CN104184747A - Access cheating recognition method and device - Google Patents
Access cheating recognition method and device Download PDFInfo
- Publication number
- CN104184747A CN104184747A CN201410466833.7A CN201410466833A CN104184747A CN 104184747 A CN104184747 A CN 104184747A CN 201410466833 A CN201410466833 A CN 201410466833A CN 104184747 A CN104184747 A CN 104184747A
- Authority
- CN
- China
- Prior art keywords
- identity information
- signature
- call
- entrained
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an access cheating recognition method and device. The access cheating recognition method includes the steps of adding a signature to identity information to obtain the identity information carrying the signature after the identity information carried in the first access of a client side is received, wherein the identity information stores data used for representing the identity of the client side; sending the identity information carrying the signature to the client side; after identity information carried in the second access of the client side is received, judging whether the received identity information carried in the second access is the same as the identity information carrying the signature or not; if the received identity information carried in the second access is different from the identity information carrying the signature, determining that the second access is access cheating. By means of the access cheating recognition method and device, the problem that independent user statistics is not accurate as the identity information of the client side is changed in the prior art is solved, and the effect of improving the independent user statistics accuracy is achieved.
Description
Technical field
The present invention relates to internet arena, in particular to a kind of recognition methods and device of accessing cheating.
Background technology
Advertisement isolated user is added up based on cookie at present, when client request access advertisement for the first time, by browser, this client identity information is stored in cookie, at browser, send after the request of access advertisement, server receives the cookie of browser and relatively determines whether same user's interbehavior with historical cookie, same user's repeatedly access is only considered as an isolated user, thereby has reached the object of the statistics of advertisement isolated user.
But, cookie is the file that is stored in client, anyone can regenerate new cookie, change is the identity information of the client of storage wherein, send to server to forge a new identity cookie regenerating, the quantity that makes server increase isolated user of mistake when statistics advertisement isolated user, causes statistics inaccurate.
Identity information for client in correlation technique is modified the not statistical uncertainty true problem that causes isolated user, not yet proposes at present effective solution.
Summary of the invention
Main purpose of the present invention is to provide a kind of recognition methods and device of accessing cheating, to solve the identity information of client, is modified the not statistical uncertainty true problem that causes isolated user.
To achieve these goals, according to an aspect of the present invention, provide a kind of recognition methods of accessing cheating.According to the recognition methods of access of the present invention cheating, comprise: receiving the accessing for the first time after entrained identity information of client, described identity information is added to signature, obtain carrying the identity information of signature, wherein, in described identity information, store for characterizing the data of the identity of described client; Described in sending to described client, carry the identity information of signature; After the entrained identity information of the back-call that receives described client, whether judgement receives the entrained identity information of described back-call identical with the described identity information that carries signature; And if the entrained identity information of the described back-call receiving from described in to carry the identity information of signature different, determine that described back-call is for access cheating.
Further, after the entrained identity information of the back-call that receives described client, judgement receive the entrained identity information of described back-call whether with described identical the comprising of identity information that carries signature: judge whether the entrained identity information of described back-call has described signature; If the entrained identity information of described back-call does not have described signature, determine the entrained identity information of described back-call from described in to carry the identity information of signature different; If the entrained identity information of described back-call has described signature, verify that whether described signature is correct, wherein, when verifying described signature when incorrect, determine that described back-call is described access cheating.
Further, access for the first time after entrained identity information receiving client, described identity information is added to signature to be comprised: access for the first time after entrained identity information receiving client, generate random number, and described random number is added in described identity information; After receiving the entrained identity information of described client back-call, judgement receive the entrained identity information of described back-call whether with described identical the comprising of identity information that carries signature: verify that whether described signature correct; After definite described signature is correct, judge that whether the random number in the entrained identity information of described back-call is identical with the described random number generating; If the random number in the entrained identity information of described back-call is identical with the described random number of generation, determine that described back-call is repeated accesses; And if the random number in the entrained identity information of described back-call is different from the described random number of generation, determine that described back-call is for access cheating.
Further, verify whether described signature correctly comprises: the identity information entrained to described back-call generates certifying signature; Whether more described certifying signature is consistent with described signature; If described certifying signature is consistent with described signature, determine that described signature is correct; And if described certifying signature and described signature inconsistent, determine described signature mistake.
Further, in adding described random number to described identity information after, before described identity information is added to signature, described method also comprises: to being added with the identity information of described random number, be encrypted.
To achieve these goals, according to a further aspect in the invention, provide a kind of recognition device of accessing cheating.According to the recognition device of access cheating of the present invention, comprise: adding device, for receiving the accessing for the first time after entrained identity information of client, described identity information is added to signature, obtain carrying the identity information of signature, wherein, in described identity information, store for characterizing the data of the identity of described client; Transmitting element, for the identity information to carrying signature described in described client transmission; Judging unit, after the entrained identity information of the back-call receiving described client, whether judgement receives the entrained identity information of described back-call identical with the described identity information that carries signature; And determining unit, for the entrained identity information of the described back-call receiving from described in carry the identity information of signature when different, determine that described back-call is for access cheating.
Further, described judging unit comprises: the first judge module, for judging whether the entrained identity information of described back-call has described signature; The first determination module, for when the entrained identity information of described back-call does not have described signature, determine the entrained identity information of described back-call from described in to carry the identity information of signature different; Authentication module, for when the entrained identity information of described back-call has described signature, verifies that whether described signature is correct, wherein, when verifying described signature when incorrect, determines that described back-call is described access cheating.
Further, described adding device comprises: generation module, for accessing for the first time after entrained identity information receiving client, generates random number, and described random number is added in described identity information; Described judging unit comprises: authentication module, and whether correct for verifying described signature; The second judge module, for after definite described signature is correct, judges that whether the random number in the entrained identity information of described back-call is identical with the described random number generating; The second determination module, when identical for the described random number of the random number at the entrained identity information of described back-call and generation, determines that described back-call is repeated accesses; And the 3rd determination module, when different for the described random number of the random number at the entrained identity information of described back-call and generation, determine that described back-call is for access cheating.
Further, described authentication module comprises: generate submodule, for the entrained identity information of described back-call is generated to certifying signature; Whether comparison sub-module is consistent with described signature for more described certifying signature; First determines submodule, for when described certifying signature is consistent with described signature, determines that described signature is correct; And second determine submodule, for when inconsistent, determining described signature mistake at described certifying signature and described signature.
Further, described device also comprises: ciphering unit, for after adding described random number to described identity information, before described identity information is added to signature, is encrypted being added with the identity information of described random number.
By the present invention, after receiving the entrained identity information of client the first access, to client, send the identity information that carries signature, because client is not known the content of signature algorithm and identity information, therefore cannot forge the identity information that carries signature, when client is initiated to access again, entrained identity information should be the identity information that carries signature that client sends, so by judging the entrained identity information of back-call and sending to the identity information that carries signature of client whether identical, just can judge back-call and whether access cheating, when the entrained identity information of the back-call receiving is different from the identity information that carries signature, determine that back-call is access cheating.Pass through above-described embodiment, after receiving the access request of client, whether the access that can judge in time client is access cheating, if access cheating is just not counted in the statistics of isolated user, also with regard to having solved the identity information of client in prior art, be modified the not statistical uncertainty true problem that causes isolated user, thereby reached the effect that improves the statistical accuracy of isolated user.
Accompanying drawing explanation
The accompanying drawing that forms the application's a part is used to provide a further understanding of the present invention, and schematic description and description of the present invention is used for explaining the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is according to the flow chart of the recognition methods of the access cheating of the embodiment of the present invention;
Fig. 2 is the flow chart of accessing according to the preferred embodiment of the invention the recognition methods of cheating; And
Fig. 3 is according to the schematic diagram of the recognition device of the access cheating of the embodiment of the present invention.
Embodiment
It should be noted that, in the situation that not conflicting, embodiment and the feature in embodiment in the application can combine mutually.Describe below with reference to the accompanying drawings and in conjunction with the embodiments the present invention in detail.
In order to make those skilled in the art person understand better the present invention program, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the embodiment of a part of the present invention, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, should belong to the scope of protection of the invention.
It should be noted that, the term " first " in specification of the present invention and claims and above-mentioned accompanying drawing, " second " etc. are for distinguishing similar object, and needn't be for describing specific order or precedence.The data that should be appreciated that such use suitably can exchanged in situation, so as embodiments of the invention described herein can with except diagram here or describe those order enforcement.In addition, term " comprises " and " having " and their any distortion, intention is to cover not exclusive comprising, for example, those steps or unit that the process that has comprised series of steps or unit, method, system, product or equipment are not necessarily limited to clearly list, but can comprise clearly do not list or for these processes, method, product or equipment intrinsic other step or unit.
Explanation of nouns:
Isolated user: for isolated user, each fixing visitor only represents a unique user, no matter he accesses this website how many times.Therefore isolated user is more, illustrates that website promotion is more effective, also means that network marketing more produces effect, and is one of convictive evaluation index of tool.
Cookie: be stored in the data in subscriber's local terminal.Sometimes also use its plural form Cookies, refer to that some website is in order to characterize user identity, to carry out identity tracking and be stored in the data on local terminal, family.
Data compression: data compression refers under the prerequisite of drop-out not, reduction data volume, to reduce memory space, improves a kind of technical method of its transmission, Storage and Processing efficiency.Or according to certain algorithm, data are reorganized, reduce the redundancy of data and the space of storage.
The embodiment of the present invention provides a kind of recognition methods of accessing cheating.
Fig. 1 is according to the flow chart of the recognition methods of the access cheating of the embodiment of the present invention.As shown in Figure 1, the recognition methods of this access cheating comprises the steps:
Step S102, is receiving the accessing for the first time after entrained identity information of client, and identity information is added to signature, obtains carrying the identity information of signature, wherein, stores for characterizing the data of the identity of client in identity information.
Step S104, sends the identity information that carries signature to client.
Step S106, after the entrained identity information of the back-call that receives client, whether the entrained identity information of the back-call that receives of judgement is identical with the identity information that carries signature.
Step S108, if the entrained identity information of the back-call receiving is different from the identity information that carries signature, determines that back-call is for access cheating.
After receiving the entrained identity information of client the first access, to client, send the identity information that carries signature, because client is not known the content of signature algorithm and identity information, therefore cannot forge the identity information that carries signature, when client is initiated to access again, entrained identity information should be the identity information that carries signature that client sends, so by judging the entrained identity information of back-call and sending to the identity information that carries signature of client whether identical, just can judge back-call and whether access cheating, when the entrained identity information of the back-call receiving is different from the identity information that carries signature, determine that back-call is access cheating.Pass through above-described embodiment, after receiving the access request of client, whether the access that can judge in time client is access cheating, if access cheating is just not counted in the statistics of isolated user, also with regard to having solved the identity information of client in prior art, be modified the not statistical uncertainty true problem that causes isolated user, thereby reached the problem that improves the statistical accuracy of isolated user.
In identity information, store for characterizing the data of the identity of client, therefore, after definite back-call is not cheating, can be according to carry out the statistics of isolated user for characterizing the data of the identity of client.
Particularly, after the entrained identity information of the back-call that receives client, entrained whether identical with the identity information that carries signature the comprising of identity information of back-call that judgement receives: judge whether the entrained identity information of back-call has signature; If the entrained identity information of back-call is not signed, determine that the entrained identity information of back-call is different from the identity information that carries signature; If the entrained identity information of back-call has signature, whether certifying signature is correct, wherein, when verifying signature when incorrect, determines that back-call is access cheating.
If the entrained identity information of the back-call receiving is not signed, what the access request that client sends so may be carried is to access for the first time entrained identity information, also may be the identity information after change, but not the identity information that carries signature that sends to client, no matter be above-mentioned which kind of situation, back-call is all not counted in the statistics of isolated user.
If the entrained identity information of the back-call receiving has signature, for fear of forgery, need to judge that the signature identity in the entrained identity information of back-call is correct, incorrect if signed, determine the file of the entrained identity information of back-call for forging, back-call is not counted in the statistics of isolated user.
Particularly, receiving the accessing for the first time after entrained identity information of client, identity information is being added to signature and comprise: accessing for the first time after entrained identity information receiving client, generate random number, and random number is added in identity information; After the entrained identity information of the back-call that receives client, entrained whether identical with the identity information that carries signature the comprising of identity information of back-call that judgement receives: whether certifying signature is correct; After determining that signature is correct, judge that whether the random number in the entrained identity information of back-call is identical with the random number generating; If the random number in the entrained identity information of back-call is identical with the random number of generation, determine that back-call is repeated accesses; And if the random number in the entrained identity information of back-call is different from the random number of generation, determine that back-call is for access cheating.
When identity information is added to signature, can generate random number, and will together add former identity information to for characterizing data and the generation random number of the identity of client.The data that only have the identity that characterizes client in former identity information, and identity information is added after signature, in identity information, not only comprise the data of the identity that characterizes client, also comprise the random number of generation, and this identity information has been added signature.Before this identity information is sent to client, can compress processing to this identity information, when carrying out Internet Transmission, can save Internet resources like this.
If back-call is not access cheating, the entrained identity information of back-call receiving is the identity information that carries signature, be data, the random number that the entrained identity information of back-call comprises the identity that characterizes client, and this identity information have signature.If judge the entrained identity information of back-call, there is signature, judge that whether this signature is correct, if this signature is correct, judge that the random number in the entrained identity information of back-call is identical with the random number identity of generation, if identical, determine that this back-call is repeated accesses, be not counted in the statistics of isolated user, if different, determine that this back-call, for access cheating, is also not counted in the statistics of isolated user.
When whether the random number in judging the entrained identity information of back-call is identical with the random number generating, can call pre-stored tables of data, in this tables of data, store the data of identity and the random number of generation that characterize client, and the corresponding relation between these two.Wherein, the data that characterize the identity of client can be the IP addresses of client, logon name etc.
Further, certifying signature identity correctly comprises: the identity information entrained to back-call generates certifying signature; Whether comparatively validate signature is consistent with signature; If certifying signature is consistent with signature, determine that signature is correct; And if certifying signature is inconsistent with signature, determine signature mistake.
According to the algorithm that generates signature, the identity information entrained according to back-call generates certifying signature.If identity information is not modified, the signature generating according to identical algorithms so should be consistent with certifying signature, if it is consistent with certifying signature to judge signature, determines that signature is correct.If signature is inconsistent with certifying signature, determine signature mistake.
Particularly, in adding random number to identity information after, before identity information is added to signature, the recognition methods of the access cheating that the embodiment of the present invention provides also comprises: to being added with the identity information of random number, be encrypted.
To being added with the identity information of random number while being encrypted, can adopt symmetric cryptography or asymmetric encryption.If employing asymmetric encryption, after carrying out asymmetric encryption, client cannot be carried out the mode of large prime factorization and be deciphered, improved the fail safe of identity information, can avoid as far as possible the identity information of client to be modified, thereby avoid the identity information of client to be modified the not statistical uncertainty true problem of the isolated user causing; If employing symmetric cryptography, the identity information of encrypting also cannot be modified by client, and service end can be to decryption identity information, and the identity information that deciphering is obtained is verified, thereby judge whether identity information identity is modified, carry out avoiding in time the identity information of client to be modified the not statistical uncertainty true problem of the isolated user causing.Certainly, the present embodiment does not limit above-mentioned encryption method.
Below in conjunction with Fig. 2, the recognition methods of the access cheating of the embodiment of the present invention is described.
Step S201, determines whether to ask for the first time, if so, and execution step S202, if not, execution step S209.
Step S202, the IP of recording user.
Step S203, recording user client-side information.
Step S204, together with IP, user profile string, generates original cookie by random number.Generate random number, random number, user's IP and user's client-side information is generated to new identity information.
Step S205, carries out One-Way Encryption to original cookie, new identity information is carried out to One-Way Encryption, to avoid client to modify to new identity information.
Step S206, signs with specific calculation to the cookie after encrypting, and after being attached to, the identity information after encrypting is signed, and by signature, can judge whether the identity information receiving is what forge.
Step S207, compression is with the encryption cookie of signature.Transmission is through the identity information of overcompression, less through the file of the identity information of overcompression, reduces the loss of the transfer resource that transmission identity information brings, thereby saved transfer resource.
Step S208, is recorded as normal request.In recording the subregion of normal request, record this user's IP address, client-side information, new identity information above and random number etc.
Step S209, if user's request for the second time, obtains user's cookie.
Step S210, decompress(ion) cookie.Owing to sending to user's new identity information, be the identity information after overcompression, the identity information that client sends is also after compression, after the identity information after receiving compression, needs first compressed file to be separated to press operation so.
Step S211, obtains cookie and signature after encryption.
Step S212, is used special algorithm to generate certifying signature to the cookie after encrypting.
Step S213, whether contrast verification signature is consistent with client signature.If certifying signature is consistent with client signature, determine that request is not for the second time the access request of cheating, execution step S208; If certifying signature and client signature are inconsistent, determine that request is for the second time for cheating access, execution step S214.
Step S214, is recorded as abnormal request.The user's of recording exceptional request the information such as IP in the subregion of recording exceptional request.Be respectively and in different subregion, record normal request and abnormal request, can be so that align normal request and abnormal request is inquired about and added up.
The recognition device of the access cheating that the recognition methods of the access cheating of the embodiment of the present invention can provide by the embodiment of the present invention is carried out, the recognition methods of the access cheating that the recognition device of the access cheating of the embodiment of the present invention also can provide for the execution embodiment of the present invention.
Fig. 3 is according to the schematic diagram of the recognition device of the access cheating of the embodiment of the present invention.As shown in the figure, the recognition device of this access cheating comprises: adding device 10, transmitting element 30, judging unit 50 and determining unit 70.
Adding device 10, for receiving the accessing for the first time after entrained identity information of client, adds signature to identity information, obtains carrying the identity information of signature, wherein, stores for characterizing the data of the identity of client in identity information;
Transmitting element 30 is for sending the identity information that carries signature to client;
Judging unit 50 for the entrained identity information of the back-call receiving client after, whether with the identity information that carry signature identical in judgement if receiving the entrained identity information of back-call; And
When determining unit 70 is different from the identity information that carries signature for the entrained identity information of the back-call receiving, determine that back-call is access cheating.
After receiving the entrained identity information of client the first access, to client, send the identity information that carries signature, because client is not known the content of signature algorithm and identity information, therefore cannot forge the identity information that carries signature, when client is initiated to access again, entrained identity information should be the identity information that carries signature that client sends, so by judging the entrained identity information of back-call and sending to the identity information that carries signature of client whether identical, just can judge back-call and whether access cheating, when the entrained identity information of the back-call receiving is different from the identity information that carries signature, determine that back-call is access cheating.Pass through above-described embodiment, after receiving the access request of client, whether the access that can judge in time client is access cheating, if access cheating is just not counted in the statistics of isolated user, also with regard to having solved the identity information of client in prior art, be modified the not statistical uncertainty true problem that causes isolated user, thereby reached the problem that improves the statistical accuracy of isolated user.
In identity information, store for characterizing the data of the identity of client, therefore, after definite back-call is not cheating, can be according to carry out the statistics of isolated user for characterizing the data of the identity of client.
Particularly, judging unit comprises: the first judge module, for judging whether the entrained identity information of back-call has signature; The first determination module, for when the entrained identity information of back-call is not signed, determines that the entrained identity information of back-call is different from the identity information that carries signature; Authentication module, for when the entrained identity information of back-call has signature, whether certifying signature is correct, wherein, when verifying signature when incorrect, determines that back-call is access cheating.
If the entrained identity information of the back-call receiving is not signed, what the access request that client sends so may be carried is to access for the first time entrained identity information, also may be the identity information after change, but not the identity information that carries signature that sends to client, no matter be above-mentioned which kind of situation, back-call is all not counted in the statistics of isolated user.
If the entrained identity information of the back-call receiving has signature, for fear of forgery, need to judge that the signature identity in the entrained identity information of back-call is correct, incorrect if signed, determine the file of the entrained identity information of back-call for forging, back-call is not counted in the statistics of isolated user.
Particularly, adding device comprises: generation module, for accessing for the first time after entrained identity information receiving client, generates random number, and random number is added in identity information; Judging unit comprises: authentication module, and whether correct for certifying signature; The second judge module, for after determining that signature is correct, judges that whether the random number in the entrained identity information of back-call is identical with the random number generating; The second determination module, when identical for the random number of the random number at the entrained identity information of back-call and generation, determines that back-call is repeated accesses; And the 3rd determination module, when different for the random number of the random number at the entrained identity information of back-call and generation, determine that back-call is access cheating.
When identity information is added to signature, can generate random number, and will together add former identity information to for characterizing data and the generation random number of the identity of client.The data that only have the identity that characterizes client in former identity information, and identity information is added after signature, in identity information, not only comprise the data of the identity that characterizes client, also comprise the random number of generation, and this identity information has been added signature.Before this identity information is sent to client, can compress processing to this identity information, when carrying out Internet Transmission, can save Internet resources like this.
If back-call is not access cheating, the entrained identity information of back-call receiving is the identity information that carries signature, be data, the random number that the entrained identity information of back-call comprises the identity that characterizes client, and this identity information have signature.If judge the entrained identity information of back-call, there is signature, judge that whether this signature is correct, if this signature is correct, judge that the random number in the entrained identity information of back-call is identical with the random number identity of generation, if identical, determine that this back-call is repeated accesses, be not counted in the statistics of isolated user, if different, determine that this back-call, for access cheating, is also not counted in the statistics of isolated user.
When whether the random number in judging the entrained identity information of back-call is identical with the random number generating, can call pre-stored tables of data, in this tables of data, store the data of identity and the random number of generation that characterize client, and the corresponding relation between these two.Wherein, the data that characterize the identity of client can be the IP addresses of client, logon name etc.
Further, authentication module comprises: generate submodule, for the entrained identity information of back-call is generated to certifying signature; Whether comparison sub-module is consistent with signature for comparatively validate signature; First determines submodule, for when certifying signature is consistent with signature, determines that signature is correct; And second determine submodule, for when certifying signature and signature are inconsistent, determine signature mistake.
According to the algorithm that generates signature, the identity information entrained according to back-call generates certifying signature.If identity information is not modified, the signature generating according to identical algorithms so should be consistent with certifying signature, if it is consistent with certifying signature to judge signature, determines that signature is correct.If signature is inconsistent with certifying signature, determine signature mistake.
Particularly, the recognition device of the access cheating that the embodiment of the present invention provides also comprises: ciphering unit, for after adding random number to identity information, before identity information is added to signature, carries out folk prescription encryption to being added with the identity information of random number.
To being added with the identity information of random number while being encrypted, can adopt symmetric cryptography or asymmetric encryption.If employing asymmetric encryption, after carrying out asymmetric encryption, client cannot be carried out the mode of large prime factorization and be deciphered, improved the fail safe of identity information, can avoid as far as possible the identity information of client to be modified, thereby avoid the identity information of client to be modified the not statistical uncertainty true problem of the isolated user causing; If employing symmetric cryptography, the identity information of encrypting also cannot be modified by client, and service end can be to decryption identity information, and the identity information that deciphering is obtained is verified, thereby judge whether identity information identity is modified, carry out avoiding in time the identity information of client to be modified the not statistical uncertainty true problem of the isolated user causing.Certainly, the present embodiment does not limit above-mentioned encryption method.
If the form of SFU software functional unit of usining the integrated unit in above-described embodiment realizes and during as production marketing independently or use, can be stored in the storage medium of above-mentioned embodied on computer readable.Understanding based on such, the all or part of of the part that technical scheme of the present invention contributes to prior art in essence in other words or this technical scheme can embody with the form of software product, this computer software product is stored in storage medium, comprises that some instructions are with so that one or more computer equipment (can be personal computer, server or the network equipment etc.) is carried out all or part of step of method described in each embodiment of the present invention.
In the above embodiment of the present invention, the description of each embodiment is all emphasized particularly on different fields, in certain embodiment, there is no the part of detailed description, can be referring to the associated description of other embodiment.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (10)
1. a recognition methods of accessing cheating, is characterized in that, comprising:
Receiving the accessing for the first time after entrained identity information of client, described identity information is being added to signature, obtaining carrying the identity information of signature, wherein, in described identity information, storing for characterizing the data of the identity of described client;
Described in sending to described client, carry the identity information of signature;
After the entrained identity information of the back-call that receives described client, whether judgement receives the entrained identity information of described back-call identical with the described identity information that carries signature; And
If the entrained identity information of the described back-call receiving from described in to carry the identity information of signature different, determine that described back-call is for access cheating.
2. method according to claim 1, it is characterized in that, after the entrained identity information of the back-call that receives described client, judgement receive the entrained identity information of described back-call whether with described identical the comprising of identity information that carries signature:
Judge whether the entrained identity information of described back-call has described signature;
If the entrained identity information of described back-call does not have described signature, determine the entrained identity information of described back-call from described in to carry the identity information of signature different;
If the entrained identity information of described back-call has described signature, verify that whether described signature is correct, wherein, when verifying described signature when incorrect, determine that described back-call is described access cheating.
3. method according to claim 1, is characterized in that,
Access for the first time after entrained identity information receiving client, described identity information is added to signature to be comprised: access for the first time after entrained identity information receiving client, generate random number, and described random number is added in described identity information;
After receiving the entrained identity information of described client back-call, judgement receive the entrained identity information of described back-call whether with described identical the comprising of identity information that carries signature: verify that whether described signature correct; After definite described signature is correct, judge that whether the random number in the entrained identity information of described back-call is identical with the described random number generating; If the random number in the entrained identity information of described back-call is identical with the described random number of generation, determine that described back-call is repeated accesses; And if the random number in the entrained identity information of described back-call is different from the described random number of generation, determine that described back-call is for access cheating.
4. according to the method in claim 2 or 3, it is characterized in that verify whether described signature correctly comprises:
The identity information entrained to described back-call generates certifying signature;
Whether more described certifying signature is consistent with described signature;
If described certifying signature is consistent with described signature, determine that described signature is correct; And
If described certifying signature and described signature are inconsistent, determine described signature mistake.
5. method according to claim 3, is characterized in that, in adding described random number to described identity information after, before described identity information is added to signature, described method also comprises:
To being added with the identity information of described random number, be encrypted.
6. a recognition device of accessing cheating, is characterized in that,
Adding device, for receiving the accessing for the first time after entrained identity information of client, described identity information is added to signature, obtain carrying the identity information of signature, wherein, in described identity information, store for characterizing the data of the identity of described client;
Transmitting element, for the identity information to carrying signature described in described client transmission;
Judging unit, after the entrained identity information of the back-call receiving described client, whether judgement receives the entrained identity information of described back-call identical with the described identity information that carries signature; And
Determining unit, for the entrained identity information of the described back-call receiving from described in carry the identity information of signature when different, determine that described back-call is for access cheating.
7. device according to claim 6, is characterized in that, described judging unit comprises:
The first judge module, for judging whether the entrained identity information of described back-call has described signature;
The first determination module, for when the entrained identity information of described back-call does not have described signature, determine the entrained identity information of described back-call from described in to carry the identity information of signature different;
Authentication module, for when the entrained identity information of described back-call has described signature, verifies that whether described signature is correct, wherein, when verifying described signature when incorrect, determines that described back-call is described access cheating.
8. device according to claim 6, is characterized in that,
Described adding device comprises: generation module, for accessing for the first time after entrained identity information receiving client, generates random number, and described random number is added in described identity information;
Described judging unit comprises: authentication module, and whether correct for verifying described signature; The second judge module, for after definite described signature is correct, judges that whether the random number in the entrained identity information of described back-call is identical with the described random number generating; The second determination module, when identical for the described random number of the random number at the entrained identity information of described back-call and generation, determines that described back-call is repeated accesses; And the 3rd determination module, when different for the described random number of the random number at the entrained identity information of described back-call and generation, determine that described back-call is for access cheating.
9. according to the device described in claim 7 or 8, it is characterized in that, described authentication module comprises:
Generate submodule, for the entrained identity information of described back-call is generated to certifying signature;
Whether comparison sub-module is consistent with described signature for more described certifying signature;
First determines submodule, for when described certifying signature is consistent with described signature, determines that described signature is correct; And
Second determines submodule, for when inconsistent, determining described signature mistake at described certifying signature and described signature.
10. device according to claim 8, is characterized in that, described device also comprises:
Ciphering unit, for after adding described random number to described identity information, before described identity information is added to signature, is encrypted being added with the identity information of described random number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466833.7A CN104184747A (en) | 2014-09-12 | 2014-09-12 | Access cheating recognition method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466833.7A CN104184747A (en) | 2014-09-12 | 2014-09-12 | Access cheating recognition method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104184747A true CN104184747A (en) | 2014-12-03 |
Family
ID=51965489
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410466833.7A Pending CN104184747A (en) | 2014-09-12 | 2014-09-12 | Access cheating recognition method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104184747A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105786706A (en) * | 2016-02-26 | 2016-07-20 | 成都中云天下科技有限公司 | Anti-cheating method and device for real person testing system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7234060B1 (en) * | 2000-07-11 | 2007-06-19 | Amdur Eugene | Generation and use of digital signatures |
| CN102215228A (en) * | 2011-05-31 | 2011-10-12 | 北京亿赞普网络技术有限公司 | Web service unique user identification method based on carrier-class network platform |
| CN102289447A (en) * | 2011-06-16 | 2011-12-21 | 北京亿赞普网络技术有限公司 | Website webpage evaluation system based on communication network message |
-
2014
- 2014-09-12 CN CN201410466833.7A patent/CN104184747A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7234060B1 (en) * | 2000-07-11 | 2007-06-19 | Amdur Eugene | Generation and use of digital signatures |
| CN102215228A (en) * | 2011-05-31 | 2011-10-12 | 北京亿赞普网络技术有限公司 | Web service unique user identification method based on carrier-class network platform |
| CN102289447A (en) * | 2011-06-16 | 2011-12-21 | 北京亿赞普网络技术有限公司 | Website webpage evaluation system based on communication network message |
Non-Patent Citations (1)
| Title |
|---|
| 王鑫: "《中小企业信息化管理系统中统一认证授权平台技术的研究与实现》", 《中小企业信息化管理系统中统一认证授权平台技术的研究与实现》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105786706A (en) * | 2016-02-26 | 2016-07-20 | 成都中云天下科技有限公司 | Anti-cheating method and device for real person testing system |
| CN105786706B (en) * | 2016-02-26 | 2018-07-20 | 成都中云天下科技有限公司 | A kind of true man test system anti-cheating method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11176573B2 (en) | Authenticating users for accurate online audience measurement | |
| CN107612697B (en) | Digital certificate application method and device | |
| US9781109B2 (en) | Method, terminal device, and network device for improving information security | |
| CN107196950B (en) | Verification method, verification device and server | |
| CN112019493A (en) | Identity authentication method, identity authentication device, computer device, and medium | |
| CN104144419A (en) | Identity authentication method, device and system | |
| CN104184713A (en) | Terminal identification method, machine identification code registration method, and corresponding system and equipment | |
| CN105447715A (en) | Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party | |
| CN105450592A (en) | Safety verification method and device, server and terminal | |
| CN112199412B (en) | Payment bill processing method based on block chain and block chain bill processing system | |
| US9838401B2 (en) | Method, client terminal device and system for verifying page information | |
| CN105450641A (en) | Verification method, verification device and verification system | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
| CN104765884B (en) | A kind of fingerprint identification method of HTTPS webpages | |
| CN114024904B (en) | Access control method, device, equipment and storage medium | |
| CN107770183B (en) | Data transmission method and device | |
| CN108574658B (en) | Application login method and device | |
| CN111597060B (en) | Data calling method and device, computer equipment and storage medium | |
| CN110930193B (en) | Advertisement conversion rate evaluation method, advertisement conversion rate evaluation device, computer equipment and storage medium | |
| CN109818915B (en) | Information processing method and device, server and readable storage medium | |
| CN104184747A (en) | Access cheating recognition method and device | |
| CN115834101A (en) | Login control method, system, storage medium and electronic equipment | |
| CN104184804A (en) | Cloud storage system and system and method for downloading/providing data from cloud storage system | |
| CN114238914A (en) | Digital certificate application system, method, device, computer equipment and storage medium | |
| CN110049067B (en) | Transmission method and device of session key and computer-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141203 |