CN103117996B - A kind of realization method and system of communication security - Google Patents
A kind of realization method and system of communication security Download PDFInfo
- Publication number
- CN103117996B CN103117996B CN201210467941.7A CN201210467941A CN103117996B CN 103117996 B CN103117996 B CN 103117996B CN 201210467941 A CN201210467941 A CN 201210467941A CN 103117996 B CN103117996 B CN 103117996B
- Authority
- CN
- China
- Prior art keywords
- instruction
- time period
- preset time
- control table
- service process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The present invention provides the realization method and system of a kind of communication security.Said method comprises the following steps: Service Process Server receives the different types of instruction request that client sends, the number of the different types of instruction request received in obtaining the first preset time period;Service Process Server determines acceptance and the danger classes of command adapted thereto according to the number of different types of instruction request and the first control table of storage;Service Process Server, according to the first control table and the number of different types of instruction request that obtains in the second preset time period, determines that command adapted thereto is in the number of times of default danger classes, and adjusts the importance rate of command adapted thereto according to the second control table.
Description
Technical field
The invention belongs to network communication field, particularly relate to the realization method and system of a kind of communication security.
Background technology
At present, hacker, by sending a large amount of legitimate request to server, carries out malicious attack, so, is easily caused server resource and exhausts, it is impossible to respond normal service request.
Summary of the invention
The present invention provides the realization method and system of a kind of communication security, to solve the problems referred to above.
The present invention provides the implementation method of a kind of communication security.Said method comprises the following steps: Service Process Server receives the different types of instruction request that client sends, the number of the different types of instruction request received in obtaining the first preset time period;Service Process Server determines acceptance and the danger classes of command adapted thereto according to the number of different types of instruction request and the first control table of storage;Service Process Server, according to the first control table and the number of different types of instruction request that obtains in the second preset time period, determines that command adapted thereto is in the number of times of default danger classes, and adjusts the importance rate of command adapted thereto according to the second control table.
What the present invention also provided for a kind of communication security realizes system, including client and Service Process Server.Client connects Service Process Server.Service Process Server, for receiving the different types of instruction request that client sends, the number of the different types of instruction request received in obtaining the first preset time period.Service Process Server, for determining acceptance and the danger classes of command adapted thereto according to the number of different types of instruction request and the first control table of storage.Service Process Server, for according to the first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of command adapted thereto according to the second control table.
Compared to prior art, according to the realization method and system of the communication security that the present invention provides, Service Process Server determines acceptance and the danger classes of command adapted thereto according to the number of different types of instruction request and the first control table of storage.And, Service Process Server is according to the first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of command adapted thereto according to the second control table.So, by adjusting the importance rate of command adapted thereto, it is achieved the reasonable distribution of system resource.And, by the setting of danger classes, it is achieved the monitoring of assault and process.
Accompanying drawing explanation
Accompanying drawing described herein is used for providing a further understanding of the present invention, constitutes the part of the application, and the schematic description and description of the present invention is used for explaining the present invention, is not intended that inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 show the flow chart of the implementation method of the communication security according to presently preferred embodiments of the present invention offer;
Fig. 2 show the schematic diagram of the system that realizes of the communication security according to presently preferred embodiments of the present invention offer.
Detailed description of the invention
Below with reference to accompanying drawing and describe the present invention in detail in conjunction with the embodiments.It should be noted that in the case of not conflicting, the embodiment in the application and the feature in embodiment can be mutually combined.
Fig. 1 show the flow chart of the implementation method of the communication security according to presently preferred embodiments of the present invention offer.As it is shown in figure 1, the implementation method of the communication security of presently preferred embodiments of the present invention offer includes step 101~103.
In step 101, Service Process Server receives the different types of instruction request that client sends, the number of the different types of instruction request received in obtaining the first preset time period.In this, the type of instruction such as includes login instruction, logout instruction, Text instruction and Group instruction etc..But, this is not limited by the present invention.
In step 102, described Service Process Server determines acceptance and the danger classes of command adapted thereto according to the number of described different types of instruction request and the first control table of storage.
In the present embodiment, Service Process Server stores the first control table, instruction request number, danger classes and the corresponding relation of instruction acceptance in the first control table storage instruction type, instruction importance rate, the first preset time period.In this, as a example by login instruction, logout instruction, Text instruction and Group instruction, the first control table is such as shown in table 1.
Table 1
In this, as shown in table 1, instruction importance rate is the most successively: Group instruction (fourth estate), Text instruction (tertiary gradient), logout instruction (the second grade), login instruct (the first estate).Additionally, the order that danger classes is from low to high is: the first estate, the second grade, the tertiary gradient.But, the present invention is not limited to this.In reality is applied, can be set as required.In addition, the determination mode of instruction acceptance is as follows: determine intermediate value according to two endpoint values of instruction request number range in each first preset time period, obtains the instruction acceptance of correspondence on the basis of intermediate value plus added value, and, along with danger classes raises, added value is gradually lowered.As a example by login instructs, in first preset time period, instruction request number is in the range of more than 10,000 and when no more than 30,000, corresponding intermediate value is 20,000, and added value is 0.5 ten thousand, therefore, instruction acceptance is 2.5 ten thousand, when scope is more than 30,000 and when no more than 50,000, corresponding intermediate value 40,000, added value is 0.4 ten thousand, therefore, instruction acceptance is 4.4 ten thousand.
Specifically, after the number of the different types of instruction request that Service Process Server receives in obtaining the first preset time period, acceptance and the danger classes of different types of instruction are determined according to table 1.For example, Service Process Server obtains the first preset time period (such as, 20 minutes) in receive different types of instruction request number as follows: login number of instructions is 0.8 ten thousand, logout number of instructions is 4.5 ten thousand, Text number of instructions is 4.7 ten thousand, and Group number of instructions is 70,000.Wherein, if the number of command adapted thereto be not included in table 1 corresponding in the range of, then it represents that this instruction is not in precarious position, this instruction of Service Process Server normal process.In this, understanding with reference to table 1, login number of instructions does not belong in table 1 in corresponding number range, and therefore, login instruction is not in precarious position.The number of logout instruction corresponds to more than 40,000 and the scope of no more than 60,000, and therefore, danger classes is the second grade, and instruction acceptance is less than 5.4 ten thousand, and so, Service Process Server still can process 4.5 ten thousand logout instructions.The number of Text instruction corresponds to more than 30,000 and the scope of no more than 50,000, and therefore, danger classes is the first estate, and instruction acceptance is less than 4.5 ten thousand, and so, Service Process Server at most processes the Text instruction of 4.5 ten thousand, abandons unnecessary 0.2 ten thousand instruction.The number of Group instruction corresponds to more than 60,000 and the scope of no more than 80,000, and therefore, danger classes is the second grade, and instruction acceptance is less than 7.4 ten thousand, and so, Service Process Server still can process 70,000 Group instructions.
In step 103, described Service Process Server is according to described first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of described command adapted thereto according to the second control table.
In the present embodiment, Service Process Server timing adjusts the importance rate of command adapted thereto according to the second control table.In this, the second control table of Service Process Server storage is such as shown in table 2.But, the present invention is not limited to this.In reality is applied, can accommodation the second control table as required.
| In second preset time period, command adapted thereto is in the number of times of the tertiary gradient (danger classes) | Instruction importance rate adjustable strategies |
| Number of times is 0 | Instruction importance rate reduces one-level |
| More than 0 time and no more than 3 times | Instruction importance rate elevated by one step |
| More than 3 times and no more than 6 times | Instruction importance rate raises two-stage |
| More than 6 times | Instruction importance rate raises three grades |
Table 2
Wherein, the second preset time period is more than the first preset time period.Such as, first preset time period is 20 minutes, second preset time period is 3 hours, includes 9 the first preset time period, and the number that Service Process Server is the different types of instruction request of interval stats with the first preset time period in the second preset time period in the i.e. second preset time period.As a example by login instructs, if in the second preset time period (such as, 3 hours), Service Process Server is with number that the first preset time period (such as, 20 minutes) is interval stats login instruction request.After Service Process Server adds up the number of login instruction request every time, determine the danger classes of login instruction in each first preset time period according to table 1.If reach the second preset time period, Service Process Server determines that login instruction is in the number of times of the tertiary gradient (danger classes) when being 4 times, then according to table 2, Service Process Server determines that the instruction importance rate that login instructs needs to raise two-stage, that is, the instruction importance rate of login instruction is increased to the tertiary gradient.Now, Service Process Server needs the instruction importance rate of the instruction of login in renewal table 1, and the corresponding data that login instructs is revised as instruction request number in the first preset time period that the tertiary gradient (instruction importance rate) is corresponding, danger classes and instruction acceptance simultaneously.
Fig. 2 show the schematic diagram of the system that realizes of the communication security according to presently preferred embodiments of the present invention offer.As in figure 2 it is shown, the system that realizes of the communication security of presently preferred embodiments of the present invention offer includes client 10 and Service Process Server 12.Client 10 connects Service Process Server 12.
In the present embodiment, Service Process Server 12, for receiving the different types of instruction request that client 10 sends, the number of the different types of instruction request received in obtaining the first preset time period.Service Process Server 12, for determining acceptance and the danger classes of command adapted thereto according to the number of different types of instruction request and the first control table of storage.Service Process Server 12, for according to the first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of command adapted thereto according to the second control table.About the specific operation process of described system with described in said method, therefore repeat no more in this.
In sum, according to the realization method and system of the communication security that present pre-ferred embodiments provides, Service Process Server determines acceptance and the danger classes of command adapted thereto according to the number of different types of instruction request and the first control table of storage.And, Service Process Server is according to the first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of command adapted thereto according to the second control table.So, by adjusting the importance rate of command adapted thereto, it is achieved the reasonable distribution of system resource.And, by the setting of danger classes, it is achieved the monitoring of assault and process.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.All within the spirit and principles in the present invention, any modification, equivalent substitution and improvement etc. made, should be included within the scope of the present invention.
Claims (6)
1. the implementation method of a communication security, it is characterised in that comprise the following steps:
Service Process Server receives the different types of instruction request that client sends, the number of the different types of instruction request received in obtaining the first preset time period;
Described Service Process Server determines acceptance and the danger classes of command adapted thereto according to the number of described different types of instruction request and the first control table of storage;
Described Service Process Server is according to described first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of described command adapted thereto according to the second control table;
Wherein, instruction request number, danger classes and the corresponding relation of instruction acceptance in described first control table storage instruction type, instruction importance rate, the first preset time period;
In described second control table stores the second preset time period, command adapted thereto is in the number of times of the tertiary gradient and instructs importance rate adjustable strategies corresponding relation;Wherein, the described tertiary gradient refers to danger classes;
Wherein, the determination mode of instruction acceptance is as follows: determine intermediate value according to two endpoint values of instruction request number range in each first preset time period, obtains the instruction acceptance of correspondence on the basis of intermediate value plus added value.
Implementation method the most according to claim 1, it is characterised in that the timing of described Service Process Server adjusts the importance rate of command adapted thereto according to described second control table.
Implementation method the most according to claim 1, it is characterised in that described second preset time period is more than described first preset time period.
4. a communication security realize system, it is characterised in that including client and Service Process Server, described client connects described Service Process Server,
Described Service Process Server, for receiving the different types of instruction request that described client sends, the number of the different types of instruction request received in obtaining the first preset time period,
Described Service Process Server, for determining acceptance and the danger classes of command adapted thereto according to the number of described different types of instruction request and the first control table of storage,
Described Service Process Server, for according to described first control table and the number of different types of instruction request that obtains in the second preset time period, determine that command adapted thereto is in the number of times of default danger classes, and adjust the importance rate of described command adapted thereto according to the second control table;
Wherein, instruction request number, danger classes and the corresponding relation of instruction acceptance in described first control table storage instruction type, instruction importance rate, the first preset time period;
In described second control table stores the second preset time period, command adapted thereto is in the number of times of the tertiary gradient and instructs importance rate adjustable strategies corresponding relation;Wherein, the described tertiary gradient refers to danger classes;
Wherein, the determination mode of instruction acceptance is as follows: determine intermediate value according to two endpoint values of instruction request number range in each first preset time period, obtains the instruction acceptance of correspondence on the basis of intermediate value plus added value.
The most according to claim 4 realize system, it is characterised in that the timing of described Service Process Server adjusts the importance rate of command adapted thereto according to described second control table.
The most according to claim 4 realize system, it is characterised in that described second preset time period is more than described first preset time period.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210467941.7A CN103117996B (en) | 2012-11-19 | 2012-11-19 | A kind of realization method and system of communication security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210467941.7A CN103117996B (en) | 2012-11-19 | 2012-11-19 | A kind of realization method and system of communication security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103117996A CN103117996A (en) | 2013-05-22 |
| CN103117996B true CN103117996B (en) | 2016-08-03 |
Family
ID=48416270
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210467941.7A Expired - Fee Related CN103117996B (en) | 2012-11-19 | 2012-11-19 | A kind of realization method and system of communication security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103117996B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108259476B (en) * | 2017-12-29 | 2021-01-05 | 杭州安恒信息技术股份有限公司 | Guess-proof bypass method and system based on fuzzy induction |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929477A (en) * | 2005-09-08 | 2007-03-14 | 中兴通讯股份有限公司 | Control system and method for multicast business limited access |
| CN1949774A (en) * | 2006-11-02 | 2007-04-18 | 华为技术有限公司 | Method and apparatus for managing web application program conversation |
| CN101778105A (en) * | 2010-01-20 | 2010-07-14 | 杭州华三通信技术有限公司 | Method, system and equipment for obtaining real-time performance monitoring indicated numbers based on WEB |
| CN102546465A (en) * | 2011-12-22 | 2012-07-04 | 苏州阔地网络科技有限公司 | Method and device for removing failed connection |
-
2012
- 2012-11-19 CN CN201210467941.7A patent/CN103117996B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929477A (en) * | 2005-09-08 | 2007-03-14 | 中兴通讯股份有限公司 | Control system and method for multicast business limited access |
| CN1949774A (en) * | 2006-11-02 | 2007-04-18 | 华为技术有限公司 | Method and apparatus for managing web application program conversation |
| CN101778105A (en) * | 2010-01-20 | 2010-07-14 | 杭州华三通信技术有限公司 | Method, system and equipment for obtaining real-time performance monitoring indicated numbers based on WEB |
| CN102546465A (en) * | 2011-12-22 | 2012-07-04 | 苏州阔地网络科技有限公司 | Method and device for removing failed connection |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103117996A (en) | 2013-05-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104765629B (en) | A kind of installation method and device of system application | |
| TW200644540A (en) | System and method for performing local center authorization service in a network | |
| CN104579723A (en) | Gateway configuration management system and method | |
| CN105577757B (en) | Multi-level management system and authentication method of intelligent power terminal based on load balancing | |
| CN111736853A (en) | Gray scale distribution method, device, equipment and storage medium | |
| CN105722073A (en) | Terminal self-service networking method and system based on two-dimensional codes | |
| CN113646759A (en) | Techniques relating to security heatmaps | |
| CN102594798A (en) | Agent method and system for connecting databases | |
| WO2013058826A3 (en) | Systems and methods for providing remote communications and visitations | |
| CN102769629B (en) | Client-side password storage method and service system | |
| CN103176987A (en) | Method and device for controlling database access | |
| CN104219094A (en) | AP (access point) grouping configuration method and AP grouping configuration equipment | |
| CN104320354A (en) | Data processing method and device | |
| CN103117996B (en) | A kind of realization method and system of communication security | |
| WO2008073606A3 (en) | Access control system based on a hardware and software signature of a requesting device | |
| CN103117995B (en) | A kind of method and system realizing communication security | |
| CN103117994B (en) | A kind of processing method of communication security and system | |
| CN105391758B (en) | The method and apparatus of resource allocation in a kind of local area network | |
| CN106161733A (en) | A kind of system switching method, device and mobile terminal | |
| CN104951368A (en) | Dynamic allocation device and method of resources | |
| CN102056201B (en) | Method and device for processing abnormal condition in service process | |
| CN102685032A (en) | Method and system for processing information of net meeting | |
| CN115802357A (en) | 5G power distribution network feeder automation control method, device and storage medium | |
| CN103118434B (en) | Dynamically for user allocates the method and apparatus of VLAN | |
| WO2014029370A1 (en) | Method and system for networking control of application programs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160603 Address after: Suzhou City, Jiangsu province 215000 East Road, Suzhou Industrial Park, No. 88 A2-202 Applicant after: Suzhou Zeta Network Technology Co.,Ltd. Address before: Suzhou City, Jiangsu Province, Suzhou Industrial Park 215021 Xinghu Street No. 328 Chongwen Road, Guohua building A511 Applicant before: SUZHOU YIBEI INFORMATION TECHNOLOGY Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: 215000 room 004, 25A, Jinshi building, Shishan Road, high tech Zone, Suzhou City, Jiangsu Province Patentee after: Suzhou Zeta Network Technology Co.,Ltd. Address before: 215000 a2-202, 88 Dongchang Road, Suzhou Industrial Park, Suzhou City, Jiangsu Province Patentee before: Suzhou Zeta Network Technology Co.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160803 Termination date: 20211119 |