| With the rapid development of Internet and information security technology, security is playing a more and more important role in data transmission. But this information varies from good to bad; some harmful information can pollute the network environment. Those draw the government's attention. But there is still a kind of software which can encrypt data and transfer them through dynamic secure proxies. These encrypted data can not be recognized by control and monitoring measures. What we are going to do is to analyze this kind of software, grasp their runtime mechanism and present a scheme to control them.FreeGate Software acts as typical representative of that software, it can encrypt the data of software users and send it through dynamic changing proxy, so as to attain the target of secret browsing and avoid monitoring and web filtering. Traditional control method uses black-box method to analyze the communication process of this software and try to block it, not only do this method have a low efficiency, but also can't prove its result's completeness. This thesis proposes a new method which analyzes FreeGate by using reverse technology. We can analyze all the communication processes in FreeGate, and also we can reveal its core encrypt and decrypt algorithm, restore its inner data. In order to analyze FreeGate software, we first unpack FreeGate software, and then we analyze it by reverse technology; we grasp all the means of acquiring dynamic secret proxies and its encrypted communication process. Meanwhile, we also decrypt the secret information hidden in the software.Based on the analysis results of FreeGate, we design a series of blocking strategy to control it. We deploy our strategy on an experimental LAN to verify it. The result shows that the strategy could prevent the FreeGate software from acquiring secret proxy IP addresses, disable its communication function while guarantee the normal network services. |
PDF Full Text Request