CN102917334A - System, device and method for treatment of violation terminal built-in behaviors - Google Patents
System, device and method for treatment of violation terminal built-in behaviors Download PDFInfo
- Publication number
- CN102917334A CN102917334A CN2011102183802A CN201110218380A CN102917334A CN 102917334 A CN102917334 A CN 102917334A CN 2011102183802 A CN2011102183802 A CN 2011102183802A CN 201110218380 A CN201110218380 A CN 201110218380A CN 102917334 A CN102917334 A CN 102917334A
- Authority
- CN
- China
- Prior art keywords
- user
- business
- users
- confirmation
- service group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
An embodiment of the invention discloses a system, a device and a method for treatment of violation terminal built-in behaviors. The method includes: acquiring behavior log data of all users of a service management platform; extracting log data of uplink use services of the users; calculating uplink frequency of a user terminal number each time and each day according to the user terminal number and judging whether the frequency is within a preset numerical value range or not, and if yes, recording one-time frequency abnormity; judging whether the frequency normality times of the user terminal number within a certain period exceeds a set number or not, and if yes, determining that the user terminal is an abnormal user; and subjecting requesting operations of the abnormal SP (service provider) services by the users to service authentication control. The device and the system can be used for implementation of the method for treatment of violation terminal built-in behaviors. Using the system, the device and the method can accurately find the violation terminal built-in behaviors to effectively restrain the behaviors, violation fee collection of the terminal is reduced, and benefits of users are guaranteed against infringement.
Description
Technical field
The present invention relates to communication technical field, relate in particular to the built-in behavior processing method of a kind of violation terminal, Apparatus and system.
Background technology
Along with the user group who uses the mountain vallage machine increases day by day, part service provider's connection is with solution merchant, mobile phone manufacturer, the built-in SP(ISP of violation in the mountain vallage machine, Service Provider) business, the built-in SP business of violation is deducted fees in triggering in the unwitting situation of user, and Here it is so-called " mountain vallage machine fee suction trap ".This Terminal Type (mountain vallage machine) in violation of rules and regulations built-in behavior has caused a large amount of complaint of user, and certain customers are for fear of being closed the mobile information service switch by fee suction even requirement, the serious popularization that has affected regular traffic.At present, terminal (mountain vallage machine) in violation of rules and regulations built-in behavior is a lot, and the built-in mode of common violation includes: built-in menu mode, click the built-in menu of mountain vallage machine as the user, and namely trigger service order or professional the use; Built-in backdoor programs mode, Backdoor Software trigger service order or professional the use at random or according to user key-press; The built-in game software mode, mountain vallage machine user when need to enter next pass, namely triggers service order or professional the use by " determining " in playing the embedded in mobile phone game process; The application software mode in the application software (such as mobile phone theme) that the user downloads, is hidden the fee suction trap, automatically triggers service order or professional the use.
For the built-in behavior of violation terminal, on the means of checking, mainly contain two kinds of the testing of mountain vallage machine, customer complaint verifications at present.The testing of mountain vallage machine, carry out the active testing for the built-in business conduct of the violation in the mountain vallage machine, discovery exists that analog subscriber is ordered,, the deduct fees problems such as business tine be not provided vulgar without reminding rates, menu content, exists the abnormal user of in violation of rules and regulations built-in behavior and unusual SP professional thereby judge terminal suspicion.Its shortcoming is: the type limited coverage area, can only find the unlawful practice of part mountain vallage machine; Mountain vallage machine manufacturer has realized by batch selectivity built-in, so there is inaccuracy in the testing result.The customer complaint verification then is to extract the user according to customer complaint by artificial mode to use the business diary data analysis, judges the authenticity of complaining content and determines whether in violation of rules and regulations complained business.Its shortcoming is: belong to passive processing, can't effectively reduce the customer complaint rate; Simultaneously, as being based on insufficient grounds of business violation, there is the situation of evidence obtaining difficulty.
Summary of the invention
The technical problem that the embodiment of the invention solves is, the built-in behavior processing method of a kind of violation terminal, Apparatus and system are provided, can initiatively, effectively find the in violation of rules and regulations built-in behavior of terminal and process, reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the rate of complaints of the built-in behavior fee suction of violation terminal, the guarantee user benefit is avoided infringement.
To achieve these goals, the embodiment of the invention provides a kind of violation terminal built-in behavior processing method, comprising:
The whole users' of capturing service management platform user behaviors log data;
Extract described user uplink and use professional daily record data;
Press user terminal number and calculate the each up frequency of this user terminal number every day, and judge that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual;
Judge that whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user;
Subscription authentication control is carried out in the operation of described abnormal user program request SP business.
The step of further, subscription authentication control is carried out in the operation of described abnormal user program request SP business comprises:
Described abnormal user is carried out the groups of users authentication, determine the groups of users that it is affiliated;
Adopt the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described abnormal user program request is carried out authentication control.
Further, described abnormal user is carried out the groups of users authentication, determines the step of the groups of users that it is affiliated, specifically comprise:
To the complaint amount of in violation of rules and regulations charge or complaint frequency, determine the groups of users that described abnormal user is affiliated according to described abnormal user.
Further, described groups of users comprises high sensitive groups of users and low sensitivity groups of users, wherein, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the first user who sets the number condition to belong to the high sensitive groups of users, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the second user who sets the number condition to belong to the low sensitivity groups of users.
Further, the respective user group secondary-confirmation strategy of described high sensitive groups of users setting is: random code secondary-confirmation or challenge secondary-confirmation;
The respective user group secondary-confirmation strategy that described low sensitivity groups of users is set is: the simple problem secondary-confirmation.
Accordingly, the embodiment of the invention also provides another in violation of rules and regulations built-in behavior processing method of terminal, comprising:
The whole users' of capturing service management platform user behaviors log data;
Extract described user uplink and use professional daily record data;
Press user terminal number and calculate the each up frequency of this user terminal number every day, and judge that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual;
Judge that whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user;
Extract the SP service lists of the up access of described abnormal user success in some cycles;
Successfully go up accordingly row index by the business statistics in the described service lists;
Judge whether the described row index of successfully going up surpasses the setting number, in this way, judge that then this business is that unusual SP is professional;
Service authentication control is carried out in the operation of the described unusual SP business of user's program request.
Further, described successfully go up row index comprise abnormal user number, abnormal user successfully go up in the up accounting of line number and abnormal user success any one or multiple.
The step of further, service authentication control is carried out in the operation of the described unusual SP business of user's program request comprises:
Described unusual SP business is carried out service group's authentication, determine its affiliated service group;
Adopt corresponding service group of the service group secondary-confirmation strategy of determining that described SP business is carried out authentication control.
Further, if unusual SP is professional, then described SP business is carried out service group's authentication, determines the step of its affiliated service group, specifically comprise:
According to the professional in violation of rules and regulations difference of the order of severity of described unusual SP, determine the service group that described SP abnormal traffic is affiliated.
Further, described service group comprises height violation degree service group, middle violation degree service group and low violation degree service group, wherein, the unusual number of times of frequency of occurrence reaches the 3rd SP business of setting the number condition and belongs to height violation degree service group, the unusual number of times of frequency of occurrence reaches the 4th SP business of setting the number condition and belongs to middle violation degree service group, and the unusual number of times of frequency of occurrence reaches the 5th SP business of setting the number condition and belongs to low violation degree service group.
Further, the corresponding service group secondary-confirmation strategy set of described high violation degree service group is: the secondary-confirmation rule is the equal secondary-confirmation of each program request, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation;
The corresponding service group secondary-confirmation strategy that described middle violation degree service group sets is: the secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation;
The corresponding service group secondary-confirmation strategy that described low violation degree service group sets is: the secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is the simple problem secondary-confirmation.
Accordingly, the present invention also provides a kind of violation terminal built-in behavior processing unit, comprising:
Collecting unit is for the whole users' of capturing service management platform user behaviors log data;
The first extracting unit is used for extracting described user uplink and uses professional daily record data;
The first statistic unit is used for press user terminal number and calculates the each up frequency of this user terminal number every day, and judges that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual;
The first judging unit is used for judging whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user;
The subscription authentication control unit is used for subscription authentication control is carried out in the operation of described abnormal user program request SP business.
Further, described subscription authentication control unit further comprises:
The first determining unit is used for described user is carried out the groups of users authentication, determines the groups of users that it is affiliated;
The first control unit is used for adopting the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described user's program request is carried out authentication control.
Further, described device also comprises:
The second extracting unit is for the SP service lists that extracts the up access of described abnormal user success in some cycles;
The second statistic unit is used for successfully going up accordingly row index by the business statistics of described service lists;
The second judging unit is used for judging whether the described row index of successfully going up surpasses the setting number, in this way, then is judged to be unusual SP professional;
The service authentication control unit is used for service authentication control is carried out in the operation of the described unusual SP business of user's program request.
Further, described service authentication control unit further comprises:
The second determining unit is used for described unusual SP business is carried out service group's authentication, determines the service group that it is affiliated;
The second control unit is used for adopting corresponding service group of the service group secondary-confirmation strategy of determining that the SP business of described user's program request is carried out authentication control.
Accordingly, the present invention also provides a kind of violation terminal built-in behavior treatment system, and described system comprises audit system and Business Management Platform;
Described audit system is used for checking that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP on the Business Management Platform, and according to pre-conditioned, described abnormal user is divided into different groups of users and service group with unusual SP business, and sets different groups of users secondary-confirmation strategy and service group's secondary-confirmation strategy for different groups of users with service group;
Described Business Management Platform is used for after receiving the SP service request of user's program request, when judging described user for abnormal user, carries out the groups of users authentication, then adopts corresponding groups of users secondary-confirmation strategy that the SP business of user's program request is carried out authentication control; After perhaps receiving the SP service request of user's program request, judge that described user is not abnormal user, when the SP business of judging again described program request is unusual SP business, carry out service group's authentication, then adopt corresponding service group secondary-confirmation strategy that the SP business of user's program request is carried out authentication control.
Further, described audit system comprises:
Collecting unit is for capturing service management platform user's user behaviors log data;
Extracting unit is used for extracting user uplink and uses professional daily record data;
Statistical analysis unit is used for adding up respectively the unusual number of times of its frequency every day by user terminal number, determines abnormal user, and according to pre-conditioned, lists it in different groups of users; And described abnormal user up used professional daily record data, and add up respectively it according to the SP business and successfully go up row index, determine unusual SP business, and according to pre-conditioned, list described unusual SP business in different service group;
Dispensing unit is used for setting different groups of users secondary-confirmation strategy and service group's secondary-confirmation strategy for different groups of users with service group.
Further, described Business Management Platform comprises:
The subscription authentication module, be used for judging whether the user of program request SP business is abnormal user, abnormal user is then judged the groups of users that it is affiliated in this way, and adopts the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described user's program request is carried out authentication;
The service authentication module, be used for judging whether the SP business of user's program request is that unusual SP is professional, unusual SP is professional in this way, then further judges the service group that it is affiliated, and adopts corresponding service group of the service group secondary-confirmation strategy of determining that the SP business of described user's program request is carried out authentication.
Further, described subscription authentication module comprises:
Judging unit is used for judging whether the user of program request SP business is abnormal user;
Search the unit, be used for searching the affiliated groups of users of abnormal user that described judging unit is judged;
Authenticating unit is used for adopting and describedly searches groups of users secondary-confirmation strategy corresponding to groups of users that the unit finds the SP business of described user's program request is carried out authentication.
Further, described service authentication module comprises:
Judging unit, whether for the SP business of judging user's program request is that unusual SP is professional;
Search the unit, be used for searching the affiliated service group of abnormal traffic that described judging unit is judged;
Authenticating unit is used for adopting and describedly searches service group's secondary-confirmation strategy corresponding to service group that the unit finds the SP business of described user's program request is carried out authentication.
Further, described Business Management Platform is for different groups of users secondary-confirmation strategies and service group's secondary-confirmation strategy, be provided with different exam pools, comprise the random code exam pool, challenge exam pool and simple problem exam pool, described exam pool also can offer described Business Management Platform by audit system.
Implement the embodiment of the invention, have following beneficial effect:
1, by checking judgement, the statistical analysis user uplink uses professional daily record data, can find more accurately that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP, and then it is divided into groups, for different groups different control strategies are set, realize fine-grained management.
2, for different groups of users and service group, adopt different secondary-confirmation control strategies, can realize targetedly bookkeeping, make that terminal is in violation of rules and regulations built-in can not finish secondary-confirmation for the user easily, more effectively reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the complaint amount of violation fee suction, the guarantee user benefit is avoided infringement.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, the below will do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art, apparently, accompanying drawing in the following describes only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the flow chart of the first embodiment of the built-in behavior processing method of violation terminal of the present invention;
Fig. 2 is groups of users secondary-confirmation strategy allocation plan of the present invention;
Fig. 3 is the flow chart of the second embodiment of the built-in behavior processing method of violation terminal of the present invention;
Fig. 4 is service group of the present invention secondary-confirmation strategy allocation plan;
The flow chart of Fig. 5 method program request SP business of the present invention for the user adopts;
Fig. 6 is the structural representation of the first embodiment of the built-in behavior processing unit of violation terminal of the present invention;
Fig. 7 is the structural representation of the subscription authentication control unit of the built-in behavior processing unit of violation terminal of the present invention;
Fig. 8 is the structural representation of the second embodiment of the built-in behavior processing unit of violation terminal of the present invention;
Fig. 9 is the structural representation of the service authentication control unit of the built-in behavior processing unit of violation terminal of the present invention;
Figure 10 is an example structure schematic diagram of the built-in behavior treatment system of violation terminal of the present invention;
Figure 11 is the structural representation of audit system of the present invention;
Figure 12 is the structural representation of Business Management Platform of the present invention;
Figure 13 is the structural representation of subscription authentication module of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that obtains under the creative work prerequisite.
See also Fig. 1, be the present invention's flow chart of the first embodiment of the built-in behavior processing method of terminal in violation of rules and regulations; Described method comprises:
Step S101, the whole users' of capturing service management platform user behaviors log data.
In the specific implementation, the whole users' of capturing service management platform user behaviors log data are prior art, repeat no more herein.
Step S102 extracts described user uplink and uses professional daily record data.
In the specific implementation, extract described user uplink and use professional daily record data to be prior art, repeat no more herein.
Step S103 presses user terminal number and calculates the each up frequency of this user terminal number every day, and judges that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual.
Concrete, the described frequency refers to that the user passes through the time interval of the up use of short message channel SP business.If the described frequency (such as 0<=Pin<=10, can be joined), then count 1 frequency unusual, according to the unusual number of times of this rule-statistical Subscriber Number frequency every day in predefined frequency abnormal ranges.
It judges that principle is as follows: violation is built-in the terminal of SP business (mountain vallage machine), usually click that menu triggers or backdoor programs catches user key-press and will automatically trigger upstream request and use professional the user, namely substitute the family and automatically initiate request, because the time of user key-press is very short, will cause user's the up frequency very short, usually all only have several seconds, have in addition in same second existence up situation repeatedly.And normal users is initiated request, needs input instruction note, and then sends, and sees descending result again, again writes the program request instruction again and sends note, and the up frequency generally can not be lower than 10 seconds.Therefore, the up program request of the frequency less than 10 seconds can be considered as unusually.
Step S104 judges that whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user.
Concrete, if the up use of user terminal number is professional, all Nei Duori (as surpassing 3, can join) exist the up frequency unusual, or exist repeatedly (as surpassing 7 times, can join) up frequency unusual in the week, can assert that this user terminal number is abnormal user.
Step S105 carries out subscription authentication control to the operation of described abnormal user program request SP business.
In the specific implementation, the step of the operation of described abnormal user program request SP business being carried out subscription authentication control comprises:
(1) described abnormal user is carried out the groups of users authentication, determine the groups of users that it is affiliated;
(2) adopt the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described abnormal user program request is carried out authentication control.
Wherein, step () is carried out the groups of users authentication to described abnormal user, determines the step of the groups of users that it is affiliated, specifically comprises:
To the complaint amount of in violation of rules and regulations charge or complaint frequency, determine the groups of users that described abnormal user is affiliated according to described abnormal user.
Described groups of users comprises high sensitive groups of users and low sensitivity groups of users, wherein, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the first user who sets the number condition to belong to the high sensitive groups of users, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the second user who sets the number condition to belong to the low sensitivity groups of users.To the complaint amount of in violation of rules and regulations charge or complaint frequency, determine the groups of users that described abnormal user is affiliated according to described abnormal user.
Step (two) adopts the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described user's program request is carried out authentication control.
In the specific implementation, corresponding groups of users secondary-confirmation strategy sees also shown in Figure 2.
The respective user group secondary-confirmation strategy that described high sensitive groups of users is set is: random code secondary-confirmation or challenge secondary-confirmation, wherein random code and challenge are all provided by corresponding exam pool.Random code is generally a character string, its affirmation mode can for, for example: " to ask input of character string ' ahgt21 ' to confirm program request ", user's input " ahgt21 " can be confirmed program request; Does how many challenge refer to the problem that its answer is unique, for example: " 2 add 3 equals "? answer is " 5 ", and the user inputs correct option can confirm program request.
The respective user group secondary-confirmation strategy that described low sensitivity groups of users is set is: the simple problem secondary-confirmation, wherein simple problem is provided by corresponding exam pool, simple problem refers to that its answer has a lot of problem, for example: " please input the Any Digit between 10 to 20 ", the user can input " 11,12 ...; 19 " in any one, can confirm program request.
It should be noted that groups of users secondary-confirmation strategy corresponding to the groups of users of high sensitive shown in the figure is random code secondary-confirmation or challenge secondary-confirmation; Groups of users secondary-confirmation strategy corresponding to low sensitivity groups of users is that the pattern of simple problem secondary-confirmation is not well-determined, and other associative mode can also be arranged, as long as satisfy the pattern of the corresponding a kind of secondary-confirmation of a kind of groups of users.
The embodiment of the invention has following technique effect:
1, by checking judgement, the statistical analysis user uplink uses professional daily record data, can find more accurately that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP, and then it is divided into groups, for different groups different control strategies are set, realize fine-grained management.
2, for different groups of users, adopt different groups of users secondary-confirmation control strategies, can realize targetedly bookkeeping, make that terminal is in violation of rules and regulations built-in can not finish secondary-confirmation for the user easily, more effectively reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the complaint amount of violation fee suction, simultaneously, also can improve normal users and use professional perception.
See also Fig. 3, be the present invention's flow chart of the second embodiment of the built-in behavior processing method of terminal in violation of rules and regulations; Described method comprises:
Step S301, the whole users' of capturing service management platform user behaviors log data.
In the specific implementation, identical with step S101 in embodiment illustrated in fig. 1, do not repeat them here.
Step S302 extracts described user uplink and uses professional daily record data.
In the specific implementation, identical with step S102 in embodiment illustrated in fig. 1, do not repeat them here.
Step S303 presses user terminal number and calculates the each up frequency of this user terminal number every day, and judges that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual.
In the specific implementation, identical with step S103 in embodiment illustrated in fig. 1, do not repeat them here.
Step S304 judges that whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user.
In the specific implementation, identical with step S104 in embodiment illustrated in fig. 1, do not repeat them here.
Step S305 extracts the SP service lists of described abnormal user up access of success in some cycles.
In the specific implementation, for example, extract described abnormal user up access SP service lists of success within a week.
Step S306 successfully goes up row index accordingly by the business statistics in the described service lists.
In the specific implementation, described successfully go up row index comprise abnormal user number, abnormal user successfully go up in the up accounting of line number and abnormal user success any one or multiple.
Described abnormal user number: " the abnormal user termination number quantity " that refers to this business of access in the cycle;
Described abnormal user successfully goes up line number: " abnormal user successfully goes up line number " that refers to this business of access in the cycle;
The up accounting of described abnormal user success: refer to that this professional abnormal user of access successfully goes up whole ratios of successfully going up line number of accessing this business in line number and cycle in the cycle, can be obtained by " abnormal user successfully goes up line number divided by successfully going up line number, multiply by 100% again ".
Step S307 judges whether the described row index of successfully going up surpasses the setting number, in this way, judges that then this business is that unusual SP is professional.
In the specific implementation, if (such as a week) abnormal user number surpasses set point (such as 1000 in the cycle, can join) or " abnormal user successfully goes up line number " surpass set point (such as 5000, can join), and the up accounting of eminently successful surpasses set point (such as 10%, can join), judge that then this business is professional as unusual SP.
Step S308 carries out service authentication control to the operation of the described unusual SP business of user's program request.
In the specific implementation, the step of the operation of the described unusual SP business of user's program request being carried out service authentication control comprises:
(1) described unusual SP business is carried out service group's authentication, determine its affiliated service group;
(2) adopt corresponding service group of the service group secondary-confirmation strategy of determining that described SP business is carried out authentication control.
Wherein, step () is carried out service group's authentication to described SP business, determines that the step of its affiliated service group further comprises:
According to the professional in violation of rules and regulations difference of the order of severity of described unusual SP, determine the service group that described SP abnormal traffic is affiliated.
In the specific implementation, described service group comprises height violation degree service group, middle violation degree service group and low violation degree service group, wherein, the unusual number of times of frequency of occurrence reaches the 3rd SP business of setting the number condition and belongs to height violation degree service group, the unusual number of times of frequency of occurrence reaches the 4th SP business of setting the number condition and belongs to middle violation degree service group, and the unusual number of times of frequency of occurrence reaches the 5th SP business of setting the number condition and belongs to low violation degree service group.According to the professional in violation of rules and regulations difference of the order of severity of described unusual SP, determine the service group that described SP abnormal traffic is affiliated.
Step (two) adopts corresponding service group of the service group secondary-confirmation strategy of determining that described SP business is carried out authentication control.
In the specific implementation, corresponding service group's secondary-confirmation strategy sees also shown in Figure 4.
Service group's secondary-confirmation strategy corresponding to described high violation degree service group: the secondary-confirmation rule is the equal secondary-confirmation of each program request, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation.Is how many wherein, challenge provided by corresponding exam pool, and challenge refers to the problem that its answer is unique, for example: " 2 add 3 equals "? answer is " 5 ", and the user inputs correct option can confirm program request.Random code is provided by corresponding exam pool.Random code is generally a character string, its affirmation mode can for, for example: " to ask input of character string ' ahgt21 ' to confirm program request ", user's input " ahgt21 " can be confirmed program request.
Service group's secondary-confirmation strategy corresponding to described middle violation degree service group: secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation.Is how many wherein, challenge provided by corresponding exam pool, and challenge refers to the problem that its answer is unique, for example: " 2 add 3 equals "? answer is " 5 ", and the user inputs correct option can confirm program request.Random code is provided by corresponding exam pool.Random code is generally a character string, its affirmation mode can for, for example: " to ask input of character string ' ahgt21 ' to confirm program request ", user's input " ahgt21 " can be confirmed program request.
Service group's secondary-confirmation strategy corresponding to described low violation degree service group: secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is the simple problem secondary-confirmation.Wherein simple problem is provided by corresponding exam pool, and simple problem refers to that its answer has a lot of problems, for example: " please input the Any Digit between 10 to 20 ", the user can input " 11,12 ..., 19 " in any one, can confirm program request.
It should be noted that, secondary-confirmation rule corresponding to described high violation degree service group shown in the figure is the equal secondary-confirmation of each program request, corresponding secondary-confirmation pattern is challenge or random code secondary-confirmation, secondary-confirmation rule corresponding to middle violation degree service group is program request secondary-confirmation first, corresponding secondary-confirmation pattern is challenge or random code secondary-confirmation, secondary-confirmation corresponding to low violation degree service group be regular to be program request secondary-confirmation first, corresponding secondary-confirmation pattern is that the pattern of simple problem secondary-confirmation is not well-determined, other associative mode can also be arranged, as long as satisfy corresponding a kind of secondary-confirmation rule of a kind of service group and a kind of secondary-confirmation pattern.
See also Fig. 5, adopt the flow chart of the inventive method program request SP business for the user.
1) user initiates the up-on command demand (telecommunication) service to Short Message Service Gateway;
2) Short Message Service Gateway sends to Business Management Platform with order request;
3) Business Management Platform carries out the authentication operations such as subscription authentication, service authentication;
4) Business Management Platform is done the groups of users authentication, judges which group the user belongs to;
5) groups of users secondary-confirmation strategy authentication is judged the corresponding secondary-confirmation strategy of groups of users that belongs to;
6) Business Management Platform is done service group's authentication, and which group is the judgement business belong to;
7) service group's secondary-confirmation strategy authentication is judged the corresponding secondary-confirmation strategy of service group that belongs to;
8) Business Management Platform returns the Short Message Service Gateway order request and replys, and sign needs the user to carry out secondary-confirmation;
9) Business Management Platform is transmitted the secondary-confirmation request to sms center, carries the secondary-confirmation strategy;
10) sms center makes up corresponding secondary-confirmation note according to the secondary-confirmation strategy;
11) sms center issues the secondary-confirmation note to the user;
12) user replys the secondary-confirmation note;
13) sms center is initiated program request affirmation request to Business Management Platform;
14) Business Management Platform generates interim order relations;
15) Business Management Platform sends program request affirmation response to Short Message Service Gateway;
16) Short Message Service Gateway issues program request affirmation response to the user.
The embodiment of the invention has following technique effect:
1, by checking judgement, the statistical analysis user uplink uses professional daily record data, can find more accurately that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP, and then it is divided into groups, for different groups different control strategies are set, realize fine-grained management.
2, adopt different secondary-confirmation strategies for difference violation degree service group, both can effectively control in violation of rules and regulations professional use of mountain vallage machine, make that terminal is in violation of rules and regulations built-in can not finish secondary-confirmation for the user easily, more effectively reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the complaint amount of violation fee suction, the guarantee user benefit is avoided infringement.
Accordingly, the invention also discloses the built-in behavior processing unit of a kind of violation terminal, Fig. 6 is the structural representation of the first embodiment of the built-in behavior processing unit of violation terminal of the present invention, shown in Fig. 6, described device 1 comprises: collecting unit 11, the first extracting unit 12, the first statistic unit 13, the first judging units 14 and subscription authentication control unit 15.
Described collecting unit 11 is for the whole users' of capturing service management platform user behaviors log data.
Concrete, described collecting unit 11 is prior art, repeats no more herein.
Described the first extracting unit 12 is used for extracting described user uplink and uses professional daily record data.
Concrete, described the first extracting unit 12 is prior art, repeats no more herein.
Described the first statistic unit 13 is used for press user terminal number and calculates the each up frequency of this user terminal number every day, and judges that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual.
Concrete, the described frequency refers to that the user passes through the time interval of the up use of short message channel SP business.If the described frequency (such as 0<=Pin<=10, can be joined) in predefined frequency abnormal ranges, then count 1 frequency unusual, described the first statistic unit is according to the unusual number of times of this rule-statistical Subscriber Number frequency every day.
It judges that principle is as follows: violation is built-in the terminal of SP business (mountain vallage machine), usually click that menu triggers or backdoor programs catches user key-press and will automatically trigger upstream request and use professional the user, namely substitute the family and automatically initiate request, because the time of user key-press is very short, will cause user's the up frequency very short, usually all only have several seconds, have in addition in same second existence up situation repeatedly.And normal users is initiated request, needs input instruction note, and then sends, and sees descending result again, again writes the program request instruction again and sends note, and the up frequency generally can not be lower than 10 seconds.Therefore, the frequency can be considered as the frequency less than 10 seconds up program request unusual.
Described the first judging unit 14 is used for judging whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user.
Concrete, if the up use of user terminal number is professional, all Nei Duori (as surpassing 3, can join) exist the up frequency unusual, or exist repeatedly (as surpassing 7 times, can join) up frequency unusual in the week, can assert that this user terminal number is abnormal user.
Subscription authentication control unit 15 is used for subscription authentication control is carried out in the operation of described abnormal user program request SP business.
Concrete, described subscription authentication control unit 15 further comprises: the first determining unit 151 and the first control unit 152 specifically see also shown in Figure 7.
Described the first determining unit 151 is used for described user is carried out the groups of users authentication, determines the groups of users that it is affiliated.
In the specific implementation, described groups of users comprises high sensitive groups of users and low sensitivity groups of users, wherein, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the first user who sets the number condition to belong to the high sensitive groups of users, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the second user who sets the number condition to belong to the low sensitivity groups of users.To the complaint amount of in violation of rules and regulations charge or complaint frequency, determine the groups of users that described abnormal user is affiliated according to described abnormal user.
Described the first control unit 152 is used for adopting the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described user's program request is carried out authentication control.
In the specific implementation, corresponding groups of users secondary-confirmation strategy sees also shown in Figure 2.
The respective user group secondary-confirmation strategy that described high sensitive groups of users is set is: random code secondary-confirmation or challenge secondary-confirmation, wherein random code and challenge are all provided by corresponding exam pool.Random code is generally a character string, its affirmation mode can for, for example: " to ask input of character string ' ahgt21 ' to confirm program request ", user's input " ahgt21 " can be confirmed program request; Does how many challenge refer to the problem that its answer is unique, for example: " 2 add 3 equals "? answer is " 5 ", and the user inputs correct option can confirm program request.
The respective user group secondary-confirmation strategy that described low sensitivity groups of users is set is: the simple problem secondary-confirmation, wherein simple problem is provided by corresponding exam pool, simple problem refers to that its answer has a lot of problem, for example: " please input the Any Digit between 10 to 20 ", the user can input " 11,12 ...; 19 " in any one, can confirm program request.
It should be noted that groups of users secondary-confirmation strategy corresponding to the groups of users of high sensitive shown in the figure is random code secondary-confirmation or challenge secondary-confirmation; Groups of users secondary-confirmation strategy corresponding to low sensitivity groups of users is that the pattern of simple problem secondary-confirmation is not well-determined, and other associative mode can also be arranged, as long as satisfy the pattern of the corresponding a kind of secondary-confirmation of a kind of groups of users.
The embodiment of the invention has following technique effect:
1, by checking judgement, the statistical analysis user uplink uses professional daily record data, can find more accurately that there is the in violation of rules and regulations abnormal user of built-in behavior in terminal suspicion, and then it is divided into groups, for different groups different control strategies are set, realize fine-grained management.
2, for different groups of users, adopt different groups of users secondary-confirmation control strategies, can realize targetedly bookkeeping, make that terminal is in violation of rules and regulations built-in can not finish secondary-confirmation for the user easily, more effectively reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the complaint amount of violation fee suction, simultaneously, also can improve normal users and use professional perception.
Fig. 8 is the structural representation of the second embodiment of the built-in behavior processing unit of violation terminal of the present invention, as shown in Figure 8, described device 2 comprises: collecting unit 21, the first extracting unit 22, the first statistic unit 23, the first judging units 24, subscription authentication control unit 25, the second extracting unit 26, the second statistic unit 27, the second judging unit 28 and service authentication control unit 29.
Described collecting unit 21 is for the whole users' of capturing service management platform user behaviors log data.
Concrete, identical with collecting unit 11 in embodiment illustrated in fig. 6, repeat no more herein.
Described the first extracting unit 22 is used for extracting described user uplink and uses professional daily record data.
Concrete, identical with the first extracting unit 12 in embodiment illustrated in fig. 6, repeat no more herein.
Described the first statistic unit 23 is used for press user terminal number and calculates the each up frequency of this user terminal number every day, and judges that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual.
Concrete, identical with the first statistic unit 13 in embodiment illustrated in fig. 6, repeat no more herein.
Described the first judging unit 24 is used for judging whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user.
Concrete, identical with the first judging unit 14 in embodiment illustrated in fig. 6, repeat no more herein.
Described subscription authentication control unit 25 is used for subscription authentication control is carried out in the operation of described abnormal user program request SP business.
Concrete, identical with subscription authentication control unit 15 in embodiment illustrated in fig. 6, repeat no more herein.
The second extracting unit 26 is for the SP service lists that extracts the up access of described abnormal user success in some cycles.
Concrete, for example, extract described abnormal user up access SP service lists of success within a week.
The second statistic unit 27 is used for successfully going up accordingly row index by the business statistics of described service lists.
Concrete, the described row index of successfully go up comprises that abnormal user number, abnormal user successfully go up successfully any one in the up accounting or multiple of line number and abnormal user.
Described abnormal user number: " the abnormal user termination number quantity " that refers to this business of access in the cycle;
Described abnormal user successfully goes up line number: " abnormal user successfully goes up line number " that refers to this business of access in the cycle;
The up accounting of described abnormal user success: refer to that this professional abnormal user of access successfully goes up whole ratios of successfully going up line number of accessing this business in line number and cycle in the cycle, can be obtained by " abnormal user successfully goes up line number divided by successfully going up line number, multiply by 100% again ".
The second judging unit 28 is used for judging whether the described row index of successfully going up surpasses the setting number, in this way, then is judged to be unusual SP professional.
In the specific implementation, if (such as a week) abnormal user number surpasses set point (such as 1000 in the cycle, can join) or " abnormal user successfully goes up line number " surpass set point (such as 5000, can join), and the up accounting of eminently successful surpasses set point (such as 10%, can join), judge that then this business is professional as unusual SP.
Described service authentication control unit 29 is used for service authentication control is carried out in the operation of the described unusual SP business of user's program request.
Concrete, described service authentication control unit 29 further comprises: the second determining unit 291 and second
Described the second determining unit 291 is used for described unusual SP business is carried out service group's authentication, determines the service group that it is affiliated.
In the specific implementation, described service group comprises height violation degree service group, middle violation degree service group and low violation degree service group, wherein, the unusual number of times of frequency of occurrence reaches the 3rd SP business of setting the number condition and belongs to height violation degree service group, the unusual number of times of frequency of occurrence reaches the 4th SP business of setting the number condition and belongs to middle violation degree service group, and the unusual number of times of frequency of occurrence reaches the 5th SP business of setting the number condition and belongs to low violation degree service group.According to the professional in violation of rules and regulations difference of the order of severity of described unusual SP, determine the service group that described SP abnormal traffic is affiliated.
Described the second control unit 292 is used for adopting corresponding service group of the service group secondary-confirmation strategy of determining that the SP business of described user's program request is carried out authentication control.
In the specific implementation, corresponding service group's secondary-confirmation strategy sees also shown in Figure 4.
Service group's secondary-confirmation strategy corresponding to described high violation degree service group: the secondary-confirmation rule is the equal secondary-confirmation of each program request, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation.Is how many wherein, challenge provided by corresponding exam pool, and challenge refers to the problem that its answer is unique, for example: " 2 add 3 equals "? answer is " 5 ", and the user inputs correct option can confirm program request.Random code is provided by corresponding exam pool.Random code is generally a character string, its affirmation mode can for, for example: " to ask input of character string ' ahgt21 ' to confirm program request ", user's input " ahgt21 " can be confirmed program request.
Service group's secondary-confirmation strategy corresponding to described middle violation degree service group: secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation.Is how many wherein, challenge provided by corresponding exam pool, and challenge refers to the problem that its answer is unique, for example: " 2 add 3 equals "? answer is " 5 ", and the user inputs correct option can confirm program request.Random code is provided by corresponding exam pool.Random code is generally a character string, its affirmation mode can for, for example: " to ask input of character string ' ahgt21 ' to confirm program request ", user's input " ahgt21 " can be confirmed program request.
Service group's secondary-confirmation strategy corresponding to described low violation degree service group: secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is the simple problem secondary-confirmation.Wherein simple problem is provided by corresponding exam pool, and simple problem refers to that its answer has a lot of problems, for example: " please input the Any Digit between 10 to 20 ", the user can input " 11,12 ..., 19 " in any one, can confirm program request.
The embodiment of the invention has following technique effect:
1, by checking judgement, the statistical analysis user uplink uses professional daily record data, can find more accurately that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP, and then it is divided into groups, for different groups different control strategies are set, realize fine-grained management.
2, for different groups of users and service group, adopt different groups of users secondary-confirmation control strategies and service group's secondary-confirmation strategy, can realize targetedly bookkeeping, make that terminal is in violation of rules and regulations built-in can not finish secondary-confirmation for the user easily, more effectively reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the complaint amount of violation fee suction, the guarantee user benefit is avoided infringement.
Accordingly, the present invention also provides a kind of violation terminal built-in behavior treatment system.Figure 10 is an example structure schematic diagram of the built-in behavior treatment system of violation terminal of the present invention, and as shown in figure 10, described system 1 comprises audit system 11 and Business Management Platform 12.
Described audit system 11, described audit system is used for checking that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP on the Business Management Platform, and according to pre-conditioned, described abnormal user is divided into different groups of users and service group with unusual SP business, and sets different groups of users secondary-confirmation strategy and service group's secondary-confirmation strategy for different groups of users with service group.
Concrete, seeing also Figure 11, described audit system 11 comprises: collecting unit 111, extracting unit 112, statistical analysis unit 113 and dispensing unit 114.
Described collecting unit 111 is for capturing service management platform user's user behaviors log data.
Described extracting unit 112 is used for extracting user uplink and uses professional daily record data.
Described statistical analysis unit 113 is used for adding up respectively the unusual number of times of its frequency every day by user terminal number, determines abnormal user, and according to pre-conditioned, lists it in different groups of users; And described abnormal user up used professional daily record data, and add up respectively it according to the SP business and successfully go up row index, determine unusual SP business, and according to pre-conditioned, list described unusual SP business in different service group.
Described dispensing unit 114 is used for setting different groups of users secondary-confirmation strategy and service group's secondary-confirmation strategy for different groups of users with service group.
Described Business Management Platform 12, be used for after receiving the SP service request of user's program request, when judging described user for abnormal user, carry out the groups of users authentication, then adopt corresponding groups of users secondary-confirmation strategy that the SP business of user's program request is carried out authentication control; After perhaps receiving the SP service request of user's program request, judge that described user is not abnormal user, when the SP business of judging again described program request is unusual SP business, carry out service group's authentication, then adopt corresponding service group secondary-confirmation strategy that the SP business of user's program request is carried out authentication control.
Wherein, described Business Management Platform is for different groups of users secondary-confirmation strategies and service group's secondary-confirmation strategy, be provided with different exam pools, comprise the random code exam pool, challenge exam pool and simple problem exam pool, described exam pool also can offer described Business Management Platform by audit system.
Concrete, seeing also Figure 12, described Business Management Platform 12 comprises: subscription authentication module 121 and service authentication module 122.
Further, see also Figure 13, be the structural representation of subscription authentication module 121.Described subscription authentication module 121 comprises: judging unit 1211, search unit 1212 and authenticating unit 1213.
Described judging unit 1211 is used for judging whether the user of program request SP business is abnormal user.
The described unit 1212 of searching is used for searching the affiliated groups of users of abnormal user that described judging unit is judged.
Described authenticating unit 1213 is used for adopting and describedly searches groups of users secondary-confirmation strategy corresponding to groups of users that the unit finds the SP business of described user's program request is carried out authentication.
Same, described service authentication module 122 comprises: judging unit, search unit and authenticating unit.
Described judging unit, whether for the SP business of judging user's program request is that unusual SP is professional.
The described unit of searching is used for searching the affiliated service group of abnormal traffic that described judging unit is judged.
Described authenticating unit is used for adopting and describedly searches service group's secondary-confirmation strategy corresponding to service group that the unit finds the SP business of described user's program request is carried out authentication.
Implement the embodiment of the invention, have following beneficial effect:
1, by checking judgement, the statistical analysis user uplink uses professional daily record data, can find more accurately that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP, and then it is divided into groups, for different groups different control strategies are set, realize fine-grained management.
2, for different groups of users and service group, adopt different secondary-confirmation control strategies, can realize targetedly bookkeeping, make that terminal is in violation of rules and regulations built-in can not finish secondary-confirmation for the user easily, more effectively reduce the in violation of rules and regulations situation of fee suction of terminal, reduce the user to the complaint amount of violation fee suction, the guarantee user benefit is avoided infringement.
One of ordinary skill in the art will appreciate that all or part of flow process that realizes in above-described embodiment method, to come the relevant hardware of instruction to finish by computer program, described program can be stored in the computer read/write memory medium, this program can comprise the flow process such as the embodiment of above-mentioned each side method when carrying out.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
Above disclosed only is preferred embodiment of the present invention, certainly can not limit with this interest field of the present invention, one of ordinary skill in the art will appreciate that all or part of flow process that realizes above-described embodiment, and according to the equivalent variations that claim of the present invention is done, still belong to the scope that invention is contained.
Claims (21)
1. the built-in behavior processing method of violation terminal is characterized in that, comprising:
The whole users' of capturing service management platform user behaviors log data;
Extract described user uplink and use professional daily record data;
Press user terminal number and calculate the each up frequency of this user terminal number every day, and judge that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual;
Judge that whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user;
Subscription authentication control is carried out in the operation of described abnormal user program request SP business.
2. method according to claim 1 is characterized in that, the step of the operation of described abnormal user program request SP business being carried out subscription authentication control comprises:
Described abnormal user is carried out the groups of users authentication, determine the groups of users that it is affiliated;
Adopt the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described abnormal user program request is carried out authentication control.
3. method according to claim 2 is characterized in that, described abnormal user is carried out the groups of users authentication, determines the step of the groups of users that it is affiliated, specifically comprises:
To the complaint amount of in violation of rules and regulations charge or complaint frequency, determine the groups of users that described abnormal user is affiliated according to described abnormal user.
4. method according to claim 3, it is characterized in that, described groups of users comprises high sensitive groups of users and low sensitivity groups of users, wherein, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the first user who sets the number condition to belong to the high sensitive groups of users, to the complaint amount of in violation of rules and regulations charge or complain frequency to reach the second user who sets the number condition to belong to the low sensitivity groups of users.
5. method according to claim 4 is characterized in that, the respective user group secondary-confirmation strategy that described high sensitive groups of users is set is: random code secondary-confirmation or challenge secondary-confirmation;
The respective user group secondary-confirmation strategy that described low sensitivity groups of users is set is: the simple problem secondary-confirmation.
6. the built-in behavior processing method of violation terminal is characterized in that, comprising:
The whole users' of capturing service management platform user behaviors log data;
Extract described user uplink and use professional daily record data;
Press user terminal number and calculate the each up frequency of this user terminal number every day, and judge that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual;
Judge that whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user;
Extract the SP service lists of the up access of described abnormal user success in some cycles;
Successfully go up accordingly row index by the business statistics in the described service lists;
Judge whether the described row index of successfully going up surpasses the setting number, in this way, judge that then this business is that unusual SP is professional;
Service authentication control is carried out in the operation of the described unusual SP business of user's program request.
7. method according to claim 6 is characterized in that, described successfully go up row index comprise abnormal user number, abnormal user successfully go up in the up accounting of line number and abnormal user success any one or multiple.
8. method according to claim 6 is characterized in that, the step of the operation of the described unusual SP business of user's program request being carried out service authentication control comprises:
Described unusual SP business is carried out service group's authentication, determine its affiliated service group;
Adopt corresponding service group of the service group secondary-confirmation strategy of determining that described SP business is carried out authentication control.
9. method according to claim 8 is characterized in that, if unusual SP is professional, then described SP business is carried out service group's authentication, determines the step of its affiliated service group, specifically comprises:
According to the professional in violation of rules and regulations difference of the order of severity of described unusual SP, determine the service group that described SP abnormal traffic is affiliated.
10. method according to claim 9, it is characterized in that, described service group comprises height violation degree service group, middle violation degree service group and low violation degree service group, wherein, the unusual number of times of frequency of occurrence reaches the 3rd SP business of setting the number condition and belongs to height violation degree service group, the unusual number of times of frequency of occurrence reaches the 4th SP business of setting the number condition and belongs to middle violation degree service group, and the unusual number of times of frequency of occurrence reaches the 5th SP business of setting the number condition and belongs to low violation degree service group.
11. method according to claim 10 is characterized in that:
The corresponding service group secondary-confirmation strategy that described high violation degree service group sets is: the secondary-confirmation rule is the equal secondary-confirmation of each program request, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation;
The corresponding service group secondary-confirmation strategy that described middle violation degree service group sets is: the secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is challenge secondary-confirmation or random code secondary-confirmation;
The corresponding service group secondary-confirmation strategy that described low violation degree service group sets is: the secondary-confirmation rule is program request secondary-confirmation first, and the secondary-confirmation pattern is the simple problem secondary-confirmation.
12. the built-in behavior processing unit of violation terminal is characterized in that, comprising:
Collecting unit is for the whole users' of capturing service management platform user behaviors log data;
The first extracting unit is used for extracting described user uplink and uses professional daily record data;
The first statistic unit is used for press user terminal number and calculates the each up frequency of this user terminal number every day, and judges that the described frequency whether in predefined number range, in this way, then counts 1 frequency unusual;
The first judging unit is used for judging whether the unusual number of times of the frequency of this user terminal number in some cycles surpasses the setting number, in this way, then is judged to be abnormal user;
The subscription authentication control unit is used for subscription authentication control is carried out in the operation of described abnormal user program request SP business.
13. device as claimed in claim 12 is characterized in that, described subscription authentication control unit further comprises:
The first determining unit is used for described user is carried out the groups of users authentication, determines the groups of users that it is affiliated;
The first control unit is used for adopting the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described user's program request is carried out authentication control.
14. device as claimed in claim 12 is characterized in that, described device further comprises:
The second extracting unit is for the SP service lists that extracts the up access of described abnormal user success in some cycles;
The second statistic unit is used for successfully going up accordingly row index by the business statistics of described service lists;
The second judging unit is used for judging whether the described row index of successfully going up surpasses the setting number, in this way, then is judged to be unusual SP professional;
The service authentication control unit is used for service authentication control is carried out in the operation of the described unusual SP business of user's program request.
15. device as claimed in claim 14 is characterized in that, described service authentication control unit advances
One step comprised:
The second determining unit is used for described unusual SP business is carried out service group's authentication, determines the service group that it is affiliated;
The second control unit is used for adopting corresponding service group of the service group secondary-confirmation strategy of determining that the SP business of described user's program request is carried out authentication control.
16. the built-in behavior treatment system of violation terminal is characterized in that described system comprises audit system and Business Management Platform;
Described audit system is used for checking that terminal suspicion exists the abnormal user of in violation of rules and regulations built-in behavior professional with unusual SP on the Business Management Platform, and according to pre-conditioned, described abnormal user is divided into different groups of users and service group with unusual SP business, and sets different groups of users secondary-confirmation strategy and service group's secondary-confirmation strategy for different groups of users with service group;
Described Business Management Platform is used for after receiving the SP service request of user's program request, when judging described user for abnormal user, carries out the groups of users authentication, then adopts corresponding groups of users secondary-confirmation strategy that the SP business of user's program request is carried out authentication control; After perhaps receiving the SP service request of user's program request, judge that described user is not abnormal user, when the SP business of judging again described program request is unusual SP business, carry out service group's authentication, then adopt corresponding service group secondary-confirmation strategy that the SP business of user's program request is carried out authentication control.
17. system as claimed in claim 16 is characterized in that, described audit system comprises:
Collecting unit is for capturing service management platform user's user behaviors log data;
Extracting unit is used for extracting user uplink and uses professional daily record data;
Statistical analysis unit is used for adding up respectively the unusual number of times of its frequency every day by user terminal number, determines abnormal user, and according to pre-conditioned, lists it in different groups of users; And described abnormal user up used professional daily record data, and add up respectively it according to the SP business and successfully go up row index, determine unusual SP business, and according to pre-conditioned, list described unusual SP business in different service group;
Dispensing unit is used for setting different groups of users secondary-confirmation strategy and service group's secondary-confirmation strategy for different groups of users with service group.
18. system as claimed in claim 16 is characterized in that, described Business Management Platform comprises:
The subscription authentication module, be used for judging whether the user of program request SP business is abnormal user, abnormal user is then judged the groups of users that it is affiliated in this way, and adopts the corresponding groups of users secondary-confirmation of the groups of users strategy of determining that the SP business of described user's program request is carried out authentication;
The service authentication module, be used for judging whether the SP business of user's program request is that unusual SP is professional, unusual SP is professional in this way, then further judges the service group that it is affiliated, and adopts corresponding service group of the service group secondary-confirmation strategy of determining that the SP business of described user's program request is carried out authentication.
19. system as claimed in claim 18 is characterized in that, described subscription authentication module comprises:
Judging unit is used for judging whether the user of program request SP business is abnormal user;
Search the unit, be used for searching the affiliated groups of users of abnormal user that described judging unit is judged;
Authenticating unit is used for adopting and describedly searches groups of users secondary-confirmation strategy corresponding to groups of users that the unit finds the SP business of described user's program request is carried out authentication.
20. system as claimed in claim 18 is characterized in that, described service authentication module comprises:
Judging unit, whether for the SP business of judging user's program request is that unusual SP is professional;
Search the unit, be used for searching the affiliated service group of abnormal traffic that described judging unit is judged;
Authenticating unit is used for adopting and describedly searches service group's secondary-confirmation strategy corresponding to service group that the unit finds the SP business of described user's program request is carried out authentication.
21. system as claimed in claim 18, it is characterized in that, described Business Management Platform is for different groups of users secondary-confirmation strategies and service group's secondary-confirmation strategy, be provided with different exam pools, comprise the random code exam pool, challenge exam pool and simple problem exam pool, described exam pool also can offer described Business Management Platform by audit system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110218380.2A CN102917334B (en) | 2011-08-01 | 2011-08-01 | A kind of violation terminal built-in behavior processing method, apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110218380.2A CN102917334B (en) | 2011-08-01 | 2011-08-01 | A kind of violation terminal built-in behavior processing method, apparatus and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102917334A true CN102917334A (en) | 2013-02-06 |
| CN102917334B CN102917334B (en) | 2018-02-23 |
Family
ID=47615531
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110218380.2A Active CN102917334B (en) | 2011-08-01 | 2011-08-01 | A kind of violation terminal built-in behavior processing method, apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102917334B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104519469A (en) * | 2013-10-08 | 2015-04-15 | 华为技术有限公司 | SMS (short message service) charging behavior detection method, device and terminal |
| CN105550348A (en) * | 2015-12-25 | 2016-05-04 | 时趣互动(北京)科技有限公司 | Cheating user decision method and device based on on-line behavior data of user |
| CN105636076A (en) * | 2014-11-07 | 2016-06-01 | 中国移动通信集团四川有限公司 | Auditing method, device and equipment of illegal terminal built-in behavior |
| CN108668306A (en) * | 2017-03-28 | 2018-10-16 | 江苏北弓智能科技有限公司 | A kind of data collecting system built in Mobile operating system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1523923A (en) * | 2003-02-17 | 2004-08-25 | �й��ƶ�ͨ�ż��Ź�˾ | Safety authentication method of mobile terminal user identity |
| CN101203052A (en) * | 2007-12-24 | 2008-06-18 | 华为技术有限公司 | Method and apparatus for preventing malice business request |
| CN101207487A (en) * | 2006-12-21 | 2008-06-25 | 国际商业机器公司 | User authentication system and method for detecting and controlling fraudulent login behavior |
| CN102045319A (en) * | 2009-10-21 | 2011-05-04 | 中国移动通信集团山东有限公司 | Method and device for detecting SQL (Structured Query Language) injection attack |
-
2011
- 2011-08-01 CN CN201110218380.2A patent/CN102917334B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1523923A (en) * | 2003-02-17 | 2004-08-25 | �й��ƶ�ͨ�ż��Ź�˾ | Safety authentication method of mobile terminal user identity |
| CN101207487A (en) * | 2006-12-21 | 2008-06-25 | 国际商业机器公司 | User authentication system and method for detecting and controlling fraudulent login behavior |
| CN101203052A (en) * | 2007-12-24 | 2008-06-18 | 华为技术有限公司 | Method and apparatus for preventing malice business request |
| CN102045319A (en) * | 2009-10-21 | 2011-05-04 | 中国移动通信集团山东有限公司 | Method and device for detecting SQL (Structured Query Language) injection attack |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104519469A (en) * | 2013-10-08 | 2015-04-15 | 华为技术有限公司 | SMS (short message service) charging behavior detection method, device and terminal |
| CN105636076A (en) * | 2014-11-07 | 2016-06-01 | 中国移动通信集团四川有限公司 | Auditing method, device and equipment of illegal terminal built-in behavior |
| CN105636076B (en) * | 2014-11-07 | 2019-06-07 | 中国移动通信集团四川有限公司 | A kind of auditing method, device and the equipment of the behavior of violation terminal built-in |
| CN105550348A (en) * | 2015-12-25 | 2016-05-04 | 时趣互动(北京)科技有限公司 | Cheating user decision method and device based on on-line behavior data of user |
| CN108668306A (en) * | 2017-03-28 | 2018-10-16 | 江苏北弓智能科技有限公司 | A kind of data collecting system built in Mobile operating system |
| CN108668306B (en) * | 2017-03-28 | 2021-10-22 | 江苏北弓智能科技有限公司 | Data acquisition system with built-in mobile operating system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102917334B (en) | 2018-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107046470B (en) | Mobile phone internet traffic counting and displaying method and device and mobile phone | |
| CN106302534B (en) | A kind of method and system of detection and processing illegal user | |
| CN102917334A (en) | System, device and method for treatment of violation terminal built-in behaviors | |
| CN103685423A (en) | Information receiving method, device and system | |
| CN104103008A (en) | Accounting method and system based on short message | |
| CN107451819A (en) | A kind of auth method and device based on user's operation behavior feature | |
| CN106937291A (en) | Support card identification method and system | |
| CN101741974A (en) | Terminal and method for counting utilization rate of loadable module of terminal | |
| CN109685639A (en) | Loan checking method, device, equipment and computer readable storage medium | |
| CN105050068A (en) | Billing bill recording, detection, and correction method, apparatus, and bill processing system | |
| CN109559215A (en) | Business datum accounting method, device, equipment and computer readable storage medium | |
| CN110309473A (en) | Merge the anti-brush ticket method and device of identity and voting behavior monitoring | |
| Nguyen et al. | Blockroam: Blockchain-based roaming management system for future mobile networks | |
| CN109741070B (en) | Account management method and device based on network certificate | |
| CN105354787A (en) | Communication real-name system based communication money management system | |
| Nguyen et al. | Blockchain and stackelberg game model for roaming fraud prevention and profit maximization | |
| CN103326865A (en) | Network authentication method and system for making calls | |
| CN107623696A (en) | A kind of user ID authentication method and device based on user behavior feature | |
| CN108171517A (en) | A kind of method of payment, server and system | |
| CN102917352A (en) | System, device and method for treatment of violation terminal built-in behaviors | |
| CN102917335A (en) | System, device and method for treatment of violation terminal built-in behaviors | |
| CN107679383A (en) | A kind of auth method and device based on geographical position and contact pressure area | |
| CN115103063B (en) | Internet fraud identification method and device for fake customer service class | |
| CN107872491A (en) | A kind of data processing method and device | |
| CN107679865A (en) | A kind of auth method and device based on contact pressure area |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |