CN111585956A - Website anti-brushing verification method and device - Google Patents

Website anti-brushing verification method and device Download PDF

Info

Publication number
CN111585956A
CN111585956A CN202010244076.4A CN202010244076A CN111585956A CN 111585956 A CN111585956 A CN 111585956A CN 202010244076 A CN202010244076 A CN 202010244076A CN 111585956 A CN111585956 A CN 111585956A
Authority
CN
China
Prior art keywords
verification
website
request
information
brushing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010244076.4A
Other languages
Chinese (zh)
Other versions
CN111585956B (en
Inventor
覃建策
田本真
陈邦忠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Perfect World Beijing Software Technology Development Co Ltd
Original Assignee
Perfect World Beijing Software Technology Development Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Perfect World Beijing Software Technology Development Co Ltd filed Critical Perfect World Beijing Software Technology Development Co Ltd
Priority to CN202010244076.4A priority Critical patent/CN111585956B/en
Publication of CN111585956A publication Critical patent/CN111585956A/en
Application granted granted Critical
Publication of CN111585956B publication Critical patent/CN111585956B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention aims to provide a method and a device for website anti-brush verification, computer equipment, a computer readable storage medium and a computer program product. The computer equipment acquires request information in the website access request; generating corresponding characteristic information from the request information according to a preset verification rule; and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website. Compared with the prior art, the method can well prevent the website from being brushed, and the anti-brushing rules can be flexibly combined and dynamically configured. The invention enables the website to be simply and conveniently accessed into the anti-brushing system, reduces the burden and the development cost of technical personnel, can dynamically configure and manage the anti-brushing rules, and accelerates the reaction speed of coping with attacks.

Description

Website anti-brushing verification method and device
Technical Field
The invention relates to the field of internet, in particular to a website anti-brush verification technology.
Background
The website anti-brushing means preventing malicious, rapid and large amount of access requests to the website, including crawler, data acquisition, brushing ranking, batch registration, batch posting, website data acquisition by using vulnerabilities and the like.
At present, the anti-brushing is mainly performed by adding an anti-brushing logic in a website program, that is, an access frequency limiting logic is added in a program of a website URL to be brushed, and a blocking process or a verification code is popped up for a request exceeding an upper limit of a frequency.
Because the anti-brushing logic is different, the anti-brushing logic is added to each brushed URL address, a large amount of repeated codes are generated, and the working efficiency is low. Moreover, after the URL is found to be attacked, the website program needs to be modified to add the anti-brushing logic, so that the reaction and processing speed for coping with the attack are slow.
Because of numerous projects and numerous URLs in the projects, the patch-type anti-brushing scheme cannot be uniformly monitored and dynamically modified, and cannot be used for dynamically combining and preventing brushing of a plurality of URLs.
Therefore, the technical scheme increases the burden and the development cost of technical personnel, can not dynamically configure and manage the anti-brushing rules, and slows down the reaction speed of coping with the attacks.
Disclosure of Invention
The invention aims to provide a method and a device for website anti-brush verification, computer equipment, a computer readable storage medium and a computer program product.
According to one aspect of the invention, a method for performing website anti-brush verification by a computer device is provided, wherein the method comprises the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
According to an aspect of the present invention, there is also provided a website anti-swipe verification method, where, at a network device, the method includes the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
According to an aspect of the present invention, there is also provided an apparatus for performing website anti-swipe verification by a computer device, wherein the apparatus includes:
the acquisition device is used for acquiring request information in the website access request;
generating means for generating corresponding characteristic information from the request information according to a predetermined verification rule;
and the verification device is used for passing the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden.
According to an aspect of the present invention, there is also provided a computer device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements a website anti-swipe verification method according to an aspect of the present invention when executing the computer program.
According to an aspect of the present invention, there is also provided a computer-readable storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements a website anti-swipe verification method according to an aspect of the present invention.
According to an aspect of the present invention, there is also provided a computer program product, which when executed by a computing device implements a website anti-swipe verification method according to an aspect of the present invention.
Compared with the prior art, the method can well prevent the website from being brushed, and the anti-brushing rules can be flexibly combined and dynamically configured. The invention enables the website to be simply and conveniently accessed into the anti-brushing system, reduces the burden and the development cost of technical personnel, can dynamically configure and manage the anti-brushing rules, and accelerates the reaction speed of coping with attacks.
In addition, when the anti-brushing client is introduced, the anti-brushing client can be deployed in a distributed mode and expanded in a parallel mode, and the access requirement of a distributed website is met.
The anti-brush system is decoupled from the service, and can be maintained, modified and upgraded independently.
The user can unseal through man-machine authentication if the user is accidentally sealed, but the attack of swiping a website is automatically performed by using a malicious program, and the automatic unsealing is difficult.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments made with reference to the following drawings:
FIG. 1 illustrates a flow diagram of a method for anti-refresh verification of a web site implemented at a network device, according to an embodiment of the present invention;
FIG. 2 illustrates an exemplary validation rule-related data table in the present invention;
FIG. 3 illustrates a schematic diagram of a system for anti-swipe validation of a web site, according to one embodiment of the invention;
fig. 4 is a schematic diagram illustrating an apparatus for performing anti-refresh verification on a website implemented in a network device according to an embodiment of the present invention.
The same or similar reference numbers in the drawings identify the same or similar elements.
Detailed Description
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments of the present invention are described as an apparatus represented by a block diagram and a process or method represented by a flow diagram. Although a flowchart depicts a sequence of process steps in the present invention, many of the operations can be performed in parallel, concurrently, or simultaneously. In addition, the order of the operations may be re-arranged. The process of the present invention may be terminated when its operations are performed, but may include additional steps not shown in the flowchart. The processes of the present invention may correspond to methods, functions, procedures, subroutines, and the like.
The methods illustrated by the flow diagrams and apparatus illustrated by the block diagrams discussed below may be implemented by hardware, software, firmware, middleware, microcode, hardware description languages, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine or computer readable medium such as storage medium. The processor(s) may perform the necessary tasks.
Similarly, it will be further appreciated that any flow charts, flow diagrams, state transition diagrams, and the like represent various processes which may be substantially described as program code stored in computer readable media and so executed by a computing device or processor, whether or not such computing device or processor is explicitly shown.
As used herein, the term "storage medium" may refer to one or more devices for storing data, including Read Only Memory (ROM), Random Access Memory (RAM), magnetic RAM, kernel memory, magnetic disk storage media, optical storage media, flash memory devices, and/or other machine-readable media for storing information. The term "computer-readable medium" can include, but is not limited to portable or fixed storage devices, optical storage devices, and various other mediums capable of storing and/or containing instructions and/or data.
A code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program descriptions. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, information passing, token passing, network transmission, etc.
The term "computer device" in this context refers to an electronic device that can perform predetermined processes such as numerical calculation and/or logic calculation by executing predetermined programs or instructions, and may at least include a processor and a memory, wherein the predetermined processes are performed by the processor executing program instructions prestored in the memory, or performed by hardware such as ASIC, FPGA, DSP, or implemented by a combination of the two.
The "computer device" is typically embodied in the form of a general-purpose computer device, and its components may include, but are not limited to: one or more processors or processing units, system memory. The system memory may include computer readable media in the form of volatile memory, such as Random Access Memory (RAM) and/or cache memory. The "computer device" may further include other removable/non-removable, volatile/nonvolatile computer-readable storage media. The memory may include at least one computer program product having a set (e.g., at least one) of program modules that are configured to perform the functions and/or methods of embodiments of the present invention. The processor executes various functional applications and data processing by executing programs stored in the memory.
For example, a computer program for executing the functions and processes of the present invention is stored in the memory, and when the processor executes the corresponding computer program, the website anti-swipe verification of the present invention is implemented.
Typically, the computer devices include, for example, user equipment and network devices. Wherein the user equipment includes but is not limited to a Personal Computer (PC), a notebook computer, a mobile terminal, etc., and the mobile terminal includes but is not limited to a smart phone, a tablet computer, etc.; the network device includes, but is not limited to, a single network server, a server group consisting of a plurality of network servers, or a Cloud Computing (Cloud Computing) based Cloud consisting of a large number of computers or network servers, wherein Cloud Computing is one of distributed Computing, a super virtual computer consisting of a collection of loosely coupled computers. Wherein the computer device can be operated alone to implement the invention, or can be accessed to a network and implement the invention through interoperation with other computer devices in the network. The network in which the computer device is located includes, but is not limited to, the internet, a wide area network, a metropolitan area network, a local area network, a VPN network, and the like.
It should be noted that the user devices, network devices, networks, etc. are merely examples, and other existing or future computing devices or networks may be suitable for the present invention, and are included in the scope of the present invention and are incorporated by reference herein.
Specific structural and functional details disclosed herein are merely representative and are provided for purposes of describing example embodiments of the present invention. The present invention may, however, be embodied in many alternate forms and should not be construed as limited to only the embodiments set forth herein.
It will be understood that, although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element may be termed a second element, and, similarly, a second element may be termed a first element, without departing from the scope of example embodiments. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be noted that, in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may, in fact, be executed substantially concurrently, or the figures may sometimes be executed in the reverse order, depending upon the functionality/acts involved.
The invention provides a scheme for performing website anti-brush verification by computer equipment. The computer equipment acquires request information in the website access request, generates corresponding characteristic information according to a preset verification rule by the request information, and passes the anti-swiping verification of the requested website if the characteristic information is not marked as forbidden.
The computer equipment acquires the request information from the website access request of the user by intercepting the website access request.
Further, when the characteristic information is marked as forbidden, the computer equipment returns a human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the computer equipment passes the anti-brushing verification of the requested website.
Upon passing the anti-swipe verification of the requested web address, the computer device may redirect the web address access request to the requested web address.
Before the anti-brushing verification, the computer equipment can perform blacklist verification on the requested website first so as to perform anti-brushing verification on the website which passes the blacklist verification only.
According to one embodiment of the invention, the computer device may be a network device, such as typically an anti-brush server. The anti-brushing server obtains request information in the website access request, generates corresponding characteristic information according to a preset verification rule by the request information, and passes the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden.
The anti-brushing server acquires the request information from the website access request of the user by intercepting the website access request.
Further, when the characteristic information is marked as forbidden, the anti-brush server returns a human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the anti-brushing server passes the anti-brushing verification of the requested website.
When the requested website is verified to be anti-brushing, the anti-brushing server can redirect the website access request to the requested website.
Before the anti-brushing verification, the anti-brushing server may perform blacklist verification on the requested website first, so as to perform anti-brushing verification only on websites that pass the blacklist verification.
Because the computing power and the processing power of the anti-brush server are high, and the computing power and the processing power of the anti-brush server can be further expanded through a distributed computer network or a cluster computer group, when the anti-brush server is used for carrying out anti-brush verification, the response speed and the efficiency are high.
According to another embodiment of the invention, the computer device may be a user device, such as typically an anti-brush client. The user equipment acquires request information in the website access request, generates corresponding characteristic information according to a preset verification rule by the request information, and passes the anti-swiping verification of the requested website if the characteristic information is not marked as forbidden.
The user equipment acquires the request information from the website access request of the user by intercepting the website access request.
Further, when the characteristic information is marked as forbidden, the user equipment returns a human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the user equipment passes the anti-brushing verification of the requested website.
When the requested website is verified to be anti-swipe-verified, the user equipment may redirect the website access request to the requested website.
Before the anti-brushing verification, the user equipment may perform blacklist verification on the requested website first, so as to perform anti-brushing verification only on websites that pass the blacklist verification.
Since the website access request of the user is sent by the user equipment, when the user equipment performs anti-brush verification, a large number of malicious requests for the website can be effectively blocked from the source of the request.
According to yet another embodiment of the invention, the user device and the network device may cooperate to implement the anti-swipe authentication of the invention.
Specifically, when the request information in the website access request is obtained, the network device may generate corresponding feature information from the request information according to a predetermined verification rule, and if the feature information is not marked as forbidden, the network device passes the anti-swipe verification on the requested website.
The user equipment can obtain the request information from the website access request of the user by intercepting the website access request, and send the request information to the network equipment.
Further, when the characteristic information is marked as forbidden, the network equipment returns a human-computer interaction verification page to the user equipment, so that the user equipment presents the human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the network equipment passes the anti-brushing verification of the requested website.
When the network device passes the anti-swipe verification of the requested website, the user device may redirect the website access request to the requested website.
The present invention is described in further detail below with reference to the attached drawing figures.
Fig. 1 shows a flowchart of a method according to an embodiment of the present invention, which specifically shows a website anti-refresh verification process implemented in a network device.
As shown in fig. 1, in step 110, the network device obtains request information in the website access request; in step 120, the network device generates corresponding feature information from the request information according to a predetermined verification rule; in step 130, if the feature information is not marked as blocked, the network device passes the anti-swipe verification of the requested website.
Specifically, in step 110, the network device obtains request information in the website address access request.
According to one example of the present invention, a network device parses a user's website access request to obtain requested information therein, for example.
The analyzed request information comprises a requested website, a request header, a request parameter and a request IP. For example, for an HTTP request, the requested website is a URL, the request header includes parameters such as refer, User-Agent, Cookie, Accept, Host, Origin, barear, token, etc., the request parameters include parameters such as type, userID, etc., and the request IP is an IP address of the device that issued the HTTP request.
Here, the network device may obtain the website access request in various ways. For example, the network device may act as a third-party server to relay or intercept the user's website access request and provide anti-swipe authentication for the user.
According to an example of the present invention, the network device may perform blacklist verification on the requested website, so as to perform anti-brush verification on the website which passes the blacklist verification.
For example, the network device queries the website in a blacklist, and if the website is not hit, the website is verified through the blacklist, that is, the website is not stored in the blacklist. The network device may then proceed with anti-swipe validation of the website.
In step 120, the network device generates corresponding feature information from the request message according to a predetermined validation rule.
According to an example of the present invention, the validation rule may be a general rule according to which all request information generates the characteristic information, for example. In this specification, the verification rule is sometimes referred to as an anti-brush rule, and both are used equivalently.
For example, a general verification rule, rule ID 1000, has the following rule parameters:
Figure BDA0002433496120000091
wherein, the 'whiteList' is a white list, and some parameter values are configured without verification, such as ip white list; "period" is the verification period; the unit is a unit of a verification period, and can be selected from 0 (second), 1 (minute), 2 (hour) and 3 (day); "maxCount" is the maximum number of requests within a validation period; "forbidTime" is the block time after the number of requests has exceeded the limit; the forbidUnit is a unit of the forbidden time, and takes the same value as the unit.
The request information for authentication is shown in the following table one:
Figure BDA0002433496120000092
Figure BDA0002433496120000101
watch 1
The network device generates feature information for the table one listed request information. For example, the network device matches the parameter values specified in the validation rules "params", "headers" and "rules" from the request parameters,
params:type=1;
headers:referer=http://www.wanmei.com/
rules:ip=10.66.66.66
the parameter values are pieced together into a characteristic character string,
id=1000#params:type=1#rules:ip=10.66.66.66#headers:referer=http://www.wanmei.com/
and then the md5 value of the characteristic character string is calculated to obtain the characteristic key, namely the characteristic information f6db0afcd12b1c8f2d216b57fa79aed8 finally generated by the request information.
According to another example of the present invention, the validation rules may be determined from the requested web address, for example.
Each web site may have one or more validation rules associated with it. These validation rules may be stored locally on the network device or may be obtained from an anti-swipe database.
For example, the network device obtains the validation rule corresponding to the requested URL by querying the web address ID and URL-ID. The validation rules are maintained by 3 types of data tables such as "website information table", "website URL table", and "anti-swipe rule table" shown in fig. 2.
The website information table assigns a unique website ID and a unique website name to each website subjected to the anti-swipe verification. The "whether to turn on the anti-swipe" field may control the switching of the anti-swipe rules for all URLs under the entire website.
The "website URL table" is used to configure URL information that needs to be protected against flushing. "URL _ ID" is the unique identification of the URL configuration, "Website ID" is the website to which it belongs, "URL match expression" uses the Ant-style path pattern1, that is, the Ant Path expression, in addition to exactly matching URLs, supports wildcards as shown in Table two below:
matching any single character
* Matching 0 or any number of characters
** Matching 0 or any number of directories
Watch two
Specific application matching examples can be shown in table three below:
Figure BDA0002433496120000111
watch III
In addition, the "URL match parameters" may configure more precise matching rules, which may be null, json format, specifically for example,
Figure BDA0002433496120000112
Figure BDA0002433496120000121
wherein "method" matches the specified http request method; "parameters" match specified request parameters; "headers" match the specified request header; "mappingType" is a match type, and may be selected from "equal", "not _ equal", "null", "not _ null"; "value" is a value specified when "mappingType" is "equivalent" or "not _ equivalent". The "whether to turn on the anti-brush" field may control the switching of all anti-brush rules for a single URL.
The "anti-brush rule table" is used to configure the anti-brush rules for the URL. A "rule ID" is a unique identification of a single rule. "URL _ ID" is the URL to which it belongs. An "anti-brush rule parameter" is a rule detail, json format, for example,
Figure BDA0002433496120000122
wherein "params" validates the specified request parameters and supports configuration of any one or more request parameters that are customized according to different URLs, including but not limited to the configurations in the above examples; "headers" verifies specified request header parameters, supports any one or more request header parameters of the Http protocol internal standard and the Http protocol external self-defining, including but not limited to refer, User-Agent, Cookie, Accept, Host, Origin, barear, token, etc.; "rules" validates parameters other than request parameters and request headers, such as IP, RequestMethod, etc.; the 3 types of parameters at least configure 1 type; "whiteList" is a white list, and certain parameter values are configured without verification, such as ip white list; "period" is the verification period; the unit is a unit of a verification period, and can be selected from 0 (second), 1 (minute), 2 (hour) and 3 (day); "maxCount" is the maximum number of requests within a validation period; "forbidTime" is the block time after the number of requests has exceeded the limit; the forbidUnit is a unit of the forbidden time, and takes the same value as the unit. The "whether to turn on the anti-brush" field may control the switching of the single anti-brush rule. This flexible custom rule configuration can cover all request modes.
Returning to continue with fig. 1, in step 130, if the characteristic information is not marked as blocked, the network device passes the anti-swipe verification of the requested web address.
According to one embodiment of the invention, for example, the network device queries the feature information of the requested website from the cache, and if the feature information is not marked as blocked, the anti-swipe verification of the website is passed.
Further, when the feature information is not marked as forbidden, the network device adds 1 to the count of the feature information; and when the count of the feature information reaches a predetermined threshold, marking the feature information as disabled.
Specifically, for example, the network device extracts the number of occurrences cnt of the feature information from the buffer, and executes cnt +1, and when the cnt reaches a predetermined threshold, for example, 15, the feature information is marked as disabled.
The verification rule with the rule ID of 1000 is used as an example:
Figure BDA0002433496120000131
Figure BDA0002433496120000141
the feature information f6db0afcd12b1c8f2d216b57fa79aed8 generated in accordance with the above-described authentication rule based on the request information shown in the above table one.
The network device inquires whether the characteristic information is marked as forbidden from the cache, and if the characteristic information is not marked as forbidden, the network device reads the occurrence times cnt and executes the cnt + 1.
If cnt is 1, it indicates that the URL request with the feature information is first appeared, the cache time of the feature information is set to the count period specified by "period 1" and "unit 3": for 1 day.
In addition, the network device further determines whether the cnt is greater than "maxCount ═ 15", if the cnt is less than 15, the verification is returned, if the cnt is greater than 15, the feature information is marked as disabled in the cache, and the cache time is set to the disabled duration specified by "forbidTime ═ 7" and "forbidTime ═ 3": and 7 days.
When the feature information of the website is marked as forbidden, in order to remove the forbidden information and avoid misjudgment, the network device can return a human-computer interaction verification page to the user, and when the user passes the verification of the human-computer interaction verification page, the network device passes the anti-brushing verification of the website.
According to an example of the present invention, if the feature information is disabled, the network device generates uuid (universal unique Identifier) as the decapsulation information corresponding to the feature information, and the validity period of the decapsulation information cache may be set to 1 minute to prevent centralized coding, such as 123e4567-e89b-12d3-a 456-426655440000. Then, the network device generates the URL address of the human-computer interaction verification page by using the feature information and the decapsulation information, such as https:// HOST/robotname? validateKey ═ f6db0afcd12b1c8f2d216b57fa79
and aed8& validateTicket 123e4567-e89b-12d3-a456-426655440000, wherein the HOST is a domain name for network equipment deployment.
And when the user passes the verification of the man-machine interaction verification page, the network equipment deletes the seal mark of the characteristic information.
According to an example of the present invention, when a request website corresponds to a plurality of validation rules, if at least one of the feature information corresponding to the validation rules is marked as blocked, the anti-swipe validation corresponding to the website cannot pass.
For example, 3 verification rules correspond to one URL address, the network device generates corresponding feature information according to the request information and the 3 rules, respectively, and as long as 1 feature information in the generated 3 feature information is marked as forbidden, the network device cannot pass the anti-brush verification on the URL address.
Further, according to one of the feature information marked as forbidden, the network device returns a corresponding human-computer interaction verification page to the user, and the network device passes the anti-swiping verification of the website only until the user passes all the human-computer interaction verification pages corresponding to the feature information marked as forbidden.
For example, all 3 pieces of feature information generated by 3 pieces of verification rules corresponding to the URL address are marked as forbidden, and the network device performs verification by returning a human-computer interaction verification page corresponding to any one piece of feature information to the user. For another example, the network device returns the first queried forbidden feature information and the URL of the human-computer interaction verification page corresponding to the decapsulation information generated for the feature information to the user according to the query sequence of the feature information, so that the user can perform verification. And returning the corresponding human-computer interaction verification pages to the user one by one according to the query sequence of the characteristic information until the user passes all the verification pages and the network equipment passes the anti-brushing verification of the URL address.
When a user accesses the man-machine interaction verification page, for example, a page with a verification code can be opened, and the verification code can adopt the existing mature implementation modes in various industries, such as a character verification code, a picture clicking verification code, a slider verification code or an intelligent behavior verification code. After the user completes the verification of the verification code, the network device passes the anti-swipe verification of the request access URL. And the network equipment also deletes the seal mark of the characteristic information corresponding to the current verification rule in the cache, and unseals the characteristic information. Thereafter, when the feature information appears again, the network device will count and mark it for a new round.
According to one example of the present invention, the network device may redirect the website access request to the requested website after passing the anti-swipe validation of the requested website. For example, the network device acts as a transit server, and after intercepting the website access request of the user and passing the anti-swipe verification of the requested website, the network device may send the website access request to its target website.
According to one example of the present invention, after the network device passes the anti-swipe verification of the requested web address, the user device may redirect the web address access request to the requested web address. For example, the user equipment intercepts a website access request of a user and sends request information in the website access request to the network equipment to perform anti-brushing verification on the requested website, and after the network equipment passes the anti-brushing verification on the requested website, the user equipment can send the website access request to a target website of the user equipment.
FIG. 3 shows a system diagram for anti-swipe validation of a web address according to an embodiment of the invention.
As shown in fig. 3, the anti-swipe verification system 300 includes anti-swipe clients 311 and 312, an anti-swipe server 321, an anti-swipe system database 330, an anti-swipe management background 340, and website servers 351 and 352.
The anti-swipe system database 330 stores and maintains the 3-type data table shown in fig. 2, including the "website information table", the "website URL table", and the "anti-swipe rule table". The website information table of the website can be found according to the website ID, the website URL tables of all URLs under the website are obtained at the same time, one or more anti-brushing rule tables corresponding to the URL address can be obtained according to the URL address, and each anti-brushing rule also has a rule ID.
The anti-brush management background 340 provides operations of adding, deleting, modifying and querying the data table in the database of the anti-brush system. When the operation data is added, deleted, and modified, the anti-brush management background 340 may issue the latest data to the anti-brush client and the anti-brush server in full through a data synchronization tool such as zookeeper, so that the configuration such as the anti-brush rule takes effect immediately. The anti-brushing rules can be dynamically configured through the anti-brushing management background 340, and after the configuration is successful, the anti-brushing rules are stored in the anti-brushing system database 330 and are issued to the anti-brushing client and/or the anti-brushing server.
Specifically, for example, in a one-time anti-swipe authentication process, when an external user wishes to access the web server 251, the anti-swipe client 311 intercepts an HTTP request of the user, and the anti-swipe client 311 parses the HTTP request to obtain request information therein, such as a URL address, a request header, a request parameter, and a request IP. Further, the anti-brush client 311 may also match the URL address according to a URL list (i.e., a blacklist) in the anti-brush rule issued by the anti-brush management background 334, if the URL address is not matched, the HTTP request is released to the website server 351, otherwise, the authentication interface of the anti-brush server 321 is called, and the request information is sent to the anti-brush server 321 for anti-brush authentication.
The authentication interface receives parameters from the anti-swipe client 311 such as website ID, request URL, request header, request parameters, request IP. Referring to fig. 2, the anti-swipe server 321 first reads the website information table, the website URL table, and the anti-swipe rule table of the database according to the website ID and the requested URL, and then determines whether there is an anti-swipe rule in the process of opening according to the requested URL, if not, directly returns that the request passes the verification, and if so, verifies the anti-swipe rule one by one. If all the anti-brush rules are verified to be passed, the anti-brush server 321 returns verification passing to the anti-brush client 311, and if any one or more rules are not verified to be passed, each rule which is not passed is requested to be blocked and a corresponding URL address of the man-machine interaction verification page used for deblocking is generated. Finally, the anti-brush server 321 returns the URL address of the human-computer interaction verification page corresponding to the first failed verification rule to the anti-brush client 311.
When the anti-swipe verification fails, the anti-swipe server 321 blocks all HTTP requests having the same characteristic information as the HTTP request, and at this time, if a similar HTTP request enters, the anti-swipe server 321 does not need to verify the anti-swipe rule again, but directly returns that the verification fails according to the blocking condition. If the HTTP request is initiated by a normal user and the user wants to unseal, the next human-computer interaction verification is needed. After the human-computer interaction verification, the anti-brush server 321 decapsulates the HTTP request, and performs complete anti-brush rule verification again when the HTTP request enters next time.
If the anti-swipe server 321 returns that the anti-swipe verification passes, the anti-swipe client 311 passes the HTTP request to re-initiate the request to the website server 351. If the anti-brush verification fails, the anti-brush server 321 returns http 302 for jumping, and the user is redirected to the URL address of the man-machine interaction verification page returned by the anti-brush server 321 verification.
FIG. 4 shows a schematic diagram of an apparatus for performing website anti-swipe validation, according to an embodiment of the present invention.
As shown in fig. 4, the anti-swipe verification apparatus 40 is arranged in the computer device 40, and the anti-swipe verification apparatus 40 includes an acquisition means 41, a generation means 42, and a verification means 43.
Wherein, the obtaining device 41 obtains the request information in the website access request; the generating device 42 generates corresponding characteristic information from the request information according to a predetermined verification rule; if the characteristic information is not marked as blocked, the authentication means 43 passes the anti-swipe authentication of the requested web address.
Specifically, the acquiring means 41 acquires request information in the website address access request.
According to an example of the present invention, for example, the obtaining means 41 parses the website address access request of the user to obtain the request information therein.
The analyzed request information comprises a requested website, a request header, a request parameter and a request IP. For example, for an HTTP request, the requested website is a URL, the request header includes parameters such as refer, User-Agent, Cookie, Accept, Host, Origin, barear, token, etc., the request parameters include parameters such as type, userID, etc., and the request IP is an IP address of the device that issued the HTTP request.
Here, the acquiring device 41 may acquire the website access request in various ways. For example, the network device may act as a third-party server, and relay or intercept the website access request of the user through the obtaining device 41, so as to provide the user with anti-swipe authentication later.
Further, the anti-swipe validation device 40 may further include an access device (not shown). When the website access request of the user passes the anti-brushing verification, the access device redirects the website access request to the requested website.
Alternatively, the anti-brush verification device 40 may also include an intercepting device (not shown). The intercepting device intercepts the website access request of the user to obtain the request information from the website access request.
According to an example of the present invention, the anti-brush verification device 40 may further include a filtering device (not shown). The filtering device can perform blacklist verification on the requested website so as to perform anti-brushing verification on the website which passes the blacklist verification.
For example, the filtering device queries the website in a blacklist, and if the website is hit, the anti-swipe verification can be continued on the website. If the website is not hit, that is, the website is not stored in the blacklist, the website can be verified through the blacklist, and the website access request can be sent to the target website.
Alternatively, according to an example of the present invention, the intercepting means, the filtering means and the accessing means may all be disposed in the user equipment, so that the user equipment performs intercepting, blacklist filtering and releasing of the website access request of the user.
Next, the generating means 42 generates corresponding characteristic information from the request information according to a predetermined verification rule.
According to an example of the present invention, the validation rule may be a general rule according to which all request information generates the characteristic information, for example. In this specification, the verification rule is sometimes referred to as an anti-brush rule, and both are used equivalently.
According to another example of the present invention, the validation rules may be determined from the requested web address, for example.
Each web site may have one or more validation rules associated with it. These validation rules may be stored locally on the network device or may be obtained from an anti-swipe database.
If the characteristic information is not marked as blocked, the authentication means 43 passes the anti-swipe authentication of the requested web address.
According to one embodiment of the present invention, for example, the verification means 43 queries the feature information of the requested website from the cache, and if the feature information is not marked as blocked, the website is verified by anti-swipe verification.
Further, when the feature information is not marked as disabled, the verifying means 43 adds 1 to the count of the feature information; and when the count of the characteristic information reaches a predetermined threshold, the authentication means 43 marks the characteristic information as disabled.
Specifically, for example, the verification means 43 extracts the number of occurrences cnt of the feature information from the buffer, and executes cnt +1, and when the cnt reaches a predetermined threshold, for example, 15, the feature information is marked as disabled.
When the feature information of the website is marked as forbidden, in order to remove the forbidden information and avoid misjudgment, the verification device 43 may return a human-computer interaction verification page to the user, and when the user passes the verification of the human-computer interaction verification page, the verification device 43 passes the anti-swipe verification of the website.
According to an example of the present invention, if the feature information is disabled, the authentication device 43 generates uuid as the decapsulation information corresponding to the feature information, and the validity period of the decapsulation information cache may be set to 1 minute to prevent centralized coding. Then, the authentication device 43 generates the URL address of the man-machine interaction authentication page using the feature information and the decapsulation information.
When the user verifies the page through the man-machine interaction, the verification means 43 deletes the blocking flag of the feature information.
According to an example of the present invention, when a request website corresponds to a plurality of validation rules, if at least one of the feature information corresponding to the validation rules is marked as blocked, the anti-swipe validation corresponding to the website cannot pass.
For example, there are 3 validation rules corresponding to one URL address, the validation device 43 generates corresponding feature information according to the request information and the 3 rules, respectively, and as long as there are 1 feature information in the generated 3 feature information marked as disabled, the validation device 43 cannot pass the anti-swipe validation on the URL address.
Further, according to one of the feature information marked as forbidden, the verification device 43 returns a corresponding human-computer interaction verification page to the user, and the verification device 43 does not pass the anti-swipe verification on the website until the user passes all the human-computer interaction verification pages corresponding to the feature information marked as forbidden.
For example, all the 3 pieces of feature information generated by the 3 pieces of verification rules corresponding to the URL addresses are marked as disabled, and the verification device 43 performs verification by returning a human-computer interaction verification page corresponding to any one piece of feature information to the user. For another example, the verification device 43 returns, to the user, the URL of the human-computer interaction verification page corresponding to the feature information that is first queried as the forbidden feature information and the decapsulation information generated for the feature information according to the query sequence of the feature information, so that the user can perform verification. According to the query sequence of each feature information, the verification device 43 returns the corresponding human-computer interaction verification pages to the user one by one until the user passes all the verification pages and the network equipment passes the anti-brushing verification of the URL address.
When a user accesses the man-machine interaction verification page, for example, a page with a verification code can be opened, and the verification code can adopt the existing mature implementation modes in various industries, such as a character verification code, a picture clicking verification code, a slider verification code or an intelligent behavior verification code. When the user completes the verification of the verification code, the verification means 43 passes the anti-swipe verification for the request access URL. The authentication device 43 also deletes the block flag of the feature information corresponding to the current authentication rule in the cache, and decapsulates the feature information. Thereafter, when the characteristic information appears again, the verification means 43 will count and mark it for a new round.
According to one example of the present invention, the web access device may redirect the web site access request to the requested web site after passing the anti-swipe validation of the requested web site. For example, the network device acts as a transit server, and after intercepting the website access request of the user and passing the anti-swipe verification of the requested website, the access device can send the website access request to its target website.
It should be noted that the present invention may be implemented in software and/or in a combination of software and hardware, for example, as an Application Specific Integrated Circuit (ASIC), a general purpose computer or any other similar hardware device. In one embodiment, the software program of the present invention may be executed by a processor to implement the steps or functions described above. Also, the software programs (including associated data structures) of the present invention can be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present invention may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions
In addition, at least a portion of the present invention may be implemented as a computer program product, such as computer program instructions, which, when executed by a computing device, may invoke or provide methods and/or aspects in accordance with the present invention through operation of the computing device. Program instructions which invoke/provide the methods of the present invention may be stored on fixed or removable recording media and/or transmitted via a data stream over a broadcast or other signal-bearing medium, and/or stored in a working memory of a computing device operating in accordance with the program instructions.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
While exemplary embodiments have been particularly shown and described, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the claims. The protection sought herein is as set forth in the claims below. These and other aspects of the various embodiments are specified in the following numbered clauses:
1. a method for website anti-swipe verification by a computer device, wherein the method comprises the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
2. The method of clause 1, wherein the request information comprises a requested web address, a request header, a request parameter, a request IP.
3. The method of clause 2, wherein the characteristic information is generated from the request header, the request parameter, and the request IP.
4. The method of clause 1, wherein the validation rule is determined according to the requested web address.
5. The method of clause 1, wherein the method further comprises the steps of:
when the characteristic information is marked as forbidden, returning a human-computer interaction verification page to a user;
and when the user passes the verification of the man-machine interaction verification page, the user passes the anti-brush verification.
6. The method of clause 5, wherein the URL of the human-computer interaction verification page is generated from the feature information and decapsulation information, the decapsulation information being generated by a UUID.
7. The method of clause 5, wherein the method further comprises the steps of:
when the feature information is not marked as forbidden, adding 1 to the count of the feature information;
when the count reaches a predetermined threshold, the characteristic information is marked as disabled.
8. The method of clause 5, wherein the method further comprises the steps of:
and deleting the seal mark of the characteristic information when the user passes the verification of the man-machine interaction verification page.
9. The method of clause 1 or 5, wherein the validation rule comprises a plurality;
when the characteristic information corresponding to at least one verification rule is marked as forbidden, the anti-brush verification cannot pass.
10. The method of clause 1 or 5, wherein the validation rule comprises a plurality;
and when the characteristic information corresponding to at least one verification rule is marked as forbidden, returning a corresponding human-computer interaction verification page to the user until the user passes through all the human-computer interaction verification pages corresponding to the characteristic information marked as forbidden, and at the moment, passing the anti-brush verification.
11. The method of clause 1, wherein the method further comprises the steps of:
intercepting the website access request to obtain the request information.
12. The method of clause 1, wherein the method further comprises the steps of:
and carrying out blacklist verification on the requested website so as to carry out anti-brushing verification on the website which passes the blacklist verification.
13. The method of clause 1, wherein the method further comprises the steps of:
and when the anti-brushing verification is passed, redirecting the website access request to the requested website.
14. A website anti-brushing verification method comprises the following steps of:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
15. The method of clause 14, wherein the request information comprises a requested web address, a request header, a request parameter, a request IP.
16. The method of clause 15, wherein the characteristic information is generated from the request header, the request parameters, and the request IP.
17. The method of clause 14, wherein the validation rule is determined according to the requested web address.
18. The method of clause 14, wherein, at the network device, the method further comprises the steps of:
when the characteristic information is marked as forbidden, returning a human-computer interaction verification page to a user;
and when the user passes the verification of the man-machine interaction verification page, the user passes the anti-brush verification.
19. The method of clause 18, wherein the URL of the human-machine-interaction-verification page is generated from the feature information and decapsulation information, the decapsulation information being generated by a UUID.
20. The method of clause 18, wherein, at the network device, the method further comprises the steps of:
when the feature information is not marked as forbidden, adding 1 to the count of the feature information;
when the count reaches a predetermined threshold, the characteristic information is marked as disabled.
21. The method of clause 18, wherein, at the network device, the method further comprises the steps of:
and deleting the seal mark of the characteristic information when the user passes the verification of the man-machine interaction verification page.
22. The method of clause 14 or 18, wherein the validation rule comprises a plurality;
when the characteristic information corresponding to at least one verification rule is marked as forbidden, the anti-brush verification cannot pass.
23. The method of clause 14 or 18, wherein the validation rule comprises a plurality;
and when the characteristic information corresponding to at least one verification rule is marked as forbidden, returning a corresponding human-computer interaction verification page to the user until the user passes through all the human-computer interaction verification pages corresponding to the characteristic information marked as forbidden, and at the moment, passing the anti-brush verification.
24. The method of clause 14, wherein, at the user equipment, the method further comprises the steps of:
intercepting the website access request to obtain the request information;
and sending the request information to the network equipment.
25. The method of clause 24, wherein, at the user equipment, the method further comprises the steps of:
and carrying out blacklist verification on the requested website so as to carry out anti-brushing verification on the website which passes the blacklist verification by the network equipment.
26. The method of clause 24, wherein, at the user equipment, the method further comprises the steps of:
and when the network equipment passes the anti-brushing verification, redirecting the website access request to the requested website.
27. An apparatus for website anti-swipe verification by a computer device, wherein the apparatus comprises:
the acquisition device is used for acquiring request information in the website access request;
generating means for generating corresponding characteristic information from the request information according to a predetermined verification rule;
and the verification device is used for passing the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden.
28. The apparatus of clause 27, wherein the request information comprises a requested web address, a request header, a request parameter, a request IP.
29. The apparatus of clause 28, wherein the characteristic information is generated from the request header, the request parameters, and the request IP.
30. The apparatus of clause 27, wherein the validation rule is determined according to the requested web address.
31. The apparatus of clause 27, wherein the validation apparatus is further configured to:
when the characteristic information is marked as forbidden, returning a human-computer interaction verification page to a user;
and when the user passes the verification of the man-machine interaction verification page, the user passes the anti-brush verification.
32. The apparatus of clause 31, wherein the URL of the human-machine-interaction-verification page is generated from the feature information and decapsulation information, the decapsulation information being generated by a UUID.
33. The apparatus of clause 31, wherein the authentication apparatus is further configured to:
when the feature information is not marked as forbidden, adding 1 to the count of the feature information;
when the count reaches a predetermined threshold, the characteristic information is marked as disabled.
34. The apparatus of clause 31, wherein the authentication apparatus is further configured to:
and deleting the seal mark of the characteristic information when the user passes the verification of the man-machine interaction verification page.
35. The apparatus of clause 27 or 31, wherein the validation rule comprises a plurality;
when the characteristic information corresponding to at least one verification rule is marked as forbidden, the anti-brush verification cannot pass.
36. The apparatus of clause 27 or 31, wherein the validation rule comprises a plurality;
and when the characteristic information corresponding to at least one verification rule is marked as forbidden, returning a corresponding human-computer interaction verification page to the user until the user passes through all the human-computer interaction verification pages corresponding to the characteristic information marked as forbidden, and at the moment, passing the anti-brush verification.
37. The apparatus of clause 36, wherein the apparatus further comprises:
and the intercepting device is used for intercepting the website access request so as to obtain the request information.
38. The apparatus of clause 36, wherein the apparatus further comprises:
and the filtering device is used for carrying out blacklist verification on the requested website so as to carry out anti-brushing verification on the website which passes the blacklist verification.
39. The apparatus of clause 36, wherein the apparatus further comprises:
and the access device is used for redirecting the website access request to the requested website when the anti-brushing verification is passed.
40. A computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of clauses 1-13 when executing the computer program.
41. A computer-readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the method of any of clauses 1 to 13.
42. A computer program product implementing the method of any of clauses 1 to 13 when executed by a computer device.

Claims (10)

1. A method for website anti-swipe verification by a computer device, wherein the method comprises the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
2. The method of claim 1, wherein the request information comprises a requested web address, a request header, a request parameter, a request IP.
3. A website anti-brushing verification method comprises the following steps of:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
4. The method of claim 3, wherein the request information comprises a requested web address, a request header, a request parameter, a request IP.
5. The method of claim 3, wherein at the network device, the method further comprises:
when the characteristic information is marked as forbidden, returning a human-computer interaction verification page to a user;
and when the user passes the verification of the man-machine interaction verification page, the user passes the anti-brush verification.
6. The method of claim 3, wherein at the user equipment, the method further comprises the steps of:
intercepting the website access request to obtain the request information;
and sending the request information to the network equipment.
7. An apparatus for website anti-swipe verification by a computer device, wherein the apparatus comprises:
the acquisition device is used for acquiring request information in the website access request;
generating means for generating corresponding characteristic information from the request information according to a predetermined verification rule;
and the verification device is used for passing the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the method of any of claims 1 to 6.
10. A computer program product implementing the method of any one of claims 1 to 6 when executed by a computer device.
CN202010244076.4A 2020-03-31 2020-03-31 Website anti-brushing verification method and device Active CN111585956B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010244076.4A CN111585956B (en) 2020-03-31 2020-03-31 Website anti-brushing verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010244076.4A CN111585956B (en) 2020-03-31 2020-03-31 Website anti-brushing verification method and device

Publications (2)

Publication Number Publication Date
CN111585956A true CN111585956A (en) 2020-08-25
CN111585956B CN111585956B (en) 2022-09-09

Family

ID=72122628

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010244076.4A Active CN111585956B (en) 2020-03-31 2020-03-31 Website anti-brushing verification method and device

Country Status (1)

Country Link
CN (1) CN111585956B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112437036A (en) * 2020-01-21 2021-03-02 上海哔哩哔哩科技有限公司 Data analysis method and equipment
CN112836213A (en) * 2021-02-18 2021-05-25 联动优势科技有限公司 Anti-brushing method and device based on API (application program interface)
CN113783923A (en) * 2021-03-31 2021-12-10 北京沃东天骏信息技术有限公司 Web page anti-brush processing method, device, equipment and storage medium
CN115276968A (en) * 2022-07-08 2022-11-01 中国第一汽车股份有限公司 Third-party platform HTTP callback distribution method, system, electronic equipment and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105162793A (en) * 2015-09-23 2015-12-16 上海云盾信息技术有限公司 Method and apparatus for defending against network attacks
US20170366577A1 (en) * 2016-06-21 2017-12-21 Imperva, Inc. Infrastructure distributed denial of service (ddos) protection
CN108462687A (en) * 2018-01-08 2018-08-28 平安科技(深圳)有限公司 Method, apparatus, terminal device and the storage medium that anti-brush logs in
CN108959539A (en) * 2018-06-30 2018-12-07 成都信息工程大学 A kind of rule-based configurable web data analytic method
CN109951500A (en) * 2019-04-29 2019-06-28 宜人恒业科技发展(北京)有限公司 Network attack detecting method and device
CN110213375A (en) * 2019-06-04 2019-09-06 杭州安恒信息技术股份有限公司 A kind of method, apparatus and electronic equipment of the IP access control based on cloud WAF
CN110334259A (en) * 2019-04-22 2019-10-15 新分享科技服务(深圳)有限公司 Webpage data acquiring method, device and computer readable storage medium
CN110489626A (en) * 2019-08-05 2019-11-22 苏州闻道网络科技股份有限公司 A kind of information collecting method and device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105162793A (en) * 2015-09-23 2015-12-16 上海云盾信息技术有限公司 Method and apparatus for defending against network attacks
US20170366577A1 (en) * 2016-06-21 2017-12-21 Imperva, Inc. Infrastructure distributed denial of service (ddos) protection
CN108462687A (en) * 2018-01-08 2018-08-28 平安科技(深圳)有限公司 Method, apparatus, terminal device and the storage medium that anti-brush logs in
CN108959539A (en) * 2018-06-30 2018-12-07 成都信息工程大学 A kind of rule-based configurable web data analytic method
CN110334259A (en) * 2019-04-22 2019-10-15 新分享科技服务(深圳)有限公司 Webpage data acquiring method, device and computer readable storage medium
CN109951500A (en) * 2019-04-29 2019-06-28 宜人恒业科技发展(北京)有限公司 Network attack detecting method and device
CN110213375A (en) * 2019-06-04 2019-09-06 杭州安恒信息技术股份有限公司 A kind of method, apparatus and electronic equipment of the IP access control based on cloud WAF
CN110489626A (en) * 2019-08-05 2019-11-22 苏州闻道网络科技股份有限公司 A kind of information collecting method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112437036A (en) * 2020-01-21 2021-03-02 上海哔哩哔哩科技有限公司 Data analysis method and equipment
CN112437036B (en) * 2020-01-21 2023-01-24 上海哔哩哔哩科技有限公司 Data analysis method and equipment
CN112836213A (en) * 2021-02-18 2021-05-25 联动优势科技有限公司 Anti-brushing method and device based on API (application program interface)
CN113783923A (en) * 2021-03-31 2021-12-10 北京沃东天骏信息技术有限公司 Web page anti-brush processing method, device, equipment and storage medium
CN115276968A (en) * 2022-07-08 2022-11-01 中国第一汽车股份有限公司 Third-party platform HTTP callback distribution method, system, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN111585956B (en) 2022-09-09

Similar Documents

Publication Publication Date Title
CN111585956B (en) Website anti-brushing verification method and device
US10798202B2 (en) Security systems for mitigating attacks from a headless browser executing on a client computer
US11552936B2 (en) Management of dynamic credentials
US20190182251A1 (en) Count-based challenge-response credential pairs for client/server request validation
US10523609B1 (en) Multi-vector malware detection and analysis
US9860270B2 (en) System and method for determining web pages modified with malicious code
US9438625B1 (en) Mitigating scripted attacks using dynamic polymorphism
US9210171B1 (en) Selectively protecting valid links to pages of a web site
CN103607385B (en) Method and apparatus for security detection based on browser
US7464408B1 (en) Damage containment by translation
US10447726B2 (en) Mitigating attacks on server computers by enforcing platform policies on client computers
US20040172557A1 (en) Attack defending system and attack defending method
US20160149953A1 (en) Client/server polymorphism using polymorphic hooks
US20160294796A1 (en) Challenge-dynamic credential pairs for client/server request validation
CN109246064A (en) Safe access control, the generation method of networkaccess rules, device and equipment
CN113645234B (en) Honeypot-based network defense method, system, medium and device
WO2016118153A1 (en) Marking nodes for analysis based on domain name system resolution
CN114553529A (en) Data processing method, device, network equipment and storage medium
CN114567472A (en) Data processing method and device, electronic equipment and storage medium
CN114430553A (en) Portable proxy server for deception defense of mobile internet of things equipment
Alsaleem et al. Cloud computing-based attacks and countermeasures: A survey
JP2022541250A (en) Inline malware detection
Kim et al. A Framework for managing user-defined security policies to support network security functions
US10567363B1 (en) Deterministic reproduction of system state using seeded pseudo-random number generators
Ivašauskas et al. In-Kernel Authentication Request Analysis for Human and Bot Distinction

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant