CN112565414B - Data downloading method, device, equipment and medium - Google Patents
Data downloading method, device, equipment and medium Download PDFInfo
- Publication number
- CN112565414B CN112565414B CN202011407914.1A CN202011407914A CN112565414B CN 112565414 B CN112565414 B CN 112565414B CN 202011407914 A CN202011407914 A CN 202011407914A CN 112565414 B CN112565414 B CN 112565414B
- Authority
- CN
- China
- Prior art keywords
- sample
- identifier
- node
- target node
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention discloses a data downloading method, a device, equipment and a medium. The data downloading method comprises the following steps: responding to a phishing mail sample downloading request initiated by a user, and acquiring a sample identifier of a sample to be downloaded; acquiring the identifier of a target node storing the sample to be downloaded according to the sample identifier; determining the current Internet Protocol (IP) address of the target node according to the identification of the target node; and downloading the sample to be downloaded in the target node through the current IP address of the target node. According to the technical scheme of the embodiment of the invention, the effect of quickly and accurately positioning the storage node of the sample to be downloaded under the condition that the IP address of the node is changed is realized by setting the unique identifier for each node in the distributed system.
Description
Technical Field
Embodiments of the present invention relate to computer technologies, and in particular, to a data downloading method, apparatus, device, and medium.
Background
With the development of internet technology, more and more lawbreakers cheat by sending phishing mails to network users, and therefore, anti-phishing mail engines have come to work, and in order to improve the processing rate, a distributed anti-phishing mail system is composed of a plurality of host mechanisms provided with the anti-phishing mail engines, so that the functions of scanning the phishing mails and downloading samples are realized.
In a distributed environment, the anti-phishing mail engine is deployed on a plurality of hosts, so that the obtained phishing mail samples are stored in different hosts through analyzing and processing the mails. In the prior art, when a user issues a phishing mail sample downloading request at a management platform, the management platform finds a host where a sample to be downloaded is located through an Internet Protocol (IP) address stored corresponding to the sample to be downloaded to download the sample, and the host fails to download the sample after the IP address of the host changes. Another sample downloading method in the prior art is that a management platform sequentially queries whether a sample to be downloaded exists in each host, and although this method avoids the problem of failed sample downloading caused by the change of the IP address of the host, the sample needs to be sequentially searched in each host, which is inefficient.
Disclosure of Invention
Embodiments of the present invention provide a data downloading method, apparatus, device, and medium, which implement an effect of quickly and accurately positioning a storage node of a sample to be downloaded when an IP address of a node changes by setting a unique identifier for each node in a distributed system.
In a first aspect, an embodiment of the present invention provides a data downloading method, where the method includes:
responding to a phishing mail sample downloading request initiated by a user, and acquiring a sample identifier of a sample to be downloaded;
acquiring the identifier of a target node storing the sample to be downloaded according to the sample identifier;
determining the current Internet Protocol (IP) address of the target node according to the identifier of the target node;
and downloading the sample to be downloaded in the target node through the current IP address of the target node.
In a second aspect, an embodiment of the present invention further provides a data downloading apparatus, where the apparatus includes:
the system comprises a sample identification acquisition module, a data acquisition module and a data processing module, wherein the sample identification acquisition module is used for responding to a phishing mail sample downloading request issued by a user and acquiring a sample identification of a sample to be downloaded;
a node identifier obtaining module, configured to obtain, according to the sample identifier, an identifier of a target node in which the sample to be downloaded is stored;
an IP address determining module, configured to determine, according to the identifier of the target node, a current IP address of the target node;
and the sample downloading module is used for downloading the sample to be downloaded through the current IP address of the target node.
In a third aspect, an embodiment of the present invention further provides an electronic device, including:
one or more processors;
a memory for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the data downloading method provided by any embodiment of the invention.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the data downloading method provided in any embodiment of the present invention.
The technical scheme of the embodiment of the invention responds to a phishing mail sample downloading request initiated by a user, obtains the sample identification of the sample to be downloaded, obtains the identification of the target node in which the sample to be downloaded is stored, further determines the current IP address of the target node according to the identification of the target node, and finally downloads the sample to be downloaded in the target node through the current IP address of the target node.
Drawings
Fig. 1 is a flowchart of a data downloading method according to a first embodiment of the present invention;
fig. 2 is a flowchart of a data downloading method according to a second embodiment of the present invention;
fig. 3 is a schematic structural diagram of a data downloading device according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus in the fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a data downloading method in a first embodiment of the present invention, where the technical solution of this embodiment is suitable for a case where a sample is downloaded according to a unique identifier of a node in a distributed system, and the method may be executed by a data downloading apparatus, and specifically includes the following steps:
The phishing mails are mails which are used for deceiving recipients to reply information such as account numbers, passwords and the like to appointed recipients by using disguised e-mails or guiding the recipients to enter special fraud webpages; a phishing mail sample is a piece of typical mail code that contains a major phishing function, usually part of the data of the mail content or mail attachment.
In this embodiment, when receiving a sample downloading request for a specific phishing mail sample initiated by a user, a management platform of the distributed system first obtains a sample identifier of the sample to be downloaded, so as to download and search a corresponding sample to be downloaded according to the sample identifier. The sample identifier is a unique identifier of the sample to be downloaded, and for example, the sample identifier is MD5 corresponding to the sample to be downloaded.
The distributed system is a system formed by a plurality of hosts provided with anti-phishing mail engines, and each host is called a node of the distributed system; the management platform is a man-machine interaction interface of the distributed system and comprises the functions of mail scanning, scanning result display, phishing mail sample downloading and the like; the anti-phishing mail engine is a technical mechanism for judging whether a specific mail is a phishing mail or not, and is used for scanning the mail and finding the phishing mail.
And step 120, acquiring the identifier of the target node stored with the sample to be downloaded according to the sample identifier.
In this embodiment, after the sample identifier of the sample to be downloaded is obtained, the identifier of the target node corresponding to the sample identifier is searched, so as to determine the node in which the sample to be downloaded is stored according to the identifier of the target node. Illustratively, each sample identifier and the identifier of the matched node are correspondingly stored in a database corresponding to the distributed system, and after the sample identifier of the sample to be downloaded is obtained, the identifier of the target node corresponding to the sample identifier is searched in the database.
The target node is a node storing a sample to be downloaded, and the identifier of the target node is the unique identifier of the target node in the distributed system. The identifier of the target node may be an identifier that can uniquely identify each node in the distributed system, which is arbitrarily set by a developer, for example, if the distributed system includes 5 nodes, the identifiers corresponding to the 5 nodes are 01, 02, 03, 04, and 05, respectively.
In this embodiment, in order to avoid a problem that in the prior art, a node where a sample to be downloaded is located according to a node IP address, and the location fails due to a change in the node IP address, each node is identified by configuring a unique identifier for each node, and the identifier of each node is always unchanged.
Illustratively, the identification of the target node is acquired as 05, the current IP address of the target node is queried as 192.168.12.1 according to the identification, and the sample is downloaded from the target node according to the current IP address.
In the embodiment, after the current IP address of the target node is obtained, the sample to be downloaded is downloaded from the target node by using the current IP address, so that the problem of sample downloading failure caused by IP address change is solved.
The technical scheme of the embodiment of the invention responds to a phishing mail sample downloading request initiated by a user, obtains the sample identification of the sample to be downloaded, obtains the identification of the target node in which the sample to be downloaded is stored, further determines the current IP address of the target node according to the identification of the target node, and finally downloads the sample to be downloaded in the target node through the current IP address of the target node.
Example two
Fig. 2 is a flowchart of a data downloading method in the second embodiment of the present invention, which is further detailed based on the above embodiments and provides a specific step of obtaining an identifier of a target node storing a sample to be downloaded according to a sample identifier, and a specific step of determining a current IP address of the target node according to the identifier of the target node. A data downloading method provided by the second embodiment of the present invention is described below with reference to fig. 2, including the following steps:
step 210, responding to a phishing mail sample downloading request initiated by a user, and acquiring a sample identifier of a sample to be downloaded.
the database is stored with the identifiers of all samples and the identifiers of the nodes in which all the samples are stored.
In this embodiment, a manner of determining an identifier of a corresponding target node according to a sample identifier of a sample to be downloaded is provided, and specifically, after a sample to be downloaded is obtained, an identifier of a target node corresponding to the sample identifier is queried in a database corresponding to a distributed system, so as to determine an only node in which the sample to be downloaded is currently stored.
And storing the sample identifications and the identifications of the nodes in which the samples are stored in the database correspondingly.
the configuration file comprises the mapping relation between the identifier of each node and the current IP address of each node.
In this embodiment, after the identifier of the target node is obtained, the current IP address of the target node corresponding to the identifier of the target node is searched from the configuration file, so as to realize downloading of the sample to be downloaded according to the current IP address of the target node, thereby avoiding a sample downloading failure caused by a change in the IP address of the target node.
The configuration file is deployed in the management platform and comprises the mapping relation between the identifier of each node and the current IP address of each node, and the IP addresses stored in the configuration file can be updated according to actual conditions.
And 240, downloading the sample to be downloaded in the target node through the current IP address of the target node.
Optionally, receiving the identifier of the node and the IP address of the node sent by each node when starting the anti-phishing mail engine each time; and updating the configuration file according to the identifier of the node and the IP address of the node.
In this optional embodiment, a configuration file updating method is provided, and specifically, each node sends an identifier of a current node and a current IP address of the node to a management platform every time an anti-phishing mail engine is started, so as to instruct the management platform to update a configuration file, so that an IP address stored in the configuration file is always the latest IP address of each node.
The technical scheme of the embodiment of the invention is that a sample identification of a sample to be downloaded is obtained in response to a phishing mail sample downloading request initiated by a user, an identification of a target node corresponding to the sample identification is searched in a database, further, a current IP address of the target node corresponding to the identification of the target node is obtained according to the identification of the target node and a configuration file, and finally the sample to be downloaded is downloaded in the target node according to the current IP address of the target node.
EXAMPLE III
Fig. 3 is a schematic structural diagram of a data downloading device according to a third embodiment of the present invention, where the data downloading device includes: a sample identity acquisition module 310, a node identity acquisition module 320, an IP address determination module 330, and a sample download module 340.
A sample identifier obtaining module 310, configured to obtain a sample identifier of a to-be-downloaded sample in response to a phishing mail sample downloading request issued by a user;
a node identifier obtaining module 320, configured to obtain, according to the sample identifier, an identifier of a target node in which the sample to be downloaded is stored;
an IP address determining module 330, configured to determine, according to the identifier of the target node, a current internet protocol IP address of the target node;
the sample downloading module 340 is configured to download the sample to be downloaded through the current IP address of the target node.
The technical scheme of the embodiment of the invention responds to a phishing mail sample downloading request initiated by a user, obtains the sample identification of the sample to be downloaded, obtains the identification of the target node in which the sample to be downloaded is stored, further determines the current IP address of the target node according to the identification of the target node, and finally downloads the sample to be downloaded in the target node through the current IP address of the target node.
Optionally, the node identifier obtaining module 320 is specifically configured to:
searching the identifier of the target node corresponding to the sample identifier in a database;
and the database is correspondingly stored with the identifiers of all samples and the identifiers of the nodes in which all the samples are stored.
Optionally, the IP address determining module 330 is specifically configured to:
acquiring a current IP address of a target node corresponding to the identifier of the target node according to the identifier of the target node and a configuration file;
the configuration file comprises the mapping relation between the identifier of each node and the current IP address of each node.
Optionally, the data downloading apparatus further includes:
the configuration file updating module is used for receiving the node identification and the node IP address sent by each node when the anti-phishing mail engine is started each time;
and updating the configuration file according to the identifier of the node and the IP address of the node.
The data downloading device provided by the embodiment of the invention can execute the data downloading method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 4 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present invention, as shown in fig. 4, the electronic device includes a processor 40 and a memory 41; the number of processors 40 in the device may be one or more, and one processor 40 is taken as an example in fig. 4; the processor 40 and the memory 41 in the device may be connected by a bus or other means, as exemplified by the bus connection in fig. 4.
The memory 41 serves as a computer-readable storage medium, and may be used to store software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to a data downloading method in the embodiments of the present invention (for example, the sample identifier obtaining module 310, the node identifier obtaining module 320, the IP address determining module 330, and the sample downloading module 340 in the data downloading apparatus). The processor 40 executes various functional applications of the device and data processing, i.e., implements the above-described data downloading method, by executing software programs, instructions, and modules stored in the memory 41.
The method comprises the following steps:
responding to a phishing mail sample downloading request initiated by a user, and acquiring a sample identifier of a sample to be downloaded;
acquiring the identifier of a target node storing the sample to be downloaded according to the sample identifier;
determining the current Internet Protocol (IP) address of the target node according to the identifier of the target node;
and downloading the sample to be downloaded in the target node through the current IP address of the target node.
The memory 41 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 41 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, memory 41 may further include memory located remotely from processor 40, which may be connected to the device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
EXAMPLE five
An embodiment of the present invention also provides a computer-readable storage medium having a computer program stored thereon, where the computer program is used to execute a data downloading method when executed by a computer processor, and the method includes:
responding to a phishing mail sample downloading request initiated by a user, and acquiring a sample identifier of a sample to be downloaded;
acquiring the identifier of a target node storing the sample to be downloaded according to the sample identifier;
determining the current Internet Protocol (IP) address of the target node according to the identifier of the target node;
and downloading the sample to be downloaded in the target node through the current IP address of the target node.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, which can be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the data downloading apparatus, the units and modules included in the embodiment are only divided according to functional logic, but are not limited to the above division as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (8)
1. A method for downloading data, comprising:
responding to a phishing mail sample downloading request initiated by a user, and acquiring a sample identifier of a sample to be downloaded;
acquiring the identifier of a target node storing the sample to be downloaded according to the sample identifier; wherein; the identification of the target node is unique and invariable all the time;
acquiring a current IP address of a target node corresponding to the identifier of the target node according to the identifier of the target node and a configuration file; the configuration file comprises the mapping relation between the identifier of each node and the current IP address of each node;
and downloading the sample to be downloaded in the target node through the current IP address of the target node.
2. The method according to claim 1, wherein obtaining an identifier of a target node storing the sample to be downloaded according to the sample identifier comprises:
searching the identifier of the target node corresponding to the sample identifier in a database;
and the database is correspondingly stored with the identifiers of all samples and the identifiers of the nodes in which all the samples are stored.
3. The method of claim 1, further comprising:
receiving the identifier of the node and the IP address of the node sent by each node when the anti-phishing mail engine is started;
and updating the configuration file according to the identifier of the node and the IP address of the node.
4. A data download apparatus, comprising:
the system comprises a sample identification acquisition module, a data acquisition module and a data processing module, wherein the sample identification acquisition module is used for responding to a phishing mail sample downloading request issued by a user and acquiring a sample identification of a sample to be downloaded;
a node identifier obtaining module, configured to obtain, according to the sample identifier, an identifier of a target node in which the sample to be downloaded is stored; wherein; the identification of the target node is unique and invariable all the time;
the IP address determining module is used for acquiring the current IP address of the target node corresponding to the identifier of the target node according to the identifier of the target node and the configuration file; the configuration file comprises the mapping relation between the identifier of each node and the current IP address of each node;
and the sample downloading module is used for downloading the sample to be downloaded through the current IP address of the target node.
5. The apparatus according to claim 4, wherein the node identifier obtaining module is specifically configured to:
searching the identifier of the target node corresponding to the sample identifier in a database;
and the database is correspondingly stored with the identifiers of all samples and the identifiers of the nodes in which all the samples are stored.
6. The apparatus of claim 4, wherein the data downloading apparatus further comprises:
the configuration file updating module is used for receiving the node identification and the node IP address sent by each node when the anti-phishing mail engine is started each time;
and updating the configuration file according to the identifier of the node and the IP address of the node.
7. An electronic device, characterized in that the device comprises:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a data download method as claimed in any one of claims 1 to 3.
8. A computer storage medium having a computer program stored thereon, the program, when executed by a processor, implementing the data download method of any of claims 1-3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011407914.1A CN112565414B (en) | 2020-12-03 | 2020-12-03 | Data downloading method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011407914.1A CN112565414B (en) | 2020-12-03 | 2020-12-03 | Data downloading method, device, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112565414A CN112565414A (en) | 2021-03-26 |
| CN112565414B true CN112565414B (en) | 2023-03-24 |
Family
ID=75048496
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011407914.1A Active CN112565414B (en) | 2020-12-03 | 2020-12-03 | Data downloading method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112565414B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105025064A (en) * | 2014-04-30 | 2015-11-04 | 腾讯科技(深圳)有限公司 | Method, device and system for downloading files |
| CN105227673A (en) * | 2015-10-16 | 2016-01-06 | 北京奇虎科技有限公司 | The data download method of anti-abduction, client, server and system |
| CN107071036A (en) * | 2017-04-21 | 2017-08-18 | 广东浪潮大数据研究有限公司 | A kind of method, the webserver and system for downloading driving file |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| SE537718C2 (en) * | 2013-10-11 | 2015-10-06 | Fidesmo Ab | Identification of service providers for integrating a secure element into a short-range type wireless communication device |
-
2020
- 2020-12-03 CN CN202011407914.1A patent/CN112565414B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105025064A (en) * | 2014-04-30 | 2015-11-04 | 腾讯科技(深圳)有限公司 | Method, device and system for downloading files |
| CN105227673A (en) * | 2015-10-16 | 2016-01-06 | 北京奇虎科技有限公司 | The data download method of anti-abduction, client, server and system |
| CN107071036A (en) * | 2017-04-21 | 2017-08-18 | 广东浪潮大数据研究有限公司 | A kind of method, the webserver and system for downloading driving file |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112565414A (en) | 2021-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067930B (en) | Domain name access method, domain name resolution method, server, terminal and storage medium | |
| CN109729183B (en) | Request processing method, device, equipment and storage medium | |
| CN111182089B (en) | Container cluster system, method and device for accessing big data assembly and server | |
| CN108494755B (en) | Method and device for transmitting Application Programming Interface (API) request | |
| CN111885216B (en) | DNS query method, device, equipment and storage medium | |
| CN106210155B (en) | Method and device for connecting application server | |
| CN110674427B (en) | Method, device, equipment and storage medium for responding to webpage access request | |
| CN111224878B (en) | Route forwarding method and device, electronic equipment and storage medium | |
| CN109120432B (en) | Fault server positioning method and device | |
| CN113542292A (en) | Intranet safety protection method and system based on DNS and IP credit data | |
| CN107623693B (en) | Domain name resolution protection method, device, system, computing equipment and storage medium | |
| CN111104376B (en) | Resource file query method and device | |
| CN111064786B (en) | Account identifier management method and device | |
| CN114401319B (en) | Request processing method, device, server and storage medium | |
| CN110855627B (en) | Application deployment method, device, equipment and medium | |
| CN113535262A (en) | Method, device, equipment and storage medium for controlling starting of proxy node | |
| CN112565414B (en) | Data downloading method, device, equipment and medium | |
| CN111291012A (en) | Rule file deployment system, method, equipment and medium | |
| CN116820958A (en) | Agent-based multi-environment automation test method and system | |
| CN113992739B (en) | Local area network OTA firmware upgrading device, method and system | |
| US20240291828A1 (en) | Searching device, search range determination method, and search range determination program | |
| CN104536784A (en) | Method and device for updating real-time system | |
| CN112153173B (en) | IPv6 address rapid deployment and distribution method and device | |
| CN112291343B (en) | Information acquisition method and device and electronic equipment | |
| CN114911515A (en) | Configuration management method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |