CN105897676A - User resource access behavior processing method and device - Google Patents
User resource access behavior processing method and device Download PDFInfo
- Publication number
- CN105897676A CN105897676A CN201510869215.1A CN201510869215A CN105897676A CN 105897676 A CN105897676 A CN 105897676A CN 201510869215 A CN201510869215 A CN 201510869215A CN 105897676 A CN105897676 A CN 105897676A
- Authority
- CN
- China
- Prior art keywords
- user
- resource
- access
- behavior
- group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a user resource access behavior processing method and device. The method comprises the steps that according to the resource access behavior data and the access behavior type of a first group of user, an identification model which is used for identifying the access behavior type of a user is trained; when the resource access request of a current user is received, the resource access behavior data of the current user are acquired; the resource access behavior data of the current user are input into the identification model to acquire the access behavior type of the current user; and according to the access behavior type of the current user, the resource access request of the current user is processed. If a hotlink person pre-simulates the behavioral characteristic of a normal user accessing a system to come into a whitelist or avoid a blacklist, the person needs to pay a higher price, and thus actively gives up the hotlinking operation.
Description
Technical field
The present invention relates to the information processing technology, particularly relate to a kind of resource processing user and access behavior
Method and device.
Background technology
Steal the address that chain refers to use technological means illegally to obtain online content service, then illegally
The place that rule allows uses this address to provide the user content service.For the Streaming Media on the Internet
Service, especially with Online Video as representative, the problem being faced with serious stolen chain.Video net
Company of standing puts into huge fund and obtains the copyright of movie and television play and support the bandwidth of online stream service, but steals chain
Person spends the lowest cost just can directly steal video streaming services.The service such as Online Music also faces
Similar situation.
As it is shown in figure 1, the ultimate principle stealing chain is, by the way of such as capturing request URL
Obtaining the broadcast address of a video, then one normal user of simulation accesses this service.
Online Video stream services user's great majority that a reason of easily stolen chain is Video service
It it is A non logged-on user.For login user, user can be carried out before providing the user stream service
Legitimate verification, is only and provides content service by the user of certification.
Fig. 2 illustrates that carrying out user validation checking provides the operation principle of stream service.Such as Fig. 2 institute
Showing, user logs in stream site for service first by username and password.After by authentication,
Server provides access token (token) to user.Hereafter, certification user uses the token of acquisition
Watch the video content etc. that content server provides.So, can be by the access frequency of each user
Rate is limited in rational scope, and the cost of stealing chain is significantly increased.But, this mode is the suitableeest
For user being carried out the situation of legitimate verification, and not there is broad applicability.
Identifying that chain is stolen in use the most exactly is that content supplier treats the most so far to access content service
The problem solved.
Summary of the invention
It is an object of the invention to provide a kind of user distinguishing normal access resource service and use
Steal the technical scheme that chain accesses the user of resource service, thus improve the cost stealing chain access resource,
Improve the efficiency of operation of content supplier.
According to an aspect of the present invention, the present invention provides a kind of resource processing user to access behavior
Method, described method includes: access behavioral data and the behavior of access according to the resource of first group of user
Type, training obtains the identification model accessing behavior type for identifying user;Work as when receiving
During the resource access request of front user, the resource obtaining active user accesses behavioral data, by described
The resource of active user accesses behavioral data and is input to described identification model, obtains described active user
Access behavior type;Access behavior type according to described active user, to described active user
Resource access request process.
Preferably, the described resource according to first group of user accesses behavioral data and accesses behavior type,
Training obtains including for the process identifying model accessing behavior type identifying user: obtain institute
The resource stating first group of user accesses behavioral data and accesses behavior type;From described first group of user
Resource access the behavior characteristics data of user described in behavior data acquisition;Behavior with described user
The access behavior type of characteristic and described user is training sample data collection, and training is used for identifying
The identification model of the actual access behavior type of user.
Described resource can be content of multimedia, and described resource accesses behavioral data can include that access is described
The information of the application that content of multimedia uses, the information to the startup of described application/exit, browse page
The information in face and content consumption information, described content consumption information includes the content of multimedia of viewing
Information, the information of time span of viewing and the operation behavior of content of multimedia to viewing
Information.
Described behavior characteristics data can include part or all of following characteristics: user is in unit time
Start the number of times of described application, user in described unit time, use the duration of described application, use
Family is watched the number of times of content of multimedia, user in described unit time and is seen in described unit time
See that total duration of content of multimedia, the number of ID that any IP address is corresponding, user are to sight
The frequency of the operation behavior of the content of multimedia seen, user watch the duration of arbitrary content of multimedia.
Preferably, described method also includes: according to the resource of second group of user access behavioral data and
Access behavior type, update described identification model.
Preferably, described method also includes: the long-term access behavior according to the user added up in advance is special
Levy data, the access behavior type being identified as normal user is corrected.
Described identification model can be obtained by the training of following arbitrary machine learning method: support vector machine
(SVM), logistic regression algorithm, decision tree, convolutional neural networks, bayes method.
According to a further aspect in the invention, the present invention also provides for a kind of resource access line processing user
For method, described method includes: access behavioral data and access according to the resource of first group of user
Behavior type, training obtains the identification model accessing behavior type for identifying user;Obtain the
The resource of two groups of users accesses behavioral data, and the resource of described second group of user is accessed behavioral data
It is input to described identification model, obtains the access behavior type of described second group of user;According to described
First group of user accesses behavior type and the access behavior type of described second group of user, generates white
List;When receiving the resource access request of active user, work as described according to described white list
The resource access request of front user processes.
According to a further aspect in the invention, the present invention also provides for a kind of resource access line processing user
For device, described device includes: identify model training unit, for according to first group of user's
Resource accesses behavioral data and accesses behavior type, and training obtains the access behavior for identifying user
The identification model of type;First user accesses behavior type identification unit, for current when receiving
During the resource access request of user, the resource obtaining active user accesses behavioral data, will described ought
The resource of front user accesses behavioral data and is input to the knowledge that described identification model training module training obtains
Other model, obtains the access behavior type of described active user;First resource access request processes single
Unit, for the access behavior type according to described active user, visits the resource of described active user
The request of asking processes.
According to a further aspect in the invention, the present invention also provides for a kind of resource access line processing user
For device, described device includes: identify model training unit, for according to first group of user's
Resource accesses behavioral data and accesses behavior type, and training obtains the access behavior for identifying user
The identification model of type;Second user access activity type identification unit, for obtaining second group of use
The resource at family accesses behavioral data, the resource of described second group of user is accessed behavioral data and is input to
Described identification model, obtains the access behavior type of described second group of user;White list signal generating unit,
For the access behavior type according to described first group of user and the access behavior of described second group of user
Type, generates white list;Secondary resource access request processing unit, for when receiving current use
During the resource access request at family, according to the described white list resource access request to described active user
Process.
The resource processing user that the embodiment of the present invention is provided accesses the method and device of behavior, root
Accessing behavioral data according to the resource of user and access behavior type, training obtains for identifying user's
Access the identification model of behavior type;When receiving the resource access request of active user, obtain
The resource of active user accesses behavioral data, the resource of described active user is accessed behavioral data defeated
Enter to described identification model, obtain the access behavior type of described active user;According to described currently
The access behavior type of user, processes the resource access request of described active user.Thus,
Can accurately identify the access behavior type of user, with distinguish the normal user accessing resource and
The user of resource is accessed, consequently facilitating stop the behavior accessing resource by stealing chain by stealing chain.Steal
Chain person such as pre-simulated normal users accesses the behavior characteristics of system and enters white list or avoid and enter black
List, then need to pay higher cost, thus actively abandon stealing the operation of chain.
Accompanying drawing explanation
Fig. 1 is to be shown with stealing chain to access the principle schematic of stream site for service;
Fig. 2 is to illustrate that carrying out user validation checking provides the schematic diagram of stream service;
Fig. 3 is the schematic diagram of the present general inventive concept illustrating the present invention;
Fig. 4 is to illustrate the side that the resource processing user of exemplary embodiment of the present one accesses behavior
The flow chart of method;
Fig. 5 is to illustrate the stream of the exemplary process of step S410 in exemplary embodiment of the present one
Cheng Tu;
Fig. 6 is to illustrate the side that the resource processing user of exemplary embodiment of the present three accesses behavior
The flow chart of method;
Fig. 7 is to illustrate the dress that the resource processing user of exemplary embodiment of the present four accesses behavior
The structural representation put;
Fig. 8 is to illustrate the dress that the resource processing user of exemplary embodiment of the present five accesses behavior
The structural representation put.
Detailed description of the invention
The basic conception of the present invention is, the behavior characteristics accessing service system according to normal user comes
Identify the legitimacy of user, the normal user of behavior will be identified as and be added in white list or will identify
User for behavior cheating is added in blacklist, thus plays similar use by white list or blacklist
The effect that family logs in, uses the user stealing chain to access service to stop.Fig. 3 illustrates the present invention
The schematic diagram of present general inventive concept.
With reference to Fig. 3, the client in the application accessed for resource collects the resource access line of user
For data, and the most termly these resources access behavioral data can be uploaded to server end.
At server end, the resource collected from the client of multiple users is accessed behavioral data and excavates
And analysis, identify the user that behavior is normal or practises fraud, and according to recognition result by these users
Add in corresponding user's white list or subscriber blacklist.Here it is possible to the equipment that user uses
Mark, phone number, registered user name, the cookie etc. of website visiting identify any user.
On the other hand, the foregoing mode of user to Resource Server request resource content service (as
Video stream media), in it is asked, carry ID;Resource Server receive band useful
After the resource content request of family mark, enter with aforesaid white list or blacklist according to this ID
Row verification.If this ID occurs in user's white list, then user is allowed to continue to access money
Source contents;Or, if this ID occurs in subscriber blacklist or does not appears in use
In the white list of family, then user is stoped to continue to access resource content.
Additionally, normally or practise fraud to accurately identify behavior according to resource access behavioral data
User, also can choose in advance include user a plurality of resource access behavioral data number of training
According to and the access behavior type (normal or cheating) of training sample data mark user for choosing,
Access behavioral data from the resource of training sample data and obtain behavior characteristics data respectively, and to obtain
The behavior characteristics data taken and the access behavior type of correspondence thereof be training sample data training practice for
Identify the training pattern of user access activity type.
Access behavioral data by the aforementioned resource to user and excavate and analyze that to generate user white
List or subscriber blacklist, and with generate user's white list or subscriber blacklist user is entered
Row legitimate verification controls its access to resource, steals chain person such as pre-simulated normal users and accesses system
The behavior characteristics of system enters white list or avoids entering blacklist, then need to pay higher cost,
Thus actively abandon stealing the operation of chain.
The resource describing exemplary embodiment of the present below in conjunction with the accompanying drawings in detail accesses behavior model
Training method, process resource access the method and device of behavioral data.
Embodiment one
Fig. 4 is to illustrate the side that the resource processing user of exemplary embodiment of the present one accesses behavior
The flow chart of method.User can be processed by what the such as device shown in Fig. 7 performed embodiment one
Resource accesses the method for behavior.
With reference to Fig. 4, in step S410, access behavioral data and visit according to the resource of first group of user
Ask that behavior type, training obtain the identification model accessing behavior type for identifying user.After a while
The exemplary process of step S410 will be described with reference to embodiment two.
Described resource is content of multimedia, and described resource accesses behavioral data and can include, but not limited to
Access the application that described content of multimedia uses information, to the information of the startup of described application/exit,
The information of browsing pages and content consumption information, described content consumption information includes many matchmakers of viewing
The information of internal appearance, the information of time span of viewing and the operation of content of multimedia to viewing
The information of behavior.The access behavior type of described user may be, but not limited to, normal behaviour or
Cheating.
In step S420, when receiving the resource access request of active user, obtain active user
Resource access behavioral data, the resource of described active user is accessed behavioral data and is input to described
Identify model, obtain the access behavior type of described active user.
Place step S430, according to the access behavior type of described active user, to described current use
The resource access request at family processes.
Such as, if determining that active user is the user of normal behaviour according to step S420, then can permit
Permitted active user and accessed relevant resource;If it is determined that active user is the user of cheating, then
Active user can be stoped to access relevant resource.
By step S410~the process of S430, accurately can identify according to the identification model of training
Go out the access behavior type of user, to distinguish the normal user accessing resource and to access money by stealing chain
The user in source, consequently facilitating stop the behavior accessing resource by stealing chain.Just steal chain person such as pre-simulated
Conventional family accesses the behavior of system, then need to pay higher cost, thus actively abandon stealing chain
Operation.
According to the training pattern trained on rare occasion, the user of cheating (may be made
User with stealing chain cheating) it is identified as normal users.To this end, preferably, described method can also be wrapped
Include: be characterized data to being identified as normal user according to the long-term access line of the user added up in advance
Access behavior type be corrected.
Such as, the long-term access line of user be characterized data can include user by week/moon return visit frequency
Secondary.If robber chain person successfully simulates the user installation application behavior of latter first day, (cost is the most very
High), then simulate follow-up return visit behavior again and then allow cost increase many times.For could not be correct
The user paid a return visit, can be identified as the user that practises fraud.
Preferably, the method also includes, accesses behavioral data and visit according to the resource of second group of user
Ask behavior type, update described identification model.Thus, on the basis of the identification model set up,
Access behavioral data according to more resource this identification model is updated.
Embodiment two
Fig. 5 is to illustrate the flow chart of the process of step S410 in exemplary embodiment of the present one.
With reference to Fig. 5, in step S510, the resource obtaining described first group of user accesses behavioral data
With access behavior type.
Specifically, the application (such as player application) accessed for resource (such as content of multimedia)
In running, the resource of the sustainable user of collection accesses behavioral data, and can in real time or calmly
These resources access behavioral data is uploaded onto the server end by the phase.
As it was previously stated, described resource is content of multimedia, described resource accesses behavioral data and can include,
But be not limited to, access the application that described content of multimedia uses information, to the startup of described application/
Information, the information of browsing pages and the content consumption information exited, described content consumption information bag
Include the information of the time span of the information of the content of multimedia of viewing, viewing and the many matchmakers to viewing
The information etc. of the operation behavior of internal appearance.The access behavior type of described user is not it may be that but limit
In, normal behaviour or cheating.
As a example by video player, the resource of any user accesses behavior and can include as shown in the table
Content:
According to the exemplary embodiment of the present invention, can choose and there is the user that typical access line is characterized,
It is carried out the mark that behavior is normal or practises fraud, and the resource obtaining these users accesses behavioral data
As initial training sample data.
In step S520, access user described in behavior data acquisition from the resource of described first group of user
Behavior characteristics data.
It is more original similar daily record data that resource accesses behavioral data.For the ease of the money to user
Source accesses behavior and learns, and first these resources is accessed behavioral data and is analyzed and processes, from
It obtains the behavior characteristics data training characteristics as model training of user.
Specifically, described behavior characteristics data include, but are not limited to, part or all of following characteristics:
User starts the number of times of described application, user in unit time and uses institute in described unit time
State the duration of application, user in described unit time, watch the number of times of content of multimedia, Yong Hu
Total duration of viewing content of multimedia in described unit time, the ID that any IP address is corresponding
Number, user to viewing the frequency of operation behavior of content of multimedia, user watch arbitrary many
The duration of media content.These behavior characteristics data contribute to aligning user and the cheating (example that frequentation is asked
As by stealing chain) user that accesses makes a distinction.
Following table is listed some exemplary behavior characteristics data and it is identifying user access activity
Meaning in type:
Such as, if the user while the frequency abnormality ground watching video in one day is high, then it is likely to be
Video content services is asked by stealing the user that chain is different.
In step S530, with behavior characteristics data and the access behavior class of described user of described user
Type is training sample data collection, and training is for identifying the identification mould of the actual access behavior type of user
Type.
Here, aforesaid described training pattern can be trained by following arbitrary machine learning method:
Hold vector machine (SVM), logistic regression algorithm, decision tree, convolutional neural networks, Bayes side
Method.
Behavioral data is accessed as just by the aforementioned resource accessing behavior type being labeled with user
Beginning training sample data, access, from resource, the behavior characteristics data that behavior data acquisition is representative,
And with the behavior characteristics data obtained and the access behavior type of correspondence thereof for training sample data
Collection training is for identifying the training pattern of user access activity type, for accurately identifying use
Family accesses behavior type.
Embodiment three
Fig. 6 is to illustrate the side that the resource processing user of exemplary embodiment of the present three accesses behavior
The flow chart of method.User can be processed by what the such as device shown in Fig. 8 performed embodiment three
Resource accesses the method for behavior.
With reference to Fig. 6, in step S610, access behavioral data and visit according to the resource of first group of user
Ask that behavior type, training obtain the identification model accessing behavior type for identifying user.
Specifically, the training of model can be identified such as by the process of embodiment two,
This repeats no more.
In step S620, the resource obtaining second group of user accesses behavioral data, by described second group
The resource of user accesses behavioral data and is input to described identification model, obtains described second group of user's
Access behavior type.
In step S630, according to access behavior type and described second group of use of described first group of user
The access behavior type at family, generates white list.Thus, can be in conjunction with according to first group of user and second
The access behavior type that group user determines generates the white list being confirmed as the normal user of behavior.
In step S640, when receiving the resource access request of active user, according to described white name
The resource access request of active user described in single pair of processes.
By step S610~the process of S640, access behavioral data and access according to the resource of user
Behavior type, training obtains the identification model accessing behavior type for identifying user, further according to
The resource of another group user accesses the behavioral data access behavior by this identification Model Identification user
Type, the access behavior type accessing the user that behavioral data obtains in conjunction with two groups of resources generates white name
Single, thus accurately identify the access behavior type of active user according to white list, to distinguish
The normal user accessing resource and the user by robber's chain access resource, consequently facilitating stop by stealing
Chain accesses the behavior of resource.Steal chain person such as pre-simulated normal users and access the behavior characteristics entrance of system
White list or avoid entering blacklist, then need to pay higher cost, thus actively abandon stealing chain
Operation.
As it was previously stated, the training pattern trained according to aforementioned training method is on rare occasion, can
User's (use and steal the user that chain is practised fraud) of cheating can be identified as normal users and add use
Family white list.To this end, preferably, described method can also include: according to the user's added up in advance
Long-term access line is characterized data and is corrected the access behavior type being identified as normal user,
And will be identified that the user of cheating gets rid of from white list.
Preferably, the method also includes: access behavioral data and visit according to the resource of the 3rd group of user
Ask behavior type, update described identification model and described white list.Thus, in the identification set up
On the basis of model, access behavioral data according to more resource and this identification model is updated.
Embodiment four
Fig. 7 is to illustrate the dress that the resource processing user of exemplary embodiment of the present four accesses behavior
The structural representation put.
With reference to Fig. 7, the resource processing user of embodiment four accesses the device of behavior and includes identifying mould
Type training unit 710, first user access behavior type identification unit 720 and first resource accesses
Requesting processing.
Identify model training unit 710 for the resource according to first group of user access behavioral data and
Accessing behavior type, training obtains the identification model accessing behavior type for identifying user.
Described resource is content of multimedia, and described resource accesses behavior packet and includes the described many matchmakers of access
Internal hold the application used information, to the information of the startup of described application/exit, browsing pages
Information and content consumption information, described content consumption information includes the letter of the content of multimedia of viewing
Breath, the information of the time span watched and the information of the operation behavior to the content of multimedia watched.
Specifically, identify that model training unit 710 is visited for the resource obtaining described first group of user
Ask behavioral data and access behavior type, accessing behavioral data from the resource of described first group of user and obtain
Take the behavior characteristics data of described user, with the behavior characteristics data of described user and described user
Accessing behavior type is training sample data collection, and training is for identifying the actual access behavior class of user
The identification model of type.
Described behavior characteristics data can include, but not limited to part or all of following characteristics: user
In unit time, start the number of times of described application, user in described unit time, use described answering
Duration, user in described unit time, watch the number of times of content of multimedia, user described
Total duration of viewing content of multimedia in unit time, the ID that any IP address is corresponding
The frequency of operation behavior of content of multimedia, the user of viewing are watched arbitrary multimedia by number, user
The duration etc. of content.
Described training pattern is obtained by the training of following arbitrary machine learning method: support vector machine
(SVM), logistic regression algorithm, decision tree, convolutional neural networks, bayes method.
First user accesses behavior type identification unit 720 for when the resource receiving active user
During access request, the resource obtaining active user accesses behavioral data, by the money of described active user
Source accesses behavioral data and is input to identify that model training unit 710 trains the identification model obtained,
Access behavior type to described active user.
First resource access request processing unit 730 is for the access behavior according to described active user
Type, processes the resource access request of described active user.
Embodiment five
Fig. 8 is to illustrate the dress that the resource processing user of exemplary embodiment of the present five accesses behavior
The structural representation put.
With reference to Fig. 8, the device accessing behavioral data for processing the resource of user includes identifying model
Training unit the 710, second user access activity type identification unit 820, white list signal generating unit
830 and Secondary resource access request processing unit 840.
As it was previously stated, identify that model training unit 710 accesses for the resource according to first group of user
Behavioral data and access behavior type, training obtains the knowledge accessing behavior type for identifying user
Other model.
Second user access activity type identification unit 820 is visited for the resource obtaining second group of user
Ask behavioral data, the resource of described second group of user is accessed behavioral data and is input to described identification mould
Type, obtains the access behavior type of described second group of user.
White list signal generating unit 830 is for the access behavior type according to described first group of user and institute
State the access behavior type of second group of user, generate white list.
Secondary resource access request processing unit 840 is for accessing when the resource receiving active user
During request, according to described white list, the resource access request of described active user is processed.
Preferably, this device also includes: white list updating unit, for according to the 3rd group of user's
Resource accesses behavioral data and accesses behavior type, updates described identification model and described white list.
Preferably, this device also includes: the second user access activity types corrective unit, for root
It is characterized data, to being identified as normal user according to the long-term access line of the user added up in advance
Access behavior type be corrected, and will be identified that the user of cheating is from white list
Get rid of.
It may be noted that according to the needs implemented, each step described in this application can be split as
More multi-step, it is possible to the part operation of two or more steps or step is combined into new step,
To realize the purpose of the present invention.
Above-mentioned the method according to the invention can realize in hardware, firmware, or is implemented as depositing
Store up the software in record medium (such as CD ROM, RAM, floppy disk, hard disk or magneto-optic disk)
Or computer code, or be implemented through original storage that network downloads at remotely record medium or
In nonvolatile machine readable media and the computer code in local recording medium will be stored in, from
And method described here can be stored in use general purpose computer, application specific processor or able to programme
Or the such software processes on the record medium of specialized hardware (such as ASIC or FPGA).Can
To understand, computer, processor, microprocessor controller or programmable hardware include storing or
Receive software or the storage assembly (such as, RAM, ROM, flash memory etc.) of computer code, when
When described software or computer code are by computer, processor or hardware access and execution, it is achieved
This processing method described.Additionally, when general purpose computer accesses for realizing the process being shown in which
Code time, general purpose computer is converted to for performing the process being shown in which by the execution of code
Special-purpose computer.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is not
Be confined to this, any those familiar with the art in the technical scope that the invention discloses,
Change can be readily occurred in or replace, all should contain within protection scope of the present invention.Therefore, originally
The protection domain of invention should be as the criterion with described scope of the claims.
Claims (14)
1. the method that the resource processing user accesses behavior, it is characterised in that described method bag
Include:
Resource according to first group of user accesses behavioral data and accesses behavior type, and training is used
In the identification model accessing behavior type identifying user;
When receiving the resource access request of active user, obtain the resource access line of active user
For data, the resource of described active user is accessed behavioral data and is input to described identification model,
Access behavior type to described active user;
Access behavior type according to described active user, the resource access to described active user please
Ask and process.
Method the most according to claim 1, it is characterised in that described according to first group of user
Resource access behavioral data and access behavior type, the access line that training obtains for identifying user
The process identifying model for type includes:
The resource obtaining described first group of user accesses behavioral data and accesses behavior type;
The behavior characteristics number of user described in behavior data acquisition is accessed from the resource of described first group of user
According to;
With the behavior characteristics data of described user and the access behavior type of described user as training sample
Data set, training is for identifying the identification model of the actual access behavior type of user.
Method the most according to claim 2, it is characterised in that described method also includes:
Resource according to second group of user accesses behavioral data and accesses behavior type, updates described knowledge
Other model.
4. according to the method according to any one of claims 1 to 3, it is characterised in that described method
Also include:
Long-term access line according to the user added up in advance is characterized data, to being identified as normally
The access behavior type of user be corrected.
5. the method that the resource processing user accesses behavior, it is characterised in that described method bag
Include:
Resource according to first group of user accesses behavioral data and accesses behavior type, and training is used
In the identification model accessing behavior type identifying user;
The resource obtaining second group of user accesses behavioral data, the resource of described second group of user is visited
Ask that behavioral data is input to described identification model, obtain the access behavior type of described second group of user;
Access behavior type according to described first group of user and the access behavior of described second group of user
Type, generates white list;
When receiving the resource access request of active user, according to described white list to described currently
The resource access request of user processes.
Method the most according to claim 5, it is characterised in that described method also includes:
Resource according to the 3rd group of user accesses behavioral data and accesses behavior type, updates described knowledge
Other model and described white list.
Method the most according to claim 6, it is characterised in that described according to first group of user
Resource access behavioral data and access behavior type, the access line that training obtains for identifying user
The process identifying model for type includes:
The resource obtaining described first group of user accesses behavioral data and accesses behavior type;
The behavior characteristics number of user described in behavior data acquisition is accessed from the resource of described first group of user
According to;
With the behavior characteristics data of described user and the access behavior type of described user as training sample
Data set, training is for identifying the identification model of the actual access behavior type of user.
8. according to the method according to any one of claim 5~7, it is characterised in that described method
Also include:
Long-term access line according to the user added up in advance is characterized data, to being identified as using normally
The access behavior type at family is corrected, and will be identified that the user of cheating is from white list
In get rid of.
9. the device of the resource access behavior processing user, it is characterised in that described device bag
Include:
Identify model training unit, access behavioral data and visit for the resource according to first group of user
Ask that behavior type, training obtain the identification model accessing behavior type for identifying user;
First user accesses behavior type identification unit, for visiting when the resource receiving active user
When asking request, the resource obtaining active user accesses behavioral data, by the resource of described active user
Access behavioral data and be input to the identification model that described identification model training module training obtains, obtain
The access behavior type of described active user;
First resource access request processing unit, for the access behavior class according to described active user
Type, processes the resource access request of described active user.
Device the most according to claim 9, it is characterised in that described identification model training
Unit accesses behavioral data for the resource obtaining described first group of user and accesses behavior type, from
The resource of described first group of user accesses the behavior characteristics data of user described in behavior data acquisition, with
The behavior characteristics data of described user and the access behavior type of described user are training sample data collection,
Training is for identifying the identification model of the actual access behavior type of user.
11. devices according to claim 10, it is characterised in that described device also includes:
First identifies model modification unit, accesses behavioral data for the resource according to second group of user
With access behavior type, update described identification model.
12. 1 kinds of resources processing user access the device of behavior, it is characterised in that described device
Including:
Identify model training unit, access behavioral data and visit for the resource according to first group of user
Ask that behavior type, training obtain the identification model accessing behavior type for identifying user;
Second user access activity type identification unit, accesses for obtaining the resource of second group of user
Behavioral data, accesses behavioral data by the resource of described second group of user and is input to described identification model,
Obtain the access behavior type of described second group of user;
White list signal generating unit, for according to the access behavior type of described first group of user and described
The access behavior type of second group of user, generates white list;
Secondary resource access request processing unit, please for accessing when the resource receiving active user
When asking, according to described white list, the resource access request of described active user is processed.
13. devices according to claim 12, it is characterised in that described device also includes:
White list updating unit, accesses behavioral data and access for the resource according to the 3rd group of user
Behavior type, updates described identification model and described white list.
14. according to the device described in claim 12 or 13, it is characterised in that described device is also
Including:
Second user access activity types corrective unit, long-term for according to the user that adds up in advance
Access line is characterized data, is corrected the access behavior type being identified as normal user,
And will be identified that the user of cheating gets rid of from white list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510869215.1A CN105897676A (en) | 2015-12-01 | 2015-12-01 | User resource access behavior processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510869215.1A CN105897676A (en) | 2015-12-01 | 2015-12-01 | User resource access behavior processing method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105897676A true CN105897676A (en) | 2016-08-24 |
Family
ID=57001906
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510869215.1A Pending CN105897676A (en) | 2015-12-01 | 2015-12-01 | User resource access behavior processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105897676A (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106453397A (en) * | 2016-11-18 | 2017-02-22 | 北京红马传媒文化发展有限公司 | Method of automatically identifying network ticket-robbing and intrusion through big data analysis |
| CN106445664A (en) * | 2016-09-18 | 2017-02-22 | 深圳市邦华电子有限公司 | Application program management method and device |
| CN107563194A (en) * | 2017-09-04 | 2018-01-09 | 杭州安恒信息技术有限公司 | Latency steals user data behavioral value method and device |
| CN108512815A (en) * | 2017-02-28 | 2018-09-07 | 腾讯科技(北京)有限公司 | Door chain detection method, door chain detection device and server |
| CN109194689A (en) * | 2018-10-22 | 2019-01-11 | 武汉极意网络科技有限公司 | Abnormal behaviour recognition methods, device, server and storage medium |
| CN109327439A (en) * | 2018-09-29 | 2019-02-12 | 武汉极意网络科技有限公司 | Risk Identification Method, device, storage medium and the equipment of service request data |
| CN109426700A (en) * | 2017-08-28 | 2019-03-05 | 腾讯科技(北京)有限公司 | Data processing method, device, storage medium and electronic device |
| CN109460784A (en) * | 2018-10-22 | 2019-03-12 | 武汉极意网络科技有限公司 | Access behavioural characteristic method for establishing model, equipment, storage medium and device |
| CN109509021A (en) * | 2018-10-22 | 2019-03-22 | 武汉极意网络科技有限公司 | Abnormality recognition method, device, server and the storage medium of Behavior-based control track |
| CN111404898A (en) * | 2020-03-06 | 2020-07-10 | 北京创世云科技有限公司 | Anti-stealing-link method and device, storage medium and electronic equipment |
| CN111435346A (en) * | 2019-01-14 | 2020-07-21 | 阿里巴巴集团控股有限公司 | Offline data processing method, device and equipment |
| CN112417493A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Trusted Execution Environment (TEE) -based storage calling speed increasing method |
| CN112417436A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Program white list updating method based on TCM software server |
| CN112417440A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Method for reducing system false alarm rate |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101334792A (en) * | 2008-07-10 | 2008-12-31 | 中国科学院计算技术研究所 | Personalized service recommendation system and method |
| CN102984161A (en) * | 2012-12-05 | 2013-03-20 | 北京奇虎科技有限公司 | Identification method and device for reliable website |
| CN104836781A (en) * | 2014-02-20 | 2015-08-12 | 腾讯科技(北京)有限公司 | Method distinguishing identities of access users, and device |
| CN105100032A (en) * | 2014-05-23 | 2015-11-25 | 腾讯科技(北京)有限公司 | Method and apparatus for preventing resource steal |
-
2015
- 2015-12-01 CN CN201510869215.1A patent/CN105897676A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101334792A (en) * | 2008-07-10 | 2008-12-31 | 中国科学院计算技术研究所 | Personalized service recommendation system and method |
| CN102984161A (en) * | 2012-12-05 | 2013-03-20 | 北京奇虎科技有限公司 | Identification method and device for reliable website |
| CN104836781A (en) * | 2014-02-20 | 2015-08-12 | 腾讯科技(北京)有限公司 | Method distinguishing identities of access users, and device |
| CN105100032A (en) * | 2014-05-23 | 2015-11-25 | 腾讯科技(北京)有限公司 | Method and apparatus for preventing resource steal |
Non-Patent Citations (1)
| Title |
|---|
| 张玉清: "在线社交网络中异常账号检测方法研究", 《计算机学报》 * |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445664B (en) * | 2016-09-18 | 2020-05-12 | 深圳市邦华电子有限公司 | Application program management method and device |
| CN106445664A (en) * | 2016-09-18 | 2017-02-22 | 深圳市邦华电子有限公司 | Application program management method and device |
| CN106453397A (en) * | 2016-11-18 | 2017-02-22 | 北京红马传媒文化发展有限公司 | Method of automatically identifying network ticket-robbing and intrusion through big data analysis |
| CN108512815A (en) * | 2017-02-28 | 2018-09-07 | 腾讯科技(北京)有限公司 | Door chain detection method, door chain detection device and server |
| CN108512815B (en) * | 2017-02-28 | 2021-12-10 | 腾讯科技(北京)有限公司 | Anti-theft chain detection method, anti-theft chain detection device and server |
| CN109426700A (en) * | 2017-08-28 | 2019-03-05 | 腾讯科技(北京)有限公司 | Data processing method, device, storage medium and electronic device |
| CN107563194A (en) * | 2017-09-04 | 2018-01-09 | 杭州安恒信息技术有限公司 | Latency steals user data behavioral value method and device |
| CN109327439A (en) * | 2018-09-29 | 2019-02-12 | 武汉极意网络科技有限公司 | Risk Identification Method, device, storage medium and the equipment of service request data |
| CN109327439B (en) * | 2018-09-29 | 2021-04-23 | 武汉极意网络科技有限公司 | Risk identification method and device for service request data, storage medium and equipment |
| CN109194689A (en) * | 2018-10-22 | 2019-01-11 | 武汉极意网络科技有限公司 | Abnormal behaviour recognition methods, device, server and storage medium |
| CN109460784A (en) * | 2018-10-22 | 2019-03-12 | 武汉极意网络科技有限公司 | Access behavioural characteristic method for establishing model, equipment, storage medium and device |
| CN109509021A (en) * | 2018-10-22 | 2019-03-22 | 武汉极意网络科技有限公司 | Abnormality recognition method, device, server and the storage medium of Behavior-based control track |
| CN109194689B (en) * | 2018-10-22 | 2021-04-23 | 武汉极意网络科技有限公司 | Abnormal behavior recognition method, device, server and storage medium |
| CN111435346A (en) * | 2019-01-14 | 2020-07-21 | 阿里巴巴集团控股有限公司 | Offline data processing method, device and equipment |
| CN111435346B (en) * | 2019-01-14 | 2023-12-19 | 阿里巴巴集团控股有限公司 | Offline data processing method, device and equipment |
| CN111404898A (en) * | 2020-03-06 | 2020-07-10 | 北京创世云科技有限公司 | Anti-stealing-link method and device, storage medium and electronic equipment |
| CN111404898B (en) * | 2020-03-06 | 2021-03-23 | 北京创世云科技有限公司 | Anti-stealing-link method and device, storage medium and electronic equipment |
| CN112417440A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Method for reducing system false alarm rate |
| CN112417436A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Program white list updating method based on TCM software server |
| CN112417440B (en) * | 2020-10-15 | 2023-10-17 | 北京八分量信息科技有限公司 | Method for reducing false alarm rate of system |
| CN112417493A (en) * | 2020-10-15 | 2021-02-26 | 北京八分量信息科技有限公司 | Trusted Execution Environment (TEE) -based storage calling speed increasing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105897676A (en) | User resource access behavior processing method and device | |
| US9600834B2 (en) | Aggregating data from multiple devices belonging to one user for directed ad targeting | |
| US20220150279A1 (en) | Real-Time Detection and Redirection from Counterfeit Websites | |
| AU2022279417A1 (en) | Methods and apparatus to collect distributed user information for media impressions | |
| US8315964B2 (en) | Comprehensive human computation framework | |
| US9424355B2 (en) | Systems and methods for coordinated content distribution | |
| US8832257B2 (en) | System, method and computer readable medium for determining an event generator type | |
| US20080031447A1 (en) | Systems and methods for aggregation of access to network products and services | |
| JP7029003B2 (en) | Password protection Question setting method and device | |
| CN104836781A (en) | Method distinguishing identities of access users, and device | |
| TW201239655A (en) | Determining machine behavior | |
| US20150244737A1 (en) | Detecting malicious advertisements using source code analysis | |
| WO2007139277A1 (en) | Method for executing digital right management and tracking using characteristic of virus and system for executing the method | |
| US20190130440A1 (en) | Method and system for detecting fraudulent advertisement activity | |
| CN107483407B (en) | Method and system for preventing hotlinking | |
| US10476856B2 (en) | Method for authenticating a device | |
| US20230247059A1 (en) | Network policy service for dynamic media | |
| US20210105302A1 (en) | Systems And Methods For Determining User Intent At A Website And Responding To The User Intent | |
| US20120290491A1 (en) | System and method for electronic lead verification | |
| CN105897671A (en) | Anti-hotlinking method and system | |
| US9098699B1 (en) | Smart television data sharing to provide security | |
| CN108769749A (en) | A kind of determining method, client and server for stealing brush data | |
| CN112785333B (en) | Advertisement putting method, electronic equipment, storage medium and device | |
| US20080182665A1 (en) | Video game to web site upload utility | |
| US10931659B2 (en) | Federated authentication for information sharing artificial intelligence systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160824 |
|
| WD01 | Invention patent application deemed withdrawn after publication |