤207);若第一条消息的长度加消息头长度大于当前记录长度,转入步骤208);Step 205) compare the length of the first message of the calculation with the current record length, if the length of the first message plus the header length is equal to the current record length, go to step 206); if the length of the first message adds the message The header length is less than the current record length, go to step 207); If the length of the first message plus the message header length is greater than the current record length, go to step 208);

步骤206)当前记录为单条完整消息,放入消息队列;Step 206) is currently recorded as a single complete message, put into the message queue;

步骤207)当前记录内含有多条消息,则对该记录进行拆分,循环提取若干条完整的消息放入消息队列;并将最后不完整的消息放入消息缓存区;Step 207) contains multiple messages in the current record, then this record is split, and several complete messages are extracted circularly and put into the message queue; and the last incomplete message is put into the message buffer area;

步骤208)当前记录为一条不完整的消息,放入消息缓存区,转入步骤201);Step 208) is currently recorded as an incomplete message, put into the message buffer area, and goes to step 201);

放入消息缓存区的不完整消息等待后续的记录进行拼接,然后再生成完整消息。Incomplete messages put into the message buffer wait for subsequent records to be spliced, and then complete messages are generated.

步骤3)对消息队列中的消息进行解析,获取明文数据;Step 3) parse the message in the message queue to obtain plaintext data;

从消息队列中取出一条消息,若消息类型为握手协议,则提取密码规范和秘钥信息;若消息类型为改变密码协议规范,则接下来的记录都会用新协商的密码规范和秘钥来保护;若消息类型为告警消息,则分析消息的严重性与告警描述;若消息类型为应用数据协议,则利用提取的密码规范和秘钥对传输数据进行解密,获取明文数据。A message is taken from the message queue. If the message type is a handshake protocol, the cipher specification and secret key information are extracted; if the message type is a change cipher protocol specification, the following records will be protected by the newly negotiated cipher specification and secret key. ; If the message type is an alarm message, analyze the severity and alarm description of the message; if the message type is an application data protocol, decrypt the transmitted data using the extracted cipher specification and secret key to obtain plaintext data.

所述握手协议包括:ClientHello、ServerHello、SeverCertificate、ServerHelloDone、ClientKeyExange、NewSessionTicket和Finished,所述提取密码规范和秘钥信息的具体步骤为:The handshake protocol includes: ClientHello, ServerHello, SeverCertificate, ServerHelloDone, ClientKeyExange, NewSessionTicket and Finished, and the specific steps for extracting the password specification and secret key information are:

步骤301)若握手协议类型为ClientHello,则记录客户端随机数、session_id和session_ticket;Step 301) if the handshake protocol type is ClientHello, then record the client random number, session_id and session_ticket;

步骤302)若握手协议类型为ServerHello,则判断是否发生会话重用,若发生会话重用,则从缓存会话信息中提取主秘钥和加密算法规范,并生成密码参数;若没有发生会话重用,则记录协议版本、服务端随机数、sesseion_id、加密套件和压缩算法;Step 302) If the handshake protocol type is ServerHello, then judge whether session reuse occurs, if session reuse occurs, then extract the master key and encryption algorithm specification from the cached session information, and generate a password parameter; if session reuse does not occur, then record Protocol version, server random number, session_id, cipher suite and compression algorithm;

步骤303)若握手协议类型为SeverCertificate,则提取服务器公钥,查找匹配证书获取服务器私钥;Step 303) if the handshake protocol type is SeverCertificate, then extract the server public key, search for a matching certificate to obtain the server private key;

步骤304)若握手协议类型为ServerHelloDone,则此时服务端已经完成秘钥交换消息;Step 304) if the handshake protocol type is ServerHelloDone, then the server has completed the key exchange message at this time;

步骤305)若握手协议类型为ClientKeyExange,则利用服务器解密预主秘钥,计算主秘钥,并生成安全参数;若该会话为新会话,则将会话信息进行缓存;Step 305) if the handshake protocol type is ClientKeyExange, then utilize the server to decrypt the pre-master key, calculate the master key, and generate security parameters; if the session is a new session, then the session information is cached;

步骤306)若握手协议类型为NewSessionTicket,若此时没有发生会话重用,则填入缓存的会话信息中session_tiket项,若发生会话重用,则将缓存的会话信息中session_tieket项进行更新;Step 306) if the handshake protocol type is NewSessionTicket, if there is no session reuse at this time, then fill in the session_tiket item in the cached session information, if session reuse occurs, then update the session_tieket item in the cached session information;

步骤307)若握手协议类型为Finished,则验证相应方向的全部握手数据,待两方均验证通过后,即可开始应用数据传输。Step 307) If the type of the handshake protocol is Finished, verify all the handshake data in the corresponding direction, and after both parties pass the verification, the application data transmission can be started.

在该实施例中,所述明文数据为HTTP数据,将明文数据进行解析,获取URL等等字段生成审计日志并保存,以供审计人员后续进行审计。In this embodiment, the plaintext data is HTTP data, and the plaintext data is parsed, and fields such as URL are obtained to generate an audit log and save it for subsequent auditing by auditors.

如图3所示,通过本发明的方法,客户端与服务器建立SSL/TLS连接,采集装置利用交换机镜像获取客户端与服务器之间交互数据,采集装置合法持有服务器证书与私钥。As shown in FIG. 3 , through the method of the present invention, the client and the server establish an SSL/TLS connection, the acquisition device uses the switch mirror to obtain the interactive data between the client and the server, and the acquisition device legally holds the server certificate and private key.

最后所应该说明的是,以上实施例仅用以说明本发明的技术方案而非限制,尽管参照实施例对本发明进行了详细说明,本领域的技术人员应当理解,可以对本发明的技术方案进行修改或同等替换,都不脱离本发明技术方案的精神和范围,其均应涵盖在本发明的权利要求范围当中。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to the embodiments, those skilled in the art should understand that the technical solutions of the present invention can be modified. or equivalent replacement, without departing from the spirit and scope of the technical solutions of the present invention, and should be included in the scope of the claims of the present invention.

Claims (5)

1. A mirror flow-based SSL/TLS protocol plaintext data collection method, the method comprising:
step 1) receiving a mirrored SSL/TLS data packet, extracting records in the data packet, generating a plurality of complete records, and putting the records into a record queue;
step 2) extracting a plurality of complete messages from the records in the record queue and putting the messages into a message queue;
step 3) analyzing the messages in the message queue to obtain plaintext data;
the step 1) specifically comprises the following steps:
step 101) receiving a mirrored SSL/TLS data packet;
step 102) extracting a first record from the data packet, checking whether a record cache region has a cache record, and directly calculating the length of the received first record if the record cache region does not have the cache record; if the record cache region has cache records, splicing the data packet to the cache records, and calculating the length of the first record of the current cache;
step 103) comparing the length of the first record with the length of the data packet, and if the length of the first record plus the length of the recording head is equal to the length of the data packet, turning to step 104); if the length of the first record and the length of the recording head are smaller than the length of the data packet, the step 105) is carried out; if the length of the first record plus the length of the recording head is larger than the length of the data packet, the step 106) is carried out;
step 104) placing the record in a record queue;
step 105) splitting the data packet, circularly extracting a single complete record and putting the single complete record into a record queue, and putting the last incomplete record into a record cache region;
step 106) placing the record in a record buffer area; turning to step 101);
and the incomplete records placed in the record buffer area wait for splicing of subsequent data packets, and then complete records are generated.
2. The image flow-based SSL/TLS protocol plaintext data collection method according to claim 1, wherein the step 2) specifically includes:
step 201) takes a record from the record queue as the current record,
step 202) checking the type of the current record, and if the type of the current record is an application data protocol, a password specification changing protocol or an alarm message, turning to step 203); if the current record type is a handshake protocol, go to step 204);
step 203) recording the current information as a single complete information, and putting the information into an information queue;
step 204) checking whether a message cache region has cache messages or not, and if no cache message exists, directly calculating the length of a first message in the current record; if the cache message exists in the cache, the length of the first message of the current cache is calculated after the current record is spliced to the cache message;
step 205) comparing the calculated length of the first message with the current recording length, and if the length of the first message plus the length of the message header is equal to the current recording length, turning to step 206); if the length of the first message plus the length of the message header is smaller than the current recording length, go to step 207); if the length of the first message plus the length of the message header is greater than the current record length, go to step 208);
step 206), currently recording the message as a single complete message, and placing the message into a message queue;
step 207) if the current record contains a plurality of messages, splitting the record, circularly extracting a plurality of complete messages and putting the messages into a message queue; putting the final incomplete message into a message buffer area;
step 208), recording the current message as an incomplete message, putting the message into a message buffer area, and switching to step 201);
the incomplete message put into the message buffer area waits for the subsequent records to be spliced, and then the complete message is generated.
3. The image flow-based SSL/TLS protocol plaintext data collection method according to claim 1 or 2, wherein the step 3) is implemented by:
taking out a message from the message queue, and if the message type is a handshake protocol, extracting the password specification and the key information; if the message type is the cipher protocol specification changing, the following records are protected by the newly negotiated cipher specification and the secret key; if the message type is the alarm message, analyzing the severity and the alarm description of the message; and if the message type is the application data protocol, decrypting the transmission data by using the extracted password specification and the key to obtain plaintext data.
4. The image flow-based SSL/TLS protocol plaintext data collection method according to claim 3, wherein the handshake protocol comprises: ClientHello, ServerHello, SeverCertificate, serverhellolodone, clientkeyExange, NewSessionsTicket and Finished, wherein the specific steps of extracting the password specification and the key information are as follows:
step 301) if the handshake protocol type is ClientHello, recording a client random number, a session _ id and a session _ ticket;
step 302), if the handshake protocol type is ServerHello, judging whether session reuse occurs, if the session reuse occurs, extracting a master key and an encryption algorithm specification from the cached session information, and generating a password parameter; if the session reuse does not occur, recording a protocol version, a server random number, a sesseion _ id, an encryption suite and a compression algorithm;
step 303) if the handshake protocol type is the SeverCertification, extracting a server public key, and searching a matching certificate to obtain a server private key;
step 304), if the handshake protocol type is serverhellododone, the server has completed key exchange message at this time;
step 305), if the handshake protocol type is ClientKeyExange, decrypting the pre-master key by using the server, calculating the master key and generating a security parameter; if the conversation is a new conversation, caching the conversation information;
step 306), if the handshake protocol type is NewSessionTicket, if no session reuse occurs at this time, filling the session _ token item in the cached session information, and if the session reuse occurs, updating the session _ token item in the cached session information;
step 307) if the type of the handshake protocol is Finished, verifying all handshake data in the corresponding direction, and after the two parties pass the verification, starting application data transmission.
5. The image flow-based SSL/TLS protocol plaintext data collection method according to claim 1, wherein the step 3) further comprises: and after the plaintext data is obtained, analyzing the plaintext data, generating an audit log and storing the audit log.
CN201610101613.3A 2016-02-24 2016-02-24 Mirror flow-based SSL/TLS protocol plaintext data acquisition method Active CN107124385B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610101613.3A CN107124385B (en) 2016-02-24 2016-02-24 Mirror flow-based SSL/TLS protocol plaintext data acquisition method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610101613.3A CN107124385B (en) 2016-02-24 2016-02-24 Mirror flow-based SSL/TLS protocol plaintext data acquisition method

Publications (2)

Publication Number Publication Date
CN107124385A CN107124385A (en) 2017-09-01
CN107124385B true CN107124385B (en) 2020-02-04

Family

ID=59716965

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610101613.3A Active CN107124385B (en) 2016-02-24 2016-02-24 Mirror flow-based SSL/TLS protocol plaintext data acquisition method

Country Status (1)

Country Link
CN (1) CN107124385B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110620766B (en) * 2019-09-05 2021-12-14 东南大学 A method for extracting TLS data blocks from encrypted network traffic
CN110784444B (en) * 2019-09-09 2021-10-15 航天行云科技有限公司 Method for processing nested data stream and related equipment
CN111756751B (en) * 2020-06-28 2022-10-21 杭州迪普科技股份有限公司 Message transmission method and device and electronic equipment
CN114817641B (en) * 2022-02-19 2023-06-20 英赛克科技(北京)有限公司 Industrial data acquisition method and device and electronic equipment
CN114584393B (en) * 2022-03-31 2023-10-20 深圳市瑞云科技有限公司 Method for automatically selecting encryption protocol

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1451690A1 (en) * 2001-10-29 2004-09-01 Pitney Bowes Inc. Monitoring system for a corporate network
CN101325519A (en) * 2008-06-05 2008-12-17 华为技术有限公司 Content auditing method, system and content auditing device based on security protocol
CN102984243A (en) * 2012-11-20 2013-03-20 杭州迪普科技有限公司 Automatic identification method and device applied to secure socket layer (SSL)
CN104468537A (en) * 2014-11-25 2015-03-25 公安部第三研究所 System and method for achieving safety audit

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1451690A1 (en) * 2001-10-29 2004-09-01 Pitney Bowes Inc. Monitoring system for a corporate network
CN101325519A (en) * 2008-06-05 2008-12-17 华为技术有限公司 Content auditing method, system and content auditing device based on security protocol
CN102984243A (en) * 2012-11-20 2013-03-20 杭州迪普科技有限公司 Automatic identification method and device applied to secure socket layer (SSL)
CN104468537A (en) * 2014-11-25 2015-03-25 公安部第三研究所 System and method for achieving safety audit

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"适用于网络内容审计的SSL/TLS保密数据高效明文采集方法";董海韬 等;《计算机应用》;20151130(第10期);第2892页第2栏倒数第20行至第2894页第2栏倒数第11行,图2 *

Also Published As

Publication number Publication date
CN107124385A (en) 2017-09-01

Similar Documents

Publication Publication Date Title
Velan et al. A survey of methods for encrypted traffic classification and analysis
US11425047B2 (en) Traffic analysis method, common service traffic attribution method, and corresponding computer system
CN107124385B (en) Mirror flow-based SSL/TLS protocol plaintext data acquisition method
CN106941401B (en) Acceleration equipment and method for obtaining session key based on acceleration equipment
WO2019178942A1 (en) Method and system for performing ssl handshake
CN112235266B (en) Data processing method, device, equipment and storage medium
WO2016082371A1 (en) Ssh protocol-based session parsing method and system
CN110719265B (en) Method, device and equipment for realizing network security communication
CN106131207A (en) A kind of method and system bypassing audit HTTPS packet
CN106685983A (en) A data restoration method and device based on SSL protocol
CN114139192B (en) Encrypted traffic processing method, encrypted traffic processing apparatus, electronic device, medium, and program
CN103618726A (en) Method for recognizing mobile data service based on HTTPS
CN114050920B (en) Transparent network encryption system implementation method based on FPGA
CN107135190A (en) The data traffic ownership recognition methods connected based on Transport Layer Security and device
CN107453861B (en) A kind of collecting method based on SSH2 agreement
CN105743868B (en) A data acquisition system and method supporting encrypted and non-encrypted protocols
EP4018621A1 (en) Method and system for managing secure iot device applications
CN113872956A (en) Method and system for inspecting IPSEC VPN transmission content
CN115567503B (en) HTTPS protocol analysis method based on flow analysis
CN106685896B (en) A method and system for collecting plaintext data in a multi-layer channel of SSH protocol
CN109286598B (en) A system and method for collecting plaintext data of RDP protocol encrypted by TLS channel
CN115967527A (en) Internet of things information data transmission method based on white box key
KR101919762B1 (en) An encrypted traffic management apparatus and method for decrypting encrypted traffics
KR102806297B1 (en) Method for Blocking traffic based on Domain in Out of Band Network
KR102787161B1 (en) Method for Blocking traffic based on Domain in Out of Band Network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210813

Address after: Room 1601, 16th floor, East Tower, Ximei building, No. 6, Changchun Road, high tech Industrial Development Zone, Zhengzhou, Henan 450001

Patentee after: Zhengzhou xinrand Network Technology Co.,Ltd.

Address before: 100190, No. 21 West Fourth Ring Road, Beijing, Haidian District

Patentee before: INSTITUTE OF ACOUSTICS, CHINESE ACADEMY OF SCIENCES

Effective date of registration: 20210813

Address after: 100190, No. 21 West Fourth Ring Road, Beijing, Haidian District

Patentee after: INSTITUTE OF ACOUSTICS, CHINESE ACADEMY OF SCIENCES

Address before: 100190, No. 21 West Fourth Ring Road, Beijing, Haidian District

Patentee before: INSTITUTE OF ACOUSTICS, CHINESE ACADEMY OF SCIENCES

Patentee before: BEIJING INTELLIX TECHNOLOGIES Co.,Ltd.

TR01 Transfer of patent right