CN1372665A - Method, system and computer program products for adaptive web-site access blocking - Google Patents
Method, system and computer program products for adaptive web-site access blockingDownload PDFInfo
- Publication number
- CN1372665A CN1372665ACN 01800160CN01800160ACN1372665ACN 1372665 ACN1372665 ACN 1372665ACN 01800160CN01800160CN 01800160CN 01800160 ACN01800160 ACN 01800160ACN 1372665 ACN1372665 ACN 1372665A
- Authority
- CN
- China
- Prior art keywords
- inventory
- internet
- traffic
- profile
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
Invention field
The present invention relates generally to management to the communication of the packet by in-house network or internet transmission.More particularly, it relates to the packet by in-house network or internet transmission is monitored, writes down and shields, to carry out the web Access Management Access adaptively.
Prior art
Along with increasing website occurs on the internet, the those of ordinary skill relevant with WEB Access Management Access field promptly, can not be managed the supervision and the control of a large amount of accessing operations effectively facing to a technical barrier.Along with sustainable growth and the website and (URL) variation of relevant different titles of well-known term " URL(uniform resource locator) " of more visits, this difficulty is also more remarkable.Network service between the computing machine that links to each other by internet or in-house network is almost all becoming the topmost activity that most modern handle official bussiness personnel are engaged in aspect each of commercial affairs contacts.According to definition, network is one group of computing machine and relevant device of linking together by communication facilities or link.It can be permanent that network connects, also interim as by fiber optic cables, as the connection that produces by phone or other communication link.Varying in size of diverse network is from the Local Area Network of being made up of several computing machines and relevant device, to the wide area network (WAN) that computing machine and the LAN that is distributed in diverse geographic location are connected with each other.Equally, the internet is by data transmit and the set of the gateway of conversion or a plurality of identical or different computer networks that router couples together by being used for carrying out between heterogeneous networks.A network system that is widely known by the people is exactly " internet system ", and it refers to uses the network that TCP (TCP/IP) intercoms mutually and the set of router.
WWW website on present many World Wide Webs (that is, internet system) all provides a large amount of Useful Informations, and especially many these websites all provide the information relevant with occupation, many facilities that browse WWW also is provided for the employee of organizing.But, also need visit is controlled so that the network use is limited within the working range.A typical example is exactly that the company that is engaged in technological development allows the employee to browse and catch up with the whole up-to-date correlation technique information that is provided on the different web sites of internet.Simultaneously, also need carry out suitable control and supervision, to prevent to have a negative impact, the to block internet access of company to employee's work efficiency and to cause the generation of the access to netwoks abuse condition of corporate resource waste.Especially on the internet site widely available information comprised human interest and movable various aspects, so often need access control policy to prevent unnecessary and unwanted abuse.
A general solution is to use a kind of software database that is commonly referred to URL(uniform resource locator) (URL) shadow data storehouse to shield the specific website of user capture in the market now.There is dealer to provide this database product and service and similar program to carry out the URL function of shielding, as WebSENSE.The method that these URL mask programs provided is to utilize a network robot sequentially to follow the WEB link and the whole WWW network of periodically patrolling.On each latest find website, the loading of execution keyword matching or hand inspection and the work of classifying according to the content of this website are to increase the information relevant with this website in URL shadow data storehouse then.Afterwards, WEB Access Management Access person is loaded into this database in the server from dealer, and this server is used to control the WEB visit of internet, the catalogue that it does not allow the employee to browse web sites.Example is to utilize a strategy allowing slip-stick artist's browser technology, news, finance and economics or other website relevant with occupation, and it is irrelevant and might hurt company and slip-stick artist's website owing to legal requiremnt or bandwidth constraints with professional task not allow them to visit.
But this implementation exists a lot of shortcomings and difficulty.Specifically, the number of internet site and kind are just at rapid growth.New website produces and some old websites disappearances.It is out-of-date that database becomes soon, because it can not reflect truly that available website is to satisfy the tactful institute requirement that is used to control the WEB visit.In addition, because the growth of internet, the capacity of these databases also can increase rapidly.When using a huge database, allow or the speed of shielding WEB visit also can become a bottleneck in the WEB access speed.In addition, present internet site is created with different language.Even the English website has been dominated original internet, applications, also there is increasing non-English webpage just to be created out.Concerning the keeper, be difficult to produce a multilingual database, and more be difficult to carry out function of search and carry out the URL function of shielding.Another kind of difficulty is that the technology by up-to-date exploitation causes, and more and more internal databases that utilize are with interim distribution and only be that the website and webpage that specific communications is talked with the URL that exists are created rapidly.There is not effective method so that " network robot " obtains the title that these answer the website of conductively-closed.
Therefore, in related work, still need to provide effective method and configuration so that the those skilled in the art in individual or the related work solve these difficulties.Specifically, the continuous and running modification that this method and configuration must be when occurring in a plurality of internet user access website and the real-time change of carrying out adaptively, thus can monitor and manage the WEB access control effectively.
Summary of the invention
The purpose of this invention is to provide a kind of new improving one's methods and system configuration, according to the visit that comes to control effectively and adaptively from one group of Internet user's up-to-date relevant traffic pattern to the website.Up-to-date traffic log is saved to be used for producing true and available website inventory according to the Different Rule to the statistics of Internet traffic.For example, this rule can be one and have the website inventory of high network traffic, this portfolio or be the data byte of process or be the number of grouping.Another example can be the inventory of a website of the most often being visited.The inventory that these inventories can be used to select a shielding and allow visit is to carry out effectively and management efficiently one group of Internet user's website visiting operation.Above-mentioned difficulties that often runs in conventional art and restriction have obtained solution in the present invention.
In one aspect of the invention, it provides several different methods, system and computer software product controlling WEB user's the activity of browsing effectively under the environment of cooperation, and has avoided above-mentioned difficulties and restriction.
A preferred embodiment of the present invention has disclosed a kind of being used for one group of user's internet site has been visited the Internet service gateway of controlling.This gateway comprises a communications records device, and it is a plurality of from one group of user each visit of carrying out to a plurality of internet sites by this Internet service gateway to be used for watch-keeping, and can produce an Internet service amount record.This gateway also comprises a traffic analyzer, be used for continuous counter and queuing are carried out in the internet access of each website, and can produce the website inventory that conduct and shields suspicious traffic-profile consistent suspicious internet site of traffic-profile on statistics.This gateway also comprises an editing machine, and it allows selected input of access controller editor, to be used for selecting at traffic-profile the suspected site of listing the inventory of the website that will shield.Gateway also comprises a user interface, and its allows access controller that the list item of the website that (include, but is not limited to add, editor and deletion) will shield is provided.
The present invention has also disclosed a kind of method that one group of user is controlled the visit of internet site of being used for.This method comprises the step of the number that by the Internet service gateway each of a plurality of internet sites is carried out internet access from one group of user being carried out continuous recording and counting.Thereby the method also comprises the pattern of internet access is carried out statistical study to generate the step of selecting the website inventory that will shield with the suspicious traffic-profile that will shield consistent suspicious internet site inventory of traffic-profile on adding up in this traffic-profile the suspected site inventory.
To the detailed explanatory note of preferred embodiment and with reference to various accompanying drawings, the above and other objects and advantages of the present invention will become apparent for a person skilled in the art far and away by following.
Description of drawings
Fig. 1 has shown a kind of system configuration of network system, and it comprises a plurality of computer users that couple together by a Local Area Network, and this LAN (Local Area Network) is undertaken by the Internet service gateway the visit of internet, and is subjected to its supervision and control.
Fig. 2 is a functional block diagram, has shown the hardware and software instrument of the internet access control of using in the Internet service gateway shown in Figure 1.
The embodiment explanation
Referring now to accompanying drawing to a preferred embodiment of the present invention will be described in detail.Though the explanation that the present invention carried out is carried out in conjunction with the preferred embodiments, be should be understood that the present invention is not limited in these embodiment.On the contrary, the present invention has been contained all possible conversion within its spirit and scope, modification and has been substituted.As those skilled in the art will be appreciated that, the present invention can be embodied as a kind of method, data handling system or computer software program product.Therefore, the present invention can adopt forms such as data analysis system, method, analysis software.The software that content is write out according to the present invention can be preserved into computer-readable medium by certain form, as storer or hard disk drive or CD-ROM.Software of the present invention can transmit on the net and can be carried out by the processor that is positioned on the remote location.This software also can be implanted in the computer-readable medium of hardware (as gateway device or network interface card).
With reference to figure 1, it has shown the system configuration according to Internet service gateway of the present invention.This Internet service gateway is by the equipment among the figure 120 expression, and it is connected with a sets of computer user by a Local Area Network 130, each of this sets of computer user or use PC or use a computer workstation1 10.Internet service gateway 120 then is connected with internet system 140 to insert and to control each computer user communications access to many websites on internet 140.One " fire wall " is housed in gateway 120 usually, and it can safeguard and control network service between internet 140 and the networked computer 110 by Local Area Network 130.
With reference to figure 2, it has shown according to software and hardware instrument of the present invention.A self-adaptation URL shielding harness is configured software and hardware capability now, and these functions are represented by parallelogram frame and rectangle frame among Fig. 2 respectively.In gateway 120 on the employed fire wall, write down all WEB visits that the network user 110 internally sends with a traffic recorder, and produce communications records, this record is also backed up as communications records by backup.All internet access all are subjected to an examination, and the clicks of each website visiting and Business Stream are all gone on record and be subjected to the statistical analysis of traffic analyzer, thereby produce a first inventory in the suspicious internet site inventory of traffic-profile.This inventory can comprise that a plurality of its communication patterns meet the website of the suspicious communication composition of wanting conductively-closed on statistics.As an example, this inventory can be that the first inventory or portfolio of a website that visit capacity is the highest produces the first inventory of maximum websites.Employed traffic analyzer has an option in the fire wall, produce a sub-inventory that shows the suspicious internet site of traffic-profile in order to periodically maybe should preserve and count by the data that traffic log provided with requiring, for example, the sub-inventory of preceding 10 websites of the frequentation website of asking.The first inventory is provided for the firewall administrator by an editing machine or user interface subsequently.After this inventory was finished inspection, the keeper just can select the inventory to be shielded of a website from a plurality of the first inventories, and importing into by the inventory that this is selected, fire wall just can shield the visit of user to number of site.Firewall management person can also create one and allow inventory, conducts interviews by gateway 120 to allow the user.These are included in the website that allows in the inventory and are removed from traffic-profile the suspected site, thereby the website that allows in the inventory can not appeared at as among the first inventory that shields candidate.In case the shielding inventory is generated and is applied in the fire wall, the user will be rejected the visit of the website on the internet of conductively-closed.Meanwhile, continuous supervision and counting process also are performed, and not allowing inventory or allowing inventory in order to allow firewall management person to add up to upgrade according to up-to-date website visiting.Therefore, the supvr can be according to user's traffic pattern, the website inventory that dynamically upgrades conductively-closed and be allowed to.As a result, the most of undesired communication in company's environment will be by this method conductively-closed.And it is normal professional unaffected.Because this method has only been preserved the very little database of not wanting the website in fire wall, can not reduce the gateway service traffic so can promptly carry out.Compare with the method and structure of routine, obviously improved the seek rate that is used for the control of Internet service amount.Firewall management person can also observe and editor's inventory according to the up-to-date information of Network pattern neatly.This network access policies can also be adjusted well according to the instant needs and the requirement of company's operation.
According to the above description, disclose and be used to control the Internet service gateway that user's group inserts internet site.This gateway comprises Internet service amount monitor, is used to write down and analyze from the internet access quantity of user's group by each internet site of Internet service gateway access.This gateway also comprises the internet access shield assembly, be used to adopt internet access module (pattern), produce the inventory of the suspicious website of traffic-profile, to select to shield the suspicious overview of shielding of website inventory consistent with being used for meeting inventory at traffic-profile on statistics for it.In a preferred embodiment, Internet service amount monitor also comprises traffic recorder, is used for the watch-keeping internet access and produces Internet service amount record.In a preferred embodiment, Internet service amount monitor also comprises traffic analyzer, is used for continuously statistics and analysis being carried out in the internet access of visiting each internet site, to produce the inventory of the suspicious interconnected network address of traffic-profile.In another preferred embodiment, the internet access shield assembly also comprises the user interface that is used for access controller, so that the clauses and subclauses of (including, but is not limited to increases, edits and deletion) shielding website to be provided.In another preferred embodiment, the internet access shield assembly also comprises editing machine, is used to make the input of access controller edit selection, is used for selecting at the inventory of traffic-profile the suspected site the inventory of shielding website.In another preferred embodiment, user interface also allows access controller to provide visit to allow inventory, removes the website that visit is allowed to select to visit the website that is allowed to from traffic-profile the suspected site inventory.In another preferred embodiment, traffic analyzer also comprises by the counter of frequent access website, be used for continuously statistics and analysis being carried out in the internet access of visiting each internet site, to produce by the inventory of the interconnected network address of frequent access, as the inventory of the suspicious internet site of traffic-profile.In another preferred embodiment, traffic analyzer also comprises the portfolio counter, be used for continuously statistics and analysis being carried out in the internet access of visiting each internet site, to generate the website inventory that produces traffic peak, as the inventory of the suspicious internet site of traffic-profile.
In essence, the invention discloses a kind of Internet service gateway, be used to control from of the visit of user's group to network node.This gateway comprises the Network amount controller, be used for monitoring continuously and analyze from of the visit of user's group to a plurality of network nodes, with provide can according to from watch-keeping and analyze data that visit obtains selectively will be to the measure of the access mask of certain network node.
The invention also discloses a kind of method that the user organizes a plurality of network nodes of access that is used to control.This method comprises and monitors continuously and analyze from user group to the visit of a plurality of network nodes, with according to from watch-keeping with analyze the data that described visit obtains and shield the step that inserts certain network node selectively.In a preferred embodiment, this method also comprise allow the gateway management person according to from watch-keeping and analyze the data that described visit obtains select to shield inventory, to shield the step that one of described network node is conducted interviews selectively.
Although described the present invention with given preferred embodiment,, should be appreciated that these openly can not be interpreted as limitation of the present invention.To one skilled in the art, after having read above-mentioned disclosure, can carry out various substituting and modification undoubtedly.Therefore, appended claim covering is fallen in the spirit and scope of the invention all substitute and revise.
Claims (22)
1. an Internet service gateway is used for that the user is organized the access internet site and controls, and this Internet service gateway comprises:
Internet service amount monitor, be used for writing down and analyzing from user group by described Internet service gateway to a plurality of internet sites each described internet access quantity that conducts interviews; With
The internet access shield assembly is used to adopt described internet access quantity, produces the inventory of the suspicious website of traffic-profile, and it meets on statistics and is used for meeting the suspicious overview of shielding that inventory is selected shielding website inventory at described traffic-profile.
2. Internet service gateway according to claim 1, wherein:
Described Internet service amount monitor also comprises traffic recorder, is used for the described internet access of watch-keeping and produces Internet service amount record.
3. Internet service gateway according to claim 1, wherein said Internet service amount monitor also comprises traffic analyzer, be used for continuously the described internet access of visiting each described internet site being counted and being analyzed, to produce the described inventory of the suspicious interconnected network address of traffic-profile.
4. Internet service gateway according to claim 1, wherein:
Described internet access shield assembly also comprises the user interface that is used for access controller, selects input to provide, and is used for selecting at the inventory of described traffic-profile the suspected site the inventory of shielding website.
5. Internet service gateway according to claim 4, wherein:
Described internet access shield assembly also comprises editing machine, is used to make the described selection input of access controller editor, is used for selecting at the inventory of described traffic-profile the suspected site the inventory of shielding website.
6. Internet service gateway according to claim 4, wherein:
Described user interface also allows described access controller to provide visit to allow inventory, with the website of selecting to be allowed to visit, thereby removes the website that visit is allowed in the inventory of traffic-profile the suspected site.
7. Internet service gateway according to claim 3, wherein:
Described traffic analyzer also comprises by frequent access website counter, be used for continuously statistics and analysis being carried out in the internet access of visiting each described internet site, to produce by the inventory of the interconnected network address of frequent access, as the inventory of the suspicious internet site of described traffic-profile.
8. Internet service gateway according to claim 3, wherein:
Described traffic analyzer also comprises the volume of business analyzer, is used for continuously the volume of business of visiting each described internet site being counted, to generate the website inventory that produces traffic peak, as the suspicious internet site inventory of described traffic-profile.
9. an Internet service gateway is used to control from the visit of user's group to network node, and this Internet service gateway comprises:
Traffic recorder is used for watch-keeping and organizes by the quantity of described Internet service gateway to the described internet access of each internet site from the user, to produce Internet service amount record;
Traffic analyzer is used for continuously described Internet service amount record being carried out statistics and analysis, and to produce the inventory of the suspicious internet site of traffic-profile, it meets the suspicious traffic-profile of shielding on statistics;
Editing machine is used to make described access controller edit selection input, is used for selecting at the described inventory of described traffic-profile the suspected site the inventory of shielding website;
User interface is used to make described access controller that described selection input is provided, with the visit of shielding to the described shielding website inventory in the inventory of described traffic-profile the suspected site.
10. an Internet service gateway is used to control from the visit of user's group to network node, and this Internet service gateway comprises:
The Network amount controller, be used for monitoring continuously and analyze from of the visit of user's group to a plurality of network nodes, with provide can according to from watch-keeping and analyze the resulting data of described visit selectively will be to the measure of the access mask of certain described network node.
11. Internet service gateway according to claim 10 also comprises:
Gateway management person interface is used to make described gateway management person according to selecting to shield inventory from watch-keeping and the data that the described visit of analysis obtains, to shield the visit that one of described network node is carried out selectively.
12. one kind is used to control the user and organizes the method that inserts internet site, this method comprises:
Write down continuously and analyze from the described internet access quantity of described user's group by described each internet site of Internet service gateway access; With
The quantity of the described internet access of statistical study, to produce the inventory of the suspicious internet site of traffic-profile, it meets the suspicious traffic-profile of shielding that is used for selecting at described traffic-profile the suspected site inventory shielding website inventory on statistics.
13. method according to claim 12, wherein:
The described step that the internet access quantity of visiting each described internet site is carried out continuous recording and analysis also comprises the steps:
Adopt traffic recorder to monitor described internet access and generation Internet service amount record continuously.
14. method according to claim 12, wherein:
The described step that the internet access quantity of visiting each described internet site is carried out continuous recording and analysis also comprises the steps: to adopt traffic analyzer, continuously the described internet access of visiting each described internet site analyzed and to be lined up, produce the suspicious interconnected network address inventory of described traffic-profile.
15. method according to claim 12, wherein:
The described internet access quantity of described analysis also comprises the steps: to adopt user interface so that the gateway management person provides the clauses and subclauses of shielding inventory with the step that generation is used to select shield traffic-profile the suspected site inventory of website inventory.
16. method according to claim 12, wherein:
The described internet access quantity of described employing produces that the step that is used to select to shield traffic-profile the suspected site inventory of website inventory also comprises the steps: to adopt editing machine so that the described selection input of access controller editor, is used for selecting at described traffic-profile the suspected site inventory the inventory of shielding website.
17. method according to claim 16, wherein:
The step that described employing editing machine makes described gateway management person edit described selection input also comprises the steps: to allow described access controller to provide visit to allow inventory, removes the website that visit is allowed to select to visit the website inventory that is allowed to from the inventory of described traffic-profile the suspected site.
18. method according to claim 15, wherein:
The described internet access quantity of described employing produces the step that is used to select shield traffic-profile the suspected site inventory of website inventory and also comprises the steps:
Generate the website inventory that produces traffic peak, as the suspicious internet site inventory of described traffic-profile.
19. method according to claim 15, wherein:
The described internet access quantity of described employing produces the step that is used to select shield traffic-profile the suspected site inventory of website inventory and also comprises the steps:
By continuously the portfolio counting of each described internet site visit being generated the website inventory of generation traffic peak, as the inventory of the suspicious internet site of described traffic-profile.
20. control the user and organize the method that inserts internet site for one kind, this method comprises:
Adopt traffic recorder to monitor the internet access number of described user's group continuously, to produce the Internet service record by each internet site of Internet service website visiting;
Adopt traffic analyzer, continuously the described internet access of visiting each described internet site counted and to be lined up, to produce the described inventory of the suspicious interconnected network address of traffic-profile;
Adopt editing machine so that the input of described access controller edit selection is used for selecting described shielding website inventory at the inventory of described traffic-profile the suspected site; With
Adopt user interface so that described access controller directly is provided at the clauses and subclauses of the described shielding website inventory in the inventory of described traffic-profile the suspected site.
21. control the method that the user organizes access network nodes for one kind, this method comprises:
Monitor continuously and analyze, with according to from watch-keeping with analyze data that described visit obtains and shield visit selectively certain network node from of the visit of described user group to a plurality of network nodes.
22. method according to claim 21 also comprises:
Allow the gateway management person according to selecting to shield inventory, one of described network node is conducted interviews to shield selectively from watch-keeping and the data that the described visit of analysis obtains.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US17935100P | 2000-01-31 | 2000-01-31 | |
| US60/179,351 | 2000-01-31 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1372665Atrue CN1372665A (en) | 2002-10-02 |
Family
ID=34192665
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 01800160PendingCN1372665A (en) | 2000-01-31 | 2001-01-31 | Method, system and computer program products for adaptive web-site access blocking |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1372665A (en) |
- 2001
- 2001-01-31CNCN 01800160patent/CN1372665A/enactivePending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1018085B1 (en) | Method and system for prefetching information | |
| US6983320B1 (en) | System, method and computer program product for analyzing e-commerce competition of an entity by utilizing predetermined entity-specific metrics and analyzed statistics from web pages | |
| JP4024426B2 (en) | How to describe and visualize the characteristics of website usage patterns by network users | |
| US7013323B1 (en) | System and method for developing and interpreting e-commerce metrics by utilizing a list of rules wherein each rule contain at least one of entity-specific criteria | |
| CA2420382C (en) | A method for searching and analysing information in data networks | |
| US6934687B1 (en) | Computer architecture and method for supporting and analyzing electronic commerce over the world wide web for commerce service providers and/or internet service providers | |
| CA2418568C (en) | Method and system for classifying content and prioritizing web site content issues | |
| CN100379208C (en) | Network usage monitoring apparatus and related methods | |
| US6151601A (en) | Computer architecture and method for collecting, analyzing and/or transforming internet and/or electronic commerce data for storage into a data storage area | |
| Sujatha et al. | Improved user navigation pattern prediction technique from web log data | |
| CN101399716B (en) | Distributed audit system and method for monitoring using state of office computer | |
| Tyagi et al. | An algorithmic approach to data preprocessing in web usage mining | |
| EP1234251B1 (en) | Method, system, and computer readable medium for managing resource links | |
| CA2603641A1 (en) | Method and system of supplying information articles at a website and of ranking articles according to users implict feedback | |
| US20110082930A1 (en) | Method and apparatus for monitor and notification in a network | |
| US20040267929A1 (en) | Method, system and computer program products for adaptive web-site access blocking | |
| Kumar et al. | Web structure mining: Exploring hyperlinks and algorithms for information retrieval | |
| Fu et al. | A Framework for Personal Web Usage Mining. | |
| WO2022026984A1 (en) | Data field extraction model training for a data intake and query system | |
| CN1372665A (en) | Method, system and computer program products for adaptive web-site access blocking | |
| Kavasseri et al. | Web intelligent query-disconnected web browsing using cooperative techniques | |
| Sun et al. | Botseer: An automated information system for analyzing web robots | |
| WO2001055867A1 (en) | Method, system and computer program products for adaptive web-site access blocking | |
| Ran et al. | Research on Data Acquisition Strategy and Its Application in Web Usage Mining | |
| Zhuang et al. | Session identification based on time interval in web log mining |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |