CN110109672B - Analysis processing method and device for expression - Google Patents

Analysis processing method and device for expression Download PDF

Info

Publication number
CN110109672B
CN110109672B CN201910309202.7A CN201910309202A CN110109672B CN 110109672 B CN110109672 B CN 110109672B CN 201910309202 A CN201910309202 A CN 201910309202A CN 110109672 B CN110109672 B CN 110109672B
Authority
CN
China
Prior art keywords
expression
target
node
common
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910309202.7A
Other languages
Chinese (zh)
Other versions
CN110109672A (en
Inventor
程诗尧
覃永靖
王彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qax Technology Group Inc
Original Assignee
Qax Technology Group Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qax Technology Group Inc filed Critical Qax Technology Group Inc
Priority to CN201910309202.7A priority Critical patent/CN110109672B/en
Publication of CN110109672A publication Critical patent/CN110109672A/en
Application granted granted Critical
Publication of CN110109672B publication Critical patent/CN110109672B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/42Syntactic analysis
    • G06F8/427Parsing

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Machine Translation (AREA)
  • Stored Programmes (AREA)

Abstract

The embodiment of the invention discloses an expression analysis processing method and a device, wherein the method comprises the following steps: counting all expressions of an event processing language in a current network security rule engine to obtain the statistical quantity of each expression, and determining a common expression according to the statistical quantity of each expression; when analyzing the target expression of the event processing language, if judging that the target expression is a common expression, judging whether the target common expression corresponding to the target expression is analyzed; and if the target public expression is analyzed, obtaining an analysis result of the target expression according to the analysis result of the target public expression. According to the embodiment of the invention, by determining the common expression of the event processing language, in the analysis process of the expression, the analyzed common expression is directly adopted, so that the analysis time is greatly saved, and the consumption of the memory is reduced.

Description

Expression analysis processing method and device
Technical Field
The embodiment of the invention relates to the technical field of network security, in particular to a method and a device for analyzing and processing an expression.
Background
The EPL (Event Process Language) is widely applied to the DSL (Domain specific Language) writing of the network security rule engine.
The event processing language comprises a large number of expressions, and when the event processing language is analyzed in the prior art, the expressions are analyzed one by one, so that the time complexity is high, and excessive memory is consumed.
Disclosure of Invention
Because the existing method has the problems, the embodiment of the invention provides an expression analysis processing method and device.
In a first aspect, an embodiment of the present invention provides an analysis processing method for an expression, including:
counting all expressions of an event processing language in a current network security rule engine to obtain the statistical quantity of each expression, and determining a common expression according to the statistical quantity of each expression;
when analyzing the target expression of the event processing language, if judging that the target expression is a common expression, judging whether the target common expression corresponding to the target expression is analyzed;
and if the target common expression is analyzed, obtaining an analysis result of the target expression according to the analysis result of the target common expression.
In a second aspect, an embodiment of the present invention further provides an apparatus for parsing an expression, where the apparatus includes:
the expression counting module is used for counting all expressions of the event processing language in the current network security rule engine to obtain the counting number of each expression and determining a common expression according to the counting number of each expression;
the analysis judging module is used for judging whether a target common expression corresponding to the target expression is analyzed or not if the target expression is judged to be the common expression when analyzing the target expression of the event processing language;
and the result acquisition module is used for acquiring the analysis result of the target expression according to the analysis result of the target public expression if the target public expression is analyzed.
In a third aspect, an embodiment of the present invention further provides an electronic device, including:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, which when called by the processor are capable of performing the above-described methods.
In a fourth aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium storing a computer program, where the computer program causes the computer to execute the above method.
According to the technical scheme, the common expression of the event processing language is determined, and the analytic result of the analyzed common expression is directly adopted in the analytic process of the expression, so that the analytic time is greatly saved, and the consumption of the memory is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is also possible for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a method for parsing an expression according to an embodiment of the present invention;
fig. 2 is a schematic flow chart illustrating a quantity statistics of an expression according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a method for parsing an expression according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus for parsing an expression according to an embodiment of the present invention;
fig. 5 is a logic block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The following further describes embodiments of the present invention with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
Fig. 1 shows a flowchart of a method for parsing an expression provided in this embodiment, where the method includes:
s101, counting all expressions of the event processing language in the current network security rule engine to obtain the counting number of each expression, and determining a common expression according to the counting number of each expression.
Wherein the statistical number is the number of times each expression appears in the event processing language.
The common expression is an expression with the occurrence frequency larger than 1 in the event processing language.
Specifically, the event processing language in the current network security rule engine is composed of a plurality of expressions, and in the specific storage process, the expressions are stored in a tree structure, and each leaf node in the tree structure is one expression. When the event processing language is analyzed, each expression node in the tree structure needs to be analyzed in sequence, in the actual process, multiple groups of same expression nodes, namely multiple groups of common expressions, exist in the tree structure, each group of common expressions comprises multiple same expressions, namely the statistical number of the expressions is greater than 1.
S102, when the target expression of the event processing language is analyzed, if the target expression is judged to be a public expression, whether the target public expression corresponding to the target expression is analyzed is judged.
The target expression is an expression divided into common expressions.
The target common expression is a common expression corresponding to the target expression.
Specifically, after the statistics of the expressions in the event processing language is completed, the expressions in the event processing language need to be parsed one by one. If the target expression which is currently resolved is a common expression, the target expression is described to be possibly resolved before.
S103, if the target public expression is analyzed, obtaining an analysis result of the target expression according to the analysis result of the target public expression.
Specifically, since the target expression is a common expression, the target expression and the other expression are the same target common expression, and the target common expression has been previously parsed, and since the expressions are the same, the parsing result is also the same, so that the parsing result of the target expression can directly adopt the parsing result of the target common expression. By repeatedly using the analysis result of the common expression, the analysis speed of the event processing language is accelerated, and the performance of the network security rule engine is improved.
The embodiment can be applied to the technical field of network security, and by determining the common expression of the event processing language, in the analysis process of the expression, the analysis result of the analyzed common expression is directly adopted, so that the analysis time is greatly saved, and the consumption of the memory is reduced.
Further, on the basis of the above method embodiment, S101 specifically includes:
counting all expressions of the event processing language in a recursion mode to obtain the statistical number of each expression, storing the expressions with the statistical number larger than 1 into a public node set, and determining all the expressions in the public node set as public expressions.
Wherein the common node set is a set storing common expressions.
By setting the common node set, the common expression can be conveniently stored during expression statistics, and whether the currently analyzed expression is the common expression can be conveniently and quickly determined during expression analysis in the follow-up process.
Further, on the basis of the above method embodiment, in S101, statistics is performed on all expressions of the event processing language in a recursive manner, so as to obtain a statistical number of each expression, where the statistical number specifically includes:
s1011, counting the current expression of the event processing language, and judging whether the node mapping of the current expression in the context of the general expression exists or not.
S1012, if the current expression already exists in the node mapping, adding 1 to the statistical number of the first target node existing in the node mapping.
S1013, if the current expression does not exist in the node mapping, adding a second target node corresponding to the current expression into the node mapping, and setting the statistical number of the second target node to be 1.
And S1014, continuing to count the child expressions of the current expression.
The node mapping of the general expression context is used for storing the analysis result of each expression, and the analysis result of the common expression is only stored once.
Specifically, the above embodiment may further include:
and S104, if the target public expression is not analyzed, analyzing the target public expression, and storing an analysis result obtained by analysis into the general node code mapping.
The first target node is an expression that already exists in the node mapping.
The second target node is an expression that does not exist in the node mapping.
The generic node code mapping is used for storing the analysis results of the expressions.
In the concrete statistical process, as shown in fig. 2, an EPL (event processing language) is firstly parsed into an abstract syntax tree, the abstract syntax tree is recursively parsed through a general expression optimizer, and expressions corresponding to each node of the abstract syntax tree are counted; if the current expression node does not have node mapping, adding the current expression node into the node mapping, setting the node count (statistical number) as 1, and continuing to recursively analyze child nodes of the current expression node; if the node mapping exists in the current expression node, the node count (the statistical number) of the current expression node is increased, and the child nodes of the current expression node are not analyzed recursively; and traversing node mapping after the traversal of the abstract syntax tree is finished, and adding expression nodes with the node count larger than 1 into the public node set.
Namely: for a first target node with an expression in the node mapping, the expression is described as a common expression, and the expression does not need to be added into the node mapping, and only the statistical number of the corresponding expression in the node mapping is required to be plus 1; for the first target node where there is no expression in the node map, it is stated that the expression is not counted, and it is necessary to add it to the node map, and set the counted number of the expression in the node map to 1. Because each expression of the event processing language is stored by adopting a tree structure, recursive statistics is required in the statistical process, and the child expressions of the current expression are continuously counted; if the current expression does not have child expressions, counting brother expressions of the current expression; if no brother expression exists, the event processing language statistics is finished, at the moment, all unrepeated expressions and the statistical number of each expression are stored in the node mapping, and the common expression is obtained if the statistical number is larger than 1.
And the expressions and the statistical number thereof are stored through node mapping of the context of the general expressions, so that the common expressions can be conveniently and quickly determined.
Further, on the basis of the above method embodiment, S102 specifically includes:
s1021, when the target expression of the event processing language is analyzed, if the target expression is judged to be in the public node set, the target expression is determined to be a public expression.
S1022, determining whether the target common expression is analyzed according to whether the analysis result of the target common expression corresponding to the target expression exists in the general node code mapping.
Specifically, in the expression counting process, the common expression is stored in the common node set, so that when the expression is analyzed, whether the common expression is the common expression can be determined directly according to whether the current expression exists in the common node set, and the method is convenient and fast.
After the common expression is determined, if the target common expression corresponding to the common expression is analyzed, secondary analysis is not needed, the analysis result of the target common expression is directly obtained from the general node code mapping, and the analysis time can be greatly saved.
Referring to fig. 3, an abstract syntax tree is recursively processed through an expression generator, if a current expression node is in a common node set, it is determined whether an analysis result corresponding to the current expression node exists in a general node code mapping, if so, an analysis result stored in the common node code mapping is returned, and if not, the current expression node is analyzed, and the analysis result is stored in the common node code mapping; judging whether an analysis result corresponding to the current expression node exists in the general node code mapping or not, and then not recursively analyzing child nodes of the current expression node; and if the current expression node is not in the common node set, analyzing the current expression node to obtain an analysis result, and continuing to recursively process child nodes of the current expression node until the traversal of the abstract syntax tree is finished.
The analysis processing method for the common expression provided by the embodiment can solve the problem of poor analysis performance of the common expression of the event processing language, extracts the common part of the expression by converting all the expressions of the expression of the event processing language in advance, and repeatedly utilizes the analysis result of the common expression on the premise of ensuring the correct analysis of the event processing language, thereby accelerating the analysis speed of the event processing language, improving the performance of a network security rule engine, reducing the time complexity, and simultaneously, only one part of the analysis result of the common expression can be stored in a memory, thereby saving the memory occupation, reducing the space complexity and saving the cost.
Fig. 4 shows a schematic structural diagram of an expression parsing apparatus provided in this embodiment, where the apparatus includes: an expression statistic module 401, an analysis judging module 402 and a result obtaining module 403, wherein:
the expression counting module 401 is configured to count all expressions of the event processing language in the current network security rule engine to obtain a statistical number of each expression, and determine a common expression according to the statistical number of each expression;
the analysis judging module 402 is configured to, when analyzing the target expression of the event processing language, judge whether a target common expression corresponding to the target expression is analyzed if it is judged that the target expression is a common expression;
the result obtaining module 403 is configured to, if the target common expression is analyzed, obtain an analysis result of the target expression according to the analysis result of the target common expression.
Specifically, the expression counting module 401 counts all expressions of the event processing language in the current network security rule engine to obtain the statistical number of each expression, and determines a common expression according to the statistical number of each expression; when the analysis judging module 402 analyzes the target expression of the event processing language, if it is judged that the target expression is a common expression, whether a target common expression corresponding to the target expression is analyzed is judged; if the target common expression is analyzed, the result obtaining module 403 obtains an analysis result of the target expression according to the analysis result of the target common expression.
In the embodiment, by determining the common expression of the event processing language, in the analysis process of the expression, the analysis result of the analyzed common expression is directly adopted, so that the analysis time is greatly saved, and the consumption of the memory is reduced.
Further, on the basis of the above device embodiment, the expression counting module 401 is specifically configured to count all expressions of the event processing language in a recursive manner to obtain a statistical number of each expression, store the expressions with the statistical number greater than 1 in the common node set, and determine all expressions in the common node set as common expressions.
Further, on the basis of the foregoing apparatus embodiment, the expression statistic module 401 is specifically configured to:
counting a current expression of an event processing language, and judging whether the node mapping of the current expression in the context of a general expression exists or not;
if the current expression already exists in the node mapping, adding 1 to the statistical number of the first target nodes existing in the node mapping;
if the current expression does not exist in the node mapping, adding a second target node corresponding to the current expression into the node mapping, and setting the statistical number of the second target node to be 1;
and continuing to count the child expressions of the current expression.
Further, on the basis of the above device embodiment, the analysis and judgment module 402 is specifically configured to:
when the target expression of the event processing language is analyzed, if the target expression is judged to be in the public node set, determining that the target expression is a public expression;
and determining whether the target common expression is analyzed or not according to whether the analysis result of the target common expression corresponding to the target expression exists in the general node code mapping or not.
Further, on the basis of the above embodiment of the apparatus, the apparatus further comprises:
and the expression analysis module is used for analyzing the target public expression if the target public expression is not analyzed, and storing an analysis result obtained by analysis into the universal node code mapping.
The analysis processing apparatus for the expression in this embodiment may be used to execute the method embodiments, and the principle and the technical effect are similar, which are not described herein again.
Referring to fig. 5, the electronic device includes: a processor (processor) 501, a memory (memory) 502, and a bus 503;
wherein,
the processor 501 and the memory 502 communicate with each other through the bus 503;
the processor 501 is used to call program instructions in the memory 502 to perform the methods provided by the above-described method embodiments.
The present embodiments disclose a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the methods provided by the above-described method embodiments.
The present embodiments provide a non-transitory computer-readable storage medium storing computer instructions that cause the computer to perform the methods provided by the method embodiments described above.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment may be implemented by software plus a necessary general hardware platform, and may also be implemented by hardware. Based on the understanding, the above technical solutions substantially or otherwise contributing to the prior art may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the various embodiments or some parts of the embodiments.
It should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (8)

1. An expression parsing method is applied to the technical field of network security, and is characterized by comprising the following steps:
counting all expressions of an event processing language in a recursive mode to obtain the statistical number of each expression, storing the expressions with the statistical number larger than 1 into a public node set, and determining all the expressions in the public node set as public expressions;
when analyzing the target expression of the event processing language, if judging that the target expression is a common expression, judging whether the target common expression corresponding to the target expression is analyzed;
if the target public expression is analyzed, obtaining an analysis result of the target expression according to the analysis result of the target public expression;
wherein, the statistics of all expressions of the event processing language by adopting a recursion mode to obtain the statistical quantity of each expression specifically comprises the following steps:
counting a current expression of an event processing language, and judging whether the node mapping of the current expression in the context of a general expression exists or not;
if the current expression already exists in the node mapping, adding 1 to the statistical number of the first target nodes existing in the node mapping;
if the current expression does not exist in the node mapping, adding a second target node corresponding to the current expression into the node mapping, and setting the statistical number of the second target node to be 1;
and continuing to count the child expressions of the current expression.
2. The method according to claim 1, wherein when analyzing the target expression of the event processing language, if it is determined that the target expression is a common expression, determining whether a target common expression corresponding to the target expression has been analyzed specifically includes:
when the target expression of the event processing language is analyzed, if the target expression is judged to be in the public node set, determining that the target expression is a public expression;
and determining whether the target common expression is analyzed or not according to whether the analysis result of the target common expression corresponding to the target expression exists in the general node code mapping or not.
3. The method of claim 2, further comprising:
and if the target public expression is not analyzed, analyzing the target public expression, and storing an analysis result obtained by analysis into the general node code mapping.
4. An expression parsing device, applied to the technical field of network security, comprising:
the expression statistical module is used for counting all expressions of the event processing language in a recursion mode to obtain the statistical number of each expression, storing the expressions with the statistical number larger than 1 into a public node set, and determining all the expressions in the public node set as public expressions;
the analysis judging module is used for judging whether a target common expression corresponding to the target expression is analyzed or not if the target expression is judged to be the common expression when analyzing the target expression of the event processing language;
the result acquisition module is used for acquiring the analysis result of the target expression according to the analysis result of the target public expression if the target public expression is analyzed;
the expression statistic module is specifically configured to:
counting a current expression of an event processing language, and judging whether the node mapping of the current expression in the context of a general expression exists or not;
if the current expression already exists in the node mapping, adding 1 to the statistical number of the first target nodes existing in the node mapping;
if the current expression does not exist in the node mapping, adding a second target node corresponding to the current expression into the node mapping, and setting the statistical number of the second target node to be 1;
and continuing to count the child expressions of the current expression.
5. The apparatus according to claim 4, wherein the parsing and determining module is specifically configured to:
when the target expression of the event processing language is analyzed, if the target expression is judged to be in the common node set, determining that the target expression is a common expression;
and determining whether the target common expression is analyzed according to whether the analysis result of the target common expression corresponding to the target expression exists in the general node code mapping.
6. The apparatus of claim 5, further comprising:
and the expression analysis module is used for analyzing the target public expression if the target public expression is not analyzed, and storing an analysis result obtained by analysis into the universal node code mapping.
7. An electronic device, comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, the processor being capable of invoking the program instructions to perform the method of any of claims 1 to 3.
8. A non-transitory computer-readable storage medium storing a computer program that causes a computer to perform the method according to any one of claims 1 to 3.
CN201910309202.7A 2019-04-17 2019-04-17 Analysis processing method and device for expression Active CN110109672B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910309202.7A CN110109672B (en) 2019-04-17 2019-04-17 Analysis processing method and device for expression

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910309202.7A CN110109672B (en) 2019-04-17 2019-04-17 Analysis processing method and device for expression

Publications (2)

Publication Number Publication Date
CN110109672A CN110109672A (en) 2019-08-09
CN110109672B true CN110109672B (en) 2023-01-10

Family

ID=67485683

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910309202.7A Active CN110109672B (en) 2019-04-17 2019-04-17 Analysis processing method and device for expression

Country Status (1)

Country Link
CN (1) CN110109672B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111597302B (en) * 2020-04-28 2022-02-15 北京中科智加科技有限公司 Text event acquisition method and device, electronic equipment and storage medium
CN111986033A (en) * 2020-07-31 2020-11-24 金证财富南京科技有限公司 Equivalent expression identification method and identification device and terminal equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019728A (en) * 2012-12-20 2013-04-03 厦门亿力吉奥信息科技有限公司 Effective complex report parsing engine and parsing method thereof
CN104991963A (en) * 2015-07-23 2015-10-21 中国工商银行股份有限公司 File processing method and file processing apparatus
CN105512105A (en) * 2015-12-07 2016-04-20 百度在线网络技术(北京)有限公司 Semantic parsing method and device
CN105698865A (en) * 2016-03-15 2016-06-22 龙岩烟草工业有限责任公司 Method and system for acquiring cigarette production quality control data
CN108549535A (en) * 2018-03-16 2018-09-18 北京大学 A kind of efficient procedure parsing method and system based on file dependence
CN108959279A (en) * 2017-05-17 2018-12-07 北京京东尚科信息技术有限公司 Data processing method, data processing equipment, readable medium and electronic equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050060307A1 (en) * 2003-09-12 2005-03-17 International Business Machines Corporation System, method, and service for datatype caching, resolving, and escalating an SQL template with references
US8050907B2 (en) * 2004-07-30 2011-11-01 Microsoft Corporation Generating software components from business rules expressed in a natural language
US8676785B2 (en) * 2006-04-06 2014-03-18 Teradata Us, Inc. Translator of statistical language programs into SQL
US8024177B2 (en) * 2007-09-28 2011-09-20 Cycorp, Inc. Method of transforming natural language expression into formal language representation

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019728A (en) * 2012-12-20 2013-04-03 厦门亿力吉奥信息科技有限公司 Effective complex report parsing engine and parsing method thereof
CN104991963A (en) * 2015-07-23 2015-10-21 中国工商银行股份有限公司 File processing method and file processing apparatus
CN105512105A (en) * 2015-12-07 2016-04-20 百度在线网络技术(北京)有限公司 Semantic parsing method and device
CN105698865A (en) * 2016-03-15 2016-06-22 龙岩烟草工业有限责任公司 Method and system for acquiring cigarette production quality control data
CN108959279A (en) * 2017-05-17 2018-12-07 北京京东尚科信息技术有限公司 Data processing method, data processing equipment, readable medium and electronic equipment
CN108549535A (en) * 2018-03-16 2018-09-18 北京大学 A kind of efficient procedure parsing method and system based on file dependence

Also Published As

Publication number Publication date
CN110109672A (en) 2019-08-09

Similar Documents

Publication Publication Date Title
WO2017084586A1 (en) Method , system, and device for inferring malicious code rule based on deep learning method
US10645105B2 (en) Network attack detection method and device
CN107656968B (en) Method and system for exporting large-batch business data
CN110704518A (en) Business data processing method and device based on Flink engine
CN108647329B (en) User behavior data processing method and device and computer readable storage medium
CN110109672B (en) Analysis processing method and device for expression
CN114760369B (en) Protocol metadata extraction method, device, equipment and storage medium
KR102533070B1 (en) Method for prioritizing resources based on dependency of web resources, recording medium and device for performing the method
CN111273891A (en) Business decision method and device based on rule engine and terminal equipment
CN108664492B (en) Method and device for pushing content to user, electronic equipment and storage medium
CN111315026B (en) Channel selection method, device, gateway and computer readable storage medium
CN112948419A (en) Query statement processing method and device
CN111209266A (en) Auditing method and device based on Redis database and electronic equipment
CN113010539A (en) Data processing method and device
CN110083583B (en) Streaming event processing method and device
CN107644103A (en) It is a kind of can tracing information source information storage method and system
CN111352932B (en) Method and device for improving data processing efficiency based on bitmap tree algorithm
CN110032445B (en) Big data aggregation calculation method and device
CN112948530A (en) Text data processing method and device, electronic equipment and medium
CN112217896A (en) JSON message conversion method and related device
CN113076178B (en) Message storage method, device and equipment
CN109542662A (en) A kind of EMS memory management process, device, server and storage medium
CN114428789B (en) Data processing method and device
CN110753260B (en) Advertisement data monitoring method and device, computer equipment and storage medium
CN110083626B (en) Streaming event sequence matching method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088

Applicant after: QAX Technology Group Inc.

Address before: 100015 15, 17 floor 1701-26, 3 building, 10 Jiuxianqiao Road, Chaoyang District, Beijing.

Applicant before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant