CN113904839A - Access request management method and device - Google Patents
Access request management method and device Download PDFInfo
- Publication number
- CN113904839A CN113904839A CN202111164177.1A CN202111164177A CN113904839A CN 113904839 A CN113904839 A CN 113904839A CN 202111164177 A CN202111164177 A CN 202111164177A CN 113904839 A CN113904839 A CN 113904839A
- Authority
- CN
- China
- Prior art keywords
- request
- target
- access
- management rule
- access management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
The application provides an access request management method and device, and the method can comprise the following steps: acquiring a target access request from a target request source, and determining a target access management rule set corresponding to the target request source, wherein each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths; updating the accumulated request times respectively corresponding to the target request sources in each preset period; and if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach the corresponding request time threshold, limiting the target access request to call a target API. Through the technical scheme, the access request times received in a short period and a long period can be limited, so that not only can a large number of calls in the short period of sudden attack be avoided, but also long-term batch requests of the crawler can be avoided.
Description
Technical Field
The present application relates to the field of network communication technologies, and in particular, to a method and an apparatus for managing access requests.
Background
With the development of big data technology, data resources among different applications or services need to be shared with each other, but a huge risk of information leakage exists in a way of directly opening data resource sharing, so that most of applications adopt a way of calling an API interface by sending an access request to share data resources at present. However, if the API interface is suddenly attacked by a large number of access requests or requested by a crawler in batches for a long time, the whole application or service is easily trapped in a high-pressure processing state or even crashed.
The existing anti-attack and anti-crawler technology is mainly realized by limiting the access frequency of an IP address, a specific access frequency threshold value is set for a specific IP address, and if the access frequency of the IP address exceeds the set access frequency threshold value, the access of the IP address is refused. However, the setting of the access frequency threshold in the above method is difficult, and cannot be simultaneously limited to a sudden access attack and a long-term web crawler.
Disclosure of Invention
In view of this, the present application provides an access request management method and apparatus, which are used to limit the number of access requests received in different time periods.
Specifically, the method is realized through the following technical scheme:
according to a first aspect of the present application, there is provided an access request management method, including:
acquiring a target access request from a target request source, and determining a target access management rule set corresponding to the target request source, wherein each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths;
updating the accumulated request times respectively corresponding to the target request sources in each preset period;
if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach the corresponding request time threshold, limiting the target access request to call a target API (application program interface);
and if the target access request enables the corresponding updated accumulated request times of the target request source in each preset period to not reach the corresponding request time threshold value, allowing the target access request to call the target API.
According to a second aspect of the present application, there is provided an access request management apparatus comprising:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a target access request from a target request source and determining a target access management rule set corresponding to the target request source, and each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths;
the updating unit is used for updating the accumulated request times respectively corresponding to the target request sources in each preset period;
the limiting unit is used for limiting the target access request to call a target API (application program interface) if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach a corresponding request time threshold;
and the calling unit is used for allowing the target access request to call the target API if the target access request enables the corresponding updated accumulated request times of the target request source in each preset period to not reach the corresponding request time threshold value.
According to a third aspect of the present application, there is provided an electronic device comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method as described in the embodiments of the first aspect above by executing the executable instructions.
According to a fourth aspect of embodiments of the present application, there is provided a computer-readable storage medium having stored thereon computer instructions which, when executed by a processor, implement the steps of the method as described in the embodiments of the first aspect above.
According to the technical scheme, the access management rules corresponding to different time length periods are set so as to limit the number of access requests received in a short period and a long period, so that not only can a large number of calls in a short period be avoided by sudden attacks, but also long-term batch requests of crawlers can be avoided.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
FIG. 1 is a flow chart illustrating an access request management according to an exemplary embodiment of the present application;
FIG. 2 is a flow diagram illustrating another access request management according to an exemplary embodiment of the present application;
FIG. 3 is a schematic diagram illustrating an electronic device for access request management according to an exemplary embodiment of the present application;
fig. 4 is a block diagram illustrating an access request management apparatus according to an exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Next, examples of the present application will be described in detail.
Fig. 1 is a flowchart illustrating an access request management method according to an exemplary embodiment of the present application. As shown in fig. 1, the following steps may be included:
step 102: the method comprises the steps of obtaining a target access request from a target request source, and determining a target access management rule set corresponding to the target request source, wherein each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths.
In the technical scheme of the application, an access management rule set for a request source is predefined, the access management rule set comprises a plurality of access management rules, and different access management rules are used for limiting the times of receiving or sending access requests by the request source in different time period. For example, the access management rule set corresponding to the request source a may include the access management rule a1 and the access management rule a 2. The access management rule a1 defines that a preset period duration is 5 minutes and a corresponding request time threshold is 1000 times, that is, the access management rule a1 is used to limit access requests from the request source a to not exceed 1000 times within 5 minutes; the access management rule a2 defines a preset period duration of 1 hour and a corresponding threshold number of requests of 20000, i.e. the access management rule a2 is used to limit access requests from the request source a within 1 hour to no more than 20000. By setting a plurality of access request management rules with different time periods for the request source, the request source can prevent the overload of the application interface caused by short-term burst attack and can prevent the interface from being requested by a crawler in batches for a long time to acquire data.
The request source may be a source IP that initiates the access request, or may also be an API interface that receives the access request, which is not limited in the present application. When the request source is the source IP initiating the access request, the source IP initiating the access request can be limited through the corresponding access management rule set, and the application interface is prevented from crashing when processing a large number of access requests from IP addresses of attackers. However, the access management rule set for the source IP is invalidated after the attacker replaces the IP address, and therefore, the request source may be further set as an API interface for receiving the access request, and when the request source is the API interface for receiving the access request, the number of times of the access request received by the API interface may be directly limited by the corresponding access management rule set, so as to avoid that the API interface receives an excessive number of access requests and is trapped in a high-pressure processing state or even crashes.
In one embodiment, since there is typically more than one request source, different sets of access request management rules may be set for different request sources, respectively. After a target access request from a request source is acquired, a target access management rule set corresponding to the target request source can be determined according to the target request source and a predefined corresponding relationship between the request source and the access management rule set, so that the target access request is managed through the target access management rule set. Different access management rule sets are respectively set for different request sources, so that the access management rule set corresponding to each request source can be set in a targeted manner according to the performance or the requirement of the request source.
Step 104: and updating the accumulated request times respectively corresponding to the target request sources in each preset period.
The accumulated request times are obtained by counting the number of access requests from a target request source. When the target request source is a target source IP, the accumulated request times are the times of transmitting the access request to the target API in an accumulated manner within a corresponding preset period by the target source IP; when the target request source is the target API, the accumulated request times are the times of the target API receiving the access request in the corresponding preset period.
As described above, in the present application, the cumulative number of requests corresponding to each access management rule is counted in a time period. That is, when the preset period corresponding to any access management rule is shifted from the current period to the next period, the accumulated number of requests corresponding to the access management rule is also cleared, and the number of access requests from the target request source is counted again. For example, the access management rule set corresponding to the request source a may include the access management rule a1 and the access management rule a2, where the preset period duration corresponding to the access management rule a1 is 5 minutes, the preset period duration corresponding to the access management rule a2 is 1 hour, assuming that the access management rule set takes effect from 12:00, 950 access requests from the target request source a are obtained within 5 minutes from 12:00 to 12:05, the cumulative number of requests within the preset period corresponding to the access management rule a1 and the cumulative number of requests within the preset period corresponding to the access management rule a2 are 950 times at 12:05, and if an access request from the request source a is obtained at 12:06, for example, the access management rule a1 has jumped to the next period at this time, the cumulative number of requests corresponding to the next period is cleared and recalculated to 1 time, for the access management rule a2, the statistics continues on a 950-time basis, and the cumulative number of requests is 951.
In an embodiment, the accumulated number of requests of the target request source in the preset period corresponding to each access management rule may be stored in a two-dimensional array, and still taking the access management rule set corresponding to the request source a and including the access management rule a1 and the access management rule a2 as an example, the accumulated number of requests may be stored in the two-dimensional array as shown in table 1 below:
TABLE 1
After a target access request from a target request source is acquired, the accumulated request times corresponding to different access management rules in an access management rule set corresponding to the target request source can be acquired according to the two-dimensional array, and 1 is added to the accumulated request times corresponding to all the access management rules so as to update the accumulated request times corresponding to the target request source in each preset period.
Step 106: and if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach the corresponding request time threshold, limiting the target access request to call a target API.
If all the access management rules are triggered, the access request is limited to call the API interface, then the cumulative request times corresponding to the access management rules in the short-term period exceed the corresponding threshold value and are not limited, but the cumulative request times corresponding to all the access management rules reach the threshold value and are limited, the effect of preventing short-term attack cannot be achieved, and if all the access management rules reach the threshold value, the access request is limited to call the interface, however, after the short-term preset period jumps to the next period, the limited rules are triggered according to all the rules, at this time, the access request can call the API interface, and the effect of preventing long-term request data crawling cannot be achieved. Therefore, in the technical solution of the present application, the logic judgment of the access management rule set is to limit the target access request to call the target API interface as long as there is one access management rule triggering limitation condition, and return failure or prompt information to the initiator of the access request, and allow the target access request to call the target API interface when all the access management rules do not trigger the limitation condition.
In one embodiment, the cumulative number of requests within a preset period of shorter duration is refreshed faster, since the threshold for the number of requests is typically set smaller for a preset period of shorter duration. Based on this, the access management rules in the target access management rule set can be sorted from small to large according to the duration of the corresponding preset period, so as to sequentially compare the request time threshold corresponding to each access management rule with the updated accumulated request times of the target request source in the corresponding preset period according to the sorting result, until the updated accumulated request times corresponding to the target request source in any preset period reaches the request time threshold defined by the corresponding access management rule. For example, the access management rule set corresponding to the request source a may include an access management rule a1 and an access management rule a2, where a preset period duration corresponding to the access management rule a1 is 5 minutes, and a preset period duration corresponding to the access management rule a2 is 1 hour, and then it is determined whether the updated accumulated request times in the preset period of 5 minutes exceeds a corresponding request time threshold according to the access management rule a1, if so, the target access request may be directly restricted from invoking the target API interface, and it is not necessary to determine whether the target access request conforms to the access management rule a 2; if not, whether the updated accumulated request times in the preset period of 1 hour exceeds the corresponding request time threshold is judged according to the access management rule A2. By sequentially judging according to the sequence of the preset period from small to large, the comparison times of the access request management rules can be reduced, and the judgment efficiency is improved.
As described above, in the present application, since the accumulated number of requests corresponding to any access management rule is cleared when the preset period of the access management rule jumps from the current period to the next period, so as to re-count the number of access requests from the target request source, even if the access request from the target request source is limited to call the target API interface due to the existence of the preset threshold of the number of requests exceeding the accumulated number of requests corresponding to the access management rule, the accumulated number of requests corresponding to the access management rule will not trigger the limitation after the jump of the preset period corresponding to the access management rule as time elapses. At this time, the request frequency threshold corresponding to each access management rule still needs to be compared with the updated accumulated request frequency of the target request source in the corresponding preset period, and if the updated accumulated request frequency of the target request source in each preset period does not reach the corresponding request frequency threshold, the call of the request source is resumed.
Further, in the process of applying the access management rule set, the parameters of the access management rule included in the access management rule set can be modified. If the request time threshold of any access management rule is modified, the modified request time threshold can be validated in real time in the current period of the access management rule. For example, if at a certain time, the threshold of the number of requests corresponding to the access management rule is 1000 times, and the cumulative number of requests corresponding to the access management rule has reached 1200 times in the current period, the access request from the corresponding request source is limited to be unable to call the target API interface, in this case, if the number of requests corresponding to the access management rule is modified to 1500 times, if the access request from the request source is acquired again in the current period, the cumulative number of requests is 1201 times, and if the modified threshold of the number of requests is not reached, the access request is allowed to call the target API interface. If the preset period duration of any access management rule is modified, the modified preset duration can take effect in the current period or the next period of the access management rule. If the preset period duration corresponding to the access management rule is N minutes, and if the preset period duration corresponding to the access management rule is modified to P minutes, the period duration of the current period may be changed to P minutes, and the current period is immediately ended, or the modified preset period duration may not be immediately effective, and the accumulated request times are recalculated, but the period duration of the next period skipped after 5 minutes of the current period is ended is modified to P minutes. If the preset period time set by the rule is not short enough and the API is under attack after a user configures an access management rule for limiting short-period attack access, the API is called more times within the preset period time and cannot protect the application service, under the condition, the modified preset period access management rule or the access management rule with a new preset period with a shorter time can be immediately validated in the current period to prevent attack and protect the safety of the application service. After a user configures an access management rule for limiting long-period crawling data, if the rule is found to be still possible to cause the data to be crawled by some attack sources when in use, in this case, the access management rule needs to be updated to perform fine-grained access management control, and statistical limitation can be performed according to a new preset period of time after the current statistical period is finished, so as to avoid the influence on current service access. By the modification rule, the modification can be carried out in real time according to the user requirement in the starting process of the access management rule set, and the flexibility of access request management is improved.
According to the technical scheme, the access management rules corresponding to different time length periods are set to limit the number of access requests received in a short period and a long period at the same time, so that not only can a large number of calls in a short period be avoided by sudden attacks, but also long-term batch requests of crawlers can be avoided, and the safety of application or service is improved. This is explained in detail below with reference to fig. 2. Fig. 2 is a flowchart illustrating another method for managing access requests according to an exemplary embodiment of the present application. As shown in fig. 2, access request management may include the steps of:
For example, there is an application program applied with the access request management method of the present application, the application program includes three application interfaces: API interface a, API interface b and API interface c.
If the API interface a and the API interface b receive the access request respectively at a certain time, the application program may obtain the access request received by the API interface a and the API interface b respectively.
In this embodiment, the target API interfaces are API interface a and API interface b, so that the target access management rule sets corresponding to API interface a and API interface b may be respectively determined according to the predefined correspondence between the API interfaces and the access management rule sets, so as to obtain the access management rules included in the target access management rule sets.
For example, the access management rule set corresponding to the API interface a includes an access management rule a1 and an access management rule a2, where the access management rule a1 defines a preset cycle duration of 5 minutes and a corresponding request number threshold of 1500; the access management rule a2 defines that the preset period duration is 1 hour and the corresponding request time threshold is 10000; the access management rule a3 defines a preset cycle duration of 1 day and a corresponding threshold number of requests of 500000.
The access management rule set corresponding to the API interface B includes an access management rule B1 and an access management rule B2. The access management rule B1 defines that the preset period duration is 10 minutes and the corresponding request number threshold is 1500; the access management rule B2 defines that the preset period duration is 1 hour and the corresponding request time threshold is 8000; the access management rule B3 defines a preset cycle duration of 1 day and a corresponding threshold number of requests of 500000.
For example, the application program counts the number of access requests received by each API interface through a two-dimensional group as shown in table 2.
TABLE 2
By retrieving the two-dimensional array shown in table 2, the accumulated request times of the API interfaces a, b, and c in the preset period corresponding to the respective access management rules can be obtained. For example, the cumulative number of requests of the API interface a in the preset period corresponding to the access management rule a1 is 869, and the cumulative number of requests of the API interface B in the preset period corresponding to the access management rule B2 is 6522.
And step 204, updating the accumulated request times corresponding to the target API in each preset period.
Since the API interface a and the API interface b respectively receive an access request, the cumulative number of requests corresponding to the preset period of each access management rule of the API interface a and the API interface b may be added by one in the two-dimensional array shown in table 2, so as to obtain the updated two-dimensional array shown in table 3.
TABLE 3
In step 206a, if the target access request causes the updated accumulated number of times of the target API interface in each preset period to not reach the corresponding threshold value of the number of times of the request, allowing the target access request to call the target API interface.
In step 206b, if the target access request makes the updated accumulated number of requests of the target API interface in any preset period reach the corresponding threshold of the number of requests, the target access request is restricted from calling the target API interface.
For API interface a, comparing the request times thresholds corresponding to access management rule a1, access management rule a2 and access management rule A3 with the corresponding updated accumulated request times in order from large to small according to the duration of the preset period corresponding to each access management rule in the target access management rule set, where the updated accumulated request times 870 of access management rule a1 does not reach its corresponding request times threshold 1500, the updated accumulated request times 2000 of access management rule a2 does not reach its corresponding request times threshold 10000, and the updated accumulated request times 21565 of access management rule A3 does not reach its corresponding request times threshold 500000, so that the corresponding target access request is allowed to call AP interface a.
For the API interface B, the request number thresholds corresponding to the access management rule B1, the access management rule B2 and the access management rule B3 are compared with the corresponding updated accumulated request numbers in sequence from large to small according to the duration of the preset period corresponding to each access management rule in the target access management rule set, the updated accumulated request number 699 of the access management rule B1 does not reach the corresponding request number threshold 1500, and the updated accumulated request number 8000 of the access management rule B2 reaches the corresponding request number threshold 8000, so that the corresponding target access request is limited from calling the API interface B.
Corresponding to the method embodiments, the present specification also provides an embodiment of an apparatus.
Fig. 3 is a schematic structural diagram illustrating an electronic device for access request management according to an exemplary embodiment of the present application. Referring to fig. 3, at the hardware level, the electronic device includes a processor 302, an internal bus 304, a network interface 306, a memory 308, and a non-volatile storage 310, although it may also include hardware required for other services. The processor 302 reads the corresponding computer program from the non-volatile memory 310 into the memory 308 and then runs. Of course, besides the software implementation, the present application does not exclude other implementations, such as logic devices or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Fig. 4 is a block diagram illustrating an access request management apparatus according to an exemplary embodiment of the present application. Referring to fig. 4, the apparatus includes an obtaining unit 402, an updating unit 404, a limiting unit 406, and a calling unit 408, where:
the obtaining unit 402 is configured to obtain a target access request from a target request source, and determine a target access management rule set corresponding to the target request source, where each access management rule included in the target access management rule set defines a request number threshold corresponding to a preset period with different durations.
The updating unit 404 is configured to update the accumulated request times respectively corresponding to the target request sources in each preset period.
The limiting unit 406 is configured to limit the target access request to call a target API interface if the target access request enables the corresponding updated accumulated number of requests of the target request source in any preset period to reach a corresponding threshold number of requests.
Optionally, if the target access request makes the updated accumulated number of requests of the target request source in each preset period not reach the corresponding threshold of the number of requests, allowing the target access request to call the target API interface.
Optionally, the apparatus further comprises:
the comparing unit 408 is configured to sequentially compare the request time threshold corresponding to each access management rule with the updated accumulated request times of the target request source in the corresponding preset period according to the sequence from small to large of the duration of the preset period corresponding to each access management rule in the target access management rule set, until the updated accumulated request times corresponding to the target request source in any preset period reaches the request time threshold defined by the corresponding access management rule.
Optionally, if the request time threshold of any access management rule is modified, the modified request time threshold is valid in the current cycle of any access management rule. If the time length of the preset period corresponding to any access management rule is modified, the modified time length takes effect in the next period of the access management rule.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
In an exemplary embodiment, there is also provided a non-transitory computer readable storage medium, e.g. a memory, comprising instructions executable by a processor of an access request management apparatus to implement a method as described in any of the above embodiments, such as the method may comprise:
acquiring a target access request from a target request source, and determining a target access management rule set corresponding to the target request source, wherein each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths; updating the accumulated request times respectively corresponding to the target request sources in each preset period; if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach the corresponding request time threshold, limiting the target access request to call a target API (application program interface); and if the target access request enables the corresponding updated accumulated request times of the target request source in each preset period to not reach the corresponding request time threshold value, allowing the target access request to call the target API.
The non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, etc., which is not limited in this application.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (10)
1. An access request management method, the method comprising:
acquiring a target access request from a target request source, and determining a target access management rule set corresponding to the target request source, wherein each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths;
updating the accumulated request times respectively corresponding to the target request sources in each preset period;
and if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach the corresponding request time threshold, limiting the target access request to call a target API.
2. The method of claim 1, wherein if the target access request causes the corresponding updated accumulated request times of the target request source in each preset period to not reach the corresponding request time threshold, allowing the target access request to call the target API interface.
3. The method of claim 1, wherein the request source corresponding to any access request is defined by: the source IP contained in any access request or the receiving port corresponding to any access request.
4. The method of claim 1, wherein determining the target access management rule set corresponding to the target request source comprises:
and determining a target access management rule set corresponding to the target request source according to the corresponding relation between the predefined request source and the access management rule set.
5. The method of claim 1, further comprising:
and comparing the request times threshold corresponding to each access management rule with the updated accumulated request times of the target request source in the corresponding preset period in sequence according to the sequence from small to large of the duration of the preset period corresponding to each access management rule in the target access management rule set until the updated accumulated request times corresponding to the target request source in any preset period reach the request times threshold defined by the corresponding access management rule.
6. The method of claim 1, wherein the threshold number of requests is positively correlated to the duration of the corresponding preset period.
7. The method according to claim 1, wherein if the request time threshold of any access management rule is modified, the modified request time threshold is valid in the current period of any access management rule; if the time length of the preset period corresponding to any access management rule is modified, the modified time length is effective in the current period or the next period of any access management rule.
8. An access request management apparatus, characterized in that the apparatus comprises:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a target access request from a target request source and determining a target access management rule set corresponding to the target request source, and each access management rule contained in the target access management rule set defines a request time threshold corresponding to a preset period with different time lengths;
the updating unit is used for updating the accumulated request times respectively corresponding to the target request sources in each preset period;
and the limiting unit is used for limiting the target access request to call a target API (application program interface) if the target access request enables the corresponding updated accumulated request times of the target request source in any preset period to reach a corresponding request time threshold.
9. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any one of claims 1-7 by executing the executable instructions.
10. A computer-readable storage medium having stored thereon computer instructions, which when executed by a processor, perform the steps of the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111164177.1A CN113904839A (en) | 2021-09-30 | 2021-09-30 | Access request management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111164177.1A CN113904839A (en) | 2021-09-30 | 2021-09-30 | Access request management method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113904839A true CN113904839A (en) | 2022-01-07 |
Family
ID=79189887
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111164177.1A Pending CN113904839A (en) | 2021-09-30 | 2021-09-30 | Access request management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113904839A (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7315518B1 (en) * | 2002-09-05 | 2008-01-01 | Art Technology Group, Inc. | Method and apparatus for the prevention of unwanted calls in a callback system |
| US20130042319A1 (en) * | 2011-08-10 | 2013-02-14 | Sangfor Networks Company Limited | Method and apparatus for detecting and defending against cc attack |
| CN104580216A (en) * | 2015-01-09 | 2015-04-29 | 北京京东尚科信息技术有限公司 | System and method for limiting access requests |
| CN105491054A (en) * | 2015-12-22 | 2016-04-13 | 网易(杭州)网络有限公司 | Method and apparatus for determining malicious access, and method and apparatus for intercepting malicious access |
| CN105577608A (en) * | 2014-10-08 | 2016-05-11 | 腾讯科技(深圳)有限公司 | Network attack behavior detection method and network attack behavior detection device |
| WO2017084529A1 (en) * | 2015-11-19 | 2017-05-26 | 阿里巴巴集团控股有限公司 | Network attacks identifying method and device |
| US20170262628A1 (en) * | 2016-03-10 | 2017-09-14 | Fujitsu Limited | Management device, management method, and computer-readable recording medium |
| CN109150878A (en) * | 2018-08-21 | 2019-01-04 | 郑州云海信息技术有限公司 | A kind of method and device of the access limitation of cloud platform |
| CN109729094A (en) * | 2019-01-24 | 2019-05-07 | 中国平安人寿保险股份有限公司 | Malicious attack detection method, system, computer installation and readable storage medium storing program for executing |
| CN111030936A (en) * | 2019-11-18 | 2020-04-17 | 腾讯云计算(北京)有限责任公司 | Current-limiting control method and device for network access and computer-readable storage medium |
| CN111212031A (en) * | 2019-12-12 | 2020-05-29 | 北京淇瑀信息科技有限公司 | Control method and device for interface access frequency, electronic equipment and storage medium |
| CN111371774A (en) * | 2020-02-28 | 2020-07-03 | 深信服科技股份有限公司 | Information processing method and device, equipment and storage medium |
| CN112291199A (en) * | 2020-09-30 | 2021-01-29 | 新华三信息安全技术有限公司 | Message processing method and device, electronic equipment and storage medium |
-
2021
- 2021-09-30 CN CN202111164177.1A patent/CN113904839A/en active Pending
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7315518B1 (en) * | 2002-09-05 | 2008-01-01 | Art Technology Group, Inc. | Method and apparatus for the prevention of unwanted calls in a callback system |
| US20130042319A1 (en) * | 2011-08-10 | 2013-02-14 | Sangfor Networks Company Limited | Method and apparatus for detecting and defending against cc attack |
| CN105577608A (en) * | 2014-10-08 | 2016-05-11 | 腾讯科技(深圳)有限公司 | Network attack behavior detection method and network attack behavior detection device |
| CN104580216A (en) * | 2015-01-09 | 2015-04-29 | 北京京东尚科信息技术有限公司 | System and method for limiting access requests |
| CN106789831A (en) * | 2015-11-19 | 2017-05-31 | 阿里巴巴集团控股有限公司 | The method and apparatus for recognizing network attack |
| WO2017084529A1 (en) * | 2015-11-19 | 2017-05-26 | 阿里巴巴集团控股有限公司 | Network attacks identifying method and device |
| CN105491054A (en) * | 2015-12-22 | 2016-04-13 | 网易(杭州)网络有限公司 | Method and apparatus for determining malicious access, and method and apparatus for intercepting malicious access |
| US20170262628A1 (en) * | 2016-03-10 | 2017-09-14 | Fujitsu Limited | Management device, management method, and computer-readable recording medium |
| CN109150878A (en) * | 2018-08-21 | 2019-01-04 | 郑州云海信息技术有限公司 | A kind of method and device of the access limitation of cloud platform |
| CN109729094A (en) * | 2019-01-24 | 2019-05-07 | 中国平安人寿保险股份有限公司 | Malicious attack detection method, system, computer installation and readable storage medium storing program for executing |
| CN111030936A (en) * | 2019-11-18 | 2020-04-17 | 腾讯云计算(北京)有限责任公司 | Current-limiting control method and device for network access and computer-readable storage medium |
| CN111212031A (en) * | 2019-12-12 | 2020-05-29 | 北京淇瑀信息科技有限公司 | Control method and device for interface access frequency, electronic equipment and storage medium |
| CN111371774A (en) * | 2020-02-28 | 2020-07-03 | 深信服科技股份有限公司 | Information processing method and device, equipment and storage medium |
| CN112291199A (en) * | 2020-09-30 | 2021-01-29 | 新华三信息安全技术有限公司 | Message processing method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105282047B (en) | Access request processing method and device | |
| US11671402B2 (en) | Service resource scheduling method and apparatus | |
| US10218717B1 (en) | System and method for detecting a malicious activity in a computing environment | |
| CN104917779B (en) | A kind of means of defence, the apparatus and system of CC attacks based on cloud | |
| CN105939361B (en) | Defend the method and device of CC attack | |
| CN107743118B (en) | Hierarchical network security protection method and device | |
| CN108965348B (en) | Network security protection method, equipment and computer readable storage medium | |
| CN109657463B (en) | Method and device for defending message flooding attack | |
| CN112134954A (en) | Service request processing method and device, electronic equipment and storage medium | |
| CN109743294A (en) | Interface access control method, device, computer equipment and storage medium | |
| JP2019523476A (en) | IP address access based on security level and access history | |
| CN110674496A (en) | Method and system for program to counter invading terminal and computer equipment | |
| CN113434293A (en) | Method and apparatus for processing repeat request, storage medium, and electronic apparatus | |
| CN109474623B (en) | Network security protection and parameter determination method, device, equipment and medium thereof | |
| CN109547427B (en) | Blacklist user identification method and device, computer equipment and storage medium | |
| CN111314300A (en) | Malicious scanning IP detection method, system, device, equipment and storage medium | |
| CN112260962B (en) | Bandwidth control method and device | |
| WO2022134768A1 (en) | Method and apparatus for managing ip proxy pool, and computer device and storage medium | |
| CN106888192A (en) | The method and device that a kind of resistance DNS is attacked | |
| US10237287B1 (en) | System and method for detecting a malicious activity in a computing environment | |
| CN113904839A (en) | Access request management method and device | |
| CN109862016B (en) | Countermeasure method for cloud computing automatic expansion Yo-Yo attack | |
| JP7018810B2 (en) | Methods, programs, and equipment to defend against DNS waterboarding attacks | |
| US9936008B2 (en) | Method and system for dynamically shifting a service | |
| CN112291199B (en) | Message processing method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |