CN105871807A - Anti-stealing-link method, device and system - Google Patents
Anti-stealing-link method, device and system Download PDFInfo
- Publication number
- CN105871807A CN105871807A CN201510926330.8A CN201510926330A CN105871807A CN 105871807 A CN105871807 A CN 105871807A CN 201510926330 A CN201510926330 A CN 201510926330A CN 105871807 A CN105871807 A CN 105871807A
- Authority
- CN
- China
- Prior art keywords
- client
- user
- application program
- obtains
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000004044 response Effects 0.000 claims abstract description 50
- 230000003542 behavioural effect Effects 0.000 claims description 145
- 230000006399 behavior Effects 0.000 claims description 31
- 230000005540 biological transmission Effects 0.000 claims description 11
- 238000004891 communication Methods 0.000 abstract description 6
- 239000000203 mixture Substances 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the invention provides an anti-stealing-link method, device and system, relates to the technical field of communication and mainly aims at improving the anti-stealing-link reliability. The technical scheme used by the embodiment of the invention comprises following steps of obtaining behavior data of operating an application by a user when a triggering operation of the user for obtaining data information is received; sending an obtaining request of the user for obtaining the data information to a server, thus enabling the server to identify whether a current client is an illegal client or not according to the behavior data of operating the application by the user and the server preset behavior data of operating the application by the user, thus obtaining an identification result; receiving obtaining request response sent by the server, wherein the identification result is carried in the obtaining request response; and carrying out corresponding operations according to the identification result. The method, the device and the system are mainly used for anti-stealing-link.
Description
Technical field
The present embodiments relate to Internet technical field, particularly relate to a kind of anti-stealing link method, device and
System.
Background technology
Steal chain and refer to that the service that provider is provided illegally is used by the targeted customer not being to provide business or obtains
Take, thus affect the interests of provider.Such as, it is provided that business provides the user network and accesses resource and this money
The uniform resource locator (UnifromResoure Locator, URL) that source is corresponding, if these URL are not by
Be to provide the targeted customer of business illegally to obtain and carry out resource access, may result in provider be target zone with
Outer user provides service, thus takies network access bandwidth, causes the wasting of resources, and even some is used
The resource of acquisition can be extended utilizing by family, have impact on the interests of provider.
Current anti-stealing link method mainly has the method for encryption certification, and first the method obtains from client and use
Family information, the fileinfo then asked according to user profile and user is encrypted to character string and tests as identity
Card, only after subscriber authentication is successful, service end just can send client to the file needed, thus
Reaching the purpose of door chain, the method is equivalent to by adding one protection client user before logging in
And the protocol algorithm of service end be encrypted, but owing to this protocol algorithm relates to user profile when encryption,
Easily being cracked by disabled user in client, the reliability causing the method door chain is relatively low.
Summary of the invention
The embodiment of the present invention provides a kind of anti-stealing link method, Apparatus and system, it is possible to increase door chain can
By property.
According to one aspect of the present invention, it is provided that a kind of anti-stealing link method, including:
When receiving the trigger action that user obtains data message, obtain the row of user operation application program
For data;
Sending user to server and obtain the acquisition request of data message, described acquisition in request is carried
State the behavioral data of user operation application program and the data message of acquisition request, in order to described server root
Apply according to described in the user operation that the behavioral data of described user operation application program and described server are preset
The behavioral data of program, identifies whether active client is illegitimate client, and returns according to recognition result
Obtain request response;
Receiving the acquisition request response that described server sends, described acquisition in request response carries identification
As a result, described recognition result includes: if described client is illegitimate client, then obtain for refusal user
The information of data message, if described client is legitimate client, is then that described acquisition asks correspondence
The data message of acquisition request;
Corresponding operating is carried out according to described recognition result.
Alternatively, the behavioral data of described acquisition user operation application program, including:
Directly the behavioural information of recording user operation application program obtains the behavior number of user operation application program
According to;
Or the user behaviors log of recording user operation application behavior data is obtained according to predefined paths, right
Described user behaviors log resolves, and obtains the behavioral data of user operation application program.
Alternatively, the behavioral data of described user operation application program includes: user operation application program
Positional information and the parameter information of described application program.
According to another aspect of the present invention, it is provided that a kind of anti-stealing link method, including:
The user receiving client transmission obtains the acquisition request of data message, and described acquisition in request is carried
There are the behavioral data of user operation application program and the data message of acquisition request;
Behavioral data according to application program described in the user operation that server is preset and described behavioral data,
Identify whether active client is illegitimate client;
If described client is illegitimate client, then refusal user obtains the request of data message, is refused
User absolutely obtains the information of data message as recognition result;
If described client is legitimate client, then consenting user obtains the acquisition request of data message, and
Obtain, according to described, the data message that request corresponding requests obtains, the described request corresponding requests that obtains is obtained
Data message as recognition result;
Sending to client and obtain request response, described acquisition in request response carries described recognition result,
So that client carries out corresponding operating according to described recognition result.
Alternatively, the behavioral data of application program described in the described user operation preset according to server and institute
State behavioral data, identify whether active client is illegitimate client, including:
Should described in the operation preset with described server by the behavioral data of described user operation application program
Mate with the behavioral data of program;
If matching result is inconsistent, then identifying described client is illegitimate client;
If matching result is consistent, then identifying described client is legitimate client.
Alternatively, the behavioral data of described user operation application program includes: user operation application program
Positional information and the parameter information of described application program.
According to another aspect of the invention, it is provided that a kind of client, including:
Acquiring unit, for when receiving the trigger action that user obtains data message, obtains user behaviour
Make the behavioral data of application program;
Transmitting element, obtains the acquisition request of data message, described acquisition for sending user to server
Request carries behavioral data and the data message of acquisition request of described user operation application program, with
Toilet states server according to the preset use of the behavioral data of described user operation application program and described server
Family operates the behavioral data of described application program, identifies whether active client is illegitimate client, and root
Return according to recognition result and obtain request response;
Receiving unit, be used for receiving the acquisition request response that described server sends, described acquisition asks to ring
Carrying recognition result in Ying, described recognition result includes: if described client is illegitimate client, then
The information of data message is obtained, if described client is legitimate client, then for institute for refusal user
State and obtain the data message that request corresponding requests obtains;
Operating unit, for carrying out corresponding operating according to described recognition result.
Alternatively, described acquiring unit, including:
Acquisition module, the behavioural information for direct recording user operation application program obtains user operation should
With the behavioral data of program;
Described acquisition module, is additionally operable to obtain recording user operation application behavior number according to predefined paths
According to user behaviors log, described user behaviors log is resolved, obtain user operation application program behavior number
According to.
According to another aspect of the invention, it is provided that a kind of server, including:
Receiving unit, the user sent for receiving client obtains the acquisition request of data message, described
Obtain in request and carry the behavioral data of user operation application program and the data message of acquisition request;
Recognition unit, for the behavioral data according to application program described in the preset user operation of server and
Described behavioral data, identifies whether active client is illegitimate client;
First result unit, if being illegitimate client for described client, then refusal user obtains data
The acquisition request of information, obtains refusing user and obtains the information of data message as recognition result;
Second result unit, if being legitimate client for described client, then consenting user obtains data
The acquisition request of information, and obtain, according to described, the data message that request corresponding requests obtains, obtain described
Take the data message of request corresponding requests acquisition as recognition result;
Transmitting element, obtains request response for sending to client, and described acquisition in request response is carried
There is described recognition result, in order to client carries out corresponding operating according to described recognition result.
Alternatively, described recognition unit, including:
Matching module, for pre-with described server by the behavioral data of described user operation application program
The behavioral data operating described application program put mates;
First object module, if being inconsistent for matching result, then it is illegal for identifying described client
Client;
Second object module, if being consistent for matching result, then identifying described client is legal visitor
Family end.
According to present invention also offers a kind of anti-stealing link system, including: above-mentioned client and above-mentioned
Server,
Described client, for when receiving the trigger action that user obtains data message, obtains user
The behavioral data of operation application program, and the acquisition request of data message is obtained to server transmission user,
Described acquisition request carries behavioral data and the data of acquisition request of described user operation application program
Information;
Described server, the user sent for receiving client obtains the acquisition request of data message, root
According to behavioral data and the described behavioral data of application program described in the user operation that server is preset, identify and work as
Whether front client is illegitimate client, if described client is illegitimate client, then refusal user obtains
The request of data message, obtains refusing user and obtains the information of data message as recognition result, if
Described client is legitimate client, then consenting user obtains the acquisition request of data message, and according to institute
State and obtain the data message that request corresponding requests obtains, obtain, by described, the data that request corresponding requests obtains
Information is as recognition result;
Described server, is additionally operable to send, to client, the request of acquisition and responds, in described acquisition request response
Carry described result, in order to client carries out corresponding operating according to described recognition result;
Described client, is additionally operable to receive the acquisition request response that described server sends, and described acquisition please
Ask and response carries recognition result, and carry out corresponding operating according to described recognition result.
A kind of anti-stealing link method of embodiment of the present invention offer, Apparatus and system, obtain when receiving user
During the trigger action of data message, obtain the behavioral data of user operation application program, so get
The behavioral data that behavioral data is user's trigger action of client one side, the reliability of data is high, enters one
Walking the acquisition request obtaining data message to server transmission user, described server is according to pre-in server
The behavioral data of application program described in the user operation put and described behavioral data, identify that active client is
No for illegitimate client, it is identified result, and described recognition result is sent to client, prevent
Steal chain, in order to client operates accordingly according to described recognition result.Encryption is used with prior art
Certification carries out the method for door chain and compares, and the behavioral data of the user operation application program of acquisition is in client
It is difficult to be stolen, is identified the behavioral data of described user operation whether being illegal client in service end
End so that the result identified is more accurate, thus improves the reliability of door chain.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to reality
Execute the required accompanying drawing used in example or description of the prior art to make to introduce simply, it should be apparent that under,
Accompanying drawing during face describes is some embodiments of the present invention, for those of ordinary skill in the art,
On the premise of not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
A kind of anti-stealing link method flow chart that Fig. 1 provides for the embodiment of the present invention;
The another kind of anti-stealing link method flow chart that Fig. 2 provides for the embodiment of the present invention;
The composition frame chart of a kind of client that Fig. 3 provides for the embodiment of the present invention;
The composition frame chart of the another kind of client that Fig. 4 provides for the embodiment of the present invention;
The composition frame chart of the another kind of server that Fig. 5 provides for the embodiment of the present invention;
The composition frame chart of the another kind of server that Fig. 6 provides for the embodiment of the present invention;
The structure chart of a kind of anti-stealing link system that Fig. 7 provides for the embodiment of the present invention;
The apparatus structure schematic diagram of a kind of server that Fig. 8 provides for the embodiment of the present invention.
Detailed description of the invention
For making the purpose of the embodiment of the present invention, technical scheme and advantage clearer, below in conjunction with this
Accompanying drawing in bright embodiment, is clearly and completely described the technical scheme in the embodiment of the present invention,
Obviously, described embodiment is a part of embodiment of the present invention rather than whole embodiments.Based on
Embodiment in the present invention, those of ordinary skill in the art are obtained under not making creative work premise
The every other embodiment obtained, broadly falls into the scope of protection of the invention.
Embodiments provide a kind of anti-stealing link method, can apply to client, such as Fig. 1 institute
Showing, described method includes:
101, when receiving the trigger action that user obtains data message, user operation application program is obtained
Behavioral data.
Wherein, described user obtains the trigger action of data message is that user triggers current application program to obtain
One trigger action of information of fetching data, for example, user clicks on operation or the user of broadcast button
One track of slip screen etc. operate, and described trigger action is not limited by the embodiment of the present invention, specifically
Can be determined according to practical situation.
Above-mentioned behavioral data can be that user triggers the positional information corresponding to current operation and user is grasped
Making the parameter information that application program is corresponding, described positional information can be that clicking operation button is corresponding currently should
The position corresponding with program interface or region, it is also possible to for the region of user's sliding mouse, described currently
The parameter information of application program can include the version number of this application program and corresponding identification information etc., this
Bright described behavioral data is not specifically limited.
Specifically, the behavioral data of described acquisition user operation application program, can be by directly recording use
The behavioural information of family operation application program obtains, it is also possible to obtaining recording user operation according to predefined paths should
With the daily record of program behavior data, described user behaviors log is resolved, obtain described operation application program
Behavioral data.
102, to server send user obtain data message acquisition request, in order to described server according to
Journey is applied described in the behavioral data of described user operation application program and the preset user operation of described server
The behavioral data of sequence, identifies whether active client is illegitimate client.
Wherein, described server is the server of client service, user corresponding to current application program
By to client operation and then to the request of server transmission acquisition data message, the most described acquisition please
The behavioral data of described user operation application program that step 101 obtains and acquisition request is carried in asking
Data message, in order to described server is preset according to behavioral data and the server of user operation application program
The behavioral data of user operation application program, active client is identified, identifies active client
Whether being illegitimate client, be identified result, described recognition result: if described client is non-if including
Method client, then obtain the information of data message, if described client is legal visitor for refusal user
Family end, then be the described data message obtaining request corresponding requests acquisition, and obtain according to recognition result return
Take request response.
103, receiving the acquisition request response that described server sends, described acquisition in request response carries
Recognition result.
Wherein, described recognition result be server according to the behavioral data of described user operation application program and
The behavioral data of application program described in the user operation that described server is preset, identifies whether client is non-
The recognition result of method client.
Specifically, after receiving the acquisition request response that server sends, due to this acquisition request response
In carry recognition result, this recognition result is to identify the result whether active client is illegitimate client,
And then recognise that as stealing chain behavior, if it is illegitimate client that server identifies this client, it is then
Stealing chain behavior, recognition result can be refused user and obtain the acquisition request of data message, and stops server to be sent out
Send the operation of data message, if it is legitimate client that server identifies this client, be not the most to steal chain row
For, recognition result meeting consenting user obtains the acquisition request of data message, and server can be by corresponding data
Information sends back client for user's subsequent operation.
104, corresponding operating is carried out according to described recognition result.
For the embodiment of the present invention, concrete application scenarios can be as follows, but is not limited to this, including:
The interface of active client is provided with some buttons, and when user clicks on broadcast button, client receives to be used
Family obtains the trigger action of data message, now obtains user and clicks on the behavioral data that broadcast button is corresponding,
Such as, user clicks on the parameter information of the position of the button application program corresponding with button, then client
Sending to server and click on the acquisition request that data message corresponding to program request button obtains, this acquisition simultaneously please
The user carrying acquisition in asking clicks on the behavioral data of broadcast button, and then client is obtained by server
The row corresponding to this application program that the behavioral data of described user operation application program is preset with server
It is identified one by one for data, if recognition result is the most consistent, then shows that this client is legal visitor
Family end, returns to the request response that client is agreed to obtain, and carries user's point in this request response
Hit the data message that broadcast button is corresponding, if recognition result has one inconsistent, then show this client
For illegal client, for stealing chain behavior, return to the prompting letter of the request response that client refusal obtains
Breath, and then stop client to go to obtain corresponding data information.
A kind of anti-stealing link method that the embodiment of the present invention provides, can be applicable to client, when receiving user
When obtaining the trigger action of data message, obtain the behavioral data of user operation application program, so obtain
To the behavioral data that behavioral data is user's trigger action of client one side, the reliability of data is high,
Send user to server further and obtain the acquisition request of data message, in order to described server is according to clothes
The behavioral data of application program described in user operation preset in business device and described behavioral data, identify current
Whether client is illegitimate client, and sends described recognition result to client, and client is according to institute
State recognition result to operate accordingly.Encryption certification is used to carry out the method phase of door chain with prior art
Ratio, the behavioral data of the user operation application program of acquisition is difficult to be stolen in client, in service end pair
Whether the behavioral data of described user operation is identified being illegitimate client so that the result identified is more
Add accurately, thus improve the reliability of door chain.
Embodiments provide a kind of anti-stealing link method, can apply to server, such as Fig. 2 institute
Showing, described method includes:
201, the user receiving client transmission obtains the acquisition request of data message.
Wherein, described acquisition request carries behavioral data and the acquisition request of user operation application program
Data message.
Above-mentioned behavioral data can be that user triggers the positional information corresponding to current operation and user is grasped
Making the parameter information that application program is corresponding, described positional information can be that clicking operation button is corresponding currently should
The position corresponding with program interface or region, it is also possible to for the region of user's sliding mouse, described currently
The parameter information of application program can include the version number of this application program and corresponding identification information etc., this
Bright described behavioral data is not specifically limited.
202, according to behavioral data and the described behavior number of application program described in the preset user operation of server
According to, identify whether active client is illegitimate client.
Concrete operations in this step have, by the behavioral data of described user operation application program and described clothes
The behavioral data operating described application program preset in business device mates, if matching result is inconsistent,
Then identifying described client is illegitimate client;If matching result is consistent, then identify described client
End is legitimate client.
Specifically, the behavioral data of the described user operation application program that client is obtained by server and clothes
In business device, the preset behavioral data corresponding to this application program mates, one by one if matching result is complete
Portion is consistent, then show that this client is legal client, returns to client and agrees to that the request obtained rings
Should, and this request response in carry user obtain data message obtain request corresponding to data letter
Breath, if matching result has one inconsistent, then show that this client is illegal client, for steal chain
Behavior, returns to the information that client refusal obtains the request response of data message, stops client
Go to obtain corresponding data information.
It should be noted that in server preset operate described application program behavioral data can be
The behavioral data of the legitimate client that this operation sequence prestores issuing when, generally when this application
Program is before issuing, and the behavioral data of these user operation application programs can be entered in server in advance,
Such as user clicks on the positional information in certain region of Application Program Interface and the attribute information etc. of this application program
Deng, the described preset behavioral data operating described application program is not limited by the present invention..
If 203 described clients are illegitimate client, then refusal user obtain data message acquisition please
Ask, obtain refusing user and obtain the information of data message as recognition result.
If 204 described clients are legitimate client, then the acquisition of consenting user acquisition data message please
Ask, and obtain, according to described, the data message that request corresponding requests obtains, please by described acquisition request correspondence
Ask the data message of acquisition as recognition result.
205, sending, to client, the request of acquisition to respond, described acquisition in request response carries described identification
Result, in order to client carries out corresponding operating according to described recognition result.
Specifically, when server identifies after whether active client be illegitimate client, will know accordingly
Other result sends back client, and described recognition result includes: if described client is illegitimate client, then
The information of data message is obtained, if described client is legitimate client, then for institute for refusal user
State and obtain the data message that request corresponding requests obtains.
A kind of anti-stealing link method that the embodiment of the present invention provides, can be applicable to server, receives client and sends out
The user sent obtains the acquisition request of data message, and described acquisition in request carries user operation application journey
The behavioral data of sequence and the data message of acquisition request, further according to described user operation application program
The behavioral data of application program described in behavioral data and the preset user operation of described server, identifies current
Whether client is illegitimate client, and returns acquisition request response according to recognition result, in order to client root
Carry out corresponding operating according to described recognition result, carry out door chain.Encryption certification is used to carry out with prior art
The method of door chain is compared, and the behavioral data of the user operation application program of acquisition is difficult to stolen in client
Take, be identified the behavioral data of described user operation whether being illegitimate client in service end so that
The result identified is more accurate, thus improves the reliability of door chain.
Further, embodiments provide a kind of client, as it is shown on figure 3, described client,
Including: acquiring unit 31, transmitting element 32, reception unit 33, operating unit 34.
Described acquiring unit 31, for when receiving the trigger action that user obtains data message, obtains
The behavioral data of user operation application program, the behavioral data of described user operation application program includes: use
The positional information of family operation application program and the parameter information of described application program;
Described transmitting element 32, obtains the acquisition request of data message, institute for sending user to server
State the data letter of behavioral data and the acquisition request carrying described user operation application program in the request of acquisition
Breath, in order to described server is preset according to behavioral data and the server of described user operation application program
The behavioral data of application program described in user operation, identifies whether active client is illegitimate client, and
Return according to recognition result and obtain request response;
Wherein, described recognition result includes: if described client is illegitimate client, then for refusal user
Obtain the information of data message, if described client is legitimate client, be then that described acquisition is asked
The data message that corresponding requests obtains, and return acquisition request response according to recognition result;
Described reception unit 33, for receiving the acquisition request response that described server sends, described acquisition
Carrying recognition result in request response, wherein, described recognition result is that server is grasped according to described user
Make the behavior number of application program described in the behavioral data of application program and the user operation that described server is preset
According to, identify that whether client is the recognition result of illegitimate client;
Operating unit 34, for carrying out corresponding operating according to described recognition result.
Further, as shown in Figure 4, described acquiring unit 31, including:
Acquisition module, the behavioural information for direct recording user operation application program obtains user operation should
With the behavioral data of program;
Described acquisition module, is additionally operable to obtain recording user operation application behavior number according to predefined paths
According to user behaviors log, described user behaviors log is resolved, obtain user operation application program behavior number
According to.
It should be noted that other of each functional unit involved by the client of embodiment of the present invention offer
Corresponding description, the corresponding description being referred in Fig. 1, do not repeat them here.
A kind of client that the embodiment of the present invention provides, when the triggering receiving user and obtaining data message
During operation, obtain the behavioral data of user operation application program, client one side's so got
Behavioral data is the behavioral data of user's trigger action, and the reliability of data is high, further to server
Send user and obtain the acquisition request of data message, in order to described server is according to preset in server
Whether the behavioral data of application program described in user operation and described behavioral data, identify active client
For illegitimate client, and being sent by described recognition result to client, client identifies knot according to described
Fruit operates accordingly.Use encryption certification to carry out, compared with the method for door chain, obtaining with prior art
The behavioral data of the user operation application program taken is difficult to be stolen in client, by service end pair
Whether the behavioral data of described user operation is identified being illegitimate client so that the result identified
More accurate, thus improve the reliability of door chain
Further, embodiments provide a kind of server, as it is shown in figure 5, described service
Device includes: receive unit 41, recognition unit the 42, first result unit the 43, second result unit 44,
Transmitting element 45.
Described reception unit 41, the user sent for receiving client obtains the acquisition request of data message,
The described data letter obtaining behavioral data and the acquisition request carrying user operation application program in request
Breath;
Described recognition unit 42, for the behavior of application program described in the user operation preset according to server
Data and described behavioral data, identify whether active client is illegitimate client;
First result unit 43, if being illegitimate client for described client, then refusal user obtains number
It is believed that the acquisition request of breath, obtain refusing user and obtain the information of data message as recognition result;
Second result unit 44, if being legitimate client for described client, then consenting user obtains number
It is believed that the acquisition request of breath, and obtain the data message that request corresponding requests obtains, by described according to described
Obtain the data message of request corresponding requests acquisition as recognition result;
Described transmitting element 45, for obtaining request response to client transmission, described acquisition asks response
In carry described recognition result, in order to client carries out corresponding operating according to described recognition result, described
Recognition result includes: if described client is illegitimate client, then obtain data message for refusal user
Information, if described client is legitimate client, is then that the described request corresponding requests that obtains obtains
Data message.
Further, as shown in Figure 6, described recognition unit 42, including:
Matching module, for pre-with described server by the behavioral data of described user operation application program
The behavioral data operating described application program put mates;
First object module, if being inconsistent for matching result, then it is illegal for identifying described client
Client;
Second object module, if being consistent for matching result, then identifying described client is legal visitor
Family end.
It should be noted that its of each functional unit involved by a kind of server of embodiment of the present invention offer
He describes accordingly, the corresponding description being referred in Fig. 2, does not repeats them here.
A kind of server that the embodiment of the present invention provides, the user receiving client transmission obtains data message
Acquisition request, described acquisition carries the behavioral data of user operation application program in request and request obtains
The data message taken, further according to behavioral data and the described server of described user operation application program
The behavioral data of application program described in preset user operation, identifies whether existing customer is illegitimate client,
And returning acquisition request response according to recognition result, in order to client is carried out according to described recognition result accordingly
Operation, carries out door chain.Use encryption certification to carry out, compared with the method for door chain, obtaining with prior art
The behavioral data of user operation application program be difficult to be stolen in client, in service end to described user
Whether the behavioral data of operation is identified being illegitimate client so that the result identified is more accurate,
Thus improve the reliability of door chain.
Further, a kind of anti-stealing link system that the present embodiment provides, as it is shown in fig. 7, described system bag
Include: client 51, server 52.
Described client 51, for when receiving the trigger action that user obtains data message, obtains and uses
The behavioral data of family operation application program, and the acquisition request of data message is obtained to server transmission user,
Described acquisition request carries behavioral data and the data of acquisition request of described user operation application program
Information;
Described server 52, the user sent for receiving client obtains the acquisition request of data message,
Behavioral data according to application program described in the user operation that server is preset and described behavioral data, identify
Whether active client is illegitimate client, if described client is illegitimate client, then refusal user obtains
The request of information of fetching data, obtains refusing user and obtains the information of data message as recognition result,
If described client is legitimate client, then the acquisition request of consenting user acquisition data message, and according to
The described data message obtaining request corresponding requests acquisition, obtains, by described, the number that request corresponding requests obtains
It is believed that breath is as recognition result;
Described server 52, is additionally operable to send, to client, the request of acquisition and responds, described acquisition request response
In carry described result, in order to client carries out corresponding operating according to described recognition result;
Described client 51, is additionally operable to receive the acquisition request response that described server sends, described acquisition
Request response carries recognition result, and carries out corresponding operating according to described recognition result
In sum, the present embodiment provides a kind of anti-stealing link system, obtains data message when receiving user
Trigger action time, obtain user operation application program behavioral data, the client one so got
The behavioral data that behavioral data is user's trigger action of side, the reliability of data is high, further to service
Device sends user and obtains the acquisition request of data message, and described server is according to user preset in server
Operate the behavioral data of described application program and described behavioral data, identify whether active client is illegal
Client, is identified result, and sends described recognition result to client, carry out door chain, with
Just client operates accordingly according to described recognition result.Encryption certification is used to carry out with prior art
The method of door chain is compared, and the behavioral data of the user operation application program of acquisition is difficult to stolen in client
Take, be identified the behavioral data of described user operation whether being illegitimate client in service end so that
The result identified is more accurate, thus improves the reliability of door chain.
It should be noted that for above-mentioned service end, each used in every embodiment of the present invention is single
The function of element module can be passed through hardware processor (hardware processor) and realize.
Exemplary, as shown in Figure 8, Fig. 8 shows a kind of server that the embodiment of the present invention provides
Apparatus structure schematic diagram, this service end may include that processor (processor) 61, communication interface
(Communications Interface) 62, memorizer (memory) 63 and bus 64, wherein, processor
61, communication interface 62, memorizer 63 complete mutual communication by bus 64.Communication interface 62
May be used for the information transmission between server and client.Processor 61 can call in memorizer 63
Logical order, to perform following method: server receive client send user obtain data message
Acquisition request, described user obtain data message acquisition request in carry user operation application program
Behavioral data and the data message of acquisition request;Answer according to described in the user operation that described server is preset
With behavioral data and the described behavioral data of program, identify whether active client is illegitimate client;If
Described client is illegitimate client, then refusal user obtains the acquisition request of data message, is refused
User obtains the information of data message as recognition result;If described client is legitimate client,
Then consenting user obtains the acquisition request of data message, and obtains what request corresponding requests obtained according to described
Data message, using the described data message of request corresponding requests acquisition that obtains as recognition result;To client
End sends and obtains request response, and described acquisition in request response carries described recognition result, in order to client
End carries out corresponding operating according to described recognition result.
Additionally, the logical order in above-mentioned memorizer 63 can be realized by the form of SFU software functional unit
And during as independent production marketing or use, can be stored in a computer read/write memory medium.
Based on such understanding, the portion that prior art is contributed by technical scheme the most in other words
Dividing or the part of this technical scheme can embody with the form of software product, this computer software produces
Product are stored in a storage medium, including some instructions with so that a computer equipment (can be
Personal computer, server, or the network equipment etc.) perform method described in each embodiment of the present invention
All or part of step.And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory),
The various medium that can store program code such as magnetic disc or CD.
Device embodiment described above is only schematically, wherein said illustrates as separating component
Unit can be or may not be physically separate, the parts shown as unit can be or
Person may not be physical location, i.e. may be located at a place, or can also be distributed to multiple network
On unit.Some or all of module therein can be selected according to the actual needs to realize the present embodiment
The purpose of scheme.Those of ordinary skill in the art are not in the case of paying performing creative labour, the most permissible
Understand and implement.
Through the above description of the embodiments, those skilled in the art is it can be understood that arrive each reality
The mode of executing can add the mode of required general hardware platform by software and realize, naturally it is also possible to by firmly
Part.Based on such understanding, the portion that prior art is contributed by technique scheme the most in other words
Dividing and can embody with the form of software product, this computer software product can be stored in computer can
Read in storage medium, such as ROM/RAM, magnetic disc, CD etc., including some instructions with so that one
Computer equipment (can be personal computer, server, or the network equipment etc.) performs each to be implemented
The method described in some part of example or embodiment.
Last it is noted that above example is only in order to illustrate technical scheme, rather than to it
Limit;Although the present invention being described in detail with reference to previous embodiment, the ordinary skill of this area
Personnel it is understood that the technical scheme described in foregoing embodiments still can be modified by it, or
Person carries out equivalent to wherein portion of techniques feature;And these amendments or replacement, do not make corresponding skill
The essence of art scheme departs from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (11)
1. an anti-stealing link method, it is characterised in that including:
When receiving the trigger action that user obtains data message, obtain the row of user operation application program
For data;
Sending user to server and obtain the acquisition request of data message, described acquisition in request is carried
State the behavioral data of user operation application program and the data message of acquisition request, in order to described server root
Apply according to described in the user operation that the behavioral data of described user operation application program and described server are preset
The behavioral data of program, identifies whether active client is illegitimate client, and returns according to recognition result
Obtain request response;
Receiving the acquisition request response that described server sends, described acquisition in request response carries identification
As a result, described recognition result includes: if described client is illegitimate client, then obtain for refusal user
The information of data message, if described client is legitimate client, is then that described acquisition asks correspondence
The data message of acquisition request;
Corresponding operating is carried out according to described recognition result.
Method the most according to claim 1, it is characterised in that described acquisition user operation application journey
The behavioral data of sequence, including:
Directly the behavioural information of recording user operation application program obtains the behavior number of user operation application program
According to;
Or the user behaviors log of recording user operation application behavior data is obtained according to predefined paths, right
Described user behaviors log resolves, and obtains the behavioral data of user operation application program.
Method the most according to claim 1 and 2, it is characterised in that described user operation application journey
The behavioral data of sequence includes: the positional information of user operation application program and the parameter letter of described application program
Breath.
4. an anti-stealing link method, it is characterised in that including:
The user receiving client transmission obtains the acquisition request of data message, and described acquisition in request is carried
There are the behavioral data of user operation application program and the data message of acquisition request;
Behavioral data according to application program described in the user operation that server is preset and described behavioral data,
Identify whether active client is illegitimate client;
If described client is illegitimate client, then refusal user obtains the acquisition request of data message,
The information of data message is obtained as recognition result to refusal user;
If described client is legitimate client, then consenting user obtains the acquisition request of data message, and
Obtain, according to described, the data message that request corresponding requests obtains, the described request corresponding requests that obtains is obtained
Data message as recognition result;
Sending to client and obtain request response, described acquisition in request response carries described recognition result,
So that client carries out corresponding operating according to described recognition result.
Method the most according to claim 4, it is characterised in that the described use preset according to server
Family operates the behavioral data of described application program and described behavioral data, identifies whether active client is non-
Method client, including:
Should described in the operation preset with described server by the behavioral data of described user operation application program
Mate with the behavioral data of program;
If matching result is inconsistent, then identifying described client is illegitimate client;
If matching result is consistent, then identifying described client is legitimate client.
6. according to the method described in claim 4 or 5, it is characterised in that described user operation application journey
The behavioral data of sequence includes: the positional information of user operation application program and the parameter letter of described application program
Breath.
7. a client, it is characterised in that including:
Acquiring unit, for when receiving the trigger action that user obtains data message, obtains user behaviour
Make the behavioral data of application program;
Transmitting element, obtains the acquisition request of data message, described acquisition for sending user to server
Request carries behavioral data and the data message of acquisition request of described user operation application program, with
Toilet states server according to the preset use of the behavioral data of described user operation application program and described server
Family operates the behavioral data of described application program, identifies whether active client is illegitimate client, and root
Return according to recognition result and obtain request response;
Receiving unit, be used for receiving the acquisition request response that described server sends, described acquisition asks to ring
Carrying recognition result in Ying, described recognition result includes: if described client is illegitimate client, then
The information of data message is obtained, if described client is legitimate client, then for institute for refusal user
State and obtain the data message that request corresponding requests obtains;
Operating unit, for carrying out corresponding operating according to described recognition result.
Client the most according to claim 7, it is characterised in that described acquiring unit, including:
Acquisition module, the behavioural information for direct recording user operation application program obtains user operation should
With the behavioral data of program;
Described acquisition module, is additionally operable to obtain recording user operation application behavior number according to predefined paths
According to user behaviors log, described user behaviors log is resolved, obtain user operation application program behavior number
According to.
9. a server, it is characterised in that including:
Receiving unit, the user sent for receiving client obtains the acquisition request of data message, described
Obtain in request and carry the behavioral data of user operation application program and the data message of acquisition request;
Recognition unit, for the behavioral data according to application program described in the preset user operation of server and
Described behavioral data, identifies whether active client is illegitimate client;
First result unit, if being illegitimate client for described client, then refusal user obtains data
The acquisition request of information, obtains refusing user and obtains the information of data message as recognition result;
Second result unit, if being legitimate client for described client, then consenting user obtains data
The acquisition request of information, and obtain, according to described, the data message that request corresponding requests obtains, obtain described
Take the data message of request corresponding requests acquisition as recognition result;
Transmitting element, obtains request response for sending to client, and described acquisition in request response is carried
There is described recognition result, in order to client carries out corresponding operating according to described recognition result.
Server the most according to claim 9, it is characterised in that described recognition unit, including:
Matching module, for pre-with described server by the behavioral data of described user operation application program
The behavioral data operating described application program put mates;
First object module, if being inconsistent for matching result, then it is illegal for identifying described client
Client;
Second object module, if being consistent for matching result, then identifying described client is legal visitor
Family end.
11. 1 kinds of anti-stealing link systems, it is characterised in that include the client described in claim 7 or 8,
Server described in claim 9 or 10,
Described client, for when receiving the trigger action that user obtains data message, obtains user
The behavioral data of operation application program, and the acquisition request of data message is obtained to server transmission user,
Described acquisition request carries behavioral data and the data of acquisition request of described user operation application program
Information;
Described server, the user sent for receiving client obtains the acquisition request of data message, root
According to behavioral data and the described behavioral data of application program described in the user operation that server is preset, identify and work as
Whether front client is illegitimate client, if described client is illegitimate client, then refusal user obtains
The request of data message, obtains refusing user and obtains the information of data message as recognition result, if
Described client is legitimate client, then consenting user obtains the acquisition request of data message, and according to institute
State and obtain the data message that request corresponding requests obtains, obtain, by described, the data that request corresponding requests obtains
Information is as recognition result;
Described server, is additionally operable to send, to client, the request of acquisition and responds, in described acquisition request response
Carry described result, in order to client carries out corresponding operating according to described recognition result;
Described client, is additionally operable to receive the acquisition request response that described server sends, and described acquisition please
Ask and response carries recognition result, and carry out corresponding operating according to described recognition result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510926330.8A CN105871807A (en) | 2015-12-14 | 2015-12-14 | Anti-stealing-link method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510926330.8A CN105871807A (en) | 2015-12-14 | 2015-12-14 | Anti-stealing-link method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105871807A true CN105871807A (en) | 2016-08-17 |
Family
ID=56624491
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510926330.8A Pending CN105871807A (en) | 2015-12-14 | 2015-12-14 | Anti-stealing-link method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105871807A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030135745A1 (en) * | 2002-01-17 | 2003-07-17 | Yu-Chin Liu | Method of licensing computer program or data to be used legally |
| CN1485746A (en) * | 2002-09-27 | 2004-03-31 | 鸿富锦精密工业(深圳)有限公司 | User rights security management system and method |
| CN102103507A (en) * | 2009-12-16 | 2011-06-22 | 宏碁股份有限公司 | System updating method and computer system |
| CN103634396A (en) * | 2013-11-28 | 2014-03-12 | 武汉钢铁(集团)公司 | Method, gateway equipment and system for accessing intranet webpage service data |
-
2015
- 2015-12-14 CN CN201510926330.8A patent/CN105871807A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030135745A1 (en) * | 2002-01-17 | 2003-07-17 | Yu-Chin Liu | Method of licensing computer program or data to be used legally |
| CN1485746A (en) * | 2002-09-27 | 2004-03-31 | 鸿富锦精密工业(深圳)有限公司 | User rights security management system and method |
| CN102103507A (en) * | 2009-12-16 | 2011-06-22 | 宏碁股份有限公司 | System updating method and computer system |
| CN103634396A (en) * | 2013-11-28 | 2014-03-12 | 武汉钢铁(集团)公司 | Method, gateway equipment and system for accessing intranet webpage service data |
Non-Patent Citations (1)
| Title |
|---|
| 袁楷等: "流媒体服务器防盗链系统", 《企业技术开发》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11176573B2 (en) | Authenticating users for accurate online audience measurement | |
| US9773109B2 (en) | Alternate files returned for suspicious processes in a compromised computer network | |
| Alaca et al. | Device fingerprinting for augmenting web authentication: classification and analysis of methods | |
| CN104735066B (en) | A kind of single-point logging method of object web page application, device and system | |
| CN104144419B (en) | Identity authentication method, device and system | |
| US9686344B2 (en) | Method for implementing cross-domain jump, browser, and domain name server | |
| US11451583B2 (en) | System and method to detect and block bot traffic | |
| CN109194671A (en) | A kind of recognition methods of abnormal access behavior and server | |
| CN103139200A (en) | Single sign-on method of web service | |
| CN105141605B (en) | Session method, Website server and browser | |
| CN104199654A (en) | Open platform calling method and device | |
| WO2013119323A1 (en) | Systems and methods for profiling client devices | |
| CN110958239B (en) | Method and device for verifying access request, storage medium and electronic device | |
| CN109547426B (en) | Service response method and server | |
| CN111885007B (en) | Information tracing method, device, system and storage medium | |
| CN109302394A (en) | A kind of anti-simulation login method of terminal, device, server and storage medium | |
| Kaur et al. | Browser fingerprinting as user tracking technology | |
| EP3381166B1 (en) | Systems and methods for cross-channel device binding | |
| CN105791249A (en) | Third-party application processing method, device and system | |
| CN115484066B (en) | Method, device, equipment and storage medium for blocking malicious requests of flash sale system | |
| CN108282443B (en) | Crawler behavior identification method and device | |
| Gujar | Exploring Device Fingerprinting for Password-Less Authentication Systems | |
| CN114938313B (en) | Man-machine identification method and device based on dynamic token | |
| CN106992972B (en) | A kind of cut-in method and device | |
| CN105871807A (en) | Anti-stealing-link method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160817 |