CN111064575A - Method for analyzing network packet capturing applied to signal system of domestic password encryption - Google Patents
Method for analyzing network packet capturing applied to signal system of domestic password encryption Download PDFInfo
- Publication number
- CN111064575A CN111064575A CN201911100723.8A CN201911100723A CN111064575A CN 111064575 A CN111064575 A CN 111064575A CN 201911100723 A CN201911100723 A CN 201911100723A CN 111064575 A CN111064575 A CN 111064575A
- Authority
- CN
- China
- Prior art keywords
- key
- session key
- session
- message
- analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a method for analyzing a network capture packet in a signal system for domestic password encryption, which acquires a dynamically negotiated key in a set mode, and corresponds the key and information in the network capture packet one by one to complete the analysis of the network capture packet; the method specifically comprises the following steps: the online analysis sub-method is used for on-site debugging, wherein an analysis object is a packet capture captured by the current network in real time, and the analysis of the packet capture object is also completed in real time; and the off-line analysis sub-method is used for analyzing and checking problems generated in the normal operation process, and the analysis object is historical network packet capturing. Compared with the prior art, the method has the advantages of ensuring the overall maintainability of the signal system, providing great convenience for the later-stage operation and maintenance of the signal system and the like.
Description
Technical Field
The invention relates to a rail transit signal system, in particular to a method for analyzing network capture packets in a signal system with domestic password encryption.
Background
The domestic cryptographic algorithm is a cryptographic algorithm which is independently developed and realized in China, has higher security and is approved and popularized by the national cryptographic administration. Since the public key cryptographic algorithm of the SM2 elliptic curve was released by the State cryptology administration in 2010, the research on domestic cryptology began. Under the condition of sufficient theoretical research, the application trend of industrialization and engineering of the domestic cryptographic technology appears, and the development trend of cross fusion with other industries is not blocked. The promotion and application popularization of the domestic cryptographic algorithm are in line with the development trend of the international cryptographic algorithm on one hand and are beneficial to realizing the requirements of the core technology and the products on safety, autonomy and controllability on the other hand. The method applies the domestic password technology in the national key industry, and has very important significance for maintaining the national ownership, maintaining the benefit of customers, protecting data security and preventing high-tech crimes so as to promote the development of the information security industry of China. As a key industry in the key field of China related to the national civilization and public interests, the urban rail transit signal industry must comply with the trend and grasp the opportunity, the information safety protection level of the urban rail transit signal industry is greatly improved, and a safer and more reliable traffic trip mode is provided for the people.
The signal system applies a domestic encryption technology, usually, on the basis of existing signal system equipment, relevant equipment such as a national secret security chip is added, and data of vehicle-ground wireless communication is encrypted through SM1, SM2 and SM3 algorithms, so that the vehicle-ground wireless communication data is subjected to discriminability protection, non-repudiation protection, confidentiality protection and integrity protection, more obvious information security holes in a vehicle-ground wireless communication gap of the signal system are filled, high security and high reliability of the vehicle-ground wireless communication of the signal system are realized, and the information security level of the vehicle-ground wireless communication is improved.
However, the maintainability is also degraded while the safety level of the wireless communication information between the vehicle and the ground is improved. A general debugging and maintaining mode between the train-ground wireless communication is that network packet capturing is carried out through data communication switches on the trackside and the vehicle-mounted two sides, and then packet capturing information is observed and analyzed. The vehicle-ground wireless communication information is encrypted by a domestic encryption technology, and then the communication information is completely changed into a ciphertext, and the encryption key adopts a dynamic negotiation mechanism, so that the network capture packet cannot be observed and analyzed according to a general debugging and maintenance mode, so that development and debugging personnel cannot further position problems and analyze and investigate, and great inconvenience and uncertainty are brought to the debugging and maintenance of a signal system.
Disclosure of Invention
The present invention is directed to overcome the above-mentioned drawbacks of the prior art, and provides a method for analyzing network packets in a signal system with domestic encryption.
The purpose of the invention can be realized by the following technical scheme:
a method for analyzing network packet capturing applied to a signal system of domestic password encryption obtains a dynamically negotiated key through a set mode, and the key corresponds to information in a network packet capturing one by one to complete the analysis of the network packet capturing; the method specifically comprises the following steps:
the online analysis sub-method is used for on-site debugging, wherein an analysis object is a packet capture captured by the current network in real time, and the analysis of the packet capture object is also completed in real time;
and the off-line analysis sub-method is used for analyzing and checking problems generated in the normal operation process, and the analysis object is historical network packet capturing.
Preferably, the specific process of the offline analysis sub-method includes:
101) after the ZC, LC or ATS subsystem finishes the dynamic key negotiation initiated by the CC subsystem and sends a successful session key negotiation message, the ZC, LC or ATS subsystem actively sends the negotiated dynamic session key, the Hash value of the session key and the session ID to a certificate key management system;
102) storing the key, wherein the certificate key management system receives the dynamic session key, the Hash value of the session key and the session ID, stores the dynamic session key, the Hash value of the session key and the session ID in the certificate key management server, stores the set number of days, and deletes the dynamic session key, the Hash value of the session key and the session ID in a rolling manner after the set number of days is exceeded;
103) the key is exported, the key certificate management system provides the operation of exporting the key according to the selected time, export the dynamic session key stored in the key certificate management server, the Hash value of the session key to the external device according to the corresponding mapping relation in the form of encrypted file;
104) and key decryption, namely inserting authorized management UKEY into host equipment to be unpacked, simultaneously placing the derived encrypted file in the same host C packing directory, searching a corresponding session key in the encrypted file for decryption by the wireshark plug-in according to a Hash field in a network packet capturing to be decrypted, and displaying the decrypted message on a wireshark interface.
Preferably, the Hash value of the session key is generated by the cryptographic chip according to the dynamic session key.
Preferably, in the key collection process, if any error report generated by the cryptographic chip considers that the process fails, the ZC, LC or ATS subsystem records the error report.
Preferably, the ZC, LC or ATS subsystem puts the Hash value of the session key into the header of the encrypted message when sending the encrypted message.
Preferably, in the key storage process, the key certificate management system provides a display list of session IDs and update times, is used for viewing updated session IDs and update times, and arranges the session IDs and the update times in descending order according to the update times.
Preferably, in the key decryption process, if the corresponding session key is not found or the decryption fails, an error is reported and the original encrypted message is displayed.
Preferably, the specific process of the online analysis sub-method includes:
201) mode switching, namely defining an online analysis scene as a debugging mode, and directly putting a session key into an encrypted message packet header in the debugging mode so as to decrypt a network packet captured in real time by directly using the session key in a key decryption stage;
202) and (3) key decryption, namely in the host equipment to be decrypted, the wireshark plug-in directly decrypts the key field in the real-time network packet capturing to be decrypted as a session key, and displays the decrypted message on a wireshark interface.
Preferably, the mode switching operation is provided by a key certificate management system, and can send a switching mode message to all designated IP addresses and ports, and after receiving the switching mode message, the CC, ZC, LC or ATS subsystem processes according to keyType ═ 2 and puts the session key into the header of the encrypted message;
in the mode switching process, if any error report generated by the cryptographic chip considers that the process fails, the CC, ZC, LC or ATS subsystems record; if the CC, ZC, LC, or ATS subsystem repeatedly receives the handover mode message transmitted from the key certificate management system in a state of being processed with a keyType of 2, the keyType of 2 is maintained.
Preferably, no acknowledgement retransmission mechanism is set in the mode switching process, and the possibility of loss in the switching mode message sending process is accepted;
and meanwhile, a mode rollback mechanism is not set, after the CC, ZC, LC or ATS subsystem receives the switching mode message sent by the key certificate management system and is successfully switched, the corresponding equipment is restarted, and the national password chip is initialized and then processed according to the keyType of 1.
Compared with the prior art, the invention has the following advantages:
1) aiming at a signal system applying a domestic encryption technology, an encryption key of dynamic negotiation can be obtained, and the analysis of network packet capturing is completed, so that the overall maintainability of the signal system is ensured, and meanwhile, great convenience is provided for the later operation and maintenance of the signal system;
2) through analysis design, different network packet capturing and analyzing requirements are combined together and completed by using the same software processing mechanism;
3) whether the key sending message and the switching mode message required by the network packet capturing are successfully sent or not is analyzed, the normal operation of a signal system applying the domestic encryption technology is not influenced, and even different packet packing modes can be adopted at two communication ends;
4) the secret keys exist in an encrypted form in the whole working process, and personnel cannot directly contact the secret keys, so that the confidentiality and the safety of the secret keys are ensured;
5) the working mode change of debugging and maintenance is kept to be small as far as possible while the existing architecture and function safety level of the signal system is kept unaffected.
Drawings
FIG. 1 is a schematic diagram of a key aggregation process for offline parsing according to the present invention;
FIG. 2 is a schematic diagram of the mode switching process of the online analysis according to the present invention;
FIG. 3 is a schematic diagram of an integrated structure of a signal system and a cryptographic device according to the present invention;
FIG. 4 is a flow chart of offline & online parsing of the present invention;
fig. 5 is a flow chart of the wireshark plug-in parsing of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, shall fall within the scope of protection of the present invention.
The invention provides a method for analyzing a network packet capturing of train-ground wireless communication in a signal system applying a domestic encryption technology, which enables development and debugging personnel to obtain a dynamically negotiated key in a certain mode, and the key corresponds to information in the network packet capturing one by one to complete the analysis of the network packet capturing.
The network packet capturing analysis is mainly used for the debugging maintenance service of the signal system, and 2 scenes are analyzed on line and off line, and the application time, the analysis object and the analysis real-time requirement of the 2 scenes are different. Generally, online analysis is mainly used in field debugging, and the analysis object is a packet capture captured by the current network in real time, and the analysis of the packet capture object is also completed in real time; the off-line analysis is mainly used for analyzing and checking problems generated in the normal operation process, the analysis object is a historical network packet (according to the network security law implemented in 2017, 6, 1, the historical network packet is used as a system operation record and should be stored for at least 180 days), and although a certain time delay is allowed in the aspect of analysis real-time performance, the analysis performance is required to reach the minute level. Specific scenarios and differences are shown in table 1.
TABLE 1
1. Through the analysis of the network packet capturing analysis scene, the off-line analysis of the network packet capturing by the signal system can be divided into 4 stages: key collection, key preservation, key derivation, and key decryption. Wherein:
1) collection of keys
After completing the dynamic key agreement initiated by the CC subsystem, the ZC/LC/ATS subsystem sends a session key agreement success message, and then the ZC/LC/ATS subsystem actively sends the negotiated dynamic session key, the session key Hash value, and the session ID to the certificate key management system, as shown in fig. 1. The Hash value of the session key is generated by the cryptographic chip according to the dynamic session key.
If any error report generated by the cryptographic chip in the process is judged to fail, the ZC/LC/ATS subsystem records the error report.
The analyzing network packet capturing function does not influence the daily operation of the signal system in an encrypted state, so that a confirmation retransmission mechanism is not arranged, and the possibility of loss in the session key sending process is accepted.
When the CC/ZC/LC/ATS subsystem sends the encrypted message, the Hash value of the session key is put into the header of the encrypted message, as shown in Table 2.
TABLE 2
| Message packet header | Hash | All kinds of messages |
| 16byte |
2) Key preservation
And the certificate key management system receives the dynamic session key, the Hash value of the session key and the session ID, stores the dynamic session key, the Hash value of the session key and the session ID in the certificate key management server for at least 180 days, and deletes the dynamic session key, the Hash value of the session key and the session ID in a rolling manner after 180 days.
The key certificate management system provides a display list of session IDs and update times, and can view the updated session IDs and update times, arranged in descending order of update times.
3) Key derivation
The key certificate management system provides the operation of exporting the key according to the selected time (time precision: day), and the dynamic session key and the Hash value of the session key stored in the key certificate management server can be exported to the external equipment in the form of an encrypted file according to the corresponding mapping relation, and the exporting operation needs to manage UKEY authorization.
4) Key decryption
And inserting the authorized management UKEY into the host equipment to be unpacked, simultaneously placing the derived encrypted file in the same host C packing directory, searching a corresponding session key in the encrypted file for decryption by the wireshark plug-in according to a Hash field in the network packet capturing to be decrypted, and displaying the decrypted message on a wireshark interface.
If the corresponding session key is not found or the decryption fails, an error is reported and the original encrypted message is displayed.
2. The online analysis network packet capturing and offline analysis modes of the signal system are slightly different, and the method only needs to be divided into 2 stages: mode switching and key decryption. Wherein:
1) mode switching
In view of the high real-time requirement and special application scenario of online analysis, the online analysis scenario is defined as a debugging mode to distinguish a general mode of the offline analysis scenario, and a session key can be directly put into an encryption message packet header in the debugging mode so as to directly use the session key to decrypt a network packet captured in real time in a key decryption stage. The encrypted message format of table 2 above is adjusted as shown in table 3.
TABLE 3
The key certificate management system provides a mode switching operation, and may send a switch mode message to all designated IP addresses and ports, and after receiving the switch mode message, the CC/ZC/LC/ATS subsystem processes the switch mode message according to keyType ═ 2, and places the session key in the header of the encrypted message, as shown in fig. 2. Switched mode operation requires management of UKEY authorization.
If any error report generated by the cryptographic chip in the process is considered to fail, the CC/ZC/LC/ATS subsystem records the error report.
And if the CC/ZC/LC/ATS subsystem repeatedly receives the switching mode message sent by the key certificate management system in a state of being processed according to the keyType of 2, keeping the keyType of 2 unchanged.
The analyzing network packet capturing function does not influence the daily operation of a signal system in an encrypted state, so that a retransmission confirming mechanism is not arranged, and the possibility of losing in the process of sending the switching mode message is received.
And meanwhile, a mode rollback mechanism is not set, the CC/ZC/LC/ATS subsystem restarts corresponding equipment after receiving a switching mode message sent by the key certificate management system and successfully switching, and the national password chip is initialized and then processed according to the keyType of 1.
2) Key decryption
In the host equipment to be unpacked, the wireshark plug-in unit directly uses the key field in the real-time network packet capturing to be deciphered as a session key for deciphering, and displays the deciphered message on a wireshark interface.
If the decryption fails, an error is reported and the original encrypted message is displayed.
The invention maintains the existing structure of the signal system and the national secret equipment after integration, as shown in figure 3, the application layer equipment consists of a plurality of subsystems of CC, ZC/LC, CI, ATS and MSS, and the communication layer equipment is DCS equipment. According to the scheme, a certificate key management server and a hardware encryption machine are added by combining a signal system architecture and a PKI model; and adding a national secret security chip on the application layer equipment. Session keys are maintained and derived and switched mode operation is provided by a certificate key management system.
The signal system application equipment of the invention carries out session key negotiation after being started, actively sends the session key, the session key Hash value and the session ID to the certificate key management system after the session key negotiation is successful, and then puts the session key Hash value into the header of the encrypted message when sending the encrypted message. The certificate key management system stores the received information in the certificate key management server, and can export the stored session key and the session key Hash value to the external equipment in the form of an encrypted file according to the corresponding relation. And the Wireshark plug-in unit searches a corresponding session key in the encrypted file according to the Hash field in the network packet capturing message to be decrypted, then decrypts, and finally displays the decrypted message on an interface.
The certificate key management system sends a switching mode message to a specified IP address and a specified port, the signal system application equipment changes the encryption packet packaging mode after receiving the switching mode message, and the session key is put into the header of the encryption message. The Wireshark plug-in directly decrypts a Key field in the real-time network packet capturing message to be decrypted as a session Key, and displays the decrypted message on a Wireshark interface. The signal system application equipment changes the encryption packet mode as long as receiving a switching mode message in the running process until the equipment is closed or restarted.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for analyzing network packet capturing applied to a signal system of domestic password encryption is characterized in that the method obtains a dynamically negotiated key through a set mode, and the key corresponds to information in the network packet capturing one by one to complete the analysis of the network packet capturing; the method specifically comprises the following steps:
the online analysis sub-method is used for on-site debugging, wherein an analysis object is a packet capture captured by the current network in real time, and the analysis of the packet capture object is also completed in real time;
and the off-line analysis sub-method is used for analyzing and checking problems generated in the normal operation process, and the analysis object is historical network packet capturing.
2. The method for analyzing the network capture packet applied to the signal system of the domestic password encryption as claimed in claim 1, wherein the specific process of the offline analyzing sub-method comprises:
101) after the ZC, LC or ATS subsystem finishes the dynamic key negotiation initiated by the CC subsystem and sends a successful session key negotiation message, the ZC, LC or ATS subsystem actively sends the negotiated dynamic session key, the Hash value of the session key and the session ID to a certificate key management system;
102) storing the key, wherein the certificate key management system receives the dynamic session key, the Hash value of the session key and the session ID, stores the dynamic session key, the Hash value of the session key and the session ID in the certificate key management server, stores the set number of days, and deletes the dynamic session key, the Hash value of the session key and the session ID in a rolling manner after the set number of days is exceeded;
103) the key is exported, the key certificate management system provides the operation of exporting the key according to the selected time, export the dynamic session key stored in the key certificate management server, the Hash value of the session key to the external device according to the corresponding mapping relation in the form of encrypted file;
104) and key decryption, namely inserting authorized management UKEY into host equipment to be unpacked, simultaneously placing the derived encrypted file in the same host C packing directory, searching a corresponding session key in the encrypted file for decryption by the wireshark plug-in according to a Hash field in a network packet capturing to be decrypted, and displaying the decrypted message on a wireshark interface.
3. The method as claimed in claim 2, wherein the session key Hash value is generated by the cryptographic chip according to the dynamic session key.
4. The method as claimed in claim 2, wherein in the key collection process, if any error occurs in the cryptographic chip, the process is considered to be failed, and the ZC, LC or ATS subsystem records the error.
5. The method as claimed in claim 2, wherein the ZC, LC or ATS subsystem puts the Hash value of the session key into the header of the encrypted message when sending the encrypted message.
6. The method as claimed in claim 2, wherein the key certificate management system provides a display list of session IDs and update times for viewing the updated session IDs and update times, and arranges them in descending order according to the update times during the key storage process.
7. The method for analyzing the network capturing packet applied to the signal system of the domestic password encryption as claimed in claim 2, wherein in the key decryption process, if the corresponding session key is not found or the decryption fails, an error is reported and the original encrypted message is displayed.
8. The method for analyzing the network capturing packet applied to the signal system of the domestic password encryption as claimed in claim 1, wherein the specific process of the online analyzing sub-method comprises:
201) mode switching, namely defining an online analysis scene as a debugging mode, and directly putting a session key into an encrypted message packet header in the debugging mode so as to decrypt a network packet captured in real time by directly using the session key in a key decryption stage;
202) and (3) key decryption, namely in the host equipment to be decrypted, the wireshark plug-in directly decrypts the key field in the real-time network packet capturing to be decrypted as a session key, and displays the decrypted message on a wireshark interface.
9. The method as claimed in claim 8, wherein the mode switching operation is provided by a key certificate management system, and the mode switching message is sent to all designated IP addresses and ports, and the CC, ZC, LC or ATS subsystem processes the session key according to keyType 2 after receiving the mode switching message, and puts the session key in the header of the encrypted message;
in the mode switching process, if any error report generated by the cryptographic chip considers that the process fails, the CC, ZC, LC or ATS subsystems record; if the CC, ZC, LC, or ATS subsystem repeatedly receives the handover mode message transmitted from the key certificate management system in a state of being processed with a keyType of 2, the keyType of 2 is maintained.
10. The method for analyzing network packets in the signal system with domestic cipher encryption according to claim 8, wherein no acknowledgement retransmission mechanism is set during the mode switching process, and the possibility of loss during the switching mode message transmission process is accepted;
and meanwhile, a mode rollback mechanism is not set, after the CC, ZC, LC or ATS subsystem receives the switching mode message sent by the key certificate management system and is successfully switched, the corresponding equipment is restarted, and the national password chip is initialized and then processed according to the keyType of 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911100723.8A CN111064575B (en) | 2019-11-12 | 2019-11-12 | Method for analyzing network packet capturing in domestic cipher encrypted signal system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911100723.8A CN111064575B (en) | 2019-11-12 | 2019-11-12 | Method for analyzing network packet capturing in domestic cipher encrypted signal system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111064575A true CN111064575A (en) | 2020-04-24 |
| CN111064575B CN111064575B (en) | 2023-05-02 |
Family
ID=70297782
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911100723.8A Active CN111064575B (en) | 2019-11-12 | 2019-11-12 | Method for analyzing network packet capturing in domestic cipher encrypted signal system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111064575B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113225354A (en) * | 2021-06-02 | 2021-08-06 | 郑州信大捷安信息技术股份有限公司 | Method and system for analyzing secure channel encrypted data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101114932A (en) * | 2006-07-27 | 2008-01-30 | 华为数字技术有限公司 | Method and system for implementing remote capturing packet |
| CN103296755A (en) * | 2013-05-10 | 2013-09-11 | 国家电网公司 | Network online monitoring system for transformer substation |
| CN105376248A (en) * | 2015-11-30 | 2016-03-02 | 睿峰网云(北京)科技股份有限公司 | Method and device for identifying abnormal flow |
| US20160119065A1 (en) * | 2014-10-24 | 2016-04-28 | Wahoo Technologies, LLC | System and method for providing underwater video |
| CN106572190A (en) * | 2016-11-15 | 2017-04-19 | 国网江西省电力公司信息通信分公司 | Autonomous collection method for operational data of information communication |
-
2019
- 2019-11-12 CN CN201911100723.8A patent/CN111064575B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101114932A (en) * | 2006-07-27 | 2008-01-30 | 华为数字技术有限公司 | Method and system for implementing remote capturing packet |
| CN103296755A (en) * | 2013-05-10 | 2013-09-11 | 国家电网公司 | Network online monitoring system for transformer substation |
| US20160119065A1 (en) * | 2014-10-24 | 2016-04-28 | Wahoo Technologies, LLC | System and method for providing underwater video |
| CN105376248A (en) * | 2015-11-30 | 2016-03-02 | 睿峰网云(北京)科技股份有限公司 | Method and device for identifying abnormal flow |
| CN106572190A (en) * | 2016-11-15 | 2017-04-19 | 国网江西省电力公司信息通信分公司 | Autonomous collection method for operational data of information communication |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113225354A (en) * | 2021-06-02 | 2021-08-06 | 郑州信大捷安信息技术股份有限公司 | Method and system for analyzing secure channel encrypted data |
| CN113225354B (en) * | 2021-06-02 | 2022-03-22 | 郑州信大捷安信息技术股份有限公司 | Method and system for analyzing secure channel encrypted data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111064575B (en) | 2023-05-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107018134B (en) | Power distribution terminal safety access platform and implementation method thereof | |
| EP2697931B1 (en) | Qkd key management system | |
| CN111314056B (en) | Heaven and earth integrated network anonymous access authentication method based on identity encryption system | |
| CN108809637A (en) | The car-ground communication Non-Access Stratum authentication key agreement methods of LTE-R based on mixed cipher | |
| CN107888560A (en) | A kind of mobile intelligent terminal mail security Transmission system and method | |
| CN101345761A (en) | Private data transmission method and system | |
| CN112671710B (en) | Security encryption device based on national cryptographic algorithm, bidirectional authentication and encryption method | |
| CN112702318A (en) | Communication encryption method, decryption method, client and server | |
| CN101448130A (en) | Method, system and device for protecting data encryption in monitoring system | |
| CN109995530B (en) | Safe distributed database interaction system suitable for mobile positioning system | |
| CN109981271B (en) | Network multimedia safety protection encryption method | |
| CN106453391A (en) | Long repeating data encryption and transmission method and system | |
| CN103441983A (en) | Information protection method and device based on link layer discovery protocol | |
| CN114024698A (en) | Power distribution Internet of things service safety interaction method and system based on state cryptographic algorithm | |
| CN114697082A (en) | Production and application method of encryption and decryption device in server-free environment | |
| CN115277040A (en) | Medical health data storage and sharing method and system based on block chain technology | |
| CN111064575B (en) | Method for analyzing network packet capturing in domestic cipher encrypted signal system | |
| CN107135228B (en) | Authentication system and authentication method based on central node | |
| CN111224968B (en) | Secure communication method for randomly selecting transfer server | |
| CN110417706A (en) | A kind of safety communicating method based on interchanger | |
| CN116132025A (en) | Key negotiation method, device and communication system based on preset key group | |
| CN113472539A (en) | Method for carrying out national encryption by using RDMA R _ Key | |
| CN111431846B (en) | Data transmission method, device and system | |
| CN111490971B (en) | General hospital information infrastructure safety operation and maintenance and auditing method | |
| KR20230039722A (en) | Pre-shared key PSK update method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |