CN107592214B - Method for identifying login user name of internet application system - Google Patents
Method for identifying login user name of internet application system Download PDFInfo
- Publication number
- CN107592214B CN107592214B CN201710747326.4A CN201710747326A CN107592214B CN 107592214 B CN107592214 B CN 107592214B CN 201710747326 A CN201710747326 A CN 201710747326A CN 107592214 B CN107592214 B CN 107592214B
- Authority
- CN
- China
- Prior art keywords
- user
- application system
- internet application
- login
- access flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a method for identifying a login user name of an Internet application system, which comprises the steps of obtaining sample information of a login page and a default service page of the Internet application system, and learning login logic of the Internet application system; analyzing a learning result according to the login logic obtained by learning to obtain the characteristics of the access flow; acquiring the access flow of an actual Internet application system; filtering the obtained access flow; and according to the characteristic value characteristics of the access flow, performing characteristic matching on the filtered access flow, and identifying the login user name. According to the method, the login logic of the Internet application system is learned, the learning result is analyzed, the characteristics of the access flow are obtained, the actually obtained access flow is reasonably subdivided and filtered, the parameter pair analysis in the access flow is further carried out, and the login user name of the Internet application system can be accurately and efficiently identified.
Description
Technical Field
The invention relates to the technical field of digital computing equipment or data processing methods particularly suitable for specific functions, in particular to a method for identifying an internet application system login user name in the technical field of network information.
Background
With the continuous development of internet technology, the internet application of wind and cloud surge turns to "real work" and is beginning to be inseparable from people's life. With the wide promotion and popularization of internet application, the number of users of internet application also increases in a blowout manner, and with the rapid increase of the number of users, the attention of internet application service providers to users is higher and higher, and user groups, user behaviors, user behavior preference, user safety and the like are concerned.
Identifying the internet application system login user name is the basis for analyzing the above mentioned information.
At present, a method for identifying a login user name of an internet application system is generally realized in a user characteristic matching mode, however, for the internet application with abundant forms and wide application range, the accuracy rate is greatly reduced, and the identification efficiency is greatly reduced.
Disclosure of Invention
The invention mainly aims to overcome the defects in the prior art and provide an optimized method for identifying the login user name of an Internet application system.
The technical scheme adopted by the invention is that the method for identifying the login user name of the Internet application system comprises the following steps:
step 1: acquiring sample information of a login page and a default service page of the Internet application system, and learning login logic of the Internet application system;
step 2: analyzing a learning result according to the login logic obtained by learning to obtain the characteristics of the access flow;
and step 3: acquiring the access flow of an actual Internet application system;
and 4, step 4: filtering the obtained access flow;
and 5: and (4) according to the characteristic value characteristics of the access flow, performing characteristic matching on the access flow filtered in the step (4) and identifying the login user name.
Preferably, in step 1, learning the login logic of the internet application system includes learning the login use logic of the internet application system and the login implementation logic of the internet application system.
Preferably, the login using logic of the internet application system comprises the following steps:
step 1.1.1: respectively inputting a user name and a password in a text box of a login page of the Internet application system, and confirming;
step 1.1.2: and judging whether the user name is matched with the password, if so, skipping to a default service page, and otherwise, prompting an error.
Preferably, the login implementation logic of the internet application system comprises the following steps:
step 1.2.1: after a user name and a password are respectively input into a text box of a login page of an Internet application system and confirmed, a server acquires values input into the text box corresponding to the user name and the password; the user name is { user _ key, user _ value }, and the password is { password _ key, password _ value };
step 1.2.2: transmitting the user name { user _ key, user _ value } and the password { password _ key, password _ value } to a server, and inquiring whether the user input in the step 1.2.1 exists in a database user table connected with the server;
step 1.2.3: if the log-in is successful, jumping to a default service page, and if the log-in is not successful, prompting an error.
Preferably, in the step 2, if the login page of the internet application system jumps to the default service page, the characteristics include two parameter pairs, namely, a user name { user _ key, user _ value } and a password { password _ key, password _ value } that are necessarily included in the access flow.
Preferably, the characteristics further include that the user name of the internet application system login page must be the first parameter pair { user _ key, user _ value } in the access traffic parameter pair.
Preferably, in step 3, by configuring the service IP and the port of the internet application system in the core switch, the access traffic from the client to the internet application system can be obtained in a mirror image manner.
Preferably, in the step 4, filtering the obtained access traffic includes the following steps:
step 4.1: configuring filtering time and a default service page according to the response time of the current Internet application system;
step 4.2: filtering the obtained access flow by adopting the filtering time to obtain the access flow in the time period of the filtering time;
step 4.3: and matching the default service page features with the filtered access flow again, wherein the filtered access flow comprises the access flow of the default service page appearing for the first time, and obtaining the filtered access flow.
Preferably, the filtering time is login time for jumping from a login page of the internet application system to a default service page.
Preferably, in the step 5, the feature matching includes the following steps:
step 5.1: using the user key word in the user _ key value related to the user, and obtaining { user _ key } combination by matching the characteristics of { user _ key, user _ value } combination containing the usern,user_valuenH, N belongs to N +;
step 5.2: identifying the user name as { user _ key1,user_value1User _ value in1。
The invention provides an optimized method for identifying the login user name of an Internet application system, which is characterized in that the characteristics of access flow are obtained by learning the login logic of the Internet application system and analyzing the learning result, the actually obtained access flow is reasonably subdivided and filtered, the parameter pair analysis in the access flow is further carried out, and the login user name of the Internet application system can be accurately and efficiently identified.
Drawings
FIG. 1 is a logic flow diagram of a login implementation of an Internet application system in accordance with the present invention;
FIG. 2 is a schematic flow chart of the present invention;
FIG. 3 is a schematic of the parameter versus filter of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below by way of examples with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some embodiments of the present invention, but not all embodiments, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts based on the embodiments of the present invention belong to the protection scope of the present invention.
The invention relates to a method for identifying a login user name of an Internet application system, which comprises the following steps.
Step 1: and acquiring sample information of a login page and a default service page of the Internet application system, and learning the login logic of the Internet application system.
In the step 1, learning the login logic of the internet application system includes learning the login use logic of the internet application system and the login implementation logic of the internet application system.
The login using logic of the internet application system comprises the following steps:
step 1.1.1: respectively inputting a user name and a password in a text box of a login page of the Internet application system, and confirming;
step 1.1.2: and judging whether the user name is matched with the password, if so, skipping to a default service page, and otherwise, prompting an error.
The login implementation logic of the Internet application system comprises the following steps:
step 1.2.1: after a user name and a password are respectively input into a text box of a login page of an Internet application system and confirmed, a server acquires values input into the text box corresponding to the user name and the password; the user name is { user _ key, user _ value }, and the password is { password _ key, password _ value };
step 1.2.2: transmitting the user name { user _ key, user _ value } and the password { password _ key, password _ value } to a server, and inquiring whether the user input in the step 1.2.1 exists in a database user table connected with the server;
step 1.2.3: if the log-in is successful, jumping to a default service page, and if the log-in is not successful, prompting an error.
In the invention, in step 1.2.2, when user _ key = user _ value and password _ key = password _ value, it indicates that the user input in step 1.2.1 exists in the database user table.
In the invention, the return value is related to the current user in the database user table, and in the actual operation process, the return value can use null or non-null, true or false, 0 or 1 and the like as a judgment mark, and a person skilled in the art can set the return value according to habits and requirements.
Step 2: and analyzing the learning result according to the login logic obtained by learning to obtain the characteristics of the access flow.
In the invention, the server in step 1.2.2 mainly relates to a service logic layer, and is used for inquiring terms related to a user name { user _ key, user _ value } and a password { password _ key, password _ value } in a database user table and obtaining a return value.
In the step 2, if the login page of the internet application system jumps to the default service page, the characteristics include that the access flow necessarily includes two parameter pairs of a user name { user _ key, user _ value } and a password { password _ key, password _ value }.
The characteristics further comprise that the user name of the login page of the Internet application system is the first parameter pair { user _ key, user _ value } in the access flow parameter pair.
And step 3: and acquiring the access flow of the actual Internet application system.
In step 3, the service IP and the port of the internet application system are configured in the core switch, so that the access traffic from the client to the internet application system can be obtained in a mirror image manner.
In the present invention, for example, when the IP of the internet application system is 192.168.65.8 and the service port is 8080, the two parameters are configured in the core switch, so that the access traffic of the internet application system can be obtained by mirroring.
And 4, step 4: the obtained access traffic is filtered.
In step 4, filtering the obtained access flow includes the following steps:
step 4.1: configuring filtering time and a default service page according to the response time of the current Internet application system;
step 4.2: filtering the obtained access flow by adopting the filtering time to obtain the access flow in the time period of the filtering time;
step 4.3: and matching the default service page features with the filtered access flow again, wherein the filtered access flow comprises the access flow of the default service page appearing for the first time, and obtaining the filtered access flow.
And the filtering time is the login time when the login page of the Internet application system jumps to the default service page.
In the invention, as can be seen from the step 2, the user name is identified only by acquiring the access flow from the internet application system login page to the default service page.
In the invention, the access flow is filtered mainly from time division and characteristic matching.
In the invention, the time division mainly means that the user name can be identified more accurately by knowing that the user jumps from the login page of the Internet application system to the default service page through statistical analysis of historical access data, the average time is 10S, the user name can be configured according to different Internet application systems, and the access flow is filtered according to the average time.
In the invention, generally, the filtering time is set as the login time, but in a specific internet application system, the time can be configured by self, and if the configured average time is 8S, the access flow from the login page of the internet application system to the front 8S of the default service page can be filtered.
In the invention, the characteristic matching mainly means that the default service page jumped to after the internet application system successfully logs in can be known from the historical access records, the configuration can be carried out according to different internet application systems, and the access flow containing the default service page appearing for the first time can be filtered by the characteristic matching of the default service page so as to more accurately identify the user name.
In the invention, assuming that the default service page is configured to be default.jsp, the access flow from the internet application system login page to the default.jsp matched in the access flow packet protocol header for the first time is filtered.
And 5: and (4) according to the characteristic value characteristics of the access flow, performing characteristic matching on the access flow filtered in the step (4) and identifying the login user name.
In the step 5, the feature matching includes the following steps:
step 5.1: by usersThe related information user _ key value contains a user keyword, and the { user _ key, user _ value } combination containing the user is obtained through feature matching to obtain the { user _ keyn,user_valuenH, N belongs to N +;
step 5.2: identifying the user name as { user _ key1,user_value1User _ value in1。
In the invention, according to the analysis result of the step 2, the user name appears in the first pair of { user _ keyn,user_valuenAnd (6) centering. Therefore, the user name is accurately identified as the parameter pair { user _ key1,user_value1User _ value of }1。
The foregoing lists merely illustrate specific embodiments of the invention. It is obvious that the present invention is not limited to the above embodiments, but many variations are possible. All modifications which can be derived or suggested by a person skilled in the art from the disclosure of the present invention are to be considered within the scope of the invention.
Claims (5)
1. A method for identifying the login user name of an Internet application system is characterized in that: the method comprises the following steps:
step 1: acquiring sample information of a login page and a default service page of the Internet application system, and learning login logic of the Internet application system; learning login logic of the internet application system comprises learning login use logic of the internet application system and login implementation logic of the internet application system;
the login using logic of the internet application system comprises the following steps:
step 1.1.1: respectively inputting a user name and a password in a text box of a login page of the Internet application system, and confirming;
step 1.1.2: judging whether the user name is matched with the password, if so, skipping to a default service page, and if not, prompting an error;
the login implementation logic of the Internet application system comprises the following steps:
step 1.2.1: after a user name and a password are respectively input into a text box of a login page of an Internet application system and confirmed, a server acquires values input into the text box corresponding to the user name and the password; the user name is { user _ key, user _ value }, and the password is { password _ key, password _ value };
step 1.2.2: transmitting the user name { user _ key, user _ value } and the password { password _ key, password _ value } to a server, and inquiring whether the user input in the step 1.2.1 exists in a database user table connected with the server;
step 1.2.3: if the login is successful, jumping to a default service page, and if the login is not successful, prompting an error;
step 2: analyzing a learning result according to the login logic obtained by learning to obtain the characteristics of the access flow;
and step 3: acquiring the access flow of an actual Internet application system;
and 4, step 4: filtering the obtained access flow;
in step 4, filtering the obtained access flow includes the following steps:
step 4.1: configuring filtering time and a default service page according to the response time of the current Internet application system;
step 4.2: filtering the obtained access flow by adopting the filtering time to obtain the access flow in the time period of the filtering time; the filtering time is the login time when a login page of the Internet application system jumps to a default service page;
step 4.3: matching and filtering the access flow containing the first-appearing default service page by using the default service page characteristics to obtain the filtered access flow;
and 5: and (4) according to the characteristic value of the access flow, performing characteristic matching on the access flow filtered in the step (4) and identifying the login user name.
2. The method of claim 1, wherein the method further comprises the steps of: in the step 2, if the login page of the internet application system jumps to the default service page, the characteristics include that the access flow necessarily includes two parameter pairs of a user name { user _ key, user _ value } and a password { password _ key, password _ value }.
3. The method of claim 2, wherein the step of identifying the login username comprises the steps of: the characteristics further comprise that the user name of the login page of the Internet application system is the first parameter pair { user _ key, user _ value } in the access flow parameter pair.
4. The method of claim 1, wherein the method further comprises the steps of: in step 3, the service IP and the port of the internet application system are configured in the core switch, so that the access traffic from the client to the internet application system can be obtained in a mirror image manner.
5. The method of claim 1, wherein the method further comprises the steps of: in the step 5, the feature matching includes the following steps:
step 5.1: obtaining { user _ key } combination by using user key words in user _ key values of information related to users and through feature matching of { user _ key, user _ value } combination containing usersn,user_valuenH, N belongs to N +;
step 5.2: identifying the user name as { user _ key1,user_value1User _ value in1。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710747326.4A CN107592214B (en) | 2017-08-28 | 2017-08-28 | Method for identifying login user name of internet application system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710747326.4A CN107592214B (en) | 2017-08-28 | 2017-08-28 | Method for identifying login user name of internet application system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107592214A CN107592214A (en) | 2018-01-16 |
| CN107592214B true CN107592214B (en) | 2021-05-14 |
Family
ID=61042312
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710747326.4A Active CN107592214B (en) | 2017-08-28 | 2017-08-28 | Method for identifying login user name of internet application system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107592214B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110417747B (en) * | 2019-07-08 | 2021-11-05 | 新华三信息安全技术有限公司 | Method and device for detecting violent cracking behavior |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103051637A (en) * | 2012-12-31 | 2013-04-17 | 北京亿赞普网络技术有限公司 | User identification method and device |
| CN103905379A (en) * | 2012-12-25 | 2014-07-02 | 腾讯科技(深圳)有限公司 | Method for identifying internet users and device thereof |
| EP2940954A1 (en) * | 2012-12-28 | 2015-11-04 | Huawei Technologies Co., Ltd. | Website identification method, device, and network system |
| CN106487806A (en) * | 2016-11-17 | 2017-03-08 | 上海斐讯数据通信技术有限公司 | The method and apparatus that in a kind of MVC framework, the page supports multi-user login |
-
2017
- 2017-08-28 CN CN201710747326.4A patent/CN107592214B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103905379A (en) * | 2012-12-25 | 2014-07-02 | 腾讯科技(深圳)有限公司 | Method for identifying internet users and device thereof |
| EP2940954A1 (en) * | 2012-12-28 | 2015-11-04 | Huawei Technologies Co., Ltd. | Website identification method, device, and network system |
| CN103051637A (en) * | 2012-12-31 | 2013-04-17 | 北京亿赞普网络技术有限公司 | User identification method and device |
| CN106487806A (en) * | 2016-11-17 | 2017-03-08 | 上海斐讯数据通信技术有限公司 | The method and apparatus that in a kind of MVC framework, the page supports multi-user login |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107592214A (en) | 2018-01-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109936512B (en) | Flow analysis method, public service flow attribution method and corresponding computer system | |
| CN105022960A (en) | Multi-feature mobile terminal malicious software detecting method based on network flow and multi-feature mobile terminal malicious software detecting system based on network flow | |
| CN108833437A (en) | One kind being based on flow fingerprint and the matched APT detection method of communication feature | |
| CN110868404B (en) | Industrial control equipment automatic identification method based on TCP/IP fingerprint | |
| WO2014040633A1 (en) | Identifying fault category patterns in a communication network | |
| CN103905379A (en) | Method for identifying internet users and device thereof | |
| CN112769623A (en) | Internet of things equipment identification method under edge environment | |
| CN114338064B (en) | Method, device, system, equipment and storage medium for identifying network traffic type | |
| CN109768936B (en) | Refined shunting system and shunting method | |
| CN103905507A (en) | Service information recommendation system and service information recommendation method | |
| CN105701224A (en) | Security information customized service system based on big data | |
| CN107592214B (en) | Method for identifying login user name of internet application system | |
| WO2022109417A1 (en) | Threat mitigation system and method | |
| CN110034979A (en) | A kind of proxy resources monitoring method, device, electronic equipment and storage medium | |
| CN110460593B (en) | Network address identification method, device and medium for mobile traffic gateway | |
| CN115378619A (en) | Sensitive data access method, electronic equipment and computer readable storage medium | |
| CN111368858B (en) | User satisfaction evaluation method and device | |
| CN109361618B (en) | Data flow marking method and device, computer equipment and storage medium | |
| WO2020163624A1 (en) | Systems and methods of gateway detection in a telephone network | |
| CN116738369A (en) | Traffic data classification method, device, equipment and storage medium | |
| CN113807373B (en) | Traffic identification method and device, equipment and storage medium | |
| CN105279230A (en) | Method and system for constructing internet application feature identification database with active learning method | |
| CN112822683B (en) | Method for detecting illegal external connection by using mobile network | |
| CN111585993B (en) | Method, device and equipment for detecting communication of hidden channel | |
| JP2023533354A (en) | Method, apparatus, system, device, and storage medium for realizing terminal verification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Zhejiang Zhongcai Building No. 68 Binjiang District road Hangzhou City, Zhejiang Province, the 310052 and 15 layer Applicant after: Hangzhou Anheng Information Technology Co.,Ltd. Address before: Zhejiang Zhongcai Building No. 68 Binjiang District road Hangzhou City, Zhejiang Province, the 310052 and 15 layer Applicant before: DBAPPSECURITY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180116 Assignee: Hangzhou Anheng Information Security Technology Co., Ltd Assignor: Hangzhou Anheng Information Technology Co.,Ltd. Contract record no.: X2021330000118 Denomination of invention: A method for identifying login user name of Internet application system Granted publication date: 20210514 License type: Common License Record date: 20210823 |
|
| EE01 | Entry into force of recordation of patent licensing contract |