CN106170046A - A kind of event based on mobile device triggers implicit expression auth method - Google Patents

A kind of event based on mobile device triggers implicit expression auth method Download PDF

Info

Publication number
CN106170046A
CN106170046A CN201610844306.4A CN201610844306A CN106170046A CN 106170046 A CN106170046 A CN 106170046A CN 201610844306 A CN201610844306 A CN 201610844306A CN 106170046 A CN106170046 A CN 106170046A
Authority
CN
China
Prior art keywords
confidence level
user
trigger event
mobile device
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610844306.4A
Other languages
Chinese (zh)
Other versions
CN106170046B (en
Inventor
吴灼添
刘涛
刘轩
刘宇鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shaanxi Shang Shang Mdt Infotech Ltd
Original Assignee
Shaanxi Shang Shang Mdt Infotech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shaanxi Shang Shang Mdt Infotech Ltd filed Critical Shaanxi Shang Shang Mdt Infotech Ltd
Priority to CN201610844306.4A priority Critical patent/CN106170046B/en
Publication of CN106170046A publication Critical patent/CN106170046A/en
Application granted granted Critical
Publication of CN106170046B publication Critical patent/CN106170046B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72484User interfaces specially adapted for cordless or mobile telephones wherein functions are triggered by incoming communication events
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Human Computer Interaction (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of event based on mobile device and trigger implicit expression auth method.Its implementation is: the kind of the implicit expression trigger event of set device and the characteristic quantity of every kind of trigger event, when the triggering event occurs, equipment obtains user's confidence level by the custom of contrast active user and the custom of validated user, and user's confidence level and decision threshold by history are calculated current decision threshold, are then contrasted the legitimacy judging active user by the size of current user's confidence level and decision threshold.The present invention solves the poor efficiency identification non-legally user of existing implicit expression auth method, needs the problems such as substantial amounts of user data and learning time.

Description

A kind of event based on mobile device triggers implicit expression auth method
Technical field
The invention belongs to information security field, particularly relate to a kind of event based on mobile device and trigger implicit expression authentication Method.
Background technology
The use of current mobile device is more and more extensive.Lawless person steals the phenomenon of user profile more by mobile device Come the most universal, so occurring in that a lot of mobile device information protecting method.Existing information guard method is divided into two classes: explicit identity Checking and implicit expression authentication.When explicit authentication is every time application access equipment or user operation equipment, equipment is straight Connecing and require that active user is that oneself identity is testified, these prove may often be such that occur with the form such as password, fingerprint.And implicit expression body When part checking is every time application access equipment or user operation equipment, the identity of user is automatically sentenced by equipment on backstage Disconnected.
Existing explicit authentication arranges corresponding proof by equipment with user, such as password, fingerprint, the unlocking pattern etc. Judge whether currently used user is legal, solve, with this, the problem that user profile is stolen, but people are for the side of pursuit Just, it is often the relatively low integrated mode of protective capability password setting or the account used is logged in online for a long time, therefore show The information security capability of formula authentication is limited.
Existing implicit expression authentication, such as gait implicit expression authentication, by the walking habits of equipment record validated user, Such as leg speed, walking postures etc., compare with the walking habits of active user, whether close with the identity that this judges active user Method, prevents the information of validated user to be stolen.But gait implicit expression authentication needs substantial amounts of extras support, can cause The power consumption of equipment increases severely, and needs substantial amounts of user profile to learn, and also by environment ground surface type, ailing, negative The impact of factor such as heavily, so realistic meaning is little.
Summary of the invention
The present invention proposes a kind of trigger event based on mobile device and triggers implicit expression auth method, by triggering thing Part triggering technique and stagewise weighted moving average technology, solving existing implicit expression auth method needs a large number of users number According to, verification efficiency is low, easily by problems such as objective factor are affected.
In order to realize above-mentioned target, technical scheme is as follows:
A kind of event based on mobile device triggers implicit expression auth method, including: trigger event type, trigger event confidence Degree table, user's confidence level stream, decision threshold.
Trigger implicit expression auth method according to a kind of event based on mobile device of the present invention further, wherein touch Sending out event type is that SMS receives or sends, call passes in and out, browser browsing histories changes, WIFI accesses history and changes, When trigger event Event occurs, mobile phone carries out implicit expression authentication.
Trigger implicit expression auth method according to a kind of event based on mobile device of the present invention further, wherein touch Send out event confidence level table and represent the trusted degree of trigger event, including note statistical table, message accounting table, web page browsing statistics Table, WIFI access statistical table, and note statistical table content is: with this mobile device carry out short message communication communicating number Number, Number and this mobile device short message communication number of times, Number and this mobile device last short message communication time, Number and the last twice short message communication time difference of this mobile device, this trigger event confidence level value, value value Size represent Number and this mobile device and carry out the trusted degree of this trigger event of short message communication;In message accounting table Rong Wei: carry out communicating number Number, Number of conversing and this mobile device talk times with this mobile device、 Number and this mobile device last air time, Number and this mobile device length of conversation length、 Number is poor with this mobile device last twice air time, this trigger event confidence level value;Web page browsing is added up Table content is: webpage URL, for distinguishing webpage, this mobile device access times to URL, this mobile device is to URL Access the time for the last time, this mobile device accesses total time length to URL, twice visit last to URL of this mobile device Ask time difference, this trigger event confidence level value;WIFI accesses statistical table content: service identifier WIFI, is used for Distinguish WIFI access port, this mobile device access number of times to WIFI, the access last to WIFI of this mobile device WIFI is accessed total time length by time, this mobile device, this mobile device poor for twice turn-on time last to WIFI, this trigger event confidence level value.
Implicit expression auth method, Qi Zhongyong is triggered further according to a kind of event based on mobile device of the present invention Family confidence level stream is user confidence level score composition, and the size of score value represents the mobile phone trusted journey to current user identities Degree, after each trigger event occurs, all can produce new score and join in user's confidence level stream, and family confidence level flow point section is used In calculating the decision threshold of present segment residing for trigger event, chopping rule adds access customer confidence level stream according to user's confidence level Time sequencing, every 6 user confidence value score form one section.
Trigger implicit expression auth method according to a kind of event based on mobile device of the present invention further, wherein sentence Certainly thresholding is for judging whether active user is validated user, according to the score of the last period of present segment residing for trigger event Value, calculates decision threshold according to certain rule.
Further according to a kind of event based on mobile device of the present invention trigger implicit expression auth method, including with Lower step: initialize trigger event confidence level table and user's confidence level stream;Judge the frequency of trigger event;Carry out triggering thing Part confidence level table updates;Carry out user's confidence level stream to update;Carry out user's confidence level thresholding to calculate;Carry out identity judgement;Carry out Explicit authentication.
Implicit expression auth method, described step is triggered further according to a kind of event based on mobile device of the present invention Rapid trigger event confidence level table and the user's confidence level stream of initializing, note statistical table, message accounting table, web page browsing statistical table, WIFI accesses all list items of statistical table and is all entered as 0;Score value in user's confidence level stream is all entered as-1.
Implicit expression auth method, described step is triggered further according to a kind of event based on mobile device of the present invention The rapid frequency judging trigger event, when there being trigger eventDuring generation, whereinFor including that this trigger event exists The frequency of interior all trigger events,If,, then the data deficiencies of statistics is to support this Secondary implicit expression authentication, needs to carry out trigger event confidence level table and updates and the renewal of user's confidence level stream, then terminate implicit expression body Part checking, directly performs explicit authentication;If, then implicit expression authentication is proceeded.
Implicit expression auth method, described step is triggered further according to a kind of event based on mobile device of the present invention Suddenly carry out trigger event confidence level table to update, including:
(1) if trigger eventType is that note receives or sends, and communicating number is, in note statistical table Communicating number row are searchedIf not finding, then by communicating numberAdd note statistical table Communicating number row, correspondingly, short message communication number of timesBeing 1, the last short message communication time is current time, and record is last Twice short message communication time differenceIt is 0, calculates event confidence level value, wherein If finding, then by note statistical tableThe short message communication number of times of corresponding rowAdd 1, finally Twice short message communication time differenceSubtract the last short message communication time for current time, calculate event confidence level value, wherein
(2) if trigger eventType is call turnover, and communicating number is, leading in message accounting table Signal code row are searchedIf not finding, then by communicating numberAdd message accounting The communicating number row of table, talk timesBeing 1, the last air time is current time, length of conversation length For this duration of call, record last twice air time poorIt is 0, calculates event confidence level value, whereinIf finding, then by message accounting tableRight The talk times that should goAdding 1, the last air time is current time, length of conversation lengthFor uniting before The duration of call of meter adds up this duration of call, and last twice air time is poorWhen subtracting last call for current time Between, calculate event confidence level value, wherein
(3) if trigger eventType is that browser browsing histories changes, and webpage URL is, unite in web page browsing Webpage URL column in meter table is searchedIf not finding, then by webpageAdd web page browsing statistical table In webpage URL column, access timesBeing 1, the last access time is current time, accesses total time length Access duration for this, record last twice and access time differenceIt is 0, calculates event confidence level value, wherein;If finding, then by web page browsing statistical tableCorresponding row Access timesAdding 1, the last access time is current time, accesses total time lengthFor the visit added up before Ask duration add up this access duration, last twice access time differenceSubtract the last access time for current time, calculate Event confidence level value, wherein
(4) if trigger eventType is that WIFI accesses history change, and service identifier is, access system at WIFI Service identifier row in meter table are searchedIf not finding, then willAdd WIFI to access in statistical table Service identifier row, correspondingly, access number of timesBeing 1, last turn-on time is current time, accesses total time LengthAccess duration for this, record last twice turn-on time poorIt is 0, calculates event confidence level value, WhereinIf finding, then WIFI is accessed in statistical table The access number of times of corresponding rowAdding 1, last turn-on time is current time, accesses total time lengthFor before The access duration of statistics adds up, and this accesses duration, and last twice turn-on time is poorLast access is subtracted for current time Time, calculate event confidence level value, wherein
(5), the value row that check in trigger event confidence table, if there is the row that value is negative, then delete, and thing will be triggered Part confidence table carries out sort descending according to value value.
Further according to a kind of event based on mobile device of the present invention trigger implicit expression auth method, described in enter Row user's confidence level stream updates, including:
(1) according to trigger eventType, search corresponding table, receive if trigger event is note or sends, then Search note statistical table, if trigger event is call turnover, then searches message accounting table, browse go through if trigger event is browser History changes, then search web page browsing statistical table;Access history change if trigger event is WIFI, then search WIFI and access statistics Table;
(2) according to trigger eventEvent confidence value in corresponding table and event confidence level ranking results, entered User's confidence level of this operation of row, if this trigger eventSearch for note statistical table or message accounting table, Event confidence level value ranking isPosition, then user's confidence levelFor, event confidence level value Ranking isPosition, then user's confidence levelIt is 0, if additionally, trigger eventCorresponding communication Number mobile device is labeled as white list, then by user's confidence levelAdd 1, if this trigger eventSearch Access statistical table for web page browsing statistical table or WIFI, event confidence level ranking value is thePosition, then user Confidence levelFor, event confidence level value ranking isPosition, then user's confidence level It is 0, if trigger eventCorresponding communicating number mobile device is labeled as white list, then by user's confidence levelAdd 1;
(3) if implicit expression authentication time is spacedDuring more than the time upper limit set, update user's confidence level, wherein, u is damped coefficient, represents time interval length to user's confidence The influence degree of degree, u=0.1,For the time interval of current implicit authentication with last implicit expression authentication,Time,
(4) user's confidence level of the user carrying out current operationJoin in user's confidence level stream.
Trigger implicit expression auth method according to a kind of event based on mobile device of the present invention further, use Family confidence level thresholding calculates, including:
(1) this trigger event, is calculatedThe corresponding fragmentation value residing for user's confidence level, fragmentation value, whereinRound under for;
(2), current fragment valueUser's confidence level thresholding be, wherein,Represent the meansigma methods of the preceding paragraph user's confidence level stream,For user's confidence level thresholding of the preceding paragraph, a For weighted value, when the decision threshold of the least every section of weighted value aDiffer the least, more meet decision threshold continuous Criterion, take 0.1 here;
(3), tolerance is considered, user's confidence level thresholding is updated, obtains user's confidence level thresholding of reality.Appearance is set Mistake degree, tolerance represents equipment admissible error checking scope, is used for improving user's discrimination, fragmentation valueReality Border decision threshold
Trigger implicit expression auth method according to a kind of event based on mobile device of the present invention further, carry out body Part judgement, if this trigger eventCorresponding user's confidence level, then sentence Disconnected active user not owner, carries out showing authentication;Otherwise confirm that active user is owner, does not start explicit identity and tests Card, waits the generation of trigger event next time.
Triggering implicit expression auth method according to a kind of event based on mobile device of the present invention further, mobile phone opens Dynamic explicit authentication, it is desirable to active user shows the proof of identification appointed with mobile phone, password, fingerprint, the unlocking pattern etc., if The proof of identification that active user shows is incorrect, then prohibit the use of this mobile device, instantly during this mobile device of first use, needs Again proof of identification is shown;If the proof of identification that active user shows is correct, then active user is allowed to use this mobile device, Wait the generation of trigger event next time.
The present invention can reach following effect:
(1) the method for the invention passes through stagewise weighted moving average technology, and data stream is carried out segmentation, can be by front One piece of data calculates current user's confidence level thresholding.When the length of segmentation is shorter, need little user data and The habit time, in this embodiment it is not even necessary to, it is possible to obtain user's confidence level thresholding accurately.
(2) the method for the invention need not the real behavioural information of user, such as gait, walking path, and intonation etc. of speaking, So being not required to extra sensor to obtain the behavioural information of user, the most not by region or environment affected also without The support of other extras.
(3) the method for the invention passes through trigger event triggering technique, when there being user operation equipment, triggers certain trigger thing During part, equipment will carry out implicit expression authentication to user, if verifying as non-legally user, just starts explicit authentication, Make non-legally user cannot use mobile device, it is possible to identify non-legally user efficiently.
Accompanying drawing explanation
Fig. 1 is that a kind of trigger event based on mobile device of the present invention triggers implicit expression auth method flow process Figure;
The note statistical representation that Fig. 2 is used by the method for the invention is intended to;
The message accounting that Fig. 3 is used by the method for the invention represents intention;
The web page browsing statistical representation that Fig. 4 is used by the method for the invention is intended to;
Fig. 5 accesses statistical representation by the WIFI that the method for the invention is used and is intended to;
Fig. 6 is the user's confidence level flow diagram used in the method for the invention.
Detailed description of the invention
With reference to Fig. 1, a kind of trigger event based on mobile device of the present invention triggers implicit expression auth method tool Body step is as follows:
In order to more clearly from illustrate the detailed description of the invention of the present invention, first to the trigger event type that the present invention relates to, touch Sending out event confidence level table, user's confidence level stream, these concepts of decision threshold make necessary explanation.
Trigger event type is that SMS receives or sends, and call turnover, browser browsing histories changes, and WIFI accesses History changes.When trigger event Event occurs, mobile phone carries out implicit expression authentication.
Trigger event confidence level table represents the trusted degree of trigger event, including note statistical table, message accounting table, net Page browsing statistical table, WIFI access statistical table.With reference to Fig. 2, note statistical table content is: carry out short message communication with this mobile device Communicating number Number, Number and this mobile device short message communication number of times, Number and this mobile device last Secondary short message communication time, Number and the last twice short message communication time difference of this mobile device, this trigger event confidence The size of degree value, value value represents Number and this mobile device carries out the trusted journey of this trigger event of short message communication Degree;With reference to Fig. 3, message accounting table content is: carry out, with this mobile device, communicating number Number, Number and this shifting conversed Dynamic equipment talk times, Number and this mobile device last air time, Number converse with this mobile device Total time length, Number and this mobile device last twice air time poor, this trigger event confidence level value;With reference to Fig. 4, web page browsing statistical table content is: webpage URL, for distinguishing webpage, the access to URL of this mobile device Number of times, this mobile device access last to URL time, this mobile device to URL access total time length、 This mobile device accesses time difference last to URL twice, this trigger event confidence level value;Connect with reference to Fig. 5, WIFI Entering statistical table content is: service identifier WIFI, is used for distinguishing WIFI access port, this mobile device access number of times to WIFI, this mobile device turn-on time last to WIFI, this mobile device WIFI is accessed total time length、 This mobile device is poor for twice turn-on time last to WIFI, this trigger event confidence level value.
User's confidence level stream is user confidence level score composition, and the size of score value represents mobile phone to current user identities Trusted degree.After trigger event occurs every time, all can produce new score and join in user's confidence level stream.With reference to figure 6, user's confidence level flow point section is used for calculating the decision threshold of present segment residing for trigger event.Chopping rule is to put according to user Reliability adds the time sequencing of access customer confidence level stream, and every 6 user confidence value score form one section.
Decision threshold is for judging whether active user is validated user, previous according to present segment residing for trigger event The score value of section, calculates decision threshold according to certain rule.
The present invention sets owner as unique validated user, the amount of all about time all by hour in units of;
Step (1), initialize trigger event confidence level table and user's confidence level stream, wherein, note statistical table, message accounting table, Web page browsing statistical table, WIFI access all list items of statistical table and are all entered as 0;Score value in user's confidence level stream is all composed Value is for-1.
Step (2), when there being trigger eventDuring generation, whereinBe including this trigger event all touch The frequency of the event of sending out,.Judge the frequency of trigger event, if, then the data of statistics It is not enough to support this implicit expression authentication, needs to perform step 3 to step 4 and carry out data statistics, then terminate this hidden Formula authentication, directly performs the explicit authentication of step 7;If, perform step 3;
Step (3), according to trigger eventParticular type, carry out trigger event confidence level table update, concrete steps are such as Under:
If (3-1) trigger eventType is that note receives or sends, and communicating number is.Add up in note The communicating number row of table are searched:
If not finding, then by communicating numberAdd the communicating number row of note statistical table, accordingly Ground, short message communication number of timesBeing 1, the last short message communication time is current time, when recording last twice short message communication Between poorIt is 0, calculates event confidence level value, wherein
If finding, then by note statistical tableThe short message communication number of times of corresponding rowAdd 1, Rear twice short message communication time differenceSubtract the last short message communication time for current time, calculate event confidence level value, Wherein
If (3-2) trigger eventType is call turnover, and communicating number is.At message accounting table In communicating number row in search:
If not finding, then by communicating numberThe communicating number adding message accounting table arranges, correspondingly, Talk timesBeing 1, the last air time is current time, length of conversation lengthFor this duration of call, note Record last twice air time poorIt is 0, calculates event confidence level value, wherein
If finding, then by message accounting tableThe talk times of corresponding rowAdd 1, last The secondary air time is current time, length of conversation lengthThe duration of call for adding up before adds up this duration of call, Last twice air time is poorSubtract the last air time for current time, calculate event confidence level value, wherein
If (3-3) trigger eventType is that browser browsing histories changes, and webpage URL is.At webpage Browse the webpage URL column in statistical table to search:
If not finding, then by webpageAdd the webpage URL column in web page browsing statistical table, correspondingly, visit Ask number of timesBeing 1, the last access time is current time, accesses total time lengthDuration, note is accessed for this Record last twice and access time differenceIt is 0, calculates event confidence level value, wherein
If finding, then by web page browsing statistical tableThe access times of corresponding rowAdd 1, for the last time The access time is current time, accesses total time lengthAccess duration for adding up before adds up, and this accesses duration, Access time difference latter twiceSubtract the last access time for current time, calculate event confidence level value, wherein
If (3-4) trigger eventType is that WIFI accesses history change, and service identifier is.At WIFI Access in the service identifier row in statistical table and search:
If not finding, then willAdd the service identifier row that WIFI accesses in statistical table, correspondingly, access number of timesBeing 1, last turn-on time is current time, accesses total time lengthAccess duration for this, record Rear twice turn-on time is poorIt is 0, calculates event confidence level value, wherein
If finding, then WIFI is accessed in statistical tableThe access number of times of corresponding rowAdd 1, last Secondary turn-on time is current time, accesses total time lengthAccess duration for adding up before adds up, and this accesses duration, Last twice turn-on time is poorSubtract last turn-on time for current time, calculate event confidence level value, wherein
(3-5), the value row that check in trigger event confidence table, if there is the row that value is negative, then delete;And will Trigger event confidence table carries out sort descending according to value value.
Step (4), carry out user's confidence level stream update, specifically comprise the following steps that
(4-1), according to trigger eventType, search corresponding table.If that is, trigger event be note receive or Send, then search note statistical table;If trigger event is call turnover, then search message accounting table;If trigger event is for browsing Device browsing histories changes, then search web page browsing statistical table;Access history change if trigger event is WIFI, then search WIFI and connect Enter statistical table.
(4-2), step 3 has obtained trigger eventEvent confidence value in corresponding table and event confidence level Ranking results.According to trigger eventPrecedence in corresponding table, obtains carrying out user's confidence level of this operation:
If this trigger eventSearch for note statistical table or message accounting table, event confidence level value ranking It isPosition, then user's confidence levelFor, event confidence level value ranking is Position, then user's confidence levelIt is 0.If additionally, trigger eventCorresponding communicating number mobile device labelling For white list, then by user's confidence levelAdd 1;
If this trigger eventThat searches accesses statistical table, event confidence level for web page browsing statistical table or WIFI Ranking value isPosition, then user's confidence levelFor, event confidence level value ranking isPosition, then user's confidence levelIt is 0.If additionally, trigger eventCorresponding communicating number is moved Device flag is white list, then by user's confidence levelAdd 1.
If (4-3) implicit expression authentication time intervalDuring more than the time upper limit set, update user's confidence level, wherein, u is damped coefficient, represents time interval length to user's confidence The influence degree of degree, is 0.1 here;Between the time for current implicit authentication and last implicit expression authentication Every,Time,
(4-4), user's confidence level of the user carrying out current operationJoin in user's confidence level stream.
Step (5), value according to user's confidence level stream, carry out user's confidence level thresholding and calculate, with reference to Fig. 6, concrete steps As follows:
(5-1) this trigger event, is calculatedThe corresponding fragmentation value residing for user's confidence level, fragmentation value, its InRound under for.
(5-2), current fragment valueUser's confidence level thresholding be, wherein,Represent the meansigma methods of the preceding paragraph user's confidence level stream;User's confidence level thresholding for the preceding paragraph.a For weighted value, when the decision threshold of the least every section of weighted value aDiffer the least, more meet decision threshold continuous Criterion, take 0.1 here;
(5-3), tolerance is considered, user's confidence level thresholding is updated, obtains user's confidence level thresholding of reality.Arrange Tolerance, tolerance represents equipment admissible error checking scope, is used for improving user's discrimination, fragmentation value's Actual decision threshold
Step (6), carry out identity judgement, if this trigger eventCorresponding user's confidence level, Then judge active user not owner, perform step 7, carry out showing authentication;Otherwise confirm that active user is owner, no Start explicit authentication, wait the generation of trigger event next time.
Step (7), handset starting explicit authentication, it is desirable to active user shows the proof of identification appointed with mobile phone, Such as password, fingerprint, the unlocking pattern etc..If the proof of identification that active user shows is incorrect, then prohibit the use of this mobile device, and And, instantly during this mobile device of first use, need again to show proof of identification;If the proof of identification that active user shows is just Really, then allow active user to use this mobile device, wait the generation of trigger event next time.
Below it is only that the preferred embodiment of the present invention is described, technical scheme is not limited to This, any known deformation that those skilled in the art are made on the basis of the major technique of the present invention is conceived broadly falls into the present invention Claimed technology category, the protection domain that the present invention is concrete is as the criterion with the record of claims.

Claims (10)

1. an event based on mobile device triggers implicit expression auth method, it is characterised in that include trigger event type, Trigger event confidence level table, user's confidence level stream, decision threshold.
The most according to claim 1, event triggers implicit expression auth method, it is characterised in that described trigger event type is SMS receives or sends, call passes in and out, browser browsing histories changes, WIFI accesses history and changes, and works as trigger event When Event occurs, mobile phone carries out implicit expression authentication;
Described trigger event confidence level table represents the trusted degree of trigger event, including note statistical table, message accounting table, net Page browsing statistical table, WIFI access statistical table, and note statistical table content is: with the messenger that this mobile device carries out short message communication Code Number, Number and this mobile device short message communication number of times, Number and the last note of this mobile device lead to Letter time, Number and the last twice short message communication time difference of this mobile device, this trigger event confidence level value, The size of value value represents Number and this mobile device and carries out the trusted degree of this trigger event of short message communication, call Statistical table content is: carry out communicating number Number, Number of conversing and this mobile device talk times with this mobile device, Number and this mobile device last air time, Number and this mobile device length of conversation length、 Number is poor with this mobile device last twice air time, this trigger event confidence level value;Web page browsing is added up Table content is: webpage URL, for distinguishing webpage, this mobile device access times to URL, this mobile device is to URL Access the time for the last time, this mobile device accesses total time length to URL, twice visit last to URL of this mobile device Ask time difference, this trigger event confidence level value;WIFI accesses statistical table content: service identifier WIFI, is used for Distinguish WIFI access port, this mobile device access number of times to WIFI, the access last to WIFI of this mobile device WIFI is accessed total time length by time, this mobile device, this mobile device poor for twice turn-on time last to WIFI, this trigger event confidence level value;
Described user's confidence level stream is user confidence level score composition, and the size of score value represents mobile phone to current user identities Trusted degree, each trigger event occur after, all can produce new score and join in user's confidence level stream, family confidence Degree flow point section is for calculating the decision threshold of present segment residing for trigger event, and chopping rule is to add access customer according to user's confidence level The time sequencing of confidence level stream, every 6 user confidence value score form one section;
Described decision threshold is for judging whether active user is validated user, previous according to present segment residing for trigger event The score value of section, calculates decision threshold according to certain rule.
3. trigger implicit expression auth method, its feature according to event based on mobile device described in any one of claim 1 or 2 It is, comprises the following steps:
(1) trigger event confidence level table and user's confidence level stream are initialized;
(2) frequency of trigger event is judged;
(3) carry out trigger event confidence level table to update;
(4) carry out user's confidence level stream to update;
(5) carry out user's confidence level thresholding to calculate;
(6) identity judgement is carried out;
(7) explicit authentication is carried out.
4. trigger implicit expression auth method, its feature according to event based on mobile device described in any one of claim 1-3 It is step (1), described initialization trigger event confidence level table and user's confidence level stream, note statistical table, message accounting table, net Page browsing statistical table, WIFI access all list items of statistical table and are all entered as 0;The equal assignment of score value in user's confidence level stream For-1.
5. trigger implicit expression auth method, its feature according to event based on mobile device described in any one of claim 1-4 It is step (2), it is judged that the frequency of trigger event, when there being trigger eventDuring generation, whereinFor including this Trigger event at the frequency of interior all trigger events,If,, then the data of statistics are not Be enough to support this implicit expression authentication, need to carry out trigger event confidence level table and update and the renewal of user's confidence level stream, then Terminate implicit expression authentication, directly perform explicit authentication;If, then implicit expression authentication is proceeded.
6. trigger implicit expression auth method, its feature according to event based on mobile device described in any one of claim 1-5 Be step (3), described in carry out trigger event confidence level table update, comprise the following steps:
If (3-1) trigger eventType is that note receives or sends, and communicating number is, in note statistical table Communicating number row are searchedIf not finding, then by communicating numberAdd note statistical table Communicating number row, correspondingly, short message communication number of timesBeing 1, the last short message communication time is current time, records Rear twice short message communication time differenceIt is 0, calculates event confidence level value, wherein, If finding, then by note statistical tableThe short message communication number of times of corresponding rowAdd 1, last two Secondary short message communication time differenceSubtract the last short message communication time for current time, calculate event confidence level value, wherein
If (3-2) trigger eventType is call turnover, and communicating number is, in message accounting table Communicating number row are searchedIf not finding, then by communicating numberAdd call system The communicating number row of meter table, talk timesBeing 1, the last air time is current time, length of conversation lengthFor this duration of call, record last twice air time poorIt is 0, calculates event confidence level value, whereinIf finding, then by message accounting tableRight The talk times that should goAdding 1, the last air time is current time, length of conversation lengthFor before The duration of call of statistics adds up this duration of call, and last twice air time is poorLast call is subtracted for current time Time, calculate event confidence level value, wherein
If (3-3) trigger eventType is that browser browsing histories changes, and webpage URL is, in web page browsing Webpage URL column in statistical table is searchedIf not finding, then by webpageAdd web page browsing statistics Webpage URL column in table, access timesBeing 1, the last access time is current time, accesses total time lengthAccess duration for this, record last twice and access time differenceIt is 0, calculates event confidence level value, wherein;If finding, then by web page browsing statistical tableCorresponding row Access timesAdding 1, the last access time is current time, accesses total time lengthFor the visit added up before Ask duration add up this access duration, last twice access time differenceSubtract the last access time for current time, calculate Event confidence level value, wherein
If (3-4) trigger eventType is that WIFI accesses history change, and service identifier is, access at WIFI Service identifier row in statistical table are searchedIf not finding, then willAdd WIFI and access statistical table In service identifier row, correspondingly, access number of timesBeing 1, last turn-on time is current time, when accessing total Between lengthAccess duration for this, record last twice turn-on time poorIt is 0, calculates event confidence level Value, whereinIf finding, then WIFI is accessed in statistical tableThe access number of times of corresponding rowAdding 1, last turn-on time is current time, accesses total time lengthAccess duration for adding up before adds up, and this accesses duration, and last twice turn-on time is poorFor current time Subtract last turn-on time, calculate event confidence level value, wherein
(3-5), the value row that check in trigger event confidence table, if there is the row that value is negative, then delete, and will trigger Event confidence table carries out sort descending according to value value.
7. trigger implicit expression auth method, its feature according to event based on mobile device described in any one of claim 1-6 It is step (4), carries out user's confidence level stream and update, comprise the following steps:
(4-1) according to trigger eventType, search corresponding table, receive if trigger event is note or sends, Then search note statistical table, if trigger event is call turnover, then searches message accounting table, browse if trigger event is browser History changes, then search web page browsing statistical table;Access history change if trigger event is WIFI, then search WIFI and access statistics Table;
(4-2) according to trigger eventEvent confidence value in corresponding table and event confidence level ranking results, obtain Carry out user's confidence level of this operation, if this trigger eventSearch for note statistical table or message accounting Table, event confidence level value ranking isPosition, then user's confidence levelFor, event confidence level Value ranking isPosition, then user's confidence levelIt is 0, if additionally, trigger eventCorresponding Communicating number mobile device is labeled as white list, then by user's confidence levelAdd 1, if this trigger event That searches accesses statistical table for web page browsing statistical table or WIFI, and event confidence level ranking value is thePosition, then User's confidence levelFor, event confidence level value ranking isPosition, then user's confidence levelIt is 0, if trigger eventCorresponding communicating number mobile device is labeled as white list, then by user's confidence DegreeAdd 1;
If (4-3) implicit expression authentication time intervalDuring more than the time upper limit set, update user's confidence level, wherein, u is damped coefficient, represents time interval length to user's confidence The influence degree of degree, u=0.1,For the time interval of current implicit authentication with last implicit expression authentication,Time,
(4-4) user's confidence level of the user carrying out current operationJoin in user's confidence level stream.
8. trigger implicit expression auth method according to a kind of event based on mobile device described in any one of claim 1-7, its It is characterised by step (5), carries out user's confidence level thresholding and calculate, comprise the following steps:
(5-1) this trigger event, is calculatedThe corresponding fragmentation value residing for user's confidence level, fragmentation value, its InRound under for;
(5-2), current fragment valueUser's confidence level thresholding be, wherein,Represent the meansigma methods of the preceding paragraph user's confidence level stream,For user's confidence level thresholding of the preceding paragraph, a For weighted value, when the decision threshold of the least every section of weighted value aDiffer the least, more meet decision threshold continuous Criterion, take 0.1 here;
(5-3), tolerance is considered, user's confidence level thresholding is updated, obtains user's confidence level thresholding of reality, arrange Tolerance, tolerance represents equipment admissible error checking scope, is used for improving user's discrimination, fragmentation value's Actual decision threshold
9. trigger implicit expression auth method according to event based on mobile device described in any one of claim 1-8, it is characterised in that step Suddenly (6), identity judgement is carried out, if this trigger eventCorresponding user's confidence level , then judge active user not owner, carry out showing authentication;Otherwise confirm that active user is owner, does not start explicit body Part checking, waits the generation of trigger event next time.
10. trigger implicit expression auth method, its feature according to event based on mobile device described in any one of claim 1-9 It is step (7), handset starting explicit authentication, it is desirable to active user shows the proof of identification appointed with mobile phone, password, Fingerprint, the unlocking pattern etc., if the proof of identification that active user shows is incorrect, then prohibit the use of this mobile device, when next time When using this mobile device, need again to show proof of identification;If the proof of identification that active user shows is correct, then allow current User uses this mobile device, waits the generation of trigger event next time.
CN201610844306.4A 2016-09-23 2016-09-23 A kind of implicit auth method of mobile device-based event triggering Active CN106170046B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610844306.4A CN106170046B (en) 2016-09-23 2016-09-23 A kind of implicit auth method of mobile device-based event triggering

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610844306.4A CN106170046B (en) 2016-09-23 2016-09-23 A kind of implicit auth method of mobile device-based event triggering

Publications (2)

Publication Number Publication Date
CN106170046A true CN106170046A (en) 2016-11-30
CN106170046B CN106170046B (en) 2019-08-09

Family

ID=57377220

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610844306.4A Active CN106170046B (en) 2016-09-23 2016-09-23 A kind of implicit auth method of mobile device-based event triggering

Country Status (1)

Country Link
CN (1) CN106170046B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109040050A (en) * 2018-07-25 2018-12-18 Oppo广东移动通信有限公司 Data interactive method and Related product
CN109978170A (en) * 2019-03-05 2019-07-05 浙江邦盛科技有限公司 A kind of mobile device recognition methods based on more elements
CN114980116A (en) * 2022-05-17 2022-08-30 中移互联网有限公司 Target number identification method based on 5G message and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077356A (en) * 2013-01-11 2013-05-01 中国地质大学(武汉) Protecting and tracking method for primary information of mobile terminal based on user behavior pattern
CN104618372A (en) * 2015-02-02 2015-05-13 同济大学 Device and method for authenticating user identity based on WEB browsing habits
CN104778591A (en) * 2015-04-01 2015-07-15 北京三快在线科技有限公司 Extracting and identifying methods of feature information of abnormal behavior and devices
CN105611084A (en) * 2016-01-29 2016-05-25 中国联合网络通信集团有限公司 User fraud suspiciousness degree calculation method and suspiciousness degree calculation system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077356A (en) * 2013-01-11 2013-05-01 中国地质大学(武汉) Protecting and tracking method for primary information of mobile terminal based on user behavior pattern
CN104618372A (en) * 2015-02-02 2015-05-13 同济大学 Device and method for authenticating user identity based on WEB browsing habits
CN104778591A (en) * 2015-04-01 2015-07-15 北京三快在线科技有限公司 Extracting and identifying methods of feature information of abnormal behavior and devices
CN105611084A (en) * 2016-01-29 2016-05-25 中国联合网络通信集团有限公司 User fraud suspiciousness degree calculation method and suspiciousness degree calculation system

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109040050A (en) * 2018-07-25 2018-12-18 Oppo广东移动通信有限公司 Data interactive method and Related product
CN109040050B (en) * 2018-07-25 2021-09-14 Oppo广东移动通信有限公司 Data interaction method and related product
CN109978170A (en) * 2019-03-05 2019-07-05 浙江邦盛科技有限公司 A kind of mobile device recognition methods based on more elements
CN109978170B (en) * 2019-03-05 2020-04-28 浙江邦盛科技有限公司 Mobile equipment identification method based on multiple elements
CN114980116A (en) * 2022-05-17 2022-08-30 中移互联网有限公司 Target number identification method based on 5G message and electronic equipment
CN114980116B (en) * 2022-05-17 2023-09-19 中移互联网有限公司 Target number identification method based on 5G message and electronic equipment

Also Published As

Publication number Publication date
CN106170046B (en) 2019-08-09

Similar Documents

Publication Publication Date Title
CN107147647B (en) Webpage authorization method and device
CN110135852B (en) Riding payment method, riding payment system, payment acceptance equipment and server
CN101496427B (en) Identity verification using location over time information
CN108780475A (en) Personalized inference certification for virtually assisting
CN107277036B (en) Login validation method, verifying equipment and storage medium based on multistation point data
CN104036160B (en) A kind of Web browser method, device and browser
US8863243B1 (en) Location-based access control for portable electronic device
CN107395352A (en) Personal identification method and device based on vocal print
WO2015197008A1 (en) Biometric authentication method and terminal
US10547624B2 (en) Identity authentication method, apparatus, and system
CN103916436B (en) Information-pushing method, device, terminal and server
CN109389727A (en) Method for unlocking, system and computer readable storage medium
CN106170046A (en) A kind of event based on mobile device triggers implicit expression auth method
CN102279875A (en) Method and device for identifying phishing website
KR20070099887A (en) User terminal and authenticating apparatus used for user authentication using information of user's behavior pattern
CN103425736A (en) Web information recognition method, device and system
CN105187632B (en) Method and device for determining mobile phone number
CN109460653A (en) Verification method, verifying equipment, storage medium and the device of rule-based engine
CN110138758A (en) Mistake based on domain name vocabulary plants domain name detection method
CN105354459B (en) Information processing method and device and electronic equipment
CN107644106A (en) The internuncial method of automatic mining business, terminal device and storage medium
CN108304452A (en) Article processing method and processing device, storage medium
CN107318104A (en) Account register method, device, computer equipment and medium
CN110008667B (en) Method and device for identity verification based on subjective preference data
CN109783244A (en) Treating method and apparatus, the device for processing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant