CN105893873A - Hotlink protection method and system based on Blond filter query optimization - Google Patents

Hotlink protection method and system based on Blond filter query optimization Download PDF

Info

Publication number
CN105893873A
CN105893873A CN201610201593.7A CN201610201593A CN105893873A CN 105893873 A CN105893873 A CN 105893873A CN 201610201593 A CN201610201593 A CN 201610201593A CN 105893873 A CN105893873 A CN 105893873A
Authority
CN
China
Prior art keywords
condition code
url request
calculation
result
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610201593.7A
Other languages
Chinese (zh)
Inventor
李洪福
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
LeTV Holding Beijing Co Ltd
LeTV Cloud Computing Co Ltd
Original Assignee
LeTV Holding Beijing Co Ltd
LeTV Cloud Computing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by LeTV Holding Beijing Co Ltd, LeTV Cloud Computing Co Ltd filed Critical LeTV Holding Beijing Co Ltd
Priority to CN201610201593.7A priority Critical patent/CN105893873A/en
Publication of CN105893873A publication Critical patent/CN105893873A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention belongs to the technical field of network data transmission, and particularly provides a hotlink protection method and system based on Blond filter query optimization. The method comprises the steps that 1, keywords of multiple feature codes in a library file form multiple Hash tables through hash function calculation respectively; 2, a feature code in a client URL request is extracted, and hash function calculation is conducted according to keywords in the feature code to obtain a calculation result; 3, the calculation result is matched with the Hash table of the corresponding feature code, and whether hotlink exists or not is judged according to a matching result. The hotlink protection system based on Blond filter query optimization comprises a Hash table forming module, a calculation result acquiring module and a matching module. According to the method and system, a Blond filter is adopted to process the feature codes in the library file and the client URL request, whether the feature code in the client URL request is in the library file or not is rapidly judged, therefore, judgment on the hotlink is rapidly achieved, and the processing efficiency of a server on the hotlink is improved.

Description

A kind of anti-stealing link method based on cloth grand wave filter query optimization and system
Technical field
It relates to field of network data transmission technology, particularly relate to a kind of based on the inquiry of cloth grand wave filter The anti-stealing link method optimized and system.
Background technology
Along with multimedia technology and the development of network technology, steal chain problem and be also on the rise, especially video Robber's chain.And the cost that makes a video is generally the highest, the chain of stealing of video will be to the company providing video Bring huge loss.In the anti-stealing link method of existing media file, URL is provided to add in portal website Close function so that user links the resource of correspondence of not opening according to general networking, serves the most anti- Steal chain effect.But existing method security is the highest, e.g. directly add additional after original URL Field constitutes new reference address, still exposes original URL address, and safety is relatively low, it is difficult to true Just reach the purpose preventing stealing chain.
Summary of the invention
The purpose of the disclosure is to provide a kind of anti-stealing link method based on cloth grand wave filter query optimization and is System, calculates formation by keyword corresponding in illegal for library file condition code URL request carries out hash function Hash table, then the keyword of condition code in client URL request is carried out hash function calculating, by described Result of calculation is mated with Hash table, if the match is successful for whole result of calculation, for stealing chain, then please to this URL Ask and be purged, it is achieved to the judgement of illegal link with forbid accessing.
According to an aspect of this disclosure, the anti-stealing link method of a kind of feature based code query optimization, including:
S1, by the keyword of multiple for library file condition codes, is calculated by hash function respectively and forms multiple Kazakhstan Uncommon table;
S2, extracts condition code in client URL request, carries out hash according to keyword in described condition code Function is calculated result of calculation;
S3, mates the Hash table of described result of calculation with character pair code, sentences according to matching result Whether disconnected be to steal chain.
Preferably, the condition code of a plurality of illegal URL request is stored in described library file.
Preferably, described hash function is 8.
Preferably, described S3 includes:
Using described result of calculation as address search position in Hash table, if this value is 1, then It is made into merit, then returns to S2 or judge that this URL request, as stealing chain, exits coupling;If this value is 0, Then mate unsuccessful, then judge that this URL request is legitimate request, exit coupling.
Preferably, return to S2 described in or judge that this URL request includes as stealing chain:
If there is next condition code, then choose next condition code and return to S2;In the absence of if one Condition code, then judge that described URL request is as stealing chain.
According to another aspect of the disclosure, a kind of anti-stealing link system based on cloth grand wave filter query optimization, Including:
Hash table forms module, by the keyword of multiple for library file condition codes, respectively by hash function meter Calculate and form multiple Hash tables;
Result of calculation acquisition module, extracts condition code in client URL request, according in described condition code Keyword carries out hash function and is calculated result of calculation;
Matching module, mates the Hash table of described result of calculation with character pair code, according to coupling Result determines whether to steal chain.
Preferably, the condition code of a plurality of illegal URL request is stored in described library file.
Preferably, described hash function is 8.
Preferably, described matching module includes:
Non-legally request judge module, using described result of calculation as address search position in Hash table, If this value is 1, then the match is successful, returns to result of calculation acquisition module or judges this URL request For stealing chain and exiting coupling;
Legitimate request judge module, using described result of calculation as address search position in Hash table, if This value is 0, then mate unsuccessful, then judge that this URL request is legitimate request and exits coupling.
Preferably, described non-legally request judge module includes:
Return module, if there is next condition code, then choose next condition code and return to result of calculation Acquisition module;
Steal chain judge module, if in the absence of a condition code, then judge described URL request for robber chain, Exit coupling.
The disclosure by utilize the grand wave filter of cloth to condition code in library file and client URL request at Reason, forms the hash function result of calculation of condition code in Hash table and client URL request, by described Result of calculation is mated with Hash table, judges whether URL request is to steal chain by matching result, it is achieved The quickly judgement to robber's chain, improves the server treatment effeciency to stealing chain.
Accompanying drawing explanation
Fig. 1 is the method flow diagram according to the disclosure the first embodiment;
Fig. 2 is the system construction drawing according to the disclosure the second embodiment;
Fig. 3 is the system construction drawing according to the disclosure the 3rd embodiment.
Detailed description of the invention
For making the purpose of the disclosure, technical scheme and advantage of greater clarity, below in conjunction with being embodied as Mode referring to the drawings, further describes the disclosure.It should be understood that these describe simply example Property, and it is not intended to limit the scope of the present disclosure.Additionally, in the following description, eliminate known knot Structure and the description of technology, to avoid unnecessarily obscuring the concept of the disclosure.
Fig. 1 is the method flow diagram according to the disclosure the first embodiment.
As it is shown in figure 1, a kind of anti-stealing link method based on cloth grand wave filter query optimization of the disclosure, including:
S1, by the keyword of multiple for library file condition codes, is calculated by hash function respectively and forms multiple Kazakhstan Uncommon table;
S2, extracts condition code in client URL request, carries out hash according to keyword in described condition code Function is calculated result of calculation;
S3, mates the Hash table of described result of calculation with character pair code, sentences according to matching result Whether disconnected be to steal chain.
Wherein, in S1, library file, for pre-building, stores a plurality of illegal URL in described library file Request condition code, each condition code include multiple keyword, the plurality of keyword be from a plurality of illegally URL request acquires.Hash function be a kind of by the message compression of random length to a certain regular length The function of eap-message digest, hash function is well known in the art, does not do specifically repeating at this.In this reality Execute in example, the corresponding Hash table of each condition code, multiple keywords of each condition code, pass through respectively 8 different hash functions calculate, and each calculated numerical value of hash function is entered as 1 in corresponding positions, Complete when all keywords all process calculating, form Hash table.Library file generates the conduct of multiple Hash tables One preprocessing process, can be previously-completed.
In S2, client URL request includes multiple parameter, chooses and have for robber's chain from multiple parameters The condition code closed, these condition codes include: client identifier, client user's name.As sign, cip, The parameters such as ip, itm all can be chosen for condition code.The choosing of parameter is described by a specific embodiment Take principle, such as the URL request of client: https://mail.qq.com/cgi-bin/frame_html?Sid=md_AWdR1k8M7PnMl&r=aeb8 Ec25899b5e44646e87fc396fe2ed, "?Being multiple parameter after ", each parameter passes through " & " Separating, in this example, " sid " and " r " is parameter, and keyword is respectively " md_AWdR1k8M7PnMl " " aeb8ec25899b5e44646e87fc396fe2ed ".Wherein, each spy of client URL request Levy code and all there is the keyword of correspondence, the keyword of each condition code is calculated by hash function respectively, This hash function is identical with the hash function generated used in Hash table, and each keyword passes through hash Function obtains a result of calculation after calculating.Wherein, different keywords is obtained after being calculated by hash function The result arrived may be identical, but probability is minimum, so occurring that the probability of erroneous judgement is minimum.
In the present embodiment, described S3 includes: using described result of calculation as address search in Hash table Position, if this value is 1, then the match is successful, then return to S2 or judge this URL request as steal chain, Exit coupling;If this value is 0, then mate unsuccessful, then judge that this URL request is legitimate request, Exit coupling.Wherein, the match is successful represents, in this keyword multiple keywords in library file;? Join unsuccessful, in this keyword not multiple keywords in library file.
As the disclosed invention preferred embodiment, wherein, return to S2 described in or judge this URL Request includes for stealing chain: if there is next condition code, then chooses next condition code and returns to S2;If In the absence of a condition code, then judge described URL request as steal chain.Wherein, described condition code client Condition code in end URL request.
In the present embodiment, after S1 performs once, the repeatable execution of S2 and S3.
Fig. 2 is the system construction drawing according to the disclosure the second embodiment.
In the present embodiment, as in figure 2 it is shown, inventive concept based on first embodiment, a kind of based on cloth The anti-stealing link system of grand wave filter query optimization includes:
Hash table forms module, by the keyword of multiple for library file condition codes, respectively by hash function meter Calculate and form multiple Hash tables;
Result of calculation acquisition module, extracts condition code in client URL request, according in described condition code Keyword carries out hash function and is calculated result of calculation;
Matching module, mates the Hash table of described result of calculation with character pair code, according to coupling Result determines whether to steal chain.
Wherein, the condition code of a plurality of illegal URL request is stored in described library file.
Wherein, described hash function is 8.
In the present embodiment, described matching module includes:
Non-legally request judge module, using described result of calculation as address search position in Hash table, If this value is 1, then the match is successful, returns to result of calculation acquisition module or judges this URL request For stealing chain and exiting coupling;
Legitimate request judge module, using described result of calculation as address search position in Hash table, if This value is 0, then mate unsuccessful, then judge that this URL request is legitimate request and exits coupling.
Fig. 3 is the system construction drawing according to the disclosure the 3rd embodiment.
As it is shown on figure 3, non-legally request judge module includes returning module and stealing chain judge module.
Wherein, return module, if there is next condition code, then choose next condition code and return to meter Calculate result acquisition module.
Wherein, steal chain judge module, if in the absence of a condition code, then judge that described URL request is Steal chain, exit coupling.
The disclosure by utilize the grand wave filter of cloth to condition code in library file and client URL request at Reason, forms the hash function result of calculation of condition code in Hash table and client URL request, by described Result of calculation is mated with Hash table, judges whether URL request is to steal chain by matching result, it is achieved The quickly judgement to robber's chain, improves the server treatment effeciency to stealing chain.
It should be appreciated that the above-mentioned detailed description of the invention of the disclosure is used only for exemplary illustration or explanation The principle of the disclosure, and do not constitute restriction of this disclosure.Therefore, without departing from the disclosure spirit and Any modification, equivalent substitution and improvement etc. done in the case of scope, should be included in the guarantor of the disclosure Within the scope of protecting.Additionally, disclosure claims be intended to fall into scope and Whole in the equivalents on border or this scope and border change and modifications example.

Claims (10)

1. an anti-stealing link method based on cloth grand wave filter query optimization, including:
S1, by the keyword of multiple for library file condition codes, calculates formation by hash function multiple respectively Hash table;
S2, extracts condition code in client URL request, carries out according to keyword in described condition code Hash function is calculated result of calculation;
S3, mates the Hash table of described result of calculation with character pair code, according to matching result Determine whether to steal chain.
Method the most according to claim 1, wherein, in described library file, storage is a plurality of illegally The condition code of URL request.
Method the most according to claim 1, wherein, described hash function is 8.
Method the most according to claim 1, wherein, described S3 includes:
Using described result of calculation as address search position in Hash table, if this value is 1, then The match is successful, then return to S2 or judge that this URL request, as stealing chain, exits coupling;If this Value is 0, then mate unsuccessful, then judge that this URL request is legitimate request, exit coupling.
Method the most according to claim 4, wherein, described in return to S2 or judge this URL Request includes for stealing chain:
If there is next condition code, then choose next condition code and return to S2;In the absence of if one Bar condition code, then judge that described URL request is as stealing chain.
6. an anti-stealing link system based on cloth grand wave filter query optimization, it is characterised in that including:
Hash table forms module, by the keyword of multiple for library file condition codes, respectively by hash letter Number calculates and forms multiple Hash tables;
Result of calculation acquisition module, extracts condition code in client URL request, according to described condition code Middle keyword carries out hash function and is calculated result of calculation;
Matching module, mates the Hash table of described result of calculation with character pair code, according to Join result to determine whether to steal chain.
Method the most according to claim 6, wherein, in described library file, storage is a plurality of illegally The condition code of URL request.
Method the most according to claim 6, wherein, described hash function is 8.
Method the most according to claim 6, wherein, described matching module includes:
Non-legally request judge module, using described result of calculation as address search in Hash table Position, if this value is 1, then the match is successful, returns to result of calculation acquisition module or judges this URL Request is for stealing chain and exiting coupling;
Legitimate request judge module, using described result of calculation as address search position in Hash table, If this value is 0, then mate unsuccessful, then judge that this URL request is legitimate request and exits Join.
Method the most according to claim 6, wherein, described non-legally request judge module bag Include:
Return module, if there is next condition code, then choose next condition code and return to calculate knot Really acquisition module;
Steal chain judge module, if in the absence of a condition code, then judge described URL request for robber chain, Exit coupling.
CN201610201593.7A 2016-03-31 2016-03-31 Hotlink protection method and system based on Blond filter query optimization Pending CN105893873A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610201593.7A CN105893873A (en) 2016-03-31 2016-03-31 Hotlink protection method and system based on Blond filter query optimization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610201593.7A CN105893873A (en) 2016-03-31 2016-03-31 Hotlink protection method and system based on Blond filter query optimization

Publications (1)

Publication Number Publication Date
CN105893873A true CN105893873A (en) 2016-08-24

Family

ID=57012032

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610201593.7A Pending CN105893873A (en) 2016-03-31 2016-03-31 Hotlink protection method and system based on Blond filter query optimization

Country Status (1)

Country Link
CN (1) CN105893873A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107333151A (en) * 2017-06-30 2017-11-07 武汉斗鱼网络科技有限公司 A kind of video flowing address method for authenticating and device

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080034073A1 (en) * 2006-08-07 2008-02-07 Mccloy Harry Murphey Method and system for identifying network addresses associated with suspect network destinations
CN102045360A (en) * 2010-12-27 2011-05-04 成都市华为赛门铁克科技有限公司 Method and device for processing baleful website library
CN102523495A (en) * 2011-12-15 2012-06-27 四川长虹电器股份有限公司 IPTV system and method for realizing playing hotlinking prevention
CN103036924A (en) * 2011-09-29 2013-04-10 深圳市快播科技有限公司 Chaining processing method and chaining processing system
CN103701796A (en) * 2013-12-23 2014-04-02 山东中创软件商用中间件股份有限公司 Hotlink protection system and method on basis of HASH technology
CN104009989A (en) * 2014-05-22 2014-08-27 Tcl集团股份有限公司 Link-stealing-prevention method and system for media files and server
CN104135507A (en) * 2014-06-30 2014-11-05 北京奇艺世纪科技有限公司 A method and a device for hotlink protection
CN104580210A (en) * 2015-01-04 2015-04-29 杭州华为数字技术有限公司 Hotlinking prevention method, hotlinking prevention assembly and cloud platform under cloud platform environment
CN105187397A (en) * 2015-08-11 2015-12-23 北京思特奇信息技术股份有限公司 WEB system page integration anti-hotlinking method and system
CN105307052A (en) * 2015-10-27 2016-02-03 无锡天脉聚源传媒科技有限公司 Video request processing method and device

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080034073A1 (en) * 2006-08-07 2008-02-07 Mccloy Harry Murphey Method and system for identifying network addresses associated with suspect network destinations
CN102045360A (en) * 2010-12-27 2011-05-04 成都市华为赛门铁克科技有限公司 Method and device for processing baleful website library
CN103036924A (en) * 2011-09-29 2013-04-10 深圳市快播科技有限公司 Chaining processing method and chaining processing system
CN102523495A (en) * 2011-12-15 2012-06-27 四川长虹电器股份有限公司 IPTV system and method for realizing playing hotlinking prevention
CN103701796A (en) * 2013-12-23 2014-04-02 山东中创软件商用中间件股份有限公司 Hotlink protection system and method on basis of HASH technology
CN104009989A (en) * 2014-05-22 2014-08-27 Tcl集团股份有限公司 Link-stealing-prevention method and system for media files and server
CN104135507A (en) * 2014-06-30 2014-11-05 北京奇艺世纪科技有限公司 A method and a device for hotlink protection
CN104580210A (en) * 2015-01-04 2015-04-29 杭州华为数字技术有限公司 Hotlinking prevention method, hotlinking prevention assembly and cloud platform under cloud platform environment
CN105187397A (en) * 2015-08-11 2015-12-23 北京思特奇信息技术股份有限公司 WEB system page integration anti-hotlinking method and system
CN105307052A (en) * 2015-10-27 2016-02-03 无锡天脉聚源传媒科技有限公司 Video request processing method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107333151A (en) * 2017-06-30 2017-11-07 武汉斗鱼网络科技有限公司 A kind of video flowing address method for authenticating and device
WO2019001084A1 (en) * 2017-06-30 2019-01-03 武汉斗鱼网络科技有限公司 Authentication method and device for video stream address

Similar Documents

Publication Publication Date Title
Rao et al. Jail-Phish: An improved search engine based phishing detection system
CN103744802B (en) Method and device for identifying SQL injection attacks
CN101370008B (en) System for real-time intrusion detection of SQL injection WEB attacks
US8051484B2 (en) Method and security system for indentifying and blocking web attacks by enforcing read-only parameters
CN104640092B (en) Identify the method for refuse messages, client, cloud server and system
Thonnard et al. A strategic analysis of spam botnets operations
Rao et al. Two level filtering mechanism to detect phishing sites using lightweight visual similarity approach
JP6347557B2 (en) Service providing system, service providing method, verification device, verification method, and computer program
CN106961419A (en) WebShell detection methods, apparatus and system
CN102801697A (en) Malicious code detection method and system based on plurality of URLs (Uniform Resource Locator)
CN104954346A (en) Attack recognition method based on object analysis and device thereof
JP2014502753A (en) Web page information detection method and system
US8190581B2 (en) Real-time content detection in ISP transmissions
WO2015039473A1 (en) Verification data processing method and device and storage medium
CN109040097A (en) A kind of defence method of cross-site scripting attack, device, equipment and storage medium
WO2013016993A1 (en) Search method, system and device
CN104954345A (en) Attack recognition method based on object analysis and device thereof
CN102833269A (en) Detection method and device for cross site scripting and firewall with device
CN103793508B (en) A kind of loading recommendation information, the methods, devices and systems of network address detection
CN110020161B (en) Data processing method, log processing method and terminal
Gupta et al. Robust injection point-based framework for modern applications against XSS vulnerabilities in online social networks
CN115134147A (en) E-mail detection method and device
JP5364012B2 (en) Data extraction apparatus, data extraction method, and data extraction program
US20180083970A1 (en) Document classification by a hybrid classifier
CN106209748B (en) The means of defence and device of internet interface

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160824

WD01 Invention patent application deemed withdrawn after publication