摘要
智能手机的广泛应用导致越来越多的私人敏感数据在公共Internet网络上进行传输,而这些敏感数据关系到用户的个人财产安全和隐私安全.出于各种各样的目的,很多网站、APP会在用户未知情的情况下通过隐藏通信的手段将通信中的业务数据共享、分发给隐蔽的第三方,检测和分析这样的通信对提高通信的安全性和机密性意义重大.在介绍"中间人"攻击原理及mitmproxy软件的基础上提出了检测分析隐蔽HTTP/HTTPS通信流量的原理,并通过相关实验证实了原理的可行性.
With the wide spread use of intelligent mobile phone,more and more private sensitive data are being transported on the public Internet,which relates to the security of users’ individual property and privacy.Because of various purposes,many Webs or APPs would transfer or share the business data to the hidden third-party via hidden communication without noticing the user.It’s meaningful to detect and analyze this kind of communication for the purpose to improve the security and confidentiality of communication. After introducing Mit M attack and mitmproxy,we put forward principles to detect and analyze hidden HTTP / HTTPS communication flow,which are proved by corresponding experiment.
出处
《云南大学学报(自然科学版)》
CAS
CSCD
北大核心
2016年第S1期56-60,共5页
Journal of Yunnan University(Natural Sciences Edition)
基金
云南大学软件学院网络工程国家二类特色专业建设子项目("网络开放源代码体系"课程教学改革与实践)
