CN113206835A - Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router - Google Patents

Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router Download PDF

Info

Publication number
CN113206835A
CN113206835A CN202110375112.5A CN202110375112A CN113206835A CN 113206835 A CN113206835 A CN 113206835A CN 202110375112 A CN202110375112 A CN 202110375112A CN 113206835 A CN113206835 A CN 113206835A
Authority
CN
China
Prior art keywords
behavior
network
router
payment
networking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110375112.5A
Other languages
Chinese (zh)
Other versions
CN113206835B (en
Inventor
李进
王辉
魏文昭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Qihu Intelligent Technology Co ltd
Original Assignee
Shenzhen Qihu Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Qihu Intelligent Technology Co ltd filed Critical Shenzhen Qihu Intelligent Technology Co ltd
Priority to CN202110375112.5A priority Critical patent/CN113206835B/en
Publication of CN113206835A publication Critical patent/CN113206835A/en
Application granted granted Critical
Publication of CN113206835B publication Critical patent/CN113206835B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • H04L63/306Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Abstract

The invention is suitable for the technical field of routers, and provides a method for intercepting payment behaviors of networking equipment by a router, which comprises the following steps: configuring a behavior rule set for a specified application to carry out network payment; monitoring the networking behavior of the networking equipment through a router, and judging whether the networking equipment is an authorized user; if the networking equipment is not the authorized user, analyzing and judging whether the network behavior is matched with the behavior rule set; intercepting the network behavior if the network behavior matches the behavior rule set. A system for intercepting payment behavior of networked devices by a router, a storage medium for storing a computer program for executing the method, and a computer device for implementing the method are also provided. Therefore, the invention can intercept the network payment behavior of the appointed application networked through the router on the router, does not need the user equipment to install the interception application and has strong pertinence.

Description

Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router
Technical Field
The invention relates to the technical field of routers, in particular to a method, a system, a storage medium and computer equipment for intercepting payment behaviors of networking equipment by a router.
Background
In a home network environment, parents have clear requirements for managing and controlling the network behaviors of children. If the Tencent is already in the flag game, the child management and control mode is promoted, and the recharging behavior in the game can be limited.
In the prior art, the interception of the payment behavior on the router is generally specific to a certain device, and the specific application in which the payment behavior occurs cannot be distinguished. Such as if the network request for network payment is prohibited on the router, then normal network payment behavior, such as top-up charges, may also be intercepted. Therefore, how to accurately identify the network behavior on a router for a given application to pay is a current problem.
As can be seen, the conventional method has many problems in practical use, and therefore, needs to be improved.
Disclosure of Invention
In view of the above-mentioned drawbacks, an object of the present invention is to provide a method, a system, a storage medium, and a computer device for intercepting a payment behavior of a networking device by a router, which can effectively identify a network payment behavior of a specific application networked by the router, and can intercept a network payment behavior of a specific application in a targeted manner, without installing an interception application on a user device, with strong pertinence.
In order to achieve the above object, the present invention provides a method for intercepting a payment behavior of a networking device by a router, comprising the steps of:
configuring a behavior rule set for a specified application to carry out network payment;
monitoring the networking behavior of the networking equipment through a router, and judging whether the networking equipment is an authorized user;
if the networking equipment is not the authorized user, analyzing and judging whether the network behavior is matched with the behavior rule set;
intercepting the network behavior if the network behavior matches the behavior rule set.
Optionally, the step of configuring the behavior rule set for the specified application to perform the network payment specifically includes:
and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
Optionally, the step of monitoring a network behavior of the networking device networked by the router, and determining whether the networking device is an authorized user includes:
monitoring networking equipment connected to the router, and acquiring network behaviors of the networking equipment in a networking process;
and judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
Optionally, the step of determining whether the networking device is a pre-manufactured authorized user according to the device identification information of the networking device specifically includes:
extracting the mac address of the networking device;
and judging whether the mac address is matched with an authorization comparison table prestored on the router.
Optionally, if the networking device is not the authorized user, the step of analyzing and determining whether the network behavior matches the behavior rule set specifically includes:
and analyzing and judging whether the network behavior is matched with the network payment behavior corresponding to the behavior rule set.
Optionally, the step of analyzing and determining whether the network behavior matches the network payment behavior corresponding to the behavior rule set specifically includes:
and analyzing and judging whether the network requests and the network request sequences of the network behaviors are matched with the network payment behaviors corresponding to the behavior rule set or not.
Optionally, the step of analyzing and determining whether the network request and the network request sequence of the network behavior are both matched with the network payment behavior of the behavior rule set specifically includes:
and judging whether the network request and the network request sequence are matched with the network payment behavior within a preset time.
Optionally, if the networking device is not the authorized user, the step of analyzing and determining whether the network behavior matches the behavior rule set further includes:
and storing the behavior rule sets respectively corresponding to at least one designated application into the router.
Optionally, if the network behavior is matched with the behavior rule set, the step of intercepting the network behavior specifically includes:
and intercepting at least one network connection request matched with a preset interception rule in the network behavior.
Still provide a system that networking device payment action was intercepted to router, including:
the configuration unit is used for configuring a behavior rule set for carrying out network payment by a specified application;
the monitoring and judging unit is used for monitoring the network behavior of the networking equipment which is networked through the router and judging whether the networking equipment is an authorized user;
a behavior analysis unit, configured to analyze and determine whether the network behavior matches the behavior rule set if the networking device is not the authorized user;
and the intercepting unit is used for intercepting the network behavior if the network behavior is matched with the behavior rule set.
Optionally, the configuration unit is specifically configured to:
and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
Optionally, the monitoring and determining unit includes:
the monitoring subunit is used for monitoring networking equipment connected to the router and acquiring the network behavior of the networking equipment in the networking process;
and the judging subunit is used for judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
Optionally, the judging subunit is specifically configured to:
extracting the mac address of the networking device;
and judging whether the mac address is matched with an authorization comparison table prestored on the router.
Optionally, the behavior analysis unit is specifically configured to:
and analyzing and judging whether the network behavior is matched with the network payment behavior corresponding to the behavior rule set.
Optionally, the behavior analysis unit is specifically configured to:
and analyzing and judging whether the network requests and the network request sequences of the network behaviors are matched with the network payment behaviors corresponding to the behavior rule set or not.
Optionally, the behavior analysis unit is specifically configured to:
and judging whether the network request and the network request sequence are matched with the network payment behavior within a preset time.
Optionally, the method further includes:
and the storage unit is used for storing the behavior rule sets respectively corresponding to the at least one designated application into the router.
Optionally, the intercepting unit is specifically configured to:
and intercepting at least one network connection request matched with a preset interception rule in the network behavior.
In addition, a storage medium and a computer device are provided, wherein the storage medium is used for storing a computer program for executing the method for intercepting the payment behavior of the networking device by the router.
The computer device comprises a storage medium, a processor and a computer program stored on the storage medium and capable of running on the processor, wherein the processor executes the computer program to realize the method for intercepting the payment behavior of the networking device by the router.
The method and the system for intercepting the payment behavior of the networking equipment by the router have the advantages that the behavior rule set for network payment is configured by the appointed application; monitoring the networking behavior of the networking equipment through a router, and judging whether the networking equipment is an authorized user; if not, analyzing and judging whether the network behavior is matched with the behavior rule set; and if the network behavior is matched with the behavior rule set, intercepting the network behavior. Therefore, the method and the device can effectively identify the network payment behavior of the specified application networked through the router, can intercept the network payment behavior of the specific application in a targeted manner, do not need the user equipment to install the intercepted application, and have strong pertinence.
Drawings
Fig. 1 is a flowchart illustrating steps of a method for intercepting a payment behavior of a networked device by a router according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating optional steps of monitoring and determining in a method for intercepting a payment behavior of a networking device by a router according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating optional authorization determination steps of a method for intercepting a payment behavior of a networked device by a router according to an embodiment of the present invention;
fig. 4 is a schematic block diagram of a system for intercepting a payment behavior of a networked device by a router according to an embodiment of the present invention;
fig. 5 is a schematic block diagram of the monitoring and determining unit of the system for intercepting the payment behavior of the networking device by the router according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of a storage medium according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
It should be noted that references in the specification to "one embodiment," "an example embodiment," etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic. Moreover, such phrases are not intended to refer to the same embodiment. Further, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to effect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described.
Moreover, where certain terms are used throughout the description and following claims to refer to particular components or features, those skilled in the art will understand that manufacturers may refer to a component or feature by different names or terms. This specification and the claims that follow do not intend to distinguish between components or features that differ in name but not function. In the following description and in the claims, the terms "include" and "comprise" are used in an open-ended fashion, and thus should be interpreted to mean "include, but not limited to. In addition, the term "connected" as used herein includes any direct and indirect electrical connection. Indirect electrical connection means include connection by other means.
Fig. 1 illustrates a method for intercepting a payment behavior of a networking device by a router according to an embodiment of the present invention, including:
step S101: and configuring a behavior rule set for a specified application to carry out network payment. The designated application can be an application program with a network payment function, such as a network live broadcast application with a reward function, a network game application with a recharge function and the like; the network payment behavior of the specified application generally has continuous operation flows, so each behavior rule set respectively corresponds to one network payment behavior of the specified application, that is, each behavior rule set comprises a plurality of behavior rules respectively corresponding to a plurality of continuous flows. For example, taking the online payment of the "live tiger-teeth" application as an example, the behavior rule set configuring the corresponding online payment behavior is as follows:
[{action=‘ident’,pay.huya.com"},
{action=‘ident’,tcp.payload[0:3]==336600"},
{action=‘ident’,short.pay.weixin.qq.com/mmtls"},
{action=‘ident’,short.pay.weixin.qq.com/mmtls"},
{action=‘block,short.pay.weixin.qq.com/mmtls"},
]
the action represents an identification rule, namely the network payment behavior of the 'tiger-tooth live broadcast' application comprises five behavior rules; wherein, the rules of lines 1 and 2 represent that the payment interface is opened by using tiger's teeth live broadcast, the rules of lines 3 and 4 represent that the payment interface is opened by using WeChat payment, and the rule of line 5 represents that the payment actually occurs. The behavior rules configured for the network payment behaviors of different applications are different, and when the method is actually applied, the behavior rule set corresponding to the network payment behavior of the application can be configured according to the actual use condition.
Step S102: and monitoring the networking behavior of the networking equipment through the router, and judging whether the networking equipment is an authorized user. The networking device may be a smart phone, tablet, personal computer, etc. connected to the router network; only authorized users cannot be prohibited from current network payment behaviors by judging whether the networking equipment is authorized or not; for example, the authorized user may be a parent, guardian, or the like, while the unauthorized user is a child, student, guardian, or the like.
Step S103: if the networking device is not the authorized user, analyzing and judging whether the network behavior is matched with the behavior rule set. If the networking equipment is not an authorized user, such as a child, a student or a person under guardianship, the networking equipment further monitors the network behavior of the networking equipment request through the router, and matches the network behavior with a preset behavior rule set so as to analyze and judge whether the network behavior is the network payment behavior of the specified application. And if a plurality of devices belong to the unauthorized roles, combining and matching the network behaviors of the plurality of devices in network matching.
The embodiment can configure a plurality of different home roles, the home roles are networking devices of the router, and specific role information is set by a manager or the manager. For example, a user of the router may set a PC computer and a mobile phone as a "son" role, and the router may unify traffic of the PC computer and the mobile phone under the "son" role for processing. For example, a payment interface is opened on a PC computer, then a mobile phone is used for scanning codes, and finally payment is completed on the mobile phone, so that the payment is still considered as a role having payment although the payment is across devices.
Step S104: intercepting the network behavior if the network behavior matches the behavior rule set. And when the network behavior accords with a preset behavior rule set, intercepting the currently-ongoing network behavior which is not actually paid, thereby effectively avoiding the network payment behavior of an unauthorized user in a specific application and realizing the effective control of the network payment behavior of the specific application of the specific networking equipment. For example, in connection with the example of the "live tiger" application above, where line 5 rules represent that payment actually occurs; if the currently monitored network behavior is matched with the rules of the 1 st, 2 nd, 3 rd and 4 th lines in sequence, the rule 5 is intercepted, so that the network payment behavior cannot be finished.
Optionally, step S101 specifically includes: and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application. The network payment of the appointed application has at least one flow step, and the corresponding flow step can be networked through a router to generate a corresponding network connection request; in a specific implementation of the embodiment, the behavior rule set may be configured as a set according to the relevant characteristic information of at least one network connection request corresponding to the applied network payment operation; if each network connection request corresponds to a behavior rule, the behavior rule may correspond to one or more codes for performing related functions.
Referring to fig. 2, in one embodiment, step S102 includes:
step S1021: and monitoring the networking equipment connected to the router, and acquiring the network behavior of the networking equipment in the networking process. More than one networking device networked by a router, so in a particular implementation, when a network behavior networked by a router is obtained, the network behavior includes a device identification corresponding to the networking device for distinguishing the corresponding networking device.
Step S1022: and judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
Referring to fig. 3, in one embodiment, step S1022 includes:
s1121: and extracting the mac (Media Access Control Address) Address of the networking equipment. That is, the embodiment utilizes the mac address of the networked device as the device identifier of the networked device for device differentiation.
S1122: and judging whether the mac address is matched with an authorization comparison table prestored on the router. When the method is implemented specifically, an authorization comparison table is configured in advance according to the mac addresses of the networking devices of a plurality of authorized users, and the mac address of the networking device of at least one authorized user is stored in the authorization comparison table; only if the mac address of the networking equipment of the network behavior is matched and consistent with any mac address on the authorization comparison table, the network connection does not need to be intercepted in the subsequent operation; otherwise, intercepting according to the set interception rule.
Optionally, step S103 specifically includes: and analyzing and judging whether the network behavior is matched with the network payment behavior corresponding to the behavior rule set. Matching the current network behavior networked through the router with a preset behavior rule, and matching the current network behavior networked through the router with the 5 behavior rules to judge whether the current network behavior networked through the router accords with the behavior rule set or not, if the example of the 'tiger teeth live broadcast' application is used, matching the current network behavior networked through the router with the 5 behavior rules; in specific implementation, the network connection of the 5 th action rule which is just about to occur can be intercepted only when the first 4 action rules are met.
In one embodiment, step S103 further comprises: and analyzing and judging whether the network requests and the network request sequences of the network behaviors are matched with the network payment behaviors corresponding to the behavior rule set or not. Analyzing the current network behavior networked by the router to obtain a network request sequence generated in the process of the network request sequence and among a plurality of network requests, and comparing and matching the network request sequence with the behavior rule in at least one configured behavior rule set; the current network behavior can be matched with a plurality of behavior rule sets in a contrast mode, and whether the current network behavior conforms to any behavior rule set can be judged.
Optionally, step S103 further includes: and judging whether the network request and the network request sequence are matched with the network payment behavior within a preset time. Taking the above-mentioned "live tiger-teeth" application as an example, if the network request and the sequence of the network request meet the behavior rule set within a specified time period, for example, within 1 minute, it can be determined that the network payment behavior is about to occur.
Optionally, step S104 specifically includes: and intercepting at least one network connection request matched with a preset interception rule in the network behavior. The interception rule can be configured in advance according to network payment behaviors related to specific application software, and by taking the 'tiger live broadcast' application as an example, within 1 minute, the network request and the sequence of the network request are matched with the rules of the 1 st, 2 nd, 3 rd and 4 th rows, and the network payment behavior is considered to be occurring. And the 5 th rule represents that payment actually occurs, and if the rules are sequentially matched with 1, 2, 3 and 4, the rule 5 is intercepted, so that the network payment behavior cannot be finished. That is, in this embodiment, the interception rule stores the line 5 rule corresponding to the application of "tiger's live broadcast", and when the interception operation is performed, the network behavior is matched with the rule prestored in the interception rule, so that only the rule prestored in the network behavior corresponding to the interception rule is intercepted. In this embodiment, the network connection request of the rule in row 5 represents the final payment link, so that the rule in row 5 representing the final link of the network payment only needs to be intercepted. The interception rules and the behavior rule sets are configured independently, and the interception rules can also be configured in the behavior rule sets.
Furthermore, an interception switch can be arranged on the router, and the interception of the network payment behavior aiming at the specified application can be started through the interception switch.
Step S101 is preceded by: and storing the behavior rule sets respectively corresponding to at least one designated application into the router. Each appointed application is configured with a behavior rule set corresponding to the appointed application, and the appointed applications respectively correspond to a plurality of different behavior rule sets; in specific implementation, after a router is started, downloading the behavior rule sets from a server to store the behavior rule sets into a database appointed by the router, and when the router monitors network behaviors networked through the router, performing comparison matching on the network behaviors and each behavior rule set in the database to judge whether the behavior rule sets are matched with any behavior rule set.
Fig. 4 shows a system 100 for intercepting a payment behavior of a networking device by a router according to an embodiment of the present invention, where the system 100 is applied to a router and includes a configuration unit 10, a monitoring and determining unit 20, a behavior analyzing unit 30, and an intercepting unit 40, where:
the configuration unit 10 is used for configuring a behavior rule set for network payment of a specified application; the monitoring and judging unit 20 is configured to monitor a network behavior of a networking device that is networked by a router, and judge whether the networking device is an authorized user; the behavior analysis unit 30 is configured to analyze and determine whether the network behavior matches the behavior rule set if the networking device is not the authorized user; the intercepting unit 40 is configured to intercept the network behavior if the network behavior matches the behavior rule set.
The designated application can be an application program with a network payment function, such as a network live broadcast application with a reward function, a network game application with a recharge function and the like; the networking device may be a smart phone, tablet, personal computer, etc. connected to the router network; the network behavior of the networking request of the networking equipment is monitored through the router and matched with a preset behavior rule set, so that whether the network behavior is the network payment behavior of the specified application or not is analyzed and judged.
Optionally, the configuration unit 10 is specifically configured to: and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
Referring to fig. 5, in one embodiment, the monitoring and determining unit 20 includes a monitoring subunit 201 and a determining subunit 202, where:
the monitoring subunit 201 is configured to monitor a networking device connected to the router, and acquire a network behavior of the networking device in a networking process; the judging subunit 202 is configured to judge, according to the device identification information of the networking device, whether the networking device is a pre-made authorized user.
The judgment subunit 202 is configured to extract a mac address of the networking device; and judging whether the mac address is matched with an authorization comparison table prestored on the router. When the method is implemented specifically, an authorization comparison table is configured in advance according to the mac addresses of the networking devices of a plurality of authorized users, and the mac address of the networking device of at least one authorized user is stored in the authorization comparison table; only if the mac address of the networking equipment of the network behavior is matched and consistent with any mac address on the authorization comparison table, the network connection does not need to be intercepted in the subsequent operation; otherwise, intercepting according to the set interception rule.
Optionally, the behavior analysis unit 30 is specifically configured to: and analyzing and judging whether the network behavior is matched with the network payment behavior corresponding to the behavior rule set. Each action rule set corresponds to a network payment action of the whole process, such as: starting application, opening payment page, displaying payment two-dimensional code, scanning code payment, deducting fee reminding and other processes.
In one embodiment, the behavior analysis unit 30 is further configured to: and analyzing and judging whether the network requests and the network request sequences of the network behaviors are matched with the network payment behaviors corresponding to the behavior rule set or not. Analyzing the current network behavior networked by the router to obtain a network request sequence generated in the process of the network request sequence and among a plurality of network requests, and comparing and matching the network request sequence with the behavior rule in at least one configured behavior rule set; the current network behavior can be matched with a plurality of behavior rule sets in a contrast mode, and whether the current network behavior conforms to any behavior rule set can be judged.
In one embodiment, the behavior analysis unit 30 is further configured to: and judging whether the network request and the network request sequence are matched with the network payment behavior within a preset time.
In another embodiment, the router further includes a storage unit, configured to store the behavior rule sets respectively corresponding to at least one of the designated applications into the router.
Optionally, the intercepting unit 40 is specifically configured to: and intercepting at least one network connection request matched with a preset interception rule in the network behavior.
Referring to fig. 6, the present invention also provides a storage medium 200 for storing a computer program of the method for intercepting a payment behavior of a networked device by a router as described in fig. 1 to 3. Such as computer program instructions, which when executed by a computer, may invoke or otherwise provide methods and/or techniques in accordance with the present application through the operation of the computer. Program instructions that invoke the methods of the present application may be stored on fixed or removable storage media and/or transmitted via a data stream in a broadcast or other signal-bearing medium and/or stored on storage media 200 of a computer device operating in accordance with the program instructions. Referring to fig. 7, according to an embodiment of the present application, a computer device 400 including a system for intercepting payment by a network-connected device by a router as shown in fig. 4, the computer device 400 preferably includes a storage medium 200 for storing a computer program and a processor 300 for executing the computer program, wherein when the computer program is executed by the processor, the computer device is triggered to execute a method and/or a technical solution according to the foregoing embodiments.
It should be noted that the present application may be implemented in software and/or a combination of software and hardware, for example, implemented using Application Specific Integrated Circuits (ASICs), general purpose computers or any other similar hardware devices. In one embodiment, the software programs of the present application may be executed by a processor to implement the above steps or functions. Likewise, the software programs (including associated data structures) of the present application may be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
The method according to the invention can be implemented on a computer as a computer-implemented method, or in dedicated hardware, or in a combination of both. Executable code for the method according to the invention or parts thereof may be stored on a computer program product. Examples of computer program products include memory devices, optical storage devices, integrated circuits, servers, online software, and so forth. Preferably, the computer program product comprises non-transitory program code means stored on a computer readable medium for performing the method according to the invention when said program product is executed on a computer.
In a preferred embodiment, the computer program comprises computer program code means adapted to perform all the steps of the method according to the invention when the computer program is run on a computer. Preferably, the computer program is embodied on a computer readable medium.
In summary, the method and system for intercepting the payment behavior of the networking device by the router of the present invention configure the behavior rule set for the designated application to perform the network payment; monitoring the networking behavior of the networking equipment through a router, and judging whether the networking equipment is an authorized user; if not, analyzing and judging whether the network behavior is matched with the behavior rule set; and if the network behavior is matched with the behavior rule set, intercepting the network behavior. Therefore, the method and the device can effectively identify the network payment behavior of the specified application networked through the router, can intercept the network payment behavior of the specific application in a targeted manner, do not need the user equipment to install the intercepted application, and have strong pertinence.
The present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof, and it should be understood that various changes and modifications can be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.
Also provided is a1 a method for a router to intercept payment by a networked device, comprising the steps of:
configuring a behavior rule set for a specified application to carry out network payment;
monitoring the networking behavior of the networking equipment through a router, and judging whether the networking equipment is an authorized user;
if the networking equipment is not the authorized user, analyzing and judging whether the network behavior is matched with the behavior rule set;
intercepting the network behavior if the network behavior matches the behavior rule set.
A2, according to the method for intercepting payment behavior of networking device by router described in A1, the step of configuring the behavior rule set for specifying application to make network payment specifically includes:
and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
A3, the method for intercepting the payment behavior of the networked device by the router according to A1, wherein the steps of monitoring the networking behavior of the networked device through the router and judging whether the networked device is an authorized user comprise:
monitoring networking equipment connected to the router, and acquiring network behaviors of the networking equipment in a networking process;
and judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
A4, the method for intercepting payment behavior of a networked device by a router according to A3, wherein the step of determining whether the networked device is a pre-made authorized user according to the device identification information of the networked device specifically includes:
extracting the mac address of the networking device;
and judging whether the mac address is matched with an authorization comparison table prestored on the router.
A5, the method for intercepting a payment behavior of a network device according to the router of a1, wherein if the network device is not the authorized user, the step of analyzing and determining whether the network behavior matches the behavior rule set specifically includes:
and analyzing and judging whether the network behavior is matched with the network payment behavior corresponding to the behavior rule set.
A6, according to the method for intercepting a payment behavior of a networking device by a router described in a5, the step of analyzing and determining whether the network behavior matches the network payment behavior corresponding to the behavior rule set specifically includes:
and analyzing and judging whether the network requests and the network request sequences of the network behaviors are matched with the network payment behaviors corresponding to the behavior rule set or not.
A7, according to the method for intercepting a payment behavior of a networking device by a router described in a6, the step of analyzing and determining whether a network request and a network request sequence of the network behavior are both matched with the network payment behavior of the behavior rule set specifically includes:
and judging whether the network request and the network request sequence are matched with the network payment behavior within a preset time.
A8, the method for intercepting a payment behavior of a network device according to the router of A1, wherein if the network device is not the authorized user, the step of analyzing and determining whether the network behavior matches the behavior rule set further comprises:
and storing the behavior rule sets respectively corresponding to at least one designated application into the router.
A9, the method for intercepting a payment behavior of a network device according to the router of a1, wherein if the network behavior matches the behavior rule set, the step of intercepting the network behavior specifically includes:
and intercepting at least one network connection request matched with a preset interception rule in the network behavior.
B10, a system for intercepting the payment behavior of the networking device by the router is also provided, which comprises:
the configuration unit is used for configuring a behavior rule set for carrying out network payment by a specified application;
the monitoring and judging unit is used for monitoring the network behavior of the networking equipment which is networked through the router and judging whether the networking equipment is an authorized user;
a behavior analysis unit, configured to analyze and determine whether the network behavior matches the behavior rule set if the networking device is not the authorized user;
and the intercepting unit is used for intercepting the network behavior if the network behavior is matched with the behavior rule set.
B11, the system for intercepting payment behavior of networking device according to the router of B10, the configuration unit is specifically configured to:
and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
B12, the system for intercepting the payment behavior of the networking device by the router according to B10, wherein the monitoring and judging unit comprises:
the monitoring subunit is used for monitoring networking equipment connected to the router and acquiring the network behavior of the networking equipment in the networking process;
and the judging subunit is used for judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
B13, according to the system for intercepting payment behavior of networking device of the router of B12, the judging subunit is specifically configured to:
extracting the mac address of the networking device;
and judging whether the mac address is matched with an authorization comparison table prestored on the router.
B14, the system for intercepting payment behavior of networking device according to the router of B10, the behavior analysis unit is specifically configured to:
and analyzing and judging whether the network behavior is matched with the network payment behavior corresponding to the behavior rule set.
B15, the system for intercepting payment behavior of networking device according to the router of B14, the behavior analysis unit is specifically configured to:
and analyzing and judging whether the network requests and the network request sequences of the network behaviors are matched with the network payment behaviors corresponding to the behavior rule set or not.
B16, the system for intercepting payment behavior of networking device according to the router of B15, the behavior analysis unit is specifically configured to:
and judging whether the network request and the network request sequence are matched with the network payment behavior within a preset time.
B17, the system for intercepting the payment behavior of the networking device by the router according to B10, further comprising:
and the storage unit is used for storing the behavior rule sets respectively corresponding to the at least one designated application into the router.
B18, the system for intercepting payment behavior of networking device according to the router of B10, the intercepting unit is specifically configured to:
and intercepting at least one network connection request matched with a preset interception rule in the network behavior.
C19, a storage medium storing a computer program for executing a method for intercepting a payment by a networked device by any one of a 1-a 9 is also provided.
Also provided are D20, a computer device comprising a storage medium, a processor, and a computer program stored on the storage medium and executable on the processor, the processor implementing the method for intercepting payment by a networked device as recited in any one of a 1-a 9 when executing the computer program.

Claims (10)

1. A method for a router to intercept payment behavior of networked devices, comprising the steps of:
configuring a behavior rule set for a specified application to carry out network payment;
monitoring the networking behavior of the networking equipment through a router, and judging whether the networking equipment is an authorized user;
if the networking equipment is not the authorized user, analyzing and judging whether the network behavior is matched with the behavior rule set;
intercepting the network behavior if the network behavior matches the behavior rule set.
2. The method for intercepting networking device payment behavior by a router according to claim 1, wherein the step of configuring the behavior rule set that specifies the application to make the network payment specifically comprises:
and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
3. The method for intercepting the payment behavior of a networked device according to claim 1, wherein the step of monitoring the network behavior of the networked device networked through the router and determining whether the networked device is an authorized user comprises:
monitoring networking equipment connected to the router, and acquiring network behaviors of the networking equipment in a networking process;
and judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
4. The method for intercepting payment activities of a network device according to claim 3, wherein the step of determining whether the network device is a pre-manufactured authorized user according to the device identification information of the network device specifically comprises:
extracting the mac address of the networking device;
and judging whether the mac address is matched with an authorization comparison table prestored on the router.
5. A system for intercepting payment behavior of networking equipment by a router is characterized by comprising the following components:
the configuration unit is used for configuring a behavior rule set for carrying out network payment by a specified application;
the monitoring and judging unit is used for monitoring the network behavior of the networking equipment which is networked through the router and judging whether the networking equipment is an authorized user;
a behavior analysis unit, configured to analyze and determine whether the network behavior matches the behavior rule set if the networking device is not the authorized user;
and the intercepting unit is used for intercepting the network behavior if the network behavior is matched with the behavior rule set.
6. The system for intercepting networking device payment activities of claim 5, wherein the configuration unit is specifically configured to:
and configuring the characteristic information corresponding to at least one network connection request for carrying out network payment by the specified application into the behavior rule set corresponding to the specified application.
7. The system for intercepting networking device payments by router of claim 5, wherein said monitoring and determining unit comprises:
the monitoring subunit is used for monitoring networking equipment connected to the router and acquiring the network behavior of the networking equipment in the networking process;
and the judging subunit is used for judging whether the networking equipment is a prefabricated authorized user or not according to the equipment identification information of the networking equipment.
8. The system for intercepting networking device payment activities by a router of claim 7, wherein the determining subunit is specifically configured to:
extracting the mac address of the networking device;
and judging whether the mac address is matched with an authorization comparison table prestored on the router.
9. A storage medium storing a computer program for executing the method of any one of claims 1 to 4 for intercepting a payment by a networked device.
10. A computer device comprising a storage medium, a processor and a computer program stored on the storage medium and executable on the processor, wherein the processor when executing the computer program implements the method for intercepting payment by a router of any one of claims 1 to 4.
CN202110375112.5A 2021-04-07 2021-04-07 Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router Active CN113206835B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110375112.5A CN113206835B (en) 2021-04-07 2021-04-07 Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110375112.5A CN113206835B (en) 2021-04-07 2021-04-07 Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router

Publications (2)

Publication Number Publication Date
CN113206835A true CN113206835A (en) 2021-08-03
CN113206835B CN113206835B (en) 2022-08-12

Family

ID=77026389

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110375112.5A Active CN113206835B (en) 2021-04-07 2021-04-07 Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router

Country Status (1)

Country Link
CN (1) CN113206835B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100293094A1 (en) * 2009-05-15 2010-11-18 Dan Kolkowitz Transaction assessment and/or authentication
CN103236005A (en) * 2013-03-29 2013-08-07 深圳市网商网科技有限公司 Detection, evaluation and prevention method for e-commerce risky payments
US20150269577A1 (en) * 2014-03-18 2015-09-24 International Business Machines Corporation Detecting fraudulent mobile payments
CN105590197A (en) * 2015-12-14 2016-05-18 中国银联股份有限公司 Router-based payment method and router
US20170178130A1 (en) * 2015-12-18 2017-06-22 Mastercard International Incorporated Method and system for account control based on declined authorization
CN107733860A (en) * 2017-09-04 2018-02-23 努比亚技术有限公司 A kind of processing method of access request, device, family's Cloud Server and computer-readable recording medium
CN109544163A (en) * 2018-11-30 2019-03-29 华青融天(北京)软件股份有限公司 A kind of risk control method, device, equipment and the medium of user's payment behavior
CN109711846A (en) * 2018-11-26 2019-05-03 平安科技(深圳)有限公司 Payment request processing method, device, computer equipment and storage medium
CN112150137A (en) * 2019-06-28 2020-12-29 北京奇虎科技有限公司 Method and apparatus for controlling network payment, electronic device and medium
US20210099479A1 (en) * 2019-09-30 2021-04-01 AO Kaspersky Lab System and method for using inventory rules to identify devices of a computer network

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100293094A1 (en) * 2009-05-15 2010-11-18 Dan Kolkowitz Transaction assessment and/or authentication
CN103236005A (en) * 2013-03-29 2013-08-07 深圳市网商网科技有限公司 Detection, evaluation and prevention method for e-commerce risky payments
US20150269577A1 (en) * 2014-03-18 2015-09-24 International Business Machines Corporation Detecting fraudulent mobile payments
CN105590197A (en) * 2015-12-14 2016-05-18 中国银联股份有限公司 Router-based payment method and router
US20170178130A1 (en) * 2015-12-18 2017-06-22 Mastercard International Incorporated Method and system for account control based on declined authorization
CN107733860A (en) * 2017-09-04 2018-02-23 努比亚技术有限公司 A kind of processing method of access request, device, family's Cloud Server and computer-readable recording medium
CN109711846A (en) * 2018-11-26 2019-05-03 平安科技(深圳)有限公司 Payment request processing method, device, computer equipment and storage medium
CN109544163A (en) * 2018-11-30 2019-03-29 华青融天(北京)软件股份有限公司 A kind of risk control method, device, equipment and the medium of user's payment behavior
CN112150137A (en) * 2019-06-28 2020-12-29 北京奇虎科技有限公司 Method and apparatus for controlling network payment, electronic device and medium
US20210099479A1 (en) * 2019-09-30 2021-04-01 AO Kaspersky Lab System and method for using inventory rules to identify devices of a computer network

Also Published As

Publication number Publication date
CN113206835B (en) 2022-08-12

Similar Documents

Publication Publication Date Title
EP3497609B1 (en) Detecting scripted or otherwise anomalous interactions with social media platform
US9306889B2 (en) Method and device for processing messages
CN105100032B (en) A kind of method and device for preventing resource from stealing
CN112738137B (en) Data acquisition and link processing method and device, computer equipment and storage medium
CN110609937A (en) Crawler identification method and device
CN107426231B (en) Method and device for identifying user behavior
CN109857484A (en) For the processing method and system of interface call request
CN110233831A (en) The detection method and device of malicious registration
CN104980421B (en) Batch request processing method and system
CN105553770B (en) Data acquisition control method and device
CN111177729A (en) Program bug test method and related device
CN113206835B (en) Method, system, storage medium and computer equipment for intercepting payment behavior of networking equipment by router
CN113630418A (en) Network service identification method, device, equipment and medium
EP2973192A1 (en) Online privacy management
CN106686246B (en) Short message processing method and terminal
EP3414683B1 (en) Comparison of behavioral populations for security and compliance monitoring
CN109815121B (en) Interface automation test case generation method and related equipment
CN116596596A (en) Advertisement putting effect data processing method, device, equipment and storage medium
CN109981573B (en) Security event response method and device
CN115334032B (en) Mail receiving method based on multiple protocols
US20230224314A1 (en) Session based anomaly dectection
CN113422784B (en) Login certificate updating method and device, computer equipment and storage medium
CN107317790B (en) Network behavior monitoring method and device
CN112579833B (en) Service association relation acquisition method and device based on user operation data
CN112995192B (en) White list generation method, system, device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant