CN107508844A - A kind of access request verification method, apparatus and system - Google Patents

A kind of access request verification method, apparatus and system Download PDF

Info

Publication number
CN107508844A
CN107508844A CN201710993267.9A CN201710993267A CN107508844A CN 107508844 A CN107508844 A CN 107508844A CN 201710993267 A CN201710993267 A CN 201710993267A CN 107508844 A CN107508844 A CN 107508844A
Authority
CN
China
Prior art keywords
access request
data
verified
model
history
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710993267.9A
Other languages
Chinese (zh)
Inventor
李源
单震
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Inspur Cloud Service Information Technology Co Ltd
Original Assignee
Shandong Inspur Cloud Service Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Inspur Cloud Service Information Technology Co Ltd filed Critical Shandong Inspur Cloud Service Information Technology Co Ltd
Priority to CN201710993267.9A priority Critical patent/CN107508844A/en
Publication of CN107508844A publication Critical patent/CN107508844A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention provides a kind of access request verification method, apparatus and system, this method includes:At least one history access request data is obtained, and according at least one history access request data generation checking model, wherein, the checking model is used for the source of authentication-access request;Receive the access request to be verified that access end is sent;Verify whether the source of the access request to be verified is machine program by the checking model;If it is, the access request to be verified is intercepted;If not, the access request to be verified is issued into corresponding receiving terminal.The device includes:Model generation unit, request reception unit, requests verification unit and requesting processing.This programme can pass through the usage experience of user.

Description

A kind of access request verification method, apparatus and system
Technical field
The present invention relates to communication technical field, more particularly to a kind of access request verification method, apparatus and system.
Background technology
With the continuous development and progress of Internet technology, Internet technology be widely used in living and produce in it is each Individual field, for example internet ticket selling, register on the net, shopping online etc., brought great convenience for the life and production of people.Mutually Networking company will also prevent illegal user using machine program to application in addition to normal users to be are provided and easily serviced Or the malicious access that website is carried out, because the malicious access that machine program is carried out has the characteristics of frequency is high, flow is big, not only can Influence the access of normal users, it is also possible to server can be caused to delay the serious consequences such as machine.
At present, the malicious access of machine program is mainly prevented by way of identifying code is set, i.e., access end, which is sent, visits Asking needs to carry the identifying code that is shown by forms such as pictures of receiving terminal while request, only identifying code it is correct under the premise of connect Receiving end just can carry out subsequent treatment to access request.
Although by setting identifying code to prevent the malicious access of machine program, normal users send access every time It is required for being manually entered identifying code during request, causes the usage experience of user poor.
The content of the invention
The embodiments of the invention provide a kind of access request verification method, apparatus and system, it is possible to increase the use of user Experience.
In a first aspect, the embodiments of the invention provide a kind of access request verification method, obtain at least one history and access Request data, and according at least one history access request data generation checking model, wherein, the checking model is used for The source of authentication-access request, in addition to:
Receive the access request to be verified that access end is sent;
Verify whether the source of the access request to be verified is machine program by the checking model;
If it is, the access request to be verified is intercepted;
If not, the access request to be verified is issued into corresponding receiving terminal.
Alternatively, at least one history access request data of acquisition, including:
Set log collection to act on behalf of at least one website, acted on behalf of by the log collection at least one net The Request Log stood is acquired, and the history access request data is obtained from the Request Log.
Alternatively, at least one history access request data of acquisition, including:
Receive the history that at least one user voluntarily uploads and access data, access from the history and gone through described in being obtained in data History access request data.
Alternatively, it is described according at least one history access request data generation checking model, including:
Structuring processing is carried out at least one history access request data and obtains Structured Interview request data;
Data cleansing and data analysis are carried out to the Structured Interview request data, obtain standardized access number of request According to;
Learning model is created using back-propagation algorithm, by the standardized access request data to the learning model Optimize, until the accuracy rate that the learning model is verified to the source of access request exceedes default threshold value, by institute Learning model is stated as the checking model.
Alternatively, it is described by verify model verify the access request to be verified source whether be machine program it Afterwards, further comprise:
According to the result and the access request to be verified verified to the access request to be verified, to the checking Model optimizes processing.
Alternatively,
The history access request data includes:Each access request corresponding webpage residence time, each Time interval between mouse motion track of the access request on corresponding webpage, adjacent access request and receive access request It is any one or more in frequency.
Second aspect, the embodiment of the present invention additionally provide a kind of access request checking device, including:Model generation unit, Request reception unit, requests verification unit and requesting processing;
The model generation unit, for obtaining at least one history access request data, and according to described at least one History access request data generation checking model, wherein, the checking model is used for the source of authentication-access request;
The request reception unit, for receiving the access request to be verified of access end transmission;
The requests verification unit, for the checking model generated by the model generation unit, described in checking Whether the source for the access request to be verified that request reception unit receives is machine program;
The requesting processing, for the result according to the requests verification unit, when the access to be verified The request to be verified is intercepted when the source of request is machine program, when the source of the access request to be verified is not The access request to be verified is sent to corresponding receiving terminal during machine program.
Alternatively,
The model generation unit includes:Data acquisition subelement;
The data acquisition subelement, for setting log collection to act on behalf of at least one website, pass through the daily record Collection agent is acquired to the Request Log of at least one website, and is obtained the history from the Request Log and visited Ask request data.
Alternatively,
The data acquisition subelement, it is further used for receiving the history access data that at least one user voluntarily uploads, And accessed from the history in data and obtain the history access request data.
Alternatively,
The model generation unit includes:Data processing subelement;
The data processing subelement, obtained for carrying out structuring processing at least one history access request data Structured Interview request data is obtained, and data cleansing and data analysis acquisition standard are carried out to the Structured Interview request data Change access request data, and learning model is created using back-propagation algorithm, pass through the standardized access request data pair The learning model optimizes, and is preset until the accuracy rate that the learning model is verified to the source of access request exceedes Threshold value, using the learning model as the checking model.
Alternatively,
Access request checking device further comprises:Model optimization unit;
The model optimization unit, for being verified according to the requests verification unit to the access request to be verified Result and the access request to be verified, to the model generation unit generation the checking model optimize processing.
The third aspect, the embodiment of the present invention additionally provide a kind of access request checking system, including:Above-mentioned second aspect carries Any one access request checking device, at least one access end and at least one receiving terminal supplied;
Each described access end, for sending the access request to be verified to access request checking device;
Each described receiving terminal, it is not mechanical journey for receiving the corresponding source that the access request checking device is sent The access request to be verified of sequence.
Access request verification method provided in an embodiment of the present invention, apparatus and system, can by history access request data To determine whether the source of corresponding history access request is machine program, therefore can be given birth to according to multiple history access request datas Into the checking model for authentication-access request source, after the access request to be verified of access end transmission is received, by The checking model of generation verifies whether the source of access request to be verified is machine program, if access request to be verified is come Source is machine program, then the access request to be verified is intercepted, and is otherwise sent to the access request to be verified corresponding Receiving terminal.As can be seen here, according to the multiple history access request datas generation checking model got, by verifying that model can be with Verify whether the access request from access end is machine behavior, and the access request to belonging to machine behavior intercepts, and uses Family to be proved to be artificial behavior, it is attached when accessing webpage need not to reduce user by input validation code when sending access request Operation, so as to improve the usage experience of user.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are the present invention Some embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis These accompanying drawings obtain other accompanying drawings.
Fig. 1 is a kind of flow chart for access request verification method that one embodiment of the invention provides;
Fig. 2 is the flow chart for another access request verification method that one embodiment of the invention provides;
Fig. 3 is the schematic diagram of equipment where a kind of access request checking device that one embodiment of the invention provides;
Fig. 4 is a kind of schematic diagram for access request checking device that one embodiment of the invention provides;
Fig. 5 is the schematic diagram for another access request checking device that one embodiment of the invention provides;
Fig. 6 is the schematic diagram for another access request checking device that one embodiment of the invention provides;
Fig. 7 is the schematic diagram for another access request checking device that one embodiment of the invention provides;
Fig. 8 is a kind of schematic diagram for access request checking system that one embodiment of the invention provides.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, rather than whole embodiments, based on the embodiment in the present invention, those of ordinary skill in the art The every other embodiment obtained on the premise of creative work is not made, belongs to the scope of protection of the invention.
As shown in figure 1, the embodiments of the invention provide a kind of access request verification method, this method can include following step Suddenly:
Step 101:At least one history access request data is obtained, and according at least one history access request number Model is verified according to generation, wherein, the checking model is used for the source of authentication-access request;
Step 102:Receive the access request to be verified that access end is sent;
Step 103:Verify whether the source of the access request to be verified is machine program by the checking model, such as Fruit is to perform step 104, otherwise performs step 105;
Step 104:The access request to be verified is intercepted, and terminates current process;
Step 105:The access request to be verified is issued into corresponding receiving terminal.
The embodiments of the invention provide a kind of access request verification method, can be determined pair by history access request data Whether the source for answering history access request is machine program, therefore can be generated according to multiple history access request datas for testing The checking model in access request source is demonstrate,proved, after the access request to be verified of access end transmission is received, is tested by what is generated Model of a syndrome verifies whether the source of access request to be verified is machine program, if the source of access request to be verified is machine Program, then the access request to be verified is intercepted, the access request to be verified is otherwise sent to corresponding receiving terminal.By This is visible, according to the multiple history access request datas generation checking model got, is come from by verifying that model can be verified Whether the access request of access end is machine behavior, and the access request to belonging to machine behavior intercepts, user without Input validation code reduces attaching operation of the user when accessing webpage to be proved to be artificial behavior when sending access request, from And the usage experience of user can be improved.
Alternatively, on the basis of access request verification method shown in Fig. 1, history access request number is obtained in step 101 According to when, history access request data can be obtained by following two modes:
Mode one:History access request data is obtained by gathering the Request Log of website;
Mode two:Data are accessed to obtain history access request data by using the history of family active upload.
The method for obtaining history access request data to above two separately below is described in detail:
For mode one:
Log collection is set to act on behalf of at least one website, the Request Log by log collection agency to each website Be acquired, by carrying out finishing analysis to the Request Log that is collected, remove including hash, will be remaining Part worth of data is as history access request data.
After setting log collection to act on behalf of on a website, by log collection, agency can gather multiple users to the net Request Log when station conducts interviews, and multiple users that the website conducts interviews are included with normal users and disabled user, The mode of normal users manually sends access request to the website, and disabled user is sent to the website by machine program and visited Ask request.Therefore the Request Log arrived by the log collection agent acquisition being arranged on multiple websites, including artificial access are gone Request Log corresponding to dynamic and machine access behavior, valuable data are obtained from these Request Logs please as history access Data generation checking model is sought, by artificially accessing corresponding to history access request data corresponding to behavior and machine access behavior Comparative analysis between history access request data, ensure that generated checking model can relatively accurately treat authentication-access The source of request is verified, that is, judges that user triggers manually during access request to be verified access request or machine program are touched The access request of hair.
Currently, set on website before log collection acts on behalf of, it is necessary to obtain being permitted for portal management side and website user Can, the legitimacy of guarantee Request Log gatherer process.
For mode two:
Receive the history that multiple users voluntarily upload and access data, data are accessed by the history uploaded to each user Carry out finishing analysis, retain including the valuable data in part as history access request data.
Interface is uploaded by creating user so that user can voluntarily upload history when it conducts interviews to all kinds of websites Data are accessed, the history uploaded from user accesses the valuable data of extracting data and tested as the generation of history access request data Model of a syndrome.Include access data when user conducts interviews to multiple websites in the history access request that user is uploaded, can Access data during reflecting that same user conducts interviews to different web sites, so as to count access corresponding to artificial behavior The feature of request, checking model are verified the source of access request to be verified with this feature, can verify access request to be verified Source whether be artificial behavior, if not being then machine program.
Mode one gathers Request Log when each website is accessed by multiple users respectively using website as acquisition target, Valuable data are extracted from Request Log as history access request data, being accessed by history corresponding to artificial behavior please The contrast between history access request data corresponding to data and machine behavior is asked, whether generation can ask source with authentication-access For the checking model of machine program.Mode two gathers each user and multiple websites is carried out respectively using user as acquisition target History during access accesses data, and the valuable data of extracting data are accessed as history access request data from history, by Data are accessed in the history that user uploads and correspond to artificial behavior, so as to be given birth to by the history access request data got Into be able to verify that access request source whether be artificial behavior checking model, and the opposite of artificial behavior is machine journey Sequence, so as to which whether the checking model generated can be machine program with the source that authentication-access is asked.
, can be by any or all of in above two mode when obtaining history access request data, mode One using website as object is obtained, and mode two is using user as object is obtained, although two kinds of acquisition modes obtain history access request number According to mode and data source it is different, but checking mould can be generated by history access request data accessed by two ways Type, specific acquisition modes can ensure that the applicability of the access request verification method according to flexible determination is actually needed.
Alternatively, on the basis of access request verification method shown in Fig. 1, being accessed in step 101 according to each history please When seeking data generation checking model, carry out structuring processing acquisition structuring to each history access request data respectively first and visit Request data is asked, data cleansing is then carried out to each Structured Interview request data and data analysis obtains corresponding standardize Access request data, learning model then is created using back-propagation algorithm, by standardized access request data to learning mould Type optimizes, until after the accuracy rate that learning model is verified to the source of access request exceedes default threshold value, will learn Model is practised as checking model.
First, structuring processing is carried out to each history access request data obtains Structured Interview request data, can be with The each Structured Interview request data got is subjected to unified storage, is easy to the system to each Structured Interview request data One management and subsequent treatment.
Second, data cleansing and data point are carried out to each Structured Interview request data by big data processing method Analysis, standardized access request data corresponding to acquisition so that different standardized access request datas have identical form, just In subsequently each standardized access request data is learnt as input data.
Third, back-propagation algorithm (Backpropagation algorithm, BP algorithm) is in the case where there is tutor's guidance, Suitable for a kind of learning algorithm of multilayer neural networks.Back-propagation algorithm is one kind of inspection and guidance division learning algorithm, using anti- Learning model can be created to propagation algorithm, learning model is learnt using standardized access request data as input data, Actual conditions (artificial behavior or machine behavior) corresponding to learning outcome and standardized access request data are carried out to score Analysis, can be adjusted, the learning model after being adjusted is again using standardized access request data as defeated to learning model Enter data to be learnt, until after learning model is to the rate of accuracy reached that the source of access request is verified to default threshold value, Learning model can relatively accurately judge that the source of access request is artificial behavior or machine behavior (machine program), now Verified in the source that authentication-access request can be treated using learning model as checking model.
Learning model, the standard that learning model will obtain according to history access request data are created by artificial intelligence technology Change access request data as input data to be learnt, learning model learns after terminating according to learning outcome to study each time Model is adjusted, until the accuracy rate that learning model is verified to the source of access request will be learned after exceeding default threshold value Model is practised as checking model.The method analyzed by artificial intelligence and big data, energy is obtained using history access request data The checking model that enough sources to access request are verified so that checking model can treat authentication-access request exactly Source is verified, ensures the accuracy that the access request verification method is verified to access request.
Alternatively,, can also be according to to be tested after step 103 on the basis of access request verification method shown in Fig. 1 The result and access request to be verified that card access request is verified, processing is optimized to checking model.
After checking model is verified to the source of an access request to be verified, no matter the access request to be verified Source is machine program or artificial behavior, can be input to checking model using the access request to be verified as input data In learnt, and according to learning outcome and the result verified to the access request to be verified, checking model is adjusted Accuracy rate excellent, that further lifting checking model is verified to the source of access request so that the access request verification method The accuracy verified to access request is higher, ensures the normal execution to access request transmitted by normal users, Yi Jibao Demonstrate,prove the normal work of server.
Alternatively, on the basis of access request verification method shown in Fig. 1, history access request data can include each Individual access request corresponding webpage mouse motion track on corresponding webpage of residence time, each access request, It is any one or more in time interval and reception access request frequency between adjacent access request.
Disabled user by machine program to webpage when being conducted interviews, typically to can be with higher frequency to net Page carries out connected reference, and now residence time of the access request on corresponding webpage is shorter, and normal users are manually grasped When the mode of work conducts interviews to webpage, residence time of the access request on corresponding webpage is longer.Therefore will can access Ask a parameter of the residence time as authentication-access request source on corresponding webpage.
Disabled user generally realizes web page operation, mouse when being conducted interviews by machine program to webpage by code Without track or there is unified track, and normal users, when manually mode of operation conducts interviews to webpage, user passes through mouse Mark and realize web page operation, mouse track is complicated and changeable.Therefore can be by mouse moving rail of the access request on corresponding webpage A parameter of the mark as authentication-access request source.
The frequency of time interval and reception access request between adjacent access request has reacted access end and has sent access The speed of request, machine program sends the speed of access request, and normal users manually operate transmission access request, The speed for sending access request is slower.Therefore can be by the time interval between adjacent access request and the frequency of reception access request Parameter as authentication-access request source.
According to including residence time, access request mouse on corresponding webpage of the access request in corresponding webpage Time interval between motion track, adjacent access request and receive any one or more parameters in access request frequency History access request data generates checking model, and checking model includes the regime values scope corresponding to each parameter, Verify model by the way that the parameters that access request to be verified includes and above-mentioned parameters are contrasted, it may be determined that to be tested Whether the source for demonstrate,proving access request is machine program.History access request data by including multiple parameters generates checking mould Type so that checking model can integrate parameters treat authentication-access request source verified, ensure that to be verified The accuracy that the source of access request is verified, please so as to improve access of the access request verification method to machine behavior Seek the validity intercepted.
Below exemplified by the access request for webpage, access request verification method provided in an embodiment of the present invention is made It is further described, as shown in Fig. 2 this method may comprise steps of:
Step 201:Obtain multiple history access request datas.
In an embodiment of the invention, multiple history access request datas for webpage are obtained, each history is visited Ask that request data can include mouse of residence time, access request of the access request in corresponding webpage on corresponding webpage It is part or all of in time interval and reception access request frequency between motion track, adjacent access request.It is specific to obtain The method of history access request data, log collection can be set to act on behalf of on multiple websites, be acted on behalf of by log collection to each The Request Log of individual website is acquired, and history access request data is obtained from Request Log;Multiple users can also be received The history voluntarily uploaded accesses data, is accessed from history and history access request data is obtained in data;Above-mentioned two can also be passed through The combination of kind of mode obtains history access request data.
For example, setting log collection to act on behalf of on 50 websites, getting 8000 history by log collection agency visits Request data is asked, the history to be conducted interviews to webpage that 200 users voluntarily upload is received and accesses data, gone through from what user uploaded History, which accesses, obtains 2000 history access request datas in data, obtain 10000 history access request datas altogether.
Step 202:History access request data is handled, obtains standardized access request data, and will standardization Access request data is stored into database.
In an embodiment of the invention, edit analysis is carried out to each history access request data respectively, protected Stay the valuable data of which part to carry out structuring processing and obtain Structured Interview request data, and the structuring of acquisition is visited Ask request data storage into volatile data base;The structuring being stored in volatile data base is visited using big data processing method Ask that request data carries out data cleansing and data analysis, obtain standardized access request data, and each bar of acquisition is standardized Access request data is stored into database.
For example, 10000 history access request datas are carried out respectively edits, structuring processing, data cleansing and Data analysis, standardized access request data corresponding to each history access request data is obtained, and by 10000 of acquisition In standardized access request data data storage storehouse.
Step 203:Learning model is created using back-propagation algorithm.
In an embodiment of the invention, utilization orientation pass-algorithm creates a learning model, and the learning model can be with Learnt using input data, to obtain the ability verified to the source of access request.
Step 204:Learning model is optimized using the standardized access request data stored in database, tested Model of a syndrome.
In an embodiment of the invention, after learning model is created, standardized access number of request is read from database Learning model is inputted according to as input data, learning model is learnt using input data.After once study terminates, it will obtain Learning outcome be compared with actual conditions, learning model is adjusted according to result, make its learning outcome and The degree of conformity of actual conditions is higher, the step of repeating above-mentioned study and adjust, until learning model enters to the source of access request The accuracy rate of row checking exceedes default threshold value, using learning model now as checking model.
For example, input study mould using stored in database 10000 standardized access request datas as input data After type, learning model is learnt using the input data of input, after learning outcome and actual conditions are compared really It is 50% to determine the accuracy rate that learning model is verified to the source of access request, and learning model is adjusted according to analysis result After whole, learnt again using 10000 standardized access request datas as input data input learning model.Passing through After 100 study, the accuracy rate that learning model is verified to the source of access request exceedes default accuracy rate threshold value 98%, Using learning model now as checking model.
Step 205:The access request to be verified that each access end of real-time reception is sent.
In an embodiment of the invention, after obtaining and verifying model, each access end of real-time reception send to target The access request that webpage conducts interviews is as access request to be verified.
Step 206:By verifying whether the source that model separately verifies each access request to be verified is machine program, If it is, performing step 207, step 208 is otherwise performed.
In an embodiment of the invention, for each accessing request information to be verified received, by verifying mould Type is verified to the source of the access request to be verified, if the source of the access request to be verified is machine program, i.e., should Access request to be verified is to be triggered by machine program and formed, and step 207 is performed for the access request to be verified, if should The source of access request to be verified is artificial behavior, i.e., the access request to be verified is manually formed by normal users , perform step 208 for the access request to be verified.
Step 207:Treat authentication-access request to be intercepted, alert, and perform step 209.
In an embodiment of the invention, verifying that the source that model verifies an access request to be verified is machine journey After sequence, the access request to be verified is intercepted, and administrative staff's hair of webpage is accessed to the access request to be verified Go out warning message.
Step 208:Access request to be verified is sent to corresponding receiving terminal.
In an embodiment of the invention, verifying that the source that model verifies an access request to be verified is not machine After program, according to the access request to be verified webpage to be accessed, the access request to be verified is sent to corresponding reception End.
Step 209:According to access request to be verified and the result, processing is optimized to checking model.
In an embodiment of the invention, for each access request to be verified, no matter verify model checking to be tested Whether the source for demonstrate,proving access request is machine program, using the access request to be verified as input data input validation model, Checking model is learnt using the access request to be verified, the standard verified with lifting checking model to access request source True property.
As shown in Figure 3, Figure 4, the embodiments of the invention provide a kind of access request to verify device.Device embodiment can lead to Software realization is crossed, can also be realized by way of hardware or software and hardware combining.For hardware view, as shown in figure 3, being A kind of hardware structure diagram of equipment where access request checking device provided in an embodiment of the present invention, except the processing shown in Fig. 3 Outside device, internal memory, network interface and nonvolatile memory, the equipment in embodiment where device can also generally include Other hardware, such as it is responsible for the forwarding chip of processing message.Exemplified by implemented in software, as shown in figure 4, being anticipated as a logic Device in justice, it is to be read corresponding computer program instructions in nonvolatile memory by the CPU of equipment where it Operation is formed in internal memory.The access request checking device that the present embodiment provides, including:Model generation unit 401, request receive Unit 402, requests verification unit 403 and requesting processing 404;
Model generation unit 401, visited for obtaining at least one history access request data, and according at least one history Request data generation checking model is asked, wherein, checking model is used for the source of authentication-access request;
Request reception unit 402, for receiving the access request to be verified of access end transmission;
Requests verification unit 403, for the checking model generated by model generation unit 401, checking request receives single Whether the source for the access request to be verified that member 402 receives is machine program;
Requesting processing 404, for the result according to requests verification unit 403, when access request to be verified Checking request is treated when source is machine program to be intercepted, and will be treated when the source of access request to be verified is not machine program Authentication-access request is sent to corresponding receiving terminal.
Alternatively, on the basis of access request shown in Fig. 4 verifies device, as shown in figure 5, model generation unit 401 is wrapped Include:Data acquisition subelement 4011;
Data acquisition subelement 4011, for setting log collection to act on behalf of at least one website, pass through log collection Act on behalf of and the Request Log of at least one website is acquired, and history access request data is obtained from Request Log.
Alternatively, as shown in figure 5, data acquisition subelement 4011 can be also used for receiving at least one user and voluntarily upload History access data, and from history access data in obtain history access request data.
Alternatively, on the basis of access request shown in Fig. 4 verifies device, as shown in fig. 6, model generation unit 401 is wrapped Include:Data processing subelement 4012;
Data processing subelement 4012, tied for carrying out structuring processing at least one history access request data Structure access request data, and standardized access is obtained to the progress data cleansing of Structured Interview request data and data analysis and asked Data are sought, and learning model is created using back-propagation algorithm, learning model is carried out by standardized access request data Optimization, until the accuracy rate that learning model is verified to the source of access request exceedes default threshold value, learning model is made To verify model.
Alternatively, on the basis of access request shown in Fig. 4 verifies device, as shown in fig. 7, the access request verifies device It can also include:Model optimization unit 705;
Model optimization unit 705, for treating the result verified of authentication-access request according to requests verification unit 403 With access request to be verified, the checking model generated to model generation unit 401 optimizes processing.
The contents such as the information exchange between each unit, implementation procedure in said apparatus, due to implementing with the inventive method Example is based on same design, and particular content can be found in the narration in the inventive method embodiment, and here is omitted.
As shown in figure 8, one embodiment of the invention provides a kind of access request checking system, including:Above-described embodiment Any one access request checking device 801, at least one access end 802 and at least one receiving terminal 803 provided;
Each access end 802, for sending access request to be verified to access request checking device 801;
Each receiving terminal 803, it is not Mechanically programm for receiving the corresponding source that access request checking device 801 is sent Access request to be verified.
It should be noted that the content such as information exchange, implementation procedure in said system between each device, due to this Inventive method embodiment is based on same design, and particular content can be found in the narration in the inventive method embodiment, no longer superfluous herein State.
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, including execute instruction, when the processor of storage control is held During the row execute instruction, the storage control performs the access request verification method that above-mentioned each embodiment provides.
The embodiment of the present invention additionally provides a kind of storage control, including:Processor, memory and bus;
The memory is used to store execute instruction, and the processor is connected with the memory by the bus, when During the storage control operation, the execute instruction of memory storage described in the computing device, so that the storage Controller performs the access request verification method that above-mentioned each embodiment provides.
In summary, access request verification method, the apparatus and system that each embodiment of the present invention provides, at least have such as Lower beneficial effect:
1st, in embodiments of the present invention, the source of corresponding history access request can be determined by history access request data Whether it is machine program, therefore the checking that source is asked for authentication-access can be generated according to multiple history access request datas Model, after the access request to be verified of access end transmission is received, visit to be verified is verified by the checking model generated Whether the source for asking request is machine program, if the source of access request to be verified is machine program, to the visit to be verified Ask that request is intercepted, the access request to be verified is otherwise sent to corresponding receiving terminal.As can be seen here, according to getting Multiple history access request data generation checking models, by verifying whether model can verify the access request from access end For machine behavior, and the access request to belonging to machine behavior intercepts, and user tests without be inputted when sending access request Code is demonstrate,proved to be proved to be artificial behavior, reduces attaching operation of the user when accessing webpage, so as to improve the use of user Experience.
2nd, in embodiments of the present invention, can be by two kinds of acquisition modes when obtaining history access request data Any or all of acquisition for carrying out history access request data, mode one is using website as object is obtained, and mode two is with user To obtain object, although the mode that two kinds of acquisition modes obtain history access request data is different with data source, pass through two History access request data accessed by kind of mode can generate checking model, and specific acquisition modes can be according to being actually needed Flexibly determine, ensure that the applicability of the access request verification method.
3rd, in embodiments of the present invention, learning model is created by artificial intelligence technology, learning model will visit according to history Ask that the standardized access request data that request data obtains is learnt as input data, learning model study each time terminates Learning model is adjusted according to learning outcome afterwards, until the accuracy rate that learning model is verified to the source of access request More than after default threshold value using learning model as checking model.The method analyzed by artificial intelligence and big data, using going through History access request data obtains the checking model that can be verified to the source of access request so that checking model can be accurate The source that authentication-access request is treated on ground is verified, ensures the standard that the access request verification method is verified to access request True property.
4th, in embodiments of the present invention, after checking model is verified to the source of an access request to be verified, nothing Source by the access request to be verified is machine program or artificial behavior, can be using the access request to be verified as defeated Enter data input into checking model to be learnt, and according to learning outcome and the knot verified to the access request to be verified Fruit, tuning is carried out to checking model, the accuracy rate that further lifting checking model is verified to the source of access request so that The accuracy that the access request verification method is verified to access request is higher, ensures to access request transmitted by normal users Normal execution, and ensure server normal work.
5th, in embodiments of the present invention, checking model is generated by including the history access request data of multiple parameters, Allow checking model integrate parameters treat authentication-access request source verified, ensure that and treat authentication-access The accuracy that the source of request is verified, the access request of machine behavior is entered so as to improve the access request verification method The validity that row intercepts.
It should be noted that herein, such as first and second etc relational terms are used merely to an entity Or operation makes a distinction with another entity or operation, and not necessarily require or imply and exist between these entities or operation Any this actual relation or order.Moreover, term " comprising ", "comprising" or its any other variant be intended to it is non- It is exclusive to include, so that process, method, article or equipment including a series of elements not only include those key elements, But also the other element including being not expressly set out, or also include solid by this process, method, article or equipment Some key elements.In the absence of more restrictions, the key element limited by sentence " including one ", is not arranged Except other identical factor in the process including the key element, method, article or equipment being also present.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above method embodiment can pass through Programmed instruction related hardware is completed, and foregoing program can be stored in computer-readable storage medium, the program Upon execution, the step of execution includes above method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or light Disk etc. is various can be with the medium of store program codes.
It is last it should be noted that:Presently preferred embodiments of the present invention is the foregoing is only, is merely to illustrate the skill of the present invention Art scheme, is not intended to limit the scope of the present invention.Any modification for being made within the spirit and principles of the invention, Equivalent substitution, improvement etc., are all contained in protection scope of the present invention.

Claims (10)

  1. A kind of 1. access request verification method, it is characterised in that at least one history access request data is obtained, and according to described At least one history access request data generation checking model, wherein, the checking model is used for the source of authentication-access request, Also include:
    Receive the access request to be verified that access end is sent;
    Verify whether the source of the access request to be verified is machine program by the checking model;
    If it is, the access request to be verified is intercepted;
    If not, the access request to be verified is issued into corresponding receiving terminal.
  2. 2. according to the method for claim 1, it is characterised in that described to obtain at least one history access request data, bag Include:
    Set log collection to act on behalf of at least one website, acted on behalf of by the log collection at least one website Request Log is acquired, and the history access request data is obtained from the Request Log;
    And/or
    Receive the history that at least one user voluntarily uploads and access data, accessed from the history and the history visit is obtained in data Ask request data.
  3. 3. according to the method for claim 1, it is characterised in that described according at least one history access request data Generation checking model, including:
    Structuring processing is carried out at least one history access request data and obtains Structured Interview request data;
    Data cleansing and data analysis are carried out to the Structured Interview request data, obtain standardized access request data;
    Learning model is created using back-propagation algorithm, the learning model is carried out by the standardized access request data Optimization, until the accuracy rate that the learning model is verified to the source of access request exceedes default threshold value, by Model is practised as the checking model.
  4. 4. according to the method for claim 1, it is characterised in that described by verifying that model verifies the access to be verified After whether the source of request is machine program, further comprise:
    According to the result and the access request to be verified verified to the access request to be verified, to the checking model Optimize processing.
  5. 5. according to any described method in Claims 1-4, it is characterised in that
    The history access request data includes:Each access request corresponding webpage residence time, each access Ask the mouse motion track on corresponding webpage, the time interval between adjacent access request and receive access request frequency In it is any one or more.
  6. 6. a kind of access request verifies device, it is characterised in that including:Model generation unit, request reception unit, requests verification Unit and requesting processing;
    The model generation unit, for obtaining at least one history access request data, and according at least one history Access request data generation checking model, wherein, the checking model is used for the source of authentication-access request;
    The request reception unit, for receiving the access request to be verified of access end transmission;
    The requests verification unit, for the checking model generated by the model generation unit, verify the request Whether the source for the access request to be verified that receiving unit receives is machine program;
    The requesting processing, for the result according to the requests verification unit, when the access request to be verified Source the request to be verified is intercepted when being machine program, when the source of the access request to be verified is not machine The access request to be verified is sent to corresponding receiving terminal during program.
  7. 7. device according to claim 6, it is characterised in that the model generation unit includes:Data acquisition subelement;
    The data acquisition subelement, for setting log collection to act on behalf of at least one website, pass through the log collection Act on behalf of and the Request Log of at least one website is acquired, and obtain the history access from the Request Log and ask Seek data;
    And/or
    The data acquisition subelement, data are accessed for receiving the history that at least one user voluntarily uploads, and gone through from described History accesses in data and obtains the history access request data.
  8. 8. device according to claim 6, it is characterised in that the model generation unit includes:Data processing subelement;
    The data processing subelement, tied for carrying out structuring processing at least one history access request data Structure access request data, and data cleansing and data analysis acquisition standardization visit are carried out to the Structured Interview request data Request data is asked, and learning model is created using back-propagation algorithm, by the standardized access request data to described Learning model optimizes, until the accuracy rate that the learning model is verified to the source of access request exceedes default threshold Value, using the learning model as the checking model.
  9. 9. device according to claim 6, it is characterised in that further comprise:Model optimization unit;
    The model optimization unit, for the knot verified according to the requests verification unit to the access request to be verified Fruit and the access request to be verified, processing is optimized to the checking model of model generation unit generation.
  10. 10. a kind of access request verifies system, it is characterised in that including:Any described access request in claim 6 to 9 Verify device, at least one access end and at least one receiving terminal;
    Each described access end, for sending the access request to be verified to access request checking device;
    Each described receiving terminal, it is not Mechanically programm for receiving the corresponding source that the access request checking device is sent The access request to be verified.
CN201710993267.9A 2017-10-23 2017-10-23 A kind of access request verification method, apparatus and system Pending CN107508844A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710993267.9A CN107508844A (en) 2017-10-23 2017-10-23 A kind of access request verification method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710993267.9A CN107508844A (en) 2017-10-23 2017-10-23 A kind of access request verification method, apparatus and system

Publications (1)

Publication Number Publication Date
CN107508844A true CN107508844A (en) 2017-12-22

Family

ID=60701954

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710993267.9A Pending CN107508844A (en) 2017-10-23 2017-10-23 A kind of access request verification method, apparatus and system

Country Status (1)

Country Link
CN (1) CN107508844A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108259482A (en) * 2018-01-04 2018-07-06 平安科技(深圳)有限公司 Network Abnormal data detection method, device, computer equipment and storage medium
CN111241518A (en) * 2020-01-03 2020-06-05 北京字节跳动网络技术有限公司 User authentication method, device, equipment and medium
CN111435346A (en) * 2019-01-14 2020-07-21 阿里巴巴集团控股有限公司 Offline data processing method, device and equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102479298A (en) * 2010-11-29 2012-05-30 北京奇虎科技有限公司 Program identification method and device based on machine learning
CN103218431A (en) * 2013-04-10 2013-07-24 金军 System and method for identifying and automatically acquiring webpage information
CN103927483A (en) * 2014-04-04 2014-07-16 西安电子科技大学 Decision model used for detecting malicious programs and detecting method of malicious programs
CN106257480A (en) * 2015-06-05 2016-12-28 北京京东尚科信息技术有限公司 A kind of method and device preventing the robot tool malicious access page
CN106845224A (en) * 2016-12-16 2017-06-13 华东师范大学 A kind of rogue program identifying system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102479298A (en) * 2010-11-29 2012-05-30 北京奇虎科技有限公司 Program identification method and device based on machine learning
CN103218431A (en) * 2013-04-10 2013-07-24 金军 System and method for identifying and automatically acquiring webpage information
CN103927483A (en) * 2014-04-04 2014-07-16 西安电子科技大学 Decision model used for detecting malicious programs and detecting method of malicious programs
CN106257480A (en) * 2015-06-05 2016-12-28 北京京东尚科信息技术有限公司 A kind of method and device preventing the robot tool malicious access page
CN106845224A (en) * 2016-12-16 2017-06-13 华东师范大学 A kind of rogue program identifying system

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108259482A (en) * 2018-01-04 2018-07-06 平安科技(深圳)有限公司 Network Abnormal data detection method, device, computer equipment and storage medium
CN108259482B (en) * 2018-01-04 2019-05-28 平安科技(深圳)有限公司 Network Abnormal data detection method, device, computer equipment and storage medium
US11683330B2 (en) 2018-01-04 2023-06-20 Ping An Technology (Shenzhen) Co., Ltd. Network anomaly data detection method and device as well as computer equipment and storage medium
CN111435346A (en) * 2019-01-14 2020-07-21 阿里巴巴集团控股有限公司 Offline data processing method, device and equipment
CN111435346B (en) * 2019-01-14 2023-12-19 阿里巴巴集团控股有限公司 Offline data processing method, device and equipment
CN111241518A (en) * 2020-01-03 2020-06-05 北京字节跳动网络技术有限公司 User authentication method, device, equipment and medium
CN111241518B (en) * 2020-01-03 2023-03-24 北京字节跳动网络技术有限公司 User authentication method, device, equipment and medium

Similar Documents

Publication Publication Date Title
CN108121795B (en) User behavior prediction method and device
CN103297435B (en) A kind of abnormal access behavioral value method and system based on WEB daily record
US8566262B2 (en) Techniques to filter media content based on entity reputation
CN104050178B (en) A kind of anti-cheat method of Internet surveillance and device
Chu et al. Blog or block: Detecting blog bots through behavioral biometrics
CN103635896A (en) Predicting user navigation events
CN107888616A (en) The detection method of construction method and Webshell the attack website of disaggregated model based on URI
CN104104649B (en) The method of page login, apparatus and system
KR101790092B1 (en) Systems and methods for creating and implementing an artificially intelligent agent or system
CN107918733A (en) The system and method for detecting the malicious element of webpage
CN107508844A (en) A kind of access request verification method, apparatus and system
CN108763274B (en) Access request identification method and device, electronic equipment and storage medium
US20190132352A1 (en) Nearline clustering and propagation of entity attributes in anti-abuse infrastructures
CN103618696B (en) Method and server for processing cookie information
CN110113366A (en) A kind of detection method and device of CSRF loophole
CN109241733A (en) Crawler Activity recognition method and device based on web access log
CN107016132A (en) A kind of online exam pool quality improving method, system and terminal device
CN113221163B (en) Model training method and system
CN106776983A (en) Search engine optimization apparatus and method
EP4189917A1 (en) Techniques for identity data characterization for data protection
CN110286938A (en) For exporting the method and apparatus for being directed to the evaluation information of user
CN115310510A (en) Target safety identification method and device based on optimization rule decision tree and electronic equipment
CN108197194A (en) A kind of processing method and system of information of reporting a case to the security authorities
CN116720841A (en) Government affair information cooperative processing system based on multidimensional data
CN109509560A (en) A kind of right management method, device, server and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171222

RJ01 Rejection of invention patent application after publication