CN115102742A - Network request evaluation method, device, equipment and storage medium - Google Patents
Network request evaluation method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN115102742A CN115102742A CN202210683264.6A CN202210683264A CN115102742A CN 115102742 A CN115102742 A CN 115102742A CN 202210683264 A CN202210683264 A CN 202210683264A CN 115102742 A CN115102742 A CN 115102742A
- Authority
- CN
- China
- Prior art keywords
- request
- evaluation
- network
- evaluated
- logic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000011156 evaluation Methods 0.000 title claims abstract description 338
- 238000000034 method Methods 0.000 claims abstract description 30
- 230000006870 function Effects 0.000 claims description 48
- 238000001514 detection method Methods 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000006399 behavior Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 239000011449 brick Substances 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000007667 floating Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The invention discloses a network request evaluation method, a device, equipment and a storage medium, wherein the method comprises the following steps: when the target session is detected to be opened, determining an evaluation logic corresponding to a network request to be evaluated; determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic; and determining the credible evaluation result of the network request to be evaluated according to the request information and the evaluation logic of the auxiliary requests. According to the method and the device, when the target session is detected to be opened, the evaluation logic corresponding to the network to be evaluated is determined, the credible evaluation result of the network to be evaluated is determined according to the request information and the evaluation logic of the auxiliary requests corresponding to the evaluation logic, and compared with the prior art that historical data needs to be analyzed to determine the credible evaluation result, the credible evaluation result of the network to be evaluated is determined through the request information and the evaluation logic of the auxiliary requests, the evaluation time length is shortened, and the timeliness of credible evaluation is improved.
Description
Technical Field
The present invention relates to the field of network information security technologies, and in particular, to a network request evaluation method, apparatus, device, and storage medium.
Background
The network technology is widely applied, with more and more network application program interfaces provided by the browser, more and more product requirements borne by the network technology are provided, and most software requirements can be realized at a network end. However, compared with the compiled native application, the web application is logically compiled by using a scripting language, the required running code needs to be transmitted through the network, and then a copy of the code is stored in a browser of a user in a plaintext manner.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention mainly aims to provide a network request evaluation method, a network request evaluation device, network request evaluation equipment and a storage medium, and aims to solve the technical problem that the timeliness of the reliability evaluation of a network request in the prior art is poor.
In order to achieve the above object, the present invention provides a network request evaluation method, which comprises the following steps:
when the target session is detected to be opened, determining an evaluation logic corresponding to a network request to be evaluated;
determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic;
and determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic.
Optionally, the determining, according to the request information of the auxiliary requests and the evaluation logic, a trusted evaluation result of the network request to be evaluated includes:
acquiring request information of the auxiliary requests, and determining a request occurrence sequence corresponding to the auxiliary requests according to the request information;
determining an inter-request order according to the evaluation logic;
and determining the credible evaluation result of the network request to be evaluated according to the request occurrence sequence and the request inter-sequence.
Optionally, the determining a trusted evaluation result of the network request to be evaluated according to the request occurrence order and the inter-request order includes:
when the request generation sequence is consistent with the sequence among the requests, obtaining a credible value corresponding to the evaluation logic;
and taking the credibility value as a credibility evaluation result of the network request to be evaluated.
Optionally, the determining, according to the request information of the auxiliary requests and the evaluation logic, a trusted evaluation result of the network request to be evaluated includes:
acquiring request information of the auxiliary requests, and determining a preset evaluation function according to the evaluation logic;
determining a data source according to the parameters of the preset evaluation function, and acquiring target data from the request information according to the data source;
and determining a credible evaluation result of the network request to be evaluated according to the target data and the preset evaluation function.
Optionally, the determining, according to the evaluation logic, a plurality of auxiliary requests corresponding to the network request to be evaluated includes:
analyzing the evaluation logic;
and determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the analysis result.
Optionally, before determining an evaluation logic corresponding to a network request to be evaluated when the target session is detected to be opened, the method further includes:
when detecting that a user requests to initiate a session, acquiring session request information of the session request initiated by the user;
and when the session request information is consistent with the preset request information, judging that the target session is opened.
Optionally, before determining an evaluation logic corresponding to a network request to be evaluated when the target session is detected to be opened, the method further includes:
acquiring a request type and an evaluation rule of a network request to be evaluated, wherein the request type comprises a credibility type and a credibility description type;
acquiring auxiliary request types of a plurality of auxiliary requests corresponding to the network request, wherein the auxiliary request types comprise a presence type auxiliary request and a data type auxiliary request;
and establishing an evaluation logic corresponding to the network request to be evaluated according to the request type, the auxiliary request type and the evaluation rule.
In addition, to achieve the above object, the present invention further provides a network request evaluation apparatus, including:
the detection module is used for determining the evaluation logic corresponding to the network request to be evaluated when the target session is detected to be opened;
the determining module is used for determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic;
and the evaluation module is used for determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic.
In addition, to achieve the above object, the present invention further provides a network request evaluation device, including: a memory, a processor and a network request evaluation program stored on the memory and executable on the processor, the network request evaluation program being configured to implement the steps of the network request evaluation method as described above.
In addition, to achieve the above object, the present invention further provides a storage medium having a network request evaluation program stored thereon, wherein the network request evaluation program, when executed by a processor, implements the steps of the network request evaluation method as described above.
When the target session is detected to be opened, determining an evaluation logic corresponding to a network request to be evaluated; determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic; and determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic. According to the method, when the target session is detected to be opened, the evaluation logic corresponding to the network to be evaluated is determined, the credible evaluation result of the network to be evaluated is determined according to the request information and the evaluation logic of the auxiliary requests corresponding to the evaluation logic, and compared with the prior art that historical data needs to be analyzed to determine the credible evaluation result, the credible evaluation result of the network to be evaluated is determined through the request information and the evaluation logic of the auxiliary requests, so that the evaluation time is shortened, and the timeliness of credible evaluation is improved.
Drawings
Fig. 1 is a schematic structural diagram of a network request evaluation device of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a first embodiment of a network request evaluation method according to the present invention;
FIG. 3 is a flowchart illustrating a second embodiment of a network request evaluation method according to the present invention;
FIG. 4 is a block diagram of a network request evaluation system according to an embodiment of the network request evaluation method of the present invention;
FIG. 5 is a flowchart illustrating a network request evaluation method according to a third embodiment of the present invention;
fig. 6 is a block diagram illustrating a first embodiment of a network request evaluation apparatus according to the present invention.
The implementation, functional features and advantages of the present invention will be further described with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a network request evaluation device in a hardware operating environment according to an embodiment of the present invention.
As shown in fig. 1, the network request evaluation device may include: a processor 1001, such as a Central Processing Unit (CPU), a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. The communication bus 1002 is used to implement connection communication among these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a Wireless interface (e.g., a Wireless-Fidelity (WI-FI) interface). The Memory 1005 may be a high-speed Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as a disk Memory. The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the architecture shown in fig. 1 does not constitute a limitation of the network request evaluation device and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 1, a memory 1005, which is a storage medium, may include therein an operating system, a network communication module, a user interface module, and a network request evaluation program.
In the network request evaluation apparatus shown in fig. 1, the network interface 1004 is mainly used for data communication with a network server; the user interface 1003 is mainly used for data interaction with a user; the processor 1001 and the memory 1005 in the network request evaluation device of the present invention may be disposed in the network request evaluation device, and the network request evaluation device calls the network request evaluation program stored in the memory 1005 through the processor 1001 and executes the network request evaluation method provided by the embodiment of the present invention.
An embodiment of the present invention provides a network request evaluation method, and referring to fig. 2, fig. 2 is a flowchart illustrating a first embodiment of the network request evaluation method according to the present invention.
In this embodiment, the network request evaluation method includes the following steps:
step S10: and when the target session is detected to be opened, determining an evaluation logic corresponding to the network request to be evaluated.
It should be noted that the execution subject of the embodiment may be a computing service device with data processing, network communication and program running functions, such as a tablet computer, a personal computer, a mobile phone, etc., or an electronic device, a network request evaluation device and a network request evaluation system, etc., which can implement the above functions. The present embodiment and the following embodiments are described below by taking a network request evaluation system (hereinafter referred to as an evaluation system) as an example.
It is to be understood that the target session may be a session that requires a network request trust evaluation; the network request to be evaluated can be a request which needs to be subjected to credible evaluation to protect the security of the network request, and the type of the network request to be evaluated comprises a credibility type and a credibility description type; the evaluation logic may be a pre-configured judgment logic for performing trusted evaluation on the network request, and the evaluation logic is configured corresponding to the network request to be evaluated, that is, different evaluation logics may be configured for different network requests to be evaluated.
It should be understood that, when it is detected that the target session is opened, determining the evaluation logic corresponding to the network request to be evaluated may be, when it is detected that the target session is opened, acquiring a request identifier of the network request to be evaluated in the target session, and determining, according to the request identifier, the evaluation logic corresponding to the network request to be evaluated, which is configured in advance.
In a specific implementation, when detecting that a session requiring network request trusted evaluation is opened, an evaluation system obtains a request identifier of a network request to be evaluated in the session, and determines a pre-configured evaluation logic corresponding to the network request to be evaluated according to the request identifier.
Step S20: and determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic.
It is understood that the assistance-type request may be a request for providing data in accordance with a session, and the assistance-type request may be divided into a presence-type assistance request and a data-type assistance request according to the data provided by the assistance-type request; the secondary request is associated with a network request to be evaluated.
Step S30: and determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic.
It is understood that the request information may be information of an assisted request in a session, the request information including identification information, data information and status information; the credibility evaluation result can be a result of whether the network request to be evaluated obtained by credibility evaluation of the network request to be evaluated is a credibility network request or a credibility value of the network to be evaluated, and the credibility evaluation result comprises whether the network request to be evaluated is credible and the credibility value of the network request to be evaluated; the credibility evaluation result corresponds to the type of the network request to be evaluated, if the type is the credibility or not type, the credibility evaluation result is whether the network request to be evaluated is credible or not, and if the type is the credibility description type, the credibility evaluation result is the credibility value of the network to be evaluated.
It should be understood that the determination of the trusted evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic may be: the method comprises the steps of sequentially obtaining request information of a plurality of auxiliary requests according to an evaluation logic, judging whether the plurality of auxiliary requests accord with a configuration logic configured in the evaluation logic or not according to the request information, and determining a credible evaluation result of a network request to be evaluated according to a judgment result.
In specific implementation, when detecting that a session requiring network request credibility evaluation is opened, an evaluation system acquires a request identifier of a network request to be evaluated, determines a plurality of auxiliary requests corresponding to the network request to be evaluated according to the request identifier, determines association logic among the plurality of auxiliary requests according to request information of the plurality of auxiliary requests, determines a credibility evaluation result of the network to be evaluated according to a comparison result of the evaluation logic and the association logic, wherein when the type of the network request to be evaluated is a credibility or not type, the credibility evaluation result is whether the network request to be evaluated is a credibility network request or not, and when the type of the network request to be evaluated is a credibility description type, the credibility evaluation result is a credibility value of the network request to be evaluated.
For example, for a network request to be evaluated of a credibility type, the output of the evaluation system is a credible (TRUSTED) and an untrusted (NOT _ TRUSTED), for a network request to be evaluated of a credibility description type, the output of the evaluation system is a credible value, the credible value can be configured as floating point type data from 0 to 1, and can also be configured as other data to indicate the credibility of the network request to be evaluated, a credibility threshold value can also be set, whether the network to be evaluated is credible or NOT is judged through the relationship between the credible value and the credibility threshold value, the credible value can also be accumulated, and whether the network to be evaluated is credible or NOT is judged according to the accumulated credible value; assuming that the type of the network request to be evaluated is a reliability description type, the configuration example of the network request P to be evaluated may be:
the name parameter represents a request identification parameter, and the type parameter represents a request type parameter; assuming that the evaluation logic corresponding to the network request P to be evaluated is range logic, the system obtains a parameter of a certain auxiliary type request for judgment, the parameter name of the concerned auxiliary type request is param, the configured numerical range is a numerical array with a length of 2, a first element in the array is a lower bound of the range, a second element is an upper bound of the range, if the upper bound or the lower bound does not need to be configured, the upper bound or the lower bound may be configured as "unset", if the value parameter of the auxiliary type request a is less than or equal to 3000, the corresponding range logic may be configured to evaluate that the trusted value of the network request to be evaluated is 0.4 according to the range logic:
when the evaluation system detects that a target session is opened, determining that the request type of a network request P to be evaluated is a reliability description type according to a configuration sample of the network request P to be evaluated, determining that an evaluation logic corresponding to the network request P to be evaluated is a range logic, determining that an auxiliary type request corresponding to the network request P to be evaluated is A according to the configured range logic, acquiring request information of the auxiliary type request A by the evaluation system, determining that a value corresponding to a value parameter of the auxiliary type request A is 2500 according to the request information, wherein the value is less than 3000, and determining that an evaluation result of the network request P to be evaluated is: the credible value of the network P to be evaluated is 0.4.
Further, in order to perform trusted evaluation on the network request to be evaluated through the auxiliary-type request to improve timeliness of the trusted evaluation, the step S20 includes: analyzing the evaluation logic; and determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the analysis result.
It will be appreciated that the evaluation logic is pre-configured, i.e. the secondary-type requests that have been determined to be required when configuring the evaluation logic are used to perform a trusted evaluation of the network requests to be evaluated.
In a specific implementation, the evaluation system analyzes an evaluation logic corresponding to a network request to be evaluated, so as to determine an auxiliary request included in the evaluation logic, where the auxiliary request is a plurality of auxiliary requests corresponding to the network request to be evaluated.
Further, for some auxiliary requests, the parameters transmitted therein have little influence on the result of the trusted evaluation, and only the order of the auxiliary requests or whether the auxiliary requests exist needs to be considered, in order to perform the trusted evaluation on the network request to be evaluated according to different types of auxiliary requests, so as to improve the accuracy of the trusted evaluation, the step S30 includes: acquiring request information of the auxiliary requests, and determining a request occurrence sequence corresponding to the auxiliary requests according to the request information; determining an inter-request order according to the evaluation logic; and determining the credible evaluation result of the network request to be evaluated according to the request occurrence sequence and the request inter-sequence.
It should be noted that the evaluation system may determine a logic type of the evaluation logic, obtain request information of the plurality of auxiliary requests when the logic type is sequential logic, and determine a request occurrence sequence corresponding to the plurality of auxiliary requests according to the request information.
It can be understood that the request information includes the generation time of the request in the target session, and the request generation sequence of several auxiliary type requests can be determined according to the generation time of each auxiliary type request, in the request generation sequence, the same time can correspond to one or more auxiliary type requests, and is determined by actual conditions; the inter-request sequence may be an occurrence sequence between a plurality of auxiliary requests configured in the sequential logic, and when the occurrence sequence of the requests is consistent with the inter-request sequence, the evaluation result configured in the sequential logic may be used as a trusted evaluation result of the network to be evaluated.
Further, in order to improve the accuracy of trusted evaluation, the determining a trusted evaluation result of the network request to be evaluated according to the request occurrence order and the inter-request order includes: when the sequence of the requests is consistent with the sequence among the requests, obtaining a credible value corresponding to the evaluation logic; and taking the credibility value as a credibility evaluation result of the network request to be evaluated.
In a specific implementation, when the request occurrence sequence is consistent with the sequence between the requests, the evaluation system determines that the network request to be evaluated is evaluated through the sequence logic, and uses a trusted value configured in the sequence logic or whether the network request is a trusted network request as a trusted evaluation result of the network to be evaluated.
For example, if the type of the network request to be evaluated is a reliability description type, the evaluation logic is a sequential logic, the auxiliary requests included in the sequential logic are A, B and C, where a is a preceding request of B and C, B and C may be present as long as there is no precedence relationship, the order of a may be set to 1, the order of B and C may be set to 2, and the configured sequential logic is as follows:
the evaluation system determines that the evaluation logic is sequential logic, acquires the request occurrence time of A, B and C, determines the request occurrence sequence to be A, C and B according to the request occurrence time, determines the sequence between the requests to be A first occurrence according to the sequential logic, has no precedence relation limitation between B and C, can judge that the request occurrence sequence is consistent with the sequence between the requests, and takes the confidence value 0.4 configured in the sequential logic as the confidence evaluation result of the network request to be evaluated; if the type of the network request to be evaluated is a credible type or not, the sequence logic can carry out simple configuration, the configuration information can be set as an array of the request identifier, and the sequence of the request identifier in the array represents the sending sequence of the auxiliary request under the expected condition. If the secondary request a should be sent before the secondary request B, it may be configured to: logic: { ORDER [ "A", "B" ], the configuration of the sequential logic can be adjusted according to the actual situation, and the embodiment is not limited herein.
Further, the evaluation logic comprises presence logic operable to evaluate the network request to be evaluated trustworthy only if certain secondary requests occur, e.g., secondary request a and secondary request B have been generated when the presence logic issues the network request to be evaluated, the presence logic is operable to:
the process of performing trusted evaluation through the presence logic may refer to the above, and this embodiment is not described herein again.
When the target session is detected to be opened, the embodiment determines an evaluation logic corresponding to the network request to be evaluated; determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic; and determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic. In the embodiment, when the target session is detected to be opened, the evaluation logic corresponding to the network to be evaluated is determined, the credible evaluation result of the network to be evaluated is determined according to the request information of the auxiliary requests and the evaluation logic corresponding to the evaluation logic, and compared with the prior art that the credible evaluation result is determined by analyzing historical data, the credible evaluation result of the network to be evaluated is determined by the request information of the auxiliary requests and the evaluation logic, the evaluation time length is shortened, and the timeliness of credible evaluation is improved.
Referring to fig. 3, fig. 3 is a flowchart illustrating a network request evaluation method according to a second embodiment of the present invention.
Based on the first embodiment described above, in the present embodiment, the step S30 includes:
step S301: and acquiring request information of the auxiliary requests, and determining a preset evaluation function according to the evaluation logic.
It should be noted that the evaluation logic includes existence logic, sequential logic, range logic, interval logic, function logic, and/or logic, and different evaluation logics may be configured according to specific scenarios, and a plurality of logics may be configured in one evaluation logic at the same time, for example, existence logic and sequential logic may be configured in the evaluation logic G at the same time, and may be configured according to practical application scenarios, which is not limited in this embodiment.
It can be understood that the function evaluation logic is configured with a preset evaluation function; when the evaluation logic is function evaluation logic, a preset evaluation function can be determined according to configuration parameters in the function evaluation logic.
Step S302: and determining a data source according to the parameters of the preset evaluation function, and acquiring target data from the request information according to the data source.
It should be understood that the preset evaluation function may be a function for performing trusted evaluation, the data source may be a source of function parameter data in the preset evaluation function, and the data source may be data in an auxiliary request; the target data may be auxiliary requested data obtained from a data source.
Step S303: and determining a credible evaluation result of the network request to be evaluated according to the target data and the preset evaluation function.
In the specific implementation, the evaluation system judges the logic type of the evaluation logic, determines a configured preset evaluation function according to configuration parameters of the function logic when the logic type is the function logic, determines a data source according to the parameters of the preset evaluation function, acquires target data from request information of an auxiliary type request according to the data source, inputs the target data into the preset evaluation function, judges whether the target data enables the preset evaluation function to be established, and determines a credible evaluation result of a network request to be evaluated according to a judgment result; the preset evaluation function may be set according to a specific scenario, and the embodiment is not limited herein.
In a specific implementation, assuming that the auxiliary requests are a and B, the function logic is: the condition that the network request to be evaluated is trusted is that the sum of value1 and value2 in request a is equal to value3 in request B, and the function logic is configurable to:
the evaluation system determines a preset evaluation FUNCTION according to configuration parameters of the FUNCTION logic, determines data sources to be value1 in a and value3 in values 2 and B according to the preset evaluation FUNCTION, determines target data to be value 1-1000, value 2-500, and value 3-1500 according to the data sources, and determines that the target data makes the preset evaluation FUNCTION true, so that the credible evaluation result of the network request to be evaluated can be determined as: a trusted network request; if a plurality of requests A exist, the value1 is an array in which all the value1 parameters in each request A are arranged in time sequence; the specific configuration of the function logic may be set according to specific situations, and the embodiment is not limited herein.
Further, in order to perform a trusted evaluation on a network request to be evaluated according to the transmission frequency of the request, when the evaluation logic is an interval logic, the main concern is whether to transmit a large number of secondary requests at a time interval shorter than a certain threshold, if the trusted frequency of the secondary request a is 1/sec, and the trusted evaluation is performed when the request is performed 10 times later, it may be configured that, assuming that the trusted degree of a certain interval logic is 0.4:
in the above logical interval configuration, the sendTimes configuration item indicates the number of times of request repetition when the request triggers the system time interval check, the parameter should be greater than or equal to 2, less than 2 or default to 2 when not configured, the unit of interval is millisecond (ms), when the time interval check is triggered, the time of first accepting the auxiliary request a is set as S, the sending time of the auxiliary request a when the time interval check is triggered is E, the number of request repetition times of the departure time interval check is T, the system will calculate (E-S)/T (ms), compare the calculation result with the set interval value, if the value is less than interval, the evaluation system determines that the evaluation result of the network request to be evaluated is not credible; the auxiliary type request may also be set as a network request to be evaluated, that is, reliability of the network request to be evaluated is evaluated according to the sending frequency of the network request to be evaluated, which is not limited herein.
Further, in order to improve the accuracy of reliability evaluation, when the logic type of the evaluation logic is an or logic, logic parameters of the or logic are obtained, a reliability evaluation result of the network request to be evaluated is determined according to the logic parameters and request information of a plurality of auxiliary type requests, for example, the logic parameters include a logic X and a logic Y, when the request information of the plurality of auxiliary type requests satisfies the logic X and the logic Y, it is determined that the network request to be evaluated is a reliable network request or a corresponding reliability value is output, and if the logic X is an auxiliary type request a before an auxiliary type request B, and the logic Y is that the auxiliary type request a and the auxiliary type request C exist at the same time, the or logic may be configured to:
in specific implementation, referring to fig. 4, fig. 4 is a structural block diagram of a network request evaluation system, a user initiates a session through a web end, the session includes a network request to be evaluated, an auxiliary type request, and a preconfigured evaluation logic, the evaluation logic includes presence logic, sequential logic, range logic, interval logic, function logic, and/or logic, the evaluation logic corresponding to the network request to be evaluated is determined, a plurality of auxiliary type requests corresponding to the network request to be evaluated are determined according to the determined evaluation logic, and a trusted evaluation result of the network request to be evaluated is determined according to request information of the plurality of auxiliary type requests and the determined evaluation logic, where the trusted evaluation result includes a return value described by whether the network request is trusted or not and a return value described by the degree of trust.
The embodiment acquires the request information of the auxiliary requests, and determines a preset evaluation function according to the evaluation logic; determining a data source according to the parameters of the preset evaluation function, and acquiring target data from the request information according to the data source; and determining a credible evaluation result of the network request to be evaluated according to the target data and the preset evaluation function. According to the method and the device, the data source is determined according to the preset evaluation function determined by the evaluation logic, the target data is obtained from the request information of the auxiliary requests according to the data source, the credible evaluation result of the network to be evaluated is determined according to the target data and the preset evaluation function, credible evaluation can be performed based on the function logic, the credible evaluation accuracy is improved, and meanwhile the reusability of the technical scheme of the embodiment is improved.
Referring to fig. 5, fig. 5 is a flowchart illustrating a network request evaluation method according to a third embodiment of the present invention.
Based on the foregoing embodiments, in this embodiment, before the step S10, the method further includes:
step S01: the method comprises the steps of obtaining a request type and an evaluation rule of a network request to be evaluated, wherein the request type comprises a credibility type and a credibility description type.
It is understood that the evaluation rule may be a rule for performing a trusted evaluation on the network request to be evaluated by an auxiliary request; the credibility description type may be a request type that needs to determine whether the network request to be evaluated is a credible request or an untrusted request, and the credibility description type may be a request type that needs to determine a credibility value of the network request to be evaluated, and for the network request to be evaluated of the credibility description type, the credibility evaluation result output by the evaluation system is: TRUSTED (TRUSTED) or untrusted (NOT TRUSTED); and for the network request to be evaluated of the credibility description type, the credibility evaluation result output by the evaluation system is a credibility value.
In a specific implementation, a configuration sample of the network request to be evaluated of the credibility description type may be:
the configuration sample of the network request to be evaluated may also take other forms, and the embodiment is not limited herein.
Step S02: obtaining an assistance request type of a plurality of assistance-type requests corresponding to the network request, wherein the assistance request type comprises a presence assistance request and a data assistance request.
It will be appreciated that a presence-type assistance request may be an assistance-type request with an emphasis on whether it is present or not; the data-type assistance request may be an assistance-type request that requires significant attention to the reasonableness or distribution of data in the request.
In a specific implementation, the presence assistance request may be denoted by EXISTENCE, and the DATA assistance request may be denoted by DATA _ BASED, and if a is the presence assistance request and B is the DATA assistance request, the configuration examples of a and B may be:
the configuration sample of the auxiliary network request may also take other forms, and the embodiment is not limited herein.
Step S03: and creating an evaluation logic corresponding to the network request to be evaluated according to the request type, the auxiliary request type and the evaluation rule.
It can be understood that the trusted evaluation result required to be configured in the evaluation logic can be determined according to the request type, the configuration logic can be determined according to the auxiliary request type and the evaluation rule, and the evaluation logic corresponding to the network to be evaluated is created according to the configuration logic and the trusted evaluation result.
Further, it is possible that certain network requests in the session need to be evaluated for trust, and if the evaluation is performed when the session is opened, the evaluation would result in a waste of computing resources, and in order to save the computing resources, before the step S10, the method further includes: when detecting that a user requests to initiate a session, acquiring session request information of the session request initiated by the user; and when the session request information is consistent with the preset request information, judging that the target session is opened.
It is understood that the session request information may be information of a network request generated after a user opens a session; the preset request information may be information of a preset network request, that is, the present embodiment may configure the initial request by setting the preset request information.
In the specific implementation, when detecting that a user initiates a session request, the evaluation system judges whether preset request information exists, if not, judges that a target session is opened, if so, acquires session request information of the session request, and when the session request information is consistent with the preset request information, judges that the session request is an initial request, namely, judges that the target session is opened.
For example, there is a game W, a user in the game scores a score by operating a pinball to hit bricks of various shapes (1 score is obtained by hitting once), after hitting a certain number of blocks, the next closing is performed, during the game, the bricks will continuously rise until the game touching the top of a window is finished, at this time, score data will be sent to a server, assuming that the user may cheat by actively running a request for sending a score, whether a cheating behavior exists in the game can be credibly evaluated by the network request evaluation method of this embodiment, and before the evaluation logic configuration is performed, it is ensured that the following behaviors of the user are buried in the game: a. a user enters a buried point request menu of a menu; b. a user clicks a buried point request start for starting a game; c. a buried point request level for passing a pass of a user and a level of a parameter level thereof; d. upload score request uploadScore, and its parameters score; the embedded point requests in menu, start and levelUp are auxiliary requests, the type is a data type auxiliary request, the uploadScore is a network request to be evaluated, and the type is a credibility type or not; assuming that the relationship between the checkpoint number l and the final score is a preset evaluation function under normal conditions, the expression of the preset evaluation functionThe form is as follows:
the evaluation rule may be: the behavior embedding sequence of the user is as follows: menu->start->levelUp->The uploadScore sends a point of past customs for the first time when entering the first customs, and is a network request to be evaluated without configuration; secondly, parameters requested by the user accord with the relationship shown by a preset evaluation function; and thirdly, if the passing-closing and burying frequency of the user should not exceed 20 seconds/time, the evaluation logic configured according to the request type, the auxiliary request type and the evaluation rule of the network request to be evaluated can be as follows:
namely, the sequential logic is menu-start-level, the target data is the number of checkpoints and the final score, the preset evaluation function is established in the number of checkpoints and the final score, and the frequency of the user passing through the checkpoint is less than 20 seconds/time, then the determined credible evaluation result is: the network request to be evaluated is a credible request, namely, the user does not have cheating behavior.
The embodiment acquires a request type and an evaluation rule of a network request to be evaluated, wherein the request type comprises a credibility type and a credibility description type; acquiring auxiliary request types of a plurality of auxiliary requests corresponding to the network request, wherein the auxiliary request types comprise a presence type auxiliary request and a data type auxiliary request; and creating an evaluation logic corresponding to the network request to be evaluated according to the request type, the auxiliary request type and the evaluation rule. According to the embodiment, the evaluation logic corresponding to the network request to be evaluated is created according to the request type and the request rule of the network request to be evaluated and the auxiliary request type, so that the corresponding evaluation logic can be created according to an actual scene, and the reusability of the technical scheme of the embodiment is improved.
In addition, an embodiment of the present invention further provides a storage medium, where a network request evaluation program is stored on the storage medium, and the network request evaluation program, when executed by a processor, implements the steps of the network request evaluation method described above.
Referring to fig. 6, fig. 6 is a block diagram illustrating a first embodiment of a network request evaluation apparatus according to the present invention.
As shown in fig. 6, a network request evaluation apparatus according to an embodiment of the present invention includes: a detection module 10, a determination module 20 and an evaluation module 30.
The detection module 10 is configured to determine an evaluation logic corresponding to a network request to be evaluated when it is detected that a target session is opened;
the determining module 20 is configured to determine, according to the evaluation logic, a plurality of auxiliary requests corresponding to the network request to be evaluated;
the evaluation module 30 is configured to determine a trusted evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic.
When the target session is detected to be opened, the embodiment determines an evaluation logic corresponding to the network request to be evaluated; determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic; and determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic. In the embodiment, when the target session is detected to be opened, the evaluation logic corresponding to the network to be evaluated is determined, and the trusted evaluation result of the network to be evaluated is determined according to the request information of the plurality of auxiliary requests and the evaluation logic corresponding to the evaluation logic.
Based on the first embodiment of the network request evaluation device of the present invention, a second embodiment of the network request evaluation device of the present invention is provided.
In this embodiment, the evaluation module 30 is further configured to obtain request information of the plurality of auxiliary requests, and determine a request occurrence sequence corresponding to the plurality of auxiliary requests according to the request information; determining an inter-request order according to the evaluation logic; and determining the credible evaluation result of the network request to be evaluated according to the request occurrence sequence and the request inter-sequence.
The evaluation module 30 is further configured to obtain a trusted value corresponding to the evaluation logic when the order of the requests is consistent with the order among the requests; and taking the credibility value as a credibility evaluation result of the network request to be evaluated.
The evaluation module 30 is further configured to obtain request information of the plurality of auxiliary requests, and determine a preset evaluation function according to the evaluation logic; determining a data source according to the parameters of the preset evaluation function, and acquiring target data from the request information according to the data source; and determining a credible evaluation result of the network request to be evaluated according to the target data and the preset evaluation function.
The determination module 20 is further configured to analyze the evaluation logic; and determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the analysis result.
The detection module 10 is further configured to, when it is detected that a user requests to initiate a session, obtain session request information of a session request initiated by the user; and when the session request information is consistent with the preset request information, judging that the target session is opened.
The detection module 10 is further configured to obtain a request type and an evaluation rule of a network request to be evaluated, where the request type includes a credibility type and a credibility description type; acquiring auxiliary request types of a plurality of auxiliary requests corresponding to the network request, wherein the auxiliary request types comprise a presence type auxiliary request and a data type auxiliary request; and creating an evaluation logic corresponding to the network request to be evaluated according to the request type, the auxiliary request type and the evaluation rule.
Other embodiments or specific implementations of the network request evaluation apparatus of the present invention may refer to the above method embodiments, and are not described herein again.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., a rom/ram, a magnetic disk, an optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all equivalent structures or equivalent processes performed by the present invention or directly or indirectly applied to other related technical fields are also included in the scope of the present invention.
Claims (10)
1. A network request evaluation method, the method comprising:
when the target session is detected to be opened, determining an evaluation logic corresponding to a network request to be evaluated;
determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic;
and determining a credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic.
2. The method of claim 1, wherein the determining a trusted evaluation result of the network-under-evaluation request according to the request information of the auxiliary requests and the evaluation logic comprises:
acquiring request information of the auxiliary requests, and determining a request occurrence sequence corresponding to the auxiliary requests according to the request information;
determining an inter-request order according to the evaluation logic;
and determining a credible evaluation result of the network request to be evaluated according to the request generation sequence and the request inter-request sequence.
3. The method of claim 2, wherein the determining the trusted evaluation result of the network requests to be evaluated according to the request occurrence order and the inter-request order comprises:
when the sequence of the requests is consistent with the sequence among the requests, obtaining a credible value corresponding to the evaluation logic;
and taking the credibility value as a credibility evaluation result of the network request to be evaluated.
4. The method of claim 1, wherein the determining a trusted evaluation result of the network-under-evaluation request according to the request information of the auxiliary requests and the evaluation logic comprises:
acquiring request information of the auxiliary requests, and determining a preset evaluation function according to the evaluation logic;
determining a data source according to the parameters of the preset evaluation function, and acquiring target data from the request information according to the data source;
and determining a credible evaluation result of the network request to be evaluated according to the target data and the preset evaluation function.
5. The method of any of claims 1-4, wherein said determining, from said evaluation logic, a number of secondary requests corresponding to said network request to be evaluated comprises:
analyzing the evaluation logic;
and determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the analysis result.
6. The method according to any one of claims 1 to 4, wherein before determining an evaluation logic corresponding to the network request to be evaluated when the target session is detected to be opened, the method further comprises:
when detecting that a user requests to initiate a session, acquiring session request information of the session request initiated by the user;
and when the session request information is consistent with the preset request information, judging that the target session is opened.
7. The method according to any one of claims 1 to 4, wherein before determining an evaluation logic corresponding to the network request to be evaluated when the target session is detected to be opened, the method further comprises:
acquiring a request type and an evaluation rule of a network request to be evaluated, wherein the request type comprises a credibility type and a credibility description type;
acquiring auxiliary request types of a plurality of auxiliary requests corresponding to the network request, wherein the auxiliary request types comprise a presence type auxiliary request and a data type auxiliary request;
and creating an evaluation logic corresponding to the network request to be evaluated according to the request type, the auxiliary request type and the evaluation rule.
8. A network request evaluation apparatus, the apparatus comprising:
the detection module is used for determining the evaluation logic corresponding to the network request to be evaluated when the target session is detected to be opened;
the determining module is used for determining a plurality of auxiliary requests corresponding to the network requests to be evaluated according to the evaluation logic;
and the evaluation module is used for determining the credible evaluation result of the network request to be evaluated according to the request information of the auxiliary requests and the evaluation logic.
9. A network request evaluation device, the device comprising: a memory, a processor and a network request evaluation program stored on the memory and executable on the processor, the network request evaluation program being configured to implement the steps of the network request evaluation method of any of claims 1 to 7.
10. A storage medium, characterized in that the storage medium has stored thereon a network request evaluation program which, when executed by a processor, implements the steps of the network request evaluation method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210683264.6A CN115102742A (en) | 2022-06-16 | 2022-06-16 | Network request evaluation method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210683264.6A CN115102742A (en) | 2022-06-16 | 2022-06-16 | Network request evaluation method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115102742A true CN115102742A (en) | 2022-09-23 |
Family
ID=83291229
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210683264.6A Pending CN115102742A (en) | 2022-06-16 | 2022-06-16 | Network request evaluation method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115102742A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108781426A (en) * | 2016-03-17 | 2018-11-09 | T移动美国公司 | Communication session is registered and auxiliary request processing |
| US20190364049A1 (en) * | 2018-05-24 | 2019-11-28 | International Business Machines Corporation | Secure provisioning of unknown devices through trusted third-party devices |
| CN112199483A (en) * | 2020-10-10 | 2021-01-08 | 深圳壹账通智能科技有限公司 | Information input assisting method and device, electronic equipment and storage medium |
| CN112418580A (en) * | 2019-08-22 | 2021-02-26 | 上海哔哩哔哩科技有限公司 | Risk control method, computer equipment and readable storage medium |
| CN112651619A (en) * | 2020-12-22 | 2021-04-13 | 上海哔哩哔哩科技有限公司 | Business-oriented wind control method and device |
| CN114598540A (en) * | 2022-03-18 | 2022-06-07 | 北京启明星辰信息安全技术有限公司 | Access control system, method, device and storage medium |
-
2022
- 2022-06-16 CN CN202210683264.6A patent/CN115102742A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108781426A (en) * | 2016-03-17 | 2018-11-09 | T移动美国公司 | Communication session is registered and auxiliary request processing |
| US20190364049A1 (en) * | 2018-05-24 | 2019-11-28 | International Business Machines Corporation | Secure provisioning of unknown devices through trusted third-party devices |
| CN112418580A (en) * | 2019-08-22 | 2021-02-26 | 上海哔哩哔哩科技有限公司 | Risk control method, computer equipment and readable storage medium |
| CN112199483A (en) * | 2020-10-10 | 2021-01-08 | 深圳壹账通智能科技有限公司 | Information input assisting method and device, electronic equipment and storage medium |
| CN112651619A (en) * | 2020-12-22 | 2021-04-13 | 上海哔哩哔哩科技有限公司 | Business-oriented wind control method and device |
| CN114598540A (en) * | 2022-03-18 | 2022-06-07 | 北京启明星辰信息安全技术有限公司 | Access control system, method, device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10846402B2 (en) | Security scanning method and apparatus for mini program, and electronic device | |
| CN109388532B (en) | Test method, test device, electronic equipment and computer readable storage medium | |
| CN111611591B (en) | Firmware bug detection method and device, storage medium and electronic equipment | |
| CN108763951B (en) | Data protection method and device | |
| CN112084497A (en) | Method and device for detecting malicious program of embedded Linux system | |
| CN110881051B (en) | Security risk event processing method, device, equipment and storage medium | |
| KR101138748B1 (en) | Apparatus, system and method for preventing malicious codes | |
| KR101972825B1 (en) | Method and apparatus for automatically analyzing vulnerable point of embedded appliance by using hybrid analysis technology, and computer program for executing the method | |
| CN109547426B (en) | Service response method and server | |
| CN110855642B (en) | Application vulnerability detection method and device, electronic equipment and storage medium | |
| CN109460653B (en) | Rule engine based verification method, verification device, storage medium and apparatus | |
| CN113190838A (en) | Web attack behavior detection method and system based on expression | |
| CN112307464A (en) | Fraud identification method and device and electronic equipment | |
| CN109818972B (en) | Information security management method and device for industrial control system and electronic equipment | |
| US9348999B2 (en) | User terminal, reliability management server, and method and program for preventing unauthorized remote operation | |
| CN108037989B (en) | SDK component identification method and device | |
| CN115102742A (en) | Network request evaluation method, device, equipment and storage medium | |
| CN110752933A (en) | Verification code input method and device, electronic equipment and storage medium | |
| CN106446719B (en) | Method for preventing eSIM file from being tampered and mobile terminal | |
| CN113438225B (en) | Vehicle-mounted terminal vulnerability detection method, system, equipment and storage medium | |
| CN110719274B (en) | Network security control method, device, equipment and storage medium | |
| CN109714371B (en) | Industrial control network safety detection system | |
| CN113190836A (en) | Web attack behavior detection method and system based on local command execution | |
| CN112988325A (en) | Android simulator identification method and system based on user information | |
| CN107908961B (en) | Malicious webpage detection method, equipment and storage medium based on virtualization |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |