CN112733104B - Account registration request processing method and device - Google Patents

Account registration request processing method and device Download PDF

Info

Publication number
CN112733104B
CN112733104B CN202110031408.5A CN202110031408A CN112733104B CN 112733104 B CN112733104 B CN 112733104B CN 202110031408 A CN202110031408 A CN 202110031408A CN 112733104 B CN112733104 B CN 112733104B
Authority
CN
China
Prior art keywords
account registration
address
request
rule table
registration request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110031408.5A
Other languages
Chinese (zh)
Other versions
CN112733104A (en
Inventor
叶一聪
吴庆
王树太
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN202110031408.5A priority Critical patent/CN112733104B/en
Publication of CN112733104A publication Critical patent/CN112733104A/en
Application granted granted Critical
Publication of CN112733104B publication Critical patent/CN112733104B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2462Approximate or statistical queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The disclosure relates to an account registration request processing method, an account registration request processing device, electronic equipment and a computer readable medium. The method comprises the following steps: acquiring an account registration request from a client; extracting the IP address of the client from the account registration request; matching the IP address with an address rule table; when the matching result meets a first policy, processing the account registration request; and rejecting the account registration request when the matching result meets a second policy. The account registration request processing method, the device, the electronic equipment and the computer readable medium can protect server resources from being maliciously consumed, ensure normal operation of the server and reduce loss.

Description

Account registration request processing method and device
Technical Field
The disclosure relates to the field of computer information processing, and in particular relates to a method, a device, electronic equipment and a computer readable medium for processing an account registration request.
Background
And when in network, personal identification is provided for each person, and personalized customized service is performed. Many websites now provide a user registration function, which brings great convenience to the network life of users. While providing convenience, there is a corresponding hidden danger, and at present, the abnormal behavior is called malicious registration, which refers to the behavior of registering accounts in a large amount by writing malicious scripts or programs for a certain purpose, and abnormally accessing network services. On one hand, the method causes the rapid increase of database data, the overload of a server, the reduction of service quality, and simultaneously occupies a large amount of network resources, and the behavior causes serious loss to website operators.
The existing malicious registration prevention mode mainly comprises the steps of extracting the client IP of a registration account request, and then carrying out statistical analysis on the extracted IP address registration frequency. When the set threshold value is exceeded in unit time, the current IP address is considered as a malicious registration address, access to the IP address is limited, and account registration service is not provided in the set time.
Most enterprise office environments are within a local area network, sharing the same network outlet uses the same public ip address. If multiple persons register user accounts together at the same time in a company, the phenomenon seen outside the local area network is that the public network IP address sends multiple account registration requests at the same time. At this time, according to the registration frequency of the client IP address of the registered account number in the statistic unit time, after reaching the corresponding threshold, access restriction is performed on the public network IP address, and the malicious registration prevention method can lead staff in the company to be unable to perform normal account registration. At present, many registration tools change the IP address of the client to directly send a registration request, and a method for counting according to the IP address cannot protect similar malicious registration requests.
Therefore, a new account registration request processing method, device, electronic equipment and computer readable medium are needed.
The above information disclosed in the background section is only for enhancement of understanding of the background of the disclosure and therefore it may include information that does not form the prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
In view of the above, the present disclosure provides a method, an apparatus, an electronic device, and a computer readable medium for processing an account registration request, which can protect server resources from being consumed maliciously, ensure normal operation of a server, and reduce losses.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
According to an aspect of the present disclosure, a method for processing an account registration request is provided, including: acquiring an account registration request from a client; extracting the IP address of the client from the account registration request; matching the IP address with an address rule table; when the matching result meets a first policy, processing the account registration request; and rejecting the account registration request when the matching result meets a second policy.
In an exemplary embodiment of the present disclosure, further comprising: the address rule table is generated by statistical analysis of a plurality of account registration requests and page access requests.
In an exemplary embodiment of the present disclosure, generating the address rule table through statistical analysis of a plurality of account registration requests and page access requests includes: acquiring a plurality of account registration requests and page access requests; extracting a plurality of IP addresses corresponding to the account registration requests; and generating the address rule table based on the plurality of IP addresses and the number of account registration requests and page access requests corresponding to the plurality of IP addresses.
In an exemplary embodiment of the present disclosure, further comprising: acquiring a page access request from a client; extracting the IP address of the client from the page access request; matching the IP address with a preset address rule table; and updating the address rule table according to the matching result.
In an exemplary embodiment of the present disclosure, updating the address rule table according to the matching result includes: when the matching is successful, increasing the number of page access requests corresponding to the IP address in the address rule table; and when the matching is unsuccessful, adding page access request information of the IP address into the address rule table.
In an exemplary embodiment of the present disclosure, matching the IP address with an address rule table further includes: and when the matching is successful, increasing the number of account registration requests corresponding to the IP address in the address rule table.
In an exemplary embodiment of the present disclosure, matching the IP address with an address rule table further includes: extracting the number of account registration requests and page access requests corresponding to the IP address from the address rule table; and determining a proportion value according to the number of the account registration requests and the page access requests.
In an exemplary embodiment of the present disclosure, when the matching result satisfies the first policy, processing the account registration request includes: and when the matching is successful and the proportion value is in a preset interval, processing the account registration request.
In an exemplary embodiment of the present disclosure, rejecting the account registration request when the matching result satisfies the second policy includes: and rejecting the account registration request when the matching is unsuccessful.
In an exemplary embodiment of the present disclosure, rejecting the account registration request when the matching result satisfies the second policy includes: rejecting the account registration request when the matching is successful and the ratio value is not in a preset interval; and/or rejecting the account registration request when the matching is successful and the number of page access requests corresponding to the IP address exceeds a threshold value.
According to an aspect of the present disclosure, an account registration request processing apparatus is provided, including: the request module is used for acquiring an account registration request from the client; the address module is used for extracting the IP address of the client from the account registration request; the matching module is used for matching the IP address with the address rule table; the processing module is used for processing the account registration request when the matching result meets a first policy; and the rejecting module is used for rejecting the account registration request when the matching result meets the second policy.
According to an aspect of the present disclosure, there is provided an electronic device including: one or more processors; a storage means for storing one or more programs; when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the methods as described above.
According to an aspect of the present disclosure, a computer-readable medium is presented, on which a computer program is stored, which program, when being executed by a processor, implements a method as described above.
According to the account registration request processing method, the device, the electronic equipment and the computer readable medium, an account registration request from a client is obtained; extracting the IP address of the client from the account registration request; matching the IP address with an address rule table; when the matching result meets a first policy, processing the account registration request; when the matching result meets the second policy, rejecting the account registration request can protect server resources from being maliciously consumed, ensure normal operation of the server, and reduce loss.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings. The drawings described below are merely examples of the present disclosure and other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art.
Fig. 1 is a system block diagram illustrating a method and apparatus for processing an account registration request according to an exemplary embodiment.
Fig. 2 is a flowchart illustrating a method of processing an account registration request according to an exemplary embodiment.
Fig. 3 is a flowchart illustrating a method of processing an account registration request according to another exemplary embodiment.
Fig. 4 is a flowchart illustrating a method of processing an account registration request according to another exemplary embodiment.
Fig. 5 is a block diagram illustrating an account registration request processing apparatus according to an exemplary embodiment.
Fig. 6 is a block diagram of an electronic device, according to an example embodiment.
Fig. 7 is a block diagram of a computer-readable medium shown according to an example embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments can be embodied in many forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the disclosed aspects may be practiced without one or more of the specific details, or with other methods, components, devices, steps, etc. In other instances, well-known methods, devices, implementations, or operations are not shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams depicted in the figures are merely functional entities and do not necessarily correspond to physically separate entities. That is, the functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
The flow diagrams depicted in the figures are exemplary only, and do not necessarily include all of the elements and operations/steps, nor must they be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the order of actual execution may be changed according to actual situations.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used to distinguish one element from another element. Accordingly, a first component discussed below could be termed a second component without departing from the teachings of the concepts of the present disclosure. As used herein, the term "and/or" includes any one of the associated listed items and all combinations of one or more.
Those skilled in the art will appreciate that the drawings are schematic representations of example embodiments and that the modules or flows in the drawings are not necessarily required to practice the present disclosure, and therefore, should not be taken to limit the scope of the present disclosure.
The names to which the present disclosure relates are explained as follows:
public network IP refers to an unreserved address on the Internet connected by a public network. The public network and the intranet are two Internet access modes, and a computer of the public network and other computers on the Internet can access each other at will.
NAT (Network Address Translation) is network address conversion, which realizes the mutual conversion between the IP address of the intranet and the address of the public network, converts a large amount of intranet IP address into one or a small amount of public network IP address, and reduces occupation of the public network IP address. The most typical applications of NAT are: in a local area network, only one computer needs to be connected with the Internet, and NAT can be utilized to share Internet connection, so that other computers in the local area network can also be connected with the Internet. With the NAT protocol, computers in the local area network can access computers on the Internet, but computers on the Internet cannot access computers in the local area network.
Fig. 1 is a system block diagram of a method, an apparatus, an electronic device, and a computer readable medium for processing an account registration request according to an exemplary embodiment.
As shown in fig. 1, the system architecture 10 may include terminal devices 101, 102, 103, an analysis device 104, and account server 105, an external network 106.
The user may interact with the account server 105 through the analysis device 104 using the terminal devices 101, 102, 103 to receive or send registration requests or the like. After the registration request is passed, the user can make internet access through the account server 105 using the terminal devices 101, 102, 103. Various communication client applications, such as shopping class applications, web browser applications, search class applications, instant messaging tools, mailbox clients, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal devices 101, 102, 103 may be a variety of electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The analysis device 104 may perform statistical analysis on the account registration request and the page access request of the user, and the analysis device 104 may, for example, obtain the account registration request from the client; the analysis device 104 may extract the IP address of the client, for example, from the account registration request; the analysis device 104 may, for example, match the IP address with an address rule table; the analysis device 104 may process the account registration request, for example, when the matching result satisfies the first policy; the analysis device 104 may, for example; the analysis device 104 may reject the account registration request, for example, when the matching result satisfies the second policy.
The analysis device 104 may also generate the address rule table, for example, by statistical analysis of multiple account registration requests and page access requests.
The analysis device 104 may also, for example, obtain a page access request from a client; the analysis device 104 may also extract the IP address of the client, for example, from the page access request; the analysis device 104 may also match the IP address with a preset address rule table, for example; the analysis device 104 may also update the address rule table, for example, based on the matching result.
The analysis device 104 may be an entity server, or may be, for example, other devices capable of performing flow analysis, and it should be noted that the method for processing an account registration request provided in the embodiments of the present disclosure may be executed by the analysis device 104, and accordingly, the account registration request processing device may be disposed in the analysis device 104.
Fig. 2 is a flowchart illustrating a method of processing an account registration request according to an exemplary embodiment. The account registration request processing method 20 includes at least steps S202 to S210.
As shown in fig. 2, in S202, an account registration request from a client is acquired.
In S204, the IP address of the client is extracted from the account registration request.
In S206, the IP address and address rule table are matched. Extracting the number of account registration requests and page access requests corresponding to the IP address from the address rule table; and determining a proportion value according to the number of the account registration requests and the page access requests.
In one embodiment, further comprising: the address rule table is generated by statistical analysis of a plurality of account registration requests and page access requests.
The address rule table is generated through statistical analysis of a plurality of account registration requests and page access requests, and the address rule table comprises the following steps: acquiring a plurality of account registration requests and page access requests; extracting a plurality of IP addresses corresponding to the account registration requests; and generating the address rule table based on the plurality of IP addresses and the number of account registration requests and page access requests corresponding to the plurality of IP addresses.
In one embodiment, the method may further include extracting, from the address rule table, the number of account registration requests and page access requests corresponding to the IP address; and determining a proportion value according to the number of the account registration requests and the page access requests.
More specifically, the request of account registration page access can be analyzed, the client IP address corresponding to the request is extracted and recorded in the statistics rule table, and the number of accesses is also recorded in the statistics rule table. And analyzing the request submitted by the account registration form, extracting the IP address of the client corresponding to the request, recording the IP address in a statistics rule table, and recording the registration request times in the statistics rule table. And checking the number of account registration times of the IP in unit time, and processing the IP address exceeding the threshold value. The thresholds corresponding to different IP addresses can be set according to historical analysis data.
In S208, when the matching result satisfies the first policy, the account registration request is processed. The account registration request may be processed, for example, when the matching is successful and the ratio value is within a preset interval. Wherein the ratio value is
In S210, when the matching result satisfies the second policy, rejecting the account registration request. The account registration request may be denied, for example, when the match is unsuccessful. When the page access request information does not exist in the address rule table, the page access request information can be newly built in the address rule table. Because the normal user registration process is to first access the page and then register, the page registration access is considered as a premise of registration, and if the IP address of a certain registration request does not exist in the page access request, the registration request can be considered as an illegal request.
For example, when the matching is successful and the ratio value is not in a preset interval, rejecting the account registration request; the account registration request may be denied, for example, when the matching is successful and the number of page access requests corresponding to the IP address exceeds a threshold.
According to the account registration request processing method, whether the client is a legal user is judged by calculating the ratio of the number of requests accessed by the client account registration page to the number of requests submitted by the client account registration form; whether the request submitted by the account registration form is a malicious registration request or not is judged by whether a request for access of a client account registration page exists, so that server resources can be protected from being consumed maliciously, normal operation of a server is ensured, and loss is reduced.
It should be clearly understood that this disclosure describes how to make and use particular examples, but the principles of this disclosure are not limited to any details of these examples. Rather, these principles can be applied to many other embodiments based on the teachings of the present disclosure.
Fig. 3 is a flowchart illustrating a method of processing an account registration request according to another exemplary embodiment. The flow 30 shown in fig. 3 is a complementary description of the flow shown in fig. 2.
As shown in fig. 3, in S302, a page access request from a client is acquired. Further, the page access request is an access request of a page of the registered account.
In S304, the IP address of the client is extracted from the page access request.
In S306, the IP address is matched with a preset address rule table.
In S308, the address rule table is updated according to the matching result.
In one embodiment, when the matching is successful, increasing the number of page access requests corresponding to the IP address in the address rule table; and increasing the number of account registration requests corresponding to the IP addresses in the address rule table.
In one embodiment, when the matching is unsuccessful, the page access request information of the IP address is added in the address rule table.
According to the account registration request processing method, the flow of the account registration request which is continuously sent to the server by using a tool or a script can be identified in the network, even if the IP address of the client is forged, the abnormal account registration behavior of the client can be identified and limited by the device, the request of malicious registration accounts can be processed in time, further resource waste is prevented, and damage is prevented in time. Meanwhile, a large number of normally registered users of the same client are limited, so that the cost is increased for large number registration, and a large number of account registration behaviors are prevented from being performed manually, so that server resources are prevented from being wasted.
Fig. 4 is a flowchart illustrating a method of processing an account registration request according to another exemplary embodiment. The flow 40 shown in fig. 4 is a detailed description of the flows shown in fig. 2 and 3.
As shown in fig. 4, in S401, a request sent by a client is acquired, where the request includes an account registration request and a page access request.
In S402, the registration page access request and the account registration request are identified according to the account registration domain name to be protected.
In S403, the IP address is extracted.
In S404, whether the IP address is in the address statistics rule table.
In S405, whether the IP address is in the address statistics rule table.
In S406, the registration page access request number is increased by 1 in the address statistics rule table. And finding out a corresponding request for accessing the client account registration page according to the domain name address of the account registration page and a message request method in the flow entering the device. And extracting information from the account registration page request, and extracting the corresponding client IP address. And searching whether the newly extracted client IP address exists in the statistical rule table. And judging whether the extracted IP address exists in a statistical rule table. If the corresponding client IP address exists in the statistical rule table, the number of requests for the account registration page access is increased by 1.
In S407, access request information of the IP address is newly added to the address statistics rule table. If the client IP address does not exist in the statistical rule table, a statistical rule record is newly established, and the request number of the registration page access of the client IP account is recorded to be 1.
In S408, the information is transmitted to the account server.
In S409, the account registration request number is added by 1 in the address statistics rule table. And finding out a request submitted by the corresponding client account registration form according to the address submitted by the set account registration form and a message request method in the flow entering the device. And extracting information from the request submitted by the account registration form, and extracting the corresponding client IP address. And searching whether the newly extracted client IP address exists in the statistical rule table. And judging whether the extracted IP address exists in a statistical rule table. If the corresponding client IP address exists in the statistical rule table, the number of requests submitted by the account registration form in the rule table is increased by 1.
In S410, a ratio value of the account registration request and the page access request is calculated. And searching the IP address of the client corresponding to the extraction in the statistical rule table, and adding 1 to the number of the account registration requests corresponding to the IP address to obtain the current number of the account registration requests. And searching the request times of the account registration page access corresponding to the IP address in the statistical rule table. And calculating the acquired request times of the access of the account registration page and the request times submitted by the account registration form to obtain the corresponding proportion.
In S411, the ratio value is within a preset range. And comparing the calculated proportion value with a preset reasonable proportion interval.
In S412, the number of page requests exceeds the threshold. If the number of requests submitted by the corresponding account registration form in the statistical rule table exceeds a set threshold, pushing the verification code to the client, and continuing registration only if the correct verification code is input. And if the calculated proportion value is in the set proportion interval range, the registration behavior of the client IP is considered to be normal.
In S413, the IP address is restricted from being registered. And if the calculated proportion value is not in the set proportion interval range, the client IP is considered to have the behavior of a malicious registration account.
For example, the client IP for determining that the malicious account registration behavior exists may be recorded in an illegal registration user table, the current time is recorded, and the account registration request sent by the client IP is blocked within a set time range.
In S414, the registration request of the IP address is rejected.
For example, the account registration request of the client IP may not be found in the statistical rule table, and it may be determined as a malicious registration account request. And blocking the registration request for judging that the malicious registration account number acts exist. Recording the client IP with the malicious account registration behavior in an illegal registration user table, recording the current time, and blocking account registration requests sent by the client IP within a set time range.
According to the account registration request processing method, user requests are counted and analyzed through equipment deployed between a client and a server. When someone uses the tool to continuously send the registration message, the registered message can be identified to intercept, and the registration is prevented from being successful. And limiting the users frequently registering the accounts to prevent the users from registering a large number of accounts. The server resource can be protected from being maliciously consumed, the normal operation of the server is ensured, and the loss is reduced.
Those skilled in the art will appreciate that all or part of the steps implementing the above described embodiments are implemented as a computer program executed by a CPU. The above-described functions defined by the above-described methods provided by the present disclosure are performed when the computer program is executed by a CPU. The program may be stored in a computer readable storage medium, which may be a read-only memory, a magnetic disk or an optical disk, etc.
Furthermore, it should be noted that the above-described figures are merely illustrative of the processes involved in the method according to the exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily appreciated that the processes shown in the above figures do not indicate or limit the temporal order of these processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, for example, among a plurality of modules.
The following are device embodiments of the present disclosure that may be used to perform method embodiments of the present disclosure. For details not disclosed in the embodiments of the apparatus of the present disclosure, please refer to the embodiments of the method of the present disclosure.
Fig. 5 is a block diagram illustrating an account registration request processing apparatus according to an exemplary embodiment. As shown in fig. 5, the account registration request processing apparatus 50 includes: a request module 502, an address module 504, a match module 506, a process module 508, a reject module 510.
The request module 502 is configured to obtain an account registration request from a client;
the address module 504 is configured to extract, from the account registration request, an IP address of the client;
the matching module 506 is configured to match the IP address with an address rule table; the matching module 506 is further configured to extract, from the address rule table, the number of account registration requests and page access requests corresponding to the IP address; and determining a proportion value according to the number of the account registration requests and the page access requests.
The processing module 508 is configured to process the account registration request when the matching result meets a first policy; more specifically, when the matching is successful and the ratio value is in a preset interval, the account registration request is processed.
The rejecting module 510 is configured to reject the account registration request when the matching result satisfies the second policy. More specifically, the account registration request may be rejected when the matching is unsuccessful; the account registration request can be refused when the matching is successful and the proportion value is not in a preset interval; the account registration request may be denied when the matching is successful and the number of page access requests corresponding to the IP address exceeds a threshold.
According to the account registration request processing device, an account registration request from a client is acquired; extracting the IP address of the client from the account registration request; matching the IP address with an address rule table; when the matching result meets a first policy, processing the account registration request; when the matching result meets the second policy, rejecting the account registration request can protect server resources from being maliciously consumed, ensure normal operation of the server, and reduce loss.
Fig. 6 is a block diagram of an electronic device, according to an example embodiment.
An electronic device 600 according to such an embodiment of the present disclosure is described below with reference to fig. 6. The electronic device 600 shown in fig. 6 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present disclosure in any way.
As shown in fig. 6, the electronic device 600 is in the form of a general purpose computing device. Components of electronic device 600 may include, but are not limited to: at least one processing unit 610, at least one memory unit 620, a bus 630 connecting the different system components (including the memory unit 620 and the processing unit 610), a display unit 640, etc.
Wherein the storage unit stores program code that is executable by the processing unit 610 such that the processing unit 610 performs steps described in the present specification according to various exemplary embodiments of the present disclosure. For example, the processing unit 610 may perform the steps as shown in fig. 2, 3, and 4.
The memory unit 620 may include readable media in the form of volatile memory units, such as Random Access Memory (RAM) 6201 and/or cache memory unit 6202, and may further include Read Only Memory (ROM) 6203.
The storage unit 620 may also include a program/utility 6204 having a set (at least one) of program modules 6205, such program modules 6205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
Bus 630 may be a local bus representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or using any of a variety of bus architectures.
The electronic device 600 may also communicate with one or more external devices 600' (e.g., keyboard, pointing device, bluetooth device, etc.), devices that enable a user to interact with the electronic device 600, and/or any devices (e.g., routers, modems, etc.) that the electronic device 600 can communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 650. Also, electronic device 600 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 660. The network adapter 660 may communicate with other modules of the electronic device 600 over the bus 630. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 600, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, as shown in fig. 7, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, and includes several instructions to cause a computing device (may be a personal computer, a server, or a network device, etc.) to perform the above-described method according to the embodiments of the present disclosure.
The software product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable storage medium may also be any readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
The computer-readable medium carries one or more programs, which when executed by one of the devices, cause the computer-readable medium to perform the functions of: acquiring an account registration request from a client; extracting the IP address of the client from the account registration request; matching the IP address with an address rule table; when the matching result meets a first policy, processing the account registration request; and rejecting the account registration request when the matching result meets a second policy.
Those skilled in the art will appreciate that the modules may be distributed throughout several devices as described in the embodiments, and that corresponding variations may be implemented in one or more devices that are unique to the embodiments. The modules of the above embodiments may be combined into one module, or may be further split into a plurality of sub-modules.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or in combination with the necessary hardware. Thus, the technical solutions according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, and include several instructions to cause a computing device (may be a personal computer, a server, a mobile terminal, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
Exemplary embodiments of the present disclosure are specifically illustrated and described above. It is to be understood that this disclosure is not limited to the particular arrangements, instrumentalities and methods of implementation described herein; on the contrary, the disclosure is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (5)

1. The account registration request processing method is characterized by comprising the following steps of:
acquiring an account registration request from a client;
analyzing the account registration page access request, extracting the client IP address corresponding to the account registration page access request, recording the client IP address in an address rule table, and recording the account registration page access request times in the address rule table;
analyzing the request submitted by the account registration form, extracting the IP address of the client corresponding to the request submitted by the account registration form and recording the IP address in an address rule table, and recording the number of times of the request submitted by the account registration form in the address rule table, wherein the address rule table is updated in real time according to the access request of the account registration page and the request submitted by the account registration form;
matching the IP address of the request submitted by the current account registration form with an address rule table;
extracting the number of requests submitted by an account registration form corresponding to the IP address of the account registration request from the client and the number of access requests of the account registration page from the address rule table, and determining a proportional value according to the number of the requests submitted by the account registration form and the number of the access requests of the page;
when the IP address of the request submitted by the current account registration form is successfully matched and the proportion value is in a preset interval, processing the account registration request;
and rejecting the account registration request when the IP address of the request submitted by the current account registration form is not successfully matched or successfully matched and the ratio value is not in a preset interval.
2. The method as recited in claim 1, further comprising:
acquiring an account registration page access request from a client;
extracting the IP address of the client from the account registration page access request;
matching the IP address with a preset address rule table;
and updating the address rule table according to the matching result.
3. The method of claim 2, wherein updating the address rule table based on the matching result comprises:
when the matching is successful, increasing the number of the account registration page access requests corresponding to the IP address in the address rule table;
and when the matching is unsuccessful, adding the account registration page access request information of the IP address in the address rule table.
4. The method as recited in claim 1, further comprising:
and rejecting the account registration request when the IP address of the request submitted by the current account registration form is successfully matched and the number of the account registration page access requests corresponding to the IP address exceeds a threshold value.
5. An account registration request processing apparatus, characterized in that it performs an account registration request by the method according to one of claims 1 to 4.
CN202110031408.5A 2021-01-11 2021-01-11 Account registration request processing method and device Active CN112733104B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110031408.5A CN112733104B (en) 2021-01-11 2021-01-11 Account registration request processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110031408.5A CN112733104B (en) 2021-01-11 2021-01-11 Account registration request processing method and device

Publications (2)

Publication Number Publication Date
CN112733104A CN112733104A (en) 2021-04-30
CN112733104B true CN112733104B (en) 2023-08-25

Family

ID=75590385

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110031408.5A Active CN112733104B (en) 2021-01-11 2021-01-11 Account registration request processing method and device

Country Status (1)

Country Link
CN (1) CN112733104B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110233831A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The detection method and device of malicious registration

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104917643A (en) * 2014-03-11 2015-09-16 腾讯科技(深圳)有限公司 Abnormal account detection method and device
CN105262760A (en) * 2015-10-30 2016-01-20 北京奇虎科技有限公司 Method and device for preventing action of maliciously visiting login/register interface
US9781152B1 (en) * 2013-09-11 2017-10-03 Google Inc. Methods and systems for performing dynamic risk analysis using user feedback
CN107634947A (en) * 2017-09-18 2018-01-26 北京京东尚科信息技术有限公司 Limitation malice logs in or the method and apparatus of registration
CN107733883A (en) * 2017-10-09 2018-02-23 武汉斗鱼网络科技有限公司 A kind of method and device for detecting batch registration account
CN109510800A (en) * 2017-09-14 2019-03-22 北京金山云网络技术有限公司 A kind of network request processing method, device, electronic equipment and storage medium
CN110233831A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The detection method and device of malicious registration

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9781152B1 (en) * 2013-09-11 2017-10-03 Google Inc. Methods and systems for performing dynamic risk analysis using user feedback
CN104917643A (en) * 2014-03-11 2015-09-16 腾讯科技(深圳)有限公司 Abnormal account detection method and device
CN105262760A (en) * 2015-10-30 2016-01-20 北京奇虎科技有限公司 Method and device for preventing action of maliciously visiting login/register interface
WO2017071551A1 (en) * 2015-10-30 2017-05-04 北京奇虎科技有限公司 Method and device for preventing malicious access to login/registration interface
CN109510800A (en) * 2017-09-14 2019-03-22 北京金山云网络技术有限公司 A kind of network request processing method, device, electronic equipment and storage medium
CN107634947A (en) * 2017-09-18 2018-01-26 北京京东尚科信息技术有限公司 Limitation malice logs in or the method and apparatus of registration
CN107733883A (en) * 2017-10-09 2018-02-23 武汉斗鱼网络科技有限公司 A kind of method and device for detecting batch registration account
CN110233831A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The detection method and device of malicious registration

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种基于域名请求伴随关系的恶意域名检测方法;彭成维等;《计算机研究与发展》;全文 *

Also Published As

Publication number Publication date
CN112733104A (en) 2021-04-30

Similar Documents

Publication Publication Date Title
US11244070B2 (en) Adaptive remediation of multivariate risk
US10313352B2 (en) Phishing detection with machine learning
CN109361711B (en) Firewall configuration method and device, electronic equipment and computer readable medium
CN112738102B (en) Asset identification method, device, equipment and storage medium
US9900335B2 (en) Systems and methods for prioritizing indicators of compromise
US9058490B1 (en) Systems and methods for providing a secure uniform resource locator (URL) shortening service
EP3763097B1 (en) System and method for restricting access to web resources from web robots
CN111586005B (en) Scanner scanning behavior identification method and device
CN109889511B (en) Process DNS activity monitoring method, equipment and medium
CN111711617A (en) Method and device for detecting web crawler, electronic equipment and storage medium
CN107634947A (en) Limitation malice logs in or the method and apparatus of registration
CN111488581A (en) Weak password vulnerability detection method and device, electronic equipment and computer readable medium
CN112733104B (en) Account registration request processing method and device
CN114969840A (en) Data leakage prevention method and device
US11190589B1 (en) System and method for efficient fingerprinting in cloud multitenant data loss prevention
CN110955890B (en) Method and device for detecting malicious batch access behaviors and computer storage medium
US11630895B2 (en) System and method of changing the password of an account record under a threat of unlawful access to user data
CN110943982B (en) Document data encryption method and device, electronic equipment and storage medium
CN114363039A (en) Method, device, equipment and storage medium for identifying fraud websites
CN111314308A (en) System security check method and device based on port analysis
US20200076784A1 (en) In-Line Resolution of an Entity's Identity
CN111582648A (en) User policy generation method and device and electronic equipment
CN111737624B (en) Page redirection protection method and device and electronic equipment
US11736439B2 (en) System and method of blocking advertising on computing devices based on estimated probability
EP4191499A1 (en) System and method for providing content to a user

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant