System and method for decoding traffic over proxy servers
First Claim
Patent Images
1. A method, comprising:
- receiving communication packets from a communication network;
identifying at least some of the communication packets as belonging to a communication session that is conducted between a client computer and a target server via a proxy server;
modifying at least some of the identified communication packets to represent an artificial direct session between the client computer and the target server, which does not traverse the proxy server;
decoding the modified packets so as to reconstruct the artificial direct session; and
presenting the reconstructed artificial direct session to a surveillance operator.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for applying surveillance to client computers that communicate via proxy servers. A decoding system accepts communication packets from a communication network. Based on the received packets, the decoding system identifies that a certain client computer conducts a communication session with a target server via a proxy server. The decoding system processes the packets so as to correlate the identity of the client computer with the identity of the target server. The correlated identities may comprise, for example, Internet Protocol (IP) addresses or Uniform Resource Locators (URLs).
23 Citations
10 Claims
-
1. A method, comprising:
-
receiving communication packets from a communication network; identifying at least some of the communication packets as belonging to a communication session that is conducted between a client computer and a target server via a proxy server; modifying at least some of the identified communication packets to represent an artificial direct session between the client computer and the target server, which does not traverse the proxy server; decoding the modified packets so as to reconstruct the artificial direct session; and presenting the reconstructed artificial direct session to a surveillance operator. - View Dependent Claims (2, 3, 4, 5)
-
-
6. Apparatus, comprising:
-
a network interface, which is configured to receive communication packets from a communication network; and a hardware processor, which is configured to identify at least some of the communication packets as belonging to a communication session that is conducted between a client computer and a target server via a proxy server, wherein the processor is configured to modify at least some of the identified communication packets to represent an artificial direct session between the client computer and the target server, which does not traverse the proxy server, to decode the modified packets so as to reconstruct the artificial session, and to present the reconstructed artificial direct session to a surveillance operator. - View Dependent Claims (7, 8, 9, 10)
-
Specification