CN107592300A - A kind of method and system of anti-robot attack - Google Patents
A kind of method and system of anti-robot attack Download PDFInfo
- Publication number
- CN107592300A CN107592300A CN201710700337.7A CN201710700337A CN107592300A CN 107592300 A CN107592300 A CN 107592300A CN 201710700337 A CN201710700337 A CN 201710700337A CN 107592300 A CN107592300 A CN 107592300A
- Authority
- CN
- China
- Prior art keywords
- transaction request
- access
- access control
- configuration parameter
- upper limit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention provides a kind of method and system of anti-robot attack, methods described includes:Receive Client-initiated transaction request;The configuration parameter of the transaction request is obtained, judges the transaction request whether by access control according to the configuration parameter;Transaction request is obtained access control rule corresponding to the transaction request by access control as described in;According to the access control rule, judging whether the access times of the transaction request reach in predetermined period allows the access upper limit;As reached the upper limit, then refuse the transaction request.The present invention can realize the control for single client, single session, and Control granularity is thinner, more accurate, robot program can be prevented to attack completely.
Description
Technical field
The present invention relates to network data communication security technology area, more particularly to a kind of method of anti-robot attack and it is
System.
Background technology
With the development of internet finance, increasing financial service can stay indoors, be completed on the net.Network
Information content and visit capacity show the trend of magnanimity growth, and financial system subjects huge access pressure.If can not to
The frequency of family request and effective time make control, user can frequently requests transaction at any time, be so easy to lead
Cause background server pressure excessive, cause network blockage.(such as machine is attacked in more serious situation, the access in face of some malice
People's program), in a short time largely initiate concurrent request when, server resource certainly will be caused to exhaust, machine of even delaying it is serious
Consequence.
Existing access control technology, some are limited using webserver (web server) connection number, had
Use control network bandwidth flow.But have the following disadvantages:Limited using http connection numbers, can only be on connection number be accessed
System is protected, it is impossible to the control of frequency is carried out for some session (session).Such as robot attacker
And many connection numbers need not be taken, but he understands the initiation transaction of high frequency, considerably beyond artificial frequency of interaction.
The content of the invention
In order to solve the above technical problems, the embodiments of the invention provide a kind of method and system of anti-robot attack.
On the one hand, the embodiments of the invention provide a kind of method of anti-robot attack, methods described to include:
Receive Client-initiated transaction request;
The configuration parameter of the transaction request is obtained, judges whether the transaction request is accessed according to the configuration parameter
Control;
Transaction request is obtained access control rule corresponding to the transaction request by access control as described in;
According to the access control rule, judge whether the access times of the transaction request reach permitting in predetermined period
Perhaps the upper limit is accessed;
As reached the upper limit, then refuse the transaction request.
In one embodiment, the configuration parameter of the transaction request is obtained, the transaction is judged according to the configuration parameter
Whether ask by access control, including:
Obtain market segment information, customer information, operator message and the channel information of the transaction request;
Judge the market segment information, customer information, operator message and channel information whether with predefined transaction
Configuration information is identical;
It is such as identical, judge the transaction request by access control;Otherwise not by access control.
In one embodiment, the configuration parameter of the transaction request is obtained, the transaction is judged according to the configuration parameter
Whether ask by access control, including:
The configuration parameter of the transaction request is obtained, whether judge includes access control in the configuration parameter states;
When the configuration parameter includes access control statement, judge the transaction request by access control;Otherwise not
By access control.
In one embodiment, the access control rule comprises at least one and accesses limitation, and each access limitation defines not
With the upper limit for allowing access times in the cycle, whether the access times for judging the transaction request reach in predetermined period
Allow to access the upper limit, including:
Query history accesses record, judges whether the current accessed number of the transaction request exceedes each access and limit respectively
The upper limit of permission access times in its predetermined period.
In one embodiment, the access upper limit is allowed when the access times of the transaction request are not up in predetermined period
When, methods described also includes:Update history access record.
On the other hand, the embodiment of the present invention also provides a kind of system of anti-robot attack, and the system includes:
Information receiving unit, for receiving Client-initiated transaction request;
Access control judging unit, for obtaining the configuration parameter of the transaction request, judged according to the configuration parameter
Whether the transaction request is by access control;
Rule unit, when the transaction request is by access control, for obtaining corresponding to the transaction request
Access control rule;
Access control filter element, for according to the access control rule, judging the access times of the transaction request
Whether allow access the upper limit, such as reached the upper limit, then refused the transaction request if reaching in predetermined period.
In one embodiment, the access control judging unit is specifically used for:
Obtain market segment information, customer information, operator message and the channel information of the transaction request;
Judge the market segment information, customer information, operator message and channel information whether with predefined transaction
Configuration information is identical, such as identical, the transaction request is judged by access control, otherwise not by access control.
In one embodiment, the access control judging unit is additionally operable to:
The configuration parameter of the transaction request is obtained, whether judge includes access control in the configuration parameter states;
When the configuration parameter includes access control statement, judge the transaction request by access control;Otherwise not
By access control.
In one embodiment, the access control rule comprises at least one and accesses limitation, and each access limitation defines not
With the upper limit for allowing access times in the cycle, the access control filter element is specifically used for:
Query history accesses record, judges whether the current accessed number of the transaction request exceedes each access and limit respectively
The upper limit of permission access times in its predetermined period.
In one embodiment, the system also includes:
Updating block, for allowing the access upper limit when the access times of the transaction request are not up in predetermined period
When, update history access record.
The present invention can realize the control for single client, single session, and Control granularity is thinner, more accurate, completely may be used
To prevent robot program from attacking.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of the method for anti-robot attack provided in an embodiment of the present invention;
Fig. 2 is the structural representation of the system of anti-robot attack provided in an embodiment of the present invention;
Fig. 3 is the system logic architecture schematic diagram for the anti-robot attack that another embodiment of the present invention provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other under the premise of creative work is not made
Embodiment, belong to the scope of protection of the invention.
Fig. 1 is the schematic flow sheet of the method for anti-robot attack provided in an embodiment of the present invention, as shown in figure 1, the party
Method mainly includes the following steps that:
Step 101, Client-initiated transaction request is received.
User can initiate a specific transaction request from client, such as browser, be inquired about as historical trading is detailed, or
Person's money transfer transactions etc..Transaction composition generally includes transaction id, trading template and the configuration parameter of transaction.Transaction id, which is used to refer to, to be handed over
Easy type, for representing to log in type of transaction or inquiry type of transaction, or other types of transaction.Trading template definition is handed over
The object of disposable flow.The configuration parameter of transaction includes market segment information, customer information, operator message and channel information
Deng for further being handled the transaction request after receiving the transaction request from the background.It should be noted that either merchandise
ID, or trading template, or configuration parameter, configured by backstage when user initiates transaction request, and do not need user to enter
Row operation.
Step 102, the configuration parameter of the transaction request is obtained, judges that the transaction request is according to the configuration parameter
It is no by access control.
To prevent robot from attacking, the configuration parameter in being asked from the background according to customer transaction, the transaction request is judged
Whether merchandised by access control, if the transaction request is by access control, then handled according to step 103.Otherwise,
Respond the transaction request and (carry out step 106).
Step 103, when the transaction request is by access control, obtain access control corresponding to the transaction request and advise
Then.
In embodiments of the present invention, for different transaction requests, different access control rules can be pre-set,
When determining that transaction request receives access control, judged according to step 104.Above-mentioned access control rule comprises at least a visit
Limitation is asked, it is each to access the upper limit for limiting and defining and allowing access times in different cycles, for example, at most accessing 10 in 30 minutes
It is secondary, or at most access 100 times for one day, wherein, the cycle is referred within 30 minutes and 1 day, 10 times and 100 times are then above-mentioned two weeks
Maximum access times in phase.
According to specific transaction scene, business background, user's usage amount etc., suitable access control policy is defined, can
Meet user's request, and can protection system resource.
Such as:System provides historical trading inquiry and the function of downloading, and is specially:User input query time range,
System inquires about qualified historical trading to client from database, while provides the function of downloading exel files.During inquiry
Between scope be generally 1 year, therefore historical trading volume may be very big, after some time it is possible to reach hundreds of, thousands of notes records.If not to changing
Transaction is controlled, and client frequently clicks on inquiry, downloaded, then server will ceaselessly inquire about database, can cause a large amount of
IO (input and output), take more system resource, the situation of most serious, client is ceaselessly clicked on by robot program and looked into
Inquiry, download can exhaust server resource, until machine of delaying.
If taking access control, for example at most allow a customer inquiries within 5 minutes and download once, then can
To protect system resource, while it also disclosure satisfy that the demand of client.
Step 104, according to the access control rule, judge whether the access times of the transaction request reach default week
Allow the access upper limit in phase.
When it is implemented, needing query history to access record, with reference to history access record, the transaction request is judged respectively
Current accessed number whether exceed the upper limit that each access is limited in permission access times in its predetermined period.For example, judge
Whether whether the access times in 30 minutes are more than 10 times for the access request, and exceeded in intraday access times
100 times.If access times are no more than 10 times in 30 minutes, total access times are also no more than 100 times in one day, then ring
Should transaction request (step 106).
Step 105, as reached the upper limit, then the transaction request is refused.
For example, if access times of a certain transaction request in 30 minutes are more than 10 times, or in intraday visit
Number is asked more than 100 times, then in order to prevent robot from attacking, the transaction request need to be refused.
The present invention can realize the control for single client, single session, and Control granularity is thinner, more accurate, completely may be used
To prevent robot program from attacking.
In one embodiment, step 102 from the configuration parameter of the transaction request when it is implemented, first can obtain
Market segment information, customer information, operator message and channel information, then judge the market segment information, customer information,
Whether operator message and channel information are identical with predefined transaction configuration information, if identical, judge the transaction request
By access control, otherwise not by access control.Wherein, the market that predefined transaction configuration information is included by access control is thin
Point, client, operator and channel.The embodiment of the present invention is equivalent to one " blacklist " has been pre-defined, if above-mentioned transaction please
The same type configuration parameter asked is consistent with relevant parameter that should be in " blacklist ", then illustrates the transaction request by access control,
Need to do it further checking, judge whether it meets corresponding access control rule.
In another embodiment, not all transaction is required for using above-mentioned " blacklist " mechanism, and whether transaction
It is controlled to be configured by the way of statement.In implementation steps 102, the configuration ginseng of transaction request can be first obtained
Number, whether judge includes access control in the configuration parameter states, if stated including access control, judges the transaction request
By access control.
In one embodiment, when above-mentioned transaction request is to be merchandised by access control, and access times are not up to default
In cycle allow access the upper limit when, it is necessary to update history access record.
Based on the method identical inventive concept with anti-robot attack shown in Fig. 1, the embodiment of the present invention additionally provides one
The system of Zhong Fang robots attack, shown in face embodiment specific as follows.In the principle and Fig. 1 that solve technical problem due to the system
The method of anti-robot attack is similar, therefore the implementation of the system may refer to the implementation of Tu1Fang robots attack method, repeat
Part repeats no more.
In another embodiment, present invention also offers a kind of system of anti-robot attack, the structural representation of the system
Figure is as shown in Fig. 2 it mainly includes information receiving unit 201, access control judging unit 202, Rule unit 203 and visited
Ask control filter element 204.
Wherein, information receiving unit 201 is used to receive Client-initiated transaction request.Access control judging unit 202 is used
In the configuration parameter for obtaining the transaction request, judge the transaction request whether by access control according to the configuration parameter.
Rule unit 203 accesses control when the transaction request is by access control, for obtaining corresponding to the transaction request
System rule.Access control filter element 204 is used for the access times for according to the access control rule, judging the transaction request
Whether allow access the upper limit, such as reached the upper limit, then refused the transaction request if reaching in predetermined period.
In one embodiment, access control judging unit 202 is specifically used for:Obtain the market segments of the transaction request
Information, customer information, operator message and channel information;Judge the market segment information, customer information, operator message and
Whether channel information is identical with predefined transaction configuration information, such as identical, judges the transaction request by access control, otherwise
Not by access control.
In another embodiment, access control judging unit 202 is additionally operable to:Obtain the configuration ginseng of the transaction request
Number, whether judge includes access control in the configuration parameter states;When the configuration parameter includes access control statement,
Judge the transaction request by access control;Otherwise not by access control.
In one embodiment, above-mentioned access control rule comprises at least one and accesses limitation, each to access limitation regulation
Allow the upper limits of access times in different cycles, now, access control filter element 204 is specifically used for:Query history accesses
Record, judges whether the current accessed number of the transaction request exceedes the permission that each access is limited in its predetermined period respectively
The upper limit of access times, if it exceeds allowing the upper limit of access times in any predetermined period, then refuse the transaction request and return
Return a prompt message.
In one embodiment, above-mentioned system also includes a updating block 205 (not shown in Fig. 2), for when the friendship
The access times easily asked be not up in predetermined period allow access the upper limit when, update history access record.
The present invention can realize the control for single client, single session, and Control granularity is thinner, more accurate, completely may be used
To prevent robot program from attacking.
BFWJ (Bank of China java classes application development framework) is a kind of MVC frameworks based on Spring-IOC containers, is
Possess the J2EE development platforms of high scalability, the embodiment of the present invention illustrates by taking BFWJ platforms as an example.When it is implemented, can be with
In the filter list of the responsibility chain of BFWJ platform trading templates, increase access-control filter (accessControlFilt
Er), when stating current transaction in the transaction request received to be merchandised by access control, the filter then can be according to transaction
Specified/corresponding access control rule verifies to the transaction request, allows transaction request to pass through if verifying and passing through no
Do not allow then.The logical architecture of the system defines trading processing stream as shown in figure 3, in figure 3, Template is trading template
The object of journey;Chain, which is scolded, appoints chain, is the chain table object for needing traversal to perform in trading template;FilterCommand refers to filtering
Device responsibility point;AccessControlFilter is access-control filter;DelegateCommand is responsibility as a representative point;
AccessControlRule is access control rule;Scope is scope, refers to the scope of access rule control;Period refers to week
Phase, it is cycle/frequency of access rule control.
, can be from the market segments, client, four scope of operator and channel (dimensions it is determined that during the customer range to be controlled
Degree) on define, using true or false this four dimensions is controlled, true represents control, and false represents not control,
Such as available following code carries out the setting of dimension:
When oimktIdJoin is false, subdivision of not controlling the market is represented;When custIdJoin is false, expression is not controlled
Client processed;When oprIdJoin is true, control operation person is represented;When chnlJoin is true, control channel is represented.
Limitation includes the cycle (Period) and maximum (maxcount) in the cycle, Period define what permission user accessed
Time range, two types are supported at present:With daily, maxCount defines the maximum allowed in specified period and accessed time slice
Number.
<Bean class=" com.bocnet.common.accesscontrol.AccessControlLimit ">
<Param name=" periodArgs ">30</param><!-- the cycle (when period type is PerDay, hh:
mm:ss-hh:mm:Ss, when period type is Section, the xx seconds) -->
<Param name=" periodType ">Section</param><!-- period type (PerDay:Daily.
Section:Time slice) -->
<Param name=" maxCount ">1</param><!-- maximum in the cycle -->
</bean>
The embodiment of the present invention is merchandised by way of statement to be configured to be merchandised by access control, for example, by more accounts
Historical trading inquiry transaction be arranged to controlled transaction, can in setting configuration access control configuration parameter, specific code
It is as follows:
<!-- more account historical Transaction Inquiries -- downloading file -->
Setting in above-mentioned configuration represents to be made that statement to this current transaction:Current transaction is controlled by access
System.Wherein, the ID of access control is acqDownLoad, and this ID is pair being present in another configuration file (xml)
As wherein containing the control range of access control, the control information such as frequency and cycle.Pass through the configuration in above-mentioned transaction request
Mode of the transaction by access control is stated in parameter in advance, when receiving the transaction request of user, first judges its configuration
State such as exist in parameter with the presence or absence of access control, then judge the transaction request to be merchandised by access control, it need to be done
Further checking.
When it is implemented, handling process approximately as:
Asked 1. user initiates network trading by browser, access certain A that only merchandises of system.
2. filter F ilterCommand checks whether transaction A configuration file states accessControl parameters, and
Corresponding configuration rule is found according to corresponding parameter.
3.AccessControlRule is controlled logic judgment, according to control rule, including period p eriod and number
Maxcount., while to data base querying history access record (i.e.:In current period, the number that has accessed) and
Maxcounter is compared, and allows to access if the upper limit is not reaching to, while updates access record;If reached, refuse
Access absolutely, return to prompt message.
When it is implemented, the embodiment of the present invention also includes an auxiliary and step of dealing with problems arising from an accident:The cleaning of history access record.Typically
For, nobody can use the access record more than more than 1 year again, there is no value, can clear up.While in order to
The performance and access efficiency of tables of data are considered, it is necessary to carry out cleaning backup.
Existing access control technology, some are limited using the connection number of web server, and some uses control network
Bandwidth traffic.But limited using http connection numbers, system can only be protected on connection number is accessed, it is impossible to be directed to
Some session carries out the control of frequency.For example robot attacker and many connection numbers need not be taken, but he can be high
The initiation transaction of frequency, considerably beyond artificial frequency of interaction.
For the present invention aiming at single client, the control of single session, Control granularity is thinner, more accurate, can hinder completely
Only robot program attacks.
It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, system or computer program
Product.Therefore, the present invention can use the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware
Apply the form of example.Moreover, the present invention can use the computer for wherein including computer usable program code in one or more
The computer program production that usable storage medium is implemented on (including but is not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention is the flow with reference to method according to embodiments of the present invention, equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that can be by every first-class in computer program instructions implementation process figure and/or block diagram
Journey and/or the flow in square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided
The processors of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that produced by the instruction of computer or the computing device of other programmable data processing devices for real
The device for the function of being specified in present one flow of flow chart or one square frame of multiple flows and/or block diagram or multiple square frames.
These computer program instructions, which may be alternatively stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction being stored in the computer-readable memory, which produces, to be included referring to
Make the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one square frame of block diagram or
The function of being specified in multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented processing, so as in computer or
The instruction performed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in individual square frame or multiple square frames.
Apply specific embodiment in the present invention to be set forth the principle and embodiment of the present invention, above example
Explanation be only intended to help understand the present invention method and its core concept;Meanwhile for those of ordinary skill in the art,
According to the thought of the present invention, there will be changes in specific embodiments and applications, in summary, in this specification
Appearance should not be construed as limiting the invention.
Claims (10)
- A kind of 1. method of anti-robot attack, it is characterised in that methods described includes:Receive Client-initiated transaction request;The configuration parameter of the transaction request is obtained, judges whether the transaction request is controlled by access according to the configuration parameter System;Transaction request is obtained access control rule corresponding to the transaction request by access control as described in;According to the access control rule, judge whether the access times of the transaction request reach allows to visit in predetermined period Ask the upper limit;As reached the upper limit, then refuse the transaction request.
- 2. the method for anti-robot attack according to claim 1, it is characterised in that obtain the configuration of the transaction request Parameter, whether the transaction request is judged by access control according to the configuration parameter, including:Obtain market segment information, customer information, operator message and the channel information of the transaction request;Judge whether the market segment information, customer information, operator message and channel information configure with predefined transaction Information is identical;It is such as identical, judge the transaction request by access control;Otherwise not by access control.
- 3. the method for anti-robot attack according to claim 1, it is characterised in that obtain the configuration of the transaction request Parameter, whether the transaction request is judged by access control according to the configuration parameter, including:The configuration parameter of the transaction request is obtained, whether judge includes access control in the configuration parameter states;When the configuration parameter includes access control statement, judge the transaction request by access control;Otherwise it is not interviewed Ask control.
- 4. the method for the anti-robot attack according to claim any one of 1-3, it is characterised in that the access control rule Then comprise at least one and access limitation, each upper limit for accessing limitation and defining permission access times in different cycles, the judgement The access times of the transaction request whether reach in predetermined period allow access the upper limit, including:Query history accesses record, judges whether the current accessed number of the transaction request exceedes each access and be limited in it respectively The upper limit of permission access times in predetermined period.
- 5. the method for anti-robot attack according to claim 4, it is characterised in that when the access time of the transaction request Number be not up to predetermined period in allow access the upper limit when, methods described also includes:Update history access record.
- 6. a kind of system of anti-robot attack, it is characterised in that the system includes:Information receiving unit, for receiving Client-initiated transaction request;Access control judging unit, for obtaining the configuration parameter of the transaction request, according to judging the configuration parameter Whether transaction request is by access control;Rule unit, when the transaction request is by access control, for obtaining access corresponding to the transaction request Control rule;Access control filter element, for according to the access control rule, judge the transaction request access times whether Reaching in predetermined period allows to access the upper limit, has such as reached the upper limit, has then refused the transaction request.
- 7. the system of anti-robot attack according to claim 6, it is characterised in that the access control judging unit tool Body is used for:Obtain market segment information, customer information, operator message and the channel information of the transaction request;Judge whether the market segment information, customer information, operator message and channel information configure with predefined transaction Information is identical, such as identical, the transaction request is judged by access control, otherwise not by access control.
- 8. the system of anti-robot attack according to claim 6, it is characterised in that the access control judging unit is also For:The configuration parameter of the transaction request is obtained, whether judge includes access control in the configuration parameter states;When the configuration parameter includes access control statement, judge the transaction request by access control;Otherwise it is not interviewed Ask control.
- 9. the system of the anti-robot attack according to claim any one of 6-8, it is characterised in that the access control rule Then comprise at least one and access limitation, each upper limit for accessing limitation and defining permission access times in different cycles, the access Control filter element is specifically used for:Query history accesses record, judges whether the current accessed number of the transaction request exceedes each access and be limited in it respectively The upper limit of permission access times in predetermined period.
- 10. the system of anti-robot attack according to claim 9, it is characterised in that the system also includes:Updating block, for when the access times of the transaction request be not up in predetermined period allow access the upper limit when, more New historical accesses record.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710700337.7A CN107592300A (en) | 2017-08-16 | 2017-08-16 | A kind of method and system of anti-robot attack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710700337.7A CN107592300A (en) | 2017-08-16 | 2017-08-16 | A kind of method and system of anti-robot attack |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107592300A true CN107592300A (en) | 2018-01-16 |
Family
ID=61042400
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710700337.7A Pending CN107592300A (en) | 2017-08-16 | 2017-08-16 | A kind of method and system of anti-robot attack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107592300A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108874948A (en) * | 2018-06-05 | 2018-11-23 | 中国农业银行股份有限公司 | A kind of site resource access method and device |
| CN109032052A (en) * | 2018-06-26 | 2018-12-18 | 上海常仁信息科技有限公司 | Emergency intelligence control system based on robot identity card |
| CN110287694A (en) * | 2019-06-26 | 2019-09-27 | 维沃移动通信有限公司 | Application management method, mobile terminal and storage medium |
| CN110413416A (en) * | 2019-07-31 | 2019-11-05 | 中国工商银行股份有限公司 | A kind of current-limiting method and device of distributed server |
| CN110618893A (en) * | 2019-09-26 | 2019-12-27 | 中国银行股份有限公司 | Transaction control method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478450A (en) * | 2009-02-12 | 2009-07-08 | 阿里巴巴集团控股有限公司 | Monitoring method and server for network user active degree |
| US20130031626A1 (en) * | 2011-07-29 | 2013-01-31 | Electronics And Telecommunications Research Institute | Methods of detecting dns flooding attack according to characteristics of type of attack traffic |
| CN103746987A (en) * | 2013-12-31 | 2014-04-23 | 东软集团股份有限公司 | Method and system for detecting DoS attack in semantic Web application |
| CN104980421A (en) * | 2014-10-15 | 2015-10-14 | 腾讯科技(深圳)有限公司 | Method and system for processing batch requests |
| CN106302318A (en) * | 2015-05-15 | 2017-01-04 | 阿里巴巴集团控股有限公司 | A kind of website attack defense method and device |
-
2017
- 2017-08-16 CN CN201710700337.7A patent/CN107592300A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478450A (en) * | 2009-02-12 | 2009-07-08 | 阿里巴巴集团控股有限公司 | Monitoring method and server for network user active degree |
| US20130031626A1 (en) * | 2011-07-29 | 2013-01-31 | Electronics And Telecommunications Research Institute | Methods of detecting dns flooding attack according to characteristics of type of attack traffic |
| CN103746987A (en) * | 2013-12-31 | 2014-04-23 | 东软集团股份有限公司 | Method and system for detecting DoS attack in semantic Web application |
| CN103746987B (en) * | 2013-12-31 | 2017-02-01 | 东软集团股份有限公司 | Method and system for detecting DoS attack in semantic Web application |
| CN104980421A (en) * | 2014-10-15 | 2015-10-14 | 腾讯科技(深圳)有限公司 | Method and system for processing batch requests |
| CN106302318A (en) * | 2015-05-15 | 2017-01-04 | 阿里巴巴集团控股有限公司 | A kind of website attack defense method and device |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108874948A (en) * | 2018-06-05 | 2018-11-23 | 中国农业银行股份有限公司 | A kind of site resource access method and device |
| CN108874948B (en) * | 2018-06-05 | 2021-04-02 | 中国农业银行股份有限公司 | Website resource access method and device |
| CN109032052A (en) * | 2018-06-26 | 2018-12-18 | 上海常仁信息科技有限公司 | Emergency intelligence control system based on robot identity card |
| CN109032052B (en) * | 2018-06-26 | 2020-09-22 | 上海常仁信息科技有限公司 | Emergency intelligent control system based on robot identity card |
| CN110287694A (en) * | 2019-06-26 | 2019-09-27 | 维沃移动通信有限公司 | Application management method, mobile terminal and storage medium |
| CN110413416A (en) * | 2019-07-31 | 2019-11-05 | 中国工商银行股份有限公司 | A kind of current-limiting method and device of distributed server |
| CN110413416B (en) * | 2019-07-31 | 2022-05-17 | 中国工商银行股份有限公司 | Current limiting method and device for distributed server |
| CN110618893A (en) * | 2019-09-26 | 2019-12-27 | 中国银行股份有限公司 | Transaction control method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107592300A (en) | A kind of method and system of anti-robot attack | |
| CN108322472B (en) | For providing method, system and the medium of identity based on cloud and access management | |
| US7818745B2 (en) | Dynamic transaction control within a host transaction processing system | |
| CN112116438A (en) | Multi-channel payment integration method, platform, equipment and medium | |
| CN107483418A (en) | Login process method, method for processing business, device and server | |
| CN108701182A (en) | The data management of multi-tenant identity cloud service | |
| US11132183B2 (en) | Software development platform for testing and modifying decision algorithms | |
| CN104899482B (en) | The method and apparatus of limitation batch request service | |
| US11379429B1 (en) | Computer-based systems configured for permission events management on a blockchain and methods of use thereof | |
| WO2021203858A1 (en) | Data application system security control method and system, and computer device | |
| US20180316774A1 (en) | Flow extension controller | |
| US11218469B2 (en) | Systems and methods for controlling personal information on online services | |
| CN110417888A (en) | Flow control methods, volume control device and electronic equipment | |
| EP1244272A2 (en) | Digital credential exchange | |
| US20210366043A1 (en) | System and method for exchanging currency | |
| CN109286630A (en) | Deng guarantor's processing method, device, equipment and storage medium | |
| CN110413918A (en) | Data transmission method for uplink, device, equipment and storage medium | |
| Iyengar | Dynamic argument embedding: Preserving state on the world wide web | |
| CN110110510A (en) | A kind of engineering calculation model management method based on cloud computing | |
| CN109213605A (en) | A kind of server I suitable for high concurrent scene/O implementation method | |
| CN114924783A (en) | Interface calling method, device, equipment and storage medium of application program | |
| Schuchmann | Designing a cloud architecture for an application with many users | |
| EP3803651A1 (en) | Secure digital safe deposit boxes and methods of use | |
| SE528217C2 (en) | Device and procedure in an electronic trading system | |
| CN110430263B (en) | Value added service processing system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180116 |
|
| RJ01 | Rejection of invention patent application after publication |