CN110572700A - Client risk identification method and system - Google Patents

Client risk identification method and system Download PDF

Info

Publication number
CN110572700A
CN110572700A CN201910885147.6A CN201910885147A CN110572700A CN 110572700 A CN110572700 A CN 110572700A CN 201910885147 A CN201910885147 A CN 201910885147A CN 110572700 A CN110572700 A CN 110572700A
Authority
CN
China
Prior art keywords
client
score
risk
current
turning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910885147.6A
Other languages
Chinese (zh)
Other versions
CN110572700B (en
Inventor
易桂
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Original Assignee
Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Happly Sunshine Interactive Entertainment Media Co Ltd filed Critical Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Priority to CN201910885147.6A priority Critical patent/CN110572700B/en
Publication of CN110572700A publication Critical patent/CN110572700A/en
Application granted granted Critical
Publication of CN110572700B publication Critical patent/CN110572700B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25808Management of client data

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Graphics (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a client risk identification method and a client risk identification system, and relates to the technical field of video back-end development. According to the identification method of the client risk, when a client requests to access a server interface, risk grade identification is performed for one time, grades of the client are obtained according to different types of the client, and then the risk grade and the allowed access frequency of the client are determined according to the grades, so that the frequency of interface access requests of the client is limited, the calculation pressure of the server is reduced, the calculation resources of the server are saved, and the phenomenon that the server interface is maliciously requested is avoided; according to the risk identification method, scoring is carried out according to different types of the client, and when the same type of client is scored, dynamic adjustment is carried out according to an actual service scene, so that the scoring of the client is more real and credible, and the accuracy of judging the malicious interface access request is improved.

Description

Client risk identification method and system
Technical Field
the invention belongs to the technical field of video back-end development, and particularly relates to a client risk identification method and system.
Background
with the development of network technology, users often use video players to watch their favorite video resources. Because the interface extranet of the client requesting the server data can be accessed, the individual malicious server requesting interface appears for the purpose of profit-making, which causes the waste of server computing resources.
At present, the server does not make any limitation on the interface request.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a client risk identification method, which identifies the risk level of a client according to interface access request information of the client, and then makes the limitation of request frequency according to the risk level, wherein the higher the risk level is, the fewer the request times are allowed in unit time, so as to solve the problem of server computing resource waste caused by too many malicious requests.
According to the identification system for the client risk, when an interface access request sent by a client is received, the identification unit identifies the type of the client according to the ID or IP of the client, and then scores the client by adopting a corresponding scoring method according to the type so as to confirm the risk level and the allowed access frequency of the client, and the access limiting unit limits the times of the interface access request of the client according to the allowed access frequency so as to reduce the times of the allowed request of the client with high risk level and reduce the waste of computing resources.
the invention solves the technical problems through the following technical scheme: a client risk identification method comprises the following steps:
when the server side receives an interface access request sent by the client side, obtaining the score of the client side according to the ID or IP of the client side, and then determining the risk level and the allowed access frequency of the client side according to the score;
the server limits the times of the client interface access requests according to the allowed access frequency;
Dividing the client into an ID client and an IP client according to the ID or the IP of the client; and the ID class client carries out grading according to the content playing times, and the IP class client carries out grading according to a grading reduction strategy.
according to the identification method of the client risk, when the client requests to access the server interface, risk grade identification is performed once to obtain the allowed access frequency of the client, so that the number of times of the client interface access requests is limited, the server is protected, the calculation pressure of the server is reduced, and the calculation resources of the server are saved; different clients adopt different grading operations, so that the grading of the clients is more accurate, and all the clients have the grading, thereby more accurately limiting the times of interface access requests.
Further, the ID includes a user ID and a device ID.
Further, the specific scoring method of the ID class client is as follows:
1.11, judging whether the content playing frequency p of the ID client is zero, if so, turning to a step 1.12, otherwise, turning to a step 1.14;
when the ID client does not generate the content playing times, making p equal to 0;
1.12 judging whether the ID client has scoring record, if yes, recording the scoring as SUDthen the current score S 'of the ID class client'UD=SUD-1, go to step 1.13, otherwise score S 'currently'UD=SUD0And turning to the step 1.16;
Wherein S isUDRepresenting historical score, S 'of ID type client'UDcurrent rating, S, representing ID class clientUD0Representing a preset initial score of the ID client;
1.13 judging the current score S 'of the ID client'UDWhether or not it is greater than a preset initial score SUD0If yes, go to step 1.16, otherwise delete current score S'UDStep 1.16;
1.14 judging whether the ID client has scoring record, if not, making SUD=SUD0Go to step 1.15, otherwise, note the score as SUDand turning to the step 1.15;
1.15 the current score of the ID client is S'UD=SUD+ p, judging the current score S'UDwhether or not it is greater than a preset upper limit score SUDHand if yes, then S'UD=SUDHStep 1.16 is carried out, otherwise step 1.16 is carried out;
When the ID client generates the first content playing time p, making p equal to 1, and when the ID client generates one content playing time p, making p equal to p + 1; p represents the content playing times of the ID type client;
1.16 output the current score S 'of the ID class client'UD
Current score S 'of ID type client'UDAnd can be used as the history of the ID client when the interface access request is sent next timeand (6) scoring. The content playing times are the evidence for the user or equipment to really watch the video, the video is real and reliable, the scoring is carried out through the content playing times, the frequency of the interface access request is limited according to the scoring, the problem of too many malicious requests can be solved more accurately, and the waste of computing resources of the server is avoided.
further, the current score of the ID client is obtained in an offline timing query mode.
Because the obtained content playing times have the time delay, the current score obtained by adopting the offline timing query mode is more accurate, and the problem of inaccurate current score caused by the time delay of the content playing times is avoided.
Further, the specific scoring method of the IP-based client is as follows:
1.21 judging whether the IP client hits the classification reduction strategy, if so, switching to step 1.22, otherwise, switching to step 1.24;
When the IP client does not send an interface access request, the IP client has no scoring record; the score reduction strategy is formulated according to the actual service scene of the IP client;
1.22 judging whether the IP client has scoring record, if not, making SIP=SIP0Go to step 1.23, otherwise, note the score as SIPAnd turning to the step 1.23;
Wherein S isIPrepresenting the historical score, S, of the IP-like clientIP0Representing a preset initial score of the IP client;
1.23 the current score of the IP client is S'IP=SIP-a; judging current score S'IPWhether or not less than a preset lower limit score SIPLAnd if yes, then S'IP=SIPLstep 1.26 is carried out, otherwise step 1.26 is carried out;
wherein A represents the reduction amplitude in the reduction strategy;
1.24 judging whether the IP client has score record, if yes, recording the score as SIPIf the current score of the IP type client is S'IP=SIP+1, go to step 1.25, otherwise score S 'currently'IP=SIP0And turning to the step 1.26;
1.25 judge Current score S'IPwhether the score is greater than the preset initial score S of the IP clientIP0And if so, deleting the current score S'IPIf not, the step 1.26 is carried out;
1.26 output Current Scoring S 'of IP class client'IP
current score S 'of IP type client'IPAnd can also be used as the historical score of the IP client when the interface access request is sent next time. For the interface access request of the IP client, different score reduction strategies are formulated according to the actual service scene of the IP client, so that the score of the output IP client is more credible, and the accuracy of judging the malicious interface access request is improved.
Further, the specific operation of obtaining the score of the client is as follows:
2.1 according to the user ID and IP of the client, judging whether the user ID and IP correspond to the user ID and IP for storing the score, if so, returning the score, otherwise, turning to the step 2.2;
2.2 according to the device ID and IP of the client, judging whether the device ID and IP correspond to the device ID and IP for storing the score, if so, returning the score, otherwise, turning to the step 2.3;
2.3 according to the user ID of the client, judging whether the user ID corresponds to the user ID for storing the score, if so, returning the score, otherwise, turning to the step 2.4;
2.4 judging whether the equipment ID corresponds to the equipment ID scored by the user according to the equipment ID of the client, if so, returning the score, otherwise, turning to the step 2.5;
2.5 according to the IP of the client, judging whether the IP corresponds to the IP for storing the score, if so, returning the score.
when a client sends an interface access request, the score of the client is stored according to the user ID, the equipment ID or the IP of the client, the priority level is set when the score of the client is obtained, the highest priority level is that the user ID corresponds to the IP, the equipment ID corresponds to the IP, then the user ID corresponds to the equipment ID in sequence, the equipment ID corresponds to the IP, the client is identified more accurately by taking the user ID and the IP as the highest priority level, and the accuracy of the client corresponding to the score is improved.
Correspondingly, a system for identifying client risks comprises:
the identification unit is used for identifying the type of the client according to the ID or the IP of the client, and the client comprises an ID client and an IP client;
The grading unit is used for selecting a grading method of an ID class client or a grading method of an IP class client according to the type of the client to calculate the grade of the client and obtain the risk level and the allowed access frequency of the client according to the grade;
The storage unit is used for storing the scores of the client, the risk levels corresponding to the scores and the allowed access frequency according to the user ID, the equipment ID or the IP;
And the access limiting unit is used for limiting the times of the interface access requests of the client according to the scores and the allowed access frequency of the client sending the interface access requests.
Advantageous effects
Compared with the prior art, the method for identifying the risk of the client firstly identifies the risk level once when the client requests to access the server interface each time, obtains the score of the client according to different types of the client, and then determines the risk level and the allowed access frequency of the client according to the score, so that the times of interface access requests of the client are limited, the calculation pressure of the server is reduced, the calculation resources of the server are saved, and the phenomenon that the server interface is maliciously requested is avoided; according to the risk identification method, scoring is carried out according to different types of the client, and when the same type of client is scored, dynamic adjustment is carried out according to an actual service scene, so that the scoring of the client is more real and credible, and the accuracy of judging the malicious interface access request is improved.
drawings
in order to more clearly illustrate the technical solution of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only one embodiment of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a flowchart of a scoring method for an ID class client according to an embodiment of the present invention;
FIG. 2 is a flowchart of a scoring method for an IP client according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating an operation of obtaining a score of a client according to an embodiment of the present invention.
Detailed Description
The technical solutions in the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a client risk identification method, which comprises the following steps:
1. The method comprises the steps of obtaining the ID or the IP of a client sending an interface access request to a service end, dividing the client into an ID client and an IP client according to the ID or the IP of the client, wherein the ID comprises a user ID and an equipment ID, one client is considered to be the IP client when the user ID or the equipment ID does not exist, and the client is the ID client if the user ID or the equipment ID exists. The ID client-side scores according to the content playing times, the IP client-side scores according to the score reduction strategy, different scoring operations are adopted according to different types of the client-sides, so that the scoring of the client-sides is more accurate, all the client-sides have scoring, and the accuracy of judging malicious brush interfaces is improved.
as shown in fig. 1, the specific scoring method for the ID class client is as follows:
1.11, judging whether the content playing frequency p of the ID client is zero, if so, turning to a step 1.12, otherwise, turning to a step 1.14;
When the ID client does not generate the content playing times, making p equal to 0;
1.12 judging whether the ID client has scoring record, if yes, recording the scoring as SUDthen the current score S 'of the ID class client'UD=SUD-1, go to step 1.13, wherein SUDrepresenting historical score, S 'of ID type client'UDRepresenting the current rating of the ID class client; else, current score S'UD=SUD0go to step 1.16, wherein SUD0Representing a preset initial score of the ID client;
In this embodiment, according to the scoring rule of percentile system, S is setUD0=80;
1.13 judging the current score S 'of the ID client'UDWhether or not it is greater than a preset initial score SUD0If yes, the step 1.16 is carried out; else delete current score S'UDStep 1.16;
1.14 judging whether the ID client has scoring record, if not, making SUD=SUD0And turning to the step 1.15; otherwise, the score is recorded as SUDand turning to the step 1.15;
1.15 the current score of the ID client is S'UD=SUD+ p, p represents the content playing times of the ID client; judging current score S'UDWhether or not it is greater than a preset upper limit score SUDHAnd if yes, then S'UD=SUDHStep 1.16 is carried out, otherwise step 1.16 is carried out;
When the ID client generates the first content playing time p, making p equal to 1, and when the ID client generates one content playing time p, making p equal to p + 1; in this embodiment, according to the scoring rule of percentile system, S is setUDH=100;
1.16 output the current score S 'of the ID class client'UD
Current score S 'of ID type client'UDAnd can be used as the next time when an interface access request is senthistorical scoring of the ID class client. The content playing times are the evidence for the user or equipment to really watch the video, the video is real and reliable, the scoring is carried out through the content playing times, the frequency of the interface access request is limited according to the scoring, the problem of too many malicious requests can be solved more accurately, and the waste of computing resources of the server is avoided. If the client generates the content playing times, the client can be regarded as a trusted client, the risk level is the lowest level, but the client cannot be regarded as an illegal client when the client does not generate the content playing times, so that when the content playing times are not generated and the current score is smaller than the preset initial score SUD0and if the client is an illegal client, deleting the score record, acquiring the IP of the client, and continuously inquiring the score corresponding to the IP of the client (acquiring the score by the IP type client).
As shown in fig. 2, the specific scoring method for the IP-based client includes:
1.21 judging whether the IP client hits the classification reduction strategy, if so, turning to step 1.22; otherwise, turning to step 1.24; when the IP client does not send an interface access request, the IP client has no scoring record;
The score reduction strategy is formulated according to the actual service scene of the IP client; the score reduction strategy is divided into a general strategy and a service customization strategy, and in the embodiment, the general strategy is as follows: a. if the access times of a single interface are more than 100 within 1 minute, reducing the amplitude A to 1; b. for the Aliyun computer room IP, if the access frequency of a single interface is more than 100 within 1 minute, the division amplitude A is reduced to 5; the service customization strategy is as follows: the mobile phone end requests to play the string-taking interface to confirm necessary general parameters, and the division amplitude A is reduced to 1;
1.22 judging whether the IP client has scoring record, if not, making SIP=SIP0Go to step 1.23, SIPRepresenting the historical score, S, of the IP-like clientIP0Representing a preset initial score of the IP client; otherwise, the score is recorded as SIPAnd turning to the step 1.23; in this embodiment, according to the scoring rule of percentile system, S is setIP0=100;
1.23 this IP classclient 'S current score of S'IP=SIP-a, wherein a represents a degree of reduction in a reduction strategy; judging current score S'IPWhether or not less than a preset lower limit score SIPLand if yes, then S'IP=SIPLstep 1.26 is carried out, otherwise step 1.26 is carried out; in this embodiment, let SIPL=0;
1.24 judging whether the IP client has score record, if yes, recording the score as SIPIf the current score of the IP type client is S'IP=SIP+1, go to step 1.25; else, current score S'IP=SIP0And turning to the step 1.26;
1.25 judge Current score S'IPWhether the score is greater than the preset initial score S of the IP clientIP0And if so, deleting the current score S'IPIf not, the step 1.26 is carried out;
1.26 output Current Scoring S 'of IP class client'IP
Current score S 'of IP type client'IPand can also be used as the historical score of the IP client when the interface access request is sent next time. For the interface access request of the IP client, different score reduction strategies are formulated according to the actual service scene of the IP client, so that the score of the output IP client is more credible, and the accuracy of judging the malicious interface access request is improved. If the ID and the IP of the client are used for inquiring the score, and the score is not inquired, the score of the client is set as a preset initial score S of the IP type clientIP0
2. when the server side receives an interface access request sent by the client side, the score of the client side is obtained according to the ID or IP of the client side, and then the risk level and the allowed access frequency of the client side are determined according to the score.
When a client sends an interface access request, storing the score of the client according to the user ID, the equipment ID or the IP address of the client, setting a priority level when obtaining the score of the client, wherein the highest priority is that the user ID and the IP address are both corresponding, the equipment ID and the IP address are both corresponding, then the user ID, the equipment ID and the IP are respectively corresponding in sequence, and the client is identified more accurately by taking the user ID and the IP corresponding as the highest priority, so that the accuracy of the client corresponding to the score is improved; as shown in fig. 3, the specific operation of obtaining the score is:
2.1 according to the user ID and IP address of the client, judging whether the user ID and IP correspond to the user ID and IP for storing the score, if so, returning the score, otherwise, turning to the step 2.2;
2.2 according to the device ID and IP address of the client, judging whether the device ID and IP correspond to the device ID and IP for storing the score, if so, returning the score, otherwise, turning to the step 2.3;
2.3 according to the user ID of the client, judging whether the user ID corresponds to the user ID for storing the score, if so, returning the score, otherwise, turning to the step 2.4;
2.4 judging whether the equipment ID corresponds to the equipment ID for storing the score according to the equipment ID of the client, if so, returning the score, otherwise, turning to the step 2.5;
2.5 according to the IP address of the client, judging whether the IP corresponds to the IP address for storing the score, if so, returning the score.
The client is an ID client, the current score of the client is obtained by adopting an offline timing query mode, after the client generates a content playing behavior, an http request is sent to the server and a log is reported, the server analyzes the log at regular time, the content playing frequency generated by the client is calculated, and the score is obtained, namely the offline timing query score. Because the obtained content playing times p have the time delay, the current score obtained by adopting the offline timing query mode is more accurate, and the problem of inaccurate current score caused by the time delay of the content playing times is avoided. The client is an IP client, calculates the number of interface access requests sent by the IP address in real time, and then obtains the current score of the IP address.
Determining the risk level and the corresponding allowed access frequency of the client according to the score of the client, as shown in the following table 1:
TABLE 1 score and Risk level, Access frequency correspondence Table
Risk rating Risk level coding Score Range allowed access frequency per minute
First stage 0 [80,100] 100
Second stage 1 [60,80] 80
third stage 2 [40,60] 50
fourth stage 3 [20,40] 5
Fifth stage 4 [0,20] 0
as can be seen from table 1, the higher the risk level is, the less the access frequency is allowed per minute, thereby limiting the number of times of maliciously requesting the server interface, and for the client with the highest risk level, directly rejecting the request of the server interface, protecting the server, reducing the pressure of the server, and thus saving the computing resources of the server.
3. the server limits the number of times of the client interface access request according to the corresponding allowed access frequency in the table 1 so as to reduce malicious requests, thereby reducing the pressure of the server and saving the computing resources of the server.
a client risk identification system, comprising:
the identification unit is used for identifying the type of the client according to the ID or the IP of the client, and the client comprises an ID client and an IP client;
The grading unit is used for selecting a grading method of an ID class client or a grading method of an IP class client according to the type of the client to calculate the grade of the client and obtain the risk level and the allowed access frequency of the client according to the grade;
The storage unit is used for storing the scores of the client, the risk levels corresponding to the scores and the allowed access frequency according to the user ID, the equipment ID or the IP;
And the access limiting unit is used for limiting the times of the interface access requests of the client according to the scores and the allowed access frequency of the client sending the interface access requests.
Taking a video player as an example of a client, each company has its own video player, such as a fox video player, a kuku video player, and the like, the video player is configured to receive an on-demand instruction of a user, initiate on-demand information to an on-demand backend server (send an interface access request to a server), the on-demand backend server communicates with a rating server, obtain a risk level and an allowed access frequency of the video player according to a user ID, a device ID, or an IP of the video player, the on-demand backend server limits the number of times the on-demand information initiated by the video player is allowed according to the risk level and the allowed access frequency, and an example of an on-demand scenario is as follows:
1. Logging in a user to request 'happy first date of a major camp' for the first time, receiving a user request instruction by a video player, and initializing an initial score of an IP address to be 100 points;
2. Because the risk level of the IP address is the first level, other clients of the IP address can request the interface 100 times per minute if the interfaces are brushed maliciously, but because the risk level is the first level, the possibility of brushing the interfaces maliciously is extremely low;
3. If the IP address sends a malicious request which requires more than 100 times to the server every minute (corresponding to a score reduction strategy, the score reduction amplitude is 1), the current score of the IP is reduced to 100-1 to 99, and if the IP address sends the malicious request which requires more than 100 times continuously for 60 minutes, the current score of the IP is reduced to 100-60 to 40;
4. Because the risk level of the IP address is the third level, the IP can request 50 times per minute, and a large amount of subsequent malicious requests from the IP address are effectively prevented.
The above disclosure is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of changes or modifications within the technical scope of the present invention, and shall be covered by the scope of the present invention.

Claims (7)

1. A client risk identification method is characterized by comprising the following steps:
when the server receives an interface access request sent by the client, the server obtains the score of the client according to the ID or IP of the client, and then determines the risk level and the allowed access frequency of the client according to the score;
the server limits the times of the client interface access requests according to the allowed access frequency; dividing the client into an ID client and an IP client according to the ID or the IP of the client; and the ID class client carries out grading according to the content playing times, and the IP class client carries out grading according to a grading reduction strategy.
2. a method for identifying client risk as claimed in claim 1, wherein said ID comprises a user ID and a device ID.
3. the method for identifying client risk according to claim 1, wherein the specific scoring method for the ID class client is as follows:
1.11, judging whether the content playing frequency p of the ID client is zero, if so, turning to a step 1.12, otherwise, turning to a step 1.14;
when the ID client does not generate the content playing times, making p equal to 0;
1.12 judging whether the ID client has scoring record, if yes, recording the scoring as SUDThen the current score S 'of the ID class client'UD=SUD-1, go to step 1.13, otherwise score S 'currently'UD=SUD0And turning to the step 1.16;
Wherein S isUDRepresenting historical score, S 'of ID type client'UDcurrent rating, S, representing ID class clientUD0representing a preset initial score of the ID client;
1.13 judging the current score S 'of the ID client'UDWhether or not it is greater than a preset initial score SUD0if yes, go to step 1.16, otherwise delete current score S'UDStep 1.16;
1.14 judging whether the ID client has scoring record, if not, making SUD=SUD0go to step 1.15, otherwise, note the score as SUDAnd turning to the step 1.15;
1.15 the current score of the ID client is S'UD=SUD+ p, judging the current score S'UDwhether or not it is greater than a preset upper limit score SUDHAnd if yes, then S'UD=SUDHStep 1.16 is carried out, otherwise step 1.16 is carried out;
When the ID client generates the first content playing time p, making p equal to 1, and when the ID client generates one content playing time p, making p equal to p + 1; p represents the content playing times of the ID type client;
1.16 output the current score S 'of the ID class client'UD
4. the method for identifying client risk as claimed in claim 3, wherein the current score of the ID class client is obtained by means of offline timing query.
5. the method for identifying client risk according to claim 1, wherein the specific scoring method for the IP-based client is as follows:
1.21 judging whether the IP client hits the classification reduction strategy, if so, switching to step 1.22, otherwise, switching to step 1.24;
When the IP client does not send an interface access request, the IP client has no scoring record; the score reduction strategy is formulated according to the actual service scene of the IP client;
1.22 judging whether the IP client has scoring record, if not, making SIP=SIP0Go to step 1.23, otherwise, note the score as SIPAnd turning to the step 1.23;
wherein S isIPRepresenting the historical score, S, of the IP-like clientIP0representing a preset initial score of the IP client;
1.23 the current score of the IP client is S'IP=SIP-a; judging current score S'IPwhether or not less than a preset lower limit score SIPLand if yes, then S'IP=SIPLStep 1.26 is carried out, otherwise step 1.26 is carried out;
Wherein A represents the reduction amplitude in the reduction strategy;
1.24 judging whether the IP client has score record, if yes, recording the score as SIPIf the current score of the IP type client is S'IP=SIP+1, go to step 1.25, otherwise score S 'currently'IP=SIP0And turning to the step 1.26;
1.25 judge Current score S'IPWhether the score is greater than the preset initial score S of the IP clientIP0And if so, deleting the current score S'IPIf not, the step 1.26 is carried out;
1.26 output Current Scoring S 'of IP class client'IP
6. the method for identifying client risk as claimed in claim 1, wherein the operation of obtaining the score of the client is:
2.1 according to the user ID and IP of the client, judging whether the user ID and IP correspond to the user ID and IP for storing the score, if so, returning the score, otherwise, turning to the step 2.2;
2.2 according to the device ID and IP of the client, judging whether the device ID and IP correspond to the device ID and IP for storing the score, if so, returning the score, otherwise, turning to the step 2.3;
2.3 according to the user ID of the client, judging whether the user ID corresponds to the user ID for storing the score, if so, returning the score, otherwise, turning to the step 2.4;
2.4 judging whether the equipment ID corresponds to the equipment ID scored by the user according to the equipment ID of the client, if so, returning the score, otherwise, turning to the step 2.5;
2.5 according to the IP of the client, judging whether the IP corresponds to the IP for storing the score, if so, returning the score.
7. a system for identifying client risk, comprising:
The identification unit is used for identifying the type of the client according to the ID or the IP of the client, and the client comprises an ID client and an IP client;
The grading unit is used for selecting a grading method of an ID class client or a grading method of an IP class client according to the type of the client to calculate the grade of the client and obtain the risk level and the allowed access frequency of the client according to the grade;
The storage unit is used for storing the scores of the client, the risk levels corresponding to the scores and the allowed access frequency according to the user ID, the equipment ID or the IP;
And the access limiting unit is used for limiting the times of the interface access requests of the client according to the scores and the allowed access frequency of the client sending the interface access requests.
CN201910885147.6A 2019-09-19 2019-09-19 Client risk identification method and system Active CN110572700B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910885147.6A CN110572700B (en) 2019-09-19 2019-09-19 Client risk identification method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910885147.6A CN110572700B (en) 2019-09-19 2019-09-19 Client risk identification method and system

Publications (2)

Publication Number Publication Date
CN110572700A true CN110572700A (en) 2019-12-13
CN110572700B CN110572700B (en) 2021-06-11

Family

ID=68781378

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910885147.6A Active CN110572700B (en) 2019-09-19 2019-09-19 Client risk identification method and system

Country Status (1)

Country Link
CN (1) CN110572700B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131235A (en) * 2019-12-23 2020-05-08 杭州安恒信息技术股份有限公司 Safety maintenance method, device, equipment and storage medium of business system
CN111314332A (en) * 2020-02-05 2020-06-19 中国工商银行股份有限公司 Access control method, device, computer system and computer-readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012093247A2 (en) * 2011-01-04 2012-07-12 Trexler Keith System and method for managing a virtual home game
CN104601556A (en) * 2014-12-30 2015-05-06 中国科学院信息工程研究所 Attack detection method and system for WEB
CN106529288A (en) * 2016-11-16 2017-03-22 智者四海(北京)技术有限公司 Account risk identification method and device
US20180330456A1 (en) * 2017-05-12 2018-11-15 Bayo Odutola System and method for detecting, profiling and benchmarking intellectual property professional practices and the liability risks associated therewith
CN109918892A (en) * 2019-02-13 2019-06-21 平安科技(深圳)有限公司 Verification code generation method, device and storage medium, computer equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012093247A2 (en) * 2011-01-04 2012-07-12 Trexler Keith System and method for managing a virtual home game
CN104601556A (en) * 2014-12-30 2015-05-06 中国科学院信息工程研究所 Attack detection method and system for WEB
CN106529288A (en) * 2016-11-16 2017-03-22 智者四海(北京)技术有限公司 Account risk identification method and device
US20180330456A1 (en) * 2017-05-12 2018-11-15 Bayo Odutola System and method for detecting, profiling and benchmarking intellectual property professional practices and the liability risks associated therewith
CN109918892A (en) * 2019-02-13 2019-06-21 平安科技(深圳)有限公司 Verification code generation method, device and storage medium, computer equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131235A (en) * 2019-12-23 2020-05-08 杭州安恒信息技术股份有限公司 Safety maintenance method, device, equipment and storage medium of business system
CN111131235B (en) * 2019-12-23 2022-02-22 杭州安恒信息技术股份有限公司 Safety maintenance method, device, equipment and storage medium of business system
CN111314332A (en) * 2020-02-05 2020-06-19 中国工商银行股份有限公司 Access control method, device, computer system and computer-readable storage medium

Also Published As

Publication number Publication date
CN110572700B (en) 2021-06-11

Similar Documents

Publication Publication Date Title
CN110572700B (en) Client risk identification method and system
US10686903B2 (en) Information push method and electronic device
CN103973662B (en) Streaming Media requesting method and controller
US11108695B2 (en) Method, system and device for adjusting load of resource server
CN106850789B (en) System and method for dynamically allocating game players based on server load detection
CN109726533B (en) User account judgment method and device
CN107347015B (en) Method, device and system for identifying content distribution network
US20240146691A1 (en) Data processing method, livestreaming method, authentication server, and live data server
CN110830551A (en) Service request processing method, device and system
CN112044057A (en) Game state monitoring method and device
CN111209345A (en) Online teaching consensus system based on block chain and learning recording method
CN110781340A (en) Offline evaluation method, system and device for recall strategy of recommendation system and storage medium
WO2006093065A1 (en) Learning level judging device and learning level judging program
EP3073736A1 (en) Method and device for measuring quality of experience of mobile video service
CN112383791B (en) Media data processing method and device, electronic equipment and storage medium
CN113949935A (en) Video processing method, video processing device, electronic equipment, video processing medium and video processing product
CN110764731A (en) Multimedia file playing control method, intelligent terminal and server
KR101023906B1 (en) System and method for management of chatting message, and record media recoded program for implement thereof
CN110139160B (en) Prediction system and method
WO2017088382A1 (en) Data processing method and device
CN111339043B (en) Block chain fragment optimization method, system and storage medium
CN104301806A (en) Video recognition method, device and system
CN112598432A (en) Website user point calculation method and device and computer equipment
CN110377417B (en) Data routing method and device
CN103796042B (en) resource information pushing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant