CN106295349B - 账号被盗的风险识别方法、识别装置及防控系统 - Google Patents

账号被盗的风险识别方法、识别装置及防控系统 Download PDF

Info

Publication number
CN106295349B
CN106295349B CN201510289825.4A CN201510289825A CN106295349B CN 106295349 B CN106295349 B CN 106295349B CN 201510289825 A CN201510289825 A CN 201510289825A CN 106295349 B CN106295349 B CN 106295349B
Authority
CN
China
Prior art keywords
equipment
user
risk
operation behavior
user identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510289825.4A
Other languages
English (en)
Chinese (zh)
Other versions
CN106295349A (zh
Inventor
谭纯平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to CN201510289825.4A priority Critical patent/CN106295349B/zh
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to PCT/CN2016/080446 priority patent/WO2016192495A1/zh
Priority to EP16802418.0A priority patent/EP3306512B1/en
Priority to SG11201709594XA priority patent/SG11201709594XA/en
Priority to ES16802418T priority patent/ES2808974T3/es
Priority to PL16802418T priority patent/PL3306512T3/pl
Priority to JP2017562009A priority patent/JP6732806B2/ja
Priority to KR1020177037102A priority patent/KR102138965B1/ko
Publication of CN106295349A publication Critical patent/CN106295349A/zh
Priority to US15/816,207 priority patent/US11233812B2/en
Application granted granted Critical
Publication of CN106295349B publication Critical patent/CN106295349B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)
  • Alarm Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
CN201510289825.4A 2015-05-29 2015-05-29 账号被盗的风险识别方法、识别装置及防控系统 Active CN106295349B (zh)

Priority Applications (9)

Application Number Priority Date Filing Date Title
CN201510289825.4A CN106295349B (zh) 2015-05-29 2015-05-29 账号被盗的风险识别方法、识别装置及防控系统
EP16802418.0A EP3306512B1 (en) 2015-05-29 2016-04-28 Account theft risk identification method, identification apparatus, and prevention and control system
SG11201709594XA SG11201709594XA (en) 2015-05-29 2016-04-28 Account theft risk identification method, identification apparatus, and prevention and control system
ES16802418T ES2808974T3 (es) 2015-05-29 2016-04-28 Procedimiento de identificación de riesgo de robo de cuenta, aparato de identificación y sistema de prevención y control
PCT/CN2016/080446 WO2016192495A1 (zh) 2015-05-29 2016-04-28 账号被盗的风险识别方法、识别装置及防控系统
PL16802418T PL3306512T3 (pl) 2015-05-29 2016-04-28 Sposób identyfikacji ryzyka kradzieży konta, urządzenie do identyfikacji oraz system zapobiegania i kontroli
JP2017562009A JP6732806B2 (ja) 2015-05-29 2016-04-28 アカウント盗難リスクの識別方法、識別装置、及び防止・制御システム
KR1020177037102A KR102138965B1 (ko) 2015-05-29 2016-04-28 계정 도난 위험 식별 방법, 식별 장치, 예방 및 통제 시스템
US15/816,207 US11233812B2 (en) 2015-05-29 2017-11-17 Account theft risk identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510289825.4A CN106295349B (zh) 2015-05-29 2015-05-29 账号被盗的风险识别方法、识别装置及防控系统

Publications (2)

Publication Number Publication Date
CN106295349A CN106295349A (zh) 2017-01-04
CN106295349B true CN106295349B (zh) 2020-06-05

Family

ID=57440281

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510289825.4A Active CN106295349B (zh) 2015-05-29 2015-05-29 账号被盗的风险识别方法、识别装置及防控系统

Country Status (9)

Country Link
US (1) US11233812B2 (enExample)
EP (1) EP3306512B1 (enExample)
JP (1) JP6732806B2 (enExample)
KR (1) KR102138965B1 (enExample)
CN (1) CN106295349B (enExample)
ES (1) ES2808974T3 (enExample)
PL (1) PL3306512T3 (enExample)
SG (1) SG11201709594XA (enExample)
WO (1) WO2016192495A1 (enExample)

Families Citing this family (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10917412B2 (en) * 2016-05-05 2021-02-09 Paypal, Inc. Authentication and risk assessment through header injections
US20180174136A1 (en) * 2016-12-15 2018-06-21 Parveen Bansal Alarm access override
CN108287855B (zh) * 2017-01-10 2022-11-11 阿里巴巴集团控股有限公司 基于社工库的数据识别方法及装置、界面交互装置
KR102369228B1 (ko) * 2017-05-25 2022-02-28 삼성에스디에스 주식회사 리스크 기반 인증을 위한 리스크 분석 장치 및 방법
US10764303B2 (en) * 2018-04-25 2020-09-01 Microsoft Technology Licensing, Llc Detecting unauthorized cloud access by detecting malicious velocity incidents
CN110555451B (zh) * 2018-05-31 2025-01-17 北京京东尚科信息技术有限公司 信息识别方法和装置
CN108804640B (zh) * 2018-06-05 2021-03-19 重庆小雨点小额贷款有限公司 基于最大化iv的数据分组方法、装置、储存介质及设备
CN109064175B (zh) * 2018-06-11 2022-08-12 创新先进技术有限公司 一种账户盗用风险防控方法及装置
CN108833258A (zh) * 2018-06-12 2018-11-16 广东睿江云计算股份有限公司 一种邮件服务主动发现异常的方法
CN108694547B (zh) * 2018-06-15 2021-10-29 顺丰科技有限公司 账号异常识别方法、装置、设备和储存介质
CN112508568B (zh) * 2018-08-15 2024-08-30 创新先进技术有限公司 核身产品推送及核身方法和系统
CN110839003A (zh) * 2018-08-16 2020-02-25 北京嘀嘀无限科技发展有限公司 盗号行为识别方法、装置、计算机设备和存储介质
CN109257356B (zh) * 2018-09-26 2020-12-25 杭州安恒信息技术股份有限公司 互联网账号风险评估方法及系统
CN109165514B (zh) * 2018-10-16 2019-08-09 北京芯盾时代科技有限公司 一种风险检测方法
CN110033151B (zh) * 2018-11-09 2024-01-19 创新先进技术有限公司 关系风险评价方法、装置、电子设备及计算机存储介质
CN109753772A (zh) * 2018-11-29 2019-05-14 武汉极意网络科技有限公司 一种账户安全验证方法及系统
CN109660529B (zh) * 2018-12-06 2021-10-26 深圳蓝贝科技有限公司 用于售卖机的安全风控方法、装置、售卖机和系统
CN111292085B (zh) * 2018-12-10 2023-06-30 北京嘀嘀无限科技发展有限公司 交易风险评估的方法、装置、设备及计算机可读存储介质
CN111753266B (zh) * 2019-03-29 2024-11-15 阿里巴巴(上海)有限公司 用户认证方法、多媒体内容的推送方法及装置
CN111950829B (zh) * 2019-05-17 2024-06-04 泰康保险集团股份有限公司 风险对象定位方法、装置、计算机存储介质和电子设备
CN110276178B (zh) * 2019-05-28 2023-04-28 创新先进技术有限公司 一种基于身份验证的风险控制方法、装置及设备
CN110414985A (zh) * 2019-06-12 2019-11-05 阿里巴巴集团控股有限公司 一种异常账户的检测方法及装置
CN110335045A (zh) * 2019-07-01 2019-10-15 阿里巴巴集团控股有限公司 异地风险判定方法和装置
CN110351267B (zh) * 2019-07-04 2021-12-03 微梦创科网络科技(中国)有限公司 一种社交媒体账号被盗的确定方法及装置
CN110399925B (zh) * 2019-07-26 2023-09-19 腾讯科技(武汉)有限公司 账号的风险识别方法、装置及存储介质
CN110570188A (zh) * 2019-08-15 2019-12-13 阿里巴巴集团控股有限公司 用于处理交易请求的方法和系统
CN112449371B (zh) * 2019-08-30 2023-08-15 中国移动通信集团广东有限公司 一种无线路由器的性能评测方法及电子设备
CN110851881B (zh) * 2019-10-31 2023-07-04 成都欧珀通信科技有限公司 终端设备的安全检测方法及装置、电子设备及存储介质
CN111242770B (zh) * 2020-01-08 2023-04-07 贵阳货车帮科技有限公司 风险设备识别方法、装置、电子设备及可读存储介质
CN111343173B (zh) * 2020-02-21 2022-08-26 腾讯云计算(北京)有限责任公司 数据访问的异常监测方法及装置
CN111507377B (zh) * 2020-03-24 2023-08-11 微梦创科网络科技(中国)有限公司 一种养号帐号批量识别方法及装置
US20210397903A1 (en) * 2020-06-18 2021-12-23 Zoho Corporation Private Limited Machine learning powered user and entity behavior analysis
CN111985769B (zh) * 2020-07-07 2024-03-22 国网电动汽车服务有限公司 一种车桩身份快速识别风险控制方法和系统
CN113938692B (zh) * 2020-07-13 2024-02-09 广州壹点通网络科技有限公司 一种视频直播的风险控制方法及装置
CN111861240A (zh) * 2020-07-27 2020-10-30 深圳前海微众银行股份有限公司 可疑用户识别方法、装置、设备及可读存储介质
CN112434214A (zh) * 2020-11-03 2021-03-02 中国南方电网有限责任公司 一种基于Redis的操作事件的推送方法
CN112566098A (zh) * 2020-11-27 2021-03-26 中国联合网络通信集团有限公司 识别信息的验证方法和服务器
WO2022133632A1 (en) * 2020-12-21 2022-06-30 Beijing Didi Infinity Technology And Development Co., Ltd. Systems and methods for identity risk assessment
CN113239331B (zh) * 2021-04-16 2021-12-07 广州趣米网络科技有限公司 一种基于大数据的风险账号防入侵识别方法及系统
CN116701914B (zh) * 2023-06-21 2024-07-05 广东星云开物科技股份有限公司 一种硬件设备异常使用识别方法、装置、存储装置及系统
CN118382089B (zh) * 2024-06-24 2024-09-06 济南杰睿信息科技有限公司 一种无线信号保密通讯的检查方法及系统

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103024744A (zh) * 2012-12-24 2013-04-03 百度在线网络技术(北京)有限公司 移动终端的身份验证的方法和系统

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040068518A1 (en) * 2002-10-03 2004-04-08 International Business Machines Corporation Layered virtual identity system and method
US7272728B2 (en) * 2004-06-14 2007-09-18 Iovation, Inc. Network security and fraud detection system and method
CN100428719C (zh) * 2006-01-23 2008-10-22 北京交通大学 一种基于身份与位置分离的互联网接入方法
CN100497450C (zh) * 2006-06-11 2009-06-10 上海三泰橡胶制品有限公司 硅橡胶开孔海绵
US8295898B2 (en) * 2008-07-22 2012-10-23 Bank Of America Corporation Location based authentication of mobile device transactions
US8588744B2 (en) * 2008-11-26 2013-11-19 Ringcentral, Inc. Fraud prevention techniques
CN102200987A (zh) * 2011-01-27 2011-09-28 北京开心人信息技术有限公司 一种基于用户账号行为分析的查找马甲账号的方法及系统
CN102325062A (zh) * 2011-09-20 2012-01-18 北京神州绿盟信息安全科技股份有限公司 异常登录检测方法及装置
CN103297444A (zh) * 2012-02-23 2013-09-11 王正伟 身份解析方法和装置
US9298890B2 (en) * 2012-03-20 2016-03-29 Facebook, Inc. Preventing unauthorized account access using compromised login credentials
US8904496B1 (en) * 2012-03-30 2014-12-02 Emc Corporation Authentication based on a current location of a communications device associated with an entity
CN103457923A (zh) 2012-06-05 2013-12-18 阿里巴巴集团控股有限公司 异地登录的控制方法、装置及系统
CN103581355A (zh) * 2012-08-02 2014-02-12 北京千橡网景科技发展有限公司 用户行为异常处理方法和设备
CN103023718B (zh) 2012-11-29 2015-12-23 北京奇虎科技有限公司 一种用户登录监测设备和方法
CN103001826B (zh) 2012-11-29 2015-09-30 北京奇虎科技有限公司 用于监测用户登录的设备和方法
CN103532797B (zh) 2013-11-06 2017-07-04 网之易信息技术(北京)有限公司 一种用户登录异常监测方法和装置
CN104144419B (zh) * 2014-01-24 2017-05-24 腾讯科技(深圳)有限公司 一种身份验证的方法、装置及系统
US20150310434A1 (en) * 2014-04-29 2015-10-29 Dennis Takchi Cheung Systems and methods for implementing authentication based on location history
US10142308B1 (en) * 2014-06-30 2018-11-27 EMC IP Holding Company LLC User authentication
US9858575B2 (en) * 2014-12-16 2018-01-02 At&T Mobility Ii Llc Fraud detection via mobile device location tracking
CN104601547A (zh) 2014-12-22 2015-05-06 新浪网技术(中国)有限公司 一种非法操作的识别方法及装置
CN104618919B (zh) * 2015-01-05 2018-02-06 重庆邮电大学 传感器网络传感节点标识符解析一致性测试方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103024744A (zh) * 2012-12-24 2013-04-03 百度在线网络技术(北京)有限公司 移动终端的身份验证的方法和系统

Also Published As

Publication number Publication date
JP2018519586A (ja) 2018-07-19
EP3306512A1 (en) 2018-04-11
US20180077192A1 (en) 2018-03-15
KR102138965B1 (ko) 2020-07-29
SG11201709594XA (en) 2017-12-28
WO2016192495A1 (zh) 2016-12-08
EP3306512B1 (en) 2020-06-03
JP6732806B2 (ja) 2020-07-29
PL3306512T3 (pl) 2021-02-08
ES2808974T3 (es) 2021-03-02
EP3306512A4 (en) 2018-12-12
KR20180013998A (ko) 2018-02-07
US11233812B2 (en) 2022-01-25
CN106295349A (zh) 2017-01-04

Similar Documents

Publication Publication Date Title
CN106295349B (zh) 账号被盗的风险识别方法、识别装置及防控系统
US20240037225A1 (en) Systems and methods for detecting resources responsible for events
CN104519032B (zh) 一种互联网账号的安全策略及系统
CN114389871B (zh) 一种账号异常登录自动分析方法和装置
US20140201048A1 (en) Method and apparatus of identifying a website user
CN107911396A (zh) 登录异常检测方法和系统
CN108989150A (zh) 一种登录异常检测方法及装置
CN104836781A (zh) 区分访问用户身份的方法及装置
CN118200190B (zh) 基于人工智能的网络性能监控与维护方法、系统及介质
KR20160087187A (ko) 사이버 블랙박스 시스템 및 그 방법
CN109242658B (zh) 可疑交易报告生成方法、系统、计算机设备和存储介质
CN110049028A (zh) 监控域控管理员的方法、装置、计算机设备及存储介质
CN116342276A (zh) 异常对象的确定方法、装置和服务器
US20130325696A1 (en) Calculating a misconduct prediction value
CN111861733B (zh) 基于地址模糊匹配的欺诈防控系统及方法
CN119603029A (zh) 一种基于指纹的网络攻击行为检测方法、计算机设备
CN114297712B (zh) 基于数据流转全流程审计的数据防攻击方法及装置
KR102774196B1 (ko) 부동산 전월세 안전진단 시스템 및 방법
CN115409424A (zh) 一种基于平台业务场景的风险确定方法及装置
CN119496640B (zh) 一种票务平台网络安全的数据检测处理方法及系统
CN119128994B (zh) 一种基于SaaS系统的敏感数据保护方法、系统和介质
CN119922014B (zh) 一种基于多维特征数据分析的私有云安全管理方法
CN116823485A (zh) 风险账号的检测方法、装置和服务器
CN107508789B (zh) 一种异常数据的识别方法和装置
CN116563003A (zh) 账户异常试探风险的检测方法、装置和服务器

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200922

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20200922

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Patentee before: Alibaba Group Holding Ltd.

TR01 Transfer of patent right