[1] FREIER A, KARLTON P, KOCHER P. RFC: 6101. the secure sockets layer SSL protocol version 3.0[S]. Geneva: IETF, 2011. [2] DIERKS T, ALLEN C. RFC 2246: The TLS protocol, version 1.0[S]. Geneva: IETF, 1999. [3] DIERKS T, RESCORLA E. RFC 4346: the Transport Layer Security (TLS) protocol, version 1.1 [S]. Geneva: IETF, 2006. [4] DIERKS T. RFC 5246: the Transport Layer Security (TLS) protocol, version 1.2 [S]. Geneva: IETF, 2008. [5] MEYER C, SOMOROVSKY J, WEISS E, et al. Revisiting SSL/TLS implementations: new Bleichenbacher side channels and attacks[C]//Proceedings of the 23rd USENIX Security Symposium. Berkeley: USENIX, 2014: 733-748. [6] MEYER C, SCHWENK J. Sok: lessons learned from SSL/TLS attacks[C]//WISA 2013, LNCS 8267. Berlin: Springer-Verlag, 2014: 189-209. [7] KOUNAVIS M E, KANG X, GREWAL K, et al. Encrypting the Internet[J]. ACM SIGCOMM Computer Communication Review, 2011, 41(4): 135-146. [8] NETCRAFT. Web server survey[EB/OL]. [2015-04-18]. http://news.netcraft.com/archives/category/web-server-survey/. [9] NETCRAFT. Half a million widely trusted websites vulnerable to heartbleed bug[EB/OL]. [2015-04-18]. http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html. [10] VEHENT J. SSL/TLS analysis of the Internet's top 1000000 websites[EB/OL]. [2015-04-18]. https://jve.linuxwall.info/blog/index.php?post/TLS_Survey. [11] DANIELS T E, SPAFFORD E H. A network audit system for host-based intrusion detection (NASHID) in Linux[C]//ACSAC 2000: Proceedings of the 16th Annual Conference Computer Security Applications. Piscataway: IEEE Press,2000: 178-187. [12] ALMGREN M, LINDQVIST U. Application-integrated data collection for security monitoring[M]//Recent Advances in Intrusion Detection. Berlin: Springer-Verlag,2001: 22-36. [13] CASTELLUCCIA C, MYKLETUN E, TSUDIK G. Improving secure server performance by re-balancing SSL/TLS handshakes[C]//ASIACCS 2006: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security. New York: ACM Press, 2006: 26-34. [14] BILSKI P, WINIECKI W. Multi-core implementation of the symmetric cryptography algorithms in the measurement system[J]. Measurement, 2010, 43(8): 1049-1060. [15] APOSTOLOPOULOS G, PERIS V, SAHA D. Transport layer security: how much does it really cost?[C]//INFOCOM 1999: Proceedings of the Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Piscataway: IEEE Press, 1999: 717-725. [16] LIM N, MAJUMDAR S, SRIVASTAVA V. Engineering SSL-based systems for enhancing system performance[C]//ICPE 2011: Proceedings of the 2nd ACM/SPEC International Conference on Performance Engineering. New York: ACM Press,2011: 469-474. [17] MRAZ R. Secure Blue: an architecture for a scalable, reliable high volume SSL Internet server[C]//ACSAC 2001: Proceedings 17th Annual Computer Security Applications Conference. Piscataway: IEEE Press, 2001: 391-398. [18] KIM J H, CHOI G S, DAS C R. An SSL back-end forwarding scheme in cluster-based Web servers[J]. IEEE Transactions on Parallel and Distributed Systems, 2007, 18(7): 946-957. [19] KALISKI B. PKCS# 1: RSA encryption version 1.5[S]. Geneva: IETF, 1998. [20] WANG L. Apparatus and method for performing safety detection and content filtering to communication data: China, CN200610138 738[P]. 2008-03-12.(王磊. 一种对通信数据进行安全检查和内容过滤的装置和方法: 中国,CN200610138738[P]. 2008-03-12.) [21] REN L. Content auditing method, system based on safety protocol and content auditing equipment: China, CN200810114431[P]. 2011-02-16.(任亮. 基于安全协议的内容审计方法、系统和内容审计设备: 中国, CN200810114431[P].2011-02-16.) [22] DIFFIE W, HELLMAN M E. New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976, 22(6): 644-654. [23] CAVIUM. OCTEON Multi-core processor family [EB/OL]. [2015-04-18]. http://www.cavium.com/processor_security_octeon_software.htm. |