CN103810432A - Data processing method and device - Google Patents
Data processing method and device Download PDFInfo
- Publication number
- CN103810432A CN103810432A CN201410061883.7A CN201410061883A CN103810432A CN 103810432 A CN103810432 A CN 103810432A CN 201410061883 A CN201410061883 A CN 201410061883A CN 103810432 A CN103810432 A CN 103810432A
- Authority
- CN
- China
- Prior art keywords
- data processing
- attribute information
- dpp
- data
- processing platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a data processing method. The method includes the steps that a data processing request started by a terminal is received, and the request contains attribute information of a first data processing platform and an instruction for a second data processing platform; the attribute information is subjected to data check; when the attribute information is checked to be correct, the second data processing platform is given a notice for executing the instruction. The invention further provides a data processing device. According to the technical scheme, after the data processing request is started on the terminal and before the second data processing platform responds to the data processing request, the legality of the data processing request is determined by performing data check on the attribute information of the first data processing platform, and therefore a guarantee can be provided for data processing safety of the terminal.
Description
Technical field
The present invention relates to network security technology field, relate in particular to a kind of data processing method and device.
Background technology
In recent years, trojan horse was progressively reducing the density of infection of network security, and the fishing website of low cost, booming income had been becoming increasingly rampant in recent years.Meanwhile, this also impels cheat promoting reinforcement day by day on dimension, frequency, the challenge of equally also bringing technical antagonism to the anti-phishing security firm of detecting based on conventional module.Generally, in the time that security firm finds to exist fishing swindle link, cheat has gained mint of money by cheating within this period of cycle.
In the prior art, the general still html source code based on conventional template detection website of security firm, judges by the similarity with the fishing website template capturing whether a website exists harm.But the fishing fraudulent website increasing newly on the internet every day is ten hundreds of, cheats are carrying out technical antagonism with security firm in consciously or unconsciously, and fishing swindle technology is also improving constantly.The reptile IP of security firm, full picture making etc. are encrypted, limited to fishing website source code has become the means that current fisherman generally uses, and fishing website lost efficacy soon, the inventory cycle is short, and security firm is difficult to the active template of crawl and extracts effective interception rule.If things go on like this, will inevitably make to detect the Efficiency Decreasing of this work of fishing website, conventional template detection mode also exists very large drawback.
Summary of the invention
The present invention is directed to the problems referred to above, a kind of data processing method and device have been proposed, initiate after data processing request in terminal, before the second data processing platform (DPP) responds this data processing request, carry out data check by the data that this request is carried, determine its legitimacy, for the security of the data processing of terminal provides safeguard.
In one aspect, the invention provides a kind of data processing method, main technical schemes is as follows:
The data processing request that receiving terminal is initiated, this data processing request comprises the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP);
This attribute information is carried out to data check;
In the time that attribute information checking is correct, notify the second data processing platform (DPP) to carry out this instruction.
In yet another aspect, the invention provides a kind of data processing equipment, comprising:
Receiving element, the data processing request of initiating for receiving terminal, this data processing request comprises the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP);
Data check unit, for carrying out data check to this attribute information;
Data processing unit, in the time that attribute information checking is correct, notifies the second data processing platform (DPP) to carry out this instruction.
Adopt technical scheme of the present invention, initiate after data processing request in terminal, before the second data processing platform (DPP) responds this data processing request, by the attribute information of the first data processing platform (DPP) is carried out to data check, determine its legitimacy, the object providing safeguard to be embodied as the security of data processing of terminal.
Accompanying drawing explanation
Specific embodiments of the invention are described below with reference to accompanying drawings, wherein:
Fig. 1 is the process flow diagram of the data processing method of the embodiment of the present invention;
Fig. 2 is the structural representation of the data processing equipment of the embodiment of the present invention.
Embodiment
In order to make technical scheme of the present invention and advantage clearer, below in conjunction with accompanying drawing, exemplary embodiment of the present invention is described in more detail, obviously, described embodiment is only a part of embodiment of the present invention, rather than all embodiment's is exhaustive.
The embodiment of the present invention provides a kind of data processing method, and Fig. 1 shows the process flow diagram of this data processing method, comprising:
The data processing request that S101, receiving terminal are initiated, data processing request comprises the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP).
Terminal and the first data processing platform (DPP) can be undertaken alternately by network, when terminal completes mutual with the first data processing platform (DPP), need to send data processing request to the second data processing platform (DPP) time, the embodiment of the present invention receives this data processing request, includes the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP) in this data processing request.Wherein, this instruction is that indication sends to this data processing request the second data processing platform (DPP) and indicates the second data processing platform (DPP) to carry out data processing to this data processing request.
S102, this attribute information is carried out to data check.
Alternatively, this attribute information comprises the first attribute information and the second attribute information, and this attribute information is carried out to data check specifically, and whether this first attribute information of verification and the second attribute information exist corresponding relation.Can carry out data check to the two by the mode of the mapping table of default the first attribute information and the second attribute information, the mapping table of pre-stored the first attribute information and the second attribute information in database carries out data check by the first attribute information receiving and the second attribute information in this mapping table.
Alternatively, the first attribute information and the second attribute information are being carried out to data check (whether verification the two exist corresponding relation) before, the data processing method that the embodiment of the present invention provides also comprises:
The first attribute information and the data check list of setting up are in advance carried out to data check, and this data check list comprises default legal and/or illegal the first attribute information.
Or, the second attribute information and the data check list of setting up are in advance carried out to data check, this data check list comprises default legal and/or illegal the second attribute information.
Or, the first attribute information and the second attribute information are all carried out to data check with the data check list of setting up in advance, this data check list comprises default legal and/or illegal the first attribute information and the second attribute information.
By setting up the mode of data check list, before whether verification the first attribute information and the second attribute information there is corresponding relation, first this first attribute information or the second attribute information that receive are carried out to data check, whether if there is the firstth attribute information or the second attribute information in this data check list, can judge is legal the first attribute information or the second attribute information.When this first attribute information or the second attribute information are while being legal, legitimate site as conventional in Jingdone district, Taobao etc., can carry out the first attribute information and the second attribute information and whether exist the data check of corresponding relation; When this first attribute information or the second attribute information are while being illegal, such as fishing website through definite etc., can directly refuse this data processing request.Increasing this operation steps can play a role in filtering, and improves to a certain extent verification speed and reduces data query amount.
Alternatively, this first attribute information is that this second data processing platform (DPP) is the unique number that the first data processing platform (DPP) is distributed.Wherein, unique number refers to that on-line payment company or bank are the numbering interface that businessman opens, or businessman gives its code in website while registering in website, for the docking of concluding the business.Third party electric business's that payment platform offers unique number is self-existent, and different electric business unique number is each other not identical.
The second attribute information is URL(uniform resource locator) (URL, the Uniform Resource Locator) address of the first data processing platform (DPP).For the second data processing platform (DPP), this URL(uniform resource locator) address is address, source (also can be described as incoming road referrer), and the address of wherein originating is the approach that visitor enters website, is generally used for mark and from which address redirect comes.
When jumping to the second data processing platform (DPP) from the first data processing platform (DPP), terminal carries unique number and the URL(uniform resource locator) address of the first data processing platform (DPP) post form information.
Alternatively, when the first attribute information is unique number, when the second attribute information is URL(uniform resource locator) address, because whole URL generally comprises domain name, directory name and filename, the embodiment of the present invention only need to be carried out data check by the domain name of unique number and URL(uniform resource locator) address, does not need whole URL address to carry out accurately data check.For example, the first data processing platform (DPP) receiving is certain page of website, Jingdone district, and the URL(uniform resource locator) address of this page is
http:// cart.jd.com/cart/cart.html backurl=http: //item.jd.com/11199355.html & rid=0.0 972311814102666, the unique number receiving and domain name * .jd.com are carried out to data check.
S103, in the time that attribute information checking is correct, notify the second data processing platform (DPP) to carry out this instruction.
When the first attribute information and the verification of the second attribute information process, determine when check results is correct, notify the second data processing platform (DPP) to carry out corresponding data processing to the data processing request of this terminal.If incorrect through verification, refuse this data processing request to respond processing.
Alternatively, the data processing method that the embodiment of the present invention provides also comprises: when the first attribute information and the second attribute information verification are when illegal, send alert notification to terminal, guarantee that user's interests are protected.
The data processing method that the embodiment of the present invention provides, initiate after data processing request in terminal, before the second data processing platform (DPP) responds this data processing request, by the attribute information of the first data processing platform (DPP) is carried out to data check, determine its legitimacy, the object providing safeguard to be embodied as the security of data processing of terminal.
Based on same inventive concept, the embodiment of the present invention also provides a kind of data processing equipment, and Fig. 2 shows the structural representation of this data processing equipment, comprising:
Receiving element 201, the data processing request of initiating for receiving terminal, this data processing request comprises the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP).
Alternatively, receiving element 201 is specifically for receiving the first attribute information and second attribute information of the first data processing platform (DPP).Data check unit 202 carries out data check to attribute information and is specially: whether this first attribute information of verification and the second attribute information exist corresponding relation.
Alternatively, data check unit 202 before this first attribute information and the second attribute information are carried out to data check, also for: the first attribute information and/or the second attribute information are carried out to data check with the data check list of setting up in advance.In this data check list, can comprise the first legal attribute information and/or the second attribute information that set in advance, or comprise illegal the first attribute information and/or the second attribute information, also can comprise the second legal attribute information and illegal the first attribute information and/or the second attribute information, the present invention is not restricted this simultaneously.
Alternatively, receiving element 201 is the unique number that this first data processing platform (DPP) is distributed for receiving this second data processing platform (DPP), and the URL(uniform resource locator) address of the first data processing platform (DPP).
Alternatively, data check unit 202 is for carrying out data check by the domain name of this unique number and this URL(uniform resource locator) address.
The data processing equipment that the embodiment of the present invention provides, receiving terminal at receiving element 201 initiates after data processing request, before the second data processing platform (DPP) responds this data processing request and carries out data processing, by data check unit 202, the attribute information of the first data processing platform (DPP) is carried out to data check, determine its legitimacy, the object providing safeguard to be embodied as the security of data processing of terminal.
Embodiment mono-
Take telephone recharge fishing as example, under normal circumstances, user is in regular legal telephone expenses commodity page (such as website, Jingdone district) free choice of goods, and in the time that click is supplemented with money immediately, terminal can send transaction request to third party's payment platform (such as fast money).While jumping to third party's payment platform (being also fast money) from electric business (being also website, Jingdone district), terminal can be passed to payment platform webpage header information in post mode, has trade company's number (such as the trade company number in Jingdone district is 12345) of electric business in webpage header information.Third party's payment platform (being also fast money) pays the trade company number that when request can carry electric business (also 12345) and address, source in response, and (address of originating refers to the address of last webpage, also being the web page address that user browses Jingdone district, is also * .jd.com).
The flow process of existing telephone recharge fishing is generally: telephone expenses fishing commodity page-order pages (embedded Jingdone district payment link)--and fast money-e-Bank payment cheat is at the order in Jingdone district.First fisherman forges a telephone recharge website (fishing website), then is had epigamic language victim is done shopping by this fishing website by various.In the time that user selects commodity and pays in this telephone recharge website (fishing website), fisherman intercepts the transaction request that user sends, by transaction request parameter replacement wherein for before the transaction request parameter set up on eastern website in Beijing submit to Kuai Qian company.What fast money received is address, source the is address of fishing website (such as, * .jd.co.cc), but determine that according to transaction request parameter trade company number is for fast money is to the trade company in Jingdone district numbers 12345.But for user, owing to only having the input frames such as input bank's card number and password on the page, user does not also know that transaction request parameter is replaced.Like this, user is actually and uses the money of oneself to help fisherman on Jingdone district, to complete payment, thereby allows fisherman obtain commodity.
The data processing method that the embodiment of the present invention provides, by the time that user pays behavior, the mode of utilizing third party's payment platform to combine to electric business's trade company number and address, source detects fishing website.Extract the interactive information of terminal and fast money, in this interactive information, comprise trade company number (be also 12345) and the source address (the * .jd.co.cc of fishing website) of Liao Kuai money company to Jingdone district company.Then, judge whether accessed trade company number and address, source mate, because the trade company in Jingdone district numbers 12345 should be corresponding to the address * .jd.com that enters Jingdone district; If fishing website, above-mentioned coupling is not inconsistent, and reminding user transaction risk also directly stops transaction.As shown in giving an example as above-mentioned, address, source is fishing website * .jd.co.cc rather than Jingdone district * .jd.com, according to the uniqueness of trade company number, can judge that trade company numbers 12345 do not mate with fishing website * .jd.co.cc, think that this transaction is gone fishing, stop user's delivery operation.
The data processing method that the embodiment of the present invention combines with address, source by trade company number, without crawl and detect webpage html source code based on conventional module, payment behavior by user on fishing website just can be identified risk, can effectively hinder rich fisherman and be reached and evaded the drawback that security firm cannot detect by the encryption of webpage html source code and the restriction IP of security firm.Simultaneously, without specifying a certain fixing fishing type, only extract while entering third party's payment platform the trade company in webpage head form information number and source, every net purchase behavior satisfying condition can be characterized as risk behavior, has expanded the identification range of various risk scenes.
Above embodiment is only in order to technical scheme of the present invention to be described, but not is limited.Therefore,, in the situation that not deviating from spirit of the present invention and essence thereof, those skilled in the art can make various changes, replacement and modification.Obviously, but within these changes, replacement and modification all should be covered by the protection domain of the claims in the present invention.
Claims (11)
1. a data processing method, is characterized in that, comprising:
The data processing request that receiving terminal is initiated, described data processing request comprises the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP);
Described attribute information is carried out to data check;
In the time that described attribute information verification is correct, notify described the second data processing platform (DPP) to carry out described instruction.
2. data processing method as claimed in claim 1, it is characterized in that, described attribute information comprises the first attribute information and the second attribute information, described described attribute information is carried out to data check, be specially: described in verification, whether the first attribute information and described the second attribute information exist corresponding relation.
3. data processing method as claimed in claim 2, it is characterized in that, described method also comprises: before whether the first attribute information described in described verification and described the second attribute information exist corresponding relation, described the first attribute information and/or described the second attribute information are carried out to data check with the data check list of setting up in advance.
4. data processing method as claimed in claim 3, is characterized in that, described data check list comprises default legal and/or illegal the first attribute information and/or the second attribute information.
5. data processing method as claimed in claim 2, it is characterized in that, described the first attribute information is that described the second data processing platform (DPP) is the unique number that described the first data processing platform (DPP) is distributed, the URL(uniform resource locator) address that described the second attribute information is described the first data processing platform (DPP).
6. data processing method as claimed in claim 5, is characterized in that, described the first attribute information and described the second attribute information is carried out to data check and specifically the domain name of described unique number and described URL(uniform resource locator) address is carried out to data check.
7. a data processing equipment, is characterized in that, comprising:
Receiving element, the data processing request of initiating for receiving terminal, described data processing request comprises the attribute information of the first data processing platform (DPP) and the instruction to the second data processing platform (DPP);
Data check unit, for carrying out data check to described attribute information;
Data processing unit, in the time that described attribute information verification is correct, notifies described the second data processing platform (DPP) to carry out described instruction.
8. data processing equipment as claimed in claim 7, it is characterized in that, receiving element is specifically for receiving the first attribute information and second attribute information of the first data processing platform (DPP), and whether described data check unit exists corresponding relation specifically for the first attribute information described in verification and described the second attribute information.
9. data processing equipment as claimed in claim 8, it is characterized in that, before whether the first attribute information described in described verification and described the second attribute information there is corresponding relation, described data check unit is also for carrying out data check by described the first attribute information and/or described the second attribute information with the data check list of setting up in advance, and described data check list comprises default legal and/or illegal the first attribute information and/or the second attribute information.
10. data processing equipment as claimed in claim 7, it is characterized in that, described receiving element specifically for receive described the second data processing platform (DPP) be described first data processing platform (DPP) distribute unique number and the URL(uniform resource locator) address of described the first data processing platform (DPP).
11. data processing equipments as claimed in claim 10, is characterized in that, described data check unit is for carrying out data check by the domain name of described unique number and described URL(uniform resource locator) address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410061883.7A CN103810432A (en) | 2014-02-24 | 2014-02-24 | Data processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410061883.7A CN103810432A (en) | 2014-02-24 | 2014-02-24 | Data processing method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103810432A true CN103810432A (en) | 2014-05-21 |
Family
ID=50707185
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410061883.7A Pending CN103810432A (en) | 2014-02-24 | 2014-02-24 | Data processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103810432A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105574726A (en) * | 2015-07-29 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Safe payment data verification method, third party payment platform and commercial platform |
| CN110351280A (en) * | 2019-07-15 | 2019-10-18 | 杭州安恒信息技术股份有限公司 | A kind of method, system, equipment and readable storage medium storing program for executing for threatening information to extract |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101695164A (en) * | 2009-09-28 | 2010-04-14 | 华为技术有限公司 | Verification method, device and system for controlling resource access |
| US20100223668A1 (en) * | 2007-10-15 | 2010-09-02 | Electronics And Telecommunications Research Institute | Apparatus and method for managing terminal users |
| CN102509054A (en) * | 2011-09-30 | 2012-06-20 | 宇龙计算机通信科技(深圳)有限公司 | Mobile terminal and application program control method for mobile terminal |
| CN102710646A (en) * | 2012-06-06 | 2012-10-03 | 珠海市君天电子科技有限公司 | Method and system for collecting phishing websites |
| CN103514052A (en) * | 2013-08-15 | 2014-01-15 | 飞天诚信科技股份有限公司 | Multi-application mutually-accessing method and smart card |
-
2014
- 2014-02-24 CN CN201410061883.7A patent/CN103810432A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100223668A1 (en) * | 2007-10-15 | 2010-09-02 | Electronics And Telecommunications Research Institute | Apparatus and method for managing terminal users |
| CN101695164A (en) * | 2009-09-28 | 2010-04-14 | 华为技术有限公司 | Verification method, device and system for controlling resource access |
| CN102509054A (en) * | 2011-09-30 | 2012-06-20 | 宇龙计算机通信科技(深圳)有限公司 | Mobile terminal and application program control method for mobile terminal |
| CN102710646A (en) * | 2012-06-06 | 2012-10-03 | 珠海市君天电子科技有限公司 | Method and system for collecting phishing websites |
| CN103514052A (en) * | 2013-08-15 | 2014-01-15 | 飞天诚信科技股份有限公司 | Multi-application mutually-accessing method and smart card |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105574726A (en) * | 2015-07-29 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Safe payment data verification method, third party payment platform and commercial platform |
| WO2017016037A1 (en) * | 2015-07-29 | 2017-02-02 | 宇龙计算机通信科技(深圳)有限公司 | Payment data safety verification method, third-party payment platform and commercial platform |
| CN110351280A (en) * | 2019-07-15 | 2019-10-18 | 杭州安恒信息技术股份有限公司 | A kind of method, system, equipment and readable storage medium storing program for executing for threatening information to extract |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Brookman et al. | Cross-device tracking: Measurement and disclosures | |
| US8850567B1 (en) | Unauthorized URL requests detection | |
| CN105262779B (en) | Identity authentication method, device and system | |
| CN104519018A (en) | Method, device and system for preventing malicious requests for server | |
| CN107451819B (en) | Identity verification method and device based on user operation behavior characteristics | |
| CN103634317A (en) | Method and system of performing safety appraisal on malicious web site information on basis of cloud safety | |
| CN105635126A (en) | Malicious URL access protection method, client side, security server and system | |
| CN102571846A (en) | Method and device for forwarding hyper text transport protocol (HTTP) request | |
| CN104079557A (en) | CC attack protection method and device | |
| CN108259619B (en) | Network request protection method and network communication system | |
| CN106789939A (en) | A kind of detection method for phishing site and device | |
| US8548917B1 (en) | Detection of child frames in web pages | |
| KR101350342B1 (en) | Method and system for site visitor authentication | |
| CN102073822A (en) | Method and system for preventing user information from leaking | |
| CN102158493A (en) | Cookie analyzing method, device thereof and client | |
| KR101329034B1 (en) | System and method for collecting url information using retrieval service of social network service | |
| CN101552674B (en) | Method and system for recognizing pseudo-website | |
| CN107241292B (en) | Vulnerability detection method and device | |
| CN105431843A (en) | Network identity authentication using communication device identification code | |
| CN105991514A (en) | Service request authentication method and device | |
| CN106878244B (en) | Authenticity certification information providing method and device | |
| CN111541672A (en) | Method and system for detecting security of HTTP (hyper text transport protocol) request | |
| CN103701796A (en) | Hotlink protection system and method on basis of HASH technology | |
| CN102667799A (en) | Access control system, authentication server system, and access control program | |
| JP5661290B2 (en) | Information processing apparatus and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140521 |