WO2022105590A1 - Domain name certificate detection method and apparatus, electronic device and computer-readable medium - Google Patents

Domain name certificate detection method and apparatus, electronic device and computer-readable medium Download PDF

Info

Publication number
WO2022105590A1
WO2022105590A1 PCT/CN2021/128052 CN2021128052W WO2022105590A1 WO 2022105590 A1 WO2022105590 A1 WO 2022105590A1 CN 2021128052 W CN2021128052 W CN 2021128052W WO 2022105590 A1 WO2022105590 A1 WO 2022105590A1
Authority
WO
WIPO (PCT)
Prior art keywords
domain name
name certificate
information
certificate
certificate information
Prior art date
Application number
PCT/CN2021/128052
Other languages
French (fr)
Chinese (zh)
Inventor
陆圣超
钱广杰
林飞
Original Assignee
上海连尚网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 上海连尚网络科技有限公司 filed Critical 上海连尚网络科技有限公司
Publication of WO2022105590A1 publication Critical patent/WO2022105590A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]

Abstract

Disclosed in the embodiments of the present disclosure are a domain name certificate detection method and apparatus, an electronic device and a computer-readable medium. A specific embodiment of the method comprises: acquiring domain name certificates stored in a certificate monitoring client; parsing each of the domain name certificates to generate parsed domain name certificate information, and obtaining a parsed domain name certificate information set; and determining, on the basis of a target domain name certificate information set and the parsed domain name certificate information set, whether there is abnormal domain name certificate information. This embodiment can improve the detection rate of domain name certificates and reduce the frequency of domain name abnormalities. Thereby, the security of network communication is improved.

Description

域名证书检测方法、装置、电子设备和计算机可读介质Domain name certificate detection method, apparatus, electronic device and computer readable medium 技术领域technical field
本公开的实施例涉及计算机技术领域,具体涉及域名证书检测方法、装置、电子设备和计算机可读介质。Embodiments of the present disclosure relate to the field of computer technologies, and in particular, to a method, apparatus, electronic device, and computer-readable medium for detecting a domain name certificate.
背景技术Background technique
随着互联网技术的快速发展,网络安全变得尤为重要。域名证书(SSL证书)可以实现数据信息在客户端和服务器之间的加密传输。目前,通常采用第三方证书监测服务端对域名证书进行检测,以提高域名证书的安全性。With the rapid development of Internet technology, network security has become particularly important. Domain name certificate (SSL certificate) can realize encrypted transmission of data information between client and server. At present, a third-party certificate monitoring server is usually used to detect the domain name certificate, so as to improve the security of the domain name certificate.
然而,当采用第三方证书监测服务端对域名证书进行检测时,经常会存在如下技术问题:However, when a third-party certificate monitoring server is used to detect domain name certificates, there are often the following technical problems:
第一,采用第三方证书监测服务端对域名证书进行检测,通常会遗漏对证书的检测,导致对域名证书的检测率不高,造成域名异常的频次较高,降低了网络通信的稳定性,进而降低了网络通信的安全性;First, the third-party certificate monitoring server is used to detect the domain name certificate, which usually misses the detection of the certificate, resulting in a low detection rate of the domain name certificate, resulting in a high frequency of domain name anomalies, and reducing the stability of network communication. This reduces the security of network communication;
第二,未将异常域名证书信息聚合成可读性告警信息,导致内容分发网络使用方难以解析所接收异常域名证书信息,造成内容分发网络使用方未及时对异常的域名证书进行更新,进而造成内容分发网络使用方的业务请求失败。Second, the abnormal domain name certificate information was not aggregated into readability alarm information, which made it difficult for the content distribution network user to parse the received abnormal domain name certificate information, resulting in the content distribution network user not updating the abnormal domain name certificate in time, which in turn caused The service request from the content delivery network consumer failed.
发明内容SUMMARY OF THE INVENTION
本公开的内容部分用于以简要的形式介绍构思,这些构思将在后面的具体实施方式部分被详细描述。本公开的内容部分并不旨在标识要求保护的技术方案的关键特征或必要特征,也不旨在用于限制所要求的保护的技术方案的范围。This summary of the disclosure serves to introduce concepts in a simplified form that are described in detail in the detailed description that follows. The content section of this disclosure is not intended to identify key features or essential features of the claimed technical solution, nor is it intended to be used to limit the scope of the claimed technical solution.
本公开的一些实施例提出了域名证书检测方法、装置、电子设备和计算机可读介质,来解决以上背景技术部分提到的技术问题中的一 项或多项。Some embodiments of the present disclosure propose a domain name certificate detection method, apparatus, electronic device, and computer-readable medium to solve one or more of the technical problems mentioned in the above background art section.
第一方面,本公开的一些实施例提供了一种域名证书检测方法,该方法包括:获取证书监控客户端中存储的各个域名证书;对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集;基于目标域名证书信息集和上述解析域名证书信息集,确定是否存在异常域名证书信息。In a first aspect, some embodiments of the present disclosure provide a domain name certificate detection method, the method includes: acquiring each domain name certificate stored in a certificate monitoring client; parsing each of the above domain name certificates to generate Analyzing the domain name certificate information to obtain a parsed domain name certificate information set; and determining whether there is abnormal domain name certificate information based on the target domain name certificate information set and the above-mentioned parsed domain name certificate information set.
第二方面,本公开的一些实施例提供了一种域名证书检测装置,装置包括:获取单元,被配置成获取证书监控客户端中所存储的各个域名证书;解析单元,被配置成对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集;确定单元,被配置成基于目标域名证书信息集和上述解析域名证书信息集,确定是否存在异常域名证书信息。In a second aspect, some embodiments of the present disclosure provide a domain name certificate detection device, the device includes: an obtaining unit configured to obtain each domain name certificate stored in the certificate monitoring client; a parsing unit configured to Each domain name certificate in the domain name certificate is parsed to generate parsed domain name certificate information, and a set of parsed domain name certificate information is obtained; the determining unit is configured to determine whether there is an abnormal domain name certificate based on the target domain name certificate information set and the above-mentioned parsed domain name certificate information set information.
第三方面,本公开的一些实施例提供了一种电子设备,包括:一个或多个处理器;存储装置,其上存储有一个或多个程序,当一个或多个程序被一个或多个处理器执行,使得一个或多个处理器实现上述第一方面任一实现方式所描述的方法。In a third aspect, some embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device on which one or more programs are stored, when one or more programs are stored by one or more The processor executes, causing one or more processors to implement the method described in any implementation manner of the above first aspect.
第四方面,本公开的一些实施例提供了一种计算机可读介质,其上存储有计算机程序,其中,程序被处理器执行时实现上述第一方面任一实现方式所描述的方法。In a fourth aspect, some embodiments of the present disclosure provide a computer-readable medium on which a computer program is stored, wherein, when the program is executed by a processor, the method described in any implementation manner of the above-mentioned first aspect is implemented.
本公开的上述各个实施例具有如下有益效果:通过本公开的一些实施例的域名证书检测方法提高了网络通信中的对域名证书的检测率,降低了出现域名异常的频次,提升了网络通信的稳定性,进而提升了网络通信的安全性。具体来说,发明人发现,造成网络通信中的域名异常现象的检测率不高的原因在于:采用第三方证书监测服务端对域名证书进行检测,通常会遗漏对证书的检测,导致对域名证书的检测率不高,造成域名异常的频次较高。基于此,首先,本公开的一些实施例的域名证书检测方法可以通过获取证书监控客户端中存储的各个域名证书,初步了解各个内容分发网络使用方的各个域名证书的状态。然后,对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集。由此,可以解析出各 个域名证书的域名证书信息,便于后续对解析域名证书信息进行检测。最后,将所解析的各个域名证书的域名证书信息与服务端中所存储并实时更新的各个目标域名证书信息进行对比。由此,可以根据对比结果,以确定上述目标域名证书信息集中是否存在异常域名证书信息。从而,可以实现从服务端和客户端这两个方面对域名证书的检测,以防止遗漏对证书的检测。进而提升了对域名证书的检测率,降低了出现域名异常的频次,提升了网络通信的稳定性。进而,提升了网络通信的安全性。The above-mentioned embodiments of the present disclosure have the following beneficial effects: the detection rate of domain name certificates in network communication is improved, the frequency of domain name exceptions is reduced, and the detection rate of network communication is improved through the domain name certificate detection methods of some embodiments of the present disclosure. stability, thereby improving the security of network communication. Specifically, the inventor found that the reason for the low detection rate of domain name anomalies in network communication is that the third-party certificate monitoring server is used to detect domain name certificates, which usually misses the detection of certificates, resulting in the detection of domain name certificates. The detection rate is not high, resulting in a high frequency of domain name anomalies. Based on this, first of all, the domain name certificate detection method of some embodiments of the present disclosure can obtain a preliminary understanding of the status of each domain name certificate of each content distribution network user by acquiring each domain name certificate stored in the certificate monitoring client. Then, each of the above domain name certificates is parsed to generate parsed domain name certificate information, and a set of parsed domain name certificate information is obtained. In this way, the domain name certificate information of each domain name certificate can be parsed out, which facilitates subsequent detection of the resolved domain name certificate information. Finally, the parsed domain name certificate information of each domain name certificate is compared with each target domain name certificate information stored in the server and updated in real time. Therefore, it can be determined whether there is abnormal domain name certificate information in the above target domain name certificate information set according to the comparison result. Therefore, the detection of the domain name certificate can be realized from the two aspects of the server and the client, so as to prevent omission of detection of the certificate. This further improves the detection rate of domain name certificates, reduces the frequency of domain name anomalies, and improves the stability of network communication. Further, the security of network communication is improved.
附图说明Description of drawings
结合附图并参考以下具体实施方式,本公开各实施例的上述和其他特征、优点及方面将变得更加明显。贯穿附图中,相同或相似的附图标记表示相同或相似的元素。应当理解附图是示意性的,元件和元素不一定按照比例绘制。The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent when taken in conjunction with the accompanying drawings and with reference to the following detailed description. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and elements are not necessarily drawn to scale.
图1是本公开的一些实施例的域名证书检测方法的一个应用场景的示意图;1 is a schematic diagram of an application scenario of a domain name certificate detection method according to some embodiments of the present disclosure;
图2是根据本公开的域名证书检测方法的一些实施例的流程图;2 is a flowchart of some embodiments of a domain name certificate detection method according to the present disclosure;
图3是根据本公开的域名证书检测方法的另一些实施例的流程图;3 is a flowchart of other embodiments of the domain name certificate detection method according to the present disclosure;
图4是根据本公开的域名证书检测方法的又一些实施例的流程图;FIG. 4 is a flowchart of further embodiments of the domain name certificate detection method according to the present disclosure;
图5是根据本公开的域名证书检测装置的一些实施例的结构示意图;5 is a schematic structural diagram of some embodiments of a domain name certificate detection apparatus according to the present disclosure;
图6是适于用来实现本公开的一些实施例的电子设备的结构示意图。6 is a schematic structural diagram of an electronic device suitable for implementing some embodiments of the present disclosure.
具体实施方式Detailed ways
下面将参照附图更详细地描述本公开的实施例。虽然附图中显示了本公开的某些实施例,然而应当理解的是,本公开可以通过各种形式来实现,而且不应该被解释为限于这里阐述的实施例。相反,提供 这些实施例是为了更加透彻和完整地理解本公开。应当理解的是,本公开的附图及实施例仅用于示例性作用,并非用于限制本公开的保护范围。Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are only for exemplary purposes, and are not intended to limit the protection scope of the present disclosure.
另外还需要说明的是,为了便于描述,附图中仅示出了与有关发明相关的部分。在不冲突的情况下,本公开中的实施例及实施例中的特征可以相互组合。In addition, it should be noted that, for the convenience of description, only the parts related to the related invention are shown in the drawings. The embodiments of this disclosure and features of the embodiments may be combined with each other without conflict.
需要注意,本公开中提及的“第一”、“第二”等概念仅用于对不同的装置、模块或单元进行区分,并非用于限定这些装置、模块或单元所执行的功能的顺序或者相互依存关系。It should be noted that concepts such as "first" and "second" mentioned in the present disclosure are only used to distinguish different devices, modules or units, and are not used to limit the order of functions performed by these devices, modules or units or interdependence.
需要注意,本公开中提及的“一个”、“多个”的修饰是示意性而非限制性的,本领域技术人员应当理解,除非在上下文另有明确指出,否则应该理解为“一个或多个”。It should be noted that the modifications of "a" and "a plurality" mentioned in the present disclosure are illustrative rather than restrictive, and those skilled in the art should understand that unless the context clearly indicates otherwise, they should be understood as "one or a plurality of". multiple".
本公开实施方式中的多个装置之间所交互的消息或者信息的名称仅用于说明性的目的,而并不是用于对这些消息或信息的范围进行限制。The names of messages or information exchanged between multiple devices in the embodiments of the present disclosure are only for illustrative purposes, and are not intended to limit the scope of these messages or information.
下面将参考附图并结合实施例来详细说明本公开。The present disclosure will be described in detail below with reference to the accompanying drawings and in conjunction with embodiments.
图1是根据本公开一些实施例的域名证书检测方法的一个应用场景的示意图。FIG. 1 is a schematic diagram of an application scenario of a domain name certificate detection method according to some embodiments of the present disclosure.
在图1的应用场景中,首先,计算设备101可以获取证书监控客户端中存储的各个域名证书102。然后,计算设备102可以对各个域名证书102中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集103。最后,计算设备101可以基于目标域名证书信息集104和解析域名证书信息集103,确定是否存在异常域名证书信息105。In the application scenario of FIG. 1 , first, the computing device 101 may acquire each domain name certificate 102 stored in the certificate monitoring client. Then, the computing device 102 may parse each domain name certificate in each domain name certificate 102 to generate parsed domain name certificate information, and obtain the parsed domain name certificate information set 103 . Finally, the computing device 101 may determine whether there is abnormal domain name certificate information 105 based on the target domain name certificate information set 104 and the resolved domain name certificate information set 103 .
需要说明的是,上述计算设备101可以是硬件,也可以是软件。当计算设备为硬件时,可以实现成多个服务器或终端设备组成的分布式集群,也可以实现成单个服务器或单个终端设备。当计算设备体现为软件时,可以安装在上述所列举的硬件设备中。其可以实现成例如用来提供分布式服务的多个软件或软件模块,也可以实现成单个软件或软件模块。在此不做具体限定。It should be noted that the above computing device 101 may be hardware or software. When the computing device is hardware, it can be implemented as a distributed cluster composed of multiple servers or terminal devices, or can be implemented as a single server or a single terminal device. When a computing device is embodied as software, it may be installed in the hardware devices listed above. It can be implemented, for example, as multiple software or software modules for providing distributed services, or as a single software or software module. There is no specific limitation here.
应该理解,图1中的计算设备的数目仅仅是示意性的。根据实现需要,可以具有任意数目的计算设备。It should be understood that the number of computing devices in FIG. 1 is merely illustrative. There may be any number of computing devices depending on implementation needs.
继续参考图2,示出了根据本公开的域名证书检测方法的一些实施例的流程200。该域名证书检测方法,包括以下步骤:Continuing to refer to FIG. 2 , a process 200 of some embodiments of a domain name certificate detection method according to the present disclosure is shown. The domain name certificate detection method includes the following steps:
步骤201,获取证书监控客户端中存储的各个域名证书。Step 201: Obtain each domain name certificate stored in the certificate monitoring client.
在一些实施例中,域名证书检测方法的执行主体(例如图1所示的计算设备101)可以通过有线连接方式或者无线连接方式获取证书监控客户端中存储的各个域名证书。这里,域名证书可以是一种数字证书。例如,SSL服务器证书。其中,域名证书包括但不限于:域名、使用方信息、内容分发网络服务方信息(例如,cdn服务商信息)、节点信息、域名注册时间、域名到期时间。In some embodiments, the executing subject of the domain name certificate detection method (eg, the computing device 101 shown in FIG. 1 ) may obtain each domain name certificate stored in the certificate monitoring client through a wired connection or a wireless connection. Here, the domain name certificate may be a digital certificate. For example, SSL server certificates. The domain name certificate includes but is not limited to: domain name, user information, content distribution network service provider information (eg, CDN service provider information), node information, domain name registration time, and domain name expiration time.
作为示例,各个域名证书可以是:As an example, each domain name certificate could be:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名注册时间:2019-12-01];[域名到期时间:2020-12-01]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name registration time: 2019-12- 01];[Domain name expiration time: 2020-12-01]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名注册时间:2019-12-05];[域名到期时间:2020-12-05]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name registration time: 2019-12- 05];[Domain name expiration time: 2020-12-05]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名注册时间:2019-12-07];[域名到期时间:2020-12-07]}。{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name registration time: 2019-12-07 ]; [Domain Expiration Time: 2020-12-07]}.
在一些实施例的一些可选的实现方式中,上述执行主体还可以遍历证书监控客户端的文件系统,通过握手协议获取上述文件系统中存储的各个域名证书。由此,可以防止遗漏对证书的检测。In some optional implementations of some embodiments, the above-mentioned execution subject may also traverse the file system of the certificate monitoring client, and obtain each domain name certificate stored in the above-mentioned file system through a handshake protocol. Thereby, the detection of the certificate can be prevented from being missed.
步骤202,对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集。Step 202: Perform analysis on each of the above domain name certificates to generate resolution domain name certificate information, and obtain a resolution domain name certificate information set.
在一些实施例中,上述执行主体可以对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集。这里,解析可以是提取域名证书中的关键字段。例如,可以提 取域名证书中的域名、使用方信息、内容分发网络服务方信息、节点信息和域名到期时间等关键字段。这里,提取的方式可以是文本关键词提取。In some embodiments, the above-mentioned execution subject may parse each domain name certificate in the above-mentioned various domain name certificates to generate resolved domain name certificate information, and obtain a resolved domain name certificate information set. Here, parsing can be to extract key fields in the domain name certificate. For example, key fields such as domain name, user information, content distribution network server information, node information, and domain name expiration time in the domain name certificate can be extracted. Here, the extraction method may be text keyword extraction.
作为示例,对步骤201中示例的各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集:As an example, each domain name certificate in each domain name certificate exemplified in step 201 is parsed to generate parsed domain name certificate information, and a set of parsed domain name certificate information is obtained:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12 -01]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名到期时间:2020-12-05]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name expiration time: 2020-12 -05]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名到期时间:2020-12-07]}。{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name expiration time: 2020-12- 07]}.
步骤203,基于目标域名证书信息集和上述解析域名证书信息集,确定是否存在异常域名证书信息。Step 203: Determine whether there is abnormal domain name certificate information based on the target domain name certificate information set and the above-mentioned resolved domain name certificate information set.
在一些实施例中,首先。上述执行主体可以从证书监控服务端中获取所存储并实时更新的各个目标域名证书信息作为目标域名证书信息集。然后,可以将解析域名证书信息集中的各个解析域名证书信息与上述目标域名证书信息集中的各个目标域名证书信息进行对比,以确定是否存在异常域名证书信息。这里,目标域名证书信息可以包括但不限于:域名证书中的域名、使用方信息、内容分发网络服务方信息、节点信息、域名到期时间和距离到期时间。In some embodiments, first. The above-mentioned execution subject may obtain the stored and real-time updated certificate information of each target domain name from the certificate monitoring server as the target domain name certificate information set. Then, each resolved domain name certificate information in the resolved domain name certificate information set may be compared with each target domain name certificate information in the above target domain name certificate information set to determine whether there is abnormal domain name certificate information. Here, the target domain name certificate information may include, but is not limited to, the domain name in the domain name certificate, user information, content distribution network service party information, node information, domain name expiration time and distance to expiration.
作为示例,目标域名证书信息集可以是:As an example, the target domain name certificate information set can be:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01];[距离到期时间:10]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12 -01]; [distance to expiration: 10]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名到期时间:2020-12-05];[距离到期时间:15]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name expiration time: 2020-12 -05]; [distance to expiration: 15]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名到期时间:2020-12-07];[距离到期时间:17]};{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name expiration time: 2020-12- 07]; [Time to Expiry: 17]};
{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}。{[Domain name: www.53.com];[User information: Shanghai Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.259.208];[Domain name expiration time: 2020-12 -01]; [distance to expiration: 10]}.
上述解析域名证书信息集可以是:The above-mentioned resolution domain name certificate information set can be:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12 -01]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名到期时间:2020-12-05]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name expiration time: 2020-12 -05]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名到期时间:2020-12-07]}。{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name expiration time: 2020-12- 07]}.
将上述目标域名证书信息集中的各个目标域名证书信息和上述解析域名证书信息集中的各个解析域名证书信息进行对比,确定解析域名证书信息集中未存在与目标域名证书信息{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}对应的解析域名证书信息。将目标域名证书信息{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}确定为异常证书信息。Comparing each target domain name certificate information in the above target domain name certificate information set with each resolution domain name certificate information in the above resolution domain name certificate information set, it is determined that the target domain name certificate information {[domain name: www.53. com];[user information: Shanghai Telecom];[content distribution network service provider information: Yinshan];[node information:58.214.259.208];[domain name expiration time:2020-12-01];[distance to expiration Time: 10]} The corresponding resolution domain name certificate information. The target domain name certificate information {[domain name: www.53.com]; [user information: Shanghai Telecom]; [content distribution network service provider information: Yinshan]; [node information: 58.214.259.208]; [domain name expiration Time: 2020-12-01]; [distance to expiration: 10]} is determined to be abnormal certificate information.
本公开的上述各个实施例具有如下有益效果:通过本公开的一些实施例的域名证书检测方法提高了网络通信中的对域名证书的检测率,降低了出现域名异常的频次,提升了网络通信的稳定性,进而提升了网络通信的安全性。具体来说,发明人发现,造成网络通信中的域名异常现象的检测率不高的原因在于:采用第三方证书监测服务端 对域名证书进行检测,通常会遗漏对证书的检测,导致对域名证书的检测率不高,造成域名异常的频次较高。基于此,首先,本公开的一些实施例的域名证书检测方法可以通过获取证书监控客户端中存储的各个域名证书,初步了解各个内容分发网络使用方的各个域名证书的状态。然后,对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集。由此,可以解析出各个域名证书的域名证书信息,便于后续对域名证书信息进行检测。最后,将所解析的各个域名证书的域名证书信息与服务端中所存储并实时更新的各个目标域名证书信息进行对比。由此,可以根据对比结果,以确定上述解析域名证书信息集中是否存在异常域名证书信息。从而,可以实现从服务端和客户端这两个方面对域名证书的检测,以防止遗漏对证书的检测。进而提升了对域名证书的检测率,降低了出现域名异常的频次,提升了网络通信的稳定性。进而,提升了网络通信的安全性。The above-mentioned embodiments of the present disclosure have the following beneficial effects: the detection rate of domain name certificates in network communication is improved, the frequency of domain name exceptions is reduced, and the detection rate of network communication is improved through the domain name certificate detection methods of some embodiments of the present disclosure. stability, thereby improving the security of network communication. Specifically, the inventor found that the reason for the low detection rate of domain name anomalies in network communication is that the third-party certificate monitoring server is used to detect domain name certificates, which usually misses the detection of certificates, resulting in the detection of domain name certificates. The detection rate is not high, resulting in a high frequency of domain name anomalies. Based on this, first of all, the domain name certificate detection method of some embodiments of the present disclosure can obtain a preliminary understanding of the status of each domain name certificate of each content distribution network user by acquiring each domain name certificate stored in the certificate monitoring client. Then, each of the above domain name certificates is parsed to generate parsed domain name certificate information, and a set of parsed domain name certificate information is obtained. Thus, the domain name certificate information of each domain name certificate can be parsed out, which facilitates subsequent detection of the domain name certificate information. Finally, the parsed domain name certificate information of each domain name certificate is compared with each target domain name certificate information stored in the server and updated in real time. Therefore, it can be determined whether there is abnormal domain name certificate information in the above-mentioned resolved domain name certificate information set according to the comparison result. Therefore, the detection of the domain name certificate can be realized from the two aspects of the server and the client, so as to prevent omission of detection of the certificate. This further improves the detection rate of domain name certificates, reduces the frequency of domain name anomalies, and improves the stability of network communication. Further, the security of network communication is improved.
进一步参考图3,示出了根据本公开的域名证书检测方法的另一些实施例的流程图。该域名证书检测方法,包括以下步骤:With further reference to FIG. 3 , a flow chart of other embodiments of the domain name certificate detection method according to the present disclosure is shown. The domain name certificate detection method includes the following steps:
步骤301,获取导入的各个域名证书以存入证书监控客户端中。In step 301, each imported domain name certificate is obtained and stored in the certificate monitoring client.
在一些实施例中,上述执行主体可以通过有线连接方式或者无线连接方式从终端获取导入的各个域名证书以存入证书监控客户端中。这里,导入的各个域名证书可以是用户或者是工作人员所手动补充的域名证书。由此,可以进一步防止遗漏对证书的检测。In some embodiments, the above-mentioned execution subject may obtain each imported domain name certificate from the terminal through a wired connection or a wireless connection to store it in the certificate monitoring client. Here, each imported domain name certificate may be a domain name certificate manually supplemented by a user or a staff member. Thereby, the detection of the certificate can be further prevented from being missed.
作为示例,导入的域名证书可以是:As an example, an imported domain name certificate could be:
{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01]}。{[Domain name: www.53.com];[User information: Shanghai Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.259.208];[Domain name expiration time: 2020-12 -01]}.
步骤302,获取证书监控客户端中存储的各个域名证书。Step 302: Obtain each domain name certificate stored in the certificate monitoring client.
在一些实施例中,步骤302的具体实现及所带来的技术效果可以参考图2对应的那些实施例中的步骤201,在此不再赘述。In some embodiments, for the specific implementation of step 302 and the technical effect brought about, reference may be made to step 201 in those embodiments corresponding to FIG. 2 , which will not be repeated here.
步骤303,对上述各个域名证书中的每个域名证书进行解析以生 成解析域名证书信息,得到解析域名证书信息集。Step 303: Perform analysis on each of the above domain name certificates to generate resolution domain name certificate information, and obtain a resolution domain name certificate information set.
在一些实施例中,步骤303的具体实现及所带来的技术效果可以参考图2对应的那些实施例中的步骤202,在此不再赘述。In some embodiments, for the specific implementation of step 303 and the technical effect brought about, reference may be made to step 202 in those embodiments corresponding to FIG. 2 , and details are not repeated here.
步骤304,获取云服务信息平台中存储的各个内容分发网络使用方的各个域名。Step 304: Obtain each domain name of each content distribution network user stored in the cloud service information platform.
在一些实施例中,上述执行主体可以云服务信息平台中存储的各个内容分发网络使用方的各个域名。这里,云服务信息平台可以是证书检测服务端。实践中,获取到的云服务信息平台中存储的各个内容分发网络使用方的各个域名可以是:[域名:www.52.com];[域名:www.54.com];[域名:www.51.com];[域名:www.53.com]。In some embodiments, the above-mentioned execution body may be each domain name of each content distribution network user stored in the cloud service information platform. Here, the cloud service information platform may be a certificate detection server. In practice, the acquired domain names of each content distribution network user stored in the cloud service information platform may be: [domain name: www.52.com]; [domain name: www.54.com]; [domain name: www. 51.com]; [domain name: www.53.com].
步骤305,对上述各个域名进行域名解析以生成解析域名列表。Step 305: Perform domain name resolution on each of the above domain names to generate a list of resolved domain names.
在一些实施例中,上述执行主体可以对上述各个域名进行域名解析以生成解析域名列表。这里,域名解析可以是域名指向网站空间IP。这里,可以建立空表,以及将域名解析后的各个域名输入至空表中以生成解析域名列表。In some embodiments, the above-mentioned execution body may perform domain name resolution on each of the above-mentioned domain names to generate a list of resolved domain names. Here, the domain name resolution can be that the domain name points to the web space IP. Here, an empty table may be established, and each domain name after domain name resolution is input into the empty table to generate a list of resolved domain names.
作为示例,可以对上述各个域名进行域名解析以生成解析域名列表:As an example, you can perform domain name resolution on each of the above domain names to generate a list of resolved domain names:
域名domain name 网站空间IPweb space IP
www.52.comwww.52.com 58.214.159.20858.214.159.208
www.54.comwww.54.com 58.215.159.20858.215.159.208
www.51.comwww.51.com 58.216.159.20858.216.159.208
www.53.comwww.53.com 58.214.259.20858.214.259.208
步骤306,基于上述解析域名列表中的每个解析域名,获取与上述解析域名对应的内容分发网络使用方的配置信息,得到配置信息集作为目标域名证书信息集。Step 306: Based on each resolved domain name in the above-mentioned resolved domain name list, obtain the configuration information of the content distribution network user corresponding to the above-mentioned resolved domain name, and obtain a configuration information set as a target domain name certificate information set.
在一些实施例中,上述执行主体可以通过访问解析域名列表中的各个解析域名的各个网站空间IP所指向的内容分发网络使用方的网站,从而可以获取与解析域名对应的内容分发网络使用方的配置信息,得到配置信息集作为目标域名证书信息集。In some embodiments, the above-mentioned execution body may obtain the content distribution network user's website corresponding to the resolved domain name by accessing the website of the content distribution network user pointed to by each web space IP of each resolved domain name in the resolved domain name list. The configuration information is obtained, and the configuration information set is obtained as the target domain name certificate information set.
作为示例,可以通过访问网站空间IP“58.214.159.208”所指向的 内容分发网络使用方的网站,获取与解析域名对应的内容分发网络使用方的配置信息“{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01];[距离到期时间:10]}”。As an example, the configuration information of the content distribution network user corresponding to the resolved domain name can be obtained by visiting the website of the content distribution network user pointed to by the web space IP "58.214.159.208" "{[domain name: www.52.com] ;[User information: Tian Telecom];[Content distribution network service provider information: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12-01];[Distance to expiration time: 10]}".
作为另外一个示例,获取到的配置信息集可以是:As another example, the obtained set of configuration information can be:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01];[距离到期时间:10]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12 -01]; [distance to expiration: 10]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名到期时间:2020-12-05];[距离到期时间:15]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name expiration time: 2020-12 -05]; [distance to expiration: 15]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名到期时间:2020-12-07];[距离到期时间:17]};{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name expiration time: 2020-12- 07]; [Time to Expiry: 17]};
{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}。将上述配置信息集确定为目标域名证书信息集。{[Domain name: www.53.com];[User information: Shanghai Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.259.208];[Domain name expiration time: 2020-12 -01]; [distance to expiration: 10]}. The above configuration information set is determined as the target domain name certificate information set.
步骤307,基于目标域名证书信息集和上述解析域名证书信息集,确定是否存在异常域名证书信息。Step 307: Determine whether there is abnormal domain name certificate information based on the target domain name certificate information set and the above-mentioned resolved domain name certificate information set.
在一些实施例中,步骤307的具体实现及所带来的技术效果可以参考图2对应的那些实施例中的步骤203,在此不再赘述。In some embodiments, for the specific implementation of step 307 and the technical effect brought about, reference may be made to step 203 in those embodiments corresponding to FIG. 2 , and details are not repeated here.
从图3可以看出,与图2对应的一些实施例的描述相比,图3对应的一些实施例中的域名证书检测方法的流转300可以通过获取用户或者是工作人员所补充的域名证书,可以进一步防止遗漏对证书的检测。然后,可以通过获取配置信息集,为确定是否存在异常域名证书信息提供了参考依据。As can be seen from FIG. 3, compared with the description of some embodiments corresponding to FIG. 2, the flow 300 of the domain name certificate detection method in some embodiments corresponding to FIG. Missing detection of certificates can be further prevented. Then, the configuration information set can be obtained to provide a reference basis for determining whether there is abnormal domain name certificate information.
进一步参考图4,示出了根据本公开的域名证书检测方法的又一些实施例。该域名证书检测方法,包括以下步骤:With further reference to FIG. 4 , further embodiments of the domain name certificate detection method according to the present disclosure are shown. The domain name certificate detection method includes the following steps:
步骤401,获取证书监控客户端中存储的各个域名证书。Step 401: Obtain each domain name certificate stored in the certificate monitoring client.
步骤402,对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集。Step 402: Perform analysis on each of the above domain name certificates to generate resolution domain name certificate information, and obtain a resolution domain name certificate information set.
在一些实施例中,步骤401-402的具体实现及所带来的技术效果可以参考图2对应的那些实施例中的步骤201-202,在此不再赘述。In some embodiments, for the specific implementation of steps 401-402 and the technical effects brought about, reference may be made to steps 201-202 in those embodiments corresponding to FIG. 2, and details are not repeated here.
步骤403,将上述解析域名证书信息集中的各个解析域名证书信息与上述目标域名证书信息集中的各个目标域名证书信息进行对比,生成对比结果信息集。Step 403: Compare each resolved domain name certificate information in the above-mentioned resolved domain name certificate information set with each target domain name certificate information in the above-mentioned target domain name certificate information set, and generate a comparison result information set.
在一些实施例中,上述执行主体可以将上述解析域名证书信息集中的各个解析域名证书信息与上述目标域名证书信息集中的各个目标域名证书信息进行对比,生成对比结果信息集。这里,对比是指解析域名证书信息和目标域名证书信息之间的差异对比。In some embodiments, the execution subject may compare each resolved domain name certificate information in the above resolved domain name certificate information set with each target domain name certificate information in the above target domain name certificate information set to generate a comparison result information set. Here, the comparison refers to the difference comparison between the certificate information of the resolved domain name and the certificate information of the target domain name.
作为示例,上述解析域名证书信息集中的各个解析域名证书信息可以是:As an example, the respective resolution domain name certificate information in the above-mentioned resolution domain name certificate information set may be:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12 -01]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名到期时间:2020-12-05]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name expiration time: 2020-12 -05]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名到期时间:2020-12-07]};{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name expiration time: 2020-12- 07]};
{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01]}。{[Domain name: www.53.com];[User information: Shanghai Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.259.208];[Domain name expiration time: 2020-12 -01]}.
上述目标域名证书信息集中的各个目标域名证书信息可以是:Each target domain name certificate information in the above target domain name certificate information set may be:
{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01];[距离到期时间:10]};{[Domain name: www.52.com];[User information: Tian Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.159.208];[Domain name expiration time: 2020-12 -01]; [distance to expiration: 10]};
{[域名:www.54.com];[使用方信息:地联通];[内容分发网络服务方信息:六牛];[节点信息:58.215.159.208];[域名到期时间:2020-12-05];[距离到期时间:15]};{[Domain name: www.54.com]; [User information: China Unicom]; [Content distribution network service provider information: Liu Niu]; [Node information: 58.215.159.208]; [Domain name expiration time: 2020-12 -05]; [distance to expiration: 15]};
{[域名:www.51.com];[使用方信息:水移动];[内容分发网络服务方信息:大里];[节点信息:58.216.159.208];[域名到期时间:2020-12-07];[距离到期时间:17]};{[Domain name: www.51.com]; [User information: Water Mobile]; [Content distribution network service provider information: Dali]; [Node information: 58.216.159.208]; [Domain name expiration time: 2020-12- 07]; [Time to Expiry: 17]};
{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}。{[Domain name: www.53.com];[User information: Shanghai Telecom];[Content distribution network service provider: Yinshan];[Node information: 58.214.259.208];[Domain name expiration time: 2020-12 -01]; [distance to expiration: 10]}.
将上述解析域名证书信息集中的各个解析域名证书信息和上述目标域名证书信息集中的各个目标域名证书信息进行对比,得到对比结果信息集:[距离到期时间:10];[距离到期时间:15];[距离到期时间:17];[距离到期时间:10]。Comparing each resolution domain name certificate information in the above resolution domain name certificate information set with each target domain name certificate information in the above target domain name certificate information set, a comparison result information set is obtained: [distance to expiration: 10]; [distance to expiration: 15]; [distance to expiration: 17]; [distance to expiration: 10].
步骤404,响应于上述对比结果信息集中存在符合预设条件的对比结果信息,将上述对比结果信息集中符合上述预设条件的对比结果信息确定为异常对比结果信息,得到异常对比结果信息组。Step 404: In response to the comparison result information that meets the preset condition in the comparison result information set, the comparison result information that meets the preset condition in the comparison result information set is determined as abnormal comparison result information, and an abnormal comparison result information group is obtained.
在一些实施例中,响应于上述对比结果信息集中存在符合预设条件的对比结果信息,上述执行主体可以将上述对比结果信息集中符合上述预设条件的对比结果信息确定为异常对比结果信息,得到异常对比结果信息组。这里,预设条件可以是内容分发网络提供方所设定的条件,例如,预设条件可以是“到期时间小于等于10天”。In some embodiments, in response to the comparison result information that meets the preset condition in the comparison result information set, the execution entity may determine the comparison result information that meets the preset condition in the comparison result information set as abnormal comparison result information, and obtain Anomaly comparison result information group. Here, the preset condition may be a condition set by the content distribution network provider, for example, the preset condition may be "expiration time is less than or equal to 10 days".
作为示例,上述对比结果信息集可以是:[距离到期时间:10];[距离到期时间:15];[距离到期时间:17];[距离到期时间:10]。将上述对比结果信息集中符合预设条件“到期时间小于等于10天”的对比结果信息确定为异常对比结果信息,得到异常对比结果信息组:[距离到期时间:10];[距离到期时间:10]。As an example, the above comparison result information set may be: [distance to expiration: 10]; [distance to expiration: 15]; [distance to expiration: 17]; [distance to expiration: 10]. Determine the comparison result information that meets the preset condition "expiration time is less than or equal to 10 days" in the above comparison result information set as abnormal comparison result information, and obtain the abnormal comparison result information group: [distance to expiration time: 10]; [distance to expiration Time: 10].
步骤405,将上述异常对比结果信息组中的每个异常对比结果信息所对应的目标域名证书信息确定为异常域名证书信息,得到异常域名证书信息集。Step 405: Determine the target domain name certificate information corresponding to each abnormal comparison result information in the above abnormal comparison result information group as abnormal domain name certificate information, and obtain an abnormal domain name certificate information set.
在一些实施例中,上述执行主体可以将上述异常对比结果信息组 中的每个异常对比结果信息所对应的目标域名证书信息确定为异常域名证书信息,得到异常域名证书信息集。In some embodiments, the above-mentioned execution body may determine the target domain name certificate information corresponding to each abnormal comparison result information in the above-mentioned abnormal comparison result information group as abnormal domain name certificate information, and obtain the abnormal domain name certificate information set.
作为示例,上述异常对比结果信息组可以是:[距离到期时间:10];[距离到期时间:10]。将第1个[距离到期时间:10]对应的目标域名证书信息{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01];[距离到期时间:10]}确定为异常域名证书信息。将第2个[距离到期时间:10]对应的目标域名证书信息{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}确定为异常域名证书信息。从而,得到异常域名证书信息集。As an example, the above abnormal comparison result information group may be: [distance to expiration: 10]; [distance to expiration: 10]. Set the target domain name certificate information corresponding to the first [expiration time: 10] {[domain name: www.52.com]; [user information: Sky Telecom]; [content distribution network service provider information: Yinshan]; [Node information: 58.214.159.208]; [Domain name expiration time: 2020-12-01]; [Distance expiry time: 10]} It is determined as abnormal domain name certificate information. Set the target domain name certificate information corresponding to the second [time to expiration: 10] {[domain name: www.53.com]; [user information: Shanghai Telecom]; [content distribution network service provider information: Yinshan]; [Node information: 58.214.259.208]; [Domain name expiration time: 2020-12-01]; [Distance expiry time: 10]} It is determined as abnormal domain name certificate information. Thus, the abnormal domain name certificate information set is obtained.
步骤406,对上述异常域名证书信息集中的每个异常域名证书信息进行聚合处理以生成聚合异常域名证书信息作为可读性告警信息,得到可读性告警信息组。Step 406: Aggregate each abnormal domain name certificate information in the abnormal domain name certificate information set to generate the aggregated abnormal domain name certificate information as readability alarm information, and obtain a readability alarm information group.
在一些实施例中,上述执行主体可以对上述异常域名证书信息集中的每个异常域名证书信息进行聚合处理以生成聚合异常域名证书信息作为可读性告警信息,得到可读性告警信息组。这里,聚合处理可以是指将异常域名证书信息中的每个字段输入至预先设置的模板中。这里,模板就是填写异常域名证书信息的语料模板。In some embodiments, the execution body may perform aggregation processing on each abnormal domain name certificate information in the abnormal domain name certificate information set to generate aggregated abnormal domain name certificate information as readability alarm information, and obtain a readability alarm information group. Here, the aggregation process may refer to inputting each field in the abnormal domain name certificate information into a preset template. Here, the template is the corpus template for filling in the abnormal domain name certificate information.
作为示例,可以对异常域名证书信息{[域名:www.52.com];[使用方信息:天电信];[内容分发网络服务方信息:银山];[节点信息:58.214.159.208];[域名到期时间:2020-12-01];[距离到期时间:10]}进行聚合处理以生成聚合异常域名证书信息“域名[www.52.com]的使用方[天电信]在内容分发网络服务方[银山]中的域名证书的距离到期时间为10天”作为可读性告警信息。可以对异常域名证书信息{[域名:www.53.com];[使用方信息:上海电信];[内容分发网络服务方信息:银山];[节点信息:58.214.259.208];[域名到期时间:2020-12-01];[距离到期时间:10]}进行聚合处理以生成聚合异常域名证书信息“域名[www.53.com]的使用方[上海电信]在内容分发网络服务方[银山]中的域名证书的距离到期时间为10天”作为可读性告警信息。As an example, the abnormal domain name certificate information {[domain name: www.52.com]; [user information: Sky Telecom]; [content distribution network service party information: Yinshan]; [node information: 58.214.159.208]; [Domain name expiry time: 2020-12-01]; [Distance expiry time: 10]} Perform aggregation processing to generate aggregated abnormal domain name certificate information "The user of the domain name [www.52.com] [Tian Telecom] is in the content The domain name certificate in the distribution network service party [Silver Mountain] is 10 days away from the expiration time" as the readability warning message. Abnormal domain name certificate information {[domain name: www.53.com]; [user information: Shanghai Telecom]; [content distribution network service provider information: Yinshan]; [node information: 58.214.259.208]; [domain name to Expiry time: 2020-12-01]; [Distance to expiry time: 10]} Aggregation processing is performed to generate aggregated abnormal domain name certificate information "The user of the domain name [www.53.com] [Shanghai Telecom] is serving in the content distribution network The expiry time of the domain name certificate in Fang [Silver Mountain] is 10 days" as the readability warning message.
步骤406作为本公开的一个发明点,解决了背景技术提及的技术问题二“未将异常域名证书信息聚合成可读性告警信息,导致内容分发网络使用方难以解析所接收异常域名证书信息,造成内容分发网络使用方未及时对异常的域名证书进行更新,进而造成内容分发网络使用方的业务请求失败”。导致内容分发网络使用方的业务请求失败的影响因素往往如下:未将异常域名证书信息聚合成可读性告警信息,导致内容分发网络使用方难以解析所接收异常域名证书信息,造成内容分发网络使用方未及时对异常的域名证书进行更新。如果解决了上述因素,就能达到减少内容分发网络使用方的业务请求失败的效果。为了达到这一效果,本公开对上述异常域名证书信息集中的每个异常域名证书信息进行聚合处理以生成聚合异常域名证书信息作为可读性告警信息。由此,可以将异常域名证书信息聚合成可读性告警信息,以提高内容分发网络使用方对所接收的可读性告警信息的理解。进而,使得内容分发网络使用方可以及时对异常的域名证书进行更新。从而,达到减少内容分发网络使用方的业务请求失败的效果。 Step 406, as an inventive point of the present disclosure, solves the second technical problem mentioned in the background art: “The abnormal domain name certificate information is not aggregated into readability alarm information, which makes it difficult for the content distribution network user to parse the received abnormal domain name certificate information. As a result, the content distribution network user fails to update the abnormal domain name certificate in time, which in turn causes the content distribution network user's business request to fail." The influencing factors that cause the service request failure of the content distribution network user are often as follows: The abnormal domain name certificate information is not aggregated into readability alarm information, which makes it difficult for the content distribution network user to parse the received abnormal domain name certificate information, causing the content distribution network to use the information. The party failed to update the abnormal domain name certificate in time. If the above factors are solved, the effect of reducing the failure of the service request of the user of the content distribution network can be achieved. In order to achieve this effect, the present disclosure performs aggregation processing on each abnormal domain name certificate information in the above abnormal domain name certificate information set to generate aggregated abnormal domain name certificate information as readability alarm information. In this way, the abnormal domain name certificate information can be aggregated into readability alarm information, so as to improve the understanding of the received readability alarm information by the content distribution network user. Furthermore, the content distribution network user can update the abnormal domain name certificate in time. Thus, the effect of reducing service request failures of the content distribution network user is achieved.
步骤407,将上述可读性告警信息组中的各个可读性告警信息分别发送至对应的各个内容分发网络使用方的服务平台以供用户浏览。Step 407: Send each readability alarm information in the readability alarm information group to the corresponding service platform of each content distribution network user for the user to browse.
在一些实施例中,上述执行主体可以将上述可读性告警信息组中的各个可读性告警信息分别发送至对应的各个内容分发网络使用方的服务平台以供用户浏览。In some embodiments, the execution body may send each readability alarm information in the readability alarm information group to the corresponding service platform of each content distribution network user for the user to browse.
作为示例,可以将可读性告警信息“域名[www.52.com]的使用方[天电信]在内容分发网络服务方[银山]中的域名证书的距离到期时间为10天”发送至内容分发网络使用方[天电信]的服务平台“001”以供用户浏览。可以将可读性告警信息“域名[www.53.com]的使用方[上海电信]在内容分发网络服务方[银山]中的域名证书的距离到期时间为10天”发送至内容分发网络使用方[上海电信]的服务平台“001”以供用户浏览。As an example, the readability warning message "The domain name certificate of the user [Tian Telecom] of the domain name [www.52.com] in the content distribution network service party [Yinshan] is 10 days away from expiration" may be sent. To the service platform "001" of the content distribution network user [Tian Telecom] for users to browse. The readability warning message "The domain name certificate of the user [Shanghai Telecom] of the domain name [www.53.com] in the content distribution network service provider [Yinshan] is 10 days away from expiration" can be sent to the content distribution The service platform "001" of the network user [Shanghai Telecom] for users to browse.
从图4可以看出,与图2对应的一些实施例的描述相比,图4对应的一些实施例中的域名证书检测方法的流转400可以使得内容分发网络使用方可以及时对异常的域名证书进行更新。从而,达到减少内 容分发网络使用方的业务请求失败的效果。As can be seen from FIG. 4 , compared with the description of some embodiments corresponding to FIG. 2 , the flow 400 of the domain name certificate detection method in some embodiments corresponding to FIG. 4 can enable the content distribution network user to timely detect abnormal domain name certificates to update. Thus, the effect of reducing service request failures of the content distribution network user is achieved.
进一步参考图5,作为对上述各图所示方法的实现,本公开提供了一种域名证书检测装置的一些实施例,这些装置实施例与图2所示的那些方法实施例相对应,该装置具体可以应用于各种电子设备中。Further referring to FIG. 5 , as an implementation of the methods shown in the above figures, the present disclosure provides some embodiments of an apparatus for detecting a domain name certificate. These apparatus embodiments correspond to those method embodiments shown in FIG. 2 . The apparatus Specifically, it can be applied to various electronic devices.
如图5所示,一些实施例的域名证书检测装置500包括:获取单元501、解析单元502和确定单元503。其中,获取单元501被配置成获取证书监控客户端中所存储的各个域名证书;解析单元502被配置成对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集;确定单元503被配置成基于目标域名证书信息集和上述解析域名证书信息集,确定是否存在异常域名证书信息。As shown in FIG. 5 , an apparatus 500 for detecting a domain name certificate in some embodiments includes: an acquiring unit 501 , a parsing unit 502 and a determining unit 503 . Wherein, the obtaining unit 501 is configured to obtain each domain name certificate stored in the certificate monitoring client; the parsing unit 502 is configured to parse each domain name certificate in the above-mentioned various domain name certificates to generate the resolved domain name certificate information, and obtain the resolved domain name Certificate information set; the determining unit 503 is configured to determine whether there is abnormal domain name certificate information based on the target domain name certificate information set and the above-mentioned resolved domain name certificate information set.
在一些实施例的一些可选的实现方式中,域名证书检测装置500的获取单元501被进一步配置成:遍历上述证书监控客户端的文件系统,通过握手协议获取上述文件系统中存储的各个域名证书。In some optional implementations of some embodiments, the obtaining unit 501 of the domain name certificate detection apparatus 500 is further configured to: traverse the file system of the certificate monitoring client, and obtain each domain name certificate stored in the file system through a handshake protocol.
在一些实施例的一些可选的实现方式中,域名证书检测装置500还包括:获取导入的各个域名证书。In some optional implementations of some embodiments, the domain name certificate detection apparatus 500 further includes: acquiring each imported domain name certificate.
在一些实施例的一些可选的实现方式中,域名证书检测装置500还包括:域名获取单元,被配置成获取云服务信息平台中存储的各个内容分发网络使用方的各个域名;域名解析单元,被配置成对上述各个域名进行域名解析以生成解析域名列表;配置信息获取单元,被配置成基于上述解析域名列表中的每个解析域名,获取与上述解析域名对应的内容分发网络使用方的配置信息,得到配置信息集作为目标域名证书信息集。In some optional implementations of some embodiments, the domain name certificate detection apparatus 500 further includes: a domain name acquisition unit, configured to acquire each domain name of each content distribution network user stored in the cloud service information platform; a domain name resolution unit, is configured to perform domain name resolution on each of the above-mentioned domain names to generate a list of resolved domain names; the configuration information acquisition unit is configured to obtain the configuration of the content distribution network user corresponding to the above-mentioned resolved domain name based on each resolved domain name in the above-mentioned resolved domain name list information, and obtain the configuration information set as the target domain name certificate information set.
在一些实施例的一些可选的实现方式中,域名证书检测装置500的确定单元503被进一步配置成:将上述解析域名证书信息集中的各个解析域名证书信息与上述目标域名证书信息集中的各个目标域名证书信息进行对比,生成对比结果信息集;响应于上述对比结果信息集中存在符合预设条件的对比结果信息,将上述对比结果信息集中符合上述预设条件的对比结果信息确定为异常对比结果信息,得到异常对 比结果信息组。In some optional implementations of some embodiments, the determining unit 503 of the domain name certificate detection apparatus 500 is further configured to: compare each resolved domain name certificate information in the above-mentioned resolved domain name certificate information set with each target in the above-mentioned target domain name certificate information set The domain name certificate information is compared, and a comparison result information set is generated; in response to the comparison result information that meets the preset conditions in the comparison result information set, the comparison result information that meets the preset conditions in the comparison result information set is determined as abnormal comparison result information , get the abnormal comparison result information group.
在一些实施例的一些可选的实现方式中,域名证书检测装置500的确定单元503被进一步配置成:将上述异常对比结果信息组中的每个异常对比结果信息所对应的目标域名证书信息确定为异常域名证书信息,得到异常域名证书信息集。In some optional implementations of some embodiments, the determining unit 503 of the domain name certificate detection apparatus 500 is further configured to: determine the target domain name certificate information corresponding to each abnormal comparison result information in the above abnormal comparison result information group For the abnormal domain name certificate information, the abnormal domain name certificate information set is obtained.
在一些实施例的一些可选的实现方式中,域名证书检测装置500的确定单元503还包括:聚合单元,被配置成对上述异常域名证书信息集中的每个异常域名证书信息进行聚合处理以生成聚合异常域名证书信息作为可读性告警信息,得到可读性告警信息组;发送单元,被配置成将上述可读性告警信息组中的各个可读性告警信息分别发送至对应的各个内容分发网络使用方的服务平台以供用户浏览。In some optional implementations of some embodiments, the determination unit 503 of the domain name certificate detection apparatus 500 further includes: an aggregation unit, configured to perform aggregation processing on each abnormal domain name certificate information in the above abnormal domain name certificate information set to generate Aggregate the abnormal domain name certificate information as readability alarm information to obtain a readability alarm information group; the sending unit is configured to send each readability alarm information in the readability alarm information group to the corresponding content distribution respectively. The service platform of the network user for users to browse.
可以理解的是,该装置500中记载的诸单元与参考图2描述的方法中的各个步骤相对应。由此,上文针对方法描述的操作、特征以及产生的有益效果同样适用于装置500及其中包含的单元,在此不再赘述。It can be understood that the units recorded in the apparatus 500 correspond to the respective steps in the method described with reference to FIG. 2 . Therefore, the operations, features and beneficial effects described above with respect to the method are also applicable to the apparatus 500 and the units included therein, and details are not described herein again.
下面参考图6,其示出了适于用来实现本公开的一些实施例的电子设备(例如图1中的计算设备101)600的结构示意图。本公开的一些实施例中的电子设备可以包括但不限于诸如移动电话、笔记本电脑、数字广播接收器、PDA(个人数字助理)、PAD(平板电脑)、PMP(便携式多媒体播放器)、车载终端(例如车载导航终端)等等的移动终端以及诸如数字TV、台式计算机等等的固定终端。图6示出的电子设备仅仅是一个示例,不应对本公开的实施例的功能和使用范围带来任何限制。Referring now to FIG. 6 , a schematic structural diagram of an electronic device (eg, computing device 101 in FIG. 1 ) 600 suitable for implementing some embodiments of the present disclosure is shown. Electronic devices in some embodiments of the present disclosure may include, but are not limited to, such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablets), PMPs (portable multimedia players), vehicle-mounted terminals Mobile terminals such as in-vehicle navigation terminals, etc., and stationary terminals such as digital TVs, desktop computers, and the like. The electronic device shown in FIG. 6 is only an example, and should not impose any limitation on the function and scope of use of the embodiments of the present disclosure.
如图6所示,电子设备600可以包括处理装置(例如中央处理器、图形处理器等)601,其可以根据存储在只读存储器(ROM)602中的程序或者从存储装置608加载到随机访问存储器(RAM)603中的程序而执行各种适当的动作和处理。在RAM 603中,还存储有电子设备600操作所需的各种程序和数据。处理装置601、ROM 602以及RAM 603通过总线604彼此相连。输入/输出(I/O)接口605也连接至总线 604。As shown in FIG. 6, an electronic device 600 may include a processing device (eg, a central processing unit, a graphics processor, etc.) 601 that may be loaded into random access according to a program stored in a read only memory (ROM) 602 or from a storage device 608 Various appropriate actions and processes are executed by the programs in the memory (RAM) 603 . In the RAM 603, various programs and data required for the operation of the electronic device 600 are also stored. The processing device 601, the ROM 602, and the RAM 603 are connected to each other through a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
通常,以下装置可以连接至I/O接口605:包括例如触摸屏、触摸板、键盘、鼠标、摄像头、麦克风、加速度计、陀螺仪等的输入装置606;包括例如液晶显示器(LCD)、扬声器、振动器等的输出装置607;包括例如磁带、硬盘等的存储装置608;以及通信装置609。通信装置609可以允许电子设备600与其他设备进行无线或有线通信以交换数据。虽然图6示出了具有各种装置的电子设备600,但是应理解的是,并不要求实施或具备所有示出的装置。可以替代地实施或具备更多或更少的装置。图6中示出的每个方框可以代表一个装置,也可以根据需要代表多个装置。Typically, the following devices can be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touchpad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; including, for example, a liquid crystal display (LCD), speakers, vibration An output device 607 of a computer, etc.; a storage device 608 including, for example, a magnetic tape, a hard disk, etc.; and a communication device 609. Communication means 609 may allow electronic device 600 to communicate wirelessly or by wire with other devices to exchange data. While FIG. 6 shows electronic device 600 having various means, it should be understood that not all of the illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in FIG. 6 may represent one device, or may represent multiple devices as required.
特别地,根据本公开的一些实施例,上文参考流程图描述的过程可以被实现为计算机软件程序。例如,本公开的一些实施例包括一种计算机程序产品,其包括承载在计算机可读介质上的计算机程序,该计算机程序包含用于执行流程图所示的方法的程序代码。在这样的一些实施例中,该计算机程序可以通过通信装置609从网络上被下载和安装,或者从存储装置608被安装,或者从ROM 602被安装。在该计算机程序被处理装置601执行时,执行本公开的一些实施例的方法中限定的上述功能。In particular, according to some embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, some embodiments of the present disclosure include a computer program product comprising a computer program carried on a computer-readable medium, the computer program containing program code for performing the method illustrated in the flowchart. In some such embodiments, the computer program may be downloaded and installed from the network via the communication device 609, or from the storage device 608, or from the ROM 602. When the computer program is executed by the processing device 601, the above-mentioned functions defined in the methods of some embodiments of the present disclosure are performed.
需要说明的是,本公开的一些实施例中记载的计算机可读介质可以是计算机可读信号介质或者计算机可读存储介质或者是上述两者的任意组合。计算机可读存储介质例如可以是——但不限于——电、磁、光、电磁、红外线、或半导体的系统、装置或器件,或者任意以上的组合。计算机可读存储介质的更具体的例子可以包括但不限于:具有一个或多个导线的电连接、便携式计算机磁盘、硬盘、随机访问存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。在本公开的一些实施例中,计算机可读存储介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。而在本公开的一些实施例中,计算机可读信号介质可以包括在基带中 或者作为载波一部分传播的数据信号,其中承载了计算机可读的程序代码。这种传播的数据信号可以采用多种形式,包括但不限于电磁信号、光信号或上述的任意合适的组合。计算机可读信号介质还可以是计算机可读存储介质以外的任何计算机可读介质,该计算机可读信号介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。计算机可读介质上包含的程序代码可以用任何适当的介质传输,包括但不限于:电线、光缆、RF(射频)等等,或者上述的任意合适的组合。It should be noted that the computer-readable medium described in some embodiments of the present disclosure may be a computer-readable signal medium or a computer-readable storage medium, or any combination of the above two. The computer-readable storage medium can be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus or device, or a combination of any of the above. More specific examples of computer readable storage media may include, but are not limited to, electrical connections with one or more wires, portable computer disks, hard disks, random access memory (RAM), read only memory (ROM), erasable Programmable read only memory (EPROM or flash memory), fiber optics, portable compact disk read only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing. In some embodiments of the present disclosure, a computer-readable storage medium can be any tangible medium that contains or stores a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. Rather, in some embodiments of the present disclosure, a computer-readable signal medium may include a data signal in baseband or propagated as part of a carrier wave, carrying computer-readable program code therein. Such propagated data signals may take a variety of forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing. A computer-readable signal medium can also be any computer-readable medium other than a computer-readable storage medium that can transmit, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device . Program code embodied on a computer readable medium may be transmitted using any suitable medium including, but not limited to, electrical wire, optical fiber cable, RF (radio frequency), etc., or any suitable combination of the foregoing.
在一些实施方式中,客户端、服务器可以利用诸如HTTP(HyperText Transfer Protocol,超文本传输协议)之类的任何当前已知或未来研发的网络协议进行通信,并且可以与任意形式或介质的数字数据通信(例如,通信网络)互连。通信网络的示例包括局域网(“LAN”),广域网(“WAN”),网际网(例如,互联网)以及端对端网络(例如,ad hoc端对端网络),以及任何当前已知或未来研发的网络。In some embodiments, the client and server can use any currently known or future developed network protocol such as HTTP (HyperText Transfer Protocol) to communicate, and can communicate with digital data in any form or medium Communication (eg, a communication network) interconnects. Examples of communication networks include local area networks ("LAN"), wide area networks ("WAN"), the Internet (eg, the Internet), and peer-to-peer networks (eg, ad hoc peer-to-peer networks), as well as any currently known or future development network of.
上述计算机可读介质可以是上述电子设备中所包含的;也可以是单独存在,而未装配入该电子设备中。上述计算机可读介质承载有一个或者多个程序,当上述一个或者多个程序被该电子设备执行时,使得该电子设备:对发布的房源信息进行离线特征提取处理,生成上述房源信息的语料组;获取证书监控客户端中存储的各个域名证书;对上述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集;基于目标域名证书信息集和上述解析域名证书信息集,确定是否存在异常域名证书信息。The above-mentioned computer-readable medium may be included in the above-mentioned electronic device; or may exist alone without being assembled into the electronic device. The above-mentioned computer-readable medium carries one or more programs, and when the above-mentioned one or more programs are executed by the electronic device, the electronic device: performs offline feature extraction processing on the published housing information, and generates the above-mentioned housing information. corpus; obtain each domain name certificate stored in the certificate monitoring client; parse each domain name certificate in the above domain name certificates to generate parsed domain name certificate information, and obtain a parsed domain name certificate information set; based on the target domain name certificate information set and the above Parse the domain name certificate information set to determine whether there is abnormal domain name certificate information.
可以以一种或多种程序设计语言或其组合来编写用于执行本公开的一些实施例的操作的计算机程序代码,上述程序设计语言包括面向对象的程序设计语言-诸如Java、Smalltalk、C++,还包括常规的过程式程序设计语言-诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算机上执行、部分地在用户计算机上执行、作为一个独立的软件包执行、部分在用户计算机上部分在远程计算机上执行、或者完全在远程计算机或服务器上执行。在涉及远程计算机的情形中, 远程计算机可以通过任意种类的网络——包括局域网(LAN)或广域网(WAN)——连接到用户计算机,或者,可以连接到外部计算机(例如利用因特网服务提供商来通过因特网连接)。Computer program code for carrying out operations of some embodiments of the present disclosure may be written in one or more programming languages, including object-oriented programming languages - such as Java, Smalltalk, C++, or a combination thereof, Also included are conventional procedural programming languages - such as the "C" language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or may be connected to an external computer (eg, using an Internet service provider) via Internet connection).
附图中的流程图和框图,图示了按照本公开各种实施例的系统、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段、或代码的一部分,该模块、程序段、或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个接连地表示的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或操作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code that contains one or more logical functions for implementing the specified functions executable instructions. It should also be noted that, in some alternative implementations, the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It is also noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented in dedicated hardware-based systems that perform the specified functions or operations , or can be implemented in a combination of dedicated hardware and computer instructions.
描述于本公开的一些实施例中的单元可以通过软件的方式实现,也可以通过硬件的方式来实现。所描述的单元也可以设置在处理器中,例如,可以描述为:一种处理器包括获取单元、解析单元和确定单元。其中,这些单元的名称在某种情况下并不构成对该单元本身的限定,例如,获取单元还可以被描述为“获取证书监控客户端中所存储的各个域名证书的单元”。The units described in some embodiments of the present disclosure may be implemented by means of software, and may also be implemented by means of hardware. The described unit may also be provided in the processor, for example, it may be described as: a processor includes an obtaining unit, a parsing unit and a determining unit. Wherein, the names of these units do not constitute a limitation on the unit itself under certain circumstances. For example, the obtaining unit may also be described as "a unit for obtaining each domain name certificate stored in the certificate monitoring client".
本文中以上描述的功能可以至少部分地由一个或多个硬件逻辑部件来执行。例如,非限制性地,可以使用的示范类型的硬件逻辑部件包括:现场可编程门阵列(FPGA)、专用集成电路(ASIC)、专用标准产品(ASSP)、片上系统(SOC)、复杂可编程逻辑设备(CPLD)等等。The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), Systems on Chips (SOCs), complex programmable Logical Devices (CPLDs) and more.
以上描述仅为本公开的一些较佳实施例以及对所运用技术原理的说明。本领域技术人员应当理解,本公开的实施例中所涉及的发明范围,并不限于上述技术特征的特定组合而成的技术方案,同时也应涵盖在不脱离上述发明构思的情况下,由上述技术特征或其等同特征进行任意组合而形成的其它技术方案。例如上述特征与本公开的实施例 中公开的(但不限于)具有类似功能的技术特征进行互相替换而形成的技术方案。The above descriptions are merely some preferred embodiments of the present disclosure and illustrations of the applied technical principles. Those skilled in the art should understand that the scope of the invention involved in the embodiments of the present disclosure is not limited to the technical solution formed by the specific combination of the above-mentioned technical features, and should also cover, without departing from the above-mentioned inventive concept, the above-mentioned Other technical solutions formed by any combination of technical features or their equivalent features. For example, a technical solution is formed by replacing the above-mentioned features with the technical features disclosed in the embodiments of the present disclosure (but not limited to) with similar functions.

Claims (10)

  1. 一种域名证书检测方法,包括:A method for detecting a domain name certificate, comprising:
    获取证书监控客户端中存储的各个域名证书;Obtain each domain name certificate stored in the certificate monitoring client;
    对所述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集;Performing parsing on each domain name certificate in the respective domain name certificates to generate parsing domain name certificate information, and obtaining a parsing domain name certificate information set;
    基于目标域名证书信息集和所述解析域名证书信息集,确定是否存在异常域名证书信息。Based on the target domain name certificate information set and the resolved domain name certificate information set, it is determined whether there is abnormal domain name certificate information.
  2. 根据权利要求1所述的方法,其中,所述获取证书监控客户端中存储的各个域名证书,包括:The method according to claim 1, wherein the obtaining of each domain name certificate stored in the certificate monitoring client comprises:
    通过握手协议获取所述证书监控客户端中存储的各个域名证书。Obtain each domain name certificate stored in the certificate monitoring client through a handshake protocol.
  3. 根据权利要求1所述的方法,其中,在所述获取证书监控客户端中存储的各个域名证书之前,所述方法还包括:The method according to claim 1, wherein, before obtaining each domain name certificate stored in the certificate monitoring client, the method further comprises:
    获取导入的各个域名证书以存入证书监控客户端中。Obtain the imported domain name certificates and store them in the certificate monitoring client.
  4. 根据权利要求1所述的方法,其中,在所述基于目标域名证书信息集和所述解析域名证书信息集,确定是否存在异常域名证书信息之前,所述方法还包括:The method according to claim 1, wherein before determining whether there is abnormal domain name certificate information based on the target domain name certificate information set and the resolved domain name certificate information set, the method further comprises:
    获取云服务信息平台中存储的各个内容分发网络使用方的各个域名;Obtain each domain name of each content distribution network user stored in the cloud service information platform;
    对所述各个域名进行域名解析以生成解析域名列表;Perform domain name resolution on each of the domain names to generate a list of resolved domain names;
    基于所述解析域名列表中的每个解析域名,获取与所述解析域名对应的内容分发网络使用方的配置信息,得到配置信息集作为目标域名证书信息集。Based on each resolved domain name in the resolved domain name list, the configuration information of the content distribution network user corresponding to the resolved domain name is obtained, and a configuration information set is obtained as a target domain name certificate information set.
  5. 根据权利要求1所述的方法,其中,所述基于目标域名证书信息集和所述解析域名证书信息集,确定是否存在异常域名证书信息,包括:The method according to claim 1, wherein the determining whether there is abnormal domain name certificate information based on the target domain name certificate information set and the resolved domain name certificate information set comprises:
    将所述解析域名证书信息集中的各个解析域名证书信息与所述目标域名证书信息集中的各个目标域名证书信息进行对比,生成对比结果信息集;Comparing each resolution domain name certificate information in the resolution domain name certificate information set with each target domain name certificate information in the target domain name certificate information set, and generating a comparison result information set;
    响应于所述对比结果信息集中存在符合预设条件的对比结果信息,将所述对比结果信息集中符合所述预设条件的对比结果信息确定为异常对比结果信息,得到异常对比结果信息组。In response to the comparison result information that meets the preset condition in the comparison result information set, the comparison result information that meets the preset condition in the comparison result information set is determined as abnormal comparison result information, and an abnormal comparison result information group is obtained.
  6. 根据权利要求5所述的方法,其中,所述基于目标域名证书信息集和所述解析域名证书信息集,确定是否存在异常域名证书信息,还包括:The method according to claim 5, wherein the determining whether there is abnormal domain name certificate information based on the target domain name certificate information set and the resolved domain name certificate information set, further comprising:
    将所述异常对比结果信息组中的每个异常对比结果信息所对应的目标域名证书信息确定为异常域名证书信息,得到异常域名证书信息集。The target domain name certificate information corresponding to each abnormal comparison result information in the abnormal comparison result information group is determined as abnormal domain name certificate information, and an abnormal domain name certificate information set is obtained.
  7. 根据权利要求6所述的方法,其中,所述方法还包括:The method of claim 6, wherein the method further comprises:
    对所述异常域名证书信息集中的每个异常域名证书信息进行聚合处理以生成聚合异常域名证书信息作为可读性告警信息,得到可读性告警信息组;Perform aggregation processing on each abnormal domain name certificate information in the abnormal domain name certificate information set to generate aggregated abnormal domain name certificate information as readability alarm information, and obtain a readability alarm information group;
    将所述可读性告警信息组中的各个可读性告警信息分别发送至对应的各个内容分发网络使用方的服务平台以供用户浏览。Each readability warning information in the readability warning information group is respectively sent to the service platform of each corresponding content distribution network user for the user to browse.
  8. 一种域名证书检测装置,包括:A domain name certificate detection device, comprising:
    获取单元,被配置成获取证书监控客户端中所存储的各个域名证书;an obtaining unit, configured to obtain each domain name certificate stored in the certificate monitoring client;
    解析单元,被配置成对所述各个域名证书中的每个域名证书进行解析以生成解析域名证书信息,得到解析域名证书信息集;a parsing unit, configured to parse each domain name certificate in the respective domain name certificates to generate parsed domain name certificate information, and obtain a parsed domain name certificate information set;
    确定单元,被配置成基于目标域名证书信息集和所述解析域名证书信息集,确定是否存在异常域名证书信息。The determining unit is configured to determine whether there is abnormal domain name certificate information based on the target domain name certificate information set and the resolved domain name certificate information set.
  9. 一种电子设备,包括:An electronic device comprising:
    一个或多个处理器;one or more processors;
    存储装置,其上存储有一个或多个程序;a storage device on which one or more programs are stored;
    当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现如权利要求1-7中任一所述的方法。The one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-7.
  10. 一种计算机可读介质,其上存储有计算机程序,其中,所述程序被处理器执行时实现如权利要求1-7中任一所述的方法。A computer-readable medium having a computer program stored thereon, wherein the program, when executed by a processor, implements the method according to any one of claims 1-7.
PCT/CN2021/128052 2020-11-20 2021-11-02 Domain name certificate detection method and apparatus, electronic device and computer-readable medium WO2022105590A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202011311667.5 2020-11-20
CN202011311667.5A CN112491859B (en) 2020-11-20 2020-11-20 Domain name certificate detection method, device, electronic equipment and computer readable medium

Publications (1)

Publication Number Publication Date
WO2022105590A1 true WO2022105590A1 (en) 2022-05-27

Family

ID=74932440

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/128052 WO2022105590A1 (en) 2020-11-20 2021-11-02 Domain name certificate detection method and apparatus, electronic device and computer-readable medium

Country Status (2)

Country Link
CN (1) CN112491859B (en)
WO (1) WO2022105590A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115550880A (en) * 2022-12-06 2022-12-30 中汽智联技术有限公司 Exception handling method, device and storage medium for certificate of V2X device
CN116723051A (en) * 2023-08-07 2023-09-08 北京安天网络安全技术有限公司 Domain name information generation method, device and medium

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112491859B (en) * 2020-11-20 2023-06-20 上海连尚网络科技有限公司 Domain name certificate detection method, device, electronic equipment and computer readable medium
CN115460084A (en) * 2021-06-09 2022-12-09 贵州白山云科技股份有限公司 Security acceleration service deployment method, device, medium and equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106230602A (en) * 2016-09-09 2016-12-14 上海携程商务有限公司 The integrity detection system of the certificate chain of digital certificate and method
CN110225013A (en) * 2019-05-30 2019-09-10 世纪龙信息网络有限责任公司 The monitoring of certificate of service and more new system
US20200143479A1 (en) * 2018-11-03 2020-05-07 International Business Machines Corporation Detection of abnormal estimates
CN111786781A (en) * 2020-06-29 2020-10-16 友谊时光科技股份有限公司 SSL certificate monitoring method, system, device, equipment and storage medium
CN112491859A (en) * 2020-11-20 2021-03-12 上海连尚网络科技有限公司 Domain name certificate detection method and device, electronic equipment and computer readable medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571770B (en) * 2011-12-27 2015-02-04 北京神州绿盟信息安全科技股份有限公司 Man-in-the-middle attack detection method, device, server and system
US20170093586A1 (en) * 2015-09-25 2017-03-30 Qualcomm Incorporated Techniques for managing certificates on a computing device
CN107766716B (en) * 2016-08-16 2021-08-31 阿里巴巴集团控股有限公司 Certificate detection method and device and electronic equipment
CN107229877A (en) * 2017-06-05 2017-10-03 北京凤凰理理它信息技术有限公司 Certificate management, acquisition methods, device, computer program and electronic equipment
CN107689018A (en) * 2017-09-18 2018-02-13 四川五八直聘信息技术有限公司 Building enterprise's staff credentials' management method and system
CN110557255A (en) * 2018-05-31 2019-12-10 北京京东尚科信息技术有限公司 certificate management method and device
CN110493234B (en) * 2019-08-23 2021-08-03 中国工商银行股份有限公司 Certificate processing method, certificate processing device and electronic equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106230602A (en) * 2016-09-09 2016-12-14 上海携程商务有限公司 The integrity detection system of the certificate chain of digital certificate and method
US20200143479A1 (en) * 2018-11-03 2020-05-07 International Business Machines Corporation Detection of abnormal estimates
CN110225013A (en) * 2019-05-30 2019-09-10 世纪龙信息网络有限责任公司 The monitoring of certificate of service and more new system
CN111786781A (en) * 2020-06-29 2020-10-16 友谊时光科技股份有限公司 SSL certificate monitoring method, system, device, equipment and storage medium
CN112491859A (en) * 2020-11-20 2021-03-12 上海连尚网络科技有限公司 Domain name certificate detection method and device, electronic equipment and computer readable medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115550880A (en) * 2022-12-06 2022-12-30 中汽智联技术有限公司 Exception handling method, device and storage medium for certificate of V2X device
CN116723051A (en) * 2023-08-07 2023-09-08 北京安天网络安全技术有限公司 Domain name information generation method, device and medium
CN116723051B (en) * 2023-08-07 2023-10-27 北京安天网络安全技术有限公司 Domain name information generation method, device and medium

Also Published As

Publication number Publication date
CN112491859B (en) 2023-06-20
CN112491859A (en) 2021-03-12

Similar Documents

Publication Publication Date Title
WO2022105590A1 (en) Domain name certificate detection method and apparatus, electronic device and computer-readable medium
CN110753089B (en) Method, device, medium and electronic equipment for managing client
CN108494860B (en) WEB access system, WEB access method and device for client
WO2022105591A1 (en) Cache server performance test method and apparatus, device, and medium
US20220391577A1 (en) Information interaction method and apparatus, server, system, and storage medium
CN113268761B (en) Information encryption method and device, electronic equipment and computer readable medium
CN111930534A (en) Data calling method and device and electronic equipment
CN111083108A (en) Data processing method, device, medium and electronic equipment
WO2021197161A1 (en) Icon updating method and apparatus, and electronic device
CN115640285B (en) Power abnormality information transmission method, device, electronic equipment and medium
CN113760536A (en) Data caching method and device, electronic equipment and computer readable medium
CN112506968A (en) Information aggregation method and device, electronic equipment and computer readable medium
CN111596992B (en) Navigation bar display method and device and electronic equipment
CN111355784B (en) Method, device, medium and electronic equipment for processing request information
CN111858381A (en) Application program fault tolerance capability test method, electronic device and medium
CN116361121A (en) Abnormal interface alarm method, device, electronic equipment and computer readable medium
US20240069991A1 (en) Abnormal request processing method and apparatus, electronic device and storage medium
CN113609516B (en) Information generation method and device based on abnormal user, electronic equipment and medium
WO2022017458A1 (en) Data synchronization method and apparatus, electronic device, and medium
WO2021082599A1 (en) Wed page image monitoring method and device, electronic equipment and computer readable storage medium
CN111460020B (en) Method, device, electronic equipment and medium for resolving message
CN113486749A (en) Image data collection method, device, electronic equipment and computer readable medium
CN111580890A (en) Method, apparatus, electronic device, and computer-readable medium for processing features
CN112817874A (en) User interface test method, device, equipment and medium
US10516767B2 (en) Unifying realtime and static data for presenting over a web service

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21893738

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21893738

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 17/10/2023)