CN107291742A - The anti-grasping means of data and device - Google Patents
The anti-grasping means of data and device Download PDFInfo
- Publication number
- CN107291742A CN107291742A CN201610201508.7A CN201610201508A CN107291742A CN 107291742 A CN107291742 A CN 107291742A CN 201610201508 A CN201610201508 A CN 201610201508A CN 107291742 A CN107291742 A CN 107291742A
- Authority
- CN
- China
- Prior art keywords
- user
- user profile
- blacklist
- request
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
- G06F16/9535—Search customisation based on user profiles and personalisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention proposes a kind of anti-grasping means of data and device, and the anti-grasping means of the data includes:User's request that access side sends is received, user profile is included in user's request;Judge the user profile whether in the blacklist previously generated;If the user profile is in the blacklist, obtains data corresponding with the user profile and deliver strategy, and strategy generating false data is delivered according to the data, and, the false data is fed back into the access side.This method can improve the anti-effect captured of data.
Description
Technical field
The present invention relates to Internet technical field, more particularly to a kind of anti-grasping means of data and device.
Background technology
With flourishing for internet, competition is increasingly white-hot, wherein by carrying out data grabber to competing product,
Competing product analysis can be carried out, provides the foundation and supports and follow-up related support for competition.Accordingly, in order to protect
Protect its data, enterprise is also required to carry out that data are counter captures.
In correlation technique, the anti-conventional settling mode captured of data is to carry out IP to abnormal IP to close or adopt
Verified with identifying code, but this mode is simply direct, effect is unsatisfactory.
The content of the invention
It is contemplated that at least solving one of technical problem in correlation technique to a certain extent.
Therefore, it is an object of the present invention to propose a kind of anti-grasping means of data, this method can be improved
The anti-effect captured of data.
It is another object of the present invention to propose a kind of anti-grabbing device of data.
To reach above-mentioned purpose, the anti-grasping means of data that first aspect present invention embodiment is proposed, including:
First aspect present invention embodiment propose the anti-grasping means of data, by user profile in black name
Dan Shi, generation false data simultaneously feeds back to access side, can avoid being crawled user and perceive quickly, and
And crawl user can be caused to mislead, relative to the mode directly closed, it can improve that data are counter to grab
The effect taken.
To reach above-mentioned purpose, the anti-grabbing device of data that second aspect of the present invention embodiment is proposed, including:
Second aspect of the present invention embodiment propose the anti-grabbing device of data, by user profile in black name
Dan Shi, generation false data simultaneously feeds back to access side, can avoid being crawled user and perceive quickly, and
And crawl user can be caused to mislead, relative to the mode directly closed, it can improve that data are counter to grab
The effect taken.
The additional aspect of the present invention and advantage will be set forth in part in the description, and will partly be retouched from following
Become obvious in stating, or recognized by the practice of the present invention.
Brief description of the drawings
Of the invention above-mentioned and/or additional aspect and advantage are from the following description of the accompanying drawings of embodiments
It will be apparent and be readily appreciated that, wherein:
Fig. 1 is the schematic flow sheet for the anti-grasping means of data that one embodiment of the invention is proposed;
Fig. 2 is the schematic flow sheet for the anti-grasping means of data that another embodiment of the present invention is proposed;
Fig. 3 is the structural representation for the anti-grabbing device of data that one embodiment of the invention is proposed;
Fig. 4 is the structural representation for the anti-grabbing device of data that another embodiment of the present invention is proposed.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein certainly
Beginning to same or similar label eventually represents same or similar module or the mould with same or like function
Block.The embodiments described below with reference to the accompanying drawings are exemplary, is only used for explaining the present invention, and can not
It is interpreted as limitation of the present invention.On the contrary, embodiments of the invention include falling into attached claims
All changes, modification and equivalent in the range of spirit and intension.
Fig. 1 is the schematic flow sheet for the anti-grasping means of data that one embodiment of the invention is proposed.
Referring to Fig. 1, the method for the present embodiment includes:
S11:User's request that access side sends is received, user profile is included in user's request.
Wherein, user profile includes IP address, if access side is normal accession page, Yong Huxin
Also include other in breath to identify, other marks include:User's mark and user when user is not logged in are
User's mark during login, user's mark when user is not logged in includes:Cuid or appid, user
User's mark is pass_id when having logged in.If access side is improper accession page, such as directly
Invoking page interface, then do not include above-mentioned cuid, appid and pass_id in user profile.
S12:Judge the user profile whether in the blacklist previously generated.
Wherein it is possible to previously generate blacklist, record the crawl user's that identifies in advance in blacklist
User profile, such as captures IP address, cuid, appid or pass_id of user, so as to work as
When the user profile that user's request of preceding reception includes is in blacklist, then it can determine current
Access side is crawl user.
The product process of specific blacklist may refer to follow-up associated description.
S13:If the user profile is in the blacklist, obtain corresponding with the user profile
Data deliver strategy, and deliver strategy generating false data according to the data, and, by the void
False data feeds back to the access side.
Wherein, when user profile is in blacklist, it may be determined that access side is crawl user.
For crawl user, crawl user can be allowed to perceive quickly and change crawl strategy due to directly closing.
Therefore, in the present embodiment, the mode of feedback false data is used for crawl user, so
It can avoid being crawled user and perceive quickly, furthermore it is also possible to mislead false crawl user.
The every kind of user profile of correspondence, can previously generate corresponding data and deliver strategy.For example, correspondence
Cuid1, false data is to increase by 10%, correspondence cuid2, false data on the basis of True Data
It is that 10% etc. is reduced on the basis of True Data.
Further, in order to preferably mislead crawl user, the hair for meeting data to be captured can be generated
The false data of exhibition trend.For example, crawl user needs the data captured to be sales volume, due to sales volume
Development trend be it is increased, such as, and in same sales volume calculating cycle, the sales volume value of later moment in time
More than the sales volume value of previous moment, therefore, the false data of correspondence later moment in time generation should also be more than
The false data of previous moment generation, is perceived with avoiding being crawled user.
In the present embodiment, by when user profile is in blacklist, generating false data and feeding back to visit
The side of asking, can avoid being crawled user and perceive quickly, and crawl user can be caused to mislead, phase
For the mode directly closed, the anti-effect captured of data can be improved.
Fig. 2 is the schematic flow sheet for the anti-grasping means of data that another embodiment of the present invention is proposed.
Referring to Fig. 2, the method for the present embodiment includes:
S201:Generate blacklist.
Wherein it is possible to recognize abnormal user profile by on-line analysis and/or off-line analysis and record black
In list, to generate blacklist.
Specifically, abnormal user profile is recognized by on-line analysis and recorded in blacklist, including:
The data flow (as using sparkstreaming modes) of the user's request accessed is obtained in real time, to institute
At least one in the following item of data flow progress is stated, recognizes that abnormal user profile is simultaneously recorded in blacklist:
(1) occurrence number of same user profile in user's request of the access preset page is obtained, will be gone out
Occurrence number is more than the user profile of preset value, records in blacklist;
Wherein, the default page for example including:Trade company's page and merchant list page, trade company's page is display one or many
The page of individual merchant information, merchant list page is the page for showing one or more merchandise newss in some trade company
Face.
The default page can pass through URL (Uniform Resource Locator, URL)
Prefix is identified, and different URL prefixes is used to identify the different pages.
Therefore, if under default URL prefix, when the occurrence number of some user profile is more than preset value,
Then by user profile record in blacklist.User profile for example including:cuid、appid、pass_id
Or IP address.
(2) quantitative value included in page turning request is obtained, is not during the page turning of preset value is asked by quantitative value
Comprising user profile, record in blacklist.
The size of terminal display screen is limited to, can not be same by multiple merchant informations by taking trade company's page as an example
Shown in the individual page, user can be realized to obtain more merchant informations by page turning, for example,
User realizes page turning by sliding screen on mobile terminal.For the user normally accessed, each page turning request
Middle to include quantitative value, the quantitative value shows to newly increase the quantity of the merchant information of display, for normal access
The quantitative value that should include of user be all default value, for example, at PC ends, the quantitative value is 40, in movement
Hold (APP or webapp), the quantitative value is 20.
And when the quantitative value included in page turning request is not above-mentioned default value, then can determine corresponding access
Side is not that normal users are accessed, and can be judged to capturing user, by its user profile record in blacklist
In.
(3) IP address in user's request is obtained, if the IP address belongs to external IP address,
The user profile included during the user is asked, is recorded in blacklist.
Generally, the IP address of normal users belongs to domestic IP address, if there is external IP
Location can consider in the presence of abnormal, by corresponding user profile record in blacklist.
Crawl information can fast and effectively be recognized by on-line analysis, and can go supplement above-mentioned in real time
Recognition strategy.
Specifically, abnormal user profile is recognized by off-line analysis and recorded in blacklist, including:
User's request in preset time period is obtained as data sample, following item is carried out to the data sample
At least one of in, recognize abnormal user profile and record in blacklist:
(1) occurrence number of same user profile in user's request of the access preset page is obtained, will be gone out
Occurrence number is more than the user profile of preset value, records in blacklist.
The first recognition strategy during similar above-mentioned on-line analysis, the strategy is properly termed as Frequent Set plan
Slightly, if some user profile is frequently occurred on the default page, it can identify that it is present abnormal,
By corresponding user profile record in blacklist.
(2) user included during user of the access time uniform concentration in preset time period is asked believes
Breath, is recorded in blacklist.
For example, crawl IP is probably a collection of, but it is that comparison is regular, the number of request meeting exactly captured
Several hours of one day are evenly distributed in, and including non-peak period.
(3) the access situation of IP address is obtained, if the object accessed is uniform, is recorded
In blacklist;
Because normally accessing IP can largely fall in more popular trade company, but the IP of crawl can nothing
Difference accesses trade company, including the trade company of some unexpected winners.
(4) information provided according to other product lines recognizes abnormal user profile and recorded in blacklist
In;
For example, crawl user can also carry out data grabber to other product lines, therefore it may be referred to it
The information that his product line is provided, for example, the crawl user that other product lines are identified is directly as working as
Preceding crawl user, by its user profile record in blacklist.
(5) user profile in user's request of follow-up no user behavior is recorded in blacklist.
For example, normal users are after accession page, the follow-up operation such as purchase that places an order can be carried out, if
Then show there is exception without follow-up associative operation, be identified as capturing user, its user profile record is existed
In blacklist.
Further, after identifying in the presence of abnormal user profile, these user profile can be entered
Row cluster, and each class of correspondence sets data to deliver strategy, so that follow-up in blacklist is identified
During user profile, corresponding data can be obtained and deliver strategy.Furthermore it is possible to by these blacklists
User profile and corresponding data deliver the unified storage of strategy, for example, being stored in redis.
It is, of course, understood that after using aforesaid way generation blacklist, can also be further
Carry out manual evaluation adjustment etc..
It is understood that S201 can be previously generated before identification crawl user.
In identification crawl user, following flow can be performed:
S202:User's request that access side sends is received, user profile, user are included in user's request
Information includes IP address.
Whether wherein it is possible to be counted to the access for presetting the page, it is crawl user to judge it, because
This, the step can specifically refer to receive user's request that access side sends in the default page.
The default page for example including:Trade company's page and merchant list page.
S203:Judge whether IP address belongs to predetermined and close IP address, if so, S204 is performed,
Otherwise, S205 is performed.
IP address is closed wherein it is possible to predefine, for example, the normal office work of Jing Pin companies is used
IP address as closing IP address.Because Jing Pin companies are when capturing data, except using crawl
IP address outside, it is also possible to the IP address used using normal office work is captured, in order to avoid
The data captured using different IP address, which are compared, for Jing Pin companies realizes exception, and normal office work
The IP address used is easier to obtain, and directly the IP address that its normal office work is used can be closed.
By comparing the IP address included in user's request and closing IP address, it can obtain judging knot
Really.
S204:Directly refuse user's request.
If the IP address in user's request be when closing IP address the user can be asked into
Row is closed, and refuses its access.
S205:User profile when judging whether to include normal accession page in the user profile, if so,
S207 is performed, S206 is otherwise performed.
User profile during normal accession page includes:Cuid, appid or pass_id, if user
Any one of above-mentioned three kinds of information is not included in information, then showing access side is accessed using improper mode
The page, access side now can be determined directly as capturing user.
S206:Strategy, the corresponding false number of generation present case are delivered according to data corresponding with present case
According to, and, the corresponding false data of the present case is fed back into the access side.
Wherein, user profile when present case refers in user profile not include normal accession page, can be with
Correspondence each case sets data to deliver strategy in advance, is delivered so as to obtain the corresponding data of present case
Strategy, and according to the strategy generating false data.
When user ask in not include normal accession page when user profile when, can directly determine access side
It is crawl user, so as to according to corresponding strategy generating false data and feed back to access side.
S207:The user profile is judged whether in the blacklist previously generated, if so, S208 is performed,
Otherwise S210 is performed.
Wherein, at least one in above-mentioned user profile, such as IP address, cuid, appid or pass_id
When in blacklist, then it is crawl user that can determine access side, so that false data subsequently can be generated simultaneously
Feed back to access side.
S208:Obtain data corresponding with the user profile and deliver strategy, and thrown according to the data
Strategy generating false data is put, and, the false data is fed back into the access side.
Wherein, the different user profile of correspondence can set different data to deliver strategy, so as to generate difference
False data feed back to access side.
Further, after the user profile in identifying blacklist, this method can also include:
S209:Effect analysis is carried out to identification situation.
For example, hit situation (identifying crawl user) is printed in the form of daily record, day is linked into
Will acquisition platform, carries out on-line analytical processing (Online Analytical Processing, OLAP),
And increase alarm.Count the magnitude of hit, accuracy rate and recall rate.
S210:Access side is allowed normally to access.
In the present embodiment, by when user profile is in blacklist, generating false data and feeding back to access
Side, can be avoided being crawled user and perceive quickly, and crawl user can be caused to mislead, relatively
In the mode directly closed, the anti-effect captured of data can be improved.Further, by it is online and/
Or offline mode generates blacklist, the accuracy of blacklist can be improved,
Fig. 3 is the structural representation for the anti-grabbing device of data that one embodiment of the invention is proposed.Referring to
Fig. 3, the device 30 includes:Receiving module 31, the first judge module 32 and the first feedback module 33.
Receiving module 31, user's request for receiving access side's transmission, is included in user's request
User profile;
Wherein, user profile includes IP address, if access side is normal accession page, Yong Huxin
Also include other in breath to identify, other marks include:User's mark and user when user is not logged in are
User's mark during login, user's mark when user is not logged in includes:Cuid or appid, user
User's mark is pass_id when having logged in.If access side is improper accession page, such as directly
Invoking page interface, then do not include above-mentioned cuid, appid and pass_id in user profile.
First judge module 32, for judging the user profile whether in the blacklist previously generated;
Wherein it is possible to previously generate blacklist, record the crawl user's that identifies in advance in blacklist
User profile, such as captures IP address, cuid, appid or pass_id of user, so as to work as
When the user profile that user's request of preceding reception includes is in blacklist, then it can determine current
Access side is crawl user.
First feedback module 33, if for the user profile in the blacklist, obtained and institute
State the corresponding data of user profile and deliver strategy, and strategy generating false data is delivered according to the data,
And, the false data is fed back into the access side.
Wherein, when user profile is in blacklist, it may be determined that access side is crawl user.
For crawl user, crawl user can be allowed to perceive quickly and change crawl strategy due to directly closing.
Therefore, in the present embodiment, the mode of feedback false data is used for crawl user, so
It can avoid being crawled user and perceive quickly, furthermore it is also possible to mislead false crawl user.
The every kind of user profile of correspondence, can previously generate corresponding data and deliver strategy.For example, correspondence
Cuid1, false data is to increase by 10%, correspondence cuid2, false data on the basis of True Data
It is that 10% etc. is reduced on the basis of True Data.
Further, in order to preferably mislead crawl user, the hair for meeting data to be captured can be generated
The false data of exhibition trend.For example, crawl user needs the data captured to be sales volume, due to sales volume
Development trend be it is increased, such as, and in same sales volume calculating cycle, the sales volume value of later moment in time
More than the sales volume value of previous moment, therefore, the false data of correspondence later moment in time generation should also be more than
The false data of previous moment generation, is perceived with avoiding being crawled user.
In some embodiments, referring to Fig. 4, the device 30 also includes:
Second judge module 34, during for judging whether to include normal accession page in the user profile
User profile;
Second feedback module 35, if for not including, it is corresponding with present case according to what is pre-set
Data deliver strategy, the corresponding false data of generation present case, and, by the present case pair
The false data answered feeds back to the access side.
In some embodiments, referring to Fig. 4, the user profile includes IP address, and the device 30 also includes:
3rd judge module 36, for judge the IP address whether belong to it is predetermined with closing IP
Location;
When processing module 37 for the judged result in the 3rd judge module is to belong to, directly refuse
User's request.
In some embodiments, referring to Fig. 4, the device 30 also includes:
Generation module 38, for recognizing abnormal user profile and note by on-line analysis and/or off-line analysis
Record is in blacklist, to generate blacklist.
Further, referring to Fig. 4, the generation module 38 includes first module 381, the first module
381 are used for:
The data flow of the user's request accessed is obtained in real time, and at least one in following item is carried out to the data flow
, recognize abnormal user profile and record in blacklist:
The occurrence number of same user profile in user's request of the access preset page is obtained, number of times is will appear from
More than the user profile of preset value, record in blacklist;
The quantitative value included in page turning request is obtained, is included in the page turning request for by quantitative value not being default value
User profile, is recorded in blacklist;
The IP address in user's request is obtained, if the IP address belongs to external IP address, by institute
The user profile included in user's request is stated, is recorded in blacklist.
Further, referring to Fig. 4, the generation module 38 includes second unit 382, the second unit
382 are used for:
User's request in preset time period is obtained as data sample, following item is carried out to the data sample
At least one of in, generate blacklist:
The occurrence number of same user profile in user's request of the access preset page is obtained, number of times is will appear from
More than the user profile of preset value, record in blacklist;
The user profile that will be included in user's request of the access time uniform concentration in preset time period, record
In blacklist;
The access situation of IP address is obtained, if the object accessed is uniform, is recorded in blacklist;
The user profile of the information identification exception provided according to other product lines is simultaneously recorded in blacklist;
User profile in user's request of follow-up no user behavior is recorded in blacklist.
It is understood that the present embodiment is corresponding with above-mentioned embodiment of the method, the particular content side of may refer to
Associated description in method embodiment, is no longer described in detail herein.
In the present embodiment, by when user profile is in blacklist, generating false data and feeding back to visit
The side of asking, can avoid being crawled user and perceive quickly, and crawl user can be caused to mislead, phase
For the mode directly closed, the anti-effect captured of data can be improved.
It should be noted that in the description of the invention, term " first ", " second " etc. are only used for retouching
Purpose is stated, and it is not intended that indicating or implying relative importance.In addition, in the description of the invention, removing
Non- to be otherwise noted, the implication of " multiple " refers at least two.
Any process described otherwise above or method description are construed as in flow chart or herein, table
Show including it is one or more be used for realize specific logical function or process the step of executable instruction generation
Module, fragment or the part of code, and the scope of the preferred embodiment of the present invention includes other realization,
Wherein can not by order that is shown or discussing, including according to involved function by it is basic and meanwhile in the way of
Or in the opposite order, carrying out perform function, this should be by embodiments of the invention those of skill in the art
Member is understood.
It should be appreciated that each several part of the present invention can be realized with hardware, software, firmware or combinations thereof.
In the above-described embodiment, multiple steps or method can in memory and by suitable instruction be held with storage
The software or firmware that row system is performed are realized.If for example, realized with hardware, and in another embodiment party
It is the same in formula, it can be realized with any one of following technology well known in the art or their combination:Have
For the discrete logic for the logic gates that logic function is realized to data-signal, with suitable combination
The application specific integrated circuit of logic gates, programmable gate array (PGA), field programmable gate array (FPGA)
Deng.
Those skilled in the art be appreciated that to realize the whole that above-described embodiment method carries or
Part steps can be by program to instruct the hardware of correlation to complete, and described program can be stored in one kind
In computer-readable recording medium, the program upon execution, including one of the step of embodiment of the method or its group
Close.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing module,
Can also be that unit is individually physically present, can also two or more units be integrated in a module
In.Above-mentioned integrated module can both be realized in the form of hardware, it would however also be possible to employ software function module
Form is realized.If the integrated module is realized using in the form of software function module and is used as independent product
Sale in use, can also be stored in a computer read/write memory medium.
Storage medium mentioned above can be read-only storage, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ",
The description of " specific example " or " some examples " etc. means to combine that the embodiment or example describe is specific
Feature, structure, material or feature are contained at least one embodiment of the present invention or example.In this theory
In bright book, identical embodiment or example are not necessarily referring to the schematic representation of above-mentioned term.Moreover,
Specific features, structure, material or the feature of description can be in any one or more embodiments or examples
In combine in an appropriate manner.
Although embodiments of the invention have been shown and described above, it is to be understood that above-described embodiment
It is exemplary, it is impossible to be interpreted as limitation of the present invention, one of ordinary skill in the art is the present invention's
In the range of above-described embodiment can be changed, change, replace and modification.
Claims (12)
1. a kind of anti-grasping means of data, it is characterised in that including:
User's request that access side sends is received, user profile is included in user's request;
Judge the user profile whether in the blacklist previously generated;
If the user profile is in the blacklist, data corresponding with the user profile are obtained
Strategy is delivered, and strategy generating false data is delivered according to the data, and, by the false number
According to feeding back to the access side.
2. according to the method described in claim 1, it is characterised in that whether judging the user profile
Before in the blacklist previously generated, methods described also includes:
User profile when judging whether to include normal accession page in the user profile;
If do not included, strategy is delivered according to the data corresponding with present case pre-set, generation is worked as
The corresponding false data of preceding situation, and, the corresponding false data of the present case is fed back to described
Access side.
3. according to the method described in claim 1, it is characterised in that the user profile includes IP address,
Whether before judging the user profile in the blacklist previously generated, methods described also includes:
Judge whether the IP address belongs to predetermined and close IP address;
If belonged to, directly refuse user's request.
4. the method according to claim any one of 1-3, it is characterised in that also include:
By the user profile and record of on-line analysis and/or off-line analysis identification exception in blacklist, with
Generate blacklist.
5. method according to claim 4, it is characterised in that exception is recognized by on-line analysis
User profile is simultaneously recorded in blacklist, including:
The data flow of the user's request accessed is obtained in real time, and at least one in following item is carried out to the data flow
, recognize abnormal user profile and record in blacklist:
The occurrence number of same user profile in user's request of the access preset page is obtained, number of times is will appear from
More than the user profile of preset value, record in blacklist;
The quantitative value included in page turning request is obtained, is included in the page turning request for by quantitative value not being default value
User profile, is recorded in blacklist;
The IP address in user's request is obtained, if the IP address belongs to external IP address, by institute
The user profile included in user's request is stated, is recorded in blacklist.
6. method according to claim 4, it is characterised in that exception is recognized by off-line analysis
User profile is simultaneously recorded in blacklist, including:
User's request in preset time period is obtained as data sample, following item is carried out to the data sample
At least one of in, generate blacklist:
The occurrence number of same user profile in user's request of the access preset page is obtained, number of times is will appear from
More than the user profile of preset value, record in blacklist;
The user profile that will be included in user's request of the access time uniform concentration in preset time period, record
In blacklist;
The access situation of IP address is obtained, if the object accessed is uniform, is recorded in blacklist;
The user profile of the information identification exception provided according to other product lines is simultaneously recorded in blacklist;
User profile in user's request of follow-up no user behavior is recorded in blacklist.
7. a kind of anti-grabbing device of data, it is characterised in that including:
Receiving module, user's request for receiving access side's transmission, user is included in user's request
Information;
First judge module, for judging the user profile whether in the blacklist previously generated;
First feedback module, if for the user profile in the blacklist, obtaining and being used with described
Information corresponding data in family deliver strategy, and deliver strategy generating false data according to the data, with
And, the false data is fed back into the access side.
8. device according to claim 7, it is characterised in that also include:
Second judge module, for judging user when whether including normal accession page in the user profile
Information;
Second feedback module, if for not including, according to the number corresponding with present case pre-set
According to strategy is delivered, the corresponding false data of present case is generated, and, the present case is corresponding
False data feeds back to the access side.
9. device according to claim 7, it is characterised in that the user profile includes IP address,
Also include:
3rd judge module, IP address is closed for judging whether the IP address belongs to predetermined;
When processing module for the judged result in the 3rd judge module is to belong to, directly refuse described
User asks.
10. the device according to claim any one of 7-9, it is characterised in that also include:
Generation module, for recognizing abnormal user profile and record by on-line analysis and/or off-line analysis
In blacklist, to generate blacklist.
11. device according to claim 10, it is characterised in that the generation module includes first
Unit, the first module is used for:
The data flow of the user's request accessed is obtained in real time, and at least one in following item is carried out to the data flow
, recognize abnormal user profile and record in blacklist:
The occurrence number of same user profile in user's request of the access preset page is obtained, number of times is will appear from
More than the user profile of preset value, record in blacklist;
The quantitative value included in page turning request is obtained, is included in the page turning request for by quantitative value not being default value
User profile, is recorded in blacklist;
The IP address in user's request is obtained, if the IP address belongs to external IP address, by institute
The user profile included in user's request is stated, is recorded in blacklist.
12. device according to claim 10, it is characterised in that the generation module includes second
Unit, the second unit is used for:
User's request in preset time period is obtained as data sample, following item is carried out to the data sample
At least one of in, generate blacklist:
The occurrence number of same user profile in user's request of the access preset page is obtained, number of times is will appear from
More than the user profile of preset value, record in blacklist;
The user profile that will be included in user's request of the access time uniform concentration in preset time period, record
In blacklist;
The access situation of IP address is obtained, if the object accessed is uniform, is recorded in blacklist;
The user profile of the information identification exception provided according to other product lines is simultaneously recorded in blacklist;
User profile in user's request of follow-up no user behavior is recorded in blacklist.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610201508.7A CN107291742A (en) | 2016-03-31 | 2016-03-31 | The anti-grasping means of data and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610201508.7A CN107291742A (en) | 2016-03-31 | 2016-03-31 | The anti-grasping means of data and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107291742A true CN107291742A (en) | 2017-10-24 |
Family
ID=60087721
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610201508.7A Pending CN107291742A (en) | 2016-03-31 | 2016-03-31 | The anti-grasping means of data and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107291742A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107908971A (en) * | 2017-11-09 | 2018-04-13 | 维沃移动通信有限公司 | A kind of information processing method and mobile terminal |
CN110474890A (en) * | 2019-07-29 | 2019-11-19 | 深圳数位传媒科技有限公司 | A kind of anti-crawling method of data and device based on intelligent flow guiding switching |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916935A (en) * | 2011-08-04 | 2013-02-06 | 深圳华强电子交易网络有限公司 | Site content pickup-preventing method |
CN104951447A (en) * | 2014-03-25 | 2015-09-30 | 上海市玻森数据科技有限公司 | Whole network public opinion monitoring system |
US9154565B2 (en) * | 2012-11-29 | 2015-10-06 | The Nielsen Company (Us), Llc | Methods and apparatus to monitor online activity |
-
2016
- 2016-03-31 CN CN201610201508.7A patent/CN107291742A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916935A (en) * | 2011-08-04 | 2013-02-06 | 深圳华强电子交易网络有限公司 | Site content pickup-preventing method |
US9154565B2 (en) * | 2012-11-29 | 2015-10-06 | The Nielsen Company (Us), Llc | Methods and apparatus to monitor online activity |
CN104951447A (en) * | 2014-03-25 | 2015-09-30 | 上海市玻森数据科技有限公司 | Whole network public opinion monitoring system |
Non-Patent Citations (1)
Title |
---|
卢建军: "10.5.5隐私保护规范", 《物联网概论》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107908971A (en) * | 2017-11-09 | 2018-04-13 | 维沃移动通信有限公司 | A kind of information processing method and mobile terminal |
CN110474890A (en) * | 2019-07-29 | 2019-11-19 | 深圳数位传媒科技有限公司 | A kind of anti-crawling method of data and device based on intelligent flow guiding switching |
CN110474890B (en) * | 2019-07-29 | 2022-05-10 | 深圳数位大数据科技有限公司 | Data anti-crawling method and device based on intelligent flow guide switching |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6878450B2 (en) | Methods and devices to prevent advertising fraud and storage media | |
CN107578263B (en) | Advertisement abnormal access detection method and device and electronic equipment | |
JP4949405B2 (en) | Pay-per-click fraud protection | |
US8255273B2 (en) | Evaluating online marketing efficiency | |
CN106650433B (en) | A kind of anomaly detection method and system | |
WO2019169978A1 (en) | Resource recommendation method and device | |
EP2659398A1 (en) | Recommendation of search keywords based on indication of user intention | |
CN108399565A (en) | Financial product recommendation apparatus, method and computer readable storage medium | |
CN105260913A (en) | CTR estimation method and system, and DSP server used for Internet advertisement putting | |
EP1618526A1 (en) | Predicting marketing campaigns having more than one step | |
CN105550175A (en) | Malicious account identification method and apparatus | |
CA2455267A1 (en) | Method and system for assigning customers to activities in marketing campaigns and computer program product implementing same | |
CN110020339A (en) | Based on without the webpage data acquiring method and device buried a little | |
CN106874293B (en) | Data processing method and device | |
CN107291742A (en) | The anti-grasping means of data and device | |
US20070055733A1 (en) | Method, server and program product for delivering messages | |
CN108074122A (en) | Product beta test recommends method, apparatus and server | |
CN109471639A (en) | The monitoring method and device in a kind of application downloading source | |
CN111523944A (en) | Browsing data processing method and device, nonvolatile storage medium and processing | |
JP2000215238A (en) | Method for detecting illegal literary work | |
CN106570711A (en) | Authenticity analysis method and system | |
CN116208516A (en) | Enterprise internet private line perception evaluation method, device, equipment and medium | |
CN104484357A (en) | Data processing method and device and access frequency information processing method and device | |
CN111026981B (en) | Visual display method, device and equipment for hot topics | |
CN108055661B (en) | Telephone number blacklist establishing method and device based on communication network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Room 202, 2 / F, 1-3 / F, No. 11, Shangdi Information Road, Haidian District, Beijing 100084 Applicant after: Beijing Xingxuan Technology Co.,Ltd. Address before: 100085, No. 11, information road, Haidian District, Beijing Applicant before: Beijing Xiaodu Information Technology Co.,Ltd. |
|
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171024 |