CN117692202A - Method, system, electronic equipment and storage medium for grabbing authentication parameters - Google Patents

Method, system, electronic equipment and storage medium for grabbing authentication parameters Download PDF

Info

Publication number
CN117692202A
CN117692202A CN202311696257.0A CN202311696257A CN117692202A CN 117692202 A CN117692202 A CN 117692202A CN 202311696257 A CN202311696257 A CN 202311696257A CN 117692202 A CN117692202 A CN 117692202A
Authority
CN
China
Prior art keywords
data
authentication
message
information
relation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311696257.0A
Other languages
Chinese (zh)
Inventor
吴宏刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Ansheng Huaxin Technology Co ltd
Original Assignee
Beijing Ansheng Huaxin Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Ansheng Huaxin Technology Co ltd filed Critical Beijing Ansheng Huaxin Technology Co ltd
Priority to CN202311696257.0A priority Critical patent/CN117692202A/en
Publication of CN117692202A publication Critical patent/CN117692202A/en
Pending legal-status Critical Current

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Collating Specific Patterns (AREA)

Abstract

The present application relates to the technical field of data communications, and in particular, to a method, a system, an electronic device, and a storage medium for capturing authentication parameters, where the method includes: and carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.

Description

Method, system, electronic equipment and storage medium for grabbing authentication parameters
Technical Field
The present disclosure relates to the field of data communications, and in particular, to a method, a system, an electronic device, and a storage medium for capturing authentication parameters.
Background
With the popularization of computer applications, every day we face the application sea level APIs, and meanwhile call and jump each other among sea level APIs, and even call and jump among different applications, so that a complicated relation context is formed. In order to divide the use of the API by a user or application, the access rights to the data are determined, thus generating authentication parameters. Under the condition that API calling, data circulation process and processing are more and more complex, positioning authentication parameters plays a vital role in data protection.
The existing method for locating the authentication parameters is dependent on the authentication keywords, however, for the method for locating the authentication parameters by the authentication keywords, because interface definitions are not uniform in various applications, standard keywords are not used for parameter names in many cases, so that message keywords are difficult to match and cover all conditions, and the accuracy of locating the authentication parameters is low.
Therefore, how to provide a high-accuracy capturing method for the authentication parameters is a technical problem to be solved by those skilled in the art.
Disclosure of Invention
The present application provides a method, a system, an electronic device and a storage medium for capturing authentication parameters, which are used for solving at least one technical problem.
The above object of the present application is achieved by the following technical solutions:
in a first aspect, the present application provides a method for capturing authentication parameters, which adopts the following technical scheme:
a method of grasping authentication parameters, comprising:
obtaining message data, carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table;
grabbing target data from the flow table, and inputting the target data into an authentication model for relationship analysis to obtain authentication relationship data;
and carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table.
By adopting the technical scheme, the message structuring processing is carried out based on the message data, the message structuring information is obtained, and the message structuring information is stored in the flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
The present application may be further configured in a preferred example to: the step of carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and then further comprises the following steps:
and inquiring user information based on the key data items and the flow table, and determining user information corresponding to the message data, wherein the user information is used for enriching information included in the authentication parameters.
The present application may be further configured in a preferred example to: inputting the target data into an authentication model for relationship analysis to obtain authentication relationship data, wherein the method comprises the following steps:
and converting the key value pair based on the target data to obtain message key value pair information, wherein the message key value pair information comprises:
two request key value pair information and two response key value pair information;
inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the authentication relation data comprises: authentication parameter location and authentication parameter value.
The present application may be further configured in a preferred example to: inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the method comprises the following steps:
Performing value matching on the information of each request key value pair and the information of each response key value pair to determine a matching success sequence, wherein the matching success sequence comprises at least one piece of matching success data;
for any piece of successful data, acquiring a default weight rule, and carrying out weighting processing on the key value of the information based on the default weight rule and a request key value corresponding to the successful data to obtain a weight value corresponding to the successful data;
and selecting the successful matching data with the highest weight value to obtain the authentication relation data.
The present application may be further configured in a preferred example to: the matching success data with the highest weight value is selected to obtain authentication relation data, which comprises the following steps:
acquiring weight adjustment information, and adjusting the weight value corresponding to each piece of successful data by using the weight adjustment information to obtain an adjustment weight value corresponding to each piece of successful data;
and selecting the matching success data with the highest adjustment weight value to obtain authentication relation data.
The present application may be further configured in a preferred example to: before capturing the target data from the flow table, the method further comprises:
acquiring a timing grabbing interval, and carrying out data grabbing judgment based on the timing grabbing interval;
Correspondingly, the capturing the target data from the flow table comprises the following steps:
when it is determined to perform data grabbing, grabbing target data from the flow table.
In a second aspect, the present application provides a system for capturing authentication parameters, which adopts the following technical scheme:
a system for grasping authentication parameters, comprising:
the structuring processing module is used for obtaining message data, carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table;
the relation analysis module is used for capturing target data from the flow table, inputting the target data into the authentication model for relation analysis, and obtaining authentication relation data;
and the authentication parameter determining module is used for carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table.
By adopting the technical scheme, the message structuring processing is carried out based on the message data, the message structuring information is obtained, and the message structuring information is stored in the flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
The present application may be further configured in a preferred example to: the system for grasping authentication parameters further comprises:
and the user information query module is used for querying the user information based on the key data items and the flow table and determining the user information corresponding to the message data, wherein the user information is used for enriching the information included in the authentication parameters.
The present application may be further configured in a preferred example to: the relation analysis module is used for inputting the target data into the authentication model to perform relation analysis when the relation analysis module executes the relation analysis to obtain the authentication relation data:
and converting the key value pair based on the target data to obtain message key value pair information, wherein the message key value pair information comprises:
two request key value pair information and two response key value pair information;
inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the authentication relation data comprises: authentication parameter location and authentication parameter value.
The present application may be further configured in a preferred example to: the relation analysis module is used for inputting the message key value pair information into the authentication model for value matching to obtain authentication relation data, and the authentication relation data are used for:
Performing value matching on the information of each request key value pair and the information of each response key value pair to determine a matching success sequence, wherein the matching success sequence comprises at least one piece of matching success data;
for any piece of successful data, acquiring a default weight rule, and carrying out weighting processing on the key value of the information based on the default weight rule and a request key value corresponding to the successful data to obtain a weight value corresponding to the successful data;
and selecting the successful matching data with the highest weight value to obtain the authentication relation data.
The present application may be further configured in a preferred example to: the relation analysis module is used for obtaining authentication relation data when executing the matching success data with the highest selected weight value:
acquiring weight adjustment information, and adjusting the weight value corresponding to each piece of successful data by using the weight adjustment information to obtain an adjustment weight value corresponding to each piece of successful data;
and selecting the matching success data with the highest adjustment weight value to obtain authentication relation data.
The present application may be further configured in a preferred example to: the system for grasping authentication parameters further comprises:
the timing module is used for acquiring a timing grabbing interval and carrying out data grabbing judgment based on the timing grabbing interval;
Correspondingly, the relation analysis module is used for capturing the target data from the flow table when executing the steps of:
when it is determined to perform data grabbing, grabbing target data from the flow table.
In a third aspect, the present application provides an electronic device, which adopts the following technical scheme:
at least one processor;
a memory;
at least one application program, wherein the at least one application program is stored in the memory and configured to be executed by the at least one processor, the at least one application program configured to: and executing the method for grabbing the authentication parameters.
In a fourth aspect, the present application provides a computer readable storage medium, which adopts the following technical scheme:
a computer readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of grasping authentication parameters described above.
In summary, the present application includes at least one of the following beneficial technical effects:
1. and carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
2. User information inquiry is carried out based on the key data items and the flow table, user information corresponding to the message data is determined, and in the process of capturing the authentication parameters, the user information corresponding to the message data is acquired, so that the data track and the behavior mode of the user can be traced quickly, and the user can be captured accurately.
Drawings
FIG. 1 is a flow chart of a method of grasping authentication parameters according to one embodiment of the present application;
FIG. 2 is a schematic diagram of user information query using a flow table and an authentication relationship table according to one embodiment of the present application;
FIG. 3 is a schematic diagram of performing key-value pair transformation on target data according to one embodiment of the present application;
FIG. 4 is a schematic diagram of an authentication model generating an authentication relationship according to one embodiment of the present application;
FIG. 5 is a schematic diagram of determining authentication relationship data using default weight rules according to one embodiment of the present application;
FIG. 6 is a schematic diagram of a system for grasping authentication parameters according to one embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The present application is described in further detail below in conjunction with fig. 1-7.
The present embodiment is merely illustrative of the present application and is not intended to be limiting, and those skilled in the art, after having read the present specification, may make modifications to the present embodiment without creative contribution as required, but is protected by patent laws within the scope of the present application.
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
In addition, the term "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In this context, unless otherwise specified, the term "/" generally indicates that the associated object is an "or" relationship.
Embodiments of the present application are described in further detail below with reference to the drawings attached hereto.
In various API detection applications, detection and extraction of authentication parameters mainly depend on message keyword matching, and the method relies on preset authentication parameter keywords (such as 'access_token', 'app_id', and the like), and the position of the authentication parameters is determined through keyword matching in message content. However, because the interface definitions of various applications are not uniform, in many cases, the parameter names do not use standard keywords, so that the message keyword matching is difficult to cover all conditions, and the accuracy of positioning the authentication parameters is low. Of course, there are also methods of capturing authentication parameters using regular expressions, i.e. using some predefined rules to match parameters in an API request, and determining whether the pattern of authentication parameters is met by performing regular expression matching on the parameters in the API request. However, regular expression writing and debugging is relatively complex, requiring different matching rules to be designed for different APIs and authentication parameters, resulting in difficult maintenance and adjustment.
In order to solve the above technical problems in the related art, in the embodiments of the present application, a method for capturing authentication parameters is provided, first, a message structuring process is performed based on message data to obtain message structuring information, and the message structuring information is stored in a flow table, where the flow table stores message structuring information corresponding to each of a plurality of messages. Then, capturing target data from a flow table, inputting the target data into an authentication model for relationship analysis to obtain authentication relationship data, wherein the authentication model determines a weight value corresponding to each successfully matched data in the process of relationship analysis, and takes the successfully matched data with the highest weight value as the authentication relationship data. The authentication relation data determined by relation analysis is carried out through the authentication model, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting. Finally, the data item of the authentication relation data is disassembled, and the key data item is stored in the authentication relation table to finish the grabbing operation of the API authentication parameters.
The embodiment of the application provides a method for capturing authentication parameters, which is executed by electronic equipment, wherein the electronic equipment can be a server or terminal equipment, and the server can be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server for providing cloud computing service. The terminal device may be a smart phone, a tablet computer, a notebook computer, a desktop computer, or the like, but is not limited thereto, and the terminal device and the server may be directly or indirectly connected through a wired or wireless communication manner, which is not limited herein, and as shown in fig. 1, the method includes step S101, step S102, and step S103, where:
Step S101: and obtaining the message data, carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table.
For the embodiments of the present application, message data is one of the main mechanisms for transmitting data in an application program, where the message data is used to transfer requests and responses, and the HTTP protocol is an application layer protocol for transmitting hypertext and other contents, where the message data is generally transmitted based on the HTTP protocol in Web communications, especially API communications, that is, data transmission is performed using HTTP messages. For a database for storing data, according to different data storage schemes and calculation engines, a database type matched with actual conditions can be selected, and preferably, a column-type database is selected for data storage, wherein the compression efficiency of the column-type database for data and the reading efficiency of column-level data are relatively high, and the method is more suitable for data analysis under a large data situation. Then, based on the message data, the message structuring process is performed to obtain message structuring information, the request body (request body) corresponding to the request in the HTTP message is referred to the HTTP protocol, the request head (request head) corresponding to the request is requested, the cookie request body is responded to the corresponding request body (response request body), the structuring is performed in response to the corresponding request head (response head), and meanwhile, the cookie request body structuring is inserted into the request head corresponding to the request. And then, storing the message structuring information corresponding to the message data into a flow table, wherein the presentation form of the flow table is shown in a table 1.
TABLE 1
Step S102: grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data.
For the embodiment of the application, the target data is grabbed from the flow table, and the target data is req_body, req_head, res_body, res_head data in the flow table, that is, request corresponding request body parameter, request corresponding request header parameter, response corresponding request body parameter, response corresponding request header parameter. Then, inputting the target data into an authentication model for relationship analysis to obtain authentication relationship data, and in the process of relationship analysis of the authentication model, weighting the successfully matched data by using a default weight rule, and selecting the successfully matched data with the highest weight value to determine the successfully matched data as the authentication relationship data, wherein the authentication relationship data comprises the following components: authentication parameter location and authentication parameter value.
Step S103: and carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table.
For the embodiment of the application, the data item of the authentication relation data is disassembled to obtain the key data item corresponding to the authentication parameter, wherein the key data item includes but is not limited to: the request direction ID, the request direction URL path, the request direction domain name, the authentication parameter location in the request direction, the response direction ID, the response direction URL path, the response direction domain name, the authentication parameter location in the response direction, the authentication parameter value, and the key data item is stored in the authentication relationship table, and the presentation form of the authentication relationship table is shown in table 2. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
TABLE 2
It can be seen that, in the embodiment of the present application, the message structuring process is performed based on the message data, so as to obtain the message structuring information, and the message structuring information is stored in the flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
Further, in order to trace the data track and act manner of the user rapidly, so as to be able to grasp the user accurately, in the embodiment of the present application, the method further includes, after disassembling the data item of the authentication relationship data to obtain the key data item corresponding to the authentication parameter:
and inquiring user information based on the key data items and the flow table, and determining user information corresponding to the message data, wherein the user information is used for enriching information included in the authentication parameters.
For the embodiment of the application, the request direction ID and the response direction ID are recorded in the key data item, and then, based on the request direction ID and the response direction ID in the key data item, the user information is queried in combination with the flow table, and the user information corresponding to the message data is determined, wherein the user information includes but is not limited to: user name, resource descriptor, interface access frequency, etc., and user information is used to enrich the information included in the authentication parameters. In the process of capturing authentication parameters, user information corresponding to message data is obtained, so that a user data track and a behavior mode of the user can be traced quickly, and the user can be captured accurately. The process for user information query is shown in fig. 2, in which more detailed authentication parameter information, i.e., user name, resource descriptor and interface access frequency, is queried using related sql statements based on a flow table and an authentication relation table.
It can be seen that, in the embodiment of the application, user information query is performed based on the key data item and the flow table, user information corresponding to the message data is determined, and in the process of capturing the authentication parameters, the user information corresponding to the message data is acquired, so that the data track and the behavior mode of the user can be traced quickly, and the user can be captured accurately.
Further, in order to improve the processing efficiency and accuracy of capturing the authentication relationship data, in the embodiment of the present application, the target data is input to the authentication model for relationship analysis, so as to obtain the authentication relationship data, including:
and converting the key value pair based on the target data to obtain message key value pair information, wherein the message key value pair information comprises: two request key value pair information and two response key value pair information;
inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the authentication relation data comprises: authentication parameter location and authentication parameter value.
For the embodiment of the application, in the process of carrying out relation analysis on the target data, the target data is converted into the key value pair by utilizing the function, so that message key value pair information is obtained, and the data can be conveniently stored and queried in the form of the key value pair, so that the subsequent data processing and analysis are more efficient and flexible. The process of converting the key value pair is shown in fig. 3, in which fig. 3 shows that the request body parameter corresponding to the request in the target data is converted into the form of the key value pair, and the left part in fig. 3 is: the representation of the corresponding requestor parameter of the request before the conversion of the key value pair is shown in the right part of fig. 3: requesting the representation of the corresponding requester parameters after the key value pair is converted. After the key value pair conversion is carried out on the target data corresponding to one message data, two pieces of request key value pair information and two pieces of response key value pair information are obtained.
And then, inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the authentication model records the request key value pair information and the response key value pair information with the same value as matching success data, performs weighting processing on the matching success data by using a default weight rule, and finally selects the matching success data with the highest weight value as the authentication relation data. The problem can be rapidly located through the authentication parameter position and the authentication parameter value in the authentication relation data, and when the API request fails or is abnormal, the abnormal authentication parameter and a specific error value can be rapidly determined according to the authentication relation data, so that the problem is rapidly checked and solved. The process of generating the authentication relation by the authentication model is shown in fig. 4, in which req_body_key in fig. 4 represents a key in the request key value pair information, and req_body_val represents a value in the request key value pair information; res_body_key represents a key in the response key value pair information, res_body_val represents a value in the response key value pair information; the model is an authentication model.
It can be seen that, in the embodiment of the present application, key value pair conversion is performed based on the target data to obtain message key value pair information, and then the message key value pair information is input to the authentication model to perform value matching, so as to obtain authentication relationship data. The authentication key data is automatically captured by the authentication model, and the risk of manual intervention and operation errors can be reduced by automatic processing, so that the processing efficiency and accuracy are improved.
Further, in order to improve accuracy of capturing authentication parameters, in the embodiment of the present application, the value matching is performed by inputting the message key value pair information to the authentication model, so as to obtain authentication relationship data, including:
performing value matching on the information based on each request key value pair and each response key value pair, and determining a matching success sequence, wherein the matching success sequence comprises at least one piece of matching success data;
for any piece of successful data, acquiring a default weight rule, and carrying out weighting processing on the key value of the information based on the default weight rule and the request key value corresponding to the successful data to obtain a weight value corresponding to the successful data;
and selecting the successful matching data with the highest weight value to obtain the authentication relation data.
For the embodiment of the application, value matching is performed on the information based on each request key value pair and each response key value pair, and a matching success sequence is determined, wherein the matching success sequence comprises at least one piece of matching success data. The matching success data for any piece is: the corresponding relation between the request key value pair information and the response key value pair information with the same value is determined. And discarding the corresponding relation without carrying out the operation of subsequent weighting processing under the condition that the matching of the request key value pair information and the response key value pair information fails. And then, for any piece of successful matching data, weighting the key value of the information by using a default weight rule and the request key value corresponding to the successful matching data to obtain the weight value corresponding to the successful matching data. The weighting process according to the default weighting rule comprises the following steps: and performing unified character processing (namely unified lowercase processing) on the key value of the information aiming at the request key value, performing keyword matching according to the key value after character processing, performing weight assignment on the key words in the key value aiming at the weight of each keyword in a default weight rule, performing weighting processing on the key words based on the weights of all the key words corresponding to the key value, and determining the final weight value of successfully matched data. Different weights are set for different keywords in a default weight rule, for example, a keyword has a weight of 2000; keyword authorization, weight is 2000; a keyword auth with a weight of 1800; keyword session, weight 1600; the keyword jwt is 400 in weight; a keyword uid with a weight of 200; keyword user, weight is 200; keyword time, weight is 0.1. And finally, selecting the successful matching data with the highest weight value, and determining the successful matching data as authentication relation data. The process of determining authentication relation data for the authentication model is shown in fig. 5, in which the val value matching is used for judging whether the val values of req_body_val and res_body_val are successfully matched in fig. 5, and when the matching is successful, the subsequent operation is performed; and discarding the corresponding relation of successful valvalue matching when the matching fails.
It can be seen that, in this embodiment of the present application, value matching is performed on the information based on each request key value pair and each response key value pair, a matching success sequence is determined, and then, for any piece of matching success data, weighting processing is performed on the key value of the information based on a default weight rule and the request key value corresponding to the matching success data, so as to obtain a weight value corresponding to the matching success data. And finally, selecting the successful matching data with the highest weight value to obtain the authentication relation data. When the authentication model performs value matching, a weight value corresponding to each successfully matched data is determined by using a default weight rule, so that the accuracy of capturing the authentication parameters is improved.
Further, in order to improve accuracy of the authentication relationship data and the authentication parameters, remove influence of the interference data item, continuously optimize the authentication model, in the embodiment of the present application, select matching success data with the highest weight value, and obtain the authentication relationship data, including:
acquiring weight adjustment information, and adjusting the weight value corresponding to each piece of successful data by using the weight adjustment information to obtain an adjustment weight value corresponding to each piece of successful data;
and selecting the matching success data with the highest adjustment weight value to obtain authentication relation data.
For the embodiment of the application, the weight value corresponding to each matching success data automatically calculated by using the authentication model may be affected by the interference data item, so that the authentication relation data automatically determined by the authentication model is inaccurate. In order to improve the accuracy of the authentication relation data and the authentication parameters, eliminating the influence of interference data items, continuously optimizing an authentication model, in the embodiment of the application, the weight value corresponding to each piece of successfully-matched data is adjusted by utilizing weight adjustment information, and then the authentication relation data is determined based on the adjusted weight value of each piece of successfully-matched data. The method for determining the weight adjustment information is various, and the embodiment of the application is not limited any more, and in one implementation manner, the weight adjustment information is determined by means of manual verification, complement, feedback verification and the like.
It can be seen that, in this embodiment of the present application, in order to improve accuracy of authentication relationship data and authentication parameters, remove influence of interference data items, continuously optimize an authentication model, adjust a weight value corresponding to each matching success data by using weight adjustment information, obtain an adjustment weight value corresponding to each matching success data, and then select matching success data with the highest adjustment weight value, so as to obtain authentication relationship data.
Further, in order to improve the efficiency of data capturing and reduce the data calculation amount, in this embodiment of the present application, before capturing the target data from the flow table, the method further includes:
acquiring a timing grabbing interval, and carrying out data grabbing judgment based on the timing grabbing interval;
correspondingly, grabbing the target data from the flow table comprises the following steps:
when it is determined to perform data grabbing, then target data is grabbed from the flow table.
For the embodiment of the application, a timing task is preset in the electronic device, and the timing task is used for controlling the electronic device to capture target data from the flow meter at intervals of preset timing capture. Therefore, the interval duration calculation is carried out based on the last time of grabbing the target data and the current time, the size comparison is carried out based on the interval duration and the timing grabbing interval, and when the interval duration is smaller than the timing grabbing interval, the operation of grabbing the target data is not carried out, and the monitoring period is continued; and when the interval duration is not smaller than the regular grabbing interval, determining to grab target data from the flow table when the data grabbing is executed. In the process of grabbing target data, a mode of full-table scanning grabbing data is abandoned, a timing task is set to grab the target data from the flow table in batches, the efficiency of data grabbing is improved, and meanwhile, the data calculation amount is reduced.
Therefore, in the embodiment of the application, in the process of capturing the target data, a mode of scanning the whole table to capture the data is abandoned, and the timing task is set to capture the target data from the flow table in batches, so that the data capturing efficiency is improved, and meanwhile, the data calculation amount is reduced.
The above embodiment describes a method for capturing authentication parameters from the viewpoint of a method flow, and the following embodiment describes a system for capturing authentication parameters from the viewpoint of a virtual module or a virtual unit, which is described in detail in the following embodiment.
The embodiment of the application provides a system for capturing authentication parameters, as shown in fig. 6, the system for capturing authentication parameters may specifically include:
the structuring processing module 210 is configured to obtain message data, perform message structuring processing based on the message data, obtain message structuring information, and store the message structuring information into the flow table;
the relationship analysis module 220 is configured to capture target data from the flow table, and input the target data to the authentication model for relationship analysis, so as to obtain authentication relationship data;
the authentication parameter determining module 230 is configured to disassemble the data item of the authentication relationship data to obtain a key data item corresponding to the authentication parameter, and store the key data item in the authentication relationship table.
For the embodiment of the application, the message structuring processing is performed based on the message data to obtain the message structuring information, and the message structuring information is stored in the flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
In one possible implementation manner of the embodiment of the present application, a system for capturing authentication parameters further includes:
and the user information query module is used for carrying out user information query based on the key data items and the flow table and determining user information corresponding to the message data, wherein the user information is used for enriching information included in the authentication parameters.
In one possible implementation manner of the embodiment of the present application, when performing the relationship analysis by inputting the target data into the authentication model, the relationship analysis module 220 is configured to:
And converting the key value pair based on the target data to obtain message key value pair information, wherein the message key value pair information comprises: two request key value pair information and two response key value pair information;
inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the authentication relation data comprises: authentication parameter location and authentication parameter value.
In one possible implementation manner of the embodiment of the present application, the relationship analysis module 220 performs value matching on the input of the message key value pair information to the authentication model, so as to obtain authentication relationship data, where the authentication relationship data is used for:
performing value matching on the information based on each request key value pair and each response key value pair, and determining a matching success sequence, wherein the matching success sequence comprises at least one piece of matching success data;
for any piece of successful data, acquiring a default weight rule, and carrying out weighting processing on the key value of the information based on the default weight rule and the request key value corresponding to the successful data to obtain a weight value corresponding to the successful data;
and selecting the successful matching data with the highest weight value to obtain the authentication relation data.
In one possible implementation manner of the embodiment of the present application, when the relationship analysis module 220 performs the matching success data with the highest selected weight value, the relationship analysis module is configured to:
Acquiring weight adjustment information, and adjusting the weight value corresponding to each piece of successful data by using the weight adjustment information to obtain an adjustment weight value corresponding to each piece of successful data;
and selecting the matching success data with the highest adjustment weight value to obtain authentication relation data.
In one possible implementation manner of the embodiment of the present application, a system for capturing authentication parameters further includes:
the timing module is used for acquiring a timing grabbing interval and carrying out data grabbing judgment based on the timing grabbing interval;
accordingly, the relationship analysis module 220, when executing grabbing the target data from the flow table, is configured to:
when it is determined to perform data grabbing, then target data is grabbed from the flow table.
It will be clear to those skilled in the art that, for convenience and brevity of description, a specific working process of the above-described system for capturing authentication parameters may refer to a corresponding process in the foregoing method embodiment, which is not described herein again.
In an embodiment of the present application, as shown in fig. 7, an electronic device 300 shown in fig. 7 includes: a processor 301 and a memory 303. Wherein the processor 301 is coupled to the memory 303, such as via a bus 302. Optionally, the electronic device 300 may also include a transceiver 304. It should be noted that, in practical applications, the transceiver 304 is not limited to one, and the structure of the electronic device 300 is not limited to the embodiment of the present application.
The processor 301 may be a CPU (Central Processing Unit ), general purpose processor, DSP (Digital Signal Processor, data signal processor), ASIC (Application Specific Integrated Circuit ), FPGA (Field Programmable Gate Array, field programmable gate array) or other programmable logic device, transistor logic device, hardware components, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules, and circuits described in connection with this disclosure. Processor 301 may also be a combination that implements computing functionality, e.g., comprising one or more microprocessor combinations, a combination of a DSP and a microprocessor, etc.
Bus 302 may include a path to transfer information between the components. Bus 302 may be a PCI (Peripheral Component Interconnect, peripheral component interconnect Standard) bus or an EISA (Extended Industry Standard Architecture ) bus, or the like. Bus 302 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 7, but not only one bus or type of bus.
The Memory 303 may be, but is not limited to, a ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, a RAM (Random Access Memory ) or other type of dynamic storage device that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory ), a CD-ROM (Compact Disc Read Only Memory, compact disc Read Only Memory) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
The memory 303 is used for storing application program codes for executing the present application and is controlled to be executed by the processor 301. The processor 301 is configured to execute the application code stored in the memory 303 to implement what is shown in the foregoing method embodiments.
Among them, electronic devices include, but are not limited to: mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), in-vehicle terminals (e.g., in-vehicle navigation terminals), and the like, and stationary terminals such as digital TVs, desktop computers, and the like. But may also be a server or the like. The electronic device shown in fig. 7 is only an example and should not impose any limitation on the functionality and scope of use of the embodiments of the present application.
The present application provides a computer readable storage medium having a computer program stored thereon, which when run on a computer, causes the computer to perform the corresponding method embodiments described above. Compared with the related art, the embodiment of the application performs message structuring processing based on the message data to obtain the message structuring information, and stores the message structuring information into the flow table. Then, grabbing target data from the flow table, and inputting the target data into the authentication model for relationship analysis to obtain authentication relationship data. And finally, carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table. The relation analysis is carried out through the authentication model to determine the authentication relation data and the authentication parameters, so that the accuracy of capturing the authentication parameters is greatly improved, and the capturing of the authentication parameters tends to be accurate under the function of default weight weighting.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
The foregoing is only a partial embodiment of the present application and it should be noted that, for a person skilled in the art, several improvements and modifications can be made without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims (9)

1. A method of grasping authentication parameters, comprising:
obtaining message data, carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table;
grabbing target data from the flow table, and inputting the target data into an authentication model for relationship analysis to obtain authentication relationship data;
and carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table.
2. The method for capturing authentication parameters according to claim 1, wherein after the step of disassembling the data item of the authentication relationship data to obtain the key data item corresponding to the authentication parameter, the method further comprises:
and inquiring user information based on the key data items and the flow table, and determining user information corresponding to the message data, wherein the user information is used for enriching information included in the authentication parameters.
3. The method for capturing authentication parameters according to claim 1, wherein the inputting the target data into an authentication model for relational analysis to obtain authentication relational data comprises:
and converting the key value pair based on the target data to obtain message key value pair information, wherein the message key value pair information comprises: two request key value pair information and two response key value pair information;
inputting the message key value pair information into an authentication model for value matching to obtain authentication relation data, wherein the authentication relation data comprises: authentication parameter location and authentication parameter value.
4. The method for capturing authentication parameters according to claim 3, wherein the step of inputting the message key value pair information into an authentication model for value matching to obtain authentication relationship data includes:
performing value matching on the information of each request key value pair and the information of each response key value pair to determine a matching success sequence, wherein the matching success sequence comprises at least one piece of matching success data;
for any piece of successful data, acquiring a default weight rule, and carrying out weighting processing on the key value of the information based on the default weight rule and a request key value corresponding to the successful data to obtain a weight value corresponding to the successful data;
And selecting the successful matching data with the highest weight value to obtain the authentication relation data.
5. The method for capturing authentication parameters according to claim 4, wherein the selecting the matching success data with the highest weight value to obtain the authentication relationship data comprises:
acquiring weight adjustment information, and adjusting the weight value corresponding to each piece of successful data by using the weight adjustment information to obtain an adjustment weight value corresponding to each piece of successful data;
and selecting the matching success data with the highest adjustment weight value to obtain authentication relation data.
6. The method of capturing authentication parameters according to claim 1, further comprising, prior to capturing the target data from the flow table:
acquiring a timing grabbing interval, and carrying out data grabbing judgment based on the timing grabbing interval;
correspondingly, the capturing the target data from the flow table comprises the following steps:
when it is determined to perform data grabbing, grabbing target data from the flow table.
7. A system for grasping authentication parameters, comprising:
the structuring processing module is used for obtaining message data, carrying out message structuring processing based on the message data to obtain message structuring information, and storing the message structuring information into a flow table;
The relation analysis module is used for capturing target data from the flow table, inputting the target data into the authentication model for relation analysis, and obtaining authentication relation data;
and the authentication parameter determining module is used for carrying out data item disassembly on the authentication relation data to obtain key data items corresponding to the authentication parameters, and storing the key data items in an authentication relation table.
8. An electronic device, comprising:
at least one processor;
a memory;
at least one application program, wherein the at least one application program is stored in the memory and configured to be executed by the at least one processor, the at least one application program configured to: a method of performing the grasping of the authentication parameters according to any one of claims 1 to 6.
9. A computer readable storage medium, having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of grabbing authentication parameters as claimed in any one of claims 1 to 6.
CN202311696257.0A 2023-12-11 2023-12-11 Method, system, electronic equipment and storage medium for grabbing authentication parameters Pending CN117692202A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311696257.0A CN117692202A (en) 2023-12-11 2023-12-11 Method, system, electronic equipment and storage medium for grabbing authentication parameters

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311696257.0A CN117692202A (en) 2023-12-11 2023-12-11 Method, system, electronic equipment and storage medium for grabbing authentication parameters

Publications (1)

Publication Number Publication Date
CN117692202A true CN117692202A (en) 2024-03-12

Family

ID=90136587

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311696257.0A Pending CN117692202A (en) 2023-12-11 2023-12-11 Method, system, electronic equipment and storage medium for grabbing authentication parameters

Country Status (1)

Country Link
CN (1) CN117692202A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103455471A (en) * 2012-06-01 2013-12-18 阿里巴巴集团控股有限公司 Method and device for analyzing text to key value pairs
US10133650B1 (en) * 2017-10-10 2018-11-20 Fujitsu Limited Automated API parameter resolution and validation
US10387568B1 (en) * 2016-09-19 2019-08-20 Amazon Technologies, Inc. Extracting keywords from a document
CN110213290A (en) * 2019-06-14 2019-09-06 无锡华云数据技术服务有限公司 Data capture method, API gateway and storage medium
CN114697037A (en) * 2020-12-29 2022-07-01 广州慧睿思通科技股份有限公司 Key matching method, device, equipment and storage medium
CN115941820A (en) * 2022-12-13 2023-04-07 杭州代码狗科技有限公司 API definition obtaining method and device and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103455471A (en) * 2012-06-01 2013-12-18 阿里巴巴集团控股有限公司 Method and device for analyzing text to key value pairs
US10387568B1 (en) * 2016-09-19 2019-08-20 Amazon Technologies, Inc. Extracting keywords from a document
US10133650B1 (en) * 2017-10-10 2018-11-20 Fujitsu Limited Automated API parameter resolution and validation
CN110213290A (en) * 2019-06-14 2019-09-06 无锡华云数据技术服务有限公司 Data capture method, API gateway and storage medium
CN114697037A (en) * 2020-12-29 2022-07-01 广州慧睿思通科技股份有限公司 Key matching method, device, equipment and storage medium
CN115941820A (en) * 2022-12-13 2023-04-07 杭州代码狗科技有限公司 API definition obtaining method and device and storage medium

Similar Documents

Publication Publication Date Title
KR102097881B1 (en) Method and apparatus for processing a short link, and a short link server
AU2016382908B2 (en) Short link processing method, device and server
US20170364697A1 (en) Data interworking method and data interworking device
US20100153354A1 (en) Web Search Among Rich Media Objects
JP2016224987A (en) System, method and storage medium for improving access to search results
US20180196875A1 (en) Determining repeat website users via browser uniqueness tracking
CN110474820B (en) Flow playback method and device and electronic equipment
EP3915017B1 (en) Aggregation analysis and remediation of data invalidations
EP3817333A1 (en) Method, system, apparatus and device for processing request in alliance chain
US20180203927A1 (en) System and method for determining an authority rank for real time searching
JP6655731B2 (en) Self-protection security device based on system environment and user behavior analysis and its operation method
CN110222046B (en) List data processing method, device, server and storage medium
WO2022187008A1 (en) Asynchronous replication of linked parent and child records across data storage regions
CN102970380A (en) Method for acquiring media data of cloud storage files and cloud storage server
US20180018385A1 (en) System, data combining method, integration server, data combining program, database system ,database system cooperation method, and database system cooperation program
CN116938776A (en) Method, device, electronic equipment and medium for network asset mapping
CN117692202A (en) Method, system, electronic equipment and storage medium for grabbing authentication parameters
CN108021464B (en) Bottom-pocketing processing method and device for application response data
US20140280507A1 (en) Method, server and system for processing task data
CN113849125B (en) CDN server disk reading method, device and system
CN110580265A (en) ETL task processing method, device, equipment and storage medium
EP3224741A1 (en) Efficiently discovering and surfacing content attributes
WO2014117566A1 (en) Ranking method and system
TWI808367B (en) Blockchain intermediary system and method
KR20190140510A (en) Method for provide rewards to ai(artificial intelligence) and distribute the rewards to other users

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination