KR101847636B1 - Method and apprapatus for watching encrypted traffic - Google Patents
Method and apprapatus for watching encrypted traffic Download PDFInfo
- Publication number
- KR101847636B1 KR101847636B1 KR1020160030106A KR20160030106A KR101847636B1 KR 101847636 B1 KR101847636 B1 KR 101847636B1 KR 1020160030106 A KR1020160030106 A KR 1020160030106A KR 20160030106 A KR20160030106 A KR 20160030106A KR 101847636 B1 KR101847636 B1 KR 101847636B1
- Authority
- KR
- South Korea
- Prior art keywords
- communication session
- server
- traffic
- user terminal
- data
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Telephonic Communication Services (AREA)
Abstract
A method for monitoring an encrypted traffic performed in a traffic monitoring apparatus according to an embodiment of the present invention is disclosed. The method for monitoring an encrypted traffic performed by the traffic monitoring apparatus includes the steps of acquiring communication session information between a user terminal and a server performed in the session information management module, monitoring a communication session between the user terminal and the server, Determining whether to intervene in a communication session between the user terminal and the server, when the communication session control module intervenes in a communication session between the user terminal and the server, A communication session and a second communication session between the user terminal and the traffic monitoring device, the encryption processing module performing encryption handshaking with the server in the first communication session, and in the second communication session, Performing shaking, determining whether the first communication session received through the first communication session Decrypting the first encrypted data received via the first communication session and the second encrypted data received through the second communication session, and performing a security control on the decrypted data by the traffic control module.
Description
The present invention relates to communications, and more particularly to monitoring encrypted communications.
A secure sockets layer (SSL) can mean a cryptographic technique to protect TCP / IP communications. SSL encrypted communication was initially used to protect important content and messages transmitted via the web, such as banking, e-commerce, and corporate data. Recently, however, SSL encryption has been widely applied to transmission of various web contents such as social media, entertainment, And is steadily increasing. For example, Twitter, Google Facebook and others are also using SSL encrypted transmissions.
The SSL encryption transmission introduced for content protection prevents the security firewalls used by corporations, educational institutions, public agencies, and telecommunication carriers to prevent the spread of malicious software and malware, and to prevent intrusion and access to harmful sites There is a problem that it is caused. Thus, there may be a need in the art for a solution for monitoring SSL encrypted packets.
Korean Patent Laid-Open Publication No. 10-2015-0053520 (May 2015, May 18, 201) discloses a method of authenticating a server by receiving a certificate from a server.
The present invention has been devised to cope with the above-described background art, and is intended to provide a solution for monitoring encrypted communication.
The present invention is intended to provide a solution for reducing the performance degradation and increasing the stability while monitoring the encrypted communication.
An encryption traffic monitoring method performed in a traffic monitoring apparatus according to an embodiment of the present invention for realizing the above-described problems is disclosed. The method for monitoring an encrypted traffic performed by the traffic monitoring apparatus includes the steps of acquiring communication session information between a user terminal and a server performed in the session information management module, monitoring a communication session between the user terminal and the server, Determining whether to intervene in a communication session between the user terminal and the server, when the communication session control module intervenes in a communication session between the user terminal and the server, A communication session and a second communication session between the user terminal and the traffic monitoring device, the encryption processing module performing encryption handshaking with the server in the first communication session, and in the second communication session, Performing shaking, determining whether the first communication session received through the first communication session Decrypting the first encrypted data received via the first communication session and the second encrypted data received through the second communication session, and performing a security control on the decrypted data by the traffic control module.
Alternatively, the encrypted data may include at least one of secure sockets layer (SSL) encrypted data and transport layer security (TLS) encrypted data.
Alternatively, the step of determining whether or not to intervene in the communication session between the user terminal and the server comprises the steps of: determining whether to intervene in the communication session between the user terminal and the server, The protocol header, and at least a portion of the payload to determine whether to intervene in a communication session between the user terminal and the server.
Alternatively, the step of performing the security control by the traffic control module may include determining whether the user requested URL of the first decrypted data decrypted with the first encrypted data is a preset URL or decrypting the second encrypted data Determining whether a user requested URL of a second decoded data is a preset URL, if at least one of the first communication session and the second communication session is to be terminated if the user requested URL is a preset URL, and And re-encrypting the first decrypted data and delivering it to the user terminal if the user requested URL is not a predetermined URL, or re-encrypting the second decrypted data and delivering the decrypted data to the server.
Alternatively, the step of performing the security control by the traffic control module may include: determining whether the first decrypted data decrypting the first encrypted data or the second decrypted data decrypted the second encrypted data is data related to a predetermined application , Changing the QoS of at least one of the first communication session and the second communication session when the first decoded data or the second decoded data is data related to a predetermined application, Terminating at least one of a first communication session and a second communication session, or transmitting a traffic cutoff message to at least one of a user terminal and a server, and when the first decoded data and the second decoded data are not data related to a predetermined application , Maintaining the first communication session and the second communication session And determining to do so.
Alternatively, the step of determining whether the first decoded data or the second decoded data is data related to a predetermined application may include mapping a name of the application and a signature of a protocol or a payload of the application to a mapping table Analyzing the signature of the protocol or the payload of the first decoded data or the second decoded data and determining whether the signature matches the signature of the protocol or the payload stored in the mapping table; Deciding the decoded data or the second decoded data as data related to a predetermined application.
Alternatively, the step of performing the security control by the traffic control module may include the steps of: performing first security by decrypting the first decrypted data obtained by decrypting the first encrypted data or the second decrypted data decrypted by the second encrypted data, Determining whether the data is related to at least one of group information, preset server information, preset server group information, and preset time information, and determining, based on the determination result, at least one of the first communication session and the second communication session Changing one QoS, terminating at least one of the first communication session and the second communication session, or sending a traffic cutoff message to at least one of the server and the user terminal.
Alternatively, the step of performing security control by the traffic control module may include the steps of: when the traffic control module receives the first decrypted data decrypting the first encrypted data and the second decrypted data decrypting the second decrypted data And forwarding at least one of the first decrypted data and the second decrypted data to the predetermined security apparatus so as to perform a security operation on at least one of the first decrypted data and the second decrypted data.
Alternatively, the method may further include, when receiving the blocking signal from the predetermined security device, blocking at least one of the first communication session and the second communication session.
Alternatively, the method may further include analyzing the decrypted data to perform traffic analysis of the first and second communication sessions.
In addition, a traffic monitoring apparatus for monitoring encrypted traffic according to an embodiment of the present invention is disclosed. The traffic monitoring apparatus monitors the encrypted traffic. The traffic monitoring apparatus monitors a communication session between the user terminal and the server, acquires communication session information between the user terminal and the server, A first communication session between the server and the traffic monitoring device and a second communication session between the user terminal and the traffic monitoring device when intervening in the communication session between the user terminal and the server, A cryptographic processing module that performs cryptographic handshaking with the server in the first communication session and performs cryptographic handshaking with the user terminal in the second communication session; Lt; RTI ID = 0.0 > first < / RTI > encrypted data and the second & About decryption module and the decoded data to decrypt the encrypted data can include traffic control module that performs security control.
Also disclosed is a computer program stored on a computer-readable medium, comprising a plurality of instructions executed by one or more processors in accordance with an embodiment of the present invention. The computer program comprising instructions for: acquiring communication session information between a user terminal and a server in a session information management module; monitoring a communication session between the user terminal and the server in a traffic analysis module; Wherein the communication session control module is operable, when intervening in a communication session between the user terminal and the server, to cause the communication session to perform a first communication session between the server and the traffic monitoring device, Instructions for causing the encryption processing module to perform encryption handshaking with the server in the first communication session and to perform encryption handshaking with the user terminal in the second communication session, Command, a first password received via the first communication session, With respect to the data and the command and a traffic control module and the decoded data to decrypt the second encrypted data received over the second communication session may include myeongryeongreul to to perform a security control.
The present invention can provide a solution for monitoring encrypted communication.
INDUSTRIAL APPLICABILITY The present invention can provide a solution capable of reducing the performance degradation and increasing the stability while monitoring the encrypted communication.
1 is a block diagram of a traffic monitoring apparatus for monitoring encrypted traffic according to an embodiment of the present invention.
2 is a schematic diagram illustrating a traffic surveillance system in accordance with an embodiment of the present invention.
3 is a flowchart of a method for monitoring cryptographic traffic monitoring cryptographic traffic according to an embodiment of the present invention.
Various embodiments are now described with reference to the drawings, wherein like reference numerals are used throughout the drawings to refer to like elements. In this specification, various explanations are given in order to provide an understanding of the present invention. It will be apparent, however, that such embodiments may be practiced without these specific details. In other instances, well-known structures and devices are provided in block diagram form in order to facilitate describing the embodiments.
The terms "component," "module," system, "and the like, as used herein, refer to a computer-related entity, hardware, firmware, software, combination of software and hardware, or execution of software. For example, a component may be, but is not limited to, a process executing on a processor, a processor, an object, an executing thread, a program, and / or a computer. For example, both an application running on a computing device and a computing device may be a component. One or more components may reside within a processor and / or thread of execution, one component may be localized within one computer, or it may be distributed between two or more computers. Further, such components may execute from various computer readable media having various data structures stored therein. The components may be, for example, a signal (e.g., a local system, data from one component interacting with another component in a distributed system, and / or data over a network, such as the Internet, Lt; RTI ID = 0.0 > and / or < / RTI >
The description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features presented herein.
1 is a block diagram of a traffic monitoring apparatus for monitoring encrypted traffic according to an embodiment of the present invention.
The
The
The
The
The
The session
The
The
The
When the
The
The
The encryption /
In encrypted communication, a user terminal and a server send and receive encrypted data, and a traffic monitoring device (for example, a security device) located between the server and the user terminal does not perform a security operation on the communication content between the server and the user terminal However, the
The encryption /
The encryption /
The encryption /
Accordingly, the
The
The
The
The
The
The
The
The
2 is a schematic diagram illustrating a traffic surveillance system in accordance with an embodiment of the present invention.
The traffic monitoring system according to an embodiment of the present invention may include a
The
The
The
The session
The
The communication
The
The encryption /
The
The
The
The
3 is a flowchart of a method for monitoring cryptographic traffic monitoring cryptographic traffic according to an embodiment of the present invention.
The method for monitoring encrypted traffic for monitoring encrypted traffic can be performed in the
The
The
The session
The
When the communication
The
The encryption and
The
The
The
Those of ordinary skill in the art will understand that information and signals may be represented using any of a variety of different technologies and techniques. For example, data, instructions, commands, information, signals, bits, symbols, and chips that may be referenced in the above description may include voltages, currents, electromagnetic waves, magnetic fields or particles, Particles or particles, or any combination thereof.
Those skilled in the art will appreciate that the various illustrative logical blocks, modules, processors, means, circuits, and algorithm steps described in connection with the embodiments disclosed herein may be embodied directly in electronic hardware, (Which may be referred to herein as "software") or a combination of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends on the design constraints imposed on the particular application and the overall system. Those skilled in the art may implement the described functionality in various ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The various embodiments presented herein may be implemented as a method, apparatus, or article of manufacture using standard programming and / or engineering techniques. The term "article of manufacture" includes a computer program, carrier, or media accessible from any computer-readable device. For example, the computer-readable medium can be a magnetic storage device (e.g., a hard disk, a floppy disk, a magnetic strip, etc.), an optical disk (e.g., CD, DVD, etc.), a smart card, (E. G., EEPROM, card, stick, key drive, etc.).
It will be appreciated that the particular order or hierarchy of steps in the presented processes is an example of exemplary approaches. It will be appreciated that, based on design priorities, certain orders or hierarchies of steps in processes may be rearranged within the scope of the present invention. The appended method claims provide elements of the various steps in a sample order, but are not meant to be limited to the specific order or hierarchy presented.
The description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features presented herein.
Claims (12)
Acquiring communication session information between a user terminal and a server performed in a session information management module;
Monitoring a communication session between the user terminal and the server performed in the traffic analysis module and determining whether to intervene in a communication session between the user terminal and the server;
Wherein the communication session control module separates the communication session into a first communication session between the server and the traffic monitoring device and a second communication session between the user terminal and the traffic monitoring device when intervening in the communication session between the user terminal and the server step;
The encryption processing module performs encryption handshaking with the server in the first communication session to generate a first symmetric key corresponding to the first communication session and performs encryption handshaking with the user terminal in the second communication session, Generating a second symmetric key corresponding to a second communication session;
Decrypting the first encrypted data received via the first communication session using the first symmetric key and using the second symmetric key to decrypt the second encrypted data received via the second communication session Decoding; And
The traffic control module performing security control on the decrypted data;
/ RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
Wherein the encrypted data comprises at least one of secure sockets layer (SSL) encrypted data and transport layer security (TLS) encrypted data.
A method for monitoring encrypted traffic performed by a traffic monitoring device.
Wherein determining whether to intervene in a communication session between the user terminal and the server comprises:
Based on at least one of the IP address information, the port number information, the host information, the protocol header, and the payload included in the server connection request or the server response of the user terminal, Lt; RTI ID = 0.0 > a < / RTI > communication session,
A method for monitoring encrypted traffic performed by a traffic monitoring device.
The step of the traffic control module performing the security control includes:
It is determined whether the user request URL of the first decrypted data decrypted with the first encrypted data is a preset URL or whether the user requested URL of the second decrypted data decrypted with the second encrypted data is a preset URL ;
Causing at least one of the first communication session and the second communication session to end if the user requested URL is a preset URL; And
Encrypting the first decrypted data and transmitting it to the user terminal if the user requested URL is not a predetermined URL, or re-encrypting the second decrypted data and transmitting the decrypted data to the server;
/ RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
The step of the traffic control module performing the security control includes:
Determining whether the first decrypted data decrypting the first encrypted data or the second decrypted data decrypted the second encrypted data is data related to a predetermined application;
Change the QoS of at least one of the first communication session and the second communication session when the first decoded data or the second decoded data is data related to a predetermined application or change the QoS of at least one of the first communication session and the second communication session, Terminating at least one of the user terminal and the server, or transmitting a traffic blocking message to at least one of the user terminal and the server; And
Determining to maintain the first communication session and the second communication session when the first decrypted data and the second decrypted data are not data related to a predetermined application;
/ RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
Wherein the step of determining whether the first decoded data or the second decoded data is data related to a predetermined application comprises:
Mapping a name of the application and a protocol of the application or a signature of a payload and storing the mapping in a mapping table;
Analyzing the protocol of the first decoded data or the second decoded data or the signature of the payload and determining whether the signature matches the signature of the protocol or the payload stored in the mapping table; And
Determining that the first decoded data or the second decoded data is data related to a predetermined application;
/ RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
The step of the traffic control module performing the security control includes:
The first decrypted data obtained by decrypting the first encrypted data or the second decrypted data obtained by decrypting the second encrypted data may be pre-set user information, preset user group information, preset server information, preset server group information, Determining whether the data is related to at least one of the time information; And
Change at least one of the first communication session and the second communication session based on the determination result, or terminate at least one of the first communication session and the second communication session, or at least one of the server and the user terminal Transmitting a traffic blocking message to one;
/ RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
The step of the traffic control module performing the security control includes:
The traffic control module may perform a security operation on at least one of the first decrypted data decrypting the first encrypted data and the second decrypted data decrypting the second decrypted data, Forwarding at least one of the data and the second decryption data to the predetermined security equipment;
/ RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
Blocking at least one of the first communication session and the second communication session when receiving a security shutdown signal from the predetermined security device;
≪ / RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
Analyzing the decrypted data to perform traffic analysis of the first and second communication sessions;
≪ / RTI >
A method for monitoring encrypted traffic performed by a traffic monitoring device.
A session information management module for acquiring communication session information between the user terminal and the server;
A traffic analysis module for monitoring a communication session between the user terminal and the server and determining whether to intervene in a communication session between the user terminal and the server;
A communication session control module for separating the communication session into a first communication session between the server and the traffic monitoring device and a second communication session between the user terminal and the traffic monitoring device when intervening in the communication session between the user terminal and the server;
Performing encryption handshaking with the server in the first communication session to generate a first symmetric key corresponding to the first communication session and performing encryption handshaking with the user terminal in the second communication session, An encryption processing module for generating a second symmetric key corresponding to the second symmetric key;
Decrypting the first encrypted data received via the first communication session using the first symmetric key, and using the second symmetric key to decrypt the second encrypted data received via the second communication session using the second symmetric key An encryption / decryption module for decrypting the encrypted data; And
A traffic control module for performing security control on the decrypted data;
/ RTI >
A traffic monitoring device that monitors encrypted traffic.
The computer program comprising:
Instructions for causing the session information management module to obtain communication session information between the user terminal and the server;
Monitoring a communication session between the user terminal and the server in the traffic analysis module to determine whether to intervene in a communication session between the user terminal and the server;
Wherein the communication session control module separates the communication session into a first communication session between the server and the traffic monitoring device and a second communication session between the user terminal and the traffic monitoring device when intervening in a communication session between the user terminal and the server ≪ / RTI >
The encryption processing module performs encryption handshaking with the server in the first communication session to generate a first symmetric key corresponding to the first communication session and performs encryption handshaking with the user terminal in the second communication session, Instructions for generating a second symmetric key corresponding to a second communication session;
Decrypting the first encrypted data received via the first communication session using the first symmetric key, and using the second symmetric key to decrypt the second encrypted data received via the second communication session An instruction to decode the data; And
Instructions for causing the traffic control module to perform security control on the decrypted data;
/ RTI >
A computer program stored on a computer-readable medium.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160030106A KR101847636B1 (en) | 2016-03-14 | 2016-03-14 | Method and apprapatus for watching encrypted traffic |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160030106A KR101847636B1 (en) | 2016-03-14 | 2016-03-14 | Method and apprapatus for watching encrypted traffic |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170106694A KR20170106694A (en) | 2017-09-22 |
KR101847636B1 true KR101847636B1 (en) | 2018-04-10 |
Family
ID=60035038
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160030106A KR101847636B1 (en) | 2016-03-14 | 2016-03-14 | Method and apprapatus for watching encrypted traffic |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101847636B1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20210056727A (en) * | 2019-11-11 | 2021-05-20 | 한전케이디엔주식회사 | Distributive automation system and method for communicating securely using the thereof |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102179538B1 (en) * | 2019-04-22 | 2020-11-16 | 주식회사 엑스게이트 | Commnunication packet processing method and ssl visibility apparatus processing commnunication packet |
KR102263755B1 (en) * | 2019-10-16 | 2021-06-11 | (주)소만사 | System and method forwarding for end point traffic |
CN114265744A (en) * | 2021-12-20 | 2022-04-01 | 奇安信科技集团股份有限公司 | Monitoring method and device for enterprise digital assets, storage medium and terminal |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110231649A1 (en) * | 2010-03-19 | 2011-09-22 | F5 Networks, Inc. | Aggressive rehandshakes on unknown session identifiers for split ssl |
KR101275709B1 (en) * | 2011-12-22 | 2013-07-30 | (주)소만사 | Packet processing system for network based data loss prevention capable of distributed processing depending on application protocol and method thereof |
-
2016
- 2016-03-14 KR KR1020160030106A patent/KR101847636B1/en active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110231649A1 (en) * | 2010-03-19 | 2011-09-22 | F5 Networks, Inc. | Aggressive rehandshakes on unknown session identifiers for split ssl |
KR101275709B1 (en) * | 2011-12-22 | 2013-07-30 | (주)소만사 | Packet processing system for network based data loss prevention capable of distributed processing depending on application protocol and method thereof |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20210056727A (en) * | 2019-11-11 | 2021-05-20 | 한전케이디엔주식회사 | Distributive automation system and method for communicating securely using the thereof |
KR102300369B1 (en) * | 2019-11-11 | 2021-09-08 | 한전케이디엔주식회사 | Distributive automation system and method for communicating securely using the thereof |
Also Published As
Publication number | Publication date |
---|---|
KR20170106694A (en) | 2017-09-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9749292B2 (en) | Selectively performing man in the middle decryption | |
US10091170B2 (en) | Method and apparatus for distributing encryption and decryption processes between network devices | |
US10652210B2 (en) | System and method for redirected firewall discovery in a network environment | |
US10742611B2 (en) | Method, a system and computer program products for securely enabling in-network functionality over encrypted data sessions | |
CN107666383B (en) | Message processing method and device based on HTTPS (hypertext transfer protocol secure protocol) | |
US9219709B2 (en) | Multi-wrapped virtual private network | |
KR101568713B1 (en) | System and method for interlocking a host and a gateway | |
US20130332724A1 (en) | User-Space Enabled Virtual Private Network | |
US9210128B2 (en) | Filtering of applications for access to an enterprise network | |
US9444807B2 (en) | Secure non-geospatially derived device presence information | |
US20160182471A1 (en) | Network security broker | |
KR101847636B1 (en) | Method and apprapatus for watching encrypted traffic | |
EP2706717A1 (en) | Method and devices for registering a client to a server | |
Touil et al. | Secure and guarantee QoS in a video sequence: a new approach based on TLS protocol to secure data and RTP to ensure real-time exchanges | |
US10277562B1 (en) | Controlling encrypted traffic flows using out-of-path analysis devices | |
CN105591748A (en) | Authentication method and device | |
KR101979157B1 (en) | Non-address network equipment and communication security system using it | |
US20080059788A1 (en) | Secure electronic communications pathway | |
KR20170060596A (en) | Communication security method and system using a non-address network equipment | |
CN108809888B (en) | Safety network construction method and system based on safety module | |
CN110995564B (en) | Message transmission method, device and secure network system | |
Bhoi et al. | Exploring The Security Landscape: A Comprehensive Analysis Of Vulnerabilities, Challenges, And Findings In Internet Of Things (Iot) Application Layer Protocols | |
JP2005065004A (en) | Method, device and program for inspecting encrypted communication data | |
US20230388106A1 (en) | Privacy-Preserving Filtering of Encrypted Traffic | |
CN115767535A (en) | Terminal vpn network access authentication method and system under 5G scene |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
N231 | Notification of change of applicant | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |