CN117135163A - Download speed limiting method, device, electronic equipment and storage medium - Google Patents

Download speed limiting method, device, electronic equipment and storage medium Download PDF

Info

Publication number
CN117135163A
CN117135163A CN202311058309.1A CN202311058309A CN117135163A CN 117135163 A CN117135163 A CN 117135163A CN 202311058309 A CN202311058309 A CN 202311058309A CN 117135163 A CN117135163 A CN 117135163A
Authority
CN
China
Prior art keywords
client
downloading
time slices
clients
speed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311058309.1A
Other languages
Chinese (zh)
Inventor
刁嘉欣
张艺琼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202311058309.1A priority Critical patent/CN117135163A/en
Publication of CN117135163A publication Critical patent/CN117135163A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1074Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
    • H04L67/1078Resource delivery mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/25Flow control; Congestion control with rate being modified by the source upon detecting a change of network conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/50Queue scheduling
    • H04L47/62Queue scheduling characterised by scheduling criteria
    • H04L47/625Queue scheduling characterised by scheduling criteria for service slots or service orders

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The disclosure provides a downloading speed limiting method, a downloading speed limiting device, electronic equipment and a storage medium, and relates to the technical fields of deep learning, big data and the like. The specific implementation scheme is as follows: determining a target client from the candidate clients according to the downloading flow of the candidate clients in a plurality of time slices; and determining whether the target client is a client needing to limit the downloading speed or not based on at least one flow judging strategy and the downloading flow of the target client in a plurality of time slices, and if so, limiting the downloading speed of the target client to the network resource. Therefore, based on the downloading flow of each client in a plurality of time slices, the target client suspected of overspeed downloading is screened out from each client, and only when the target client hits any flow judgment strategy, the user logged in the target client is used as a malicious user, so that the probability of misjudgment of the malicious user can be reduced, the rights and interests of enterprises and consumers to which the Internet product belongs can be prevented from being damaged, and the waste of bandwidth resources can be avoided.

Description

Download speed limiting method, device, electronic equipment and storage medium
Technical Field
The present disclosure relates to the field of AI (Artificial Intelligence ), and in particular, to the technical fields of deep learning, big data, and the like, and more particularly, to a download speed limiting method, apparatus, electronic device, and storage medium.
Background
In the process of providing services for users, the internet product may be subjected to malicious cracking by malicious users, for example, the internet product has a limitation on the downloading speed of the common users, and the malicious users break through the downloading speed limited by the internet product by modifying the concurrency number and other means, so as to realize overspeed downloading. Under the condition, the rights and interests of normal consumers are damaged, the experience of normal consumer groups is reduced, and the rights and interests of enterprises to which the Internet products belong are damaged and bandwidth resources are wasted.
Therefore, how to limit the download speed of malicious users is very important.
Disclosure of Invention
The present disclosure provides a method, apparatus, electronic device, and storage medium for download speed limit.
According to an aspect of the present disclosure, there is provided a download speed limiting method, including:
acquiring downloading flow of at least one candidate client to network resources in a plurality of time slices;
determining a target client from the candidate clients according to the downloading flow of the candidate clients in the plurality of time slices; wherein the downloading flow rate of the target client at least one time slice is higher than the flow threshold of the corresponding time slice;
Determining whether the target client is a client needing to limit the downloading speed based on at least one traffic discrimination strategy and the downloading traffic of the target client in the plurality of time slices;
and responding to the target client as the client needing to limit the downloading speed, and limiting the downloading speed of the target client to the network resource.
According to another aspect of the present disclosure, there is provided a download speed limiting device, comprising:
a first obtaining module, configured to obtain downloading traffic of network resources by at least one candidate client in a plurality of time slices;
a first determining module, configured to determine a target client from each candidate client according to download traffic of each candidate client in the multiple time slices; wherein the downloading flow rate of the target client at least one time slice is higher than the flow threshold of the corresponding time slice;
the second determining module is used for determining whether the target client is a client needing to limit the downloading speed or not based on at least one traffic distinguishing strategy and the downloading traffic of the target client in the plurality of time slices;
and the limiting module is used for limiting the downloading speed of the target client to the network resource in response to the target client being the client needing to limit the downloading speed.
According to still another aspect of the present disclosure, there is provided an electronic apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the download speed limiting method set forth in the above aspect of the present disclosure.
According to yet another aspect of the present disclosure, there is provided a non-transitory computer-readable storage medium of computer instructions for causing the computer to perform the download speed limiting method set forth in the above aspect of the present disclosure.
According to a further aspect of the present disclosure there is provided a computer program product comprising a computer program which, when executed by a processor, implements the download speed limiting method set forth in the above aspect of the present disclosure.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.
Drawings
The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
fig. 1 is a flow chart of a download speed limiting method according to an embodiment of the disclosure;
fig. 2 is a flow chart of a download speed limiting method according to a second embodiment of the disclosure;
fig. 3 is a flow chart of a download speed limiting method according to a third embodiment of the disclosure;
fig. 4 is a flow chart of a download speed limiting method according to a fourth embodiment of the disclosure;
fig. 5 is a flow chart of a download speed limiting method according to a fifth embodiment of the present disclosure;
fig. 6 is a schematic diagram of a download speed limit provided in an embodiment of the present disclosure;
fig. 7 is a schematic diagram II of the download speed limit provided in the embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of a download speed limiting device according to a sixth embodiment of the present disclosure;
FIG. 9 illustrates a schematic block diagram of an example electronic device that may be used to implement embodiments of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In the related art, log data of a server side can be cleaned every five minutes in an offline mode to obtain the required log data of each client, the log data of each client is matched with a strategy, and the speed limit processing is performed on the client of the log data hit strategy.
However, the off-line mode has at least the following problems:
1. cleaning log data every five minutes, which can have data delay and data drift problems;
2. the offline cleaning data and the strategy calculation are divided into two steps, processing links are not consistent, and a large delay exists;
3. the data pulled in five minutes is huge, more resources are needed to be consumed, and the stability is not high enough.
Therefore, how to efficiently clean mass data to ensure the accuracy and timeliness of the data is a technical difficulty in performing overspeed striking on malicious users.
In view of at least one of the above problems, the present disclosure proposes a download speed limiting method, apparatus, electronic device, and storage medium. Before describing embodiments of the present disclosure in detail, for ease of understanding, general technical words are first introduced:
the Doris database is a high-performance and real-time analysis type database, and can return the query result under massive data only with sub-second response time, so that not only can the high-concurrency point query scene be supported, but also the high-throughput complex analysis scene can be supported.
The download speed limiting method, apparatus, electronic device and storage medium of the embodiments of the present disclosure are described below with reference to the accompanying drawings.
Fig. 1 is a flowchart of a download speed limiting method according to an embodiment of the disclosure.
The downloading speed limiting method of the embodiment of the disclosure can be applied to a server.
As shown in fig. 1, the download speed limiting method may include the steps of:
step S101, obtaining downloading traffic of at least one candidate client to the network resource in a plurality of time slices.
In the disclosed embodiments, the network resources may include, but are not limited to, files, images, audio, video, and the like.
In the embodiment of the disclosure, the candidate client may be any client that downloads the network resource, where the client may be a software program running on a device to provide services for a user.
The electronic device may be any device with computing capability, for example, may be a personal computer, a mobile terminal, and the mobile terminal may be a hardware device with various operating systems, touch screens, and/or display screens, for example, a vehicle-mounted device, a mobile phone, a tablet computer, a personal digital assistant, a wearable device, and the like.
In the embodiment of the present disclosure, the time-slicing duration is preset, for example, the time-slicing duration may be set to 20 seconds, 30 seconds, 50 seconds, 1 minute, and so on. It should be noted that, in order to achieve the fast limit of the downloading speed of the client of the overspeed downloading, the time slicing duration should not be set too long.
In the embodiment of the disclosure, the server may obtain the downloading traffic of the network resources by at least one candidate client in a plurality of time slices, where the downloading traffic is determined according to the data volume of the network resources that have been downloaded by the candidate client in the corresponding time slices. Taking network resources as a file for example, the downloading traffic of a candidate client in a certain time slice is the sum of the sizes (sizes) of the files downloaded by the candidate client in the time slice.
Step S102, determining a target client from the candidate clients according to the downloading flow of the candidate clients in a plurality of time slices; wherein the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice.
In the embodiment of the disclosure, for any one candidate client, whether the download traffic of the candidate client in a plurality of time slices is higher than the traffic threshold of the corresponding time slices can be judged, wherein the traffic threshold of each time slice is determined according to the duration of the time slice and the original speed limit of the time slice, and the original speed limit is used for limiting the download speed of the candidate client in the corresponding time slice.
For example, the original speed limit of time slice 1 is v 1 The duration of the time slice 1 is 60 seconds, and then the flow threshold of the time slice is 60 v 1
In a case that a downloading flow rate of at least one time slice in the plurality of time slices corresponding to the candidate client is higher than a flow threshold of the corresponding time slice, the candidate client may be regarded as a target client. And in the case that the download traffic of all the time slices of the candidate client is not higher than the traffic threshold of the corresponding time slices, the candidate client may not need to be regarded as the target client.
Step S103, based on at least one traffic discrimination strategy and the downloading traffic of the target client in a plurality of time slices, determining whether the target client is a client needing to limit the downloading speed.
The flow judgment strategy is a preset strategy.
In the embodiment of the disclosure, whether the target client is a client needing to limit the downloading speed can be determined based on at least one traffic discrimination policy and the downloading traffic of the target client in a plurality of time slices. For example, when the target client hits at least one traffic discrimination policy in the download traffic of the plurality of time slices, the target client may be determined as a client that needs to limit the download speed, and when the target client misses all traffic discrimination policies in the download traffic of the plurality of time slices, the target client may be determined as a client that does not need to limit the download speed.
Step S104, in response to the target client being the client requiring limiting the downloading speed, limiting the downloading speed of the target client to the network resource.
In the embodiment of the present disclosure, in the case that the target client is a client that needs to limit the download speed, the server may limit the download speed of the target client to the network resource. In the case that the target client is not a client that needs to limit the downloading speed, the server may not need to limit the downloading speed of the target client to the network resource.
According to the downloading speed limiting method, a target client is determined from all candidate clients according to downloading flows of all candidate clients in a plurality of time slices; wherein, the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice; and determining whether the target client is a client needing to limit the downloading speed or not based on at least one flow judging strategy and the downloading flow of the target client in a plurality of time slices, and if so, limiting the downloading speed of the target client to the network resource. In summary, considering that the instant downloading speed is higher when the client just starts to download the network resource, if the instant downloading speed of the client is higher, the user logged in the client is taken as a malicious user for maliciously cracking the internet product speed limit, and the situation of misjudgment of the malicious user exists, and the downloading experience of the user is seriously reduced, so in the present disclosure, the target client suspected of overspeed downloading can be screened out from each client based on the downloading flow of each client in a plurality of time slices, and only when the target client hits any preset flow judging strategy, the user logged in the target client is taken as the malicious user, thereby not only reducing the probability of misjudgment of the malicious user, but also preventing the rights and interests of enterprises and consumers to which the internet product belongs from being damaged, and avoiding the waste of bandwidth resources.
It should be noted that, in the technical solution of the present disclosure, the related processes of collecting, storing, using, processing, transmitting, providing, disclosing, etc. of the personal information of the user are all performed on the premise of proving the consent of the user, and all conform to the rules of the related laws and regulations, and do not violate the popular regulations of the public order.
In order to clearly illustrate how the above embodiments of the present disclosure determine whether a target client is a client that needs to limit a downloading speed based on at least one traffic discrimination policy and downloading traffic of the target client in a plurality of time slices, the present disclosure further proposes a downloading speed limiting method.
Fig. 2 is a flow chart of a download speed limiting method according to a second embodiment of the disclosure.
As shown in fig. 2, the download speed limiting method may include the steps of:
step S201, obtaining download traffic of at least one candidate client to the network resource at a plurality of time slices.
Step S202, determining a target client from the candidate clients according to the downloading flow of the candidate clients in a plurality of time slices; wherein the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice.
The explanation of steps S201 and S202 may be referred to the related description in any embodiment of the disclosure, and will not be repeated here.
Step S203, the original speed limit of the target client in a plurality of time slices is obtained.
In the disclosed embodiment, the original speed limit and download traffic of the target client at multiple time slices may be obtained from a database (such as a Doris database). The original speed limit is used for limiting the downloading speed of the target client in the corresponding time slicing.
Step S204, determining the downloading speed of the target client in the time slices according to the downloading flow of the target client in the time slices.
In the embodiment of the disclosure, for any time slicing, the downloading speed of the target client in the time slicing can be determined according to the downloading flow of the target client in the time slicing and the duration of the time slicing. For example, the download speed of a time slice = the download traffic of the time slice +..
Step S205, determining whether the target client is a client requiring limiting of the downloading speed according to at least one traffic discrimination strategy and according to the downloading speeds and the original speed limits of the time slices corresponding to the target client, if so, executing step S206, and if not, executing step S207.
In the embodiment of the disclosure, the downloading speed and the original speed limit of the time slices corresponding to the target client can be judged, whether at least one flow judging strategy is hit or not is judged, if yes, the target client is determined to be the client needing to limit the downloading speed, and if not, the target client is determined not to be the client needing to limit the downloading speed.
In any of the embodiments of the present disclosure, the traffic discrimination policy may include: the download speed of the first set number of consecutive time slices is greater than the first set multiple of the original speed limit of the corresponding time slices. The first set number is a preset number threshold, and the first set number is a threshold with a relatively smaller value, for example, the first set number may be 2, 3, 4, etc.; the first set multiple is a preset multiple threshold, where the first set multiple is greater than a first set number, for example, the first set multiple may be 18, 20, 22, and so on.
For example, the traffic discrimination policy may be: the download speed of consecutive 3 time slices exceeds the 20-fold limit, i.e. the download speed of consecutive 3 time slices is greater than 20-fold of the original limit of the corresponding time slices. For example, with a time slicing duration of 1 minute, the traffic discrimination policy may be: the download speed for 3 consecutive minutes exceeds the 20-fold limit.
At this time, it may be determined whether the target client is a client that needs to limit the download speed by:
1. judging whether a first time slice with a continuous first set number exists in a plurality of time slices corresponding to the target client; the downloading speed of the first time slices is larger than the first set multiple of the original speed limit of the first time slices.
2. And if a first time slicing of a first set number exists in the time slices corresponding to the target client, determining the target client as the client needing to limit the downloading speed.
3. If the first time slices of the first set number do not exist in the time slices corresponding to the target client, determining that the target client is not a client needing to limit the downloading speed.
Therefore, when the smooth or average downloading speed of the continuous time slices is larger than the first set multiple of the original speed limit of the corresponding time slices, the target client is used as the client needing to limit the downloading speed, namely, the user logging in the target client is used as a malicious user, so that the probability of misjudgment of the malicious user can be reduced.
In any of the embodiments of the present disclosure, the traffic discrimination policy may include: there are a second set number of second time slices in the succession of time slices, wherein the download speed of the second time slices is greater than a second set multiple of the original speed limit of the second time slices. The second set number is a preset number threshold, the second set number is a threshold with a relatively smaller value, and the second set number is larger than the first set number, for example, the first set number may be 3, and the second set number may be 4; the second set multiple is a preset multiple threshold, and the second set multiple is smaller than the first set multiple, for example, the first set multiple may be 20, and the second set multiple may be 3.
At this time, it may be determined whether the target client is a client that needs to limit the download speed by:
1. judging whether a second time slice with a second set number exists in a plurality of time slices corresponding to the target client; wherein, the time difference between each second time slice is smaller than the set duration.
The set duration is a preset duration threshold, for example, the set duration may be 4 minutes, 5 minutes, 6 minutes, and the like.
For example, the traffic discrimination policy may be: the download speed of 4 time slices out of the 6 consecutive time slices exceeds the 3-fold limit, i.e. the download speed of 4 time slices out of the 6 consecutive time slices is greater than 3-fold of the original limit of the corresponding time slices. For example, with a time slicing duration of 1 minute, the traffic discrimination policy may be: there is a 4 minute download rate exceeding the 3-fold limit within 6 minutes.
2. And if a second set number of second time slices exist in the time slices corresponding to the target client, determining the target client as the client needing to limit the downloading speed.
3. And if the second time slices of the second set number do not exist in the time slices corresponding to the target client, determining that the target client is not a client needing to limit the downloading speed.
Therefore, when the smooth or average downloading speed of the plurality of time slices is larger than the second set multiple corresponding to the original speed limit in a short period of the target client, the target client is used as the client needing to limit the downloading speed, namely, the user logged in the target client is used as a malicious user, so that the probability of misjudgment of the malicious user can be reduced. And whether the target client is a client needing to limit the downloading speed can be judged based on different flow judging strategies, so that the flexibility and applicability of the method can be improved, missing detection of malicious users can be avoided, judging accuracy of the malicious users is improved, rights and interests of enterprises and consumers to which internet products belong are further prevented from being damaged, and waste of bandwidth resources is avoided.
It should be noted that the above flow determination policy is merely an example, and other flow determination policies may be set in practical applications, which is not limited in the embodiments of the present disclosure.
Step S206, limiting the downloading speed of the target client to the network resource.
In step S207, there is no need to limit the download speed of the target client to the network resource.
According to the downloading speed limiting method, whether the target client hits at least one flow judging strategy is judged based on the smooth or average downloading speed of the target client in each time slicing and the original speed limit, accuracy of judging results can be improved, missing detection of malicious users is avoided, judging accuracy of the malicious users is improved, rights and interests of enterprises and consumers to which internet products belong are further prevented from being damaged, and waste of bandwidth resources is avoided.
In order to clearly illustrate how to determine whether a target client is a client that needs to limit a downloading speed based on at least one traffic discrimination policy and downloading traffic of the target client at a plurality of time slices in any embodiment of the present disclosure, the present disclosure further proposes a downloading speed limiting method.
Fig. 3 is a flow chart of a download speed limiting method according to a third embodiment of the disclosure.
As shown in fig. 3, the download speed limiting method may include the steps of:
step S301, obtaining downloading traffic of at least one candidate client to the network resource in a plurality of time slices.
Step S302, determining a target client from the candidate clients according to the downloading flow of the candidate clients in a plurality of time slices; wherein the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice.
The explanation of steps S301 to S302 may be referred to the relevant description in any embodiment of the disclosure, and will not be repeated here.
Step S303, classifying the downloading flow of the target client in a plurality of time slices by adopting a classification model to obtain classification labels.
The classification model is trained based on at least one flow discrimination strategy.
In the embodiment of the disclosure, the trained classification model may be used to classify the downloading traffic of the target client in multiple time slices, so as to obtain a classification label, where the classification label is used to indicate whether the target client is a client that needs to limit the downloading speed. For example, the target client may be indicated as a client requiring limitation of the download speed by the tag 1, and the target client may be indicated as a client not requiring limitation of the download speed by the tag 0, and for example, the target client may be indicated as a client requiring limitation of the download speed by the tag-1, and the target client may be indicated as a client not requiring limitation of the download speed by the tag +1.
It should be noted that the above labels are merely exemplary, and other labels may be used in actual application to indicate whether the target client is a client that needs to limit the downloading speed, which is not limited by the embodiment of the present disclosure.
In any of the embodiments of the present disclosure, the classification model may be pre-trained in the following manner:
1. and obtaining a training sample, wherein the training sample comprises sample downloading flow and sample original speed limit of a sample client which are sliced at a plurality of sample times.
The manner of obtaining the training samples is not limited, for example, may be provided manually, or may be obtained from a database, or may be collected online, for example, by a web crawler technology, collecting the training samples online, or the like, which is not limited in the embodiments of the present disclosure.
Wherein the time-slicing of samples may have the same duration as the time-slicing in the above-described embodiments.
The original speed limit of the sample is used for limiting the downloading speed of the sample client in the corresponding sample time slicing.
2. Acquiring a labeling classification label of a training sample; the labeling classification label is determined based on at least one traffic discrimination policy, and is used for indicating whether the sample client is a client needing to limit the downloading speed.
The labeling classification label can be provided manually, for example, whether a sample client in a training sample hits at least one flow judging strategy or not can be judged manually according to sample downloading flow and sample original speed limit of a plurality of sample time slices, if yes, the training sample is labeled manually, at this time, the labeling classification label obtained by manual labeling is used for indicating that the sample client is a client needing to limit the downloading speed, if not, the training sample is labeled manually, and at this time, the labeling classification label obtained by manual labeling is used for indicating that the sample client is a client not needing to limit the downloading speed.
Of course, the training samples may also be automatically labeled based on at least one flow discrimination strategy by a machine labeling manner, which is not limited by the embodiments of the present disclosure.
3. And classifying the training samples by adopting an initial classification model to obtain a prediction classification label output by the classification model.
4. The classification model is trained based on the differences between the labeled classification labels and the predicted classification labels.
In the embodiment of the present disclosure, the value of the loss function (referred to as a loss value in the present disclosure) may be determined according to the difference between the labeling classification label and the prediction classification label, where the loss value and the difference are in positive correlation, that is, the smaller the difference is, the smaller the loss value is, and conversely, the larger the difference is, the larger the loss value is. Thus, in the present disclosure, model parameters in the classification model may be adjusted based on the loss values to minimize the loss values.
It should be noted that, the foregoing example is only implemented by taking the termination condition of the training of the classification model as the minimization of the loss value, and other termination conditions may be set in practical application, for example, the termination condition may also be set for the training times to reach the set times, or the termination condition may also be set for the training duration to reach the set duration, etc., which is not limited in this disclosure.
Therefore, the classification model is trained in advance according to the training sample, so that the trained classification model is adopted to classify the downloading flow of the target client at a plurality of time slices, and the classification precision of the classification model can be improved.
In the disclosure, for step S303, the downloading traffic and the original speed limit of the target client at a plurality of time slices may be input into the classification model for classification at the same time, so as to obtain the classification label output by the classification model.
Step S304, determining whether the target client is a client needing to limit the downloading speed according to the classification labels.
In the embodiment of the present disclosure, it may be determined whether the target client is a client that needs to limit the downloading speed according to the classification tag.
In step S305, in response to the target client being a client that needs to limit the download speed, the download speed of the target client to the network resource is limited.
The downloading speed limiting method can realize the recognition of whether the target client is the client needing to limit the downloading speed based on the deep learning technology, and can improve the accuracy and the recognition efficiency of the recognition result.
In order to clearly illustrate how to obtain the download traffic of the candidate client to the network resource at a plurality of time slices in any embodiment of the disclosure, the disclosure also proposes a download speed limiting method.
Fig. 4 is a flow chart of a download speed limiting method according to a fourth embodiment of the disclosure.
As shown in fig. 4, the download speed limiting method may include the steps of:
step S401, acquiring query conditions, wherein the query conditions comprise a period to be queried.
In the embodiment of the disclosure, the query condition may be provided for a relevant person and is used for indicating which period of data is queried, wherein the query condition may include a period to be queried. Alternatively, the query condition may be automatically generated, for example, the query condition may be periodically generated, where the time upper limit of the period to be queried in the query condition may be the current time, and the duration between the time lower limit and the time upper limit may be preset (for example, 4 minutes, 5 minutes, 6 minutes, 7 minutes, etc.), that is, the period to be queried may be the last period of time.
Step S402, inquiring the downloading flow of the candidate client to the network resource in a plurality of time slices from the database according to the period to be inquired.
In the embodiment of the present disclosure, the downloading traffic of each candidate client to the network resource in multiple time slices may be queried from a database (e.g., a Doris database) according to the period to be queried, where each candidate client is located in the period to be queried at the time when the downloading traffic of the multiple time slices to the network resource is written into the database, or the multiple time slices corresponding to each candidate client are located in the period to be queried.
Step S403, determining a target client from the candidate clients according to the downloading flow of the candidate clients in a plurality of time slices; wherein the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice.
Step S404, based on at least one traffic discrimination strategy and the downloading traffic of the target client in a plurality of time slices, determining whether the target client is a client needing to limit the downloading speed.
In step S405, in response to the target client being a client that needs to limit the download speed, the download speed of the target client to the network resource is limited.
The explanation of steps S403 to S405 may be referred to the relevant description in any embodiment of the present disclosure, and will not be repeated here.
According to the downloading speed limiting method, downloading flow of each candidate client in a plurality of time slices can be obtained from the database according to the query conditions, and therefore effectiveness of data obtaining is improved.
In any one embodiment of the disclosure, log data of a plurality of clients can be collected in real time, and the log data of the clients are cleaned and aggregated in real time and then stored in a database (such as Doris data) so as to realize real-time cleaning of big data, and a second level falls into the database, so that efficient speed limiting processing is realized for each malicious user. The above process will be described in detail with reference to fig. 5.
Fig. 5 is a flow chart of a download speed limiting method according to a fifth embodiment of the present disclosure.
As shown in fig. 5, the download speed limiting method may include the steps of:
in step S501, log data of a plurality of clients are collected from a server.
In the embodiment of the disclosure, log data of a plurality of clients may be collected from a server.
Step S502, cleaning and aggregating log data of a plurality of clients to obtain downloading flow and original speed limit of at least one client in at least one time slice.
In the embodiment of the present disclosure, log data of a plurality of clients may be cleaned to filter log data of clients (such as clients registered by members or VIP members (very important person, important persons)) that do not need speed limitation, garbage data, log data of non-download types (such as video play, audio play, etc.), and so on.
In one possible implementation of the embodiments of the disclosure, the cleaning rules or cleaning modes are, for example:
firstly, the identity information of the plurality of clients can be extracted from the log data of the plurality of clients, wherein the identity information is used for uniquely identifying the user logging in the client, then, whether the first client exists in the plurality of clients or not can be determined according to the identity information of the plurality of clients, and if the first client exists in the plurality of clients, the log data of the first client can be filtered (or deleted) from the log data of the plurality of clients.
The first client is a client (such as a client logged in by a member or VIP member) that does not need to limit the downloading speed.
In summary, since the member or VIP member does not need to limit the downloading speed, the log data of the user is filtered, so that the processing load can be reduced, the aggregation efficiency of the subsequent log data can be improved, and the accuracy of the client identification of the subsequent overspeed downloading can be improved.
As an example, the identification manner of the first client is, for example: the identification table can be queried according to the identity information of a plurality of clients, wherein the identification table comprises the identity information of at least one client without limiting the downloading speed. And judging whether the identity information of the plurality of clients is positioned in the identification table, if so, namely, the identity information of at least one client is positioned in the identification table, determining that a first client exists in the plurality of clients, taking each client with the identity information positioned in the identification table as the first client, and if not, namely, the identity information of the plurality of clients is not positioned in the identification table, determining that the first client does not exist in the plurality of clients.
Therefore, whether a first client without limiting the downloading speed exists in the plurality of clients is determined through a table look-up mode, the operation is simple, the implementation is easy, and the query efficiency or the determination efficiency is high.
In another possible implementation manner of the embodiment of the present disclosure, the cleaning rule or the cleaning manner is, for example: the operation types (such as downloading, video playing, audio playing and the like) of the plurality of clients can be extracted from the log data of the plurality of clients, whether the second client exists in the plurality of clients is judged according to the operation types of the plurality of clients, wherein the operation type of the second client is a non-downloading (such as video playing, audio playing and the like), and if the second client exists in the plurality of clients, the log data of the second client is filtered (or deleted) from the log data of the plurality of clients.
In summary, since the purpose of the present disclosure is to identify a client that downloads in overspeed, filtering log data of a non-download type may not only reduce the processing burden, but also improve the accuracy of malicious user identification.
In yet another possible implementation of the embodiments of the present disclosure, the cleaning rules or cleaning modes are, for example: for any one client, firstly, a download link can be extracted from log data of the client, wherein the download link is used for downloading network resources, then, an original speed limit of the network resources can be extracted from the download link, finally, the download link can be filtered from the log data of the client, and the original speed limit of the network resources is added into the filtered log data of the client.
Therefore, useless data in the log data can be cleaned, so that processing burden is reduced, and recognition efficiency is improved.
It should be noted that the above cleaning rules are only exemplary, but the disclosure is not limited thereto, and other cleaning rules may be set according to application requirements in actual application, and the embodiments of the disclosure are not limited thereto.
It should be noted that, the above is only exemplified by cleaning log data of a plurality of clients according to one cleaning rule, and in practical application, the log data of a plurality of clients may be cleaned by combining with a plurality of cleaning rules at the same time, which is not limited by the embodiment of the present disclosure.
In the embodiment of the disclosure, the log data of each client after cleaning may be aggregated to obtain the downloading flow and the original speed limit of each client in at least one time slicing.
As an example, log data of each client after cleaning may be aggregated according to at least one set dimension to obtain a download traffic and an original speed limit of the same client in at least one time slice.
Wherein, the setting dimension includes: at least one of the downloading time of the network resource, the identification information of the client, the identification information of the network resource, the original speed limit in the downloading link and the identification information of the equipment where the client is located.
Wherein the download traffic is determined based on the amount of data of the network resources that have been downloaded within the corresponding time slice. Taking network resources as a file for example, the download traffic may be the sum of the file sizes (sizes) already downloaded within the corresponding time slices.
For example, the log data belonging to the same client and the same original speed limit may be aggregated according to the same original speed limit, the identification information of the same client, the identification information of the device where the same client is located, and the identification information of the network resource, to obtain the data amount of the network resource downloaded by the same client at a plurality of download times under the same original speed limit, and then, according to the preset time slicing duration, the data amount of the network resource downloaded by the same client at a plurality of download times under the same original speed limit may be divided and accumulated to obtain the download flow of the same client at a plurality of time slices under the same original speed limit.
Therefore, the log data of each client after cleaning is aggregated according to at least one set dimension, so that the aggregated data can meet the actual application or service requirements.
Step S503, the downloading flow and the original speed limit of each client side in at least one time slice are written into a database.
Step S504, obtaining query conditions, wherein the query conditions comprise a period to be queried.
Step S505, according to the period to be queried, querying the downloading flow of the candidate client to the network resource in a plurality of time slices from the database.
The candidate client side writes the downloading flow of the network resource into the database at the time of a plurality of time slices in the period to be queried; or the plurality of time slices corresponding to the candidate clients are positioned in the period to be queried.
Step S506, determining a target client from the candidate clients according to the downloading flow of each candidate client in a plurality of time slices; wherein the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice.
Step S507, based on at least one traffic discrimination policy and the downloading traffic of the target client in a plurality of time slices, determining whether the target client is a client that needs to limit the downloading speed.
In step S508, in response to the target client being a client that needs to limit the download speed, the download speed of the target client to the network resource is limited.
The explanation of steps S504 to S508 may be referred to the related description in any embodiment of the disclosure, and will not be repeated here.
According to the downloading speed limiting method, log data of each client are stored in the database after being cleaned and aggregated, so that identification efficiency of malicious users and accuracy of identification results can be improved.
In any one embodiment of the present disclosure, efficient processing of massive log data can be achieved, and rapid attack and limitation on malicious overspeed means can be performed, so that rights and interests of enterprises and consumers to which internet products belong are prevented from being damaged, and waste of bandwidth resources is avoided.
As an example, the implementation principle of the download speed limiting method provided by the disclosure can be as shown in fig. 6 and 7, so that massive log data can be efficiently processed, malicious users can be rapidly identified and timely beaten, and timeliness and stability of big data processing are greatly improved. The method mainly comprises the following steps:
the first step is to collect log data of each client in a server (in this disclosure, referred to as a server), and store massive log data in a message queue in real time.
And secondly, consuming the data flow in the message queue in real time, formulating different cleaning rules of the log data, cleaning the log data in the data flow based on the cleaning rules, finally cleaning the log data into the log data with the same format, and then carrying out aggregation processing on the log data with the same format. The aggregate processed data falls into the database in full seconds.
And thirdly, pulling recent data from the database in real time, screening and obtaining suspicious data with the downloading speed exceeding the original speed limit (the downloading flow of the target client in a plurality of time slices in the disclosure), inputting the suspicious data into a classification model, and comprehensively judging through different strategies in the classification model, namely judging whether the user logging in the target client is a malicious user or not.
Fourth, if the user logged in the target client is a malicious user, storing log data of the target client, and limiting the downloading speed of the target client.
In summary, considering that a malicious user uses an abnormal means to perform overspeed downloading, in the present disclosure, real-time cleaning of massive log data can be achieved, a second level falls into a database, and the downloading speed of a client of overspeed downloading is rapidly identified and limited, so that the client of overspeed downloading is efficiently hit, and log data is cleaned in real time, so that compared with cleaning log data once every five minutes, consumption of computing resources can be reduced, and stability of data processing is improved. In addition, the operation cost of the Internet product can be greatly reduced, the rights and interests of consumer groups are protected, and the healthy development of the ecology of the Internet content is maintained.
Corresponding to the download speed limiting method provided by the embodiments of fig. 1 to 5, the present disclosure also provides a download speed limiting device, and since the download speed limiting device provided by the embodiments of the present disclosure corresponds to the download speed limiting method provided by the embodiments of fig. 1 to 5, the implementation of the download speed limiting method is also applicable to the download speed limiting device provided by the embodiments of the present disclosure, which is not described in detail in the embodiments of the present disclosure.
Fig. 8 is a schematic structural diagram of a download speed limiting device according to a sixth embodiment of the present disclosure.
As shown in fig. 8, the download speed limiting device 800 may include: a first acquisition module 810, a first determination module 820, a second determination module 830, and a restriction module 840.
The first obtaining module 810 is configured to obtain download traffic of the network resource by the at least one candidate client at a plurality of time slices.
A first determining module 820, configured to determine a target client from the candidate clients according to download traffic of the candidate clients at a plurality of time slices; wherein the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice.
A second determining module 830, configured to determine whether the target client is a client that needs to limit the downloading speed based on at least one traffic discrimination policy and the downloading traffic of the target client at a plurality of time slices.
And the limiting module 840 is configured to limit the downloading speed of the target client to the network resource in response to the target client being a client that needs to limit the downloading speed.
In one possible implementation of the embodiment of the disclosure, the second determining module 830 is configured to: acquiring original speed limits of the target client in a plurality of time slices, wherein the original speed limits are used for limiting the downloading speed of the target client in the corresponding time slices; determining the downloading speeds of the target client in the time slices according to the downloading flows of the target client in the time slices; and determining whether the target client is a client needing to limit the downloading speed according to at least one flow judging strategy and according to the downloading speeds of the time slices corresponding to the target client and the original speed limit.
In one possible implementation of the embodiment of the disclosure, the second determining module 830 is configured to: judging whether a first time slicing with a continuous first set number exists in a plurality of time slices corresponding to the target client; the downloading speed of the first time slicing is larger than a first set multiple of the original speed limit of the first time slicing; if a plurality of continuous first time slices with a first set number exist in the time slices corresponding to the target client, determining the target client as the client needing to limit the downloading speed; if the first time slices with the continuous first set number do not exist in the time slices corresponding to the target client, determining that the target client is not the client needing to limit the downloading speed.
In one possible implementation of the embodiment of the disclosure, the second determining module 830 is configured to: judging whether a second time slice with a second set number exists in a plurality of time slices corresponding to the target client; the time difference between the second time slices is smaller than the set duration, and the downloading speed of the second time slices is larger than a second set multiple of the original speed limit of the second time slices; if a second set number of second time slices exist in a plurality of time slices corresponding to the target client, determining the target client as the client needing to limit the downloading speed; if the second time slices corresponding to the target client do not exist in the second set number, determining that the target client is not a client needing to limit the downloading speed.
In one possible implementation of the embodiment of the disclosure, the second determining module 830 is configured to: classifying the downloading flow of the target client in a plurality of time slices by adopting a classification model to obtain classification labels; determining whether the target client is a client needing to limit the downloading speed according to the classification labels; the classification model is trained based on at least one flow discrimination strategy.
In one possible implementation of the embodiments of the present disclosure, the classification model is trained using the following modules:
and the second acquisition module is used for acquiring training samples, wherein the training samples comprise sample downloading flow and sample original speed limit of a sample client-side in a plurality of sample time slices.
The third acquisition module is used for acquiring the labeling classification labels of the training samples; the labeling classification label is determined based on at least one traffic discrimination policy, and is used for indicating whether the sample client is a client needing to limit the downloading speed.
And the classification module is used for classifying the training samples by adopting an initial classification model so as to obtain a prediction classification label.
The training module is used for training the classification model based on the difference between the labeling classification label and the prediction classification label.
In one possible implementation of the embodiment of the disclosure, the first obtaining module 810 is configured to: acquiring a query condition, wherein the query condition comprises a period to be queried; inquiring the downloading flow of the candidate client to the network resource in a plurality of time slices from a database according to the period to be inquired; the candidate client side writes the downloading flow of the network resource into the database at the time of a plurality of time slices in the period to be queried; or the plurality of time slices corresponding to the candidate clients are positioned in the period to be queried.
In one possible implementation of the embodiment of the present disclosure, the download speed limiting device 800 may further include:
and the acquisition module is used for acquiring log data of a plurality of clients from the server.
And the processing module is used for cleaning and aggregating log data of the clients to obtain the downloading flow and the original speed limit of at least one client in at least one time slice.
And the writing module is used for writing the downloading flow and the original speed limit of each client side in at least one time slice into the database.
In one possible implementation of the embodiments of the disclosure, a processing module is configured to: extracting identity information of a plurality of clients from log data of the plurality of clients; determining whether a first client exists in the plurality of clients according to the identity information of the plurality of clients, wherein the first client is a client without limiting the downloading speed; when a first client exists in the plurality of clients, log data of the first client is filtered.
In one possible implementation of the embodiments of the disclosure, a processing module is configured to: inquiring the identification table according to the identity information of the plurality of clients to determine whether the identity information of the plurality of clients is positioned in the identification table; the identification table comprises at least one piece of identity information of the client without limiting the downloading speed; when the identity information of at least one client is located in the identification table, determining that a first client exists in a plurality of clients, and taking each client with the identity information located in the identification table as the first client; and when the identity information of the plurality of clients is not located in the identification table, determining that the first client does not exist in the plurality of clients.
In one possible implementation of the embodiments of the disclosure, a processing module is configured to: extracting operation types of the plurality of clients on the network resources from log data of the plurality of clients; judging whether a second client exists in the plurality of clients according to the operation types of the plurality of clients, wherein the operation type of the second client is non-downloading; and filtering log data of the second client when the second client exists in the plurality of clients.
In one possible implementation of the embodiments of the disclosure, a processing module is configured to: for any client, extracting a download link from log data of any client; wherein the download link is used for downloading network resources; extracting an original speed limit of the network resource from the download link; and filtering the download link from the log data of any client, and adding the original speed limit of the network resource to the log data of any client after filtering.
In one possible implementation of the embodiments of the disclosure, a processing module is configured to: aggregating the log data of each client after cleaning according to at least one set dimension to obtain the downloading flow and the original speed limit of the same client in at least one time slicing; wherein, the setting dimension includes: at least one of the downloading time of the network resource, the identification information of the client, the identification information of the network resource, the original speed limit in the downloading link and the identification information of the equipment where the client is located; wherein the download traffic is determined based on the amount of data of the network resources that have been downloaded within the corresponding time slice.
The downloading speed limiting device of the embodiment of the disclosure determines a target client from the candidate clients according to downloading flows of the candidate clients in a plurality of time slices; wherein, the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice; and determining whether the target client is a client needing to limit the downloading speed or not based on at least one flow judging strategy and the downloading flow of the target client in a plurality of time slices, and if so, limiting the downloading speed of the target client to the network resource. In summary, considering that the instant downloading speed is higher when the client just starts to download the network resource, if the instant downloading speed of the client is higher, the user logged in the client is taken as a malicious user for maliciously cracking the internet product speed limit, and the situation of misjudgment of the malicious user exists, and the downloading experience of the user is seriously reduced, so in the present disclosure, the target client suspected of overspeed downloading can be screened out from each client based on the downloading flow of each client in a plurality of time slices, and only when the target client hits any preset flow judging strategy, the user logged in the target client is taken as the malicious user, thereby not only reducing the probability of misjudgment of the malicious user, but also preventing the rights and interests of enterprises and consumers to which the internet product belongs from being damaged, and avoiding the waste of bandwidth resources.
To achieve the above embodiments, the present disclosure also provides an electronic device that may include at least one processor; and a memory communicatively coupled to the at least one processor; the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the download speed limiting method according to any one of the above embodiments of the present disclosure.
To implement the above embodiments, the present disclosure also provides a non-transitory computer-readable storage medium storing computer instructions for causing a computer to execute the download speed limiting method proposed by any one of the above embodiments of the present disclosure.
To achieve the above embodiments, the present disclosure also provides a computer program product comprising a computer program which, when executed by a processor, implements the download speed limiting method proposed by any of the above embodiments of the present disclosure.
According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.
FIG. 9 illustrates a schematic block diagram of an example electronic device that may be used to implement embodiments of the present disclosure.
The electronic device may include the server and the client in the above embodiments. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 9, the electronic device 900 includes a computing unit 901 that can execute various appropriate actions and processes according to a computer program stored in a ROM (Read-Only Memory) 902 or a computer program loaded from a storage unit 908 into a RAM (Random Access Memory ) 903. In the RAM 903, various programs and data required for the operation of the electronic device 900 can also be stored. The computing unit 901, the ROM 902, and the RAM 903 are connected to each other by a bus 904. An I/O (Input/Output) interface 905 is also connected to bus 904.
A number of components in the electronic device 900 are connected to the I/O interface 905, including: an input unit 906 such as a keyboard, a mouse, or the like; an output unit 907 such as various types of displays, speakers, and the like; a storage unit 908 such as a magnetic disk, an optical disk, or the like; and a communication unit 909 such as a network card, modem, wireless communication transceiver, or the like. The communication unit 909 allows the electronic device 900 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunications networks.
The computing unit 901 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 901 include, but are not limited to, a CPU (Central Processing Unit ), GPU (Graphic Processing Units, graphics processing unit), various dedicated AI (Artificial Intelligence ) computing chips, various computing units running machine learning model algorithms, DSP (Digital Signal Processor ), and any suitable processor, controller, microcontroller, etc. The computing unit 901 performs the respective methods and processes described above, such as the download speed limit method described above. For example, in some embodiments, the above-described download speed limiting method may be implemented as a computer software program, tangibly embodied on a machine-readable medium, such as the storage unit 908. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 900 via the ROM 902 and/or the communication unit 909. When the computer program is loaded into RAM 903 and executed by the computing unit 901, one or more steps of the download speed limiting method described above may be performed. Alternatively, in other embodiments, the computing unit 901 may be configured to perform the above-described download speed limiting method in any other suitable manner (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit System, FPGA (Field Programmable Gate Array ), ASIC (Application-Specific Integrated Circuit, application-specific integrated circuit), ASSP (Application Specific Standard Product, special-purpose standard product), SOC (System On Chip ), CPLD (Complex Programmable Logic Device, complex programmable logic device), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, RAM, ROM, EPROM (Electrically Programmable Read-Only-Memory, erasable programmable read-Only Memory) or flash Memory, an optical fiber, a CD-ROM (Compact Disc Read-Only Memory), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., CRT (Cathode-Ray Tube) or LCD (Liquid Crystal Display ) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: LAN (Local Area Network ), WAN (Wide Area Network, wide area network), internet and blockchain networks.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service (Virtual Private Server, virtual special servers) are overcome. The server may also be a server of a distributed system or a server that incorporates a blockchain.
It should be noted that, artificial intelligence is a subject of studying a certain thought process and intelligent behavior (such as learning, reasoning, thinking, planning, etc.) of a computer to simulate a person, and has a technology at both hardware and software level. Artificial intelligence hardware technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing, and the like; the artificial intelligence software technology mainly comprises a computer vision technology, a voice recognition technology, a natural language processing technology, a machine learning/deep learning technology, a big data processing technology, a knowledge graph technology and the like.
According to the technical scheme of the embodiment of the disclosure, the target client is determined from the candidate clients according to the downloading flow of the candidate clients in a plurality of time slices; wherein, the downloading flow rate of the target client in at least one time slice is higher than the flow threshold of the corresponding time slice; and determining whether the target client is a client needing to limit the downloading speed or not based on at least one flow judging strategy and the downloading flow of the target client in a plurality of time slices, and if so, limiting the downloading speed of the target client to the network resource. In summary, considering that the instant downloading speed is higher when the client just starts to download the network resource, if the instant downloading speed of the client is higher, the user logged in the client is taken as a malicious user for maliciously cracking the internet product speed limit, and the situation of misjudgment of the malicious user exists, and the downloading experience of the user is seriously reduced, so in the present disclosure, the target client suspected of overspeed downloading can be screened out from each client based on the downloading flow of each client in a plurality of time slices, and only when the target client hits any preset flow judging strategy, the user logged in the target client is taken as the malicious user, thereby not only reducing the probability of misjudgment of the malicious user, but also preventing the rights and interests of enterprises and consumers to which the internet product belongs from being damaged, and avoiding the waste of bandwidth resources.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel, sequentially, or in a different order, provided that the desired results of the technical solutions presented in the present disclosure are achieved, and are not limited herein.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.

Claims (29)

1. A download speed limiting method comprising:
acquiring downloading flow of at least one candidate client to network resources in a plurality of time slices;
determining a target client from the candidate clients according to the downloading flow of the candidate clients in the plurality of time slices; wherein the downloading flow rate of the target client at least one time slice is higher than the flow threshold of the corresponding time slice;
Determining whether the target client is a client needing to limit the downloading speed based on at least one traffic discrimination strategy and the downloading traffic of the target client in the plurality of time slices;
and responding to the target client as the client needing to limit the downloading speed, and limiting the downloading speed of the target client to the network resource.
2. The method of claim 1, wherein the determining whether the target client is a client that needs to limit download speed based on at least one traffic discrimination policy and download traffic of the target client at the plurality of time slices comprises:
acquiring original speed limits of the target client in the time slices, wherein the original speed limits are used for limiting the downloading speed of the target client in the corresponding time slices;
determining the downloading speeds of the target client at the plurality of time slices according to the downloading flows of the target client at the plurality of time slices;
and determining whether the target client is a client needing to limit the downloading speed according to the at least one flow judging strategy and according to the downloading speeds of the time slices corresponding to the target client and the original speed limit.
3. The method of claim 2, wherein the determining whether the target client is a client that needs to limit the download speed according to the download speeds and the original speed limit of the plurality of time slices corresponding to the target client comprises:
judging whether a first time slicing with a continuous first set number exists in a plurality of time slices corresponding to the target client; the downloading speed of the first time slicing is larger than a first set multiple of the original speed limit of the first time slicing;
if a first time slicing with a continuous first set number exists in a plurality of time slicing corresponding to the target client, determining the target client as a client needing to limit the downloading speed;
and if the first time slices with the continuous first set number do not exist in the time slices corresponding to the target client, determining that the target client is not a client needing to limit the downloading speed.
4. The method of claim 2, wherein the determining whether the target client is a client that needs to limit the download speed according to the download speeds and the original speed limit of the plurality of time slices corresponding to the target client comprises:
Judging whether a second time slice with a second set number exists in a plurality of time slices corresponding to the target client; the time difference between the second time slices is smaller than a set duration, and the downloading speed of the second time slices is larger than a second set multiple of the original speed limit of the second time slices;
if a second set number of second time slices exist in a plurality of time slices corresponding to the target client, determining the target client as a client needing to limit the downloading speed;
and if the second time slices of the second set number do not exist in the time slices corresponding to the target client, determining that the target client is not a client needing to limit the downloading speed.
5. The method of claim 1, wherein the determining whether the target client is a client that needs to limit download speed based on at least one traffic discrimination policy and download traffic of the target client at the plurality of time slices comprises:
classifying the downloading flow of the target client in the time slices by adopting a classification model to obtain classification labels;
Determining whether the target client is a client needing to limit the downloading speed according to the classification labels;
the classification model is trained based on the at least one flow discrimination strategy.
6. The method of claim 5, wherein the classification model is trained by:
obtaining a training sample, wherein the training sample comprises sample downloading flow and sample original speed limit of a sample client in a plurality of sample time slices;
obtaining a labeling classification label of the training sample; the labeling classification label is determined based on the at least one flow discrimination strategy, and is used for indicating whether the sample client is a client needing to limit the downloading speed;
classifying the training samples by adopting an initial classification model to obtain a prediction classification label;
training the classification model based on the difference between the labeled classification tag and the predicted classification tag.
7. The method of any of claims 1-6, wherein the obtaining download traffic of network resources by at least one candidate client at a plurality of time slices comprises:
Acquiring a query condition, wherein the query condition comprises a period to be queried;
inquiring the downloading flow of the candidate client to the network resource in a plurality of time slices from a database according to the period to be inquired;
the candidate client side writes the downloading flow of the network resource into the database at a plurality of time slices, wherein the time of the candidate client side is positioned in the period to be queried; or the plurality of time slices corresponding to the candidate clients are positioned in the period to be queried.
8. The method of claim 7, wherein the acquiring at least one candidate client precedes downloading traffic of network resources by a plurality of time slices, the method further comprising:
collecting log data of a plurality of clients from a server;
cleaning and aggregating log data of the plurality of clients to obtain downloading flow and original speed limit of at least one client in at least one time slicing;
and writing the downloading flow and the original speed limit of each client side in at least one time slicing into the database.
9. The method of claim 8, wherein flushing log data of the plurality of clients comprises:
Extracting identity information of the plurality of clients from log data of the plurality of clients;
determining whether a first client exists in the plurality of clients according to the identity information of the plurality of clients, wherein the first client is a client without limiting the downloading speed;
and filtering log data of the first client when the first client exists in the plurality of clients.
10. The method of claim 9, wherein the determining whether the first client of the plurality of clients exists based on the identity information of the plurality of clients comprises:
inquiring an identification table according to the identity information of the plurality of clients to determine whether the identity information of the plurality of clients is positioned in the identification table; the identification table comprises at least one piece of identity information of the client without limiting the downloading speed;
when the identity information of at least one client is located in the identification table, determining that a first client exists in the plurality of clients, and taking each client with the identity information located in the identification table as the first client;
and when the identity information of the plurality of clients is not located in the identification table, determining that the first client does not exist in the plurality of clients.
11. The method of claim 8, wherein flushing log data of the plurality of clients comprises:
extracting operation types of the plurality of clients on network resources from log data of the plurality of clients;
judging whether a second client exists in the plurality of clients according to the operation types of the plurality of clients, wherein the operation type of the second client is non-downloading;
and filtering log data of the second client when the second client exists in the plurality of clients.
12. The method of claim 8, wherein flushing log data of the plurality of clients comprises:
for any client, extracting a download link from log data of any client; wherein the download link is used for downloading the network resource;
extracting an original speed limit of the network resource from the download link;
and filtering the download link from the log data of any client, and adding the original speed limit of the network resource to the filtered log data of any client.
13. The method of claim 8, wherein aggregating the log data of each client after cleaning to obtain the download traffic and the original speed limit of at least one client at least one time slice, comprises:
Aggregating the log data of each client after cleaning according to at least one set dimension to obtain the downloading flow and the original speed limit of the same client in at least one time slicing;
wherein the setting dimension includes: at least one of the downloading time of the network resource, the identification information of the client, the identification information of the network resource, the original speed limit in the downloading link and the identification information of the equipment where the client is located;
wherein the download traffic is determined based on the amount of data of the network resource that has been downloaded in the corresponding time slice.
14. A download speed limiting device, comprising:
a first obtaining module, configured to obtain downloading traffic of network resources by at least one candidate client in a plurality of time slices;
a first determining module, configured to determine a target client from each candidate client according to download traffic of each candidate client in the multiple time slices; wherein the downloading flow rate of the target client at least one time slice is higher than the flow threshold of the corresponding time slice;
the second determining module is used for determining whether the target client is a client needing to limit the downloading speed or not based on at least one traffic distinguishing strategy and the downloading traffic of the target client in the plurality of time slices;
And the limiting module is used for limiting the downloading speed of the target client to the network resource in response to the target client being the client needing to limit the downloading speed.
15. The apparatus of claim 14, wherein the second determining module is configured to:
acquiring original speed limits of the target client in the time slices, wherein the original speed limits are used for limiting the downloading speed of the target client in the corresponding time slices;
determining the downloading speeds of the target client at the plurality of time slices according to the downloading flows of the target client at the plurality of time slices;
and determining whether the target client is a client needing to limit the downloading speed according to the at least one flow judging strategy and according to the downloading speeds of the time slices corresponding to the target client and the original speed limit.
16. The apparatus of claim 15, wherein the second determining module is configured to:
judging whether a first time slicing with a continuous first set number exists in a plurality of time slices corresponding to the target client; the downloading speed of the first time slicing is larger than a first set multiple of the original speed limit of the first time slicing;
If a first time slicing with a continuous first set number exists in a plurality of time slicing corresponding to the target client, determining the target client as a client needing to limit the downloading speed;
and if the first time slices with the continuous first set number do not exist in the time slices corresponding to the target client, determining that the target client is not a client needing to limit the downloading speed.
17. The apparatus of claim 15, wherein the second determining module is configured to:
judging whether a second time slice with a second set number exists in a plurality of time slices corresponding to the target client; the time difference between the second time slices is smaller than a set duration, and the downloading speed of the second time slices is larger than a second set multiple of the original speed limit of the second time slices;
if a second set number of second time slices exist in a plurality of time slices corresponding to the target client, determining the target client as a client needing to limit the downloading speed;
and if the second time slices of the second set number do not exist in the time slices corresponding to the target client, determining that the target client is not a client needing to limit the downloading speed.
18. The apparatus of claim 14, wherein the second determining module is configured to:
classifying the downloading flow of the target client in the time slices by adopting a classification model to obtain classification labels;
determining whether the target client is a client needing to limit the downloading speed according to the classification labels;
the classification model is trained based on the at least one flow discrimination strategy.
19. The apparatus of claim 18, wherein the classification model is trained using the following modules:
the second acquisition module is used for acquiring training samples, wherein the training samples comprise sample downloading flow and sample original speed limit of a sample client-side in a plurality of sample time slices;
the third acquisition module is used for acquiring the labeling classification labels of the training samples; the labeling classification label is determined based on the at least one flow discrimination strategy, and is used for indicating whether the sample client is a client needing to limit the downloading speed;
the classification module is used for classifying the training samples by adopting an initial classification model so as to obtain a prediction classification label;
And the training module is used for training the classification model based on the difference between the labeling classification label and the prediction classification label.
20. The apparatus of any of claims 14-19, wherein the first acquisition module is to:
acquiring a query condition, wherein the query condition comprises a period to be queried;
inquiring the downloading flow of the candidate client to the network resource in a plurality of time slices from a database according to the period to be inquired;
the candidate client side writes the downloading flow of the network resource into the database at a plurality of time slices, wherein the time of the candidate client side is positioned in the period to be queried; or the plurality of time slices corresponding to the candidate clients are positioned in the period to be queried.
21. The apparatus of claim 20, wherein the apparatus further comprises:
the acquisition module is used for acquiring log data of a plurality of clients from the server;
the processing module is used for cleaning and aggregating log data of the plurality of clients to obtain downloading flow and original speed limit of at least one client in at least one time slice;
and the writing module is used for writing the downloading flow and the original speed limit of each client side in at least one time slice into the database.
22. The apparatus of claim 21, wherein the processing module is configured to:
extracting identity information of the plurality of clients from log data of the plurality of clients;
determining whether a first client exists in the plurality of clients according to the identity information of the plurality of clients, wherein the first client is a client without limiting the downloading speed;
and filtering log data of the first client when the first client exists in the plurality of clients.
23. The apparatus of claim 22, wherein the processing module is configured to:
inquiring an identification table according to the identity information of the plurality of clients to determine whether the identity information of the plurality of clients is positioned in the identification table; the identification table comprises at least one piece of identity information of the client without limiting the downloading speed;
when the identity information of at least one client is located in the identification table, determining that a first client exists in the plurality of clients, and taking each client with the identity information located in the identification table as the first client;
and when the identity information of the plurality of clients is not located in the identification table, determining that the first client does not exist in the plurality of clients.
24. The apparatus of claim 21, wherein the processing module is configured to:
extracting operation types of the plurality of clients on network resources from log data of the plurality of clients;
judging whether a second client exists in the plurality of clients according to the operation types of the plurality of clients, wherein the operation type of the second client is non-downloading;
and filtering log data of the second client when the second client exists in the plurality of clients.
25. The apparatus of claim 21, wherein the processing module is configured to:
for any client, extracting a download link from log data of any client; wherein the download link is used for downloading the network resource;
extracting an original speed limit of the network resource from the download link;
and filtering the download link from the log data of any client, and adding the original speed limit of the network resource to the filtered log data of any client.
26. The apparatus of claim 21, wherein the processing module is configured to:
aggregating the log data of each client after cleaning according to at least one set dimension to obtain the downloading flow and the original speed limit of the same client in at least one time slicing;
Wherein the setting dimension includes: at least one of the downloading time of the network resource, the identification information of the client, the identification information of the network resource, the original speed limit in the downloading link and the identification information of the equipment where the client is located;
wherein the download traffic is determined based on the amount of data of the network resource that has been downloaded in the corresponding time slice.
27. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the download speed limiting method according to any one of claims 1-13.
28. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the download speed limiting method according to any one of claims 1-13.
29. A computer program product comprising a computer program which, when executed by a processor, implements the steps of the download speed limiting method according to any one of claims 1-13.
CN202311058309.1A 2023-08-21 2023-08-21 Download speed limiting method, device, electronic equipment and storage medium Pending CN117135163A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311058309.1A CN117135163A (en) 2023-08-21 2023-08-21 Download speed limiting method, device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311058309.1A CN117135163A (en) 2023-08-21 2023-08-21 Download speed limiting method, device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN117135163A true CN117135163A (en) 2023-11-28

Family

ID=88862182

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311058309.1A Pending CN117135163A (en) 2023-08-21 2023-08-21 Download speed limiting method, device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117135163A (en)

Similar Documents

Publication Publication Date Title
CN104717124B (en) A kind of friend recommendation method, apparatus and server
CN106330533B (en) large-scale network alarm real-time topology establishing method
CN111124819B (en) Method and device for full link monitoring
US20220239683A1 (en) Security threat detection based on network flow analysis
US20220239675A1 (en) Security threat detection based on network flow analysis
CN114065864B (en) Federal learning method, federal learning device, electronic apparatus, and storage medium
CN111897700B (en) Application index monitoring method and device, electronic equipment and readable storage medium
CN113378899A (en) Abnormal account identification method, device, equipment and storage medium
CN112948223A (en) Method and device for monitoring operation condition
CN113282920B (en) Log abnormality detection method, device, computer equipment and storage medium
CN114490160A (en) Method, device, equipment and medium for automatically adjusting data tilt optimization factor
US11005797B2 (en) Method, system and server for removing alerts
CN116527399B (en) Malicious traffic classification method and device based on unreliable pseudo tag semi-supervised learning
CN110958137B (en) Traffic management method and device and electronic equipment
CN117201340A (en) Message feature recognition method, device, equipment and storage medium
CN113746790A (en) Abnormal flow management method, electronic device and storage medium
CN115037559B (en) Data safety monitoring system based on flow, electronic equipment and storage medium
CN117135163A (en) Download speed limiting method, device, electronic equipment and storage medium
CN115632874A (en) Method, device, equipment and storage medium for detecting threat of entity object
CN114697247B (en) Fault detection method, device, equipment and storage medium of streaming media system
CN113612777B (en) Training method, flow classification method, device, electronic equipment and storage medium
CN114661562A (en) Data warning method, device, equipment and medium
CN113642919A (en) Risk control method, electronic device, and storage medium
CN113179218B (en) Model training method, network congestion control method, device and related products
CN117768193A (en) Safety monitoring method, device, equipment and medium for industrial control network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination