CN116366231A - Anti-crawler method and system for protecting website resources based on encryption confusion - Google Patents

Abstract

The invention discloses an anti-crawler method and a system for protecting website resources based on encryption confusion, wherein when a client sends an HTTP request to a server, an MD5 encryption key is added in a request link address, and an AES encryption ciphertext is added in the head of the request; mixing the JavaScript codes of the HTTP request; after the server acquires the request, consistency verification is carried out according to the extracted MD5 encryption key and the AES encryption ciphertext, normal data is returned to the client after verification is passed, and otherwise, the request is refused or dirty data is returned. By the security process of confusion of the client execution method and encryption of the request parameters, the difficulty of analysis, simulation and restoration of the request by the crawler is improved, the analysis difficulty of the API request response process is increased, the service is protected from being easily cracked, and the security of the API is improved.

Description

Anti-crawler method and system for protecting website resources based on encryption confusion

Technical Field

The invention relates to the technical field of anticreepers, in particular to an anticreeper method and system for protecting website resources based on encryption confusion.

Background

In the development of digital economy nowadays, crawler technology has already penetrated into aspects of technological development and business innovation. However, behind the successor manual boring and regular operations, a large number of crawler automation threats are also hidden. Particularly, by means of machine learning and artificial intelligence technology, the crawler technology is improved in efficiency and intelligence, so that the automation threat of the crawler is more hidden. Along with the ubiquitous situation of crawlers, enterprises are facing more and more serious threat of malicious crawlers while obtaining high value brought by the good-looking crawlers.

The current common techniques for anticreeper are the following: 1. detecting the access frequency of the IP address; 2. detecting whether the user behavior has periodicity; 3. detecting whether the access request contains required parameters; 4. encrypting the returned content; 5. encrypting the JavaScript request parameters; 6. dynamically loading through ajax; 7. a digital/sliding verification code is used. These methods can either be bypassed with the common crawler method or can affect the user's experience, with one more verification code step.

Therefore, there is a need to develop an effective anti-climbing technique to make up for the deficiencies of the prior art.

Disclosure of Invention

Therefore, the invention provides an anti-crawler method and system for protecting website resources based on encryption confusion, which are used for solving the problems that the anti-crawler effect is poor, the user experience is affected and the data security cannot be ensured in the prior art.

In order to achieve the above object, the present invention provides the following technical solutions:

according to a first aspect of an embodiment of the present invention, an anti-crawler method for protecting website resources based on encryption confusion is provided, where the method includes:

when a client sends an HTTP request to a server, adding an MD5 encryption key in a request link address, wherein the MD5 encryption key is obtained by encrypting a time stamp with a random salt value by using an MD5 message digest algorithm, and adding an AES encryption ciphertext in the head of the request, wherein the AES encryption ciphertext is obtained by encrypting a request parameter containing the time stamp and the random salt value by using an AES encryption algorithm, and then adding a random data character string;

mixing the JavaScript codes of the HTTP request;

after the server acquires the request, consistency verification is carried out according to the extracted MD5 encryption key and the AES encryption ciphertext, normal data is returned to the client after verification is passed, and otherwise, the request is refused or dirty data is returned.

Further, the method for confusing the JavaScript code of the HTTP request specifically includes:

performing constant confusion and operation confusion processing on the JavaScript code;

carrying out control flow flattening treatment on JavaScript codes;

carrying out grammar ugging treatment on JavaScript codes;

and compressing the JavaScript code.

Further, after the server side obtains the request, consistency verification is performed according to the extracted MD5 encryption key and AES encryption ciphertext, which specifically includes:

the website server extracts the MD5 encryption key of the request link, extracts the AES encryption ciphertext in the request header, symmetrically restores the extracted AES encryption ciphertext to obtain a time stamp and a random salt value when the request is made, and judges the authenticity of the request by verifying the consistency of the encryption values of the time stamp and the random salt value and the MD5 encryption key in the request link.

Further, the AES encrypted ciphertext obtaining method includes:

a. the plaintext is transmitted into an AES encryption algorithm in the form of parameters;

b. executing a key expansion algorithm to obtain a round key;

c. executing a byte substitution algorithm;

d. executing a line shifting algorithm;

e. performing a row blending algorithm;

f. performing a round key addition algorithm;

g. judging whether the number of the loop iterations is reached, if so, turning to h to obtain a ciphertext C, otherwise, turning to C;

h. executing the pseudo-random number generating function to obtain a random data character string G;

i. and outputting the final ciphertext C+G.

According to a second aspect of an embodiment of the present invention, there is provided an anti-crawler system for protecting website resources based on encryption confusion, the system comprising:

the parameter encryption module is used for adding an MD5 encryption key in a request link address when the client sends an HTTP request to the server, wherein the MD5 encryption key is obtained by encrypting a time stamp with a random salt value by using an MD5 message digest algorithm, and adding an AES encryption ciphertext in the head of the request, wherein the AES encryption ciphertext is obtained by encrypting a request parameter containing the time stamp and the random salt value by using an AES encryption algorithm, and then adding a random data character string;

the code confusion module is used for carrying out confusion on JavaScript codes of the HTTP request;

and the verification module is used for carrying out consistency verification according to the extracted MD5 encryption key and the AES encryption ciphertext after the server acquires the request, returning normal data to the client after the verification is passed, and rejecting the request or returning dirty data if the verification is passed.

Further, the code obfuscation module is specifically configured to:

performing constant confusion and operation confusion processing on the JavaScript code;

carrying out control flow flattening treatment on JavaScript codes;

carrying out grammar ugging treatment on JavaScript codes;

and compressing the JavaScript code.

Further, the verification module is specifically configured to:

the website server extracts the MD5 encryption key of the request link, extracts the AES encryption ciphertext in the request header, symmetrically restores the extracted AES encryption ciphertext to obtain a time stamp and a random salt value when the request is made, and judges the authenticity of the request by verifying the consistency of the encryption values of the time stamp and the random salt value and the MD5 encryption key in the request link.

According to a third aspect of an embodiment of the present invention, a computer storage medium is provided, in which one or more program instructions are included for performing a method as claimed in any one of the above, by an anti-crawler system for protecting web site resources based on encryption confusion.

The invention has the following advantages:

according to the anti-crawler method and the system based on encryption confusion protection of website resources, when a client sends an HTTP request to a server, an MD5 encryption key is added to a request link address, and an AES encryption ciphertext is added to the head of the request; mixing the JavaScript codes of the HTTP request; after the server acquires the request, consistency verification is carried out according to the extracted MD5 encryption key and the AES encryption ciphertext, normal data is returned to the client after verification is passed, and otherwise, the request is refused or dirty data is returned. By the security process of confusion of the client execution method and encryption of the request parameters, the difficulty of analysis, simulation and restoration of the request by the crawler is improved, the analysis difficulty of the API request response process is increased, the service is protected from being easily cracked, and the security of the API is improved.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It will be apparent to those of ordinary skill in the art that the drawings in the following description are exemplary only and that other implementations can be obtained from the extensions of the drawings provided without inventive effort.

FIG. 1 is a flowchart of an anti-crawler method for protecting website resources based on encryption confusion provided in embodiment 1 of the present invention;

fig. 2 is a flowchart of an implementation of an anticreeper method for protecting website resources based on encryption confusion provided in embodiment 1 of the present invention.

Detailed Description

Other advantages and advantages of the present invention will become apparent to those skilled in the art from the following detailed description, which, by way of illustration, is to be read in connection with certain specific embodiments, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

Example 1

As shown in fig. 1 and fig. 2, the present embodiment proposes an anti-crawler method for protecting website resources based on encryption confusion, where the method includes:

and S100, when the client sends an HTTP request to the server, adding an MD5 encryption key in a request link address, wherein the MD5 encryption key is obtained by encrypting a time stamp with a random salt value by using an MD5 message digest algorithm, adding an AES encryption ciphertext in the head of the request, and the AES encryption ciphertext is obtained by encrypting a request parameter containing the time stamp and the random salt value by using an AES encryption algorithm, and then adding a random data character string.

1. When the client sends an HTTP request to the server, the request link needs to be added with a randomly generated MD5 key, which consists of a timestamp and a salt value. Wherein the timestamp takes a 13-bit number, and the salt value is defined to be composed of numbers, letters and symbols which do not exceed 32 bits. And generating a message digest by using an MD5 algorithm from the composed content.

Examples: target address:

http://www.localhost/channel/36F17C3939AC3E7B2FC9396FA8E953EA

wherein 36F17C3939AC3E7B2FC9396FA8E953EA consists of a request timestamp+random salt;

the background is acquired by the following steps: http:// www.localhost/channel/{ SecretKey }

The SecretKey is the authentication message digest.

2. Parameters and user operation information requested by a client side to a server side are input into an AES encryption algorithm, and the obtained ciphertext is put into a header for sending the request to the server side.

The specific steps of the AES encryption method are as follows:

a. the plaintext is transmitted into an AES encryption algorithm in the form of parameters;

b. executing a key expansion algorithm to obtain a round key;

c. executing a byte substitution algorithm;

d. executing a line shifting algorithm;

e. performing a row blending algorithm;

f. performing a round key addition algorithm;

g. judging whether the number of the loop iterations is reached, if so, turning to h to obtain a ciphertext C, otherwise, turning to C;

h. executing the pseudo-random number generating function to obtain a random data character string G;

i. and outputting the final ciphertext C+G.

In the encryption method based on the AES encryption algorithm, the AES encryption algorithm is used to encrypt the plaintext data to obtain the ciphertext C, the pseudorandom number generator generates the random data string G, and the ciphertext finally consists of the ciphertext C and the random data string G. The ciphertext obtained has randomness.

Examples: AES encryption is performed on (request time stamp, salt value, request address in step one), and the data string G is generated randomly, and the generated ciphertext is put into the headers.

S200, confusing JavaScript codes of the HTTP request.

The JavaScript code is obfuscated, the static method of the encryption process is obfuscated,

the specific operation steps are as follows:

(1) Confusion of constants. According to JavaScript syntax feature, a.b such a method call can be written as a [ "b" ], and further encapsulates a array call method: a [1 x,2 x,3 x. ], method a.b is implemented as a [ arr [ n ] ] (n is a digital index). Since n is a number which can be encrypted by exclusive or x, it becomes a [ arr [ n1 x ] ] (n 1 is the original method index), and further the purpose of changing the name searching method into the index searching method is achieved, and confusion is formed.

Such as: the original method is a.b, a.c, a.d, the writing method is adjusted to be a [ "b", "c", "d" ], converted index scheduling is used as a [1,2,3], or index calling is a [1 x,2 x,3 x ], and the correct writing method of the calling a.b is a [1^x ], so that codes are confused, and the cracking difficulty is improved.

(2) Control flow flattening. The execution of JavaScript sentences is sequential, each single sentence is proposed, blocks in a switch-case are added, and then the execution sequence is controlled by the case, so that the execution sequence and the reading sequence of the original method are disturbed. The specific operation method is to generate an execution sequence code, divide the character string by an |divider, and obtain the execution sequence after dividing the character string. The following is a pseudo code example:

the code can be flattened through the operation, the code is extruded to a layer, the code reading difficulty is increased, meanwhile, the code can obtain the real execution sequence only in the dynamic debugging process, and the code cracking difficulty is improved.

(3) Grammar is ugly. On the premise of not changing the function of the code, the common grammar is confused into the unusual grammar, for example, the original code fun (a) =return (c=a+b), the processed grammar can be written into the function fun (a) =return (sum (a+b)), and the control can interfere with the reading of the existing JavaScript code after the control is turned over.

(4) And (5) code compression. Redundant spaces and line breaks are compressed and annotations are deleted. The method name coding dictionary is used for replacing a longer method name with a shorter name irrelevant to the method effect, so that the size can be reduced, and the reading difficulty can be improved.

In this embodiment, the code confusion in step S200 and the parameter confusion in step S100 are encryption confusion from two parallel dimensions, so as to achieve the purposes of method confusion and parameter confusion, thereby increasing the difficulty of reverse cracking.

S300, after the server acquires the request, carrying out consistency check according to the extracted MD5 encryption key and the AES encryption ciphertext, returning normal data to the client after the verification is passed, and otherwise rejecting the request or returning dirty data.

The website server extracts the encryption parameters of the request link, extracts the encryption parameters in the headers, symmetrically restores the parameters in the headers to obtain a time stamp and a random number salt when the request is made, and judges the authenticity of the request by verifying the consistency of the encryption values of the time stamp and the salt and md5 in the request link.

According to the anti-crawler method based on encryption confusion protection of website resources, codes of request data are written into JavaScript, and MD5 encrypted time stamps and salt values are added to requested links; AES encryption is carried out on the requested parameters, and the JavaScript codes are confused. The invention utilizes the MD5 algorithm to carry out message digest authentication and combines the symmetric AES algorithm to encrypt the request data, and finally confuses the JavaScript, thereby ensuring the data security and timeliness.

Example 2

Corresponding to the above embodiment 1, this embodiment proposes an anti-crawler system for protecting website resources based on encryption confusion, where the system includes:

the parameter encryption module is used for adding an MD5 encryption key in a request link address when the client sends an HTTP request to the server, wherein the MD5 encryption key is obtained by encrypting a time stamp with a random salt value by using an MD5 message digest algorithm, and adding an AES encryption ciphertext in the head of the request, wherein the AES encryption ciphertext is obtained by encrypting a request parameter containing the time stamp and the random salt value by using an AES encryption algorithm, and then adding a random data character string;

the code confusion module is used for carrying out confusion on JavaScript codes of the HTTP request;

and the verification module is used for carrying out consistency verification according to the extracted MD5 encryption key and the AES encryption ciphertext after the server acquires the request, returning normal data to the client after the verification is passed, and rejecting the request or returning dirty data if the verification is passed.

Further, the code obfuscation module is specifically configured to:

performing constant confusion and operation confusion processing on the JavaScript code;

carrying out control flow flattening treatment on JavaScript codes;

carrying out grammar ugging treatment on JavaScript codes;

and compressing the JavaScript code.

Further, the verification module is specifically configured to:

the website server extracts the MD5 encryption key of the request link, extracts the AES encryption ciphertext in the request header, symmetrically restores the extracted AES encryption ciphertext to obtain a time stamp and a random salt value when the request is made, and judges the authenticity of the request by verifying the consistency of the encryption values of the time stamp and the random salt value and the MD5 encryption key in the request link.

The functions executed by each component in the anti-crawler system for protecting website resources based on encryption confusion provided by the embodiment of the present invention are described in detail in the above embodiment 1, so that redundant description is omitted here.

Example 3

In correspondence with the above-described embodiments, this embodiment proposes a computer storage medium containing one or more program instructions for executing the method as in embodiment 1 by an anticreeper system for protecting web site resources based on encryption confusion.

While the invention has been described in detail in the foregoing general description and specific examples, it will be apparent to those skilled in the art that modifications and improvements can be made thereto. Accordingly, such modifications or improvements may be made without departing from the spirit of the invention and are intended to be within the scope of the invention as claimed.

Claims (8)

1. An anti-crawler method for protecting website resources based on encryption confusion, which is characterized by comprising the following steps:

when a client sends an HTTP request to a server, adding an MD5 encryption key in a request link address, wherein the MD5 encryption key is obtained by encrypting a time stamp with a random salt value by using an MD5 message digest algorithm, and adding an AES encryption ciphertext in the head of the request, wherein the AES encryption ciphertext is obtained by encrypting a request parameter containing the time stamp and the random salt value by using an AES encryption algorithm, and then adding a random data character string;

mixing the JavaScript codes of the HTTP request;

after the server acquires the request, consistency verification is carried out according to the extracted MD5 encryption key and the AES encryption ciphertext, normal data is returned to the client after verification is passed, and otherwise, the request is refused or dirty data is returned.

2. The method for protecting web site resources against crawlers based on encryption confusion according to claim 1, wherein the method for confusing JavaScript codes of the HTTP request specifically comprises:

performing constant confusion and operation confusion processing on the JavaScript code;

carrying out control flow flattening treatment on JavaScript codes;

carrying out grammar ugging treatment on JavaScript codes;

and compressing the JavaScript code.

3. The method for protecting web site resources against crawlers based on encryption confusion according to claim 1, wherein the server performs consistency check according to the extracted MD5 encryption key and AES encryption ciphertext after obtaining the request, specifically comprising:

the website server extracts the MD5 encryption key of the request link, extracts the AES encryption ciphertext in the request header, symmetrically restores the extracted AES encryption ciphertext to obtain a time stamp and a random salt value when the request is made, and judges the authenticity of the request by verifying the consistency of the encryption values of the time stamp and the random salt value and the MD5 encryption key in the request link.

4. The method for protecting web site resources against crawlers based on encryption confusion as claimed in claim 1, wherein the method for obtaining AES encrypted ciphertext comprises:

a. the plaintext is transmitted into an AES encryption algorithm in the form of parameters;

b. executing a key expansion algorithm to obtain a round key;

c. executing a byte substitution algorithm;

d. executing a line shifting algorithm;

e. performing a row blending algorithm;

f. performing a round key addition algorithm;

g. judging whether the number of the loop iterations is reached, if so, turning to h to obtain a ciphertext C, otherwise, turning to C;

h. executing the pseudo-random number generating function to obtain a random data character string G;

i. and outputting the final ciphertext C+G.

5. An anti-crawler system for protecting web site resources based on encryption confusion, the system comprising:

the parameter encryption module is used for adding an MD5 encryption key in a request link address when the client sends an HTTP request to the server, wherein the MD5 encryption key is obtained by encrypting a time stamp with a random salt value by using an MD5 message digest algorithm, and adding an AES encryption ciphertext in the head of the request, wherein the AES encryption ciphertext is obtained by encrypting a request parameter containing the time stamp and the random salt value by using an AES encryption algorithm, and then adding a random data character string;

the code confusion module is used for carrying out confusion on JavaScript codes of the HTTP request;

and the verification module is used for carrying out consistency verification according to the extracted MD5 encryption key and the AES encryption ciphertext after the server acquires the request, returning normal data to the client after the verification is passed, and rejecting the request or returning dirty data if the verification is passed.

6. The anti-crawler system for protecting web site resources based on encryption confusion as recited in claim 5, wherein the code confusion module is specifically configured to:

performing constant confusion and operation confusion processing on the JavaScript code;

carrying out control flow flattening treatment on JavaScript codes;

carrying out grammar ugging treatment on JavaScript codes;

and compressing the JavaScript code.

7. The anti-crawler system for protecting website resources based on encryption confusion as claimed in claim 5, wherein the verification module is specifically configured to:

the website server extracts the MD5 encryption key of the request link, extracts the AES encryption ciphertext in the request header, symmetrically restores the extracted AES encryption ciphertext to obtain a time stamp and a random salt value when the request is made, and judges the authenticity of the request by verifying the consistency of the encryption values of the time stamp and the random salt value and the MD5 encryption key in the request link.

8. A computer storage medium having one or more program instructions embodied therein for performing the method of any of claims 1-4 by an anti-crawler system that protects web site resources based on encryption confusion.

Images