CN103139213A - Method for treating network logging and system - Google Patents
Method for treating network logging and system Download PDFInfo
- Publication number
- CN103139213A CN103139213A CN2013100496178A CN201310049617A CN103139213A CN 103139213 A CN103139213 A CN 103139213A CN 2013100496178 A CN2013100496178 A CN 2013100496178A CN 201310049617 A CN201310049617 A CN 201310049617A CN 103139213 A CN103139213 A CN 103139213A
- Authority
- CN
- China
- Prior art keywords
- network attack
- statistical form
- processor
- smartclient
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a method for treating network logging and a system. The method comprises the following steps. An intelligent client obtains website information and obtains a logging mechanism provided with the lowest attacking rate and corresponding to to the website according to a network attack statistical table. The intelligent client generates a logging request and sends the logging request to a processor according to the logging mechanism, wherein the processor periodically updates the network attack statistical table based on detected network attack information and a first tragedy and sends the updated network attack statistical table to the intelligent client.
Description
Technical field
The invention belongs to the network entry field, relate in particular to a kind of method and system of processing network entry.
Background technology
Along with the development of network technology, some service is specific to the individual, and such as E-mail address, online game, captive portal etc. has certain privacy and confidentiality.When using these network services, the user need to carry out register, confirm user's log-on message at associated server after, just allows the user to enter the corresponding network page.At present, existing network entry method has only been considered the convenience of user's login, does not take into full account the problem of login secure context.
Summary of the invention
The invention provides a kind of method and system of processing network entry, to address the above problem.
The invention provides a kind of method of processing network entry.Said method comprises the following steps: SmartClient obtains website information, and obtains the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form; SmartClient generates logging request and logging request is sent to processor according to login mechanism; Wherein, processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the network attack statistical form that upgrades is sent to SmartClient.
The present invention also provides a kind of system that processes network entry, comprises SmartClient and processor.SmartClient connects processor.SmartClient obtains website information, and obtains the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form.SmartClient generates logging request and logging request is sent to processor according to login mechanism.Wherein, processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the network attack statistical form that upgrades is sent to SmartClient.
Compared to prior art, according to the method and system of processing network entry provided by the invention, SmartClient obtains the minimum login mechanism of attack rate according to the network attack statistical form, and is sent to processor according to described login mechanism generation logging request.So, guarantee the fail safe that the user logins.In addition, processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the network attack statistical form that upgrades is sent to SmartClient.So, upgrade the network attack statistical form by the network attack Information Statistics in cycle, not only realized the dynamic security maintenance, and, realize the period allocated of processor system resources, thereby improved efficient.
Description of drawings
Accompanying drawing described herein is used to provide a further understanding of the present invention, consists of the application's a part, and illustrative examples of the present invention and explanation thereof are used for explaining the present invention, do not consist of improper restriction of the present invention.In the accompanying drawings:
Figure 1 shows that the flow chart of the method for the processing network entry that preferred embodiment according to the present invention provides;
Figure 2 shows that the schematic diagram of the system of the processing network entry that preferred embodiment according to the present invention provides.
Embodiment
Hereinafter also describe in conjunction with the embodiments the present invention in detail with reference to accompanying drawing.Need to prove, in the situation that do not conflict, embodiment and the feature in embodiment in the application can make up mutually.
Figure 1 shows that the flow chart of the method for the processing network entry that preferred embodiment according to the present invention provides.As shown in Figure 1, the method for the processing network entry that provides of preferred embodiment of the present invention comprises step 101 ~ 102.
In step 101, SmartClient obtains website information, and obtains the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form.Particularly, when the user logined some websites by SmartClient, the user inputted the website information of this website in SmartClient.After SmartClient obtains website information, obtain the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form.In addition, the initial network attack statistical form of SmartClient and processor configuration.Wherein, the network attack statistical form comprises web portal security rank, login mechanism, corresponding attack rate and the timeslice distribution degree of login mechanism.Login mechanism comprises user name and password login, fingerprint login, password authentification login etc.Yet the present invention does not limit this.
In this, take three website a ~ c as example, initial network attack statistical form example is as shown in table 1.In addition, each data in initial network attack statistical form can pre-set according to actual conditions.The present invention does not limit this.In addition, if during the network attack statistical form of SmartClient storing initial, the attack rate initial configuration value corresponding because of different login mechanism is 0%, and at this moment, SmartClient can be selected corresponding login mechanism at random.
Table 1
In step 102, described SmartClient generates logging request and described logging request is sent to processor according to described login mechanism.
In this, take the login mechanism of user name and password login as example, SmartClient obtains user name and password, the regeneration logging request, and logging request is sent to processor.Wherein, logging request has been carried user name and encrypted message.After processor received logging request, processes said request if the user logins normally, fed back to SmartClient with corresponding Webpage, to be shown to the user.
In the present embodiment, processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the described network attack statistical form that will upgrade is sent to described SmartClient.Wherein, the first strategy is: the web portal security rank of corresponding website is higher, and its corresponding timeslice distribution degree is lower.
In this, the information that network attack information is carried comprises the number of times of attack of the different login mechanism of the general offensive number of times of corresponding website in the cycle and corresponding website.Wherein, if the user that processor detects certain IP address at short notice the number of times of repeat logon website surpass preset times, processor assert that this website is attacked once.Yet the present invention does not limit this.Other website attack patterns of the prior art all belong to the attack that the present embodiment is mentioned.
In the present embodiment, the processor storage security rank table of comparisons, example is as shown in table 2.
Table 2
In table 2, cycle T can arrange according to actual needs.In addition, the first preset times in table 2 is greater than the second preset times, and the second preset times can arrange according to actual needs.For example, the first preset times is for example 10000 times, and the second preset times is for example 5000 times.In addition, in table 2, the web portal security rank is followed successively by from high to low: first level, second level, third level.Yet the present invention does not limit this.In practical application, two or more other web portal security ranks of level can be set as required.
In the present embodiment, processor with reference to table 2, is determined the web portal security rank of each website according to the general offensive number of times of each website in the network attack information in the cycle T of obtaining.In this, describe as an example of three website a, b, c and three kinds of login mechanism 1 ~ 3 example.Wherein, each website is all to there being three kinds of login mechanism 1 ~ 3.
For example, the general offensive number of times of website a in cycle T is 12000 times, the general offensive number of times of website b in cycle T is 6000 times, the general offensive number of times of website c in cycle T is 3000 times, thus with reference to table 1 as can be known, the web portal security rank of website a is third level, and the web portal security rank of website b is second level, and the web portal security rank of website c is first level.Simultaneously, the number of times of attack of the different login mechanism that processor is corresponding according to each website that the network attack information in the cycle T that receives is carried is determined the attack rate of the different login mechanism that each website is corresponding, and is determined timeslice distribution degree according to the first strategy.Wherein, attack rate corresponding to each login mechanism of each website is the ratio of the general offensive number of times of the number of times of attack of described login mechanism of this website and this website.In this, processor is as shown in table 3 according to the network attack statistical form example of the renewal of the network attack acquisition of information in cycle T.
Table 3
In this, can be set as according to actual needs at the timeslice distribution degree shown in table 3 other numerical value ratios that satisfy the first strategy.The present invention does not limit this.
In the present embodiment, when described processor upgrades described network attack statistical form in next cycle, according to definite time distribution degree and the vacant timeslice total amount of current system of described network attack statistical form that the last cycle obtains, determine the time sendout of different web sites in the described network attack statistical form of current described update processor.
In this, attack statistical form as table 1 take the initial network of processor setting, it is that table 3 is example that processor upgrades in first cycle T the network attack statistical form that obtains, during data corresponding to processor website a, b, c in updating form 3, meeting determines that according to the vacant timeslice total amount of current system of initial time distribution degree and the processor of website a, b, c in table 1 current processor upgrades the time sendout of website a, b, c.Take the vacant timeslice total amount of the current system of processor as A as example, according to table 1 as can be known, the current time sendout to website a, b, c of processor is 0.3A.At this moment, processor according to the time sendout of website a, b, c (namely, be 0.3A) respectively website a, b, c are upgraded, thus obtain the latest data of attack rate corresponding to website a, b in table 3, the web portal security rank of c, login mechanism, login mechanism.Afterwards, processor is determined the timeslice distribution degree (as shown in table 3) of each website again according to the latest data of each website of upgrading according to the first strategy.In this, the timeslice distribution degree of website a, the b that processor obtains in table 3, c can use when the data of next cycle T update processor each website.
In the present embodiment, after SmartClient received from processor the network attack statistical form that upgrades, SmartClient obtained the minimum login mechanism of attack rate corresponding to corresponding network address according to the network attack statistical form that upgrades.
Figure 2 shows that the schematic diagram of the system of the processing network entry that preferred embodiment according to the present invention provides.As shown in Figure 2, the system of the processing network entry that provides of preferred embodiment of the present invention comprises SmartClient 10 and processor 12.SmartClient 10 connects processor 12.
In the present embodiment, SmartClient 10 obtains website information, and obtains the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form.SmartClient 10 generates logging request and logging request is sent to processor 12 according to login mechanism.Wherein, processor 12 is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the network attack statistical form that upgrades is sent to SmartClient 10.Specific operation process about described system is described with above-mentioned method, therefore repeat no more in this.
In sum, the method and system of the processing network entry that preferred embodiment provides according to the present invention, SmartClient obtains the minimum login mechanism of attack rate according to the network attack statistical form, and is sent to processor according to described login mechanism generation logging request.So, guarantee the fail safe that the user logins.In addition, processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the network attack statistical form that upgrades is sent to SmartClient.So, upgrade the network attack statistical form by the network attack Information Statistics in cycle, not only realized the dynamic security maintenance, and, realize the period allocated of processor system resources, thereby improved efficient.
The above is only the preferred embodiments of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (10)
1. a method of processing network entry, is characterized in that, comprises the following steps:
SmartClient obtains website information, and obtains the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form;
Described SmartClient generates logging request and described logging request is sent to processor according to described login mechanism;
Wherein, described processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the described network attack statistical form that will upgrade is sent to described SmartClient.
2. method according to claim 1, is characterized in that, described processor and the initial network attack statistical form of described SmartClient configuration.
3. method according to claim 1, is characterized in that, described network attack statistical form comprises web portal security rank, login mechanism, corresponding attack rate and the timeslice distribution degree of login mechanism.
4. method according to claim 3, is characterized in that, described the first strategy is: the web portal security rank of corresponding website is higher, and its corresponding timeslice distribution degree is lower.
5. method according to claim 3, is characterized in that, attack rate corresponding to each login mechanism of each website is the ratio of the general offensive number of times of the number of times of attack of described login mechanism of this website and this website.
6. method according to claim 1, is characterized in that, described login mechanism comprises user name and password login, fingerprint login, password authentification login etc.
7. method according to claim 1, it is characterized in that, when described processor upgrades described network attack statistical form in next cycle, according to definite time distribution degree and the vacant timeslice total amount of current system of described network attack statistical form that the last cycle obtains, determine the time sendout of different web sites in the described network attack statistical form of current described update processor.
8. a system that processes network entry, is characterized in that, comprises SmartClient and processor, and described SmartClient connects described processor,
Described SmartClient obtains website information, and obtains the minimum login mechanism of attack rate corresponding to described network address according to the network attack statistical form,
Described SmartClient generates logging request and described logging request is sent to described processor according to described login mechanism,
Wherein, described processor is periodically according to the network attack information and the first policy update network attack statistical form that detect, and the described network attack statistical form that will upgrade is sent to described SmartClient.
9. system according to claim 8, is characterized in that, described network attack statistical form comprises web portal security rank, login mechanism, corresponding attack rate and the timeslice distribution degree of login mechanism.
10. system according to claim 9, is characterized in that, described the first strategy is: the web portal security rank of corresponding website is higher, and its corresponding timeslice distribution degree is lower.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100496178A CN103139213A (en) | 2013-02-07 | 2013-02-07 | Method for treating network logging and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100496178A CN103139213A (en) | 2013-02-07 | 2013-02-07 | Method for treating network logging and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103139213A true CN103139213A (en) | 2013-06-05 |
Family
ID=48498519
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013100496178A Pending CN103139213A (en) | 2013-02-07 | 2013-02-07 | Method for treating network logging and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103139213A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060031938A1 (en) * | 2002-10-22 | 2006-02-09 | Unho Choi | Integrated emergency response system in information infrastructure and operating method therefor |
| CN101764689A (en) * | 2008-11-27 | 2010-06-30 | 上海网环信息科技有限公司 | Method of system for controlling logging-in mode of user |
| CN102055768A (en) * | 2010-12-31 | 2011-05-11 | 奇智软件(北京)有限公司 | Network logon method and system |
-
2013
- 2013-02-07 CN CN2013100496178A patent/CN103139213A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060031938A1 (en) * | 2002-10-22 | 2006-02-09 | Unho Choi | Integrated emergency response system in information infrastructure and operating method therefor |
| CN101764689A (en) * | 2008-11-27 | 2010-06-30 | 上海网环信息科技有限公司 | Method of system for controlling logging-in mode of user |
| CN102055768A (en) * | 2010-12-31 | 2011-05-11 | 奇智软件(北京)有限公司 | Network logon method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109933701B (en) | Microblog data acquisition method based on multi-strategy fusion | |
| US8910254B2 (en) | System and methods for profiling client devices | |
| CN108259502A (en) | For obtaining the identification method of interface access rights, server-side and storage medium | |
| EP3120290A1 (en) | Techniques to provide network security through just-in-time provisioned accounts | |
| CN101594232B (en) | Authentication method for dynamic password, system and corresponding authentication device | |
| CN111736853A (en) | Gray scale distribution method, device, equipment and storage medium | |
| CN106844111B (en) | Access method of cloud storage network file system | |
| CN104410674A (en) | A WEB session synchronization method of a single sign on system | |
| CN101404575B (en) | Method and system for updating indorsement algorithm | |
| CN110826052A (en) | Method and device for protecting server password security | |
| CN112351117A (en) | Domain name management method and device, electronic equipment and storage medium | |
| CN112764913A (en) | Service fusing method and device, storage medium and electronic equipment | |
| CN110430062B (en) | Login request processing method, device, equipment and medium | |
| CN104994086A (en) | Database cluster authority control method and device | |
| CN103200171A (en) | Method and system of network security register | |
| CN104009846B (en) | A kind of single-sign-on apparatus and method | |
| CN102195983B (en) | network terminal encryption authentication method and server | |
| CN103139213A (en) | Method for treating network logging and system | |
| CN106936643B (en) | Equipment linkage method and terminal equipment | |
| CN104394128A (en) | A control method for a terminal to access a server | |
| CN103139214A (en) | Method and system controlling network logon | |
| CN110505186A (en) | A kind of recognition methods of safety regulation conflict, identification equipment and storage medium | |
| CN111092864B (en) | Session protection method, device, equipment and readable storage medium | |
| CN103139215A (en) | Method and system for achieving network logon | |
| EP2645286A1 (en) | Authentication in an industrial control system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130605 |