CN107508844A - A kind of access request verification method, apparatus and system - Google Patents
A kind of access request verification method, apparatus and system Download PDFInfo
- Publication number
- CN107508844A CN107508844A CN201710993267.9A CN201710993267A CN107508844A CN 107508844 A CN107508844 A CN 107508844A CN 201710993267 A CN201710993267 A CN 201710993267A CN 107508844 A CN107508844 A CN 107508844A
- Authority
- CN
- China
- Prior art keywords
- access request
- data
- verified
- model
- history
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a kind of access request verification method, apparatus and system, this method includes:At least one history access request data is obtained, and according at least one history access request data generation checking model, wherein, the checking model is used for the source of authentication-access request;Receive the access request to be verified that access end is sent;Verify whether the source of the access request to be verified is machine program by the checking model;If it is, the access request to be verified is intercepted;If not, the access request to be verified is issued into corresponding receiving terminal.The device includes:Model generation unit, request reception unit, requests verification unit and requesting processing.This programme can pass through the usage experience of user.
Description
Technical field
The present invention relates to communication technical field, more particularly to a kind of access request verification method, apparatus and system.
Background technology
With the continuous development and progress of Internet technology, Internet technology be widely used in living and produce in it is each
Individual field, for example internet ticket selling, register on the net, shopping online etc., brought great convenience for the life and production of people.Mutually
Networking company will also prevent illegal user using machine program to application in addition to normal users to be are provided and easily serviced
Or the malicious access that website is carried out, because the malicious access that machine program is carried out has the characteristics of frequency is high, flow is big, not only can
Influence the access of normal users, it is also possible to server can be caused to delay the serious consequences such as machine.
At present, the malicious access of machine program is mainly prevented by way of identifying code is set, i.e., access end, which is sent, visits
Asking needs to carry the identifying code that is shown by forms such as pictures of receiving terminal while request, only identifying code it is correct under the premise of connect
Receiving end just can carry out subsequent treatment to access request.
Although by setting identifying code to prevent the malicious access of machine program, normal users send access every time
It is required for being manually entered identifying code during request, causes the usage experience of user poor.
The content of the invention
The embodiments of the invention provide a kind of access request verification method, apparatus and system, it is possible to increase the use of user
Experience.
In a first aspect, the embodiments of the invention provide a kind of access request verification method, obtain at least one history and access
Request data, and according at least one history access request data generation checking model, wherein, the checking model is used for
The source of authentication-access request, in addition to:
Receive the access request to be verified that access end is sent;
Verify whether the source of the access request to be verified is machine program by the checking model;
If it is, the access request to be verified is intercepted;
If not, the access request to be verified is issued into corresponding receiving terminal.
Alternatively, at least one history access request data of acquisition, including:
Set log collection to act on behalf of at least one website, acted on behalf of by the log collection at least one net
The Request Log stood is acquired, and the history access request data is obtained from the Request Log.
Alternatively, at least one history access request data of acquisition, including:
Receive the history that at least one user voluntarily uploads and access data, access from the history and gone through described in being obtained in data
History access request data.
Alternatively, it is described according at least one history access request data generation checking model, including:
Structuring processing is carried out at least one history access request data and obtains Structured Interview request data;
Data cleansing and data analysis are carried out to the Structured Interview request data, obtain standardized access number of request
According to;
Learning model is created using back-propagation algorithm, by the standardized access request data to the learning model
Optimize, until the accuracy rate that the learning model is verified to the source of access request exceedes default threshold value, by institute
Learning model is stated as the checking model.
Alternatively, it is described by verify model verify the access request to be verified source whether be machine program it
Afterwards, further comprise:
According to the result and the access request to be verified verified to the access request to be verified, to the checking
Model optimizes processing.
Alternatively,
The history access request data includes:Each access request corresponding webpage residence time, each
Time interval between mouse motion track of the access request on corresponding webpage, adjacent access request and receive access request
It is any one or more in frequency.
Second aspect, the embodiment of the present invention additionally provide a kind of access request checking device, including:Model generation unit,
Request reception unit, requests verification unit and requesting processing;
The model generation unit, for obtaining at least one history access request data, and according to described at least one
History access request data generation checking model, wherein, the checking model is used for the source of authentication-access request;
The request reception unit, for receiving the access request to be verified of access end transmission;
The requests verification unit, for the checking model generated by the model generation unit, described in checking
Whether the source for the access request to be verified that request reception unit receives is machine program;
The requesting processing, for the result according to the requests verification unit, when the access to be verified
The request to be verified is intercepted when the source of request is machine program, when the source of the access request to be verified is not
The access request to be verified is sent to corresponding receiving terminal during machine program.
Alternatively,
The model generation unit includes:Data acquisition subelement;
The data acquisition subelement, for setting log collection to act on behalf of at least one website, pass through the daily record
Collection agent is acquired to the Request Log of at least one website, and is obtained the history from the Request Log and visited
Ask request data.
Alternatively,
The data acquisition subelement, it is further used for receiving the history access data that at least one user voluntarily uploads,
And accessed from the history in data and obtain the history access request data.
Alternatively,
The model generation unit includes:Data processing subelement;
The data processing subelement, obtained for carrying out structuring processing at least one history access request data
Structured Interview request data is obtained, and data cleansing and data analysis acquisition standard are carried out to the Structured Interview request data
Change access request data, and learning model is created using back-propagation algorithm, pass through the standardized access request data pair
The learning model optimizes, and is preset until the accuracy rate that the learning model is verified to the source of access request exceedes
Threshold value, using the learning model as the checking model.
Alternatively,
Access request checking device further comprises:Model optimization unit;
The model optimization unit, for being verified according to the requests verification unit to the access request to be verified
Result and the access request to be verified, to the model generation unit generation the checking model optimize processing.
The third aspect, the embodiment of the present invention additionally provide a kind of access request checking system, including:Above-mentioned second aspect carries
Any one access request checking device, at least one access end and at least one receiving terminal supplied;
Each described access end, for sending the access request to be verified to access request checking device;
Each described receiving terminal, it is not mechanical journey for receiving the corresponding source that the access request checking device is sent
The access request to be verified of sequence.
Access request verification method provided in an embodiment of the present invention, apparatus and system, can by history access request data
To determine whether the source of corresponding history access request is machine program, therefore can be given birth to according to multiple history access request datas
Into the checking model for authentication-access request source, after the access request to be verified of access end transmission is received, by
The checking model of generation verifies whether the source of access request to be verified is machine program, if access request to be verified is come
Source is machine program, then the access request to be verified is intercepted, and is otherwise sent to the access request to be verified corresponding
Receiving terminal.As can be seen here, according to the multiple history access request datas generation checking model got, by verifying that model can be with
Verify whether the access request from access end is machine behavior, and the access request to belonging to machine behavior intercepts, and uses
Family to be proved to be artificial behavior, it is attached when accessing webpage need not to reduce user by input validation code when sending access request
Operation, so as to improve the usage experience of user.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are the present invention
Some embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis
These accompanying drawings obtain other accompanying drawings.
Fig. 1 is a kind of flow chart for access request verification method that one embodiment of the invention provides;
Fig. 2 is the flow chart for another access request verification method that one embodiment of the invention provides;
Fig. 3 is the schematic diagram of equipment where a kind of access request checking device that one embodiment of the invention provides;
Fig. 4 is a kind of schematic diagram for access request checking device that one embodiment of the invention provides;
Fig. 5 is the schematic diagram for another access request checking device that one embodiment of the invention provides;
Fig. 6 is the schematic diagram for another access request checking device that one embodiment of the invention provides;
Fig. 7 is the schematic diagram for another access request checking device that one embodiment of the invention provides;
Fig. 8 is a kind of schematic diagram for access request checking system that one embodiment of the invention provides.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, rather than whole embodiments, based on the embodiment in the present invention, those of ordinary skill in the art
The every other embodiment obtained on the premise of creative work is not made, belongs to the scope of protection of the invention.
As shown in figure 1, the embodiments of the invention provide a kind of access request verification method, this method can include following step
Suddenly:
Step 101:At least one history access request data is obtained, and according at least one history access request number
Model is verified according to generation, wherein, the checking model is used for the source of authentication-access request;
Step 102:Receive the access request to be verified that access end is sent;
Step 103:Verify whether the source of the access request to be verified is machine program by the checking model, such as
Fruit is to perform step 104, otherwise performs step 105;
Step 104:The access request to be verified is intercepted, and terminates current process;
Step 105:The access request to be verified is issued into corresponding receiving terminal.
The embodiments of the invention provide a kind of access request verification method, can be determined pair by history access request data
Whether the source for answering history access request is machine program, therefore can be generated according to multiple history access request datas for testing
The checking model in access request source is demonstrate,proved, after the access request to be verified of access end transmission is received, is tested by what is generated
Model of a syndrome verifies whether the source of access request to be verified is machine program, if the source of access request to be verified is machine
Program, then the access request to be verified is intercepted, the access request to be verified is otherwise sent to corresponding receiving terminal.By
This is visible, according to the multiple history access request datas generation checking model got, is come from by verifying that model can be verified
Whether the access request of access end is machine behavior, and the access request to belonging to machine behavior intercepts, user without
Input validation code reduces attaching operation of the user when accessing webpage to be proved to be artificial behavior when sending access request, from
And the usage experience of user can be improved.
Alternatively, on the basis of access request verification method shown in Fig. 1, history access request number is obtained in step 101
According to when, history access request data can be obtained by following two modes:
Mode one:History access request data is obtained by gathering the Request Log of website;
Mode two:Data are accessed to obtain history access request data by using the history of family active upload.
The method for obtaining history access request data to above two separately below is described in detail:
For mode one:
Log collection is set to act on behalf of at least one website, the Request Log by log collection agency to each website
Be acquired, by carrying out finishing analysis to the Request Log that is collected, remove including hash, will be remaining
Part worth of data is as history access request data.
After setting log collection to act on behalf of on a website, by log collection, agency can gather multiple users to the net
Request Log when station conducts interviews, and multiple users that the website conducts interviews are included with normal users and disabled user,
The mode of normal users manually sends access request to the website, and disabled user is sent to the website by machine program and visited
Ask request.Therefore the Request Log arrived by the log collection agent acquisition being arranged on multiple websites, including artificial access are gone
Request Log corresponding to dynamic and machine access behavior, valuable data are obtained from these Request Logs please as history access
Data generation checking model is sought, by artificially accessing corresponding to history access request data corresponding to behavior and machine access behavior
Comparative analysis between history access request data, ensure that generated checking model can relatively accurately treat authentication-access
The source of request is verified, that is, judges that user triggers manually during access request to be verified access request or machine program are touched
The access request of hair.
Currently, set on website before log collection acts on behalf of, it is necessary to obtain being permitted for portal management side and website user
Can, the legitimacy of guarantee Request Log gatherer process.
For mode two:
Receive the history that multiple users voluntarily upload and access data, data are accessed by the history uploaded to each user
Carry out finishing analysis, retain including the valuable data in part as history access request data.
Interface is uploaded by creating user so that user can voluntarily upload history when it conducts interviews to all kinds of websites
Data are accessed, the history uploaded from user accesses the valuable data of extracting data and tested as the generation of history access request data
Model of a syndrome.Include access data when user conducts interviews to multiple websites in the history access request that user is uploaded, can
Access data during reflecting that same user conducts interviews to different web sites, so as to count access corresponding to artificial behavior
The feature of request, checking model are verified the source of access request to be verified with this feature, can verify access request to be verified
Source whether be artificial behavior, if not being then machine program.
Mode one gathers Request Log when each website is accessed by multiple users respectively using website as acquisition target,
Valuable data are extracted from Request Log as history access request data, being accessed by history corresponding to artificial behavior please
The contrast between history access request data corresponding to data and machine behavior is asked, whether generation can ask source with authentication-access
For the checking model of machine program.Mode two gathers each user and multiple websites is carried out respectively using user as acquisition target
History during access accesses data, and the valuable data of extracting data are accessed as history access request data from history, by
Data are accessed in the history that user uploads and correspond to artificial behavior, so as to be given birth to by the history access request data got
Into be able to verify that access request source whether be artificial behavior checking model, and the opposite of artificial behavior is machine journey
Sequence, so as to which whether the checking model generated can be machine program with the source that authentication-access is asked.
, can be by any or all of in above two mode when obtaining history access request data, mode
One using website as object is obtained, and mode two is using user as object is obtained, although two kinds of acquisition modes obtain history access request number
According to mode and data source it is different, but checking mould can be generated by history access request data accessed by two ways
Type, specific acquisition modes can ensure that the applicability of the access request verification method according to flexible determination is actually needed.
Alternatively, on the basis of access request verification method shown in Fig. 1, being accessed in step 101 according to each history please
When seeking data generation checking model, carry out structuring processing acquisition structuring to each history access request data respectively first and visit
Request data is asked, data cleansing is then carried out to each Structured Interview request data and data analysis obtains corresponding standardize
Access request data, learning model then is created using back-propagation algorithm, by standardized access request data to learning mould
Type optimizes, until after the accuracy rate that learning model is verified to the source of access request exceedes default threshold value, will learn
Model is practised as checking model.
First, structuring processing is carried out to each history access request data obtains Structured Interview request data, can be with
The each Structured Interview request data got is subjected to unified storage, is easy to the system to each Structured Interview request data
One management and subsequent treatment.
Second, data cleansing and data point are carried out to each Structured Interview request data by big data processing method
Analysis, standardized access request data corresponding to acquisition so that different standardized access request datas have identical form, just
In subsequently each standardized access request data is learnt as input data.
Third, back-propagation algorithm (Backpropagation algorithm, BP algorithm) is in the case where there is tutor's guidance,
Suitable for a kind of learning algorithm of multilayer neural networks.Back-propagation algorithm is one kind of inspection and guidance division learning algorithm, using anti-
Learning model can be created to propagation algorithm, learning model is learnt using standardized access request data as input data,
Actual conditions (artificial behavior or machine behavior) corresponding to learning outcome and standardized access request data are carried out to score
Analysis, can be adjusted, the learning model after being adjusted is again using standardized access request data as defeated to learning model
Enter data to be learnt, until after learning model is to the rate of accuracy reached that the source of access request is verified to default threshold value,
Learning model can relatively accurately judge that the source of access request is artificial behavior or machine behavior (machine program), now
Verified in the source that authentication-access request can be treated using learning model as checking model.
Learning model, the standard that learning model will obtain according to history access request data are created by artificial intelligence technology
Change access request data as input data to be learnt, learning model learns after terminating according to learning outcome to study each time
Model is adjusted, until the accuracy rate that learning model is verified to the source of access request will be learned after exceeding default threshold value
Model is practised as checking model.The method analyzed by artificial intelligence and big data, energy is obtained using history access request data
The checking model that enough sources to access request are verified so that checking model can treat authentication-access request exactly
Source is verified, ensures the accuracy that the access request verification method is verified to access request.
Alternatively,, can also be according to to be tested after step 103 on the basis of access request verification method shown in Fig. 1
The result and access request to be verified that card access request is verified, processing is optimized to checking model.
After checking model is verified to the source of an access request to be verified, no matter the access request to be verified
Source is machine program or artificial behavior, can be input to checking model using the access request to be verified as input data
In learnt, and according to learning outcome and the result verified to the access request to be verified, checking model is adjusted
Accuracy rate excellent, that further lifting checking model is verified to the source of access request so that the access request verification method
The accuracy verified to access request is higher, ensures the normal execution to access request transmitted by normal users, Yi Jibao
Demonstrate,prove the normal work of server.
Alternatively, on the basis of access request verification method shown in Fig. 1, history access request data can include each
Individual access request corresponding webpage mouse motion track on corresponding webpage of residence time, each access request,
It is any one or more in time interval and reception access request frequency between adjacent access request.
Disabled user by machine program to webpage when being conducted interviews, typically to can be with higher frequency to net
Page carries out connected reference, and now residence time of the access request on corresponding webpage is shorter, and normal users are manually grasped
When the mode of work conducts interviews to webpage, residence time of the access request on corresponding webpage is longer.Therefore will can access
Ask a parameter of the residence time as authentication-access request source on corresponding webpage.
Disabled user generally realizes web page operation, mouse when being conducted interviews by machine program to webpage by code
Without track or there is unified track, and normal users, when manually mode of operation conducts interviews to webpage, user passes through mouse
Mark and realize web page operation, mouse track is complicated and changeable.Therefore can be by mouse moving rail of the access request on corresponding webpage
A parameter of the mark as authentication-access request source.
The frequency of time interval and reception access request between adjacent access request has reacted access end and has sent access
The speed of request, machine program sends the speed of access request, and normal users manually operate transmission access request,
The speed for sending access request is slower.Therefore can be by the time interval between adjacent access request and the frequency of reception access request
Parameter as authentication-access request source.
According to including residence time, access request mouse on corresponding webpage of the access request in corresponding webpage
Time interval between motion track, adjacent access request and receive any one or more parameters in access request frequency
History access request data generates checking model, and checking model includes the regime values scope corresponding to each parameter,
Verify model by the way that the parameters that access request to be verified includes and above-mentioned parameters are contrasted, it may be determined that to be tested
Whether the source for demonstrate,proving access request is machine program.History access request data by including multiple parameters generates checking mould
Type so that checking model can integrate parameters treat authentication-access request source verified, ensure that to be verified
The accuracy that the source of access request is verified, please so as to improve access of the access request verification method to machine behavior
Seek the validity intercepted.
Below exemplified by the access request for webpage, access request verification method provided in an embodiment of the present invention is made
It is further described, as shown in Fig. 2 this method may comprise steps of:
Step 201:Obtain multiple history access request datas.
In an embodiment of the invention, multiple history access request datas for webpage are obtained, each history is visited
Ask that request data can include mouse of residence time, access request of the access request in corresponding webpage on corresponding webpage
It is part or all of in time interval and reception access request frequency between motion track, adjacent access request.It is specific to obtain
The method of history access request data, log collection can be set to act on behalf of on multiple websites, be acted on behalf of by log collection to each
The Request Log of individual website is acquired, and history access request data is obtained from Request Log;Multiple users can also be received
The history voluntarily uploaded accesses data, is accessed from history and history access request data is obtained in data;Above-mentioned two can also be passed through
The combination of kind of mode obtains history access request data.
For example, setting log collection to act on behalf of on 50 websites, getting 8000 history by log collection agency visits
Request data is asked, the history to be conducted interviews to webpage that 200 users voluntarily upload is received and accesses data, gone through from what user uploaded
History, which accesses, obtains 2000 history access request datas in data, obtain 10000 history access request datas altogether.
Step 202:History access request data is handled, obtains standardized access request data, and will standardization
Access request data is stored into database.
In an embodiment of the invention, edit analysis is carried out to each history access request data respectively, protected
Stay the valuable data of which part to carry out structuring processing and obtain Structured Interview request data, and the structuring of acquisition is visited
Ask request data storage into volatile data base;The structuring being stored in volatile data base is visited using big data processing method
Ask that request data carries out data cleansing and data analysis, obtain standardized access request data, and each bar of acquisition is standardized
Access request data is stored into database.
For example, 10000 history access request datas are carried out respectively edits, structuring processing, data cleansing and
Data analysis, standardized access request data corresponding to each history access request data is obtained, and by 10000 of acquisition
In standardized access request data data storage storehouse.
Step 203:Learning model is created using back-propagation algorithm.
In an embodiment of the invention, utilization orientation pass-algorithm creates a learning model, and the learning model can be with
Learnt using input data, to obtain the ability verified to the source of access request.
Step 204:Learning model is optimized using the standardized access request data stored in database, tested
Model of a syndrome.
In an embodiment of the invention, after learning model is created, standardized access number of request is read from database
Learning model is inputted according to as input data, learning model is learnt using input data.After once study terminates, it will obtain
Learning outcome be compared with actual conditions, learning model is adjusted according to result, make its learning outcome and
The degree of conformity of actual conditions is higher, the step of repeating above-mentioned study and adjust, until learning model enters to the source of access request
The accuracy rate of row checking exceedes default threshold value, using learning model now as checking model.
For example, input study mould using stored in database 10000 standardized access request datas as input data
After type, learning model is learnt using the input data of input, after learning outcome and actual conditions are compared really
It is 50% to determine the accuracy rate that learning model is verified to the source of access request, and learning model is adjusted according to analysis result
After whole, learnt again using 10000 standardized access request datas as input data input learning model.Passing through
After 100 study, the accuracy rate that learning model is verified to the source of access request exceedes default accuracy rate threshold value 98%,
Using learning model now as checking model.
Step 205:The access request to be verified that each access end of real-time reception is sent.
In an embodiment of the invention, after obtaining and verifying model, each access end of real-time reception send to target
The access request that webpage conducts interviews is as access request to be verified.
Step 206:By verifying whether the source that model separately verifies each access request to be verified is machine program,
If it is, performing step 207, step 208 is otherwise performed.
In an embodiment of the invention, for each accessing request information to be verified received, by verifying mould
Type is verified to the source of the access request to be verified, if the source of the access request to be verified is machine program, i.e., should
Access request to be verified is to be triggered by machine program and formed, and step 207 is performed for the access request to be verified, if should
The source of access request to be verified is artificial behavior, i.e., the access request to be verified is manually formed by normal users
, perform step 208 for the access request to be verified.
Step 207:Treat authentication-access request to be intercepted, alert, and perform step 209.
In an embodiment of the invention, verifying that the source that model verifies an access request to be verified is machine journey
After sequence, the access request to be verified is intercepted, and administrative staff's hair of webpage is accessed to the access request to be verified
Go out warning message.
Step 208:Access request to be verified is sent to corresponding receiving terminal.
In an embodiment of the invention, verifying that the source that model verifies an access request to be verified is not machine
After program, according to the access request to be verified webpage to be accessed, the access request to be verified is sent to corresponding reception
End.
Step 209:According to access request to be verified and the result, processing is optimized to checking model.
In an embodiment of the invention, for each access request to be verified, no matter verify model checking to be tested
Whether the source for demonstrate,proving access request is machine program, using the access request to be verified as input data input validation model,
Checking model is learnt using the access request to be verified, the standard verified with lifting checking model to access request source
True property.
As shown in Figure 3, Figure 4, the embodiments of the invention provide a kind of access request to verify device.Device embodiment can lead to
Software realization is crossed, can also be realized by way of hardware or software and hardware combining.For hardware view, as shown in figure 3, being
A kind of hardware structure diagram of equipment where access request checking device provided in an embodiment of the present invention, except the processing shown in Fig. 3
Outside device, internal memory, network interface and nonvolatile memory, the equipment in embodiment where device can also generally include
Other hardware, such as it is responsible for the forwarding chip of processing message.Exemplified by implemented in software, as shown in figure 4, being anticipated as a logic
Device in justice, it is to be read corresponding computer program instructions in nonvolatile memory by the CPU of equipment where it
Operation is formed in internal memory.The access request checking device that the present embodiment provides, including:Model generation unit 401, request receive
Unit 402, requests verification unit 403 and requesting processing 404;
Model generation unit 401, visited for obtaining at least one history access request data, and according at least one history
Request data generation checking model is asked, wherein, checking model is used for the source of authentication-access request;
Request reception unit 402, for receiving the access request to be verified of access end transmission;
Requests verification unit 403, for the checking model generated by model generation unit 401, checking request receives single
Whether the source for the access request to be verified that member 402 receives is machine program;
Requesting processing 404, for the result according to requests verification unit 403, when access request to be verified
Checking request is treated when source is machine program to be intercepted, and will be treated when the source of access request to be verified is not machine program
Authentication-access request is sent to corresponding receiving terminal.
Alternatively, on the basis of access request shown in Fig. 4 verifies device, as shown in figure 5, model generation unit 401 is wrapped
Include:Data acquisition subelement 4011;
Data acquisition subelement 4011, for setting log collection to act on behalf of at least one website, pass through log collection
Act on behalf of and the Request Log of at least one website is acquired, and history access request data is obtained from Request Log.
Alternatively, as shown in figure 5, data acquisition subelement 4011 can be also used for receiving at least one user and voluntarily upload
History access data, and from history access data in obtain history access request data.
Alternatively, on the basis of access request shown in Fig. 4 verifies device, as shown in fig. 6, model generation unit 401 is wrapped
Include:Data processing subelement 4012;
Data processing subelement 4012, tied for carrying out structuring processing at least one history access request data
Structure access request data, and standardized access is obtained to the progress data cleansing of Structured Interview request data and data analysis and asked
Data are sought, and learning model is created using back-propagation algorithm, learning model is carried out by standardized access request data
Optimization, until the accuracy rate that learning model is verified to the source of access request exceedes default threshold value, learning model is made
To verify model.
Alternatively, on the basis of access request shown in Fig. 4 verifies device, as shown in fig. 7, the access request verifies device
It can also include:Model optimization unit 705;
Model optimization unit 705, for treating the result verified of authentication-access request according to requests verification unit 403
With access request to be verified, the checking model generated to model generation unit 401 optimizes processing.
The contents such as the information exchange between each unit, implementation procedure in said apparatus, due to implementing with the inventive method
Example is based on same design, and particular content can be found in the narration in the inventive method embodiment, and here is omitted.
As shown in figure 8, one embodiment of the invention provides a kind of access request checking system, including:Above-described embodiment
Any one access request checking device 801, at least one access end 802 and at least one receiving terminal 803 provided;
Each access end 802, for sending access request to be verified to access request checking device 801;
Each receiving terminal 803, it is not Mechanically programm for receiving the corresponding source that access request checking device 801 is sent
Access request to be verified.
It should be noted that the content such as information exchange, implementation procedure in said system between each device, due to this
Inventive method embodiment is based on same design, and particular content can be found in the narration in the inventive method embodiment, no longer superfluous herein
State.
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, including execute instruction, when the processor of storage control is held
During the row execute instruction, the storage control performs the access request verification method that above-mentioned each embodiment provides.
The embodiment of the present invention additionally provides a kind of storage control, including:Processor, memory and bus;
The memory is used to store execute instruction, and the processor is connected with the memory by the bus, when
During the storage control operation, the execute instruction of memory storage described in the computing device, so that the storage
Controller performs the access request verification method that above-mentioned each embodiment provides.
In summary, access request verification method, the apparatus and system that each embodiment of the present invention provides, at least have such as
Lower beneficial effect:
1st, in embodiments of the present invention, the source of corresponding history access request can be determined by history access request data
Whether it is machine program, therefore the checking that source is asked for authentication-access can be generated according to multiple history access request datas
Model, after the access request to be verified of access end transmission is received, visit to be verified is verified by the checking model generated
Whether the source for asking request is machine program, if the source of access request to be verified is machine program, to the visit to be verified
Ask that request is intercepted, the access request to be verified is otherwise sent to corresponding receiving terminal.As can be seen here, according to getting
Multiple history access request data generation checking models, by verifying whether model can verify the access request from access end
For machine behavior, and the access request to belonging to machine behavior intercepts, and user tests without be inputted when sending access request
Code is demonstrate,proved to be proved to be artificial behavior, reduces attaching operation of the user when accessing webpage, so as to improve the use of user
Experience.
2nd, in embodiments of the present invention, can be by two kinds of acquisition modes when obtaining history access request data
Any or all of acquisition for carrying out history access request data, mode one is using website as object is obtained, and mode two is with user
To obtain object, although the mode that two kinds of acquisition modes obtain history access request data is different with data source, pass through two
History access request data accessed by kind of mode can generate checking model, and specific acquisition modes can be according to being actually needed
Flexibly determine, ensure that the applicability of the access request verification method.
3rd, in embodiments of the present invention, learning model is created by artificial intelligence technology, learning model will visit according to history
Ask that the standardized access request data that request data obtains is learnt as input data, learning model study each time terminates
Learning model is adjusted according to learning outcome afterwards, until the accuracy rate that learning model is verified to the source of access request
More than after default threshold value using learning model as checking model.The method analyzed by artificial intelligence and big data, using going through
History access request data obtains the checking model that can be verified to the source of access request so that checking model can be accurate
The source that authentication-access request is treated on ground is verified, ensures the standard that the access request verification method is verified to access request
True property.
4th, in embodiments of the present invention, after checking model is verified to the source of an access request to be verified, nothing
Source by the access request to be verified is machine program or artificial behavior, can be using the access request to be verified as defeated
Enter data input into checking model to be learnt, and according to learning outcome and the knot verified to the access request to be verified
Fruit, tuning is carried out to checking model, the accuracy rate that further lifting checking model is verified to the source of access request so that
The accuracy that the access request verification method is verified to access request is higher, ensures to access request transmitted by normal users
Normal execution, and ensure server normal work.
5th, in embodiments of the present invention, checking model is generated by including the history access request data of multiple parameters,
Allow checking model integrate parameters treat authentication-access request source verified, ensure that and treat authentication-access
The accuracy that the source of request is verified, the access request of machine behavior is entered so as to improve the access request verification method
The validity that row intercepts.
It should be noted that herein, such as first and second etc relational terms are used merely to an entity
Or operation makes a distinction with another entity or operation, and not necessarily require or imply and exist between these entities or operation
Any this actual relation or order.Moreover, term " comprising ", "comprising" or its any other variant be intended to it is non-
It is exclusive to include, so that process, method, article or equipment including a series of elements not only include those key elements,
But also the other element including being not expressly set out, or also include solid by this process, method, article or equipment
Some key elements.In the absence of more restrictions, the key element limited by sentence " including one ", is not arranged
Except other identical factor in the process including the key element, method, article or equipment being also present.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above method embodiment can pass through
Programmed instruction related hardware is completed, and foregoing program can be stored in computer-readable storage medium, the program
Upon execution, the step of execution includes above method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or light
Disk etc. is various can be with the medium of store program codes.
It is last it should be noted that:Presently preferred embodiments of the present invention is the foregoing is only, is merely to illustrate the skill of the present invention
Art scheme, is not intended to limit the scope of the present invention.Any modification for being made within the spirit and principles of the invention,
Equivalent substitution, improvement etc., are all contained in protection scope of the present invention.
Claims (10)
- A kind of 1. access request verification method, it is characterised in that at least one history access request data is obtained, and according to described At least one history access request data generation checking model, wherein, the checking model is used for the source of authentication-access request, Also include:Receive the access request to be verified that access end is sent;Verify whether the source of the access request to be verified is machine program by the checking model;If it is, the access request to be verified is intercepted;If not, the access request to be verified is issued into corresponding receiving terminal.
- 2. according to the method for claim 1, it is characterised in that described to obtain at least one history access request data, bag Include:Set log collection to act on behalf of at least one website, acted on behalf of by the log collection at least one website Request Log is acquired, and the history access request data is obtained from the Request Log;And/orReceive the history that at least one user voluntarily uploads and access data, accessed from the history and the history visit is obtained in data Ask request data.
- 3. according to the method for claim 1, it is characterised in that described according at least one history access request data Generation checking model, including:Structuring processing is carried out at least one history access request data and obtains Structured Interview request data;Data cleansing and data analysis are carried out to the Structured Interview request data, obtain standardized access request data;Learning model is created using back-propagation algorithm, the learning model is carried out by the standardized access request data Optimization, until the accuracy rate that the learning model is verified to the source of access request exceedes default threshold value, by Model is practised as the checking model.
- 4. according to the method for claim 1, it is characterised in that described by verifying that model verifies the access to be verified After whether the source of request is machine program, further comprise:According to the result and the access request to be verified verified to the access request to be verified, to the checking model Optimize processing.
- 5. according to any described method in Claims 1-4, it is characterised in thatThe history access request data includes:Each access request corresponding webpage residence time, each access Ask the mouse motion track on corresponding webpage, the time interval between adjacent access request and receive access request frequency In it is any one or more.
- 6. a kind of access request verifies device, it is characterised in that including:Model generation unit, request reception unit, requests verification Unit and requesting processing;The model generation unit, for obtaining at least one history access request data, and according at least one history Access request data generation checking model, wherein, the checking model is used for the source of authentication-access request;The request reception unit, for receiving the access request to be verified of access end transmission;The requests verification unit, for the checking model generated by the model generation unit, verify the request Whether the source for the access request to be verified that receiving unit receives is machine program;The requesting processing, for the result according to the requests verification unit, when the access request to be verified Source the request to be verified is intercepted when being machine program, when the source of the access request to be verified is not machine The access request to be verified is sent to corresponding receiving terminal during program.
- 7. device according to claim 6, it is characterised in that the model generation unit includes:Data acquisition subelement;The data acquisition subelement, for setting log collection to act on behalf of at least one website, pass through the log collection Act on behalf of and the Request Log of at least one website is acquired, and obtain the history access from the Request Log and ask Seek data;And/orThe data acquisition subelement, data are accessed for receiving the history that at least one user voluntarily uploads, and gone through from described History accesses in data and obtains the history access request data.
- 8. device according to claim 6, it is characterised in that the model generation unit includes:Data processing subelement;The data processing subelement, tied for carrying out structuring processing at least one history access request data Structure access request data, and data cleansing and data analysis acquisition standardization visit are carried out to the Structured Interview request data Request data is asked, and learning model is created using back-propagation algorithm, by the standardized access request data to described Learning model optimizes, until the accuracy rate that the learning model is verified to the source of access request exceedes default threshold Value, using the learning model as the checking model.
- 9. device according to claim 6, it is characterised in that further comprise:Model optimization unit;The model optimization unit, for the knot verified according to the requests verification unit to the access request to be verified Fruit and the access request to be verified, processing is optimized to the checking model of model generation unit generation.
- 10. a kind of access request verifies system, it is characterised in that including:Any described access request in claim 6 to 9 Verify device, at least one access end and at least one receiving terminal;Each described access end, for sending the access request to be verified to access request checking device;Each described receiving terminal, it is not Mechanically programm for receiving the corresponding source that the access request checking device is sent The access request to be verified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710993267.9A CN107508844A (en) | 2017-10-23 | 2017-10-23 | A kind of access request verification method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710993267.9A CN107508844A (en) | 2017-10-23 | 2017-10-23 | A kind of access request verification method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107508844A true CN107508844A (en) | 2017-12-22 |
Family
ID=60701954
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710993267.9A Pending CN107508844A (en) | 2017-10-23 | 2017-10-23 | A kind of access request verification method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107508844A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108259482A (en) * | 2018-01-04 | 2018-07-06 | 平安科技(深圳)有限公司 | Network Abnormal data detection method, device, computer equipment and storage medium |
CN111241518A (en) * | 2020-01-03 | 2020-06-05 | 北京字节跳动网络技术有限公司 | User authentication method, device, equipment and medium |
CN111435346A (en) * | 2019-01-14 | 2020-07-21 | 阿里巴巴集团控股有限公司 | Offline data processing method, device and equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102479298A (en) * | 2010-11-29 | 2012-05-30 | 北京奇虎科技有限公司 | Program identification method and device based on machine learning |
CN103218431A (en) * | 2013-04-10 | 2013-07-24 | 金军 | System and method for identifying and automatically acquiring webpage information |
CN103927483A (en) * | 2014-04-04 | 2014-07-16 | 西安电子科技大学 | Decision model used for detecting malicious programs and detecting method of malicious programs |
CN106257480A (en) * | 2015-06-05 | 2016-12-28 | 北京京东尚科信息技术有限公司 | A kind of method and device preventing the robot tool malicious access page |
CN106845224A (en) * | 2016-12-16 | 2017-06-13 | 华东师范大学 | A kind of rogue program identifying system |
-
2017
- 2017-10-23 CN CN201710993267.9A patent/CN107508844A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102479298A (en) * | 2010-11-29 | 2012-05-30 | 北京奇虎科技有限公司 | Program identification method and device based on machine learning |
CN103218431A (en) * | 2013-04-10 | 2013-07-24 | 金军 | System and method for identifying and automatically acquiring webpage information |
CN103927483A (en) * | 2014-04-04 | 2014-07-16 | 西安电子科技大学 | Decision model used for detecting malicious programs and detecting method of malicious programs |
CN106257480A (en) * | 2015-06-05 | 2016-12-28 | 北京京东尚科信息技术有限公司 | A kind of method and device preventing the robot tool malicious access page |
CN106845224A (en) * | 2016-12-16 | 2017-06-13 | 华东师范大学 | A kind of rogue program identifying system |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108259482A (en) * | 2018-01-04 | 2018-07-06 | 平安科技(深圳)有限公司 | Network Abnormal data detection method, device, computer equipment and storage medium |
CN108259482B (en) * | 2018-01-04 | 2019-05-28 | 平安科技(深圳)有限公司 | Network Abnormal data detection method, device, computer equipment and storage medium |
US11683330B2 (en) | 2018-01-04 | 2023-06-20 | Ping An Technology (Shenzhen) Co., Ltd. | Network anomaly data detection method and device as well as computer equipment and storage medium |
CN111435346A (en) * | 2019-01-14 | 2020-07-21 | 阿里巴巴集团控股有限公司 | Offline data processing method, device and equipment |
CN111435346B (en) * | 2019-01-14 | 2023-12-19 | 阿里巴巴集团控股有限公司 | Offline data processing method, device and equipment |
CN111241518A (en) * | 2020-01-03 | 2020-06-05 | 北京字节跳动网络技术有限公司 | User authentication method, device, equipment and medium |
CN111241518B (en) * | 2020-01-03 | 2023-03-24 | 北京字节跳动网络技术有限公司 | User authentication method, device, equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108121795B (en) | User behavior prediction method and device | |
CN103297435B (en) | A kind of abnormal access behavioral value method and system based on WEB daily record | |
US8566262B2 (en) | Techniques to filter media content based on entity reputation | |
CN104050178B (en) | A kind of anti-cheat method of Internet surveillance and device | |
Chu et al. | Blog or block: Detecting blog bots through behavioral biometrics | |
CN103635896A (en) | Predicting user navigation events | |
CN107888616A (en) | The detection method of construction method and Webshell the attack website of disaggregated model based on URI | |
CN104104649B (en) | The method of page login, apparatus and system | |
KR101790092B1 (en) | Systems and methods for creating and implementing an artificially intelligent agent or system | |
CN107918733A (en) | The system and method for detecting the malicious element of webpage | |
CN107508844A (en) | A kind of access request verification method, apparatus and system | |
CN108763274B (en) | Access request identification method and device, electronic equipment and storage medium | |
US20190132352A1 (en) | Nearline clustering and propagation of entity attributes in anti-abuse infrastructures | |
CN103618696B (en) | Method and server for processing cookie information | |
CN110113366A (en) | A kind of detection method and device of CSRF loophole | |
CN109241733A (en) | Crawler Activity recognition method and device based on web access log | |
CN107016132A (en) | A kind of online exam pool quality improving method, system and terminal device | |
CN113221163B (en) | Model training method and system | |
CN106776983A (en) | Search engine optimization apparatus and method | |
EP4189917A1 (en) | Techniques for identity data characterization for data protection | |
CN110286938A (en) | For exporting the method and apparatus for being directed to the evaluation information of user | |
CN115310510A (en) | Target safety identification method and device based on optimization rule decision tree and electronic equipment | |
CN108197194A (en) | A kind of processing method and system of information of reporting a case to the security authorities | |
CN116720841A (en) | Government affair information cooperative processing system based on multidimensional data | |
CN109509560A (en) | A kind of right management method, device, server and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171222 |
|
RJ01 | Rejection of invention patent application after publication |