CN115118492B - Equipment state monitoring system and method based on TCP access - Google Patents

Equipment state monitoring system and method based on TCP access Download PDF

Info

Publication number
CN115118492B
CN115118492B CN202210732534.8A CN202210732534A CN115118492B CN 115118492 B CN115118492 B CN 115118492B CN 202210732534 A CN202210732534 A CN 202210732534A CN 115118492 B CN115118492 B CN 115118492B
Authority
CN
China
Prior art keywords
advertisement
interface information
information
equipment
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210732534.8A
Other languages
Chinese (zh)
Other versions
CN115118492A (en
Inventor
刘智勇
陈敏超
翁炜城
洪超
钟海维
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hongrui Information Technology Co Ltd
Original Assignee
Zhuhai Hongrui Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Hongrui Information Technology Co Ltd filed Critical Zhuhai Hongrui Information Technology Co Ltd
Priority to CN202210732534.8A priority Critical patent/CN115118492B/en
Publication of CN115118492A publication Critical patent/CN115118492A/en
Application granted granted Critical
Publication of CN115118492B publication Critical patent/CN115118492B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0241Advertisements
    • G06Q30/0277Online advertisement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Development Economics (AREA)
  • Accounting & Taxation (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Finance (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Game Theory and Decision Science (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a system and a method for monitoring equipment state based on TCP access, wherein the system comprises an equipment state monitoring and pre-estimating module, a state monitoring and pre-estimating module and a state monitoring and pre-estimating module, wherein the equipment state monitoring and pre-estimating module is used for acquiring the sum of the product of an access danger state coefficient and an information extraction difficulty coefficient corresponding to each interface information in the same time of equipment to obtain a state monitoring pre-estimated value corresponding to the time of the equipment; and the equipment regulation and control module regulates and controls each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment. The method monitors the interface information of each application in the TCP access information of the equipment in real time, analyzes the access danger state coefficient and the information extraction difficulty coefficient corresponding to each interface information, quantifies the state of the equipment in real time to obtain the state monitoring estimated value corresponding to the equipment, regulates and controls the application in the equipment, and ensures the safety of the access state of the equipment in real time.

Description

Equipment state monitoring system and method based on TCP access
Technical Field
The invention relates to the technical field of equipment state monitoring, in particular to a system and a method for monitoring equipment state based on TCP access.
Background
With the rapid development of the internet technology, the realization of traffic change through advertisement implantation becomes the mainstream change means of each application, the method not only realizes the purpose of product publicity, but also can reduce the operation cost of the application, and is convenient for the corresponding enterprise to obtain more funds to optimize the application and the corresponding service, thereby improving the user experience of the application, realizing the effect of achieving multiple purposes at one stroke, and facilitating the benign development of the internet enterprise.
In actual life, however, each application is relatively simple in advertisement management, and does not undergo strict screening, and sensitive information or viruses exist in advertisement links, so that a user is greatly influenced in the application using process, and the access state of user equipment faces a large risk.
Disclosure of Invention
The present invention provides a system and a method for monitoring device status based on TCP access, so as to solve the problems in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: the device state monitoring method based on TCP access comprises the following steps:
s1, acquiring running data in each application of equipment in real time, and extracting interface information and user retrieval keywords corresponding to the running data of each application in the equipment;
s2, judging whether each interface information contains an advertisement or not, and identifying whether a link interface corresponding to the advertisement contained in the interface information contains a risk factor or not and the level and the number of the risk factor when the interface information contains the advertisement;
s3, extracting keywords in the advertisement information contained in the interface information, identifying the type of the advertisement contained in the interface information, calculating the matching degree between the advertisement type and the user search keyword, and calculating the access risk state coefficient of the interface information according to whether a link interface corresponding to the advertisement contained in the interface information contains risk factors and the level and number of the risk factors;
s4, obtaining the area covered by the advertisement in the text information corresponding to the user search keyword in the interface information, the recognition degree of the characters covered by the advertisement area and the ratio of the area of the advertisement elimination button to the area of a single character in the text, calculating the information extraction difficulty coefficient in the interface information,
when the interface information does not contain the advertisement, judging that the access danger state coefficient and the information extraction difficulty coefficient of the interface information are both 0;
s5, obtaining the sum of the product of the access danger state coefficient corresponding to each interface information and the information extraction difficulty coefficient in the same time of the equipment to obtain a state monitoring estimated value corresponding to the time of the equipment;
and S6, regulating and controlling each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment.
Further, when extracting the interface information corresponding to the running data of each application in the device in S1, storing the interface information corresponding to the nth application at time t into a blank set, and establishing an association relationship with the user search keyword corresponding to the nth application at time t,
the interface information comprises text information and advertisement information in a retrieval interface corresponding to the user retrieval keyword, the text information comprises text content and text distribution position,
the advertisement information comprises advertisement picture positions and advertisement link interface information.
The method and the device establish the association between the interface information and the user retrieval keywords, so that the matching degree between the advertisement types and the user retrieval keywords can be conveniently analyzed in the subsequent process, and meanwhile, one device comprises a plurality of applications, and the interface information corresponding to different applications at different time is different; the interface information not only contains information that the user needs to retrieve, but also possibly contains inserted advertisement information, and the advertisement information can cause interference to the retrieved text information.
Further, in S2, when the interface information includes the advertisement, the method for identifying whether the link interface corresponding to the advertisement included in the interface information includes the risk factor and the level and number of the risk factor includes the following steps:
s2.1, acquiring character contents in the advertisement link interface information and each plug-in included in the advertisement link interface information;
s2.2, extracting keywords from the text content in the advertisement link interface information, summarizing the extracted keywords to obtain an advertisement link interface keyword set, comparing elements in the advertisement link interface keyword set with a risk factor keyword set prefabricated in a database one by one,
when the element in the keyword set of the advertisement link interface is contained in the risk factor keyword set prefabricated in the database, judging that the element in the keyword set of the advertisement link interface is a risk factor, acquiring the risk factor level associated with the element in the risk factor keyword set prefabricated in the database, wherein the risk factor levels associated with different elements in the risk factor keyword set prefabricated in the database are different,
when the element in the advertisement link interface keyword set does not contain the risk factor keyword set prefabricated in the database, judging that the element in the advertisement link interface keyword set is not a risk factor;
s2.3, obtaining codes in each plug-in unit contained in the advertisement link interface information, and cutting each plug-in unit code once every other first unit length to obtain a plurality of code segments, wherein the first unit length is a preset constant in the database;
s2.4, comparing the code segment corresponding to each plug-in contained in the advertisement link interface information with a set of risk factor code segments prefabricated in a database,
when the code segment contains a preset risk factor code segment set in a database, judging the code segment as a risk factor, acquiring the risk factor level associated with the code segment in the preset risk factor code segment set in the database, wherein the risk factor levels associated with different code segments in the preset risk factor code segment set in the database are different,
when the code segment does not contain the risk factor code segment set prefabricated in the database, judging that the code segment is not a risk factor;
and S2.5, counting the number of the risk factors corresponding to each risk factor level in the S2.2 and the S2.4.
In the process of identifying whether a link interface corresponding to an advertisement contained in interface information contains danger factors and the levels and the number of the danger factors, the invention analyzes from two angles of sensitive keywords related to the text content in the advertisement link interface information and virus code segments in each plug-in contained in the advertisement link interface information, respectively obtains the levels and the number of the danger factors related to different sensitive keywords and virus code segments, and further provides data reference for the access danger state coefficient of the subsequent analysis interface information.
Further, the risk factors in S2 comprise virus fragments and sensitive keywords,
the virus segments are corresponding code segments in the risk factors, the sensitive keywords are keywords in the risk factors, and the risk factor levels corresponding to the code segments are the same as the risk factor levels corresponding to the keywords.
Further, the method for calculating the matching degree between the advertisement type and the user search keyword in S3 includes the following steps:
s3.1, removing elements corresponding to the risk factors in the advertisement link interface keyword set to obtain a calibrated advertisement link interface keyword set;
s3.2, calculating the intersection of the calibrated advertisement link interface keyword set and the keyword word set corresponding to each advertisement type prefabricated by the database, and recording the advertisement type corresponding to the intersection with the maximum element number as the advertisement type corresponding to the calibrated advertisement link interface keyword set;
s3.3, obtaining the probability of the occurrence of each advertisement type corresponding to each user retrieval keyword in the historical data, recording as the standard probability of each advertisement type corresponding to the user retrieval keyword,
obtaining the standard probability of the advertisement type corresponding to each user search keyword in the historical data input by the user corresponding to the calibrated advertisement link interface keyword set,
taking the average value of the advertisement type standard probabilities corresponding to each retrieval keyword of the user as an advertisement type standard probability reference value of the corresponding user in historical data of the user corresponding to the calibrated advertisement link interface keyword set, and recording the average value as a first reference value CZ1;
s3.4, acquiring standard probability of the user retrieval keywords corresponding to the interface information in historical data input by all users aiming at the advertisement types corresponding to the calibrated advertisement link interface keyword set, and recording the standard probability as a second reference value CZ2;
s3.5, obtaining the matching degree PD between the advertisement type and the user search keyword,
PD={CZ1,CZ2}min/{CZ1,CZ2}max
the { CZ1, CZ2} min represents the smaller value of CZ1 and CZ2, and the { CZ1, CZ2} max represents the larger value of CZ1 and CZ2;
recording the matching degree between the advertisement type and the user retrieval keyword when the nth application is applied at time t as PDnt;
the access risk state coefficient of the interface information applied at the nth time t is recorded as Wnt,
Figure GDA0003982842730000041
wherein, mnt j And j1 represents the maximum value of the risk factor level in the advertisement link interface information corresponding to the interface information.
In the process of calculating the matching degree between the advertisement types and the user retrieval keywords, a first reference value is obtained for obtaining the standard probability condition of the advertisement types corresponding to each retrieval keyword in the historical retrieval data of the user, so as to embody the condition of the overall access application of the user, a second reference value is obtained for obtaining the standard probability of the advertisement types corresponding to the advertisement link interface keyword set after the user retrieval keywords are calibrated, if the first reference value is the same as the second reference value, the matching degree between the corresponding advertisement types and the user retrieval keywords is 1, otherwise, the matching degree between the corresponding advertisement types and the user retrieval keywords is smaller than 1, and specifically, the quotient is obtained by dividing the smaller value of the first reference value and the second reference value by the larger value of the first reference value and the second reference value.
Further, the method for calculating the information extraction difficulty coefficient in the interface information in S4 includes the following steps:
s4.1, acquiring an area Sf1 covered by the advertisement in the text information corresponding to the user search keyword in the interface information and an area Sf2 of the text information corresponding to the user search keyword in the interface information;
s4.2, acquiring a ratio e1 of the area of the advertisement elimination button to the area of a single text;
s4.3, intercepting the picture corresponding to the position of the advertisement picture in the interface information, carrying out gray processing on the intercepted picture, comparing the absolute values of the gray value difference values corresponding to two adjacent pixel points in the picture after the gray processing, marking the point with the larger gray value in the two adjacent pixel points of which the absolute value of the gray value difference value is more than or equal to a first threshold value to obtain the picture after the marking processing, wherein the first threshold value is a preset constant in a database,
performing character recognition on the marked picture to obtain recognized characters,
and comparing the recognized characters with the text characters covered by the captured picture to obtain the ratio of the recognized correct characters to the total number of the covered text characters, which is recorded as g1,
marking the gray values corresponding to the pixel points occupied by the characters except for the identified character in the marked picture as 0, marking the gray values corresponding to the pixel points occupied by the characters as 1 to obtain a first marked picture, marking the gray values corresponding to the pixel points occupied by the characters in the picture covering the text area as 1, and marking the rest as 0 to obtain a second marked picture,
comparing whether the gray values corresponding to the pixel points at the same position in the first marked picture and the second marked picture are the same or not, and counting the ratio of the number of the pixel points with different gray values to the number of the pixel points with the same gray value, and recording the ratio as g2;
s4.4, obtaining the information extraction difficulty coefficient in the interface information
Figure GDA0003982842730000051
And recording the information extraction difficulty coefficient of the interface information when the nth application is applied at time t as W1nt.
In the process of calculating the information extraction difficulty coefficient in the interface information in the invention S4, the information extraction difficulty coefficient in the interface information is quantized by considering five angles, namely an area Sf1 covered by an advertisement in text information corresponding to a user retrieval keyword in the interface information, an area Sf2 corresponding to the text information corresponding to the user retrieval keyword in the interface information and ratios e1, g1 and g2 of the area of an advertisement elimination button relative to the area of a single text, wherein the values of g1 and g2 reflect the identification difficulty of the text information in an advertisement picture covering area, and the larger the value of g1 or g2 is, the higher the identification difficulty of the text information in the advertisement picture covering area is, and the larger the information extraction difficulty coefficient in the interface information is; the ratio e1 of the area of the advertisement elimination button to the area of a single text visually reflects the elimination difficulty of the advertisement picture, the larger e1 is, the easier the advertisement picture is to eliminate, and the smaller the information extraction difficulty coefficient in the interface information is; the ratio between Sf1 and Sf2 directly reflects the coverage degree of the text information, and the larger the ratio is, the higher the coverage degree is, and the larger the information extraction difficulty coefficient in the interface information is.
Further, when the state monitoring estimated value corresponding to the time of the device is obtained in S5, the state monitoring estimated value corresponding to the time t of the device is recorded as PGt,
Figure GDA0003982842730000061
wherein N represents the number of applications in the equipment and N is more than or equal to 1.
Further, the method for regulating and controlling each application in the device in S6 includes the following steps:
s6.1, acquiring a state monitoring estimated value corresponding to the current time;
s6.2, comparing the state monitoring estimated value corresponding to the current time with a second threshold value, wherein the second threshold value is a preset constant in a database,
if the state monitoring estimated value corresponding to the current time is smaller than the second threshold value, not regulating and controlling each application in the current time equipment,
if the state monitoring estimated value corresponding to the current time is larger than or equal to the second threshold, closing the application with the largest product of the access danger state coefficient of the corresponding interface information in the current time equipment and the information extraction difficulty coefficient, and comparing the state monitoring estimated value after closing the application with the second threshold.
A TCP access based device status monitoring system, the system comprising:
the application information acquisition module acquires running data in each application of the equipment in real time and extracts interface information and user retrieval keywords corresponding to the running data of each application in the equipment;
the risk factor analysis module judges whether each interface information contains an advertisement, and when the interface information contains the advertisement, the risk factor analysis module identifies whether a link interface corresponding to the advertisement contained in the interface information contains a risk factor and the grade and number of the risk factor;
the system comprises an access danger state coefficient acquisition module, a risk factor acquisition module and a risk factor analysis module, wherein the access danger state coefficient acquisition module extracts keywords in advertisement information contained in interface information, identifies the types of advertisements contained in the interface information, calculates the matching degree between the advertisement types and user search keywords, and calculates the access danger state coefficient of the interface information by combining whether a link interface corresponding to the advertisements contained in the interface information contains danger factors and the levels and the number of the danger factors;
an information extraction difficulty coefficient obtaining module, wherein the information extraction difficulty coefficient obtaining module obtains the area covered by the advertisement in the text information corresponding to the user search keyword in the interface information, the recognition degree of the characters covered by the advertisement area and the ratio of the area of the advertisement elimination button to the area of a single character in the text, calculates the information extraction difficulty coefficient in the interface information,
when the interface information does not contain the advertisement, judging that the access danger state coefficient and the information extraction difficulty coefficient of the interface information are both 0;
the equipment state monitoring and estimating module is used for acquiring the sum of the product of the access danger state coefficient and the information extraction difficulty coefficient corresponding to each interface information in the same time of the equipment to obtain a state monitoring estimated value corresponding to the time of the equipment;
and the equipment regulation and control module is used for regulating and controlling each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment.
Compared with the prior art, the invention has the following beneficial effects: the method monitors the interface information of each application in the TCP access information of the equipment in real time, analyzes the access danger state coefficient and the information extraction difficulty coefficient corresponding to each interface information, quantifies the state of the equipment in real time to obtain the state monitoring estimated value corresponding to the equipment, regulates and controls the application in the equipment, and ensures the safety of the access state of the equipment in real time.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a flow chart of a TCP access-based device status monitoring method according to the present invention;
fig. 2 is a schematic structural diagram of a device status monitoring system based on TCP access according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, the present invention provides a technical solution: the device state monitoring method based on TCP access comprises the following steps:
s1, acquiring running data in each application of equipment in real time, and extracting interface information and user retrieval keywords corresponding to the running data of each application in the equipment;
s2, judging whether each interface information contains an advertisement or not, and identifying whether a link interface corresponding to the advertisement contained in the interface information contains a risk factor or not and the level and the number of the risk factor when the interface information contains the advertisement;
s3, extracting keywords in the advertisement information contained in the interface information, identifying the type of the advertisement contained in the interface information, calculating the matching degree between the advertisement type and the user search keyword, and calculating the access risk state coefficient of the interface information according to whether a link interface corresponding to the advertisement contained in the interface information contains risk factors and the level and number of the risk factors;
s4, obtaining the area covered by the advertisement in the text information corresponding to the user search keyword in the interface information, the recognition degree of the characters covered by the advertisement area and the ratio of the area of the advertisement elimination button to the area of a single character in the text, calculating the information extraction difficulty coefficient in the interface information,
when the interface information does not contain the advertisement, judging that the access danger state coefficient and the information extraction difficulty coefficient of the interface information are both 0;
s5, obtaining the sum of the product of the access danger state coefficient corresponding to each interface information and the information extraction difficulty coefficient in the same time of the equipment to obtain a state monitoring estimated value corresponding to the time of the equipment;
and S6, regulating and controlling each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment.
When extracting the interface information corresponding to the running data of each application in the device in S1, storing the interface information corresponding to the nth application at time t into a blank set, establishing an association relation with the user search keyword corresponding to the nth application at time t,
the interface information comprises text information and advertisement information in a retrieval interface corresponding to the user retrieval keyword, the text information comprises text content and text distribution position,
the advertisement information comprises advertisement picture positions and advertisement link interface information.
The method and the device establish the association between the interface information and the user retrieval keywords, so that the matching degree between the advertisement types and the user retrieval keywords can be conveniently analyzed in the subsequent process, and meanwhile, one device comprises a plurality of applications, and the interface information corresponding to different applications at different time is different; the interface information not only contains information that the user needs to retrieve, but also possibly contains inserted advertisement information, and the advertisement information can cause interference to the retrieved text information.
In S2, when the interface information includes the advertisement, the method for identifying whether the link interface corresponding to the advertisement included in the interface information includes the risk factor and the level and number of the risk factor includes the following steps:
s2.1, acquiring character contents in the advertisement link interface information and each plug-in included in the advertisement link interface information;
s2.2, extracting keywords from the text content in the advertisement link interface information, summarizing the extracted keywords to obtain an advertisement link interface keyword set, comparing elements in the advertisement link interface keyword set with a risk factor keyword set prefabricated in a database one by one,
when the elements in the keyword set of the advertisement link interface are contained in the preset risk factor keyword set in the database, judging the elements in the keyword set of the advertisement link interface as risk factors, acquiring the risk factor levels associated with the elements in the preset risk factor keyword set in the database, wherein the risk factor levels associated with different elements in the preset risk factor keyword set in the database are different,
when the element in the advertisement link interface keyword set does not contain the risk factor keyword set prefabricated in the database, judging that the element in the advertisement link interface keyword set is not a risk factor;
s2.3, obtaining codes in each plug-in unit contained in the advertisement link interface information, and cutting each plug-in unit code once every other first unit length to obtain a plurality of code segments, wherein the first unit length is a preset constant in the database;
s2.4, comparing the code segment corresponding to each plug-in contained in the advertisement link interface information with a set of risk factor code segments prefabricated in a database,
when the code segment contains a preset danger factor code segment set in a database, judging the code segment as a danger factor, acquiring the danger factor level associated with the code segment in the preset danger factor code segment set in the database, wherein the danger factor levels associated with different code segments in the preset danger factor code segment set in the database are different,
when the code segment does not contain the risk factor code segment set prefabricated in the database, judging that the code segment is not a risk factor;
and S2.5, counting the number of the risk factors corresponding to each risk factor level in the S2.2 and the S2.4.
In the process of identifying whether a link interface corresponding to an advertisement contained in interface information contains danger factors and the levels and the number of the danger factors, the invention analyzes from two angles of sensitive keywords related to the text content in the advertisement link interface information and virus code segments in each plug-in contained in the advertisement link interface information, respectively obtains the levels and the number of the danger factors related to different sensitive keywords and virus code segments, and further provides data reference for the access danger state coefficient of the subsequent analysis interface information.
The risk factors in S2 comprise virus fragments and sensitive keywords,
the virus segments are corresponding code segments in the risk factors, the sensitive keywords are keywords in the risk factors, and the risk factor levels corresponding to the code segments are the same as the risk factor levels corresponding to the keywords.
The method for calculating the matching degree between the advertisement type and the user retrieval keyword in the S3 comprises the following steps:
s3.1, removing elements corresponding to the risk factors in the advertisement link interface keyword set to obtain a calibrated advertisement link interface keyword set;
s3.2, calculating the intersection of the calibrated advertisement link interface keyword set and the keyword word set corresponding to each advertisement type prefabricated by the database, and recording the advertisement type corresponding to the intersection with the maximum element number as the advertisement type corresponding to the calibrated advertisement link interface keyword set;
s3.3, obtaining the probability of the occurrence of each advertisement type corresponding to each user retrieval keyword in the historical data, recording as the standard probability of each advertisement type corresponding to the user retrieval keyword,
obtaining the standard probability of the advertisement type corresponding to each user search keyword in the historical data input by the user corresponding to the calibrated advertisement link interface keyword set,
taking the average value of the advertisement type standard probabilities corresponding to each retrieval keyword of the user as an advertisement type standard probability reference value of the corresponding user in historical data of the user corresponding to the calibrated advertisement link interface keyword set, and recording the average value as a first reference value CZ1;
s3.4, acquiring standard probability of the user retrieval keywords corresponding to the interface information in historical data input by all users aiming at the advertisement types corresponding to the calibrated advertisement link interface keyword set, and recording the standard probability as a second reference value CZ2;
s3.5, obtaining the matching degree PD between the advertisement type and the user search keyword,
PD={CZ1,CZ2}min/{CZ1,CZ2}max
the { CZ1, CZ2} min represents the smaller value of CZ1 and CZ2, and the { CZ1, CZ2} max represents the larger value of CZ1 and CZ2;
in this embodiment, if the average value of the advertisement type standard probabilities corresponding to the advertisement types corresponding to each search keyword of the user a is 0.2,
if the standard probability that the advertisement type appearing in the interface information is the current advertisement type when all the users input the search keyword "AAA" is 0.25,
since 0.25 is greater than 0.2,
the degree of match between the current advertisement type and the user search keyword, 0.2 ÷ 0.25=0.8.
Recording the matching degree between the advertisement type and the user retrieval keyword when the nth application is applied at time t as PDnt;
the access risk state coefficient of the interface information of the nth application at the time t is marked as Wnt,
Figure GDA0003982842730000101
wherein, mnt j And j1 represents the maximum value of the risk factor level in the advertisement link interface information corresponding to the interface information.
In the process of calculating the matching degree between the advertisement types and the user retrieval keywords, a first reference value is obtained for obtaining the standard probability condition of the advertisement types corresponding to each retrieval keyword in the historical retrieval data of the user, so as to embody the condition of the overall access application of the user, a second reference value is obtained for obtaining the standard probability of the advertisement types corresponding to the advertisement link interface keyword set after the user retrieval keywords are calibrated, if the first reference value is the same as the second reference value, the matching degree between the corresponding advertisement types and the user retrieval keywords is 1, otherwise, the matching degree between the corresponding advertisement types and the user retrieval keywords is smaller than 1, and specifically, the quotient is obtained by dividing the smaller value of the first reference value and the second reference value by the larger value of the first reference value and the second reference value.
The method for calculating the information extraction difficulty coefficient in the interface information in the S4 comprises the following steps:
s4.1, acquiring an area Sf1 covered by the advertisement in the text information corresponding to the user search keyword in the interface information and an area Sf2 of the text information corresponding to the user search keyword in the interface information;
s4.2, acquiring a ratio e1 of the area of the advertisement elimination button to the area of a single text;
s4.3, intercepting the picture corresponding to the position of the advertisement picture in the interface information, carrying out gray processing on the intercepted picture, comparing the absolute values of the gray value difference values corresponding to two adjacent pixel points in the picture after the gray processing, marking the point with the larger gray value in the two adjacent pixel points of which the absolute value of the gray value difference value is more than or equal to a first threshold value to obtain the picture after the marking processing, wherein the first threshold value is a preset constant in a database,
performing character recognition on the marked picture to obtain recognized characters,
comparing the recognized characters with the text characters covered by the captured picture to obtain the ratio of the recognized correct number of characters to the total number of characters covered by the picture, which is recorded as g1,
marking the gray values corresponding to the pixel points occupied by the characters except for the identified character in the marked picture as 0, marking the gray values corresponding to the pixel points occupied by the characters as 1 to obtain a first marked picture, marking the gray values corresponding to the pixel points occupied by the characters in the picture covering the text area as 1, and marking the rest as 0 to obtain a second marked picture,
comparing whether the gray values corresponding to the pixel points at the same position in the first marked picture and the second marked picture are the same or not, and counting the ratio of the number of the pixel points with different gray values to the number of the pixel points with the same gray value, and recording the ratio as g2;
s4.4, obtaining the information extraction difficulty coefficient in the interface information
Figure GDA0003982842730000121
And recording the information extraction difficulty coefficient of the nth application in the interface information at the time t as W1nt.
In the process of calculating the information extraction difficulty coefficient in the interface information in the invention S4, the information extraction difficulty coefficient in the interface information is quantized by considering five angles, namely an area Sf1 covered by an advertisement in text information corresponding to a user retrieval keyword in the interface information, an area Sf2 corresponding to the text information corresponding to the user retrieval keyword in the interface information and ratios e1, g1 and g2 of the area of an advertisement elimination button relative to the area of a single text, wherein the values of g1 and g2 reflect the identification difficulty of the text information in an advertisement picture covering area, and the larger the value of g1 or g2 is, the higher the identification difficulty of the text information in the advertisement picture covering area is, and the larger the information extraction difficulty coefficient in the interface information is; the ratio e1 of the area of the advertisement elimination button to the area of a single text visually reflects the elimination difficulty of the advertisement picture, the larger e1 is, the easier the advertisement picture is to eliminate, and the smaller the information extraction difficulty coefficient in the interface information is; the ratio between Sf1 and Sf2 directly reflects the coverage degree of the text information, and the larger the ratio is, the higher the coverage degree is, and the larger the information extraction difficulty coefficient in the interface information is.
When the state monitoring estimated value corresponding to the time of the device is obtained in the step S5, the state monitoring estimated value corresponding to the time t of the device is recorded as PGt,
Figure GDA0003982842730000122
wherein N represents the number of applications in the equipment and N is more than or equal to 1.
The method for regulating and controlling each application in the device in the S6 comprises the following steps:
s6.1, acquiring a state monitoring estimated value corresponding to the current time;
s6.2, comparing the state monitoring estimated value corresponding to the current time with a second threshold value, wherein the second threshold value is a preset constant in a database,
if the state monitoring estimated value corresponding to the current time is smaller than the second threshold value, not regulating and controlling each application in the current time equipment,
if the state monitoring estimated value corresponding to the current time is larger than or equal to the second threshold, closing the application with the largest product of the access danger state coefficient of the corresponding interface information in the current time equipment and the information extraction difficulty coefficient, and comparing the state monitoring estimated value after closing the application with the second threshold.
A TCP access based device status monitoring system, the system comprising:
the application information acquisition module acquires running data in each application of the equipment in real time and extracts interface information and user retrieval keywords corresponding to the running data of each application in the equipment;
the risk factor analysis module judges whether each interface information contains an advertisement, and when the interface information contains the advertisement, the risk factor analysis module identifies whether a link interface corresponding to the advertisement contained in the interface information contains a risk factor and the grade and number of the risk factor;
the system comprises an access danger state coefficient acquisition module, a risk factor acquisition module and a risk factor analysis module, wherein the access danger state coefficient acquisition module extracts keywords in advertisement information contained in interface information, identifies the types of advertisements contained in the interface information, calculates the matching degree between the advertisement types and user search keywords, and calculates the access danger state coefficient of the interface information by combining whether a link interface corresponding to the advertisements contained in the interface information contains danger factors and the levels and the number of the danger factors;
an information extraction difficulty coefficient obtaining module, wherein the information extraction difficulty coefficient obtaining module obtains the area covered by the advertisement in the text information corresponding to the user search keyword in the interface information, the recognition degree of the characters covered by the advertisement area and the ratio of the area of the advertisement elimination button to the area of a single character in the text, calculates the information extraction difficulty coefficient in the interface information,
when the interface information does not contain the advertisement, judging that the access danger state coefficient and the information extraction difficulty coefficient of the interface information are both 0;
the equipment state monitoring and estimating module is used for acquiring the sum of the product of the access danger state coefficient and the information extraction difficulty coefficient corresponding to each interface information in the same time of the equipment to obtain a state monitoring estimated value corresponding to the time of the equipment;
and the equipment regulation and control module regulates and controls each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (8)

1. The device state monitoring method based on TCP access is characterized by comprising the following steps:
s1, acquiring running data in each application of equipment in real time, and extracting interface information and user retrieval keywords corresponding to the running data of each application in the equipment;
s2, judging whether each interface information contains an advertisement or not, and identifying whether a link interface corresponding to the advertisement contained in the interface information contains a risk factor or not and the level and the number of the risk factor when the interface information contains the advertisement;
s3, extracting keywords in the advertisement information contained in the interface information, identifying the type of the advertisement contained in the interface information, calculating the matching degree between the advertisement type and the user search keyword, and calculating the access risk state coefficient of the interface information according to whether a link interface corresponding to the advertisement contained in the interface information contains risk factors and the level and number of the risk factors;
s4, obtaining the area covered by the advertisement in the text information corresponding to the user search keyword in the interface information, the recognition degree of the characters covered by the advertisement area and the ratio of the area of the advertisement elimination button to the area of a single character in the text, calculating the information extraction difficulty coefficient in the interface information,
when the interface information does not contain the advertisement, judging that the access danger state coefficient and the information extraction difficulty coefficient of the interface information are both 0;
s5, obtaining the sum of the product of the access danger state coefficient corresponding to each interface information and the information extraction difficulty coefficient in the same time of the equipment to obtain a state monitoring estimated value corresponding to the time of the equipment;
s6, regulating and controlling each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment;
the risk factors in S2 comprise virus fragments and sensitive keywords,
the virus segments are corresponding code segments in the risk factors, the sensitive keywords are keywords in the risk factors, and the risk factor levels corresponding to the code segments are the same as the risk factor levels corresponding to the keywords.
2. The TCP access-based device status monitoring method according to claim 1, wherein: when extracting the interface information corresponding to the running data of each application in the device in S1, storing the interface information corresponding to the nth application at time t into a blank set, establishing an association relation with the user search keyword corresponding to the nth application at time t,
the interface information comprises text information and advertisement information in a retrieval interface corresponding to the user retrieval keyword, the text information comprises text content and text distribution position,
the advertisement information comprises advertisement picture positions and advertisement link interface information.
3. The TCP access-based device status monitoring method according to claim 2, wherein: in S2, when the interface information includes the advertisement, the method for identifying whether the link interface corresponding to the advertisement included in the interface information includes the risk factor and the level and number of the risk factor includes the following steps:
s2.1, acquiring character contents in the advertisement link interface information and each plug-in included in the advertisement link interface information;
s2.2, extracting keywords from the text content in the advertisement link interface information, summarizing the extracted keywords to obtain an advertisement link interface keyword set, comparing elements in the advertisement link interface keyword set with a risk factor keyword set prefabricated in a database one by one,
when the elements in the keyword set of the advertisement link interface are contained in the preset risk factor keyword set in the database, judging the elements in the keyword set of the advertisement link interface as risk factors, acquiring the risk factor levels associated with the elements in the preset risk factor keyword set in the database, wherein the risk factor levels associated with different elements in the preset risk factor keyword set in the database are different,
when the element in the advertisement link interface keyword set does not contain the risk factor keyword set prefabricated in the database, judging that the element in the advertisement link interface keyword set is not a risk factor;
s2.3, obtaining codes in each plug-in unit contained in the advertisement link interface information, and cutting each plug-in unit code once every other first unit length to obtain a plurality of code segments, wherein the first unit length is a preset constant in the database;
s2.4, comparing the code segment corresponding to each plug-in contained in the advertisement link interface information with a set of risk factor code segments prefabricated in a database,
when the code segment contains a preset danger factor code segment set in a database, judging the code segment as a danger factor, acquiring the danger factor level associated with the code segment in the preset danger factor code segment set in the database, wherein the danger factor levels associated with different code segments in the preset danger factor code segment set in the database are different,
when the code segment does not contain the risk factor code segment set prefabricated in the database, judging that the code segment is not a risk factor;
and S2.5, counting the number of the risk factors corresponding to each risk factor level in the S2.2 and the S2.4.
4. The TCP access-based device status monitoring method according to claim 3, characterized in that: the method for calculating the matching degree between the advertisement type and the user retrieval keyword in the S3 comprises the following steps:
s3.1, removing elements corresponding to the risk factors in the advertisement link interface keyword set to obtain a calibrated advertisement link interface keyword set;
s3.2, calculating the intersection of the calibrated advertisement link interface keyword set and the keyword word set corresponding to each advertisement type prefabricated by the database, and recording the advertisement type corresponding to the intersection with the maximum element number as the advertisement type corresponding to the calibrated advertisement link interface keyword set;
s3.3, obtaining the probability of the occurrence of each advertisement type corresponding to each user retrieval keyword in the historical data, recording as the standard probability of each advertisement type corresponding to the user retrieval keyword,
obtaining the standard probability of the advertisement type corresponding to each user search keyword in the historical data input by the user corresponding to the calibrated advertisement link interface keyword set,
taking the average value of the advertisement type standard probabilities corresponding to each retrieval keyword of the user as an advertisement type standard probability reference value of the corresponding user in historical data of the user corresponding to the calibrated advertisement link interface keyword set, and recording the average value as a first reference value CZ1;
s3.4, acquiring standard probability of the user retrieval keywords corresponding to the interface information in historical data input by all users aiming at the advertisement types corresponding to the calibrated advertisement link interface keyword set, and recording the standard probability as a second reference value CZ2;
s3.5, obtaining the matching degree PD between the advertisement type and the user search keyword,
PD={CZ1,CZ2}min{CZ1,CZ2}max
the { CZ1, CZ2} min represents the smaller value of CZ1 and CZ2, and the { CZ1, CZ2} max represents the larger value of CZ1 and CZ2;
recording the matching degree between the advertisement type and the user retrieval keyword when the nth application is applied at time t as PDnt;
the access risk state coefficient of the interface information of the nth application at the time t is marked as Wnt,
Figure FDA0003982842720000031
wherein, mnt j And j1 represents the maximum value of the risk factor level in the advertisement link interface information corresponding to the interface information.
5. The TCP access-based device status monitoring method according to claim 4, characterized in that: the method for calculating the information extraction difficulty coefficient in the interface information in the S4 comprises the following steps:
s4.1, acquiring an area Sf1 covered by the advertisement in the text information corresponding to the user search keyword in the interface information and an area Sf2 of the text information corresponding to the user search keyword in the interface information;
s4.2, acquiring a ratio e1 of the area of the advertisement elimination button to the area of a single text;
s4.3, capturing a picture corresponding to the position of the advertisement picture in the interface information, carrying out gray level processing on the captured picture, comparing absolute values of gray level difference values corresponding to two adjacent pixel points in the picture after the gray level processing, marking a point with a larger gray level value in the two adjacent pixel points of which the absolute value of the gray level difference value is more than or equal to a first threshold value, so as to obtain the picture after the marking processing, wherein the first threshold value is a preset constant in a database,
performing character recognition on the marked picture to obtain recognized characters,
and comparing the recognized characters with the text characters covered by the captured picture to obtain the ratio of the recognized correct characters to the total number of the covered text characters, which is recorded as g1,
marking the gray values corresponding to the pixel points occupied by the characters except for the identified character in the marked picture as 0, marking the gray values corresponding to the pixel points occupied by the characters as 1 to obtain a first marked picture, marking the gray values corresponding to the pixel points occupied by the characters in the picture covering the text area as 1, and marking the rest as 0 to obtain a second marked picture,
comparing whether the gray values corresponding to the pixel points at the same position in the first marked picture and the second marked picture are the same or not, and counting the ratio of the number of the pixel points with different gray values to the number of the pixel points with the same gray value, and recording the ratio as g2;
s4.4, obtaining the information extraction difficulty coefficient in the interface information
Figure FDA0003982842720000041
And recording the information extraction difficulty coefficient of the nth application in the interface information at the time t as W1nt.
6. The TCP access-based device status monitoring method according to claim 5, characterized in that: when the state monitoring estimated value corresponding to the time of the device is obtained in the step S5, the state monitoring estimated value corresponding to the time t of the device is recorded as PGt,
Figure FDA0003982842720000042
wherein N represents the number of applications in the equipment and N is more than or equal to 1.
7. The TCP access-based device status monitoring method according to claim 1, wherein: the method for regulating and controlling each application in the device in the S6 comprises the following steps:
s6.1, acquiring a state monitoring estimated value corresponding to the current time;
s6.2, comparing the state monitoring estimated value corresponding to the current time with a second threshold value, wherein the second threshold value is a preset constant in a database,
if the state monitoring estimated value corresponding to the current time is smaller than the second threshold value, not regulating and controlling each application in the current time equipment,
if the state monitoring estimated value corresponding to the current time is larger than or equal to the second threshold, closing the application with the largest product of the access danger state coefficient of the corresponding interface information in the current time equipment and the information extraction difficulty coefficient, and comparing the state monitoring estimated value after closing the application with the second threshold.
8. A device status monitoring system to which the TCP access-based device status monitoring method according to any one of claims 1 to 7 is applied, the system comprising:
the application information acquisition module acquires running data in each application of the equipment in real time, and extracts interface information and user retrieval keywords corresponding to the running data of each application in the equipment;
the risk factor analysis module judges whether each interface information contains an advertisement, and when the interface information contains the advertisement, the risk factor analysis module identifies whether a link interface corresponding to the advertisement contained in the interface information contains a risk factor and the grade and number of the risk factor;
the system comprises an access danger state coefficient acquisition module, a risk factor acquisition module and a risk factor calculation module, wherein the access danger state coefficient acquisition module extracts keywords in advertisement information contained in interface information, identifies the types of advertisements contained in the interface information, calculates the matching degree between the advertisement types and user search keywords, and calculates the access danger state coefficient of the interface information by combining whether a link interface corresponding to the advertisements contained in the interface information contains danger factors and the levels and the number of the danger factors;
an information extraction difficulty coefficient obtaining module, wherein the information extraction difficulty coefficient obtaining module obtains the area covered by the advertisement in the text information corresponding to the user search keyword in the interface information, the recognition degree of the characters covered by the advertisement area and the ratio of the area of the advertisement elimination button to the area of a single character in the text, calculates the information extraction difficulty coefficient in the interface information,
when the interface information does not contain the advertisement, judging that the access danger state coefficient and the information extraction difficulty coefficient of the interface information are both 0;
the equipment state monitoring and estimating module is used for acquiring the sum of the product of the access danger state coefficient and the information extraction difficulty coefficient corresponding to each interface information in the same time of the equipment to obtain a state monitoring estimated value corresponding to the time of the equipment;
and the equipment regulation and control module regulates and controls each application in the equipment according to the state monitoring estimated value corresponding to the current time of the equipment.
CN202210732534.8A 2022-06-27 2022-06-27 Equipment state monitoring system and method based on TCP access Active CN115118492B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210732534.8A CN115118492B (en) 2022-06-27 2022-06-27 Equipment state monitoring system and method based on TCP access

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210732534.8A CN115118492B (en) 2022-06-27 2022-06-27 Equipment state monitoring system and method based on TCP access

Publications (2)

Publication Number Publication Date
CN115118492A CN115118492A (en) 2022-09-27
CN115118492B true CN115118492B (en) 2023-03-24

Family

ID=83329622

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210732534.8A Active CN115118492B (en) 2022-06-27 2022-06-27 Equipment state monitoring system and method based on TCP access

Country Status (1)

Country Link
CN (1) CN115118492B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109241437A (en) * 2018-09-19 2019-01-18 麒麟合盛网络技术股份有限公司 A kind of generation method, advertisement recognition method and the system of advertisement identification model
US10642980B1 (en) * 2019-11-18 2020-05-05 Clean.io, Inc. Detecting cross-origin malicious code existing in internet advertisements
CN111899042A (en) * 2019-05-06 2020-11-06 广州腾讯科技有限公司 Malicious exposure advertisement behavior detection method and device, storage medium and terminal
CN113010819A (en) * 2021-03-03 2021-06-22 珠海市鸿瑞信息技术股份有限公司 Internet-based intelligent analysis platform for network security situation awareness

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109241437A (en) * 2018-09-19 2019-01-18 麒麟合盛网络技术股份有限公司 A kind of generation method, advertisement recognition method and the system of advertisement identification model
CN111899042A (en) * 2019-05-06 2020-11-06 广州腾讯科技有限公司 Malicious exposure advertisement behavior detection method and device, storage medium and terminal
US10642980B1 (en) * 2019-11-18 2020-05-05 Clean.io, Inc. Detecting cross-origin malicious code existing in internet advertisements
CN113010819A (en) * 2021-03-03 2021-06-22 珠海市鸿瑞信息技术股份有限公司 Internet-based intelligent analysis platform for network security situation awareness

Also Published As

Publication number Publication date
CN115118492A (en) 2022-09-27

Similar Documents

Publication Publication Date Title
US11704439B2 (en) Systems and methods for managing privacy policies using machine learning
CN113657545B (en) User service data processing method, device, equipment and storage medium
CN107067006B (en) Verification code identification method and system serving for data acquisition
US8065258B2 (en) Computer-implemented method of determining validity of a command line
US20130060808A1 (en) Document processing method and system
CN110110577B (en) Method and device for identifying dish name, storage medium and electronic device
CN110020002A (en) Querying method, device, equipment and the computer storage medium of event handling scheme
CN110458296B (en) Method and device for marking target event, storage medium and electronic device
EP3644232B1 (en) Method and device for classifying samples to be assessed
US7492928B2 (en) Method and apparatus for biometric verification with data packet transmission prioritization
CN107679075A (en) Method for monitoring network and equipment
CN114049508B (en) Fraud website identification method and system based on picture clustering and manual research and judgment
CN115118492B (en) Equipment state monitoring system and method based on TCP access
CN112579781B (en) Text classification method, device, electronic equipment and medium
CN113392920A (en) Method, apparatus, device, medium, and program product for generating cheating prediction model
CN110852893A (en) Risk identification method, system, equipment and storage medium based on mass data
CN114841705B (en) Anti-fraud monitoring method based on scene recognition
CN109145124B (en) Information storage method and device, storage medium and electronic device
CN115907898A (en) Method for recommending financial products to reinsurance client and related equipment
CN112866295B (en) Big data crawler-prevention processing method and cloud platform system
CN115080744A (en) Data processing method and device
CN112287076B (en) Label mining method and equipment based on user chat records
CN113901817A (en) Document classification method and device, computer equipment and storage medium
CN113704414A (en) Data processing method, system, storage medium and electronic equipment
CN111027296A (en) Report generation method and system based on knowledge base

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Liu Zhiyong

Inventor after: Chen Minchao

Inventor after: Weng Weicheng

Inventor after: Hong Chao

Inventor after: Zhong Haiwei

Inventor before: Chen Minchao

Inventor before: Weng Weicheng

Inventor before: Hong Chao

Inventor before: Zhong Haiwei

CB03 Change of inventor or designer information
GR01 Patent grant
GR01 Patent grant