The Design And Implementation Of HTTPS Monitoring System Based On MITM

Along with the broad application of information technique in every field of social economy, the degree dependence on information system is higher and higher. In a large scale corporation, each work such as operation disposal,financial management, statistic analysis, decision sustain, OA and HR Management are all based on information technique. Now information security is becoming a serious problem.Especially recent years, researchers have done a lot of study on encryption technique such as open secret key, symmetry encryption arithmetic, network accessing control, network firewall and system security management. Therefore, they authentically obtain many study harvests, for example, open secret key and symmetry encryption can defend the information translating in network against interception and wiretapping; firewall can prevent unlawful network users from accessing the information of inner network and restrict inner users to visit the outer information selectively; system security technique can control users accessing of sensitive data. However, when a network administrator tries to know where and what all inner users is accessing at anytime, he will find that it is almost impossible. So there is an exigent need to monitor and manage the network data on technique instrument to protect the network data.Starting with the status quo of network monitor and security management, this article introduces the mature techniques and a system applied in our country and overseas at first, and analyzes their advantage and disadvantage respectively. After comparing, we find that all these systems can't effectively monitor and manage the network operation by HTTPS protocol. But how to effectively monitor and manage HTTPS protocol is a difficult problem. Therefore, a HTTPS monitoring network information system solution based on MIMT (Man In The Middle) is proposed in this article to meet the actual needs of Internet Security Agency.Then, comparing from all kinds of network monitor models and data package capture techniques, monitor model and data package capture technique of HTTPS Monitor System are confirmed according to the technique request of HTTPS monitor. Upon this, a common monitor gateway of Netfilter package filtration framework based on Linux platform is designed and implemented. In this common monitor gateway, bottom function call is enveloped and optimized. Programmer can directly capture and control data package in kernel by the gateway without programming codes by calling the bottom function. So this common monitor gateway has a great value in use on package filtration firewall, accessing control and audit based on user and inbreak detection.Finally, according to the actual requirement of HTTPS monitor System, design rules and demands of HTTPS monitor system is proposed. Based on the common monitor gateway and MITM technique, a HTTPS proxy server is accomplished to monitor HTTPS protocol.