CN108206834B

CN108206834B - Method, device and system for processing central service request

Info

Publication number: CN108206834B
Application number: CN201810301358.6A
Authority: CN
Inventors: 于涛
Original assignee: Shenzhen Yihua Computer Co Ltd; Shenzhen Yihua Time Technology Co Ltd; Shenzhen Yihua Financial Intelligent Research Institute
Current assignee: Shenzhen Yihua Computer Co Ltd; Shenzhen Yihua Time Technology Co Ltd; Shenzhen Yihua Financial Intelligent Research Institute
Priority date: 2018-04-04
Filing date: 2018-04-04
Publication date: 2021-04-13
Anticipated expiration: 2038-04-04
Also published as: CN108206834A

Abstract

The invention discloses a method, a device and a system for processing a central service request. The method comprises the following steps: receiving a central service request which is sent by a last network node and executed by a central node; if the node is a non-central node of the current network, selecting a next shadow node for receiving the central service request from a locally stored shadow node list, and sending the central service request to the next shadow node; receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the previous network node; and if the central node is the central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node. By adopting the technical scheme, the embodiment of the invention can improve the safety of the central node in the network system.

Description

Method, device and system for processing central service request

Technical Field

The present invention relates to the field of block chain technologies, and in particular, to a method, an apparatus, and a system for processing a central service request.

Background

In recent years, with the improvement of information safety awareness and the acceleration of life rhythm of people, data link technology gradually comes into the visual field of people, and is increasingly applied to industries such as the internet of things.

The ideal blockchain technique is to establish a decentralized distributed ledger, i.e. data in the whole blockchain is maintained by all distributed nodes together, data in all distributed nodes in the blockchain is identical and rights and obligations of all distributed nodes are equal, and there is no centralized hardware or management mechanism. However, since online assets and offline assets, reliability of assets, and the like all need a convenient and fast identification method of an effective table, and important assets in a network also need to be correspondingly supervised, in practical application, a special central node is usually set in the network to complete identification and supervision of information such as assets in the network through the central node. At this time, the IP address of the central node generally needs to be sent to each distributed node in the network, so as to ensure that all distributed nodes can send corresponding information to the central node for the central node to identify and supervise.

However, in the prior art, a central node generally has a risk of being vulnerable to Distributed Denial of Service (DDOS) attacks, and the security is low, so that the response efficiency of the central node to other Distributed nodes in the network is low, and the use requirement of a user of the Distributed node cannot be met.

Disclosure of Invention

In view of this, embodiments of the present invention provide a method, an apparatus, and a system for processing a central service request, so as to solve the technical problems in the prior art that a central node is vulnerable to DDOS attack and has low security.

In a first aspect, an embodiment of the present invention provides a method for processing a central service request, including:

receiving a central service request which is sent by a last network node and executed by a central node;

if the node is a non-central node of the current network, selecting a next shadow node for receiving the central service request from a locally stored shadow node list, and sending the central service request to the next shadow node; receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the previous network node;

and if the central node is the central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node.

In a second aspect, an embodiment of the present invention provides another method for processing a central service request, including:

when a central service needs to be acquired from a central node in a current network, a central service request is generated;

selecting a shadow node from a locally stored shadow node list as a first target shadow node, sending the central service request to the first target shadow node, and receiving request response information corresponding to the central service request returned by the first target shadow node.

In a third aspect, an embodiment of the present invention provides a device for processing a central service request, including:

the service request receiving module is used for receiving a central service request which is sent by a previous network node and executed by a central node;

the service request forwarding module is used for responding to the condition that the service request forwarding module is a non-central node of the current network, selecting a next shadow node for receiving the central service request from a locally stored shadow node list, and sending the central service request to the next shadow node; receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the previous network node;

and the service request processing module is used for responding to the condition that the service request processing module is a central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node.

In a fourth aspect, an embodiment of the present invention provides another apparatus for processing a central service request, including:

the service request generation module is used for generating a central service request when central service needs to be acquired from a central node in the current network;

the service request sending module is configured to select a shadow node from a locally stored shadow node list as a first target shadow node, send the central service request to the first target shadow node, and receive request response information corresponding to the central service request returned by the first target shadow node.

In a fifth aspect, an embodiment of the present invention provides a shadow node, including:

one or more processors;

a memory for storing one or more programs,

when the one or more programs are executed by the one or more processors, the one or more processors implement the method for processing the central service request according to the embodiment of the present invention.

In a sixth aspect, an embodiment of the present invention provides a network node, including:

one or more processors;

a memory for storing one or more programs,

In a seventh aspect, an embodiment of the present invention further provides a system for processing a central service request, including a shadow node and a network node, where,

the network node is used for generating a central service request when central service needs to be acquired from a central node in the current network; selecting a shadow node from a locally stored shadow node list and sending the central service request to the shadow node;

the shadow node is used for receiving a central service request which is sent by the network node and executed by a central node; if the node is a non-central node of the current network, selecting a next shadow node for receiving the central service request from a locally stored shadow node list, and sending the central service request to the next shadow node; receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the network node; if the central node is the current network, generating request response information corresponding to the central service request, and sending the request response information to the network node;

the network node is further configured to receive request response information corresponding to the central service request returned by the shadow node.

In the technical scheme for processing the central service request, a central service request executed by a central node and sent by a previous network node is received, if the central service request is a non-central node of the current network, a next shadow node is selected from a shadow node list stored locally, the central service request is sent to the next shadow node, request response information corresponding to the central service request and returned by the next shadow node is received, and the received request response information is sent to the previous network node sending the central service request; and if the network node is the central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node sending the central service request. The technical scheme for processing the central service request can improve the safety of the central node in the network system and reduce the probability that the central node is attacked by the distributed denial of service.

Drawings

Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments made with reference to the following drawings:

fig. 1 is a schematic flowchart illustrating a method for processing a central service request according to an embodiment of the present invention;

fig. 2 is a flowchart illustrating a processing method of a central service request according to a second embodiment of the present invention;

fig. 3A is a schematic flowchart of a processing method for a central service request according to a third embodiment of the present invention;

fig. 3B is a schematic structural diagram of a KAD network according to a third embodiment of the present invention;

fig. 3C is a schematic diagram of a query process of a target node according to a third embodiment of the present invention;

fig. 4 is a flowchart illustrating a processing method of a central service request according to a fourth embodiment of the present invention;

fig. 5 is a schematic flowchart of a method for processing a central service request according to a fifth embodiment of the present invention;

fig. 6 is a block diagram of a central service request processing apparatus according to a sixth embodiment of the present invention;

fig. 7 is a block diagram of a processing apparatus for processing a central service request according to a seventh embodiment of the present invention;

fig. 8 is a schematic structural diagram of a shadow node according to an eighth embodiment of the present invention;

fig. 9 is a schematic structural diagram of a network node according to a ninth embodiment of the present invention;

fig. 10 is a block diagram of a system for processing a central service request according to a tenth embodiment of the present invention.

Detailed Description

The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some but not all of the relevant aspects of the present invention are shown in the drawings.

Example one

The embodiment of the invention provides a method for processing a central service request. The method may be performed by a device for processing a central service request, wherein the device may be implemented by software and/or hardware, and may generally be integrated in a shadow node of the network system. Fig. 1 is a flowchart illustrating a method for processing a central service request according to an embodiment of the present invention, as shown in fig. 1, the method includes:

s101, receiving a central service request which is sent by the last network node and executed by the central node, and executing S102 or S103.

Here, the central service request may be understood as a request sent when other network nodes (a non-central node and a non-shadow node in the shadow node) in the current network obtain the central service from the central node, and the central service request may be a central service request generated or forwarded by a previous network node, that is, a generator of the central service request may be the previous network node or other nodes in the current network. The previous network node may be a shadow node of the current network except for the central node or a common node (i.e., a non-shadow node) in the current network, and the central service request may be a transaction request, a transaction information auditing request, and the like, which is not limited herein.

In this embodiment, the local terminal may receive the central service request sent by the previous network node based on a wired communication protocol or a wireless communication protocol, such as bluetooth, a local area network, or a wide area network. In actual operation, after receiving the service request, the local terminal may analyze the received service request to determine whether the service request is a central service request executed by the central node, and if so, continue to execute subsequent operations; if not, the service request may be processed based on the executor information of the service request or a preset processing policy, and response information corresponding to the service request is generated, or the service request is forwarded to other network nodes in the current network.

S102, if the node is a non-central node of the current network, selecting a next shadow node for receiving the central service request from a locally stored shadow node list, and sending the central service request to the next shadow node; and receiving request response information corresponding to the central service request returned by the next shadow node, sending the request response information to the previous network node, and ending the operation.

In this embodiment, after receiving the central service request sent by the previous network node, the non-central node in the shadow nodes may select a next shadow node from the shadow node list, and forward the central service request to the next shadow node according to the IP address of the next shadow node, and if the next shadow node is still non-central, the operation of forwarding the central service request may be continuously performed, and so on until the shadow node that receives the central service request is the central node. The shadow node list can be stored locally in advance, and can contain all or part of shadow nodes in the current network; the method for determining the next shadow node in the shadow node list may be set as required, for example, one shadow node may be randomly selected as the next shadow node, the shadow node whose ID distance of the identity ID is closest to the identity ID of the shadow node itself is selected as the next shadow node, the shadow node adjacent to the local end and located behind the local end in the shadow node list is determined as the next shadow node, the shadow node with the fastest response speed or the longest online time is selected as the next shadow node, and the like, which is not limited herein.

Here, it should be noted that the local end may consider or not consider the historical sending situation of the central service request when determining the next shadow node receiving the central service request. In order to ensure that the central service request can be finally sent to the central node and further improve the speed of sending the central service request to the central node, optionally, the operation of sending the central service request is preferably not performed in a nested manner, at this time, after receiving the central service request, the local terminal can judge whether the local terminal has received (or sent) the central service request, and if so, a shadow node different from the shadow node sent last time can be selected as a next shadow node sent this time, and the central service request is sent to the next shadow node.

Correspondingly, after forwarding the central service request to the next shadow node, the non-central node in the shadow nodes can also receive request response information returned by the next shadow node and forward the request response information to the previous network node, if the previous network node is not the generator of the central service request, the previous network node can perform forwarding operation on the request response information, and so on, until the network node receiving the request response information is the generator of the central service request, thereby realizing the response to the central service request generated by the generator of the central service request. The request response information may be understood as a processing result obtained after the central node processes the central service request, for example, if the central service request is a data request, the request response information may be data requested by the data request returned by the central node; if the central service request is a transaction information auditing request, the request response information can be an auditing result of the central node on the transaction information, and the like.

In this embodiment, the method for determining whether the local terminal is a central node (or a non-central node) of the current network may be set as needed, for example, the local terminal may obtain identification information of the local terminal and determine whether the identification information includes a central node identifier, if so, determine that the local terminal is the central node of the current network, and if not, determine that the local terminal is the non-central node of the current network; or, the local end may process the received central service request (for example, generate request response information corresponding to the central service request), and if the processing is successful, determine that the local end is a central node of the current network, and correspondingly, if the processing is failed, determine that the local end is a non-central node of the current network.

S103, if the self is the central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node.

In this embodiment, if the local terminal is a central node of the current network, the local terminal may process the central service request based on the corresponding service, generate request response information corresponding to the central service request, and send the request response information to the last network node that sends the central service request to the local terminal, so as to directly or indirectly send the request response information to the generator of the central service request.

The method for processing a central service request provided in the embodiment of the present invention receives a central service request executed by a central node and sent by a previous network node, selects a next shadow node from a locally stored shadow node list if the central service request is a non-central node of a current network, sends the central service request to the next shadow node, receives a request response message corresponding to the central service request and returned by the next shadow node, and sends the received request response message to the previous network node that sent the central service request; and if the network node is the central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node sending the central service request. By adopting the technical scheme, the shadow node is arranged for the central node, so that the security of the central node in the network system can be improved, and the probability that the central node is attacked by the distributed denial of service is reduced.

Example two

Fig. 2 is a flowchart illustrating a processing method of a central service request according to a second embodiment of the present invention. In this embodiment, the optimization is performed on the basis of the above embodiment, and in this embodiment, "selecting a next shadow node receiving the central service request from a locally stored shadow node list" is optimized as follows: and selecting the shadow node with the highest response speed from the locally stored shadow node list as the next shadow node for receiving the central service request.

Further, the method for processing the central service request provided by this embodiment may further include: if the self is the central node of the current network, the shadow node in the current network is updated when the current time reaches the updating time of the shadow node and/or when the shadow node suffering DDOS attack exists in the current network is detected.

Correspondingly, as shown in fig. 2, the method for processing a central service request provided in this embodiment includes:

s201, receiving a central service request executed by the central node sent by the previous network node, and executing S202 or S204.

S202, if the self is a non-central node of the current network, selecting a shadow node with the highest response speed from a locally stored shadow node list as a next shadow node for receiving the central service request, and sending the central service request to the next shadow node.

In this embodiment, it is preferable to select a shadow node with the highest response speed in the shadow node list as a next shadow node for receiving the central service request, so as to further improve the response speed of the central service request. The fastest response speed can be for all the shadow nodes in the shadow node list or for the shadow nodes with known response speed in the shadow node list; the response speed may be a response speed of the shadow node to a service request executed by the shadow node sent by the local terminal, or a response speed of the shadow node to a central service request executed by the central node sent by the local terminal. In order to further increase the processing speed of the central service request, preferably, the response speed may be a response speed of the corresponding shadow node to the central service request sent by the home terminal, and at this time, the shadow node with the highest response speed may be determined based on a time length from the sending of the central service request to the receiving of the request response information corresponding to the central service request by the home terminal when the home terminal sends the central service request for the first time.

Optionally, after determining the shadow node with the highest response speed, further determining whether the shadow node is online, if so, determining the shadow node as a next shadow node; if not, the central service request can be sent to part or all of the shadow nodes in the shadow node list so as to re-determine the shadow node with the highest response speed. Taking KAD (Kademlia) network as an example, the local end can probe the shadow node with the highest response speed through PING instruction to determine whether the shadow node with the highest response speed is on-line.

At this time, correspondingly, the method for processing the central service request provided by this embodiment may further include: if a central service request is received for the first time or the next shadow node is in an offline state, the central service request can be sent to part or all shadow nodes in a locally stored shadow node list, and the shadow node which firstly returns the request response information corresponding to the central service request is determined as the shadow node with the fastest response speed. Optionally, after a certain shadow node returns the request response information, the task thread that other shadow nodes send the central service request to the central server may be cancelled, so as to reduce the occupation of resources of other shadow nodes and the central node.

S203, receiving the request response information corresponding to the central service request returned by the next shadow node, sending the request response information to the previous network node, and ending the operation.

And S204, if the self is the central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node.

S205, when the current time reaches the updating time of the shadow node and/or the shadow node suffering DDOS attack is detected to exist in the current network, the shadow node in the current network is updated.

In this embodiment, in order to further improve the security of the central node, the shadow node in the current network may be updated according to a set update rule, where the update rule may be set to update the shadow node in the current network according to a set period and/or when there is a shadow node under DDOS attack. The updating period, the detection method of the shadow node suffering DDOS attack and the updating method of the shadow node can be set according to the requirement.

For example, the update period may be set to one day, one week, or other length of time. When determining whether a shadow node suffering from DDOS attack exists in the current network, acquiring the response speed (or delay time) of each shadow node in the current network, and judging whether the response speed of each shadow node is greater than a set speed threshold (or whether the delay time is less than a set time threshold), if not, judging that the shadow node suffering from DDOS attack exists in the current network; and reporting information of users can be acquired, and if more users reflect that the response speed of a certain shadow node is too low, the existence of the attacked shadow node in the current network is judged. The response speed of each shadow node can be determined by sending request information to the shadow node and based on the time consumed by the local terminal for receiving the request information of the shadow node.

For example, when updating a shadow node in a current network, a shadow node may be first disguised as an identity ID of a central node, then a set number of network nodes are randomly selected, a set number of network nodes closest to the shadow ID are selected according to a distance, or a set number of network nodes are randomly selected within a set distance range of the shadow ID, and the like, so as to select the shadow node after the current network update, further disguise the central node as a shadow node in the current network through the shadow ID, and delete a shadow node identifier of an original network node of the current network, so as to implement updating of the shadow node in the current network.

Here, it should be noted that the execution order of the above steps is not limited in this embodiment, and in a specific application, the above steps may be adjusted as needed, for example, S205 may be executed before, after, or in parallel with one or more steps of S201 to S204 in any step of S201 to S204, but whatever execution order is within the protection scope defined in this embodiment.

The method for processing the central service request provided by the second embodiment of the present invention receives the central service request sent by the previous network node, and if the local end is a non-central node of the current network, forwards the received central service request to the next shadow node with the highest response speed, receives the request response information returned by the next shadow node, and forwards the request response information to the previous network node; and if the local terminal is the central node of the current network, generating request response information corresponding to the central service request, sending the request response information to the previous network node, and updating the shadow node in the current network when the current time reaches the updating time of the shadow node or the shadow node suffering from DDOS attack exists in the current network. By adopting the technical scheme, the security of the central node in the network system can be improved, the probability that the central node is attacked by distributed denial of service (DDOS) is reduced, the probability that the shadow node is attacked by DDOS is reduced, and the response speed of the central service request is improved.

EXAMPLE III

Fig. 3A is a flowchart illustrating a processing method of a central service request according to a third embodiment of the present invention. In this embodiment, the "updating the shadow node in the current network" is optimized to be: acquiring the maximum digit information of the network node identity ID in the current network; constructing a random number within the maximum bit number information range as a self shadow ID, and setting the shadow ID and a self IP address in an associated manner to obtain self virtual node information; selecting a first set number of non-central nodes in an online state within a configuration distance from the shadow ID of the central node as target network nodes based on a random algorithm, and acquiring real node information of the target network nodes, wherein the real node information comprises an identity ID and an IP address; updating a locally stored shadow node list by adopting the current shadow node information; generating a shadow node update command carrying current shadow node information, and sending the shadow node update command to the target network node to update a shadow node in a current network, wherein the current shadow node information comprises the real node information, the virtual node information and the effective time of the current shadow node information

Further, the method for processing the central service request provided by this embodiment may further include: if the node is a non-central node of the current network, after a shadow node updating command is received, if the original shadow node information in a locally stored shadow node list is not completely contained in the current shadow node information, deleting the original shadow node information, and storing part or all of the shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list; and sending the shadow node updating command to a node to be updated, wherein the node to be updated comprises a first node to be updated formed by part or all of the shadow nodes in the shadow node list and a second node to be updated formed by part or all of the network nodes in the locally stored network node list.

Correspondingly, as shown in fig. 3A, the method for processing a central service request provided by this embodiment includes:

and S301, receiving a central service request which is sent by the last network node and executed by the central node, and executing S302 or S306.

S302, if the self is a non-central node of the current network, selecting a shadow node with the highest response speed from a locally stored shadow node list as a next shadow node for receiving the central service request, and sending the central service request to the next shadow node.

And S303, receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the previous network node.

S304, after receiving the shadow node updating command, if the original shadow node information in the locally stored shadow node list is not completely contained in the current shadow node information carried by the shadow node updating command, deleting the original shadow node information, and storing part or all of the shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list.

In this embodiment, after receiving the shadow node update command, the original shadow node information stored at the local end may be disregarded, that is, whether the local end has received the shadow node update command sent by the central node this time is disregarded, and all or part of the current shadow node information in the shadow node update command is directly adopted to replace the original shadow node information in the locally stored shadow node list, so as to update the locally stored shadow node list; or, first, it may be determined whether the local terminal receives the shadow node update command sent by the central node this time for the first time, if yes, the locally stored shadow node list is updated, and if not, that is, if all the original shadow node information in the locally stored shadow node list is included in the current shadow node information carried by the shadow node update command, the operation of updating the locally stored shadow node list may not be performed, and S305 may be directly executed. The number of the shadow nodes included in the local shadow node list, that is, the selected number of the current shadow node information in the shadow node update command during updating, may be preset or randomly determined during updating, and is not limited herein.

S305, sending the shadow node updating command to the nodes to be updated, wherein the nodes to be updated comprise first nodes to be updated formed by part or all of the shadow nodes in the shadow node list and second nodes to be updated formed by part or all of the network nodes in the locally stored network node list, and ending the operation.

In this embodiment, the non-central node in the shadow node may forward the received shadow node update command to part or all of the shadow nodes in the updated shadow node list and part or all of the network nodes in the locally stored network node list, so that the security of the central node is further improved on the premise of implementing the whole-network update of the shadow nodes in the current network. Here, it should be noted that, if there are duplicate nodes in the selected shadow node and the network node that receive the shadow node update command, the shadow node update command may be sent to the duplicate node only once during the current update, so as to reduce the amount of computation required in the process of updating the shadow node. The number of the shadow nodes and the number of the network nodes receiving the shadow node updating command can be set according to the requirement.

In this embodiment, a network node list may be set locally in advance, and network node information (an identity ID, an IP address, and the like) of a network node in the current network that conforms to the network protocol is stored in the network node list based on the network protocol of the current network, so that each network node in the current network can be ensured to find any network node in the current network through the identity ID.

Taking the current network as KAD (kademlia) network as an example, as shown in fig. 3B (only part of the network nodes are shown in the figure), in the KAD network, each network node can be regarded as a leaf of a binary tree, and the position of each network node in the KAD network can be uniquely determined by its identity ID. For any network node, the binary tree can be decomposed into a series of consecutive subtrees without self by the network node, the highest level subtree is composed of the other half of the binary tree without self, the next level subtree is composed of the half of the binary tree without self, and so on until the whole binary tree is completely divided. Taking the network node 0011 in fig. 3B (i.e. the network node a with the identity ID of 0011) as an example, the subtrees obtained by the network node after being divided are shown as the portion included by the dotted line in fig. 3B, where the subtree at the highest level is 1000, the subtree at the next highest level is 2100, the subtree at the third level is 2220, the subtree at the fourth level is 2212, and the identity ID prefixes of the subtrees at the upper and lower levels are 1, 01, 000, and 0010, respectively. The KAD protocol provides that each network node should know at least one network node in each subtree as long as each subtree is non-empty, and therefore, in the KAD network, the network node list stored by each network node records the identity ID and IP address of at least one network node in each non-empty subtree corresponding to the home terminal. At this time, each network node may find any one of the network nodes in the current network by using an exclusive or (XOR) algorithm through the identity ID.

For example, assuming that the current node is a network node 0011, the target node to be searched by the current node is a network node 1110 (a network node B in fig. 3C), the network node list of the current node records the identity ID and the IP address of the network node 101, the network node list of the network node 101 records the identity ID and the IP address of the network node 1101, the network node list of the network node 1101 records the identity ID and the IP address of the network node 11110, and the network node list of the network node 11110 records the identity ID and the IP address of the network node 1110, as shown in fig. 3C, the process of the current node searching for the target node may be: the current node determines that the target node is located in a corresponding top-level sub-tree based on the identity IDs of the current node and the target node, and sends a FIND _ VALUE instruction to a network node 101 in the top-level sub-tree recorded at the home terminal, after receiving the FIND _ VALUE instruction, the network node 101 determines whether the IP address of the target node is recorded by itself (taking the IP address of the target node not recorded by itself as an example in fig. 3C), if so, returns the IP address of the target node to the current node, and if not, returns the identity ID and the IP address of a network node (taking the network node 1101 as an example in fig. 3C) whose ID distance recorded by itself is closer to the target node than itself to the current node; the current node sends a FIND _ VALUE instruction to the network node 1101, after receiving the FIND _ VALUE instruction, the network node 1101 determines whether the IP address of the target node is recorded by the network node 1101 (in fig. 3C, the IP address of the target node is not recorded by the network node 1101 as an example), if so, the IP address of the target node is returned to the current node, and if not, the identity ID and the IP address of a network node (in fig. 3C, the network node 11110 as an example) whose ID distance recorded by the network node is closer to the target node than the current node is returned to the current node; the current node sends a FIND _ VALUE instruction to the network node 11110, after receiving the FIND _ VALUE instruction, the network node 11110 determines whether the IP address of the target node is recorded in the network node itself (in fig. 3C, the IP address of the target node is recorded in the network node itself as an example), if so, the IP address of the target node is returned to the current node, and if not, the identity ID and the IP address of a network node whose ID distance is closer to the target node than the current node are returned to the current node, and so on until the current node acquires the IP address of the target node. Wherein, the FIND _ VALUE instruction uses the identity ID of the target node as a parameter, and the receiver of the instruction returns the IP address and the identity ID (or the IP address, the identity ID, and the service port number) of a network node whose recorded ID is closer to the target node.

It should be noted that, the current NODE may further obtain the identity ID of the target NODE or the network NODE closer to the target NODE by sending a FIND _ NODE instruction, where the FIND _ NODE instruction uses the identity ID of the target NODE as a parameter, and unlike the FIND _ VALUE instruction, a receiver of the instruction returns the IP addresses and the identity IDs (or the IP addresses, the identity IDs, and the service port numbers) of the K network NODEs whose recorded IDs are closer to the target NODE, where a VALUE of K may be set as needed, and when the number N of network NODEs whose recorded IDs are closer to the target NODE is less than K, the IP addresses and the identity IDs (or the IP addresses, the identity IDs, and the service port numbers) of the network NODEs whose recorded N IDs are closer to the target NODE may be returned.

In addition, the KAD protocol may further include a STORE instruction, and may notify a network node in the current network to STORE an IP address and an identity ID (or an IP address, an identity ID, and a service port number) of another network node through the STORE instruction, so as to meet a later query requirement.

S306, if the self is the center node of the current network, generating request response information corresponding to the center service request, and sending the request response information to the last network node.

S307, when the current time reaches the updating time of the shadow node and/or the shadow node suffering DDOS attack is detected to exist in the current network, obtaining the maximum bit number information of the network node identity ID in the current network.

The maximum bit number information of the shadow node identity ID in the current network may be determined by obtaining the identity ID of a network node at a certain end of the current network and counting the bit number information of the identity ID, or may be determined by reading an identity ID record file (or an identity ID bit number record file) stored at the local end, which is not limited herein. For example, in a KAD network, the maximum number of bits of the identity ID of each network node (including shadow nodes and non-shadow nodes) may be set to 160 bits.

S308, constructing a random number within the maximum digit information range as a self shadow ID, and setting the shadow ID and the self IP address in a correlated manner to obtain self virtual node information.

In this embodiment, the central node may be disguised as a shadow node in the current network, so that the security of the central node is improved on the premise of ensuring that the network node in the current network can communicate with the central node. At this time, since the real ID of the central node itself is generally published in the current network, a shadow ID may be forged for the central node, and the shadow ID and the IP address of the central node are set in association, so that the shadow ID and the IP address of the central node, which are set in association, may be subsequently sent to other network nodes as one of the shadow node information in the current shadow node information along with a shadow node update command.

S309, selecting a first set number of non-central nodes in an online state within a configuration distance from the shadow ID of the central node as target network nodes based on a random algorithm, and acquiring real node information of the target network nodes, wherein the real node information comprises an identity ID and an IP address.

In this embodiment, a network node whose shadow ID is within a set distance threshold from the central node may be selected as a target network node (i.e., a non-central node in the updated shadow node), so as to increase the speed at which the updated shadow node forwards the generated or received central service request to the central node, and further shorten the response time of the central service request in the current network.

Wherein, the set distance threshold value can be set according to the requirement; the number of target network nodes (i.e., the number of non-central nodes in shadow nodes of the current network after update) may be determined according to the network concurrency number of the current network and the processing capability of each target network node, for example, on the premise that each target network node can normally implement its own function, the number of shadow nodes in the current network after update may be determined according to the generated number of central service requests in the current network within a set time period and the number of central service requests that each target network node can forward within the set time period. The real node information of the target network node may send a node information acquisition request to each target network node for determination, or may read a node information record file stored at the local terminal and recording the identity ID and the IP address of each network node in the current network for determination, which is not limited herein.

S310, updating a locally stored shadow node list by adopting the current shadow node information; and generating a shadow node update command carrying current shadow node information, and sending the shadow node update command to the target network node to update a shadow node in a current network, wherein the current shadow node information comprises the real node information, the virtual node information and the effective time of the current shadow node information.

In order to ensure that the network node in the current network cannot distinguish the central node from other shadow nodes (i.e., target network nodes) in the current network through the received current shadow node information, the virtual node information of the central node in the current shadow node information and the real node information of the other shadow nodes are preferably sent in the same form, that is, no identifier different from the real node information of the other shadow nodes is added to the virtual node information. Correspondingly, in practical application, as for a common node in a network or a non-central node in a shadow node, only current shadow node information of a plurality of shadow nodes is received, and there is no way to identify the IP address of the central node through the received current shadow node information, so that protection of the central node can be realized.

Here, it should be noted that the shadow node update command may also carry a version number of the current update, and at this time, each time the central node updates the shadow node, the central node may add 1 to the version number of the previous update as the version number of the current update, and add the version number to the shadow node update command. Correspondingly, after a non-central node and/or a common node in the shadow nodes receives a shadow node updating command, whether a version number carried in the shadow node updating command is the same as a version number in a shadow node list of a local terminal or not can be judged, if yes, the local terminal is determined to update the shadow node list stored in the local terminal based on the shadow node updating command, and the operation is finished or the received shadow node updating command is sent to a node to be updated, which is different from the network node at the last time; and if not, updating the shadow node list stored at the local end, and sending the shadow node updating command to the node to be updated.

In this embodiment, when updating the shadow node, the central node may control, through the generated shadow node update command, each network node in the current network to delete the locally stored original shadow node information and store part or all of the current shadow node information carried in the shadow node update command. Or, the central node may also broadcast a shadow node clear (broadcastclearset) instruction in the current network first to clear the shadow node property of the original shadow node defined in the current network and update the shadow ID of the central node, and correspondingly, all the original shadow nodes receiving the command forward the command to all or part of the original shadow nodes in the current network to protect the privacy of the IP address of the central node and clear the shadow node property of itself, that is, the central node does not forward the central service request sent by the previous network node any more; secondly, broadcasting a shadow node definition (BroadcastServerNode) instruction in the current network to define the updated current shadow node, and correspondingly, forwarding the instruction to all or part of the current shadow nodes in the current network by all the current shadow nodes receiving the instruction to protect the privacy of the IP of the central node and define the self shadow node property, namely starting to forward the central service request sent by the previous network node; and generating a shadow node updating command to complete the updating operation of the shadow node in the current network. Wherein, the receiver of the broadcastclearset instruction is an original shadow node in the current network, and the network nodes except the original shadow node in the current network do not receive and transmit the command; the receiver of the BroadcastServerNode instruction is the current shadow node updated in the current network, and the network points except the current shadow node in the current network do not receive and send the command.

In the method for processing a central service request provided by the third embodiment of the present invention, when a current time reaches an update time of a shadow node and/or a shadow node under DDOS attack is detected in a current network, a shadow ID of a local end is updated, a network node whose identity ID and the shadow ID are within a set ID distance range is selected as a non-central node in the updated shadow node, the central node is disguised as an updated shadow node by using the shadow ID, and the network node of the current network is controlled to update a shadow node list stored in the network node. By adopting the technical scheme, the security of the central node in the network system can be improved, the probability that the central node is attacked by distributed denial of service (DDOS) is reduced, the probability that the shadow node is attacked by DDOS is reduced, and the response speed of the central service request is improved.

In the above solution, if a certain network node in the current network is in an offline state or has not joined the current network when the central node sends the shadow node update command, the network node may generate a shadow node information acquisition request after being online or joined the current network, and forward the shadow node information acquisition request to one or more network nodes in a network node list stored at the local end; if the network node receiving the shadow node information acquisition request is not a shadow node, the network node can forward the shadow node information acquisition request to a shadow node in a shadow node list when judging that the self-stored shadow node information is in an effective state; correspondingly, after receiving a shadow node information obtaining request sent by a previous network node, the shadow node can obtain current shadow node information in a locally stored shadow node list and send the current shadow node information to the previous network node, so that the current shadow node information is directly or indirectly forwarded to the new network node or the network node newly added to the current network, and the network node can be ensured to be communicated with the central node.

Example four

The fourth embodiment of the invention provides a method for processing a central service request. The method may be performed by a processing device of a central service request, wherein the device may be implemented by software and/or hardware, and may generally be integrated in a network node of a network system. Fig. 4 is a flowchart illustrating a processing method of a central service request according to a fourth embodiment of the present invention, as shown in fig. 4, the method includes:

s401, when the central service needs to be acquired from the central node in the current network, a central service request is generated.

Taking the current network as the KAD network as an example, a SeverWork request for acquiring the central service may be added in advance in the KAD protocol, and accordingly, when a network node (a non-central node and/or a non-shadow node in a shadow node) in the current network needs to request the central service to acquire the central service, the SeverWork request (i.e., a central service request) may be generated, so as to request the central service from the central node in the current network through the SeverWork request.

S402, selecting a shadow node from a locally stored shadow node list as a first target shadow node, sending the central service request to the first target shadow node, and receiving request response information corresponding to the central service request returned by the first target shadow node.

In this embodiment, one shadow node may be arbitrarily selected as the first target shadow node, or a shadow node with the highest response speed in the shadow node list may be selected as the first target shadow node, which is not limited herein. Considering the response speed of the central service request, preferably, the shadow node with the highest response speed may be selected from the shadow nodes in the online state from the shadow node list stored at the local end as the first target shadow node, and the generated central service request is sent to the first target shadow node. Correspondingly, after the central service request is sent to the first target shadow node, request response information generated after the central node processes the central service request, which is returned by the first target shadow node, may be received, so as to complete the current request operation. The response speed of each shadow node can be counted and recorded in advance.

In the method for processing a central service request according to the fourth embodiment of the present invention, when central service of a central node is required, the central service request is generated, and the central service request is sent to a first target shadow node in a shadow node list stored at a local end. By adopting the technical scheme, the central service request generated by the local terminal is forwarded by the shadow node, so that the security of the central node in the network system can be improved, and the probability that the central node is attacked by the distributed denial of service can be reduced.

On the basis of the foregoing solution, the method for processing a central service request provided in this embodiment may further include: after receiving a shadow node updating command carrying current shadow node information, deleting original shadow node information stored in a locally stored shadow node list, and storing part or all of shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list; and randomly selecting part or all network nodes as nodes to be updated based on the locally stored network node list, and sending the shadow node updating command to the nodes to be updated. In this embodiment, the network node may update the shadow node list stored at the local end based on the shadow node update command generated by the central node, so as to further improve the response speed of the central service request and the security of the central node. The number and the selection rule of the current shadow node information stored in the shadow node list and the number and the selection rule of the nodes to be updated receiving the shadow node update command may be set as required, and are not limited herein.

EXAMPLE five

Fig. 5 is a flowchart illustrating a processing method of a central service request according to a fifth embodiment of the present invention. The present embodiment is optimized on the basis of the foregoing embodiment, and further before selecting one shadow node from the locally stored shadow node list as the first target shadow node, the method may further include: and determining that the shadow node information in the locally stored shadow node list is within the valid time.

Further, the method for processing the central service request provided by this embodiment may further include: if the shadow node information in the shadow node list is out of the effective time, generating a shadow node information acquisition request, randomly selecting a second set number of network nodes from a locally stored network node list as target network nodes, and sending the shadow node information acquisition request to the target network nodes; and receiving current shadow node information returned by the target network node, and updating a locally stored shadow node list based on the current shadow node information.

Correspondingly, as shown in fig. 5, the method for processing a central service request provided in this embodiment may include:

s501, when the central service needs to be acquired from the central node in the current network, a central service request is generated.

S502, judging whether the shadow node information in the shadow node list in the locally stored shadow node list is within the valid time, if so, executing S503; if not, go to S504.

For example, if the current time is out of the valid time of the shadow node information, it may be determined that the shadow node information in the shadow node list is not within the valid time; if the current time is within the valid time of the shadow node information, the shadow node information in the shadow node list can be directly judged to be within the valid time, or further sending an information request to one or more shadow nodes in the shadow node list, to obtain the valid time (or version number) of the shadow node information stored locally by the one or more shadow nodes, if the valid time of the shadow node information stored in the one or more shadow nodes is larger than the valid time of the locally stored shadow node list (or the version number of the shadow node information is larger than the version number of the locally stored shadow node list), it can be determined that the shadow node information in the locally stored shadow node list is not within the valid time, otherwise, it may be determined that the shadow node information in the locally stored shadow node list is within the validity time.

S503, selecting a shadow node from the locally stored shadow node list as a first target shadow node, sending the central service request to the first target shadow node, receiving request response information corresponding to the central service request returned by the first target shadow node, and ending the operation.

S504, generating a shadow node information acquisition request, randomly selecting a second set number of network nodes from a locally stored network node list as target network nodes, and sending the shadow node information acquisition request to the target network nodes.

Taking the current network as the KAD network as an example, a shadow node acquisition (FindServerNode) request for acquiring shadow node information may be added in advance in the KAD protocol, and accordingly, when the network node in the current network needs to acquire the current shadow node information, a FindServerNode request may be generated and sent to a second set number of other network nodes, so as to search for the identity ID and IP address of all or part of the shadow nodes in the current network by executing the request.

Illustratively, when a non-shadow node (i.e., a common node) in a current network receives a shadow node information acquisition request sent by another network node, the non-shadow node may directly process the shadow node information acquisition request and send shadow node information stored in a local shadow node list as current shadow node information to the non-shadow node; the shadow information obtaining request may also be forwarded to a locally stored shadow node for processing, and at this time, correspondingly, the processing method of the central service request provided in this embodiment may further include: after receiving a shadow node information acquisition request sent by a previous network node (other network nodes), a non-shadow node in a current network may select a second target shadow node receiving the shadow node information acquisition request from a locally stored shadow node list, send the shadow node information acquisition request to the second target shadow node, receive current shadow node information sent by the second target shadow node, and forward the current shadow node information to the previous network node.

And S505, receiving the current shadow node information returned by the target network node, updating a locally stored shadow node list based on the current shadow node information, and returning to S503.

For example, when receiving current shadow node information returned by the target network node, the home terminal may replace original shadow node information in the locally stored shadow node list with the current shadow node information, so as to update the locally stored shadow node list.

In the method for processing a central service request provided by the fifth embodiment of the present invention, when the shadow node information stored at the home terminal is not within the valid time, a shadow node information obtaining request is generated, a set number of network nodes are randomly selected from a locally stored network node list as target network nodes, the shadow node obtaining request is sent to the selected target network node, current shadow node information returned by the target network node is received, the locally stored shadow node list is updated based on the current shadow node information, the target shadow node is determined based on the updated shadow node list, the central service request generated at the home terminal is forwarded to the target shadow node, and request response information returned by the target shadow node is received. By adopting the above termination scheme, the present embodiment can not only improve the security of the central node in the network system and reduce the probability that the central node is subjected to the distributed denial of service attack, but also improve the response speed of the central service request and reduce the waiting time of the user.

EXAMPLE six

The sixth embodiment of the invention provides a device for processing a central service request. The device can be realized by software and/or hardware, can be generally integrated in a shadow node of a network system, and can realize the processing of the central service request by executing the processing method of the central service request. Fig. 6 is a block diagram of a processing apparatus for a central service request according to a sixth embodiment of the present invention, and as shown in fig. 6, the apparatus includes:

a service request receiving module 601, configured to receive a central service request executed by a central node and sent by a previous network node.

A service request forwarding module 602, configured to select, in response to a situation that the service request forwarding module is a non-central node of a current network, a next shadow node that receives the central service request from a locally stored shadow node list, and send the central service request to the next shadow node; receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the previous network node;

the service request processing module 603 is configured to, in response to a situation that the service request processing module is a central node of a current network, generate request response information corresponding to the central service request, and send the request response information to the previous network node.

In the processing apparatus for a central service request provided in the sixth embodiment of the present invention, a service request receiving module receives a central service request executed by a central node and sent by a previous network node; when the service request forwarding module is a non-central node of the current network, selecting a next shadow node from a locally stored shadow node list, sending the central service request to the next shadow node, receiving request response information corresponding to the central service request returned by the next shadow node, and sending the received request response information to a previous network node sending the central service request; when the service request processing module is a central node of the current network, request response information corresponding to the central service request is generated, and the request response information is sent to the last network node sending the central service request. By adopting the technical scheme, the security of the central node in the network system can be improved, and the probability that the central node is attacked by the distributed denial of service is reduced.

Further, the processing device for the central service request provided by this embodiment may further include: and the shadow node updating module is used for responding to the condition that the shadow node is a central node of the current network, and updating the shadow node in the current network when the current time reaches the updating time of the shadow node and/or the shadow node subjected to DDOS attack in the current network is detected.

In the foregoing solution, the shadow node updating module may include: the bit number information acquisition unit is used for responding to the condition that the self is a central node of the current network, and acquiring the maximum bit number information of the identity ID of the network node in the current network when the current time reaches the updating time of the shadow node and/or the shadow node subjected to DDOS attack in the current network is detected; a shadow ID construction unit, configured to construct a random number within the maximum bit number information range as a shadow ID of the shadow ID, and set the shadow ID and an IP address of the shadow ID in association with the IP address of the shadow ID to obtain virtual node information of the shadow ID; a real node information obtaining unit, configured to select, based on a random algorithm, a first set number of non-central nodes that are in an online state within a configuration distance from the shadow ID of the central node as target network nodes, and obtain real node information of the target network nodes, where the real node information includes an identity ID and an IP address; the first shadow node updating unit is used for updating a locally stored shadow node list by adopting the current shadow node information; and generating a shadow node update command carrying current shadow node information, and sending the shadow node update command to the target network node to update a shadow node in a current network, wherein the current shadow node information comprises the real node information, the virtual node information and the effective time of the current shadow node information.

In the foregoing solution, the shadow node updating module may further include: a second shadow node updating unit, configured to, in response to a situation that the second shadow node is a non-central node of a current network, after receiving a shadow node update command, delete original shadow node information if all original shadow node information in a locally stored shadow node list is not included in the current shadow node information, and store part or all of shadow node information in the current shadow node information in the shadow node list to update the shadow node list; and the update command sending unit is used for sending the shadow node update command to the nodes to be updated, and the nodes to be updated comprise first nodes to be updated formed by part or all of the shadow nodes in the shadow node list and second nodes to be updated formed by part or all of the network nodes in the locally stored network node list.

In the foregoing solution, the shadow node updating module may further include: the acquiring request processing unit is used for acquiring current shadow node information in a locally stored shadow node list after receiving a shadow node information acquiring request sent by a previous network node, and sending the current shadow node information to the previous network node.

In the foregoing solution, the selecting a next shadow node in the locally stored shadow node list to receive the central service request may include: and selecting the shadow node with the highest response speed from the locally stored shadow node list as the next shadow node for receiving the central service request.

Further, the processing device for the central service request provided by this embodiment may further include: and the shadow node determining module is used for responding to the condition that a central service request is received for the first time or the next shadow node is in an offline state, sending the central service request to part or all shadow nodes in a locally stored shadow node list, and determining the shadow node which returns the request response information corresponding to the central service request at first as the shadow node with the highest response speed.

The processing device for the central service request provided by the sixth embodiment of the invention can execute the processing method for the central service request provided by the sixth embodiment of the invention, and has the corresponding functional modules and beneficial effects of the processing method for executing the central service request. For details of the technology that are not described in detail in this embodiment, reference may be made to the method for processing the central service request provided in the embodiment of the present invention.

EXAMPLE seven

The seventh embodiment of the invention provides a device for processing a central service request. The device can be implemented by software and/or hardware, can be generally integrated in a network node of a network system, and can implement the processing of the central service request by executing the processing method of the central service request. Fig. 7 is a block diagram of a processing apparatus for a central service request according to a seventh embodiment of the present invention, and as shown in fig. 7, the apparatus includes:

a service request generating module 701, configured to generate a central service request when central service needs to be acquired from a central node in a current network;

a service request sending module 702, configured to select a shadow node from a locally stored shadow node list as a first target shadow node, send the central service request to the first target shadow node, and receive request response information corresponding to the central service request returned by the first target shadow node.

In the processing device for a central service request provided by the seventh embodiment of the present invention, a service request generation module generates a central service request when central service needs to be acquired from a central node in a current network; selecting a shadow point from a locally stored shadow node list as a first target shadow node through a service request sending module, sending the generated central service request to the first target shadow node, and receiving request response information corresponding to the central service request returned by the first target shadow node. By adopting the technical scheme, the security of the central node in the network system can be improved, and the probability that the central node is attacked by the distributed denial of service is reduced.

Further, the processing device for the central service request provided by this embodiment may further include: the shadow node list updating module is used for deleting the original shadow node information stored in a locally stored shadow node list after receiving a shadow node updating command carrying the current shadow node information, and storing part or all of the shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list; and the shadow node information sending module is used for randomly selecting part or all of the network nodes as nodes to be updated based on the locally stored network node list and sending the shadow node updating command to the nodes to be updated.

Further, the processing device for the central service request provided by this embodiment may further include: and the valid time determining module is used for determining that the shadow node information in the locally stored shadow node list is within the valid time before a shadow node is selected from the locally stored shadow node list as a first target shadow node.

Further, the processing device for the central service request provided by this embodiment may further include: the node information request module is used for responding to the condition that the shadow node information in the shadow node list is out of the effective time, generating a shadow node information acquisition request, randomly selecting a second set number of network nodes from the locally stored network node list as target network nodes, and sending the shadow node information acquisition request to the target network nodes; and the node information receiving module is used for receiving the current shadow node information returned by the target network node and updating a locally stored shadow node list based on the current shadow node information.

Further, the processing device for the central service request provided by this embodiment may further include: the node request sending module is configured to, after receiving a shadow node information obtaining request sent by a previous network node, select a second target shadow node that receives the shadow node information obtaining request from a locally stored shadow node list, send the shadow node information obtaining request to the second target shadow node, receive current shadow node information sent by the second target shadow node, and forward the current shadow node information to the previous network node.

The processing device for the central service request provided by the seventh embodiment of the present invention can execute the processing method for the central service request provided by the seventh embodiment of the present invention, and has the corresponding functional modules and beneficial effects of the processing method for executing the central service request. For details of the technology that are not described in detail in this embodiment, reference may be made to the method for processing the central service request provided in the embodiment of the present invention.

Example eight

Fig. 8 is a schematic structural diagram of a shadow node according to an eighth embodiment of the present invention, as shown in fig. 8, the shadow node includes a processor 80 and a memory 81, and may further include an input device 82 and an output device 83; the number of the processors 80 in the shadow node may be one or more, and one processor 80 is taken as an example in fig. 8; the processor 80, the memory 81, the input device 82, and the output device 83 in the shadow node may be connected by a bus or other means, and are exemplified by being connected by a bus in fig. 8.

The memory 81 is used as a computer readable storage medium, and can be used for storing software programs, computer executable programs, and modules, such as program instructions/modules corresponding to the processing method of the central service request in the embodiment of the present invention (for example, the service request receiving module 601 and the service request forwarding module 602 in the processing device of the central service request). The processor 80 executes various functional applications and data processing of the shadow node by running software programs, instructions and modules stored in the memory 81, that is, the processing method of the central service request is realized.

The memory 81 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 81 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the memory 81 may further include memory located remotely from the processor 80, which may be connected to the shadow node over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The input device 82 may be used to receive input numeric or character information and to generate key signal inputs relating to user settings and function controls of the shadow node. The output device 83 may include a display device such as a display screen.

An eighth embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, perform a method for processing a central service request, the method including:

Of course, the storage medium containing the computer-executable instructions provided by the embodiments of the present invention is not limited to the method operations described above, and may also perform related operations in the processing method of the central service request provided by any embodiments of the present invention.

From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.

It should be noted that, in the embodiment of the processing apparatus for a central service request, the units and modules included in the embodiment are only divided according to functional logic, but are not limited to the above division, as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.

Example nine

Fig. 9 is a schematic structural diagram of a network node according to a ninth embodiment of the present invention, as shown in fig. 9, the network node includes a processor 90 and a memory 91, and may further include an input device 92 and an output device 93; the number of processors 90 in the network node may be one or more, and one processor 90 is taken as an example in fig. 9; the processor 90, the memory 91, the input device 92 and the output device 93 in the network node may be connected by a bus or other means, which is exemplified in fig. 9.

The memory 91 is a computer-readable storage medium, and can be used for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the processing method of the central service request in the embodiment of the present invention (for example, the service request generating module 701 and the service request sending module 702 in the processing device of the central service request). The processor 90 executes various functional applications of the network node and data processing, i.e., implements the above-described processing method of the central service request, by executing software programs, instructions, and modules stored in the memory 91.

The memory 91 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 91 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, memory 91 may further include memory located remotely from processor 90, which may be connected to a network node via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The input device 92 may be used to receive entered numeric or character information and to generate key signal inputs relating to user settings and function control of the network node. The output device 93 may include a display device such as a display screen.

An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, perform a method for processing a central service request, the method including:

Example ten

The embodiment of the invention provides a system for processing a central service request. The system can realize the processing of the central service request by executing the processing method of the central service request. Fig. 10 is a block diagram of a system for processing a central service request according to a tenth embodiment of the present invention, as shown in fig. 10 (only one shadow node and one network node are shown in the figure), the system includes a shadow node 10 and a network node 20, wherein,

the network node 20 is configured to generate a central service request when central service needs to be acquired from a central node in a current network; selecting a shadow node from a locally stored shadow node list and sending the central service request to the shadow node;

the shadow node 10 is configured to receive a central service request, which is sent by the network node and executed by a central node; if the node is a non-central node of the current network, selecting a next shadow node for receiving the central service request from a locally stored shadow node list, and sending the central service request to the next shadow node; receiving request response information corresponding to the central service request returned by the next shadow node, and sending the request response information to the network node; if the central node is the current network, generating request response information corresponding to the central service request, and sending the request response information to the network node;

the network node 20 is further configured to receive request response information corresponding to the central service request returned by the shadow node.

In this embodiment, the system may include a plurality of shadow nodes and a plurality of network nodes, where, for a certain shadow node in the system, it may be a central node of the current network, or may be a non-central node having a shadow node identifier in the current network; as for a certain network node in the system, it may be a non-central node having a shadow node identifier in the current network, or may be a normal node (i.e. a non-shadow node) having no shadow node identifier in the current network, and when both the shadow node and the network node are non-central nodes, they are preferably different non-central nodes having different identity IDs and IP addresses.

The processing system for the central service request provided by the tenth embodiment of the present invention can execute the processing method for the central service request provided by any embodiment of the present invention, and has the functional modules and the beneficial effects corresponding to the processing method for executing the central service request. For details of the technology not described in detail in this embodiment, reference may be made to a method for processing a central service request provided in any embodiment of the present invention.

It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims

1. A method for processing a central service request is characterized by comprising the following steps:

if the central node is the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node;

if the node is a central node of the current network, updating the shadow node in the current network when the current time reaches the updating time of the shadow node and/or the shadow node subjected to DDOS attack in the current network is detected;

the updating the shadow node in the current network comprises the following steps:

acquiring the maximum digit information of the network node identity ID in the current network;

constructing a random number within the maximum bit number information range as a self shadow ID, and setting the shadow ID and a self IP address in an associated manner to obtain self virtual node information;

selecting a first set number of non-central nodes in an online state within a configuration distance threshold value from the shadow ID of the central node as a target network node based on a random algorithm, and acquiring real node information of the target network node, wherein the real node information comprises an identity ID and an IP address;

updating a locally stored shadow node list by adopting the current shadow node information; generating a shadow node updating command carrying current shadow node information, and sending the shadow node updating command to the target network node to update a shadow node in a current network, wherein the current shadow node information comprises the real node information, the virtual node information and the effective time of the current shadow node information;

if the node is a non-central node of the current network, after a shadow node updating command is received, if the original shadow node information in a locally stored shadow node list is not completely contained in the current shadow node information, deleting the original shadow node information, and storing part or all of the shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list;

and sending the shadow node updating command to a node to be updated, wherein the node to be updated comprises a first node to be updated formed by part or all of the shadow nodes in the shadow node list and a second node to be updated formed by part or all of the network nodes in the locally stored network node list.

2. The method of claim 1, further comprising:

after receiving a shadow node information acquisition request sent by a previous network node, acquiring current shadow node information in a locally stored shadow node list, and sending the current shadow node information to the previous network node.

3. The method of claim 1, wherein selecting a next shadow node in the locally stored list of shadow nodes to receive the central service request comprises:

and selecting the shadow node with the highest response speed from the locally stored shadow node list as the next shadow node for receiving the central service request.

4. The method of claim 3, further comprising:

if a central service request is received for the first time or the next shadow node is in an offline state, the central service request is sent to part or all shadow nodes in a locally stored shadow node list, and the shadow node which firstly returns the request response information corresponding to the central service request is determined as the shadow node with the highest response speed.

5. A method for processing a central service request is characterized by comprising the following steps:

selecting a shadow node from a locally stored shadow node list as a first target shadow node, sending the central service request to the first target shadow node, and receiving request response information corresponding to the central service request returned by the first target shadow node;

further comprising:

after receiving a shadow node updating command carrying current shadow node information, deleting original shadow node information stored in a locally stored shadow node list, and storing part or all of shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list;

and randomly selecting part or all network nodes as nodes to be updated based on the locally stored network node list, and sending the shadow node updating command to the nodes to be updated.

6. The method of claim 5, wherein prior to selecting a shadow node from the locally stored list of shadow nodes as the first target shadow node, further comprising:

and determining that the shadow node information in the locally stored shadow node list is within the valid time.

7. The method of claim 6, further comprising:

if the shadow node information in the shadow node list is out of the effective time, generating a shadow node information acquisition request, randomly selecting a second set number of network nodes from a locally stored network node list as target network nodes, and sending the shadow node information acquisition request to the target network nodes;

and receiving current shadow node information returned by the target network node, and updating a locally stored shadow node list based on the current shadow node information.

8. The method of claim 7, further comprising:

after receiving a shadow node information acquisition request sent by a previous network node, selecting a second target shadow node receiving the shadow node information acquisition request from a locally stored shadow node list, sending the shadow node information acquisition request to the second target shadow node, receiving current shadow node information sent by the second target shadow node, and forwarding the current shadow node information to the previous network node.

9. An apparatus for processing a central service request, comprising:

the service request processing module is used for responding to the condition that the service request processing module is a central node of the current network, generating request response information corresponding to the central service request, and sending the request response information to the last network node;

the shadow node updating module is used for responding to the condition that the shadow node is a central node of the current network, and updating the shadow node in the current network when the current time reaches the updating time of the shadow node and/or the shadow node subjected to DDOS attack in the current network is detected;

the shadow node updating module is also used for acquiring the maximum digit information of the network node identity ID in the current network;

constructing a random number within the maximum bit number information range as a self shadow ID, and setting the shadow ID and a self IP address in an associated manner to obtain self virtual node information; a real node information obtaining unit, configured to select, based on a random algorithm, a first set number of non-central nodes that are in an online state within a configuration distance from the shadow ID of the central node as target network nodes, and obtain real node information of the target network nodes, where the real node information includes an identity ID and an IP address;

the shadow node updating module is also used for the condition that the shadow node updating module is a non-central node of the current network, after receiving a shadow node updating command, if the original shadow node information in a locally stored shadow node list is not completely contained in the current shadow node information, deleting the original shadow node information, and storing part or all of the shadow node information in the current shadow node information in the shadow node list so as to update the shadow node list; and sending the shadow node updating command to a node to be updated, wherein the node to be updated comprises a first node to be updated formed by part or all of the shadow nodes in the shadow node list and a second node to be updated formed by part or all of the network nodes in the locally stored network node list.

10. A shadow node, comprising:

one or more processors;

a memory for storing one or more programs,

when executed by the one or more processors, cause the one or more processors to implement a method of processing a central service request as recited in any of claims 1-4.

11. A network node, comprising:

one or more processors;

a memory for storing one or more programs,

when executed by the one or more processors, cause the one or more processors to implement a method of processing a central service request as recited in any of claims 5-8.