CN115643045A - Trigger type crawler searching and detecting early warning system - Google Patents
Trigger type crawler searching and detecting early warning system Download PDFInfo
- Publication number
- CN115643045A CN115643045A CN202211120354.0A CN202211120354A CN115643045A CN 115643045 A CN115643045 A CN 115643045A CN 202211120354 A CN202211120354 A CN 202211120354A CN 115643045 A CN115643045 A CN 115643045A
- Authority
- CN
- China
- Prior art keywords
- module
- early warning
- user
- download
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a triggered crawler search and inspection early warning system which comprises a triggered early warning platform, wherein the triggered early warning platform comprises an association analysis unit, an early warning unit, a suspicious risk unit and a bandwidth regulation and control unit. This trigger formula crawler searches for quarantine early warning system, download abnormal conditions through downloading the user and judge, when realizing the trigger formula early warning, carry out the unusual mark of action, guarantee the security of downloading the file with the mode of system encryption decryption, and through the early warning proportion setting to important data proportion in the enterprise website, further detect the file of downloading, suspicious risk mark, and the injecing of downloading file download speed, further improvement is to the protection effect of enterprise website data, help the user to confirm the important degree of downloading the file data, use for normal user provides help, improve normal user's the good feeling to the enterprise website.
Description
Technical Field
The invention relates to the technical field of crawler detection, in particular to a trigger type crawler search and detection early warning system.
Background
The web crawler is a program for automatically extracting web pages, can automatically capture website information according to a certain rule, wherein some crawlers stealing core files of enterprise websites are malicious crawlers for the enterprise, and once a large number of malicious crawlers appear, the normal operation of the enterprise is seriously influenced.
For malicious crawlers, real information of users is often accompanied, but after simulation of a simulator, real identity information of the users cannot be judged, so that after enterprise website information is stolen, locking of the users cannot be realized, and the situation that the malicious crawlers frequently use the enterprise network because the real identity information is not discovered is avoided, influences are brought to normal operation of the enterprise network.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a trigger type crawler search and inspection early warning system, which solves the problem that the interception effect of the conventional malicious crawler is not ideal.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme: a triggered crawler search and inspection early warning system comprises a triggered early warning platform, wherein the triggered early warning platform comprises an association analysis unit, an early warning unit, a suspicious risk unit and a bandwidth regulation and control unit, the association analysis unit is used for monitoring the download quantity of a user in an enterprise website, performing standard setting on the frequency and the size of the download quantity of the user as an alarm threshold, defining the abnormal download condition when the download quantity exceeds the alarm threshold, encrypting a user download file when the download condition occurs, not decrypting the download file when the abnormal download condition occurs, and simultaneously performing behavior abnormity marking, the association analysis unit is in butt joint with the early warning unit, the early warning unit is used for setting an early warning proportion of an important data proportion in the enterprise website, marking the user when the important data proportion exceeds the early warning standard proportion in the user download file, performing suspicious risk marking, the early warning unit is in butt joint with the early warning unit, the suspicious risk unit is used for storing the user with the suspicious risk mark and the user with the behavior abnormity marking, performing continuous identification warning after the suspicious risk marking, performing continuous identification warning on the suspicious risk mark when the suspicious risk mark, performing malicious identification warning on the malicious behavior verification on the suspicious risk mark, and performing malicious behavior verification on the malicious behavior verification, and otherwise, the malicious behavior regulation and control unit is used for removing the malicious behavior mark, and the malicious behavior regulation and control unit.
Through adopting above-mentioned technical scheme, through carrying out frequency and the standard setting of size to user's download volume, as the warning threshold value, carry out the abnormal condition judgement of downloading, when realizing the trigger formula early warning, carry out the unusual mark of action, guarantee the security of download file with the mode of system encryption decryption, and through the early warning proportion setting to important data proportion in the website of enterprise, further detect the download file, suspicious risk mark carries out, and carry out the injecing of download file download speed, further improvement is to the protection effect of website data of enterprise.
The invention is further configured to: the correlation analysis unit comprises a download monitoring module, an exception setting module, a scale encryption module and a verification decryption module, wherein the download monitoring module is in butt joint with the exception setting module, the exception setting module is in butt joint with the scale encryption module, and the scale encryption module is in butt joint with the verification decryption module.
The invention is further configured to: the download monitoring module is used for monitoring the download amount of the user in the enterprise website;
the abnormal setting module is used for carrying out standard setting on the frequency and the size of the downloading quantity of the user to serve as an alarm threshold value, and when the condition exceeding the alarm threshold value is detected, the abnormal downloading condition is defined;
the scale encryption module is used for encrypting the file downloaded by the user when the downloading condition occurs;
the verification decryption module is used for automatically decrypting the user download file under the non-download abnormal condition, verifying the identity of the user with the download abnormal condition, decrypting the download file after the verification is passed, and otherwise, not decrypting the download file when the verification is not passed, and simultaneously marking the behavior abnormity.
By adopting the technical scheme, the protection of the downloaded file is realized while the normal use of a normal user is ensured by utilizing an automatic decryption mode, so that the user with the behavior abnormity mark is prompted to carry out identity verification, and further the stealing of resources in an enterprise website by a malicious crawler is avoided.
The invention is further configured to: the early warning unit comprises a record analysis module, a label setting module and an early warning processing module, wherein the record analysis module is in butt joint with the label setting module, and the label setting module is in butt joint with the early warning processing module.
The invention is further configured to: the record analysis module is used for setting the importance degree of the data in the enterprise website, analyzing the user webpage download file with the behavior abnormity mark and judging the proportion of the important data contained in the corresponding download file in the download file;
the marking setting module is used for setting an early warning proportion of the proportion of important data in the enterprise website as an early warning standard proportion;
the early warning processing module is used for marking the user and marking suspicious risks when detecting that the proportion of important data in the file downloaded by the user exceeds the early warning standard proportion.
By adopting the technical scheme, the important data in the enterprise website are protected by setting the early warning standard proportion, and then when a normal user uses the enterprise website, the important degree of the downloaded file can be judged in an auxiliary mode, so that the important degree of the downloaded file is identified in the using process of the normal user, and further when the enterprise network intercepts malicious crawlers, the enterprise website has the function of displaying the important degree of the data to the user, the attention of the user is improved, and meanwhile, the negative impression of the normal user on the enterprise website is reduced.
The invention is further configured to: the suspicious risk unit comprises a remark storage module, a label identification module and a monitoring and judging module, wherein the remark storage module is in butt joint with the label identification module, and the label identification module is in butt joint with the monitoring and judging module.
The invention is further configured to: the remark storage module is used for storing users with suspicious risk marks and users with behavior abnormity marks and storing downloaded file information of corresponding users and data importance ratio information in downloaded files in a correlated manner;
the label identification module is used for carrying out malicious marking on the user stored in the remark storage module and taking the marked user as risk identification warning user;
the monitoring and judging module is used for monitoring file downloading conditions of the risk identification warning users, when continuous downloading conditions occur, identity authentication is sent to the corresponding risk identification warning users, after the authentication is passed, malicious marks are removed, the risk identification warning users are moved out from the remark storage module, otherwise, the risk identification warning users are defined as malicious crawlers, and interception is carried out.
By adopting the technical scheme, the identity of the user is positioned by using an identity verification mode, help is provided for the user identity information judgment after the malicious crawler is positioned, the use of the malicious crawler is reduced, and the source control is realized.
The invention is further configured to: the bandwidth regulation and control unit comprises a regulation and control setting module, a download control module and a recovery feedback module;
the regulation and control setting module is used for defining the condition that a user has behavior abnormal marks, suspicious risk marks or malicious marks as an abnormal condition, and establishing a regulation and control standard for the downloading speed of a file downloaded from an enterprise website by the user under the abnormal condition as an abnormal monitoring limit;
the download control module is used for limiting the download speed of the user with the behavior abnormity mark, the suspicious risk mark or the malicious mark according to the regulation and control standard;
and the recovery feedback module is used for removing the abnormal behavior mark, the suspicious risk mark and the malicious mark after the user passes the identity information verification.
By adopting the technical scheme, the downloading speed of the downloaded file of the user is associated with the mark information of the user, so that the user is prompted to carry out identity verification, and meanwhile, a signal that the proportion degree of important data in the downloaded file exceeds the early warning standard proportion is sent to the user, so that the user is helped to determine the importance degree of the downloaded file data, help is provided for normal users, and the good feeling of the normal users to enterprise websites is improved.
(III) advantageous effects
The invention provides a trigger type crawler search and inspection early warning system. The method has the following beneficial effects:
(1) This trigger type crawler searches for detection early warning system, through carrying out frequency and standard set of size to user's download volume, as the warning threshold value, judge the download abnormal conditions, when realizing the trigger type early warning, carry out the unusual mark of action, guarantee the security of downloading the file with the mode of system encryption decryption, and through the early warning proportion setting to important data proportion in the website of enterprise, further detect the downloading file, suspicious risk mark carries out, and carry out the injecing of downloading file download speed, further improvement is to the protection effect of website data of enterprise.
(2) This trigger formula reptile searches for quarantine early warning system through the mode that utilizes automatic decryption, when guaranteeing normal user normal use, realizes the protection to the download file to impel the user that has the unusual mark of action to carry out authentication, and then avoids the robbery of malicious reptile resource in to the website of enterprise.
(3) This trigger formula crawler searches for quarantine early warning system, through the settlement with early warning standard proportion, the realization is to the protection of important data in the enterprise website, and then when normal user uses, can assist the judgement to the important degree of download file, thereby for normal user discerns the important degree of download file in the use, and then when making the enterprise network intercept malicious crawler, possess the function to user's show data important degree, when improving user's attention, reduce normal user's negative impression to the enterprise website.
(4) This trigger formula reptile searches for quarantine early warning system through the mode that utilizes authentication, realizes providing help for the user identity information after malicious reptile location to user's identity location, and then reduces the use of malicious reptile, realizes the source control.
(5) According to the triggered crawler searching and detecting early warning system, the downloading speed of the file downloaded by the user is associated with the mark information of the user, so that the user is prompted to carry out identity verification, and meanwhile, a signal that the proportion of important data in the downloaded file exceeds the early warning standard proportion is sent to the user, so that the user is helped to determine the important degree of the downloaded file data, help is provided for normal users, and the good feeling of the normal users to enterprise websites is improved.
Drawings
FIG. 1 is a schematic block diagram of the system of the present invention;
FIG. 2 is a system schematic block diagram of an association analysis unit of the present invention;
FIG. 3 is a system schematic block diagram of the early warning unit of the present invention;
FIG. 4 is a schematic block diagram of a system for a suspected risk unit of the present invention;
fig. 5 is a system schematic block diagram of the bandwidth regulating unit of the present invention.
In the figure, 1, an early warning platform is triggered; 2. a correlation analysis unit; 3. an early warning unit; 4. a suspected risk unit; 5. a bandwidth regulating unit; 6. downloading a monitoring module; 7. an exception setting module; 8. a scale encryption module; 9. a verification decryption module; 10. a record analysis module; 11. a label setting module; 12. an early warning processing module; 13. a remark storage module; 14. a tag identification module; 15. a monitoring and judging module; 16. a regulation setting module; 17. a download control module; 18. and a feedback recovery module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-5, an embodiment of the present invention provides a technical solution: a triggered crawler search and inspection early warning system is shown in an attached drawing 1 and comprises a triggered early warning platform 1, wherein the triggered early warning platform 1 comprises an association analysis unit 2, an early warning unit 3, a suspicious risk unit 4 and a bandwidth regulation and control unit 5.
As a preferred scheme, the association analysis unit 2 is configured to monitor the download amount of the user in the enterprise website, perform standard setting on the frequency and size of the download amount of the user, and as an alarm threshold, when a condition exceeding the alarm threshold is detected, define the download abnormal condition, when the download condition occurs, encrypt the download file of the user, and when the abnormal download abnormal condition occurs, not decrypt the download file, and simultaneously perform behavior abnormal marking, specifically, as shown in fig. 2, the association analysis unit 2 includes a download monitoring module 6, an abnormal setting module 7, a scale encryption module 8, and a verification decryption module 9, and the download monitoring module 6 is configured to monitor the download amount of the user in the enterprise website;
the download monitoring module 6 is in butt joint with the abnormity setting module 7, the abnormity setting module 7 is used for carrying out standard setting on the frequency and the size of the download quantity of a user and is used as an alarm threshold value, and when the condition exceeding the alarm threshold value is detected, the download abnormal condition is defined;
the abnormal setting module 7 is in butt joint with the scale encryption module 8, and the scale encryption module 8 is used for encrypting the file downloaded by the user when the downloading condition occurs;
further, in order to ensure normal use of the downloaded data by a normal user, the scale encryption module 8 is in butt joint with the verification decryption module 9, the verification decryption module 9 is used for automatically decrypting the downloaded file of the user under the non-downloading abnormal condition, performing identity verification on the user under the downloading abnormal condition, decrypting the downloaded file after verification is passed, otherwise, not decrypting the downloaded file when verification is passed, and simultaneously performing behavior abnormity marking.
As a preferred scheme, the association analysis unit 2 is connected with the early warning unit 3, the early warning unit 3 is configured to set an early warning ratio of an important data proportion in an enterprise website, and when it is detected that the important data proportion in a file downloaded by a user exceeds an early warning standard ratio, the user is marked and suspicious risk marking is performed, specifically, as shown in fig. 3, the early warning unit 3 includes a recording analysis module 10, a mark setting module 11 and an early warning processing module 12, the recording analysis module 10 is configured to set an importance degree of the data in the enterprise website as a detailed description, the importance degree of the data depends on the proportion of the data in the enterprise website in the core data, the user webpage download file with a behavior abnormality mark is analyzed, the proportion of the important data in the download file included in the corresponding download file is determined as the detailed description, such as a toy website, a teddy bear is sold, a teddy duck, a toy, a dog, and a teddy bear is sold as a teddy bear, data related to the top-level important data, and the teddy duck and the teddy dog belongs to the next-level data of the enterprise website, that the teddy bear is the important data of the enterprise website;
the record analysis module 10 is connected with the label setting module 11 in a butt joint mode, and the label setting module 11 is used for setting an early warning proportion of the proportion of important data in an enterprise website as an early warning standard proportion;
the mark setting module 11 is connected with the early warning processing module 12, and the early warning processing module 12 is used for marking the user and marking the suspicious risk when detecting that the proportion of important data in the file downloaded by the user exceeds the proportion of the early warning standard.
As a preferred scheme, the early warning unit 3 is connected with the suspicious risk unit 4 in a butt joint manner, the suspicious risk unit 4 is used for storing users with suspicious risk marks and users with behavior abnormality marks, after malicious marking, the suspicious risk unit is used as a risk identification warning user, when a continuous downloading situation occurs, identity authentication is sent to the corresponding risk identification warning user, after the authentication is passed, the malicious marks are removed, otherwise, the users are defined as malicious crawlers, and interception is performed, specifically, as shown in fig. 4, the suspicious risk unit 4 comprises a remark storage module 13, a label identification module 14 and a monitoring and judging module 15, the remark storage module 13 is used for storing the users with suspicious risk marks and the users with behavior abnormality marks, and performing associated storage on downloaded file information of the corresponding users and data importance ratio information in downloaded files;
the remark storage module 13 is in butt joint with the label identification module 14, and the label identification module 14 is used for carrying out malicious marking on the user stored in the remark storage module 13 and taking the malicious marking as risk identification warning user;
the label identification module 14 is in butt joint with the monitoring and judging module 15, the monitoring and judging module 15 is used for monitoring file downloading conditions of the risk identification warning users, when continuous downloading conditions occur, identity authentication is sent to the corresponding risk identification warning users, after the authentication is passed, malicious marks are removed, the risk identification warning users are moved out of the remark storage module 13, otherwise, the users are defined as malicious crawlers, and interception is carried out.
As a preferred scheme, the suspected risk unit 4 is in butt joint with the bandwidth regulating and controlling unit 5, the bandwidth regulating and controlling unit 5 is in butt joint with the association analyzing unit 2, and the bandwidth regulating and controlling unit 5 is used for limiting the downloading speed of the user with the behavior abnormality mark, the suspected risk mark or the malicious mark, specifically, as shown in fig. 5, the bandwidth regulating and controlling unit 5 includes a regulation and control setting module 16, a downloading control module 17 and a recovery feedback module 18;
the regulation and control setting module 16 is used for defining the condition that the user has behavior abnormal marks, suspicious risk marks or malicious marks as an abnormal condition, and establishing a regulation and control standard for the downloading speed of the file downloaded from the enterprise website by the user under the abnormal condition as an abnormal monitoring limit;
the download control module 17 is used for limiting the download speed of the user with the behavior abnormity mark, the suspicious risk mark or the malicious mark according to the regulation and control standard;
the recovery feedback module 18 is used for removing the behavioral abnormality markers, the suspicious risk markers and the malicious markers after the user passes the identity information verification.
Early warning setting: the abnormal setting module 7 carries out standard setting on the frequency and the size of the downloading quantity of the user, the abnormal setting is used as an alarm threshold value, when the condition exceeding the alarm threshold value is detected, the abnormal downloading condition is defined, the important degree of the data in the enterprise website is set by the recording and analyzing module 10, the user webpage downloading file with the behavior abnormal mark is analyzed, the proportion of the important data in the downloading file in the corresponding downloading file is judged, the early warning proportion of the important data proportion in the enterprise website is set by the marking setting module 11 and is used as an early warning standard proportion, the condition that the user has the behavior abnormal mark, the suspicious risk mark or the malicious mark is defined as the abnormal condition by the regulation and control setting module 16, and the regulation and control standard of the downloading speed of the user downloading the file from the enterprise website under the abnormal condition is established and is used as the abnormal monitoring and limiting;
and (3) marking abnormal behaviors: the download monitoring module 6 monitors the download amount of the user in the enterprise website, when the download condition occurs, the scale encryption module 8 encrypts the download file of the user, after the download is completed, the verification decryption module 9 automatically decrypts the download file for the user who is not in the abnormal download condition, the user who is in the abnormal download condition is authenticated, after the authentication is passed, the verification decryption module 9 decrypts the download file, otherwise, the authentication is not passed, the verification decryption module 9 does not decrypt the download file, and meanwhile, the behavior abnormity marking is carried out;
suspicious risk marking: counting the proportion of important data in the user downloaded file, comparing the proportion with an early warning standard proportion, marking the user by the early warning processing module 12 when detecting that the proportion of the important data in the user downloaded file exceeds the early warning standard proportion, and marking suspicious risks;
exception handling: the remark storage module 13 stores users with suspicious risk marks and users with behavior abnormity marks, and stores downloaded file information of corresponding users and data importance ratio information in the downloaded files in an associated manner, after malicious crawlers are determined, the users are positioned and data certificates are provided, the label identification module 14 is used for marking the users stored in the remark storage module 13 maliciously and used as risk identification warning users to monitor the file downloading condition of the risk identification warning users, when continuous downloading conditions occur, the monitoring and judging module 15 sends identity verification to the corresponding risk identification warning users, after the verification is passed, the malicious marks are removed and moved out of the remark storage module 13, otherwise, the users are defined as malicious crawlers to be intercepted;
and (3) limiting the downloading speed: according to the regulation and control standard, the download control module 17 limits the download speed of the user with the behavior abnormity mark, the suspicious risk mark or the malicious mark, and the recovery feedback module 18 removes the behavior abnormity mark, the suspicious risk mark and the malicious mark after the user passes the identity information verification.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (8)
1. The utility model provides a trigger formula reptile searches for examines early warning system, is including triggering early warning platform (1), its characterized in that: the trigger early warning platform (1) comprises an association analysis unit (2), an early warning unit (3), a suspicious risk unit (4) and a bandwidth regulation and control unit (5), wherein the association analysis unit (2) is used for monitoring the download quantity of a user in an enterprise website, performing standard setting on the frequency and the size of the download quantity of the user as an alarm threshold value, defining abnormal download conditions when the download quantity exceeds the alarm threshold value, encrypting user download files when the download conditions occur, not decrypting the download files when the abnormal download conditions occur, and performing behavior abnormity marking at the same time, the association analysis unit (2) is butted with the early warning unit (3), the early warning unit (3) is used for setting an early warning proportion of important data occupation ratio in the enterprise website, marking the user when the important data occupation ratio in the user download files exceeds the early warning standard proportion when the abnormal download files are detected, performing suspicious risk marking, the suspicious risk unit (3) is butted with the suspicious risk unit (4), the risk unit (4) is used for intercepting the user with the suspicious risk marking and performing malicious identification and verification after malicious identification, otherwise, the suspicious risk unit (5) performs malicious risk identification and verifies the malicious behavior abnormity marking after the malicious behavior is detected, and the malicious risk identification mark is performed to the malicious risk identification unit (5), the bandwidth regulating and controlling unit (5) is in butt joint with the correlation analysis unit (2), and the bandwidth regulating and controlling unit (5) is used for limiting the downloading speed of the user with the behavior abnormity mark, the suspicious risk mark or the malicious mark.
2. The triggered crawler search and inspection early warning system according to claim 1, wherein: the association analysis unit (2) comprises a download monitoring module (6), an exception setting module (7), a scale encryption module (8) and a verification decryption module (9), wherein the download monitoring module (6) is in butt joint with the exception setting module (7), the exception setting module (7) is in butt joint with the scale encryption module (8), and the scale encryption module (8) is in butt joint with the verification decryption module (9).
3. The triggered crawler search and inspection early warning system according to claim 2, wherein: the download monitoring module (6) is used for monitoring the download amount of the user in the enterprise website;
the abnormity setting module (7) is used for carrying out standard setting on the frequency and the size of the downloading amount of the user, and is used as an alarm threshold value, and when the condition that the downloading amount exceeds the alarm threshold value is detected, the abnormal downloading condition is defined;
the scale encryption module (8) is used for encrypting the user download file when the download condition occurs;
the verification decryption module (9) is used for automatically decrypting the user download file under the non-download abnormal condition, verifying the identity of the user with the download abnormal condition, decrypting the download file after the verification is passed, and otherwise, not decrypting the download file when the verification is not passed, and simultaneously marking the behavior abnormity.
4. The triggered crawler search and inspection early warning system according to claim 1, wherein: the early warning unit (3) comprises a record analysis module (10), a label setting module (11) and an early warning processing module (12), the record analysis module (10) is in butt joint with the label setting module (11), and the label setting module (11) is in butt joint with the early warning processing module (12).
5. The triggered crawler search and inspection early warning system according to claim 4, wherein: the record analysis module (10) is used for setting the importance degree of the data in the enterprise website, analyzing the user webpage download file with the behavior abnormity mark and judging the proportion of the important data contained in the corresponding download file in the download file;
the mark setting module (11) is used for setting an early warning proportion of the proportion of important data in the enterprise website as an early warning standard proportion;
the early warning processing module (12) is used for marking the user and marking suspicious risks when detecting that the proportion of important data in the file downloaded by the user exceeds the early warning standard proportion.
6. The triggered crawler search and inspection early warning system according to claim 1, wherein: the suspicious risk unit (4) comprises a remark storage module (13), a label identification module (14) and a monitoring judgment module (15), wherein the remark storage module (13) is in butt joint with the label identification module (14), and the label identification module (14) is in butt joint with the monitoring judgment module (15).
7. The triggered crawler search and inspection early warning system according to claim 6, wherein: the remark storage module (13) is used for storing users with suspicious risk marks and users with behavior abnormity marks and storing downloaded file information of corresponding users and data importance ratio information in downloaded files in an associated manner;
the label identification module (14) is used for carrying out malicious marking on the user stored in the remark storage module (13) and taking the user as risk identification warning user;
the monitoring and judging module (15) is used for monitoring file downloading conditions of the risk identification warning users, when continuous downloading conditions occur, identity authentication is sent to the corresponding risk identification warning users, after the authentication is passed, malicious marks are removed, the risk identification warning users are moved out of the remark storage module (13), and otherwise, the risk identification warning users are defined as malicious crawlers and intercepted.
8. The triggered crawler search and inspection early warning system according to claim 1, wherein: the bandwidth regulation and control unit (5) comprises a regulation and control setting module (16), a download control module (17) and a recovery feedback module (18);
the regulation and control setting module (16) is used for defining the condition that a user has behavior abnormal marks, suspicious risk marks or malicious marks as an abnormal condition, and establishing a regulation and control standard for the downloading speed of a file downloaded from an enterprise website by the user under the abnormal condition as an abnormal monitoring limit;
the download control module (17) is used for limiting the download speed of the user with the behavior abnormity mark, the suspicious risk mark or the malicious mark according to the regulation and control standard;
the recovery feedback module (18) is used for removing the behavior abnormity mark, the suspicious risk mark and the malicious mark after the user passes the identity information verification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211120354.0A CN115643045A (en) | 2022-09-15 | 2022-09-15 | Trigger type crawler searching and detecting early warning system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211120354.0A CN115643045A (en) | 2022-09-15 | 2022-09-15 | Trigger type crawler searching and detecting early warning system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115643045A true CN115643045A (en) | 2023-01-24 |
Family
ID=84941542
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211120354.0A Pending CN115643045A (en) | 2022-09-15 | 2022-09-15 | Trigger type crawler searching and detecting early warning system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115643045A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116800515A (en) * | 2023-07-10 | 2023-09-22 | 福建省远顺智能科技有限公司 | Industrial Internet platform safety maintenance system based on artificial intelligence |
-
2022
- 2022-09-15 CN CN202211120354.0A patent/CN115643045A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116800515A (en) * | 2023-07-10 | 2023-09-22 | 福建省远顺智能科技有限公司 | Industrial Internet platform safety maintenance system based on artificial intelligence |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109525558B (en) | Data leakage detection method, system, device and storage medium | |
| US8819807B2 (en) | Apparatus and method for analyzing and monitoring sap application traffic, and information protection system using the same | |
| CN105471912B (en) | Monitor the safety defense method and system of network | |
| CN107766728A (en) | Mobile application security managing device, method and mobile operation safety protection system | |
| CN112217835A (en) | Message data processing method and device, server and terminal equipment | |
| CN112804212B (en) | Information security assessment system | |
| CN115643045A (en) | Trigger type crawler searching and detecting early warning system | |
| JP2014110046A (en) | Illegal access detection and processing system, device, method, and computer readable recording medium | |
| CN113852633A (en) | Method for generating implementation case for information security assessment | |
| WO2019134276A1 (en) | Method and system for protecting web page code, storage medium, and electronic device | |
| CN112765578A (en) | Method for realizing safety privacy calculation based on browser client | |
| CN117527412A (en) | Data security monitoring method and device | |
| CN110401621A (en) | A kind of means of defence of sensitive instructions, equipment and storage medium | |
| CN112287346A (en) | IRP analysis-based encrypted Lesso software real-time monitoring system and method | |
| CN115150137B (en) | Redis-based high-frequency access early warning method and device | |
| CN114257404B (en) | Abnormal external connection statistical alarm method, device, computer equipment and storage medium | |
| CN114172720A (en) | Ciphertext attack flow detection method and related device | |
| CN109495482A (en) | A kind of network data information safe transmission method | |
| US20160210474A1 (en) | Data processing apparatus, data processing method, and program | |
| CN113672926A (en) | Data protection method and system based on computer intelligent algorithm | |
| CN113141274A (en) | Method, system and storage medium for detecting sensitive data leakage in real time based on network hologram | |
| CN116861411B (en) | Seccomp mechanism-based safe sandbox data protection method and system | |
| CN113591111B (en) | Audio data processing method and device, computer readable storage medium and terminal | |
| CN115118509B (en) | Method for detecting authority of debugging files of secondary equipment of transformer substation and safety control device | |
| CN112637217B (en) | Active defense method and device of cloud computing system based on bait generation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |