CN113872987A - Malicious attack defense method and device, storage medium and gateway - Google Patents
Malicious attack defense method and device, storage medium and gateway Download PDFInfo
- Publication number
- CN113872987A CN113872987A CN202111212392.4A CN202111212392A CN113872987A CN 113872987 A CN113872987 A CN 113872987A CN 202111212392 A CN202111212392 A CN 202111212392A CN 113872987 A CN113872987 A CN 113872987A
- Authority
- CN
- China
- Prior art keywords
- audio
- time
- server
- client
- time point
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 230000007123 defense Effects 0.000 title claims description 15
- 238000004891 communication Methods 0.000 claims abstract description 30
- 230000005540 biological transmission Effects 0.000 claims abstract description 27
- 238000004458 analytical method Methods 0.000 claims description 3
- 230000006399 behavior Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G10—MUSICAL INSTRUMENTS; ACOUSTICS
- G10L—SPEECH ANALYSIS OR SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING; SPEECH OR AUDIO CODING OR DECODING
- G10L15/00—Speech recognition
- G10L15/26—Speech to text systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/233—Processing of audio elementary streams
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/85—Assembly of content; Generation of multimedia applications
- H04N21/854—Content authoring
- H04N21/8547—Content authoring involving timestamps for synchronizing content
Abstract
The application discloses a method and a device for defending against malicious attacks, a storage medium and a gateway, which are used for calling a communication interface of a server and intercepting a plurality of audio requests sent to the server by a client within a preset time period. And analyzing each audio request to obtain audio information corresponding to each audio request. And accumulating and summing the playing time lengths of the audios to obtain the total audio time length. From the transmission time points of the respective audios, a time start time point and a time end time point are selected. And counting the time from the starting time point to the ending time point to obtain the target duration. And deleting each audio under the condition that the total audio time length is not less than the target time length. By using the scheme, whether the audio sent by the client is a malicious attack behavior disguised by a lawbreaker or not can be distinguished according to the playing time and the timestamp of each audio sent by the client in the preset time period, and the audio belonging to the malicious attack is deleted, so that the server is prevented from being maliciously attacked by the lawbreaker.
Description
Technical Field
The application relates to the field of intelligent customer service, in particular to a malicious attack defense method, a malicious attack defense device, a malicious attack defense storage medium and a gateway.
Background
With the rapid development of intelligent technology, more and more shopping websites adopt digital people to guide shopping customers, and provide shopping guide service for customers. Since the service object of the digital human shopping guide customer service is mainly an internet user and needs to be exposed in the internet environment, the server providing the digital human shopping guide customer service is often attacked by lawbreakers, thereby affecting the normal operation of the whole digital human shopping guide customer service. How to avoid the server from being maliciously attacked by lawless persons becomes a problem which needs to be solved urgently in the field of intelligent customer service.
Disclosure of Invention
The applicant found that: the method for attacking the server of the digital man shopping guide customer service by lawbreakers mainly comprises the steps of forging the audio requests of a client in advance, sending massive forged audio requests to the server, and increasing the workload of the server in a short time to cause the server to be incapable of working normally.
The application provides a method and a device for defending against malicious attacks, a storage medium and a gateway, and aims to avoid the malicious attack of a server by a lawbreaker.
In order to achieve the above object, the present application provides the following technical solutions:
a method of defending against malicious attacks, comprising:
calling a communication interface of the server, and intercepting a plurality of audio requests sent to the server by a client within a preset time period;
analyzing each audio request to obtain audio information corresponding to each audio request; the audio information comprises the playing time length and the time stamp of the audio; the time stamp represents a sending time point of the audio sent by the client to the server;
accumulating and summing the playing time lengths of the audios to obtain the total audio time length;
selecting the transmission time point with the earliest time from the transmission time points of the audios as an initial time point;
selecting a sending time point with the latest time from the sending time points of the audios as a termination time point;
counting the time from the starting time point to the ending time point to obtain a target duration;
and under the condition that the total audio time length is not less than the target time length, deleting each audio, and disconnecting the communication connection between the server and the client.
Optionally, the analyzing each audio request to obtain the audio information corresponding to each audio request includes:
analyzing each audio request to obtain audio information and connection request information corresponding to each audio request; the connection request information comprises an IP address of the client;
the deleting each audio and disconnecting the communication connection between the server and the client when the total audio duration is not less than the target duration further includes:
and storing the IP address of the client into a preset blacklist.
Optionally, the summing the playing durations of the audios to obtain a total audio duration includes:
judging whether the IP address of the client is recorded in a preset blacklist or not;
and under the condition that the IP address of the client is not recorded in the preset blacklist, accumulating and summing the playing time of each audio to obtain the total audio time.
Optionally, the method further includes:
and under the condition that the IP address of the client is recorded in the preset blacklist, deleting each audio and disconnecting the communication connection between the server and the client.
Optionally, the method further includes:
and in the case that the total audio time length is less than the target time length, sending each audio to the server, and receiving a reply video corresponding to each audio fed back by the server.
Optionally, the sending the audio to the server and receiving a reply video corresponding to each audio fed back by the server includes:
for each audio, judging whether the playing time length of the audio is smaller than a preset time length threshold value;
under the condition that the playing time length of the audio is smaller than the preset time length threshold value, identifying the audio as effective audio;
and sending each effective audio to the server, and receiving reply videos fed back by the server and corresponding to each effective audio.
Optionally, the method further includes:
and under the condition that the playing time length of the audio is not less than the preset time length threshold, identifying the audio as invalid audio, and deleting the invalid audio.
A defense apparatus against malicious attacks, comprising:
the request intercepting unit is used for calling a communication interface of the server and intercepting a plurality of audio requests sent to the server by a client within a preset time period;
the request analysis unit is used for analyzing each audio request to obtain audio information corresponding to each audio request; the audio information comprises the playing time length and the time stamp of the audio; the time stamp represents a sending time point of the audio sent by the client to the server;
the time length calculating unit is used for accumulating and summing the playing time lengths of the audios to obtain the total audio time length;
the starting determining unit is used for selecting the transmitting time point with the earliest time from the transmitting time points of the audios as the starting time point;
a termination determining unit, configured to select a transmission time point with the latest time from the transmission time points of the audio frequencies as a termination time point;
the time counting unit is used for counting the time from the starting time point to the ending time point to obtain a target duration;
and the audio deleting unit is used for deleting each audio and disconnecting the communication connection between the server and the client under the condition that the total audio duration is not less than the target duration.
Optionally, the request parsing unit is specifically configured to:
analyzing each audio request to obtain audio information and connection request information corresponding to each audio request; the connection request information comprises an IP address of the client;
the audio deletion unit is further configured to:
and storing the IP address of the client into a preset blacklist.
Optionally, the duration calculating unit is specifically configured to:
judging whether the IP address of the client is recorded in a preset blacklist or not;
and under the condition that the IP address of the client is not recorded in the preset blacklist, accumulating and summing the playing time of each audio to obtain the total audio time.
Optionally, the duration calculating unit is further configured to:
and under the condition that the IP address of the client is recorded in the preset blacklist, deleting each audio and disconnecting the communication connection between the server and the client.
Optionally, the method further includes:
and the audio forwarding unit is used for sending each audio to the server under the condition that the total audio duration is less than the target duration, receiving reply videos which are fed back by the server and correspond to each audio, and sending each reply video to the client.
Optionally, the audio forwarding unit is specifically configured to:
for each audio, judging whether the playing time length of the audio is smaller than a preset time length threshold value;
under the condition that the playing time length of the audio is smaller than the preset time length threshold value, identifying the audio as effective audio;
and sending each effective audio to the server, and receiving reply videos fed back by the server and corresponding to each effective audio.
Optionally, the audio forwarding unit is further configured to:
and under the condition that the playing time length of the audio is not less than the preset time length threshold, identifying the audio as invalid audio, and deleting the invalid audio.
A computer-readable storage medium comprising a stored program, wherein the program executes the method of defending against malicious attacks.
A gateway, comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is used for storing programs, and the processor is used for running programs, wherein the programs execute the defense method of the malicious attacks during running.
According to the technical scheme, a communication interface of the server is called, and a plurality of audio requests sent to the server by the client within a preset time period are intercepted. And analyzing each audio request to obtain audio information corresponding to each audio request. The audio information includes a playback time length and a time stamp of the audio. The timestamp characterizes the point in time at which the client sends the audio to the server. And accumulating and summing the playing time lengths of the audios to obtain the total audio time length. And selecting the transmission time point with the earliest time from the transmission time points of the audio frequencies as a starting time point. And selecting the transmission time point with the latest time from the transmission time points of the audios as a termination time point. And counting the time from the starting time point to the ending time point to obtain the target duration. And deleting each audio and disconnecting the communication connection between the server and the client under the condition that the total audio duration is not less than the target duration. By the scheme, whether the audio sent by the client is a malicious attack behavior disguised by a lawbreaker or not can be distinguished according to the playing time and the timestamp of each audio sent by the client in the preset time period, and the audio belonging to the malicious attack is deleted, so that the server is effectively prevented from being maliciously attacked by the lawbreaker.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1a is a schematic flowchart of a method for defending against malicious attacks according to an embodiment of the present disclosure;
fig. 1b is a schematic flowchart of a method for defending against malicious attacks according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of another malicious attack defense method according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a malicious attack defense apparatus according to an embodiment of the present disclosure;
fig. 4 is a schematic diagram of an application environment according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
As shown in fig. 1a and fig. 1b, a flow chart of a method for defending against malicious attacks provided by the embodiment of the present application is schematically illustrated, and the method includes the following steps:
s101: and calling a communication interface of the server, and intercepting a plurality of audio requests sent to the server by the client within a preset time period.
When the user applies for the digital human shopping guide customer service, an audio request is sent to the server through the client.
S102: and analyzing each audio request to obtain audio information and connection request information corresponding to each audio request.
The audio information comprises the playing time length of the audio and a time stamp, and the time stamp represents the sending time point of the audio sent to the server by the client.
Further, the connection request information includes an IP address of the client.
S103: and judging whether the IP address of the client is recorded in the preset blacklist or not.
If the IP address of the client is recorded in the preset blacklist, S104 is executed, otherwise S105 is executed.
S104: and for each audio, judging whether the playing time length of the audio is less than a preset time length threshold value.
If the playing time length of the audio is smaller than the preset time length threshold value, S106 is executed, otherwise S107 is executed.
S105: and deleting each audio of the client, and disconnecting the communication connection between the server and the client.
The preset blacklist records the IP address of the client, which means that the client may be forged by lawless persons, that is, the audio requests sent by the IP address of the client are all malicious attack behaviors of the lawless persons on the server, so as to avoid the server processing the audio requests belonging to the attack, the audio of the client is deleted, and the communication connection between the server and the client is disconnected.
S106: the audio is identified as valid audio.
After execution of S106, execution continues with S108.
S107: the audio is identified as invalid audio.
Optionally, in order to avoid the server processing the invalid audio and reduce the workload of the server, the invalid audio may be deleted.
S108: and accumulating and summing the playing time lengths of the audios to obtain the total audio time length.
S109: and selecting the transmission time point with the earliest time from the transmission time points of the audio frequencies as a starting time point.
S110: and selecting the transmission time point with the latest time from the transmission time points of the audios as a termination time point.
S111: and counting the time from the starting time point to the ending time point to obtain the target duration.
S112: and judging whether the total audio time length is less than the target time length.
If the total audio duration is less than the target duration, S113 is performed, otherwise S114 is performed.
S113: and determining that the client is a normal client, sending each effective audio to the server, and receiving a reply video corresponding to each effective audio fed back by the server.
After execution of S113, execution continues with S115.
It should be noted that, after receiving the effective audio, the server may call a preset semantic recognition algorithm in advance to perform semantic recognition on the effective audio to obtain semantic information, then call a preset artificial intelligence algorithm to perform intelligent response on the semantic information to obtain response information, and finally call a preset virtual character rendering algorithm to perform virtual character rendering on the response information to obtain a response video.
S114: and determining that the client is an abnormal client, deleting each audio of the client, disconnecting the communication connection between the server and the client, and storing the IP address of the client in a preset blacklist.
The general knowledge of the prior art shows that the total audio time of each audio sent by a user within the preset time is certainly not longer than the preset time unless a professional algorithm is adopted to simulate and generate the audio, and for this reason, if the total audio time is not shorter than the target time, it is indicated that each audio sent by a client within the preset time is disguised by a lawbreaker and belongs to a malicious attack behavior on a server, so that the IP address of the client is stored in the preset black name, and each audio of the client is deleted.
S115: and sending each reply video to the client.
By using the scheme shown in the embodiment, whether the audio sent by the client is a malicious attack behavior disguised by a lawbreaker or not can be distinguished according to the playing time and the timestamp of each audio sent by the client within the preset time period, and the audio belonging to the malicious attack is deleted, so that the server is effectively prevented from being maliciously attacked by the lawbreaker.
It should be noted that, the above-mentioned embodiment refers to S103, which is an optional implementation manner of the method for defending against malicious attacks shown in the present application. Further, the above embodiment refers to S114. The method is also an optional implementation manner of the method for defending against malicious attacks. For this reason, the flow mentioned in the above embodiment can be summarized as the method shown in fig. 2.
As shown in fig. 2, a schematic flow chart of another malicious attack defense method provided in the embodiment of the present application includes the following steps:
s201: and calling a communication interface of the server, and intercepting a plurality of audio requests sent to the server by the client within a preset time period.
S202: and analyzing each audio request to obtain audio information corresponding to each audio request.
The audio information comprises the playing time length of the audio and a time stamp, and the time stamp represents the sending time point of the audio sent to the server by the client.
S203: and accumulating and summing the playing time lengths of the audios to obtain the total audio time length.
S204: and selecting the transmission time point with the earliest time from the transmission time points of the audio frequencies as a starting time point.
S205: and selecting the transmission time point with the latest time from the transmission time points of the audios as a termination time point.
S206: and counting the time from the starting time point to the ending time point to obtain the target duration.
S207: and deleting each audio and disconnecting the communication connection between the server and the client under the condition that the total audio duration is not less than the target duration.
By using the scheme shown in the embodiment, whether the audio sent by the client is a malicious attack behavior disguised by a lawbreaker or not can be distinguished according to the playing time and the timestamp of each audio sent by the client within the preset time period, and the audio belonging to the malicious attack is deleted, so that the server is effectively prevented from being maliciously attacked by the lawbreaker.
Corresponding to the method for defending against malicious attacks provided by the embodiment of the application, the embodiment of the application also provides a device for defending against malicious attacks.
As shown in fig. 3, an architecture diagram of a defense apparatus for malicious attacks provided in the embodiment of the present application includes:
the request intercepting unit 100 is configured to invoke a communication interface of a server, and intercept a plurality of audio requests sent to the server by a client within a preset time period.
A request analysis unit 200, configured to analyze each audio request to obtain audio information corresponding to each audio request; the audio information comprises the playing time length and the time stamp of the audio; the timestamp characterizes the point in time at which the client sends the audio to the server.
The request parsing unit 200 is specifically configured to: analyzing each audio request to obtain audio information and connection request information corresponding to each audio request; the connection request information includes the IP address of the client.
And a duration calculating unit 300, configured to sum the playing durations of the audios in an accumulated manner to obtain a total duration of the audios.
The duration calculating unit 300 is specifically configured to: judging whether the IP address of the client is recorded in a preset blacklist or not; and under the condition that the IP address of the client is not recorded in the preset blacklist, accumulating and summing the playing time of each audio to obtain the total audio time.
The duration calculation unit 300 is further configured to: and under the condition that the IP address of the client is recorded in the preset blacklist, deleting each audio and disconnecting the communication connection between the server and the client.
A start determining unit 400, configured to select a transmission time point with the earliest time from the transmission time points of the respective audios as a start time point.
A termination determining unit 500, configured to select a transmission time point with the latest time from the transmission time points of the respective audios as a termination time point.
The time counting unit 600 is configured to count the time from the starting time point to the ending time point to obtain the target duration.
And the audio deleting unit 700 is configured to delete each audio and disconnect the communication connection between the server and the client when the total audio duration is not less than the target duration.
Wherein, the audio deleting unit 700 is further configured to: and storing the IP address of the client into a preset blacklist.
And the audio forwarding unit 800 is configured to send each audio to the server, receive reply videos corresponding to each audio fed back by the server, and send each reply video to the client when the total audio duration is less than the target duration.
The audio forwarding unit 800 is specifically configured to: for each audio, judging whether the playing time length of the audio is smaller than a preset time length threshold value; under the condition that the playing time length of the audio is smaller than a preset time length threshold value, identifying the audio as effective audio; and sending each effective audio to the server, and receiving a reply video corresponding to each effective audio fed back by the server.
The audio forwarding unit 800 is further configured to: and under the condition that the playing time length of the audio is not less than a preset time length threshold value, identifying the audio as invalid audio, and deleting the invalid audio.
By using the scheme shown in the embodiment, whether the audio sent by the client is a malicious attack behavior disguised by a lawbreaker or not can be distinguished according to the playing time and the timestamp of each audio sent by the client within the preset time period, and the audio belonging to the malicious attack is deleted, so that the server is effectively prevented from being maliciously attacked by the lawbreaker.
As shown in fig. 4, an application environment schematic diagram is further provided for the present application, and the defense method for malicious attacks provided in the embodiment of the present application may be applied to the interactive system 400 shown in fig. 4, and specifically, applied to the gateway 403. The interactive system 400 comprises a terminal device 401, a server 402 and a gateway 403, wherein the server 402 is in communication interaction with the terminal device 401 through the gateway 403. The server 402 may be a conventional server or a cloud server, which is not limited herein.
The terminal device 401 may be various electronic devices that have a display screen, a data processing module, a shooting camera, an audio input/output function, and the like, and support data input, including but not limited to a smart phone, a tablet computer, a laptop portable computer, a desktop computer, a self-service terminal, a wearable electronic device, and the like. Specifically, the data input may be inputting voice based on a voice module provided on the electronic device, inputting characters based on a character input module, and the like.
The terminal device 401 may have a client application installed thereon, and the user may be based on the client application (for example, APP, wechat applet, etc.), where the conversation robot in this embodiment is also a client application configured in the terminal device 401. A user may register a user account in the server 402 based on the client application program, and communicate with the server 402 based on the user account, for example, the user logs in the user account in the client application program, inputs information through the client application program based on the user account, and may input text information or voice information, etc., after receiving the information input by the user, the client application program may send the information to the gateway 403, and then the gateway forwards the information to the server 402, so that the server 402 may receive, process, and store the information, and the server 402 may also receive the information, return a corresponding output information to the gateway 403 according to the information, and then the gateway 403 forwards the output information to the terminal device 401.
The application also provides a computer readable storage medium, which comprises a stored program, wherein the program executes the method for defending against malicious attacks provided by the application.
The present application further provides a gateway, comprising: a processor, a memory, and a bus. The processor is connected with the memory through a bus, the memory is used for storing programs, and the processor is used for running the programs, wherein the program runs to execute the malicious attack defense method provided by the application, and the malicious attack defense method comprises the following steps:
calling a communication interface of the server, and intercepting a plurality of audio requests sent to the server by a client within a preset time period;
analyzing each audio request to obtain audio information corresponding to each audio request; the audio information comprises the playing time length and the time stamp of the audio; the time stamp represents a sending time point of the audio sent by the client to the server;
accumulating and summing the playing time lengths of the audios to obtain the total audio time length;
selecting the transmission time point with the earliest time from the transmission time points of the audios as an initial time point;
selecting a sending time point with the latest time from the sending time points of the audios as a termination time point;
counting the time from the starting time point to the ending time point to obtain a target duration;
and under the condition that the total audio time length is not less than the target time length, deleting each audio, and disconnecting the communication connection between the server and the client.
Specifically, on the basis of the above embodiment, the analyzing each audio request to obtain the audio information corresponding to each audio request includes:
analyzing each audio request to obtain audio information and connection request information corresponding to each audio request; the connection request information comprises an IP address of the client;
the deleting each audio and disconnecting the communication connection between the server and the client when the total audio duration is not less than the target duration further includes:
and storing the IP address of the client into a preset blacklist.
Specifically, on the basis of the above embodiment, the performing summation on the playing time lengths of the audios to obtain the total audio time length includes:
judging whether the IP address of the client is recorded in a preset blacklist or not;
and under the condition that the IP address of the client is not recorded in the preset blacklist, accumulating and summing the playing time of each audio to obtain the total audio time.
Specifically, on the basis of the above embodiment, the method further includes:
and under the condition that the IP address of the client is recorded in the preset blacklist, deleting each audio and disconnecting the communication connection between the server and the client.
Specifically, on the basis of the above embodiment, the method further includes:
and in the case that the total audio time length is less than the target time length, sending each audio to the server, and receiving a reply video corresponding to each audio fed back by the server.
Specifically, on the basis of the above embodiment, the sending the respective audios to the server and receiving the reply videos corresponding to each audio fed back by the server includes:
for each audio, judging whether the playing time length of the audio is smaller than a preset time length threshold value;
under the condition that the playing time length of the audio is smaller than the preset time length threshold value, identifying the audio as effective audio;
and sending each effective audio to the server, and receiving reply videos fed back by the server and corresponding to each effective audio.
Specifically, on the basis of the above embodiment, the method further includes:
and under the condition that the playing time length of the audio is not less than the preset time length threshold, identifying the audio as invalid audio, and deleting the invalid audio.
The functions described in the method of the embodiment of the present application, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution to the prior art of the embodiments of the present application or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including several instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for defending against malicious attacks, comprising:
calling a communication interface of the server, and intercepting a plurality of audio requests sent to the server by a client within a preset time period;
analyzing each audio request to obtain audio information corresponding to each audio request; the audio information comprises the playing time length and the time stamp of the audio; the time stamp represents a sending time point of the audio sent by the client to the server;
accumulating and summing the playing time lengths of the audios to obtain the total audio time length;
selecting the transmission time point with the earliest time from the transmission time points of the audios as an initial time point;
selecting a sending time point with the latest time from the sending time points of the audios as a termination time point;
counting the time from the starting time point to the ending time point to obtain a target duration;
and under the condition that the total audio time length is not less than the target time length, deleting each audio, and disconnecting the communication connection between the server and the client.
2. The method of claim 1, wherein parsing each of the audio requests to obtain audio information corresponding to each of the audio requests comprises:
analyzing each audio request to obtain audio information and connection request information corresponding to each audio request; the connection request information comprises an IP address of the client;
the deleting each audio and disconnecting the communication connection between the server and the client when the total audio duration is not less than the target duration further includes:
and storing the IP address of the client into a preset blacklist.
3. The method of claim 2, wherein said accumulating and summing the playing time lengths of the audio frequencies to obtain a total audio time length comprises:
judging whether the IP address of the client is recorded in a preset blacklist or not;
and under the condition that the IP address of the client is not recorded in the preset blacklist, accumulating and summing the playing time of each audio to obtain the total audio time.
4. The method of claim 3, further comprising:
and under the condition that the IP address of the client is recorded in the preset blacklist, deleting each audio and disconnecting the communication connection between the server and the client.
5. The method of claim 1, further comprising:
under the condition that the total audio time length is less than the target time length, sending each audio to the server, and receiving a reply video corresponding to each audio fed back by the server;
and sending each reply video to the client.
6. The method of claim 5, wherein said sending respective audio to the server and receiving reply video corresponding to each of the audio fed back by the server comprises:
for each audio, judging whether the playing time length of the audio is smaller than a preset time length threshold value;
under the condition that the playing time length of the audio is smaller than the preset time length threshold value, identifying the audio as effective audio;
and sending each effective audio to the server, and receiving reply videos fed back by the server and corresponding to each effective audio.
7. The method of claim 6, further comprising:
and under the condition that the playing time length of the audio is not less than the preset time length threshold, identifying the audio as invalid audio, and deleting the invalid audio.
8. A defense apparatus against malicious attacks, comprising:
the request intercepting unit is used for calling a communication interface of the server and intercepting a plurality of audio requests sent to the server by a client within a preset time period;
the request analysis unit is used for analyzing each audio request to obtain audio information corresponding to each audio request; the audio information comprises the playing time length and the time stamp of the audio; the time stamp represents a sending time point of the audio sent by the client to the server;
the time length calculating unit is used for accumulating and summing the playing time lengths of the audios to obtain the total audio time length;
the starting determining unit is used for selecting the transmitting time point with the earliest time from the transmitting time points of the audios as the starting time point;
a termination determining unit, configured to select a transmission time point with the latest time from the transmission time points of the audio frequencies as a termination time point;
the time counting unit is used for counting the time from the starting time point to the ending time point to obtain a target duration;
and the audio deleting unit is used for deleting each audio and disconnecting the communication connection between the server and the client under the condition that the total audio duration is not less than the target duration.
9. A computer-readable storage medium, comprising a stored program, wherein the program executes the method for defending against a malicious attack according to any one of claims 1 to 7.
10. A gateway, comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is used for storing a program, and the processor is used for running the program, wherein the program runs and executes the method for defending against the malicious attack according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111212392.4A CN113872987A (en) | 2021-10-18 | 2021-10-18 | Malicious attack defense method and device, storage medium and gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111212392.4A CN113872987A (en) | 2021-10-18 | 2021-10-18 | Malicious attack defense method and device, storage medium and gateway |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113872987A true CN113872987A (en) | 2021-12-31 |
Family
ID=79000193
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111212392.4A Pending CN113872987A (en) | 2021-10-18 | 2021-10-18 | Malicious attack defense method and device, storage medium and gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113872987A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114639375A (en) * | 2022-05-09 | 2022-06-17 | 杭州海康威视数字技术股份有限公司 | Intelligent voice recognition security defense method and device based on audio slice adjustment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179119A (en) * | 2013-03-19 | 2013-06-26 | 杭州华三通信技术有限公司 | Voice data transmission method and equipment |
| CN109088974A (en) * | 2018-06-28 | 2018-12-25 | 深圳市口袋网络科技有限公司 | A kind of data save method and its device, equipment, storage medium |
| CN110651323A (en) * | 2017-05-11 | 2020-01-03 | 谷歌有限责任公司 | Detecting and suppressing voice queries |
-
2021
- 2021-10-18 CN CN202111212392.4A patent/CN113872987A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179119A (en) * | 2013-03-19 | 2013-06-26 | 杭州华三通信技术有限公司 | Voice data transmission method and equipment |
| CN110651323A (en) * | 2017-05-11 | 2020-01-03 | 谷歌有限责任公司 | Detecting and suppressing voice queries |
| CN109088974A (en) * | 2018-06-28 | 2018-12-25 | 深圳市口袋网络科技有限公司 | A kind of data save method and its device, equipment, storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114639375A (en) * | 2022-05-09 | 2022-06-17 | 杭州海康威视数字技术股份有限公司 | Intelligent voice recognition security defense method and device based on audio slice adjustment |
| CN114639375B (en) * | 2022-05-09 | 2022-08-23 | 杭州海康威视数字技术股份有限公司 | Intelligent voice recognition security defense method and device based on audio slice adjustment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Thing et al. | Live memory forensics of mobile phones | |
| CN109152095B (en) | Wireless network connection method for terminal | |
| CN109542361B (en) | Distributed storage system file reading method, system and related device | |
| CN109246741B (en) | Wireless network connection method for terminal | |
| US9432507B2 (en) | System and method for providing information of outgoing call | |
| CN106022101B (en) | application management method and terminal | |
| CN104253714A (en) | Monitoring method, system, browser and server | |
| CN111049786A (en) | Network attack detection method, device, equipment and storage medium | |
| CN105681257B (en) | Information reporting method, device, equipment and system based on instant messaging interaction platform and computer storage medium | |
| WO2020258102A1 (en) | Content pushing method and apparatus, mobile terminal and storage medium | |
| CN113872987A (en) | Malicious attack defense method and device, storage medium and gateway | |
| CN109978114B (en) | Data processing method, device, server and storage medium | |
| KR101490442B1 (en) | Method and system for cutting malicious message in mobile phone, and mobile phone implementing the same | |
| WO2016037489A1 (en) | Method, device and system for monitoring rcs spam messages | |
| CN112118352B (en) | Method and device for processing notification trigger message, electronic equipment and computer readable medium | |
| CN109831417B (en) | Method, device, server and storage medium for processing account number for preventing harassment | |
| CN104320766A (en) | Spam short message identification method, device and equipment | |
| CN110932960A (en) | Social software-based fraud prevention method, server and system | |
| CN114003904B (en) | Information sharing method, device, computer equipment and storage medium | |
| CN114048059A (en) | Method and device for adjusting timeout time of interface, computer equipment and storage medium | |
| CN115795100A (en) | User event processing method and device, electronic equipment and readable storage medium | |
| CN109327433B (en) | Threat perception method and system based on operation scene analysis | |
| CN105701684B (en) | Data processing method and device | |
| CN113839962B (en) | User attribute determination method, apparatus, storage medium, and program product | |
| CN112040068B (en) | False international number identification method, device, equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |