CN107743078B

CN107743078B - network data monitoring method, device and system

Info

Publication number: CN107743078B
Application number: CN201611005380.3A
Authority: CN
Inventors: 张小龙
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd; Tencent Cloud Computing Beijing Co Ltd
Priority date: 2016-11-15
Filing date: 2016-11-15
Publication date: 2020-01-31
Anticipated expiration: 2036-11-15
Also published as: CN107743078A

Abstract

The embodiment of the invention discloses network data monitoring methods, devices and systems, wherein the execution process of the network data to be monitored can be monitored, the obtained process information is converted into numbers according to a preset strategy, and the numbers are encrypted by adopting a preset encryption algorithm to be provided for a server so that the server can determine the execution condition of the network data to be monitored according to the encrypted data, and the scheme can improve the transmission efficiency, the safety and the interference resistance.

Description

network data monitoring method, device and system

Technical Field

The invention relates to the technical field of communication, in particular to a method, a device and a system for monitoring network data.

Background

In order to know the network condition in time to provide better network service, the execution condition of the network data of the front end needs to be monitored. There are a variety of existing network data monitoring methods, the most common of which is to collect "process information". By "process information" is meant the critical data involved in the execution of the network data.

In the prior art, regarding the collection of "process information", it is generally required to collect executed network data to be monitored in the execution process of each network data to be monitored, then segment the collected data, assemble the segmented data, and report the segmented data to the server one by one, and the server analyzes the received assembled data to determine a specific execution condition, thereby achieving the purpose of monitoring the network data to be monitored.

In the research and practice processes of the prior art, the inventor of the present invention finds that, because the existing scheme needs to continuously perform acquisition, assembly and reporting in the execution process of the network data to be monitored, more resources need to be occupied, the processing efficiency is low, the network data to be monitored is easy to crack, and the security is poor.

Disclosure of Invention

The embodiment of the invention provides network data monitoring methods, devices and systems, which can improve the processing efficiency, are not easy to crack and can greatly improve the safety.

The embodiment of the invention also provides a monitoring method for network data, which comprises the following steps:

monitoring an execution process of network data to be monitored to obtain process information;

converting the process information into numbers according to a preset strategy to obtain data to be encrypted;

encrypting the data to be encrypted by adopting a preset encryption algorithm to obtain encrypted data;

sending the encrypted data to a server so that the server can determine the execution condition of the network data to be monitored according to the encrypted data;

the encrypting the data to be encrypted by adopting a preset encryption algorithm to obtain encrypted data comprises the following steps:

acquiring a preset character string and a preset array model;

training the preset array model according to the data to be encrypted to obtain a target array;

traversing the target array, and searching corresponding characters from the preset character string based on a traversal result to obtain encrypted data;

the training the preset array model according to the data to be encrypted to obtain a target array comprises the following steps:

performing remainder operation on the data to be encrypted and then rounding to obtain an th calculation result;

performing modular operation on the data to be encrypted to obtain a second calculation result;

taking the th calculation result as a subscript of a preset array model to obtain a current array;

and shifting 1 to the left by the second calculation result to be used as the value of the current array to obtain a target array.

The embodiment of the present invention further provides another kinds of network data monitoring methods, including:

receiving encrypted data sent by a terminal;

decrypting the encrypted data by adopting a preset decryption algorithm to obtain decrypted numbers;

analyzing the meaning of the decrypted number according to a preset strategy to obtain process information;

determining the execution condition of the network data to be monitored according to the process information;

the decrypting the encrypted data by adopting the preset decryption algorithm to obtain the decrypted number comprises the following steps:

acquiring a preset character string;

traversing the encrypted data to determine the current character to be queried to obtain the current character;

acquiring the position information of the current character in the encrypted data to obtain th position information;

acquiring position information of the current character in the preset character string to obtain second position information;

and calculating the th position information and the second position information through a preset algorithm to obtain a decrypted number.

Correspondingly, an embodiment of the present invention further provides an apparatus for monitoring network data, including:

the monitoring unit is used for monitoring the execution process of the network data to be monitored to obtain process information;

the conversion unit is used for converting the process information into numbers according to a preset strategy to obtain data to be encrypted;

the encryption unit is used for encrypting the data to be encrypted by adopting a preset encryption algorithm to obtain encrypted data;

the sending unit is used for sending the encrypted data to a server so that the server can determine the execution condition of the network data to be monitored according to the encrypted data;

the encryption unit comprises an acquisition subunit, a training subunit and a search subunit;

the acquisition subunit is used for acquiring a preset character string and a preset array model;

the training subunit is used for training the preset array model according to the data to be encrypted to obtain a target array;

the searching subunit is used for traversing the target array and searching corresponding characters from the preset character string based on a traversal result to obtain encrypted data;

the training subunit is specifically configured to:

Correspondingly, an embodiment of the present invention further provides an apparatus for parsing network data, including:

the receiving unit is used for receiving the encrypted data sent by the terminal;

the decryption unit is used for decrypting the encrypted data by adopting a preset decryption algorithm to obtain decrypted numbers;

the analyzing unit is used for analyzing the meanings of the decrypted numbers according to a preset strategy to obtain process information;

the determining unit is used for determining the execution condition of the network data to be monitored according to the process information;

the decryption unit is specifically configured to:

acquiring a preset character string;

In addition, the embodiment of the present invention further provides a monitoring system for kinds of network data, including any monitoring device for kinds of network data and any analyzing device for kinds of network data, which are provided by the embodiment of the present invention.

The embodiment of the invention can monitor the execution process of the network data to be monitored, then convert the obtained process information into numbers according to the preset strategy, and encrypt the numbers by adopting the preset encryption algorithm so as to provide the numbers for the server, so that the server determines the execution condition of the network data to be monitored according to the encrypted data; in addition, a corresponding decryption scheme is also provided; the technical scheme can convert the process information into shorter numbers and then encrypt the numbers, so the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.

Fig. 1a is a schematic view of a network data monitoring system according to an embodiment of the present invention;

fig. 1b is a flowchart of a monitoring method of network data according to an embodiment of the present invention;

fig. 2 is another flowchart of a method for monitoring network data according to an embodiment of the present invention;

fig. 3a is a flowchart of a terminal side in a monitoring method of network data according to an embodiment of the present invention;

fig. 3b is a flowchart of a server side in the monitoring method for network data according to the embodiment of the present invention;

fig. 4 is a schematic structural diagram of a monitoring apparatus for network data according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a network data parsing apparatus according to an embodiment of the present invention;

fig. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention;

fig. 7 is a schematic structural diagram of a server according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only partial embodiments of of the present invention, rather than all embodiments.

The embodiment of the invention provides network data monitoring methods, devices and systems.

The monitoring system of network data may include any kinds of monitoring devices (referred to as monitoring devices for short) of network data provided in the embodiment of the present invention, and any kinds of parsing devices (referred to as parsing devices for short) of network data provided in the embodiment of the present invention.

For example, referring to fig. 1a, a terminal may monitor an execution process of network data to be monitored, then convert process information obtained through monitoring into a shorter number according to a preset policy, encrypt the shorter number by using a preset encryption algorithm, and send the encrypted number to a server, after the server receives the encrypted data sent by the terminal, decrypt the encrypted data by using a preset decryption algorithm to obtain a decrypted number, then analyze the meaning of the decrypted number according to the preset policy to obtain process information, and determine the execution condition of the network data to be monitored according to the process information, thereby achieving the purpose of transmitting the process information more quickly and safely.

The following are detailed below. The numbers in the following examples are not intended to limit the order of preference of the examples.

Examples ,

The embodiment will be described from the perspective of a monitoring device of network data, which may be embodied in a terminal and the like, where the terminal may include a mobile phone, a tablet Computer, a notebook Computer, or a Personal Computer (PC) and the like.

A method for monitoring network data includes such steps as monitoring the execution of network data to be monitored to obtain process information, converting it to digital according to predefined strategy to obtain data to be encrypted, encrypting the data to be encrypted by predefined encryption algorithm to obtain encrypted data, and sending the encrypted data to server for determining the execution of the network data to be monitored.

As shown in fig. 1b, the flow of the network data monitoring method may specifically be as follows:

101. and monitoring the execution process of the network data to be monitored to obtain process information.

For example, a monitoring process may be specifically invoked, and the monitoring process monitors an execution process of network data to be monitored, obtains process information, and the like.

The term "process information" refers to critical data involved in the execution of network data.

102. Converting the process information into numbers according to a preset strategy to obtain data to be encrypted; for example, the following may be specifically mentioned:

and extracting key information from the process information, matching the key information with preset appointed data, and determining the number corresponding to the matched verification information as data to be encrypted.

For example, it may be determined whether check information corresponding to the key information exists in the appointment data, if so, it is determined that check information corresponding to the key information exists, and it is determined that the check information corresponding to the key information is "matched check information", otherwise, it is determined that check information corresponding to the key information does not exist.

The appointed data can comprise the corresponding relation between the verification information and the number, so that the corresponding number can be obtained after the verification information is matched, and the purpose of converting the process information into the number is achieved.

For example, taking the verification information "submit purchase request" corresponding to the number "9" as an example, if the verification information matched with the current key information is "submit purchase request", at this time, the number "9" may be determined as the data to be encrypted, and so on.

The corresponding relationship between the check information and the number may be set according to the requirements of practical applications, and may be specifically formed by a terminal and a server in advance, so that when the server obtains the corresponding number, the server may also obtain the corresponding process information according to the agreed data, and so on, which is not described herein again.

Optionally, in addition to the above conversion method, other methods may also be used for conversion, for example, a Set method may be used for collecting process information, so as to obtain data to be encrypted, and the like. In the Set method, an exception attribute with a specified name may be Set to a specified value.

103. And encrypting the data to be encrypted by adopting a preset encryption algorithm to obtain encrypted data.

The preset encryption algorithm may be set according to the requirements of practical applications, for example, a word length (bit) bit algorithm may be adopted, as follows:

(1) and acquiring a preset character string and a preset array model.

The length of the preset character string and the array model can be set according to the requirements of the practical application, for example, the length of the character string can be specifically set to the power of K of 2 (i.e. 2^ K), for example, K can be set to 6, that is, the length of the character string is set to 64 bits, for example, also can be set to 7, that is, the length of the character string is set to 128 bits, and so on.

(2) And training the preset array model according to the data to be encrypted to obtain a target array. For example, the following may be used:

A. and performing remainder operation on the data to be encrypted, and then performing rounding to obtain a th calculation result.

For example, if the length of the character string is set to 64 bits (i.e. k is 6) in step (1), then the remainder of the data to be encrypted for 6 may be rounded at this time to obtain the th calculation result, which is expressed by the following formula:

Math.ceil(N/6)。

for another example, if the length of the character string is set to 128 bits (i.e. k is 7) in step (1), then, the remainder of the data to be encrypted for 7 may be rounded to obtain the th calculation result, which is expressed by the following formula:

Math.ceil(N/7)。

wherein, N is data to be encrypted.

B. And performing modular operation on the data to be encrypted to obtain a second calculation result.

For example, if the length of the character string is set to 64 bits (i.e. k is 6) in step (1), then the data to be encrypted may be modulo 6, and the second calculation result is expressed by the formula:

N％6。

for another example, if the length of the character string is set to 128 bits (i.e. k is 7) in step (1), then at this time, the data to be encrypted may be modulo 7, and the second calculation result is expressed by the formula:

N％7。

wherein, N is data to be encrypted.

C. And taking the th calculation result as a subscript of a preset array model to obtain a current array, and shifting 1 to the left to obtain the second calculation result as a value of the current array to obtain a target array.

For example, if the th calculation result is Math.ceil (N/6) and the second calculation result is N% 6, the target array is expressed as:

ary[Math.ceil(N/6)]＝1<<N％6。

where "1 < < N% 6" means that 1 is shifted to the left by N% 6, for example, taking N% 6 ═ 3 as an example, then 1 may be shifted to the left by 3 bits, that is, if it is "1", then it will become "1000", and so on.

It should be noted that, if two collected values (i.e., math.ceil (N/6)) are located in the same interval , for example, the remainders of math.ceil (8/6) and math.ceil (7/6) are both 1, and are located in the same interval , binary xor processing may be performed on them to perform correction, that is, the formula "ary [ math.ceil (N/6) ] -1 < < N% 6" of the target array may be corrected to:

ary[Math.ceil(N/6)]^＝1<<N％6。

(3) and traversing the target array, and acquiring corresponding characters from the preset character string based on the traversal result to obtain encrypted data.

For example, taking the length of the preset character string as 64 bits as an example, at this time, the target array may be traversed, and corresponding characters are obtained from the 64-bit character string based on a traversal result, as a result, to obtain the encrypted data.

104. And sending the encrypted data to a server so that the server can determine the execution condition of the network data to be monitored according to the encrypted data.

The encrypted data may be sent to a server for decryption and analysis to obtain process information of the network data to be monitored, so as to determine the execution condition of the network data to be monitored according to the process information.

As can be seen from the above, the embodiment may monitor the execution process of the network data to be monitored, then convert the obtained process information into a number according to a preset policy, which is used as the data to be encrypted, and encrypt the data to be encrypted by using a preset encryption algorithm, so as to provide the encrypted data to the server, so that the server determines the execution condition of the network data to be monitored according to the encrypted data; the technical scheme can convert the process information into shorter numbers and then encrypt the numbers, so the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

Example II,

The present embodiment will be described from the perspective of a network data analysis device, which may be embodied in a server or other equipment.

method for monitoring network data includes receiving encrypted data sent by terminal, deciphering the encrypted data by preset deciphering algorithm to obtain deciphered number, analyzing the meaning of the deciphered number according to preset strategy to obtain process information, and determining the execution condition of network data to be monitored according to the process information.

As shown in fig. 2, the flow of the network data monitoring method may specifically be as follows:

201. and receiving the encrypted data sent by the terminal.

The encrypted data is obtained by the terminal by converting and encrypting the process information of the network data to be monitored, which may be specifically referred to in embodiment , and is not described herein again.

202. And decrypting the encrypted data by adopting a preset decryption algorithm to obtain decrypted numbers.

The preset decryption algorithm may be set according to the requirements of practical applications, and is adapted to the encryption algorithm, for example, if a "bit algorithm" is used during encryption, then at this time, a corresponding "bit algorithm" may also be used for decryption, and for example, the preset decryption algorithm may specifically be as follows:

(1) and acquiring a preset character string.

The preset character string is the same as the preset character string used in encryption, and the length of the character string may be set according to the requirements of practical applications, for example, the length of the character string may be specifically set to 64 bits, and so on.

(2) And traversing the encrypted data to determine the current character to be queried to obtain the current character.

(3) And acquiring the position information of the current character in the encrypted data to obtain th position information.

For example, taking the current character as "a", at this time, position information of "a" in the encrypted data, such as Y, may be acquired, and th position information may be obtained.

(4) And acquiring the position information of the current character in the preset character string to obtain second position information.

For example, taking the current character as "a" as an example, at this time, the position information of "a" in the 64-bit string, such as X, may be obtained to obtain the second position information.

(5) And calculating the th position information and the second position information through a preset algorithm to obtain a decrypted number.

For example, the th position information may be converted into a binary number, a target remainder may be calculated based on the th position information converted into the binary number, then the second position information is subtracted by 1 and multiplied by a preset multiple to obtain a target base number, and the sum of the target base number and the target remainder may be calculated to obtain a decrypted number.

The step "calculating the target remainder from the th position information converted into the binary" may specifically be as follows:

and traversing 1 in th position information converted into binary, acquiring a position index corresponding to each 1, and respectively calculating the sum of each 1 and the corresponding position index to obtain a target remainder.

For example, for binary "110", in order from right to left, the th "1" is located at the second position, so its corresponding position index is "2", and the second "1" is located at the third position, so its corresponding position index is "3", and so on.

The preset multiple is matched with the modulo operation in encryption, for example, if "modulo 6" is used in encryption, then the preset multiple may be set to "6", and so on.

For example, taking the second location information as Y as an example, the target base number may be specifically as follows:

(Y-1)*6。

and adding each target remainders to the target base number to obtain corresponding decrypted numbers.

203. And analyzing the meaning of the decrypted number according to a preset strategy to obtain process information.

For example, the decrypted number may be matched with preset agreed data, and verification information corresponding to the matched number is used as key information and is merged with a preset text template to obtain process information.

The appointed data can comprise the corresponding relation between the verification information and the number, so that after the number is matched, the corresponding verification information can be obtained, and the key information of the process information can be obtained.

For example, taking the verification information "submit purchase request" corresponding to the number "9" as an example, if the currently matched number is "9", at this time, the key information of the process information may be determined, that is, the meaning of the number is "submit purchase request", and the key information is merged with the preset text template, so that complete process information may be obtained.

204. And determining the execution condition of the network data to be monitored according to the process information.

For example, if the process information indicates that user A "selects XX goods" and "submits a purchase request," then at this point, it may be determined that user A has purchased XX goods, and so on.

As can be seen from the above, in this embodiment, after receiving the encrypted data sent by the terminal, the encrypted data may be decrypted by using a preset decryption algorithm to obtain a decrypted number, then, the meaning of the decrypted number is analyzed according to a preset policy to obtain process information, and the execution condition of the network data to be monitored is determined according to the process information; in the scheme, the received encrypted data is digital, but not complete process information, so that the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

Example III,

The method according to examples and two is illustrated in detail below by way of example .

In this embodiment, a description will be given taking an example in which the monitoring device of the network data is specifically integrated in the terminal, and the analysis device of the network data is specifically integrated in the server. The monitoring device of the network data may be specifically installed in the terminal in the form of a client, or installed in the browser of the terminal in the form of a plug-in, that is, the terminal corresponds to a web front end of the monitoring system of the network data, and the server corresponds to a background of the monitoring system of the network data, and for convenience of description, the monitoring method of the network data will be described in detail below from the perspective of the terminal (i.e., the web front end) and the server (i.e., the background), respectively.

(1) A terminal;

as shown in fig. 3a, specific processes of the monitoring methods for network data may be as follows:

a301, the terminal monitors the execution process of the network data to be monitored to obtain process information.

A302, the terminal extracts key information from the process information, matches the key information with preset appointment data, and then executes step A303.

The appointed data may be appointed by the terminal and the server in advance, and may specifically include a correspondence between the verification information and the number.

For example, the terminal may determine whether there is check information corresponding to the key information in the provisioning data, determine that there is check information matching the key information if there is check information corresponding to the key information , determine that the check information corresponding to the key information is "matched check information", and then perform step a303, otherwise, determine that there is no check information matching the key information if there is no check information, and may generate and display prompt information indicating that the matching fails.

And A303, the terminal determines the matched number corresponding to the verification information as the data to be encrypted.

For example, taking the verification information "submit purchase request" corresponding to the number "9" as an example, if the verification information matched with the current key information is "submit purchase request", at this time, the number "9" may be determined as the data to be encrypted.

For another example, taking "choose XX goods" corresponding to the number "1" as an example, if the verification information matched with the current key information is "choose XX goods", at this time, the number "1" may be determined as data to be encrypted, and so on.

A304, the terminal obtains a preset character string and a preset array model.

The length of the preset character string and the array model may be set according to the requirements of the actual application, for example, the length of the character string may be specifically set to 64 bits, and the like. For convenience of description, in this embodiment, an example in which the length of each character string is specifically 64 bits is described.

A305, the terminal trains the preset array model according to the data to be encrypted to obtain a target array; for example, taking the data to be encrypted as N as an example, the following may be specifically used:

taking the remainder of the data N to be encrypted to 6, and then rounding to obtain the th calculation result, which may be as follows:

Math.ceil(N/6)；

and, performing modulo operation on the data N to be encrypted by 6 to obtain a second calculation result, which may be as follows:

N％6；

then, taking the th calculation result as a subscript of a preset array model to obtain a current array, and shifting 1 left by the second calculation result as a value of the current array to obtain a target array, that is, the following steps are performed:

ary[Math.ceil(N/6)]＝1<<N％6。

where "1 < < N% 6" indicates that 1 is shifted to the left by N% 6, for example, taking N% 6 ═ 3 as an example, then 1 may be shifted to the left by 3 bits, that is, if it is originally "1", then it will become "1000"; for another example, taking N% 6-2 as an example, 1 may be shifted left by 2 bits at this time, i.e. if it is "1", then it will become "100", and so on.

It should be noted that, if the two collected values (i.e., math.ceil (N/6)) are located in the same interval , binary xor processing may be performed on the two collected values to perform correction, that is, the formula "ary [ math.ceil (N/6) ] -1 < < N% 6" of the target array may be corrected as:

ary[Math.ceil(N/6)]^＝1<<N％6。

and A306, traversing the target array by the terminal, and acquiring corresponding characters from the preset character string based on the traversal result to obtain encrypted data.

For example, if an area [ math.ceil (N/6) ], is "1000", at this time, the fourth bit character may be obtained from the 64-bit string, as a result, for example, if the fourth bit character is "a", the character corresponding to the current value of the array is "a", and so on, characters corresponding to other values of the array may be obtained, and the obtained characters are sequentially output, so that corresponding encrypted data, such as "acance", may be obtained.

A307, the terminal transmits the encrypted data to the server.

For example, if the encrypted data obtained in step a306 is "abance", at this time, the terminal only needs to send the character string "abance" to the server, and does not need to send a large amount of procedure information.

(2) A server;

as shown in fig. 3b, specific processes of the monitoring methods for network data may be as follows:

b301, the server receives the encrypted data sent by the terminal.

B302, the server acquires the preset character string.

The preset character string is the same as the preset character string used in the terminal encryption, for example, if the length of the character string used by the terminal is 64 bits, then the same 64-bit character string also needs to be used at this time.

B303, the server traverses the encrypted data to determine the current character to be inquired, and then the current character is obtained.

For example, taking the encrypted data as the character string "abance" as an example, at this time, the characters in the character string "abance" may be sequentially queried, for example, the th character "a" is determined as the current character, after the current character "a" is decrypted and analyzed (i.e., steps B304 to B306 are executed), the second character "B" is continuously analyzed, and so on.

B304, the server acquires the position information of the current character in the encrypted data to obtain th position information.

B305, the server acquires the position information of the current character in the preset character string to obtain second position information.

The steps B304 and B305 may not be executed sequentially.

B306, the server calculates the th position information and the second position information through a preset algorithm to obtain decrypted numbers, then, the step B303 is executed again until all encrypted data are decrypted, and then the step B307 is executed.

For example, taking the th position information as X and the second position information as Y as an example, the following may be specifically mentioned:

(1) converting the th position information X into binary, traversing 1 in the th position information converted into binary, obtaining the position index corresponding to each 1, and then respectively calculating the sum of each 1 and the corresponding position index to obtain a target remainder.

For example, for binary "101", in order from right to left, the th "1" is located at bit , and thus the corresponding position index is "1", while the second "1" is located at the third bit, and thus the corresponding position index is "3", and so on.

(2) Subtracting 1 from the second position information Y, and multiplying by 6 to obtain a target base number, namely "(Y-1) × 6",

(3) and adding each target remainders to the target base number to obtain corresponding decrypted numbers.

B307, the server analyzes the meaning of the decrypted number according to a preset strategy to obtain process information, and then the step B308 is executed.

The contract data and the contract data adopted by the terminal correspond to, for example, the verification information "submit purchase request" corresponds to the number "9", if the currently matched number is "9", then the key information of the process information can be determined, that is, the meaning of the number is "submit purchase request", for example, the verification information "select XX goods" corresponds to the number "1", if the currently matched number is "1", then the key information of the process information, that is, the meaning of the number is "select XX goods", and so on.

B308, the server determines the execution condition of the network data to be monitored according to the process information.

As can be seen from the above, the embodiment may monitor the execution process of the network data to be monitored, then convert the monitored process information into numbers according to the preset policy, encrypt the numbers by using the preset encryption algorithm, and provide the encrypted numbers to the server, so that the server determines the execution condition of the network data to be monitored according to the encrypted data; in addition, a corresponding decryption method is also provided; the technical scheme can convert the process information into shorter numbers and then encrypt the numbers, so the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

Example four,

In order to better implement the above method, an embodiment of the present invention further provides kinds of monitoring devices for network data, which are abbreviated as monitoring devices, as shown in fig. 4, where the monitoring device for network data includes a monitoring unit 401, a converting unit 402, an encrypting unit 403, and a sending unit 404, as follows:

(1) a monitoring unit 401;

the monitoring unit 401 is configured to monitor an execution process of network data to be monitored, so as to obtain process information.

For example, the monitoring unit 401 may be specifically configured to invoke a monitoring process, monitor an execution process of network data to be monitored through the monitoring process, obtain process information, and the like.

(2) A conversion unit 402;

a converting unit 402, configured to convert the process information into a number according to a preset policy, so as to obtain data to be encrypted.

For example, the converting unit 402 may be specifically configured to extract key information from the process information, match the key information with preset agreed data, where the agreed data includes a correspondence between verification information and numbers, and determine the numbers corresponding to the matched verification information as data to be encrypted.

(3) An encryption unit 403;

an encrypting unit 403, configured to encrypt the data to be encrypted by using a preset encryption algorithm, so as to obtain encrypted data.

The preset encryption algorithm may be set according to the requirements of practical applications, for example, a "bit algorithm" may be adopted, that is, the encryption unit 403 may include an acquisition subunit, a training subunit, and a search subunit, as follows:

and the obtaining subunit is used for obtaining the preset character string and the preset array model.

The length of the preset character string and the array model may be set according to the requirements of the actual application, for example, the length of the character string may be specifically set to 64 bits, and the like.

And the training subunit is used for training the preset array model according to the data to be encrypted to obtain a target array.

For example, the training subunit may be specifically configured to perform a remainder operation on the data to be encrypted and then perform rounding to obtain an -th calculation result, perform a modulus operation on the data to be encrypted to obtain a second calculation result, use the -th calculation result as a subscript of a preset array model to obtain a current array, and shift 1 left the second calculation result as a value of the current array to obtain a target array.

For example, taking N as data to be encrypted, and taking the remainder and the modulus of 6 as examples, the training subunit may be specifically configured to:

taking the remainder of the data pair 6 to be encrypted, then rounding to obtain a th calculation result, such as Math.ceil (N/6), taking the modulus of the data pair 6 to be encrypted to a second calculation result, such as N% 6, then taking the th calculation result "Math.ceil (N/6)" as the subscript of a preset array model to obtain a current array, and moving 1 left by the second calculation result "N% 6" as the value of the current array to obtain a target array, as follows:

ary[Math.ceil(N/6)]＝1<<N％6。

wherein "1 < < N% 6" means that 1 is shifted to the left by N% 6.

And the searching subunit is used for traversing the target array and searching corresponding characters from the preset character string based on the traversal result to obtain the encrypted data.

For example, taking the length of the preset character string as 64 bits as an example, at this time, the searching subunit may traverse the target array, and obtain corresponding characters from the 64-bit character string as a result based on the traversal result, so as to obtain the encrypted data.

It should be noted that, if the two collected values are located in the same interval , the training subunit may perform binary xor processing on the two collected values to perform correction, that is, the formula "ary [ mat.ceil (N/6) ] -1 < < N% 6" of the target array may be corrected as:

ary[Math.ceil(N/6)]^＝1<<N％6。

(4) a transmission unit 404;

a sending unit 404, configured to send the encrypted data to the server, so that the server determines, according to the encrypted data, an execution condition of the network data to be monitored.

In a specific implementation, the above units may be implemented as independent entities, or may be combined arbitrarily to be implemented as or several entities, and the specific implementation of the above units may refer to the foregoing method embodiments, and is not described herein again.

The network data monitoring device may be embodied in a terminal and other devices, and the terminal may include a mobile phone, a tablet computer, a notebook computer, a PC and other devices.

As can be seen from the above, the monitoring unit 401 of the monitoring apparatus in this embodiment may monitor the execution process of the network data to be monitored, then the conversion unit 402 converts the process information obtained by the monitoring unit 401 into numbers according to the preset policy, the encryption unit 403 encrypts the numbers by using the preset encryption algorithm, and then the sending unit 404 sends the encrypted data to the server, so that the server decrypts and analyzes the encrypted data to determine the execution condition of the network data to be monitored; the technical scheme can convert the process information into shorter numbers and then encrypt the numbers, so the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

Example V,

Correspondingly, the embodiment of the present invention further provides kinds of parsing apparatuses for network data, which are abbreviated as parsing apparatuses, as shown in fig. 5, including a receiving unit 501, a decrypting unit 502, a parsing unit 503, and a determining unit 504, as follows:

(1) a receiving unit 501;

a receiving unit 501, configured to receive encrypted data sent by a terminal.

The encrypted data is obtained by the terminal by converting and encrypting the process information of the network data to be monitored, which may specifically refer to the foregoing embodiments and is not described herein again.

(2) A decryption unit 502;

the decryption unit 502 is configured to decrypt the encrypted data by using a preset decryption algorithm to obtain decrypted numbers.

the decryption unit 502 may be specifically configured to obtain a preset character string, traverse the encrypted data to determine a character to be queried currently to obtain a current character, obtain position information of the current character in the encrypted data to obtain th position information, obtain position information of the current character in the preset character string to obtain second position information, and calculate the th position information and the second position information through a preset algorithm to obtain a decrypted number.

For example, the decryption unit 502 may be specifically configured to convert the th position information into a binary system, calculate a target remainder according to the th position information converted into the binary system, subtract 1 from the second position information, multiply by a preset multiple to obtain a target base number, and calculate a sum of the target base number and the target remainder to obtain a decrypted number.

For example, the decryption unit 502 may be specifically configured to traverse 1 in th location information converted into binary, obtain a location index corresponding to each 1, and calculate a sum of each 1 and the corresponding location index respectively to obtain a target remainder.

For example, if a 64-bit character string "str" is used in encryption, then the 64-bit character string "str" also needs to be used at this time, and details are not described here. In addition, the preset multiple also needs to be matched with the modular operation in encryption, for example, the modular operation of 6 is adopted in encryption, and at this time, the multiple needs to be set to 6, that is, after subtracting 1 from the second position information, the multiple is multiplied by 6 to obtain the target base number, which is expressed by a formula:

(Y-1)*6；

wherein Y is the second position information.

(3) An analysis unit 503;

the parsing unit 503 is configured to parse the meaning of the decrypted number according to a preset policy to obtain process information.

For example, the parsing unit 503 may be specifically configured to match the decrypted number with preset appointment data, where the appointment data includes a correspondence between verification information and a number, and merge the verification information corresponding to the matched number as key information with a preset text template to obtain process information.

The contract data corresponds to the contract data used by the monitoring device, and the contract data may include a corresponding relationship between the verification information and the number, so that after the number is matched, the corresponding verification information can be obtained, and the key information of the process information can be obtained.

(4) A determination unit 504;

a determining unit 504, configured to determine, according to the process information, an execution condition of the network data to be monitored.

For example, if the process information indicates that user a "selects XX goods" and "submits a purchase request," at this time, the determination unit 504 may determine that user a has purchased XX goods, and so on.

The network data analysis device may be embodied in a device such as a server.

As can be seen from the above, in this embodiment, after receiving the encrypted data sent by the terminal, the decryption unit 502 decrypts the encrypted data by using the preset decryption algorithm to obtain the decrypted number, then, the parsing unit 503 parses the meaning of the decrypted number according to the preset policy to obtain the process information, and the determining unit 04 determines the execution condition of the network data to be monitored according to the process information; in the scheme, the received encrypted data is digital, but not complete process information, so that the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is improved. In addition, because the converted digit is encrypted during transmission, the transmission safety and the interference resistance are greatly improved.

Example six,

Correspondingly, the embodiment of the present invention further provides an monitoring system for network data, which may include any monitoring apparatuses and any parsing apparatuses provided in the embodiment of the present invention, specifically, refer to implementation four and implementation five, where the monitoring apparatuses may be integrated in devices such as a terminal, and the parsing apparatuses may be integrated in devices such as a server, for example, as follows:

the terminal is used for monitoring the execution process of the network data to be monitored to obtain process information, converting the process information into numbers according to a preset strategy to obtain data to be encrypted, encrypting the data to be encrypted by adopting a preset encryption algorithm to obtain encrypted data, and sending the encrypted data to the server.

The server is used for receiving the encrypted data sent by the terminal, decrypting the encrypted data by adopting a preset decryption algorithm to obtain decrypted numbers, analyzing the meanings of the decrypted numbers according to a preset strategy to obtain process information, and determining the execution condition of the network data to be monitored according to the process information.

The specific implementation of each device can be referred to the previous embodiment, and is not described herein again.

Since the monitoring system for network data may include any monitoring devices and any analyzing devices provided in the embodiment of the present invention, beneficial effects that can be achieved by any monitoring devices and any analyzing devices provided in the embodiment of the present invention can be achieved, which can be specifically referred to in the foregoing embodiments and are not described herein again.

Example seven,

In addition, kinds of terminals are provided in the embodiments of the present invention, as shown in fig. 6, the terminal may include a Radio Frequency (RF) circuit 601, a memory 602 including or or more computer-readable storage media, an input unit 603, a display unit 604, a sensor 605, an audio circuit 606, a Wireless Fidelity (WiFi) module 607, a processor 608 including or or more processing cores, and a power supply 609, and other components, as shown in fig. 6, it is understood by those skilled in the art that the terminal structure shown in fig. 6 does not constitute a limitation of the terminal, and may include more or less components than those shown, or some components in combination, or a different arrangement of components, where:

the RF circuit 601 may be used for receiving and transmitting signals during a message or call, and in particular, for receiving downlink information of a base station and then processing the downlink information by or or more processors 608, and further, for transmitting data related to uplink to the base station, generally, the RF circuit 601 includes, but is not limited to, an antenna, at least amplifiers, a tuner, or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, a Low Noise Amplifier (LNA, Low Noise Amplifier), a duplexer, etc. furthermore, the RF circuit 601 may also communicate with a network and other devices through wireless communication, which may use any communication standard or protocol, including but not limited to the Global System for Mobile communications (GSM), general packet Radio Service (GPRS, general packet Service (general packet Service), Code Division Multiple Access (CDMA, Code Division Multiple Access), Short message Service (SMS, Long term evolution), and Long Term Evolution (LTE), etc.

The memory 602 may be used to store software programs and modules, and the processor 608 executes various functional applications and data processing by operating the software programs and modules stored in the memory 602, the memory 602 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, application programs (such as a sound playing function, an image playing function, and the like) required for at least functions, and the like, and the storage data area may store data (such as audio data, a phonebook, and the like) created according to the use of the terminal, and the like.

The input unit 603 may be used to receive input numeric or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function controls, in particular, in specific embodiments, the input unit 603 may include a touch sensitive surface and other input devices, a touch sensitive surface, also referred to as a touch screen or touch pad, may collect touch operations by a user on or near the touch sensitive surface (such as operations by a user on or near the touch sensitive surface using a finger, stylus, or any other suitable object or attachment), and drive corresponding connection means according to a predetermined program.

, the touch-sensitive surface may cover the Display panel and, upon detecting a touch operation on or near the touch-sensitive surface, may be communicated to the processor 608 to determine a type of touch event and, subsequently, the processor 608 may provide a corresponding visual output on the Display panel based on the type of touch event.

The terminal can also comprise at least sensors 605, such as a light sensor, a motion sensor and other sensors, specifically, the light sensor can comprise an ambient light sensor and a proximity sensor, wherein the ambient light sensor can adjust the brightness of the display panel according to the brightness of ambient light, the proximity sensor can turn off the display panel and/or backlight when the terminal moves to the ear, as the motion sensor, the gravity acceleration sensor can detect the acceleration in all directions ( is three axes), can detect the gravity in the rest direction, can be used for identifying the application of the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration identification related functions (such as pedometer and knocking) and the like, and other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer and an infrared sensor and the like which can be configured on the terminal are not described herein again.

Audio circuit 606 may transmit electrical signals resulting from conversion of received audio data to the speaker for conversion to sound signals for output by the speaker, and the microphone may convert collected sound signals to electrical signals for conversion to audio data received by audio circuit 606 for processing by audio data output processor 608 for transmission via RF circuit 601 to another terminal, for example, or for output to memory 602 for further processing by .

WiFi belongs to short-distance wireless transmission technology, and the terminal can help a user to receive and send e-mails, browse webpages, access streaming media and the like through the WiFi module 607, and provides wireless broadband internet access for the user. Although fig. 6 shows the WiFi module 607, it is understood that it does not belong to the essential constitution of the terminal, and may be omitted entirely as needed within the scope not changing the essence of the invention.

The processor 608 is the control center of the terminal and connects various parts of the entire handset using various interfaces and lines to perform overall monitoring of the handset by running or executing software programs and/or modules stored in the memory 602 and invoking data stored in the memory 602 to perform various functions of the terminal and process the data, alternatively, the processor 608 may include or more processing cores, and preferably, the processor 608 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications.

The terminal also includes a power supply 609 (e.g., a battery) for powering the various components, which may preferably be logically connected to the processor 608 via a power management system to manage charging, discharging, and power consumption management functions via the power management system the power supply 609 may also include or or more dc or ac power sources, a recharging system, power failure detection circuitry, a power converter or inverter, a power status indicator, and any other components.

In this embodiment, the processor 608 in the terminal loads executable files corresponding to processes of or or more application programs into the memory 602 according to the following instructions, and the processor 608 runs the application programs stored in the memory 602, so as to implement various functions:

monitoring the execution process of the network data to be monitored to obtain process information, converting the process information into numbers according to a preset strategy to obtain data to be encrypted, encrypting the data to be encrypted by adopting a preset encryption algorithm to obtain encrypted data, and sending the encrypted data to a server so that the server can determine the execution condition of the network data to be monitored according to the encrypted data.

For example, the key information may be specifically extracted from the process information, the key information is matched with preset agreed data, and the number corresponding to the matched verification information is determined as the data to be encrypted; then, acquiring a preset character string and a preset array model, training the preset array model according to the data to be encrypted to obtain a target array, traversing the target array, and acquiring corresponding characters from the preset character string based on a traversal result to obtain encrypted data.

The above operations can be referred to the previous embodiments specifically, and are not described herein again.

As can be seen from the above, the terminal of this embodiment may monitor an execution process of network data to be monitored, then convert the obtained process information into a number according to a preset policy, and use the number as data to be encrypted, and encrypt the data to be encrypted by using a preset encryption algorithm to provide the encrypted data to the server, so that the server determines an execution condition of the network data to be monitored according to the encrypted data; the technical scheme can convert the process information into shorter numbers and then encrypt the numbers, so the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

Example eight,

Accordingly, the embodiment of the present invention further provides kinds of servers, as shown in fig. 7, which shows a schematic structural diagram of a server according to the embodiment of the present invention, specifically:

the server may include components such as memory 702 of processor 701, , or of more than or processing cores, memory 702 of computer readable storage medium, power source 703, and input unit 704 those skilled in the art will appreciate that the server architecture shown in FIG. 7 does not constitute a limitation of the server, may include more or less components than shown, or may combine certain components, or a different arrangement of components.

The processor 701 is the control center of the server, and connects various parts of the entire server using various interfaces and lines, and performs various functions of the server and processes data by operating or executing software programs and/or modules stored in the memory 702 and calling up the data stored in the memory 702, thereby performing overall monitoring of the server, alternatively, the processor 701 may include or more processing cores, and preferably, the processor 701 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, and the like, and a modem processor, which mainly handles wireless communication.

The memory 702 may be used to store software programs and modules, and the processor 701 may execute various functional applications and data processes by operating the software programs and modules stored in the memory 702, the memory 702 may mainly include a program storage area that may store an operating system, application programs (such as a sound playing function, an image playing function, and the like) required for at least functions, and a data storage area that may store data created according to the use of a server, and the like, and in addition, the memory 702 may include a high-speed random access memory, and may further include a non-volatile memory, for example, at least disk storage devices, flash memory devices, or other volatile solid-state storage devices, and accordingly, the memory 702 may further include a memory controller to provide the processor 701 with access to the memory 702.

The server may also include a power supply 703 for powering the various components, the power supply 703 may be logically connected to the processor 701 via a power management system to manage charging, discharging, and power consumption management functions via the power management system, the power supply 703 may also include any of or or more dc or ac power sources, a recharging system, power failure detection circuitry, power converters or inverters, power status indicators, and the like.

The server may also include an input unit 704, and the input unit 704 may be used to receive input numeric or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.

The processor 701 in the server loads the executable files corresponding to the processes of or or more application programs into the memory 702 according to the following instructions, and the processor 701 runs the application programs stored in the memory 702, thereby implementing various functions as follows:

receiving encrypted data sent by a terminal, decrypting the encrypted data by adopting a preset decryption algorithm to obtain decrypted numbers, analyzing the meanings of the decrypted numbers according to a preset strategy to obtain process information, and determining the execution condition of the network data to be monitored according to the process information.

For example, a preset character string may be obtained, the encrypted data may be traversed to determine a character that needs to be queried currently to obtain a current character, position information of the current character in the encrypted data is obtained to obtain th position information, position information of the current character in the preset character string is obtained to obtain second position information, the th position information and the second position information are calculated through a preset algorithm to obtain a decrypted number, the decrypted number is matched with preset appointment data, verification information corresponding to the matched number is used as key information, and is combined with a preset text template to obtain process information.

As can be seen from the above, after receiving the encrypted data sent by the terminal, the server in this embodiment may decrypt the encrypted data by using a preset decryption algorithm to obtain decrypted numbers, then analyze the meanings of the decrypted numbers according to a preset policy to obtain process information, and determine the execution condition of the network data to be monitored according to the process information; in the scheme, the received encrypted data is digital, but not complete process information, so that the length of the process information can be greatly shortened, the transmitted data volume is reduced, and the transmission efficiency is favorably improved.

It will be understood by those skilled in the art that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program stored in computer readable storage medium, which may include Read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disk, etc.

The network data monitoring method, device and system provided by the embodiment of the present invention are described in detail above, a specific example is applied in this text to explain the principle and the implementation of the present invention, the description of the above embodiment is only used to help understand the method of the present invention and its core idea, meanwhile, for those skilled in the art, according to the idea of the present invention, there are changes in the specific implementation and application scope, and in summary, the content of the present description should not be understood as a limitation to the present invention.

Claims

1, method for monitoring network data, comprising:

acquiring a preset character string and a preset array model;

2. The method according to claim 1, wherein the converting the process information into a number according to a preset policy to obtain data to be encrypted comprises:

extracting key information from the process information;

matching the key information with preset appointment data, wherein the appointment data comprise the corresponding relation between verification information and numbers;

and determining the number corresponding to the matched checking information as the data to be encrypted.

The method for monitoring network data of kinds is characterized by comprising the following steps:

receiving encrypted data sent by a terminal;

acquiring a preset character string;

4. The method of claim 3, wherein the parsing the meaning of the decrypted number according to a preset policy to obtain process information comprises:

matching the decrypted number with preset agreed data, wherein the agreed data comprises the corresponding relation between check information and the number;

and combining the verification information corresponding to the matched numbers as key information with a preset text template to obtain process information.

5. The method according to claim 3, wherein said calculating th location information and second location information through a predetermined algorithm to obtain decrypted numbers comprises:

converting the th position information into binary, and calculating a target remainder according to the th position information converted into the binary;

subtracting 1 from the second position information, and multiplying by a preset multiple to obtain a target base number; the preset multiple is matched with a module in a module taking operation corresponding to the encrypted data when the encrypted data is encrypted;

and calculating the sum of the target base number and the target remainder to obtain a decrypted number.

6. The method of claim 5 wherein said calculating a target remainder based on th location information converted to binary comprises:

traversing th position information which is converted into binary;

acquiring a position index corresponding to each 1;

and respectively calculating the sum of each 1 and the corresponding position index to obtain a target remainder.

The monitoring device of the network data of 7, kinds, characterized by, comprising:

the training subunit is specifically configured to:

8. The apparatus of claim 7,

the conversion unit is specifically configured to extract key information from the process information, match the key information with preset agreed data, where the agreed data includes a correspondence between verification information and numbers, and determine the numbers corresponding to the matched verification information as data to be encrypted.

An apparatus for analyzing network data of the 9 th and th types, comprising:

the decryption unit is specifically configured to:

acquiring a preset character string;

10. The apparatus of claim 9,

the parsing unit is specifically configured to match the decrypted number with preset agreed data, where the agreed data includes a correspondence between verification information and a number, and merge the verification information corresponding to the matched number as key information with a preset text template to obtain process information.

11. The apparatus according to claim 9, wherein the decryption unit is specifically configured to:

converting the th position information into binary;

traversing 1 in th position information converted into binary, obtaining a position index corresponding to each 1, and respectively calculating the sum of each 1 and the corresponding position index to obtain a target remainder;

A system for monitoring and controlling network data of 12, , comprising a device for monitoring and controlling network data of claim 7 or 8 and a device for parsing network data of any of claims 9 to 11.