CN113609501A - Anti-crawler method and system based on asymmetric secondary encryption - Google Patents

Anti-crawler method and system based on asymmetric secondary encryption Download PDF

Info

Publication number
CN113609501A
CN113609501A CN202110895961.3A CN202110895961A CN113609501A CN 113609501 A CN113609501 A CN 113609501A CN 202110895961 A CN202110895961 A CN 202110895961A CN 113609501 A CN113609501 A CN 113609501A
Authority
CN
China
Prior art keywords
user
crawler
encryption
client
asymmetric
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110895961.3A
Other languages
Chinese (zh)
Other versions
CN113609501B (en
Inventor
游棉州
钟亚妹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Nanyang College
Original Assignee
Guangzhou Nanyang College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Nanyang College filed Critical Guangzhou Nanyang College
Priority to CN202110895961.3A priority Critical patent/CN113609501B/en
Publication of CN113609501A publication Critical patent/CN113609501A/en
Application granted granted Critical
Publication of CN113609501B publication Critical patent/CN113609501B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/54Indexing scheme relating to G06F9/54
    • G06F2209/549Remote execution

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses an anti-crawler method and system based on asymmetric secondary encryption, wherein the method comprises the following steps: verifying user login; encrypting once based on the client to generate sign 01; responding to user access, calling RPC micro-service verification sign01, and performing secondary encryption after verification is passed to generate sign 02; and the user accesses the target server based on sign02, the target server successfully verifies and returns data. The system comprises: client, user side and server side. By using the invention, the purpose of anti-crawler is realized, and the information safety is ensured. The crawler-resisting method and system based on asymmetric secondary encryption can be widely applied to the field of network data security protection.

Description

Anti-crawler method and system based on asymmetric secondary encryption
Technical Field
The invention relates to the field of network data security protection, in particular to an anti-crawler method and system based on asymmetric secondary encryption.
Background
There are countless web pages on the internet, and the web pages store massive information, and if these data can be obtained for data analysis, huge commercial value will be generated. Therefore, a crawler is generated, and the program can be used for automatically acquiring webpage content, automatically analyzing the webpage and extracting corresponding content of data. The existing signature verification technical scheme has the defects that the signature is generated at the front end of the browser, and a crawler engineer can find a function method for generating the signature by looking up Javascript codes in the browser, so as to forge the signature and crack the anti-crawler.
Disclosure of Invention
In order to solve the above technical problems, an object of the present invention is to provide an anti-crawler method and system based on asymmetric twice encryption, which places an encryption function of the second encryption at a server side, so that a crawler engineer cannot crack a generation rule of an encryption parameter, thereby protecting data.
The first technical scheme adopted by the invention is as follows: an anti-crawler method based on asymmetric twice encryption comprises the following steps:
verifying user login;
encrypting once based on the client to generate sign 01;
responding to user access, calling RPC micro-service verification sign01, and performing secondary encryption after verification is passed to generate sign 02;
and the user accesses the target server based on sign02, the target server successfully verifies and returns data.
Further, the step of verifying the user login further includes:
a user submits an account password to log in and writes a cookie value to a client;
cookies values were recorded.
Further, the step of generating sign01 by performing encryption once based on the client specifically includes:
and judging that the user logs in successfully, and generating a code by the client through javascript based on a preset rule to obtain a sign01 parameter.
Further, the second encryption is performed after the verification is passed, so as to generate sign02, which specifically includes:
sequencing the service request parameters according to the alphabetical order;
linking the parameter name and the parameter value into a character string A;
adding a key at the tail of the character string A to form a new character string B;
the secret key is stored in the server side;
and performing MD5 hash operation on the character string to obtain an API signature sign and constructing sign 02.
The second technical scheme adopted by the invention is as follows: an anti-crawler system based on asymmetric quadratic encryption, comprising:
the client is used for verifying user login, recording Cookies values, generating sign01 and calling RPC micro-service;
the user side is used for submitting the user account password, accessing the server and receiving the returned data;
and the server side is used for verifying sign02 and returning data after verification is passed.
The method and the system have the beneficial effects that: according to the method, the user is preliminarily filtered through login verification, illegal requests are rejected, the difficulty of the crawler is greatly increased by adopting a secondary encryption technology, and further, an encryption function of secondary encryption is placed at a server end, so that a crawler engineer cannot crack the generation rule of encryption parameters, and data are protected.
Drawings
FIG. 1 is a flow chart of steps of an anti-crawler method based on asymmetric twice encryption of the present invention;
FIG. 2 is a schematic flow chart of an embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the figures and the specific embodiments. The step numbers in the following embodiments are provided only for convenience of illustration, the order between the steps is not limited at all, and the execution order of each step in the embodiments can be adapted according to the understanding of those skilled in the art.
Referring to fig. 1 and 2, the invention provides an anti-crawler method based on asymmetric twice encryption, which deploys a micro-service to provide RPC remote call to generate sign signature function, and comprises the following steps:
verifying user login;
firstly, a user needs to perform login operation in the process of browsing a webpage, wherein the login operation is user filtering, namely, illegal users are denied access.
Encrypting once based on the client to generate sign 01;
responding to user access, calling RPC micro-service verification sign01, and performing secondary encryption after verification is passed to generate sign 02;
specifically, after login is finished, a user wants to access a link, needs to access the microservice, needs to perform parameter verification once, generates a code by javascript, and allows to call the RPC to generate a sign parameter under the condition that the parameter verification is passed. Since the sign encryption parameters for the second time are provided by RPC, a crawler engineer cannot know how the server generates the encryption parameters, so that the parameters cannot be cracked.
And the user accesses the target server based on sign02, the target server successfully verifies and returns data.
Specifically, after obtaining sign parameters provided by the RPC server, the user accesses the target server, and the target server can access the page and obtain data after verification is passed
Further as a preferred embodiment of the method, the step of verifying the user login further includes:
a user submits an account password to log in and writes a cookie value to a client;
cookies values were recorded.
Further, as a preferred embodiment of the method, the step of generating the sign01 by performing encryption once based on the client specifically includes:
and judging that the user logs in successfully, and generating a code by the client through javascript based on a preset rule to obtain a sign01 parameter.
Further, as a preferred embodiment of the method, performing secondary encryption after the verification passes to generate sign02, which specifically includes:
sequencing the service request parameters according to the alphabetical order;
linking the parameter name and the parameter value into a character string A;
adding a key appsecret to the tail of the character string A to form a new character string B;
for example: appsecret ═ dfhladkfhalkdhfa; dsdkfjhask;
the secret key is stored in the server side;
and performing MD5 hash operation on the character string to obtain an API signature sign and constructing sign 02.
Assume that the requested parameters are: f is 1, b is 23, k is 33, b is 23, f is 1, k is 33, b23f1k33 is obtained after the parameter name and the parameter value are linked, and b23f1k33 dfhladkfhalkdsfa is obtained after appsect is added to the tail; dsdkfjhask;
md5 then generates a signature sign, which is md5(b23f1k33 dfhladkfhalkhakdshfa; dsdkfjhask).
And when the server side verifies, verifying according to the sequence.
An anti-crawler system based on asymmetric quadratic encryption, comprising:
the client is used for verifying user login, recording Cookies values, generating sign01 and calling RPC micro-service;
the user side is used for submitting the user account password, accessing the server and receiving the returned data;
and the server side is used for verifying sign02 and returning data after verification is passed.
The contents in the above method embodiments are all applicable to the present system embodiment, the functions specifically implemented by the present system embodiment are the same as those in the above method embodiment, and the beneficial effects achieved by the present system embodiment are also the same as those achieved by the above method embodiment.
While the preferred embodiments of the present invention have been illustrated and described, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (5)

1. An anti-crawler method based on asymmetric twice encryption is characterized by comprising the following steps:
verifying user login;
encrypting once based on the client to generate sign 01;
responding to user access, calling RPC micro-service verification sign01, and performing secondary encryption after verification is passed to generate sign 02;
and the user accesses the target server based on sign02, the target server successfully verifies and returns data.
2. The asymmetric twice encryption-based crawler resisting method as recited in claim 1, wherein the step of verifying user login further comprises:
a user submits an account password to log in and writes a cookie value to a client;
cookies values were recorded.
3. The asymmetric twice encryption-based crawler resisting method as claimed in claim 2, wherein said step of generating sign01 by performing once encryption based on the client specifically comprises:
and judging that the user logs in successfully, and generating a code by the client through javascript based on a preset rule to obtain a sign01 parameter.
4. The asymmetric twice encryption-based anti-crawler method according to claim 3, wherein the twice encryption is performed after the verification is passed, and a sign02 is generated, which specifically includes:
sequencing the service request parameters according to the alphabetical order;
linking the parameter name and the parameter value into a character string A;
adding a key at the tail of the character string A to form a new character string B;
the secret key is stored in the server side;
and performing MD5 hash operation on the character string to obtain an API signature sign and constructing sign 02.
5. An anti-crawler system based on asymmetric twice encryption, comprising:
the client is used for verifying user login, recording Cookies values, generating sign01 and calling RPC micro-service;
the user side is used for submitting the user account password, accessing the server and receiving the returned data;
and the server side is used for verifying sign02 and returning data after verification is passed.
CN202110895961.3A 2021-08-05 2021-08-05 Anti-crawler method and system based on asymmetric secondary encryption Active CN113609501B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110895961.3A CN113609501B (en) 2021-08-05 2021-08-05 Anti-crawler method and system based on asymmetric secondary encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110895961.3A CN113609501B (en) 2021-08-05 2021-08-05 Anti-crawler method and system based on asymmetric secondary encryption

Publications (2)

Publication Number Publication Date
CN113609501A true CN113609501A (en) 2021-11-05
CN113609501B CN113609501B (en) 2024-07-02

Family

ID=78307039

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110895961.3A Active CN113609501B (en) 2021-08-05 2021-08-05 Anti-crawler method and system based on asymmetric secondary encryption

Country Status (1)

Country Link
CN (1) CN113609501B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140245228A1 (en) * 2007-08-22 2014-08-28 9224-5489 Quebec Inc. Method and apparatus for identifying user-selectable elements having a commonality thereof
CN107770171A (en) * 2017-10-18 2018-03-06 厦门集微科技有限公司 The verification method and system of the anti-reptile of server
CN108259479A (en) * 2017-12-28 2018-07-06 广州启生信息技术有限公司 Business data processing method, client and computer readable storage medium
CN111817845A (en) * 2019-04-11 2020-10-23 亿度慧达教育科技(北京)有限公司 Anti-crawler method and computer storage medium
CN112165475A (en) * 2020-09-22 2021-01-01 成都知道创宇信息技术有限公司 Anti-crawler method, anti-crawler device, website server and readable storage medium
CN112688919A (en) * 2020-12-11 2021-04-20 杭州安恒信息技术股份有限公司 APP interface-based crawler-resisting method, device and medium
CN112804269A (en) * 2021-04-14 2021-05-14 中建电子商务有限责任公司 Method for realizing website interface anti-crawler

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140245228A1 (en) * 2007-08-22 2014-08-28 9224-5489 Quebec Inc. Method and apparatus for identifying user-selectable elements having a commonality thereof
CN107770171A (en) * 2017-10-18 2018-03-06 厦门集微科技有限公司 The verification method and system of the anti-reptile of server
CN108259479A (en) * 2017-12-28 2018-07-06 广州启生信息技术有限公司 Business data processing method, client and computer readable storage medium
CN111817845A (en) * 2019-04-11 2020-10-23 亿度慧达教育科技(北京)有限公司 Anti-crawler method and computer storage medium
CN112165475A (en) * 2020-09-22 2021-01-01 成都知道创宇信息技术有限公司 Anti-crawler method, anti-crawler device, website server and readable storage medium
CN112688919A (en) * 2020-12-11 2021-04-20 杭州安恒信息技术股份有限公司 APP interface-based crawler-resisting method, device and medium
CN112804269A (en) * 2021-04-14 2021-05-14 中建电子商务有限责任公司 Method for realizing website interface anti-crawler

Also Published As

Publication number Publication date
CN113609501B (en) 2024-07-02

Similar Documents

Publication Publication Date Title
CN107426181B (en) The hold-up interception method and device of malice web access request
US9032085B1 (en) Identifying use of software applications
CN102073822A (en) Method and system for preventing user information from leaking
CN106549909B (en) Authorization verification method and device
CN109726578B (en) Dynamic two-dimensional code anti-counterfeiting solution
CN113315637A (en) Security authentication method, device and storage medium
CN112182614A (en) Dynamic Web application protection system
CN110071937A (en) Login method, system and storage medium based on block chain
CN112118238A (en) Method, device, system, equipment and storage medium for authentication login
CN116324766A (en) Optimizing crawling requests by browsing profiles
CN112149068A (en) Access-based authorization verification method, information generation method and device, and server
CN117040804A (en) Network attack detection method, device, equipment, medium and program product for website
US20230057802A1 (en) System, method and architecture for secure sharing of customer intelligence
CN113609501B (en) Anti-crawler method and system based on asymmetric secondary encryption
Ghiani et al. Security in migratory interactive web applications
CN111368231B (en) Method and device for testing heterogeneous redundancy architecture website
CN110971606B (en) Construction method and application method of HACCP (Hadoop distributed control protocol) security system in Web application development
Pevnev et al. Web application protection technologies
Riesch et al. Audit based privacy preservation for the OpenID authentication protocol
WO2018166365A1 (en) Method and device for recording website access log
CN111931159A (en) Method and system for verifying validity of webpage data interface
Mingsheng et al. Research and Development of Dual-Core Browser-Based Compatibility and Security
Srivastava et al. Security and Scalability of E-Commerce Website by OWASP threats.
Castillo et al. Prevention of SQL injection attacks to login page of a website application using prepared statement technique
Usman et al. Building Secure Web-Applications Using Threat Model

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant