CN109617852B

CN109617852B - Method and device for preventing network addiction based on flow analysis

Info

Publication number: CN109617852B
Application number: CN201810272720.1A
Authority: CN
Inventors: 刘杰
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2018-03-29
Filing date: 2018-03-29
Publication date: 2020-10-13
Anticipated expiration: 2038-03-29
Also published as: CN109617852A

Abstract

The invention provides a method and a device for preventing network addiction based on flow analysis, wherein the method comprises the following steps: acquiring a flow packet sent by a client; identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet; acquiring use data of a user in an anti-addiction application; and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server. The method can prohibit the traffic packet from being continuously transmitted between the anti-addiction application and the corresponding server when the use data of the user in the anti-addiction application meets the preset anti-network addiction condition, so that the communication between the server and the client can be cut off, the use data of each user and the user in the anti-addiction application is limited, for example, the time length, the frequency or the time period for the user to use the anti-addiction application is limited, and the network addiction of the user is prevented.

Description

Method and device for preventing network addiction based on flow analysis

Technical Field

The invention relates to the technical field of internet, in particular to a method and a device for preventing network addiction based on flow analysis.

Background

With the continuous development of internet technology and the popularization of terminal devices (such as smart phones, computers and the like), more and more minors can contact the terminal devices and use the terminal devices to surf the internet anytime and anywhere. The minors lack the ability to control themselves, thereby causing the minors to be indulged in internet or network games.

In the prior art, the user registers personal information (such as an identification number) and then limits the time for using the internet for the personal information, so that the time for playing the online game and surfing the internet for the user is limited.

In this way, if the user registers false personal information, it will be difficult to limit the time period for which the user uses the internet, resulting in the user being enthusiastic in the internet or in network games.

Disclosure of Invention

The present invention is directed to solving, at least to some extent, one of the technical problems in the related art.

Therefore, the invention provides a network addiction prevention method based on traffic analysis, which prohibits continuous transmission of traffic packets between an addiction prevention application and a corresponding server when usage data meet a preset network addiction prevention condition, so that communication between the server and a client can be cut off, and thus usage data of each user and the user in the addiction prevention application is limited, for example, the duration, frequency or time period for the user to use the addiction prevention application is limited, and further network addiction of the user is prevented.

To achieve the above object, an embodiment of an aspect of the present invention provides a method for preventing network addiction based on traffic analysis, including:

acquiring a flow packet sent by a client;

identifying whether a flow packet is attached to an anti-addiction application, and if the flow packet is attached to the anti-addiction application, determining a user currently logged in by the client according to the flow packet;

acquiring the use data of the user in the anti-addiction application;

and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server.

The method for preventing the network addiction based on the flow analysis, provided by the embodiment of the invention, comprises the steps of obtaining a flow packet sent by a client; identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet; acquiring use data of a user in an anti-addiction application; and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server. In this embodiment, when the usage data meets the preset network addiction prevention condition, the traffic packets are prohibited from being continuously transmitted between the addiction prevention application and the corresponding server, so that the communication between the server and the client can be cut off, and the usage data of each user and the user in the addiction prevention application is limited, for example, the duration, frequency or time period for the user to use the addiction prevention application is limited, thereby preventing the network addiction of the user.

In order to achieve the above object, another embodiment of the present invention provides a network enthrallment prevention device based on traffic analysis, including:

the first obtaining module is used for obtaining the flow packet sent by the client.

And the identification module is used for identifying whether the flow packet belongs to the anti-addiction application.

And the determining module is used for determining the current logged user of the client according to the flow packet when the flow packet belongs to the anti-addiction application.

And the second acquisition module is used for counting and acquiring the use data of the user in the anti-addiction application.

And the forbidding module is used for forbidding to continuously transmit the flow packet between the anti-addiction application and the corresponding server when the use data meets the preset anti-addiction condition.

The network addiction prevention device based on the flow analysis of the embodiment of the invention obtains the flow packet sent by the client; identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet; acquiring use data of a user in an anti-addiction application; and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server. In this embodiment, when the usage data meets the preset network addiction prevention condition, the traffic packets are prohibited from being continuously transmitted between the addiction prevention application and the corresponding server, so that the communication between the server and the client can be cut off, and the usage data of each user and the user in the addiction prevention application is limited, for example, the duration, frequency or time period for the user to use the addiction prevention application is limited, thereby preventing the network addiction of the user.

To achieve the above object, another embodiment of the present invention provides a computer device, including: a processor and a memory;

wherein the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, so as to implement the network addiction prevention method based on traffic analysis according to the above embodiment of the present invention.

In order to achieve the above object, another embodiment of the present invention provides a non-transitory computer-readable storage medium, on which a computer program is stored, wherein the program, when executed by a processor, implements a method for preventing network addiction based on traffic analysis according to the above embodiment of the present invention.

In order to achieve the above object, another embodiment of the present invention provides a computer program product, wherein when the instructions of the computer program product are executed by a processor, the method for preventing network addiction based on traffic analysis according to the above embodiment of the present invention is implemented.

Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.

Drawings

The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:

FIG. 1 illustrates an exemplary system architecture to which embodiments of the traffic analysis based anti-network addiction methods or apparatus of the present application may be applied;

fig. 2 is a schematic flow chart illustrating a network addiction prevention method based on traffic analysis according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of an open systems interconnection reference model;

FIG. 4 is a first diagram illustrating an application scenario according to an embodiment of the present invention;

FIG. 5 is a diagram illustrating a second exemplary application scenario according to an embodiment of the present invention;

fig. 6 is a schematic flow chart illustrating a network addiction prevention method based on traffic analysis according to a second embodiment of the present invention;

FIG. 7 is a third schematic view of an application scenario according to an embodiment of the present invention;

FIG. 8 is a diagram illustrating a fourth exemplary application scenario according to an embodiment of the present invention;

fig. 9 is a schematic flowchart of a network addiction prevention method based on traffic analysis according to a third embodiment of the present invention;

FIG. 10 is a fifth exemplary diagram of an application scenario according to an embodiment of the present invention;

FIG. 11 is a first schematic view of a display interface of an electronic device according to an embodiment of the present invention;

FIG. 12 is a second schematic view of a display interface of an electronic device according to an embodiment of the present invention;

FIG. 13 is a third schematic view of a display interface of an electronic device in an embodiment of the present invention;

fig. 14 is a schematic structural diagram of a network addiction prevention system based on traffic analysis according to an embodiment of the present invention;

fig. 15 is a schematic structural diagram of a network enthrallment prevention device based on traffic analysis according to an embodiment of the present invention;

fig. 16 is a schematic structural diagram of another anti-network addiction device based on traffic analysis according to an embodiment of the present invention;

FIG. 17 illustrates a block diagram of an exemplary computer device suitable for use in implementing embodiments of the present application.

Detailed Description

Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.

Aiming at the technical problem that in the prior art, if the user registers false personal information, the time for the user to use the internet is difficult to limit, so that the user is indulged in the internet or online games, in the embodiment of the invention, the traffic packets sent by the client side are distinguished and controlled in a network layer, specifically, the traffic packets sent by the client side are obtained; identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet; acquiring use data of a user in an anti-addiction application; and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server. In this embodiment, when the usage data meets the preset network addiction prevention condition, the traffic packets are prohibited from being continuously transmitted between the addiction prevention application and the corresponding server, so that the communication between the server and the client can be cut off, and the usage data of each user and the user in the addiction prevention application is limited, for example, the duration, frequency or time period for the user to use the addiction prevention application is limited, thereby preventing the network addiction of the user.

The network addiction prevention method and device based on traffic analysis according to the embodiments of the present invention are described below with reference to the accompanying drawings.

Fig. 1 illustrates an exemplary system architecture to which embodiments of the traffic analysis-based anti-network-addiction method or apparatus of the present application may be applied.

As shown in fig. 1, the system architecture may include clients 110, 120, 130, 140, a network 150, and a server 160. The network 150 is used to provide the medium for transmission links between the clients 110, 120, 130, 140 and the server 160. Network 150 may include various connection types, such as wired, wireless transmission links, or fiber optic cables, among others.

A user may use clients 110, 120, 130, 140 to interact with server 160 over network 150 to receive or send messages, etc. The clients 110, 120, 130, 140 may have game-like applications installed thereon.

Clients 110, 120, 130, 140 may be a variety of electronic devices having a display screen and supporting network communications, including, but not limited to, smart phones, tablets, e-book readers, laptop portable computers, desktop computers, and the like.

Server 160 may be a server that provides support for applications on clients 110, 120, 130, 140. The server 160 may receive the traffic packets sent by the clients 110, 120, 130, 140 and return corresponding data packets to the clients 110, 120, 130, 140.

It should be understood that the number of clients, networks, and servers in FIG. 1 is merely illustrative. There may be any number of terminals, networks, and servers, as desired for an implementation.

Fig. 2 is a schematic flow chart of a method for preventing network addiction based on traffic analysis according to an embodiment of the present invention.

The embodiment of the present invention is exemplified by the case where the network enthrallment prevention method based on traffic analysis is configured in a network enthrallment prevention device based on traffic analysis. The network addiction prevention apparatus based on traffic analysis may be provided on the network 150 side as shown in fig. 1.

As shown in fig. 2, the method for preventing network addiction based on traffic analysis includes the following steps:

step 101, obtaining a traffic packet sent by a client.

Optionally, after the user logs in the client, the network addiction prevention device based on traffic analysis in the embodiment of the present invention may obtain a traffic packet sent by the client. The client is the client which the user logs in currently.

And 102, identifying whether the flow packet belongs to the anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining the current logged user of the client according to the flow packet.

In the embodiment of the present invention, the anti-addiction application is preset by the user, for example, the anti-addiction application may be a game-like application, or a social-like application, or others, which is not limited herein.

It will be appreciated that each service on the internet has its specific characteristics, such as the IP address and port number of the server providing the service, the content and format of the data packets communicated in the game. Therefore, in the embodiment of the present invention, the traffic packet may be identified, the service of the internet used by the user is determined, that is, the application to which the traffic packet belongs is determined, and then whether the traffic packet belongs to the anti-addiction application is determined according to the application to which the traffic packet belongs.

It can be understood that, no matter whether the application is in a foreground running state or a background running state, the application needs to access a specific server, and the specific server is preset in the application in a domain name form. When an application accesses a specific server, the domain name of the specific server may be resolved to obtain website information, such as an IP address, corresponding to the specific server. Therefore, in the embodiment of the invention, the website information of the current application can be extracted from the traffic packet, the server corresponding to the current application can be determined according to the website information, and further whether the traffic packet belongs to the anti-addiction application or not can be determined.

As a possible implementation manner, the public website information of each anti-addiction application may be collected in advance, then the website information of the current application extracted from the traffic packet is compared with the public website information of each anti-addiction application, and when the public website information of one of the anti-addiction applications includes the website information, it may be determined that the traffic packet belongs to one of the anti-addiction applications.

Optionally, the public website information of each anti-addiction application may be collected in advance in a user marking manner, or the public website information of each anti-addiction application may be automatically collected by the anti-network-addiction device based on traffic analysis, and after the public website information of each anti-addiction application is collected, the collected public website information may be stored. Therefore, after the website information of the current application is extracted from the traffic packet, the extracted website information can be compared with the public website information to determine whether the traffic packet belongs to the anti-addiction application, and the method is simple to operate and easy to implement.

Similarly, each user using the internet service also has its specific features, such as account information and password information of the user login client, login electronic device information, and operating system. Therefore, in the embodiment of the present invention, login information of the user, such as account information and/or password information, may be extracted from the traffic packet, and then the user currently logged in by the client may be determined according to the login information.

In the embodiment of the invention, the network addiction prevention device based on traffic analysis can be deployed in the middle of a network (such as a router and a gateway). After the traffic packet is obtained, as shown in fig. 3, web address information, such as an IP address and port number information, corresponding to a specific server is extracted at a third layer (IP layer) in an open system interconnection reference model (OSI). At the fourth layer (transport layer), the private protocol of the traffic packet is analyzed to extract the public header of the traffic packet and specific fields, such as the field of the marking device and the field of the marking number. Further, at a seventh layer (application layer), the public protocol is analyzed at the layer, a HyperText transfer protocol (HTTP) is extracted, information such as a website address of data access and a user mark in a cookie is analyzed, and website information and login information of a user corresponding to the current application can be acquired through an OSI seven-layer reference model.

In the embodiment of the invention, whether the flow packet belongs to the anti-addiction application or not can be determined by identifying the flow packet, and when the flow packet belongs to the anti-addiction application, the current logged user of the client can be determined according to the flow packet, so that each user and the use data of the user in the anti-addiction application can be limited, thereby achieving the effect of preventing the network addiction of the user.

And 103, acquiring the use data of the user in the anti-addiction application.

In the embodiment of the invention, the use data of the user in the anti-addiction application comprises the following data: the length of stay, frequency of use, period of use of the user on the anti-addiction application.

When the usage data is the stay time of the user in the anti-addiction application, the stay time of the user in the anti-addiction application can be obtained through counting by setting a timer.

When the usage data is the usage frequency of the user on the anti-addiction application, the number of times that the anti-addiction application has been used from the beginning of the monitoring period to the current time may be counted as the usage frequency in a preset monitoring period. For example, by setting a counter, the frequency of use of the user in the anti-addiction application is statistically obtained. Specifically, when the user opens the anti-addiction application each time, the value corresponding to the counter is incremented by one, so that the number of times of use of the anti-addiction application in the preset monitoring period up to now can be counted.

When the usage data is the usage time period of the user on the anti-addiction application, the system time of the anti-addiction application running can be extracted from the traffic packet, and the usage time period of the user in the anti-addiction application is determined according to the system time.

And 104, if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server.

In the embodiment of the present invention, when the usage data is the stay time of the user on the anti-addiction application, the corresponding preset anti-network-addiction condition may be that the stay time on the anti-addiction application is equal to the preset time.

The preset time length is preset, and the preset time length can be different when the anti-addiction application is different and/or the current logged-in users of the client are different. For example, when the type of the anti-addiction application is a game, such as royal glory, the preset time period may be 2 hours if the age of the user currently logged in by the client is 12 years old, and the preset time period may be 3 hours if the age of the user currently logged in by the client is 15 years old. Or, when the type of the anti-addiction application is social, if the age of the user currently logged in by the client is 12 years old, the preset time duration may be 1 hour, and if the age of the user currently logged in by the client is 15 years old, the preset time duration may be 2 hours. Or, when the type to which the anti-addiction application belongs is a browser, if the age of the user currently logged in by the client is 12 years old, the preset time duration may be 2 hours, and if the age of the user currently logged in by the client is 15 years old, the preset time duration may be 2.5 hours.

In the embodiment of the invention, the currently acquired stay time can be compared with the preset time, and when the stay time reaches the preset time, the use data can be determined to meet the network addiction prevention condition. And when the staying time does not reach the preset time, the flow packet sent by the client can be continuously obtained, namely, the step 101 and the subsequent steps are re-triggered.

Or, when the staying time reaches the preset time, the network addiction prevention device based on traffic analysis according to the embodiment of the present invention may further transmit a traffic packet to the server corresponding to the addiction prevention application, and accordingly, the server may return a corresponding data packet.

As an example, referring to fig. 4, fig. 4 is a schematic view of a first application scenario according to an embodiment of the present invention. After a user logs in a client, the network addiction prevention device based on flow analysis can receive flow packets sent by each client, then identifies each flow packet, determines an addiction prevention application to which each flow packet belongs and the user who the client logs in currently, and prohibits continuous transmission of the flow packets between the addiction prevention application and a corresponding server when the stay duration of a certain user in the addiction prevention application reaches a preset duration. For example, when the anti-network-addiction device identifies that the anti-addiction application to which the traffic packet sent by the client 1 belongs is application 1, the user currently logged in by the client 1 is user a; identifying that the anti-addiction application to which the flow packet sent by the client 2 belongs is application 2, and the user currently logged in by the client 2 is user B; recognizing that an anti-addiction application to which a traffic packet sent by a client 3 belongs is an application 3, assuming that a preset time duration is 2 hours when a user currently logged in by the client 3 is a user C, at this time, if the anti-addiction network device statistically acquires that the stay time duration of the user a in the application 1 is 1.5 hours, the stay time duration of the user B in the application 2 is 1 hour, and the stay time duration of the user C in the application 3 is 2.5 hours, at this time, after acquiring the traffic packet sent by the client 3, the anti-addiction network device can prohibit the application 3 and the server 3 from continuing to transmit the traffic packet, that is, cut off the communication between the server 3 and the client 3, thereby preventing the user C from network addiction.

In the embodiment of the present invention, when the usage data is the usage frequency of the user in the anti-addiction application, the corresponding preset anti-network-addiction condition may be that the usage frequency in the anti-addiction application is equal to a preset frequency threshold.

The preset frequency threshold is preset, and the preset frequency threshold can be different when the anti-addiction application is different and/or the current logged-in user of the client is different. For example, when the type of the anti-addiction application is a game, such as royal glory, the preset frequency threshold may be 3 times if the age of the user currently logged in by the client is 12 years old, and the preset frequency threshold may be 4 times if the age of the user currently logged in by the client is 15 years old. Or, when the type to which the anti-addiction application belongs is social, if the age of the user currently logged in by the client is 12 years old, the preset frequency threshold may be 4 times, and if the age of the user currently logged in by the client is 15 years old, the preset frequency threshold may be 6 times. Or, when the type to which the anti-addiction application belongs is a browser, if the age of the user currently logged in by the client is 12 years old, the preset frequency threshold may be 3 times, and if the age of the user currently logged in by the client is 15 years old, the preset frequency threshold may be 5 times.

In the embodiment of the invention, the currently acquired use frequency can be compared with the preset frequency threshold, and when the use frequency is equal to the preset frequency threshold, the use data can be determined to meet the network addiction prevention condition. When the usage frequency is less than the preset frequency threshold, the traffic packet sent by the client may be continuously acquired, that is, step 101 and subsequent steps are re-triggered.

Or, when the usage frequency is equal to the preset frequency threshold, the network addiction prevention device based on traffic analysis according to the embodiment of the present invention may further transmit a traffic packet to a server corresponding to the addiction prevention application, and accordingly, the server may return a corresponding data packet.

In the embodiment of the present invention, when the usage data is the usage time period of the user on the anti-addiction application, the corresponding preset anti-network-addiction condition may be that the usage time period on the anti-addiction application is within a preset usage prohibition time period.

The preset use prohibition time period is preset, and it can be understood that the preset use prohibition time period may be different when the anti-addiction application is different and/or the user currently logged in by the client is different. For example, for children, the sleep time affects the intelligence development and the body development of the children, so the preset use prohibition period can be 21: 00-7: 00, and for teenagers, the preset use prohibition period can be 22: 00-7: 00.

In the embodiment of the invention, the currently acquired use time period can be compared with the preset use forbidding time period, and when the use time period is within the preset use forbidding time period, the use data can be determined to meet the network addiction preventing condition. And when the usage period is not in the preset usage prohibition period, the traffic packet sent by the client may be continuously acquired, that is, step 101 and subsequent steps are retriggered.

Or, when the usage period is within the preset usage prohibition period, the network addiction prevention device based on traffic analysis according to the embodiment of the present invention may further transmit a traffic packet to a server corresponding to the addiction prevention application, and accordingly, the server may return a corresponding data packet.

In the method for preventing network addiction based on traffic analysis of the embodiment, a traffic packet sent by a client is obtained; identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet; acquiring use data of a user in an anti-addiction application; and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server. In this embodiment, when the usage data meets the preset network addiction prevention condition, the traffic packets are prohibited from being continuously transmitted between the addiction prevention application and the corresponding server, so that the communication between the server and the client can be cut off, and the usage data of each user and the user in the addiction prevention application is limited, for example, the duration, frequency or time period for the user to use the addiction prevention application is limited, thereby preventing the network addiction of the user.

It should be noted that, in the actual application process, a situation may occur that the stay time of the user in any anti-addiction application does not exceed the preset time, but the total stay time of the user in all anti-addiction applications exceeds the preset time. For example, referring to fig. 5, fig. 5 is a schematic view illustrating an application scenario according to an embodiment of the present invention. When the preset time is 2 hours, it is assumed that the time for the user a to play the application 1 (the joker is glory) is 1 hour, the time for playing the application 2 (the legend world) is 1.5 hours, and the time for using the application 3 (the browser views the novel online) is 1.5 hours in one day, at this time, the stay time of the user a in any anti-addiction application does not exceed 2 hours, but the total stay time of the user a in all anti-addiction applications is far more than 2 hours. Therefore, in order to avoid the situation that the user can dispersedly use other anti-addiction applications when the staying time of the user in a single anti-addiction application is limited, and the situation that the staying time of the other anti-addiction applications is not limited as long as the staying time of the other anti-addiction applications does not exceed the preset time, in the embodiment of the invention, the counting is started from the identification of the logged first anti-addiction application, the identification information of the electronic equipment bound by the client is extracted from the traffic packet, the application identification information of the currently logged anti-addiction application of the electronic equipment is compared with the application identification information extracted last time, if the identification information is not consistent with the application identification information of the currently logged anti-addiction application, the currently logged anti-addiction application is determined to be changed, and the currently logged anti-addiction application is continuously timed to obtain the staying time. The above process is described in detail below with reference to fig. 6.

Fig. 6 is a flowchart illustrating a network addiction prevention method based on traffic analysis according to a second embodiment of the present invention.

As shown in fig. 6, obtaining the staying time of the user in the anti-addiction application based on the embodiment shown in fig. 2 may include the following steps:

in step 201, a timer is started after the first anti-addiction application logged in is identified.

Alternatively, a timer may be set to count from the first anti-addiction application identified as logged in.

Step 202, extracting the identification information of the electronic device bound by the client and the application identification information of the anti-addiction application currently logged in by the electronic device from the traffic packet.

Each user using the internet service also has specific characteristics, such as account information and password information of the user logging in the client, logged-in electronic device information, an operating system and the like. Therefore, in the embodiment of the present invention, the identification information of the electronic device bound by the client may be extracted from the traffic packet.

Similarly, each service on the internet has its specific characteristics, such as the IP address and port number of the server providing the service, the content and format of the packets communicated in the game. Therefore, in the embodiment of the present invention, the traffic packet may be identified, and the service of the internet used by the user is determined, that is, the anti-addiction application currently logged in by the electronic device is determined, so as to determine the application identification information of the anti-addiction application.

Step 203, determining whether the currently extracted application identification information is consistent with the last extracted application identification information, if so, executing step 204, otherwise, executing step 205.

In the embodiment of the invention, the currently extracted application identification information can be compared with the last extracted application identification information, if the currently extracted application identification information is consistent with the last extracted application identification information, the currently logged in anti-addiction application is not changed, and if the currently extracted application identification information is inconsistent with the last extracted application identification information, the currently logged in anti-addiction application is changed.

And step 204, determining that the currently logged in anti-addiction application is not changed.

Step 205, determining that the anti-addiction application currently logged in changes.

And step 206, timing the current login anti-sinking application continuously to obtain the retention time.

Optionally, the currently logged-in anti-sinking application can be timed continuously by a timer, so as to obtain the retention time.

As an example, after the anti-network-addiction device receives the traffic packet sent by each client, the anti-network-addiction device may determine, according to the traffic packet, an anti-addiction application used by the same user in a certain monitoring period. For example, referring to fig. 7, fig. 7 is a schematic view of an application scenario three according to an embodiment of the present invention. Assuming that the first logged-in anti-addiction application of the user a is application 1, after receiving the traffic packet 1 sent by the application 1, the anti-network-addiction device determines that the stay time of the user a on the application 1 is 0.5 hour, and at this time, the stay time does not reach the preset time, so that the traffic packet sent by the client can be continuously obtained.

At this time, if the user a logs in the second anti-addiction application (application 2), after receiving the traffic packet 2 sent by the application 2, the anti-network-addiction device extracts the application identification information of the anti-addiction application currently logged in by the electronic device from the traffic packet 2, and the application identification information extracted last time is inconsistent, at this time, it is determined that the currently logged-in anti-addiction application changes, and the currently logged-in application 2 is continuously timed. Assuming that the stay time of the user a in the application 2 is 1 hour, when the application 2 is counted, the obtained stay time is 0.5+ 1-1.5 hours, and at this time, the stay time does not reach the preset time, so that the traffic packet sent by the client can be continuously obtained.

At this time, if the user a logs in the third anti-addiction application (application 3), after receiving the traffic packet 3 sent by the application 3, the anti-network-addiction device extracts the application identification information of the anti-addiction application currently logged in by the electronic device from the traffic packet 3, and the application identification information extracted last time is inconsistent, at this time, it may be determined that the currently logged-in anti-addiction application changes, and the currently logged-in application 3 is continuously timed. When the statistical result shows that the stay time of the user A on the anti-addiction application from the login application 1 to the anti-addiction application reaches 2 hours, namely the stay time of the user on the application 3 reaches 0.5 hour, at this time, the stay time reaches the preset time, therefore, the traffic packets can be prohibited from being continuously transmitted between the anti-addiction application and the corresponding server, and the communication between the application 3 and the server 3 can be cut off.

In the method for preventing network addiction based on traffic analysis, timing is started by identifying the first logged-in anti-addiction application; extracting identification information of the electronic equipment bound by the client and application identification information of the anti-addiction application currently logged in by the electronic equipment from the flow packet; judging whether the currently extracted application identification information is consistent with the last extracted application identification information; and if the currently extracted application identification information is inconsistent with the last extracted application identification information, determining that the currently logged anti-addiction application changes, and continuously timing the currently logged anti-addiction application to obtain the retention time. Therefore, the situation that the stay time of the user in a single anti-addiction application is limited and the user can dispersedly use other anti-addiction applications can be avoided, and the stay time of other anti-addiction applications is not limited as long as the stay time of the other anti-addiction applications does not exceed the preset stay time, so that the network addiction of the user can be effectively prevented.

It should be noted that, in the actual application process, a situation may occur that the stay time of the anti-addiction application of the user in one electronic device does not exceed the preset time, but the total stay time of the user in the same anti-addiction application of the other electronic devices exceeds the preset time. For example, referring to fig. 8, fig. 8 is a schematic view illustrating an application scenario of the fourth embodiment of the present invention. When the preset time is 2 hours, it is assumed that the time for the user 1 to play the application 1 (glory by the king) on the electronic device a is 1 hour, the time for the user 1 to play the application 1 on the electronic device B is 0.5 hour, and the time for the user 1 to play the application 1 on the electronic device C is 1.5 hours, and at this time, although the stay time of the same anti-addiction application in any electronic device of the user 1 does not exceed 2 hours, the total stay time of the same anti-addiction application in all electronic devices of the user 1 is far more than 2 hours. Therefore, in order to avoid the situation that the user can dispersedly use the same anti-addiction application in other electronic devices when the staying time of the anti-addiction application in one electronic device is limited, and the situation that the staying time of the same anti-addiction application in other electronic devices is not limited as long as the staying time of the same anti-addiction application in other electronic devices does not exceed the preset time, in the embodiment of the invention, timing can be started from the first electronic device where the anti-addiction application is recognized to log in, the identification information of the electronic device bound to the client side is extracted from the traffic packet, the currently extracted identification information of the electronic device is compared with the identification information of the electronic device extracted last time, and if the two are not consistent, the electronic device where the anti-addiction application logs in at present is determined to be changed, and the electronic device logged in present continues to be timed to obtain the staying time. The above process is described in detail below with reference to fig. 9.

Fig. 9 is a flowchart illustrating a network addiction prevention method based on traffic analysis according to a third embodiment of the present invention.

As shown in fig. 9, obtaining the staying time of the user in the anti-addiction application based on the embodiment shown in fig. 2 may include the following steps:

step 301, timing is started from the first electronic device which recognizes that the anti-addiction application logs in.

Alternatively, the timer may be set to start counting time from the first electronic device in which the anti-addiction application is recognized to be logged in.

Step 302, extracting identification information of the electronic device bound by the client from the traffic packet.

The execution process of step 302 may refer to the execution process of step 202 in the above embodiments, which is not described herein again.

Step 303, determining whether the currently extracted identification information of the electronic device is consistent with the identification information of the electronic device extracted last time, if so, executing step 304, otherwise, executing step 305.

In the embodiment of the invention, the currently extracted identification information of the electronic equipment can be compared with the identification information of the electronic equipment extracted last time, if the identification information of the electronic equipment extracted last time is consistent with the identification information of the electronic equipment extracted last time, the fact that the electronic equipment currently logged in by the anti-addiction application is not changed is indicated, and if the identification information of the electronic equipment currently logged in the anti-addiction application is inconsistent with the identification information of the electronic equipment currently logged in the anti-addiction application, the fact that the electronic equipment.

And step 304, determining that the electronic equipment currently logged in by the anti-addiction application is not changed.

Step 305, determining that the electronic equipment currently logged in by the anti-addiction application changes.

And step 306, continuing to time the currently logged-in electronic equipment to obtain the retention time.

Optionally, the currently logged-in electronic device may be continuously timed by a timer, so as to obtain the retention time.

As an example, referring to fig. 10, fig. 10 is a schematic diagram of an application scenario according to an embodiment of the present invention. Assuming that the electronic device on which the user logs first is the electronic device a, after receiving the traffic packet 1 sent by the application 1 in the electronic device a, the network enthrallment prevention device determines that the stay time of the user on the application 1 in the electronic device a is 0.5 hour, and at this time, the stay time does not reach the preset time, so that the traffic packet can be continuously obtained.

At this time, if the user logs in a second electronic device (electronic device B), after receiving the traffic packet 2 sent by the application 1 in the electronic device B, the anti-network-addiction device extracts the identification information of the electronic device bound by the client from the traffic packet 2, and the identification information is inconsistent with the identification information of the electronic device extracted last time, and at this time, it may be determined that the currently logged-in electronic device of the anti-addiction application changes, and the currently logged-in electronic device B continues to be timed. Assuming that the staying time of the user in the application 1 of the electronic device B is 1 hour, when the electronic device B is counted, the obtained staying time is 0.5+ 1-1.5 hours, and at this time, the staying time does not reach the preset time, so that the traffic packet sent by the client can be continuously obtained.

At this time, if the user logs in a third electronic device (electronic device C), after receiving the traffic packet 3 sent by the application 1 in the electronic device C, the network enthrallment prevention device extracts the identification information of the electronic device bound by the client from the traffic packet 3, and the identification information is inconsistent with the identification information of the electronic device extracted last time, and at this time, it may be determined that the electronic device currently logged in by the application changes, and the electronic device C currently logged in continues to be timed. When the statistical information shows that the third staying time of the user on the application 1 from the time when the user logs in the electronic device a to the time when the third staying time reaches 2 hours, that is, the staying time of the user in the application 1 in the electronic device C reaches 0.5 hour, at this time, the staying time reaches the preset time, so that the traffic packets are prohibited from being continuously transmitted between the application 1 and the corresponding server, and the communication between the server and the application 1 in the electronic device C can be cut off.

In the method for preventing network addiction based on traffic analysis, timing is started by identifying the first electronic device logged in by an addiction-prevention application; extracting identification information of the electronic equipment bound by the client from the flow packet; judging whether the currently extracted identification information of the electronic equipment is consistent with the identification information of the electronic equipment extracted last time; and if the identification information of the currently extracted electronic equipment is inconsistent with the identification information of the electronic equipment extracted last time, determining that the electronic equipment logged in by the anti-addiction application currently changes, and continuing timing the electronic equipment logged in currently to obtain the retention time. Therefore, the situation that the stay time of the anti-addiction application in one electronic device is limited by the user can be effectively avoided, the user can also dispersedly use the same anti-addiction application in other electronic devices, and the stay time of the same anti-addiction application in other electronic devices is not limited as long as the stay time does not exceed the preset time, so that the situation that the user is used for network addiction can be further prevented.

As a possible implementation manner, on the basis of the embodiment shown in fig. 1, before step 101, a first setting operation may also be received, and the setting information for preventing the network addiction is extracted from the first setting operation; wherein the setting information at least includes a permitted usage duration of each anti-addiction application.

Wherein the first setting operation is triggered by a user, and the first setting operation is used for setting the permitted use duration of each anti-addiction application. The first setting operation may be a contact operation, such as clicking a display screen, and setting an allowable usage duration of the anti-addiction application on the display screen; the first setting operation may also be a non-contact operation such as a voice instruction by which the permitted use period of each anti-addiction application is set.

Specifically, the user may preset the permitted usage duration of each anti-addiction application, and when the traffic analysis-based anti-network-addiction device of the embodiment of the present invention detects or receives a first setting operation triggered by the user, the network-addiction-prevention setting information may be extracted from the first setting operation, where the setting information at least includes the permitted usage duration of each anti-addiction application.

Further, the first setting operation is also used to set the frequency of use and/or the period of use of each anti-addiction application, i.e., the frequency of use and/or the period of use of each anti-addiction application may also be included in the setting information. For example, in order not to affect the rest time of the user, the use time period of the anti-addiction application may be set to be 8:00: 00-11: 30:00 and/or 13:30: 00-17: 30:00 and/or 19:00: 00-21: 00: 00. Alternatively, in order to prevent the user network from being addicted, the frequency of use of each anti-addicted application may be set, for example, not more than 10 times.

As an example, referring to fig. 11, fig. 11 is a schematic view of a display interface of an electronic device in an embodiment of the present invention. The user may set the usage duration of each anti-addiction application at the display interface. For example, an application list may be displayed on the display interface, and the user may enter the setting interface of the application by clicking on the identifier 11 (name, icon, etc.) of the application in the application list. Assuming that the anti-addiction application clicked by the user is application 2, at this time, a setting interface corresponding to application 2 may be entered, for example, referring to fig. 12, fig. 12 is a schematic view of a display interface of the electronic device in the embodiment of the present invention. The user can manually or voice-input the usage duration, the usage frequency, and the usage period on the display interface of fig. 12.

It should be noted that, because the display interface of the electronic device is limited, a slider may be disposed on the rightmost side of the display interface, and when the display interface cannot display all applications, a user may select an anti-addiction application that needs to be set by triggering the slider.

As another example, referring to fig. 13, fig. 13 is a schematic view third of a display interface of an electronic device in an embodiment of the present invention. The display interface can be provided with an identifier 21 of each application, the right side of the identifier 21 of each application can be provided with a pull-down menu 22 containing the use duration, the use frequency and the use period, and a user can perform corresponding setting by selecting a selection in the pull-down menu. Assuming that the anti-addiction application clicked by the user is application 2, the duration of use in the pull-down menu 22 is selected, and the duration of use of application 2 may be entered manually or by voice in the rightmost text box.

Fig. 14 is a schematic structural diagram of a network addiction prevention system based on traffic analysis according to an embodiment of the present invention.

As shown in fig. 14, the network addiction prevention system based on traffic analysis includes: a flow access layer, a flow analysis subsystem, a data storage layer, a flow marking subsystem, a network addiction prevention setting subsystem, an addiction prevention control subsystem, an addiction prevention disposal subsystem and a central control subsystem (not shown in the figure). Wherein the content of the first and second substances,

and the flow access layer is used for acquiring the flow packet sent by the client.

And the flow analysis subsystem is used for analyzing the flow packet to obtain an analysis result.

Specifically, web address information, such as an IP address and port number information, corresponding to a specific server can be extracted at the third layer (IP layer) in the OSI. At the fourth layer (transport layer), the private protocol of the traffic packet is analyzed to extract the public header of the traffic packet and specific fields, such as the field of the marking device and the field of the marking number. Further, at a seventh layer (application layer), the public protocol is analyzed at the layer, a HyperText transfer protocol (HTTP) is extracted, information such as a website address of data access and a user mark in a cookie is analyzed, and website information and login information of a user corresponding to the current application can be acquired through an OSI seven-layer reference model.

And the flow marking subsystem is used for marking the analysis result of the flow analysis subsystem, determining whether the flow packet belongs to the anti-addiction application, and determining the user currently logged in by the client according to the flow packet when the flow packet belongs to the anti-addiction application.

Specifically, the basic data may include pre-collected public website information, such as an IP address, of each application, and the application to which the traffic packet belongs may be determined by comparing the website information (IP address) of the application in the analysis result with the public website information (IP address) of the application in the basic data.

The user marking data may include public website information of each anti-addiction application marked by the user, and the website information (IP address) of the application in the analysis result is compared with the public website information (IP address) of the anti-addiction application in the user marking data, so as to determine whether the traffic packet belongs to the anti-addiction application.

Similarly, the current user login of the client can be determined based on the basic data and the user mark data.

And the anti-addiction setting subsystem provides a setting interface so that the user can set the use duration, the use frequency and the use time period of each anti-addiction application. Specifically, based on the settings of the device: setting the use duration, the use frequency and the use time period of the anti-addiction application in the same electronic equipment; application-based settings: and setting the use duration, the use frequency and the use time period of the same anti-addiction application in different electronic equipment.

And the data storage layer is used for storing the analysis result of the flow analysis subsystem, the marking result of the user in the flow marking subsystem and the data set by the user in the anti-addiction setting subsystem.

The anti-addiction control subsystem is used for counting the flow packets, determining the time length of each anti-addiction application used by a user, the time length of the same anti-addiction application used by the user in different electronic equipment, the time length of different anti-addiction applications used by the user in the same electronic equipment, the frequency of the anti-addiction applications used by the user, the time period of the anti-addiction applications used by the user and the like, meanwhile, judging whether the use time length, the use frequency and the use time period exceed the anti-addiction data set by the user or not by combining the anti-addiction data set by the user, if so, discarding the flow packets, namely prohibiting the flow packets from being continuously transmitted between the anti-addiction applications and the corresponding servers, and if not, performing any processing.

And the anti-addiction treatment subsystem is used for discarding the flow packet when the use duration, the use frequency and the use time period of the anti-addiction application exceed the anti-addiction data set by the user.

The central control subsystem is used for collecting data of each distributed system, for example, collecting data of a router at home, a router at a company and a router at school, or collecting data of electronic equipment such as a smart phone and a computer, so that the use data of a user at each place can be comprehensively judged, the situation that the user is limited at a single place is avoided, and the anti-addiction application can be used at other places.

In order to implement the above embodiments, the present invention further provides a device for preventing network addiction based on traffic analysis.

Fig. 15 is a schematic structural diagram of a network addiction prevention device based on traffic analysis according to an embodiment of the present invention.

As shown in fig. 15, the network enthusiasm prevention apparatus 100 based on traffic analysis includes: a first acquisition module 101, a recognition module 102, a determination module 103, a second acquisition module 104, and a prohibition module 105. Wherein the content of the first and second substances,

a first obtaining module 101, configured to obtain a traffic packet sent by a client.

And the identification module 102 is used for identifying whether the flow packet belongs to an anti-addiction application.

As a possible implementation manner, the identifying module 102 is specifically configured to extract website information of a current application from the traffic packet, and determine whether the traffic packet belongs to an anti-addiction application according to the website information.

As another possible implementation manner, the identifying module 102 is specifically configured to compare the website information with preset collected public website information of each anti-addiction application; and when the public website information of one anti-addiction application comprises the website information, determining that the traffic packet belongs to one anti-addiction application.

And the determining module 103 is configured to determine, according to the traffic packet, a user to which the client currently logs in when the traffic packet belongs to the anti-addiction application.

As a possible implementation manner, the determining module 103 is specifically configured to extract login information from the traffic packet, and determine a user currently logged in by the client according to the login information.

And the second obtaining module 104 is used for statistically obtaining the use data of the user in the anti-addiction application.

And the forbidding module 105 is used for forbidding to continuously transmit the flow packets between the anti-addiction application and the corresponding server when the usage data meets the preset anti-addiction condition.

Further, in a possible implementation manner of the embodiment of the present invention, referring to fig. 16, on the basis of the embodiment shown in fig. 15, the network addiction prevention device 100 based on traffic analysis may further include:

as a possible implementation manner, the usage data includes a staying time length of the user in the anti-addiction application, and the second obtaining module 104 is specifically configured to obtain the staying time of the user in the anti-addiction application as the usage data.

The processing module 106 is configured to compare the currently acquired stay time with a preset time, and if the stay time is equal to the preset time, determine that the usage data meets a network addiction prevention condition; wherein the network addiction prevention condition is that the stay time of the addiction prevention application is equal to a preset time; and if the stay time is less than the preset time, continuously acquiring the flow packet sent by the client.

As a possible implementation manner, in the network addiction prevention monitoring process in which the retention time is less than the preset time, if two or more than two addiction prevention applications to which the identified traffic packet belongs are identified, the second obtaining module 104 is specifically configured to start timing from the identification of the first logged-in addiction prevention application; extracting identification information of the electronic equipment bound by the client and application identification information of the anti-addiction application currently logged in by the electronic equipment from the flow packet; judging whether the currently extracted application identification information is consistent with the last extracted application identification information; and if the currently extracted application identification information is inconsistent with the last extracted application identification information, determining that the currently logged anti-addiction application changes, and continuously timing the currently logged anti-addiction application to obtain the retention time.

As another possible implementation manner, in the network addiction prevention monitoring process in which the retention time is less than the preset time, if the addiction prevention application to which the identified traffic packet belongs is not changed in the preset monitoring period but the electronic devices logged by the addiction prevention application are different, the second obtaining module 104 is specifically configured to start timing from the first electronic device logged by the identified addiction prevention application; extracting identification information of the electronic equipment bound by the client from the flow packet; judging whether the currently extracted identification information of the electronic equipment is consistent with the identification information of the electronic equipment extracted last time; and if the identification information of the currently extracted electronic equipment is inconsistent with the identification information of the electronic equipment extracted last time, determining that the electronic equipment logged in by the anti-addiction application currently changes, and continuing timing the electronic equipment logged in currently to obtain the retention time.

As another possible implementation manner, the usage data includes usage frequency or usage period of the user in the anti-addiction application, and the second obtaining module 104 is specifically configured to obtain the usage frequency or usage period of the user in the anti-addiction application as the usage data.

The processing module 106 is further configured to compare the currently obtained use frequency with a preset frequency threshold; if the use frequency is equal to a preset frequency threshold, determining that the use data meets an anti-addiction condition; comparing the usage period with a preset usage prohibition period, and if the usage period is within the preset usage prohibition period, determining that the usage data meets an anti-addiction condition; and if the using frequency is less than a preset frequency threshold value or the using time period is not in the use forbidding time period, continuously acquiring the traffic packet sent by the client.

Optionally, the second obtaining module 104 is specifically configured to count, in a preset monitoring period, a number of times that the anti-addiction application has been used from the beginning of timing of the monitoring period to the current time as a use number; or extracting the system time of the anti-addiction application running from the flow packet, and determining the use time period of the user in the anti-addiction application according to the system time.

A receiving module 107, configured to receive a first setting operation, and extract setting information for preventing network enthrallment from the first setting operation; wherein the setting information at least includes a permitted usage duration of each anti-addiction application.

As a possible implementation, the frequency of use and/or the period of use of each anti-addiction application is also included in the setting information.

It should be noted that the foregoing explanation of the embodiment of the network addiction prevention method based on traffic analysis is also applicable to the network addiction prevention device 100 based on traffic analysis of this embodiment, and is not repeated here.

The network addiction prevention device based on traffic analysis of the embodiment obtains a traffic packet sent by a client; identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet; acquiring use data of a user in an anti-addiction application; and if the use data meet the preset network addiction prevention condition, prohibiting the traffic packet from being continuously transmitted between the addiction prevention application and the corresponding server. In this embodiment, when the usage data meets the preset network addiction prevention condition, the traffic packets are prohibited from being continuously transmitted between the addiction prevention application and the corresponding server, so that the communication between the server and the client can be cut off, and the usage data of each user and the user in the addiction prevention application is limited, for example, the duration, frequency or time period for the user to use the addiction prevention application is limited, thereby preventing the network addiction of the user.

In order to implement the foregoing embodiment, the present invention further provides a computer device, including: a processor and a memory; wherein the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, so as to implement the network addiction prevention method based on traffic analysis as proposed in the foregoing embodiment of the present invention.

In order to achieve the above embodiments, the present invention further proposes a non-transitory computer-readable storage medium having a computer program stored thereon, wherein the program, when executed by a processor, implements a network enthrallment prevention method based on traffic analysis as proposed by the foregoing embodiments of the present invention.

In order to implement the foregoing embodiments, the present invention further provides a computer program product, wherein when the instructions in the computer program product are executed by a processor, the method for preventing network addiction based on traffic analysis as proposed in the foregoing embodiments of the present invention is implemented.

FIG. 17 illustrates a block diagram of an exemplary computer device suitable for use in implementing embodiments of the present application. The computer device 12 shown in fig. 17 is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present application.

As shown in FIG. 17, computer device 12 is embodied in the form of a general purpose computing device. The components of computer device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.

Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. These architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus, to name a few.

Computer device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by computer device 12 and includes both volatile and nonvolatile media, removable and non-removable media.

Memory 28 may include computer system readable media in the form of volatile Memory, such as Random Access Memory (RAM) 30 and/or cache Memory 32. Computer device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 17, commonly referred to as a "hard drive"). Although not shown in FIG. 17, a disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a Compact disk Read Only memory (CD-ROM), a Digital versatile disk Read Only memory (DVD-ROM), or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the application.

A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more applications, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally perform the functions and/or methodologies of the embodiments described herein.

Computer device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with computer device 12, and/or with any devices (e.g., network card, modem, etc.) that enable computer device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Moreover, computer device 12 may also communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public Network such as the Internet) via Network adapter 20. As shown, network adapter 20 communicates with the other modules of computer device 12 via bus 18. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with computer device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.

The processing unit 16 executes various functional applications and data processing by running a program stored in the system memory 28, for example, implementing the network addiction prevention method based on traffic analysis mentioned in the foregoing embodiments.

In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.

Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.

Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing steps of a custom logic function or process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.

The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.

It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. If implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.

It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.

In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.

The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc. Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.

Claims

1. A method for preventing network addiction based on flow analysis is characterized by comprising the following steps:

acquiring a flow packet sent by a client;

analyzing the private protocol of the flow packet, and determining the identification information of the electronic equipment bound by the client by extracting the field of the marking equipment in the flow packet;

identifying whether the flow packet belongs to an anti-addiction application, and if the flow packet belongs to the anti-addiction application, determining a user currently logged in by the client according to the flow packet;

if the fact that a first flow packet sent by a first client belongs to the anti-addiction application is recognized, and identification information of first electronic equipment bound by the first client is determined, timing is started from the first electronic equipment;

if the user currently logged in by the first client is determined and the stay time of the user on the anti-addiction application in the first electronic device is shorter than a preset time, continuing to acquire a traffic packet, wherein the first electronic device receives a first setting operation and extracts the preset time from the first setting operation;

when a second flow packet sent by a second client is received, if the second flow packet is identified to belong to the anti-addiction application and the identification information of the user and the second electronic equipment bound by the second client currently logged in by the second client is determined, continuing timing when the identification information of the second electronic equipment is inconsistent with the identification information of the first electronic equipment;

and when the counted stay time meets a preset network addiction prevention condition, discarding the flow packet between the addiction prevention application in the second electronic equipment and the server.

2. The method of claim 1, wherein identifying whether the traffic packet is affiliated with an anti-addiction application comprises:

and identifying the flow packet, and determining the application identification information of the anti-addiction application logged currently by determining the service of the Internet used by the user.

3. The method of claim 2, wherein if two or more anti-addiction applications to which the identified traffic packets belong are determined, the determining the length of stay of the user on the anti-addiction application in the first electronic device comprises:

starting timing from the identification of the first logged-in anti-addiction application;

judging whether the currently extracted application identification information is consistent with the last extracted application identification information;

and if the currently extracted application identification information is inconsistent with the last extracted application identification information, determining that the currently logged anti-addiction application changes, and continuously timing the currently logged anti-addiction application to obtain the retention time.

4. The method of claim 1, further comprising:

acquiring the use frequency of the user in the anti-addiction application;

and comparing the currently acquired use frequency with a preset frequency threshold, and if the use frequency is equal to the preset frequency threshold and the counted stay time meets a preset network addiction prevention condition, discarding the traffic packet between the addiction prevention application and the server in the second electronic device.

5. The method of claim 1, further comprising:

acquiring the use time period of the user in the anti-addiction application;

and comparing the use time period with a preset use forbidding time period, and if the use time period is within the preset use forbidding time period and the counted stay time meets a preset network addiction prevention condition, discarding the traffic packet between the addiction prevention application and the server in the second electronic equipment.

6. The method of claim 5, wherein the obtaining a period of use of the user in the anti-addiction application comprises:

and extracting the system time of the anti-addiction application running from the flow packet, and determining the use time period of the user in the anti-addiction application according to the system time.

7. The method of any one of claims 1-5, wherein the first electronic device displays a list of applications and setting options for each application on a display interface to receive the first setting operation.

8. The method of claim 7, wherein the setting options further comprise a frequency of use and/or a period of use for each anti-addiction application.

9. The method of claim 1, wherein identifying whether the traffic packet is affiliated with an anti-addiction application comprises:

extracting website information of current application from a flow packet, and determining whether the flow packet belongs to the anti-addiction application or not according to the website information;

the determining the current user logged in by the client according to the traffic packet includes:

and extracting login information from the flow packet, and determining the current user logged in by the client according to the login information.

10. The method of claim 9, wherein determining whether a traffic packet belongs to the anti-addiction application based on the website information comprises:

comparing the website information with preset and collected public website information of each anti-addiction application;

and when the public website information of one anti-addiction application is the website information, determining that the traffic packet belongs to the one anti-addiction application.

11. A network enthrallment prevention device based on traffic analysis is characterized by comprising:

the first acquisition module is used for acquiring a flow packet sent by a client;

the identification module is used for analyzing the private protocol of the flow packet and determining the identification information of the electronic equipment bound by the client by extracting the field of the marking equipment in the flow packet; identifying whether the flow packet belongs to an anti-addiction application;

the determining module is used for determining the current logged user of the client according to the flow packet when the flow packet belongs to the anti-addiction application;

the second acquisition module is used for starting timing from the first electronic equipment if the fact that the first flow packet sent by the first client belongs to the anti-addiction application is recognized and the identification information of the first electronic equipment bound by the first client is determined; if the user currently logged in by the first client is determined and the stay time of the user on the anti-addiction application in the first electronic device is shorter than a preset time, continuing to acquire a traffic packet, wherein the first electronic device receives a first setting operation and extracts the preset time from the first setting operation; when a second flow packet sent by a second client is received, if the second flow packet is identified to belong to the anti-addiction application and the identification information of the user and the second electronic equipment bound by the second client currently logged in by the second client is determined, continuing timing when the identification information of the second electronic equipment is inconsistent with the identification information of the first electronic equipment;

and the forbidding module is used for discarding the flow packet between the anti-addiction application in the second electronic equipment and the server when the counted stay time meets a preset anti-addiction condition.

12. A computer device comprising a processor and a memory;

wherein the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, for implementing the network addiction prevention method based on traffic analysis according to any one of claims 1 to 10.

13. A non-transitory computer-readable storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the method for preventing network addiction based on traffic analysis according to any one of claims 1 to 10.