Disclosure of Invention
The invention aims to provide a router-based internet access management method and system aiming at the defects of the prior art, which can analyze different internet access users in real time and carry out intelligent internet access management on different users.
In order to achieve the purpose, the invention adopts the following technical scheme:
a network access management method based on a router comprises the following steps:
s1, capturing a data packet of the terminal equipment;
s2, extracting and storing domain names and/or English keywords of the preset number of the data packets within preset time;
and S3, distributing corresponding internet access authority for the terminal equipment according to the preset number of domain names and/or English keywords.
Preferably, step S2 specifically includes the steps of:
extracting all domain names and/or English keywords in the data packet within preset time;
and arranging according to the occurrence times of the domain names and/or the English keywords, extracting the domain names and/or the English keywords with the preset number in the front arrangement order, and storing.
Preferably, the router prestores a plurality of internet behavior modes and sets corresponding internet access permissions in each internet behavior mode, where the internet access permissions include internet access duration restriction, website access restriction, and internet speed restriction, and step S3 specifically includes the steps of:
calculating the similarity degree of the internet surfing behavior and each internet surfing behavior mode within preset time according to the occurrence frequency of the preset number of domain names and/or English keywords, and obtaining the internet surfing behavior mode with the maximum similarity degree with the internet surfing behavior;
and distributing the internet access authority for the internet access behavior according to the internet access behavior mode with the maximum similarity degree.
Preferably, the method further comprises the following steps:
judging whether the similarity degree between the internet surfing behavior and the internet surfing behavior pattern with the maximum similarity degree reaches a set threshold value or not, and if so, starting internet surfing permission;
the setting of the threshold value comprises the algorithm:
wherein m represents the degree of similarity, a
i、b
jThe ith domain name representing the frequency ranking in a preset time period is the same as the jth domain name in each currently queried storage internet behavior pattern, h represents a preset number of domain names, wherein a
iRepresenting the ratio of the frequency of the domain name appearing in the current time period to the total frequency of the preset number h of domain names appearing; b
jAnd the ratio of the frequency of the domain name in the inquired storage internet behavior pattern to the frequency sum of the preset number h of domain names in the storage behavior is shown.
Preferably, step S1 is preceded by the step of:
and judging whether the internet access authority management request information is received, if so, entering the step S1.
Correspondingly, still provide a online management system based on router, include:
the judging and grabbing module is used for grabbing the data packet of the terminal equipment;
the extraction storage module is used for extracting and storing the domain names and/or English keywords of the preset number of the data packets within the preset time;
and the authority distribution module is used for distributing corresponding internet access authorities for the terminal equipment according to the preset number of domain names and/or English keywords.
Preferably, the extraction storage module includes:
the extraction unit is used for extracting all domain names and/or English keywords in the data packet within preset time;
and the storage unit is used for carrying out arrangement according to the occurrence times of the domain names and/or the English keywords, extracting the domain names and/or the English keywords with the preset number in the front arrangement order and storing the domain names and/or the English keywords.
Preferably, the router prestores a plurality of internet access behavior modes and sets corresponding internet access permissions in each internet access behavior mode, where the internet access permissions include internet access duration restriction, website access restriction, and network speed restriction, and the permission allocation module includes:
the calculation unit is used for calculating the similarity degree of the internet surfing behavior and each internet surfing behavior mode within preset time according to the occurrence frequency of the preset number of domain names and/or English keywords, and acquiring the internet surfing behavior mode with the maximum similarity degree with the internet surfing behavior;
and the distribution unit is used for distributing the internet access authority for the internet access behavior according to the internet access behavior mode with the maximum similarity.
Preferably, the method further comprises the following steps:
a threshold judging unit, configured to judge whether a similarity degree between the internet access behavior and the internet access behavior pattern with the largest similarity degree reaches a set threshold, and if so, start an internet access permission;
the setting of the threshold value comprises the algorithm:
wherein m represents the degree of similarity, a
i、b
jThe ith domain name representing the frequency ranking in a preset time period is the same as the jth domain name in each currently queried storage internet behavior pattern, h represents a preset number of domain names, wherein a
iRepresenting the ratio of the frequency of the domain name appearing in the current time period to the total frequency of the preset number h of domain names appearing; b
jAnd the ratio of the frequency of the domain name in the inquired storage internet behavior pattern to the frequency sum of the preset number h of domain names in the storage behavior is shown.
Preferably, the method further comprises the following steps:
and the judgment management module is used for judging whether to receive the Internet access authority management request information or not, and if so, starting an Internet access authority management mode.
Compared with the prior art, the invention can analyze different internet users in real time and carry out intelligent internet management on different users. The identity type of the user is identified through the internet access behavior characteristics of the user, and an internet access authority mode adaptive to the user is distributed to the user, so that the internet access management mode is intelligent and efficient, complicated setting of each terminal is not needed, and the defect that the user cannot efficiently perform network management due to the fact that the user changes the setting and breaks through the internet access authority is also avoided.
Detailed Description
The following are specific embodiments of the present invention and are further described with reference to the drawings, but the present invention is not limited to these embodiments.
Example one
The embodiment provides a network access management method based on a router, as shown in fig. 1, including the steps of:
s11, capturing a data packet of the terminal equipment;
s12, extracting and storing domain names and/or English keywords of the preset number of the data packets within preset time;
and S13, distributing corresponding internet access authority for the terminal equipment according to the preset number of domain names and/or English keywords.
The embodiment provides a router-based internet access management method aiming at the characteristics that the existing internet access management can only aim at equipment but cannot aim at users, and the router-based internet access management method can intelligently identify the webpage browsing state of the internet access user, identify the internet access user according to the behavior characteristics of the internet access user, and manage the internet access.
Step S11 is that when the user terminal device connects to the router to surf the internet, the router captures the data packet of the terminal device used by the user, where the captured data packet maps the TCP packet with the destination port 80 and the UDP packet with the destination port 53 passing through the router into the user state space through the netfilter _ queue according to the iptables rule.
Step S12, the router extracts and stores the domain names and/or english keywords of the predetermined number of the data packets within the predetermined time, for example, the time T is the predetermined time, the time T can be set by the user, the default time is 10 minutes, and the main character strings or english keywords in the domain names and websites of the predetermined number of the data packets within the predetermined time are extracted. In this embodiment, the router mainly extracts the domain name of each data packet, extracts an english keyword or character string when an accurate domain name cannot be identified, identifies a web page accessed by a user by extracting the domain name and/or the english keyword, and further determines the type of a user who surfs the internet.
Preferably, step S12 specifically includes the steps of:
extracting all domain names and/or English keywords in the data packet within preset time;
and arranging according to the occurrence times of the domain names and/or the English keywords, extracting the domain names and/or the English keywords with the preset number in the front arrangement order, and storing.
Step S13, the router allocates a corresponding internet access right to the terminal device according to the preset number of domain names and/or english keywords, for example, if the domain names and/or website english keywords extracted in step S12 identify that most of the domain names and/or website english keywords are access websites of a learning type, it is determined that the user may be a child type, and then a learning type internet access right mode is allocated to the user; if the identified access websites are mostly shopping websites, video websites, business websites or social websites and the like, judging that the user is possibly a parent user, and allocating a leisure type internet access permission mode for the user. The identity type of the user is identified according to the internet surfing behavior characteristics of the user, and an internet surfing permission mode suitable for the user is distributed to the user, wherein the internet surfing permission mode can be that a specific access website is set for a family child, and can also be that the internet surfing time, the access time of the specific website or the limitation on the internet speed are limited.
Preferably, the router prestores a plurality of internet behavior modes and sets corresponding internet access permissions in each internet behavior mode, where the internet access permissions include internet access duration restriction, website access restriction, and internet speed restriction, as shown in fig. 2, step S13 specifically includes the steps of:
s13a, calculating the similarity degree of the internet surfing behavior and each internet surfing behavior mode within preset time according to the occurrence frequency of the preset number of domain names and/or English keywords, and obtaining the internet surfing behavior mode with the maximum similarity degree with the internet surfing behavior;
and S13b, distributing internet access permission for the internet access behavior according to the internet access behavior mode with the maximum similarity degree.
The router in the learning stage can learn and store a plurality of data tables, namely, a plurality of internet access behavior modes are stored, wherein the internet access behavior modes are determined according to the types of websites and the number of website accesses, internet access permissions under each internet access behavior mode are set, the internet access permissions comprise internet access duration limitation, website access limitation and internet speed limitation, and the behavior mode to which the internet access user belongs is judged according to the standard of the behavior mode in the later stage, so that the network management is performed on the internet access user according to the set internet access permissions under the internet access behavior mode.
Preferably, step S11 is preceded by the step of:
and judging whether the internet access authority management request information is received, if so, entering the step S1.
When the router does not start the internet access management request, the router does not perform internet access management on the terminal equipment, and the initiative of starting the internet access management authority is realized.
Correspondingly, this embodiment further provides an internet access management system based on a router, as shown in fig. 3, including:
the judging and grabbing module 11 is used for grabbing the data packet of the terminal equipment;
the extraction storage module 12 is configured to extract and store domain names and/or english keywords of a preset number of the data packets within a preset time;
and the authority distribution module 13 is configured to distribute corresponding internet access authorities to the terminal device according to the preset number of domain names and/or english keywords.
Preferably, the extraction storage module includes:
the extraction unit is used for extracting all domain names and/or English keywords in the data packet within preset time;
and the storage unit is used for carrying out arrangement according to the occurrence times of the domain names and/or the English keywords, extracting the domain names and/or the English keywords with the preset number in the front arrangement order and storing the domain names and/or the English keywords.
Preferably, the router prestores a plurality of internet behavior modes and sets corresponding internet access permissions in each internet behavior mode, and the permission allocation module 13 includes:
the calculating unit 131 is configured to calculate, according to the occurrence times of the preset number of domain names and/or english keywords, a degree of similarity between an internet behavior and each internet behavior pattern within a preset time, and obtain an internet behavior pattern with the maximum degree of similarity to the internet behavior;
the allocating unit 132 is configured to allocate an internet access right to the internet access behavior according to the maximum proximity internet access behavior mode.
Preferably, the method further comprises the following steps:
and the judgment management module is used for judging whether to receive the Internet access authority management request information or not, and if so, starting an Internet access authority management mode.
The method provided by the embodiment can identify the identity type of the user according to the internet surfing behavior characteristics of the user, and allocates the internet surfing authority mode suitable for the user, so that the internet surfing management mode is intelligent and efficient, complicated setting of each terminal is not needed, and the defect that the user cannot perform network management due to the fact that the user changes and breaks through the internet surfing authority is also not needed.
Example two
As shown in fig. 5, the embodiment is different from the first embodiment in that the present embodiment further includes a step S23c, where a threshold algorithm is set to determine whether to start an internet access management authority, so as to improve the internet access experience of a user, and as shown in the method described in fig. 4, the method includes the steps of:
s21, capturing a data packet of the terminal equipment;
s22, extracting and storing domain names and/or English keywords of the preset number of the data packets within preset time;
and S23, distributing corresponding internet access authority for the terminal equipment according to the preset number of domain names and/or English keywords.
Preferably, step S22 specifically includes the steps of:
extracting all domain names and/or English keywords in the data packet within preset time;
and arranging according to the occurrence times of the domain names and/or the English keywords, extracting the domain names and/or the English keywords with the preset number in the front arrangement order, and storing.
Preferably, the router prestores a plurality of internet access behavior patterns and allocates corresponding internet access permissions to each internet access behavior pattern, where the internet access permissions include internet access duration restrictions, website access restrictions, and internet speed restrictions, and step S23 specifically includes the steps of:
s23a, calculating the similarity between the internet surfing behavior and each internet surfing behavior mode within preset time according to the occurrence frequency of the preset number of domain names and/or English keywords, and obtaining the internet surfing behavior mode with the maximum similarity to the internet surfing behavior;
and S23b, distributing the internet access authority for the internet access behavior according to the internet access behavior mode with the maximum similarity.
Preferably, the method further comprises the following steps:
s23c, judging whether the similarity between the Internet surfing behavior and the Internet surfing behavior pattern with the maximum similarity reaches a set threshold value, and if so, starting Internet surfing permission;
the setting of the threshold value comprises the algorithm:
wherein m represents the degree of similarity, a
i、b
jThe ith domain name representing the frequency ranking in a preset time period is the same as the jth domain name in each currently queried storage internet behavior pattern, h represents a preset number of domain names, wherein a
iRepresenting the ratio of the frequency of the domain name appearing in the current time period to the total frequency of the preset number h of domain names appearing; b
jAnd the ratio of the frequency of the domain name in the inquired storage internet behavior pattern to the frequency sum of the preset number h of domain names in the storage behavior is shown.
Whether the terminal equipment starts the internet access authority is determined by judging whether the similarity between the internet access behavior of the user and the internet access behavior pattern with the maximum similarity reaches a set threshold value, so that the accuracy of internet access management can be effectively improved, and the condition that an inappropriate authority management mode is allocated to the user is avoided.
Preferably, step S21 is preceded by the step of:
and judging whether the internet access authority management request information is received, if so, entering the step S21.
Correspondingly, the present embodiment further provides an internet access management system based on a router, which is different from the first embodiment, and the present embodiment further includes a threshold determining unit 233, as shown in fig. 6, including:
the judging and grabbing module 21 is used for grabbing the data packet of the terminal equipment;
the extraction storage module 22 is configured to extract and store domain names and/or english keywords of a preset number of the data packets within a preset time;
and the authority distribution module 23 is configured to distribute corresponding internet access authorities to the terminal device according to the preset number of domain names and/or english keywords.
Preferably, the extraction storage module includes:
the extraction unit is used for extracting all domain names and/or English keywords in the data packet within preset time;
and the storage unit is used for carrying out arrangement according to the occurrence times of the domain names and/or the English keywords, extracting the domain names and/or the English keywords with the preset number in the front arrangement order and storing the domain names and/or the English keywords.
Preferably, the router prestores a plurality of internet access behavior modes and sets corresponding internet access permissions in each internet access behavior mode, where the internet access permissions include internet access duration restriction, website access restriction, and network speed restriction, and the permission allocation module includes:
a calculating unit 231, configured to calculate, according to the occurrence times of the preset number of domain names and/or english keywords, a degree of similarity between an internet behavior and each internet behavior pattern within a preset time, and obtain an internet behavior pattern with the maximum degree of similarity to the internet behavior;
and the allocating unit 232 is configured to allocate an internet access right to the internet access behavior according to the maximum-proximity internet access behavior mode.
Preferably, the method further comprises the following steps:
a threshold determining unit 233, configured to determine whether a similarity degree between the internet access behavior and the internet access behavior pattern with the maximum similarity degree reaches a set threshold, and if so, start an internet access permission;
the setting of the threshold value comprises the algorithm:
wherein m represents the degree of similarity, a
i、b
jThe ith domain name representing the frequency ranking in a preset time period is the same as the jth domain name in each currently queried storage internet behavior pattern, h represents a preset number of domain names, wherein a
iRepresenting the ratio of the frequency of the domain name appearing in the current time period to the total frequency of the preset number h of domain names appearing; b
jAnd the ratio of the frequency of the domain name in the inquired storage internet behavior pattern to the frequency sum of the preset number h of domain names in the storage behavior is shown.
Preferably, the method further comprises the following steps:
and the judgment management module is used for judging whether to receive the Internet access authority management request information or not, and if so, starting an Internet access authority management mode.
The embodiment determines that the terminal equipment starts the internet access authority by judging whether the similarity between the internet access behavior of the user and the internet access behavior pattern with the maximum similarity reaches the set threshold, so that the accuracy of internet access management can be effectively improved, and the condition that an inappropriate authority management mode is allocated to the user is avoided.
The specific embodiments described herein are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or ambit of the invention as defined in the appended claims.