CN106529288A - Account risk identification method and device - Google Patents
Account risk identification method and device Download PDFInfo
- Publication number
- CN106529288A CN106529288A CN201611034310.0A CN201611034310A CN106529288A CN 106529288 A CN106529288 A CN 106529288A CN 201611034310 A CN201611034310 A CN 201611034310A CN 106529288 A CN106529288 A CN 106529288A
- Authority
- CN
- China
- Prior art keywords
- account number
- target account
- risk
- risk factor
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the invention discloses an account risk identification method and device. The method comprises the following steps of: obtaining the behavior data of a target account, wherein the behavior data comprises the information, the IP (Internet Protocol) address and the login or access attempting frequency of equipment which logs in or accesses the target account at present; matching the behavior data respectively with the historical behavior data of the target account and a preset abnormal operation identification strategy; and according to a matching result, determining the risk factor of the target account. The above technical scheme can be adopted to improve target account risk identification accuracy so as to guarantee the safety of the target account.
Description
Technical field
The present invention relates to field of information security technology, more particularly to a kind of account number Risk Identification Method and device.
Background technology
In recent years, growing with electronization and networking, the route of transmission of information makes rapid progress.Mobile social activity,
The Internet service such as shopping online and game has been deep into the various aspects of people's live and work.User not only can use
Same account number logs in different application platforms, and (for example, user can log in QQ clients, net game using QQ account numbers by computer
Page or the platform such as other ecommerce), while can also be conducted interviews to different application (example using different terminal units
Such as, user can also access QQ clients, game webpage or other ecommerce webpages etc. using smart mobile phone by QQ account numbers
Platform).Although same account number is largely provided just for the operation of user in the use of different platform or different terminals
Profit, but while also there is certain risk.For example, lawless person may be obtained by the approach such as fishing website or wooden horse steal-number and be used
The account at family causes the account number cipher of user to be revealed, while being likely to bring huge property loss to user.Therefore use
The safety problem of family account is particularly important.
In prior art, be generally based on the conventional login geographical position of user and the common equipment information of user with
Family carries out account number risk identification when logging in account number, and cannot process as user cookie loses and account number is directly conducted interviews
Situations such as.Therefore, identifying schemes poor reliability of the prior art to account number risk, accuracy are low.
The content of the invention
In view of this, the present invention provides a kind of account number Risk Identification Method and device, is known with solving existing account number risk
The low problem of the accuracy of other scheme.
In a first aspect, a kind of account number Risk Identification Method is embodiments provided, including:
The behavioral data of target account number is obtained, the behavioral data includes currently logging in or accessing setting for the target account number
Standby information, IP address and login access number of attempt;
By behavioral data historical behavior data and default abnormal operation recognition strategy respectively with the target account number
Matched;
The risk factor of the target account number is determined according to matching result.
Second aspect, embodiments provides a kind of account number risk identification device, including:
Data acquisition module, for obtaining the behavioral data of target account number, the behavioral data includes current login or visit
Ask facility information, IP address and the login of the target account number or access number of attempt;
Matching module, for by the behavioral data respectively with the historical behavior data of the target account number and default abnormal
Operation recognition strategy is matched;
Risk factor determining module, for determining the risk factor of the target account number according to matching result.
Account number risk identification scheme provided in an embodiment of the present invention, by the behavioral data of target account number that will get with
After the historical behavior data of target account number and default abnormal operation recognition strategy match, can be true exactly according to matching result
Make the safety issue of target account number presence, the i.e. risk factor of target account number.By adopting above-mentioned technical proposal, can be lifted
The accuracy of target account number risk identification, and then ensure the safety of target account number.
Description of the drawings
By reading the detailed description made to non-limiting example made with reference to the following drawings, other of the invention
Feature, objects and advantages will become more apparent upon:
Fig. 1 is a kind of schematic flow sheet of account number Risk Identification Method that the embodiment of the present invention one is provided;
Fig. 2 is a kind of schematic flow sheet of account number Risk Identification Method that the embodiment of the present invention two is provided;
Fig. 3 is a kind of structured flowchart of account number risk identification device that the embodiment of the present invention three is provided.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is used only for explaining the present invention, rather than limitation of the invention.It also should be noted that, in order to just
Part related to the present invention rather than full content is illustrate only in description, accompanying drawing.
It also should be noted that, for the ease of description, illustrate only in accompanying drawing part related to the present invention rather than
Full content.It should be mentioned that some exemplary embodiments are described before exemplary embodiment is discussed in greater detail
Into the process or method described as flow chart.Although operations (or step) to be described as flow chart the process of order,
Be many of which operation can by concurrently, concomitantly or while implement.Additionally, the order of operations can be by again
Arrange.The process can be terminated when its operations are completed, it is also possible to have the additional step being not included in accompanying drawing.
The process can correspond to method, function, code, subroutine, subprogram etc..
Embodiment one
Fig. 1 is a kind of schematic flow sheet of account number Risk Identification Method that the embodiment of the present invention one is provided.The present embodiment
Method can be performed by account number risk identification device, and wherein the device can be realized by software and/or hardware.As shown in figure 1, this reality
The account number Risk Identification Method for applying example offer specifically includes following steps:
Step 110, the behavioral data for obtaining target account number, the behavioral data include current login or access target account number
Facility information, IP address and login or access number of attempt.
Wherein, target account number is that, for a certain application program or a certain webpage, background server can be monitored
Complete the account number of user's registration, such as QQ account numbers, WeChat accounts, forum's account number and shopping website account number etc..
When background server monitors target account number in logged or access, got automatically login or accessed the mesh
The facility information (such as device number) of the terminal unit of mark account number.As same target account number can be logged in different equipment, therefore,
Facility information can be used as the foundation of account number risk identification.
Exemplary, when target account number is in logged or access, background server can also get target account number institute
In the IP address (Internet Protocol Address, internet protocol address) of terminal.As the IP address for passing through terminal can
The corresponding geographical position of terminal is obtained from IP geographic position datas storehouse, therefore acquired geographical location information can be used as current
Geographical location information when target account number is logged or accesses.Therefore, target account number can be detected by IP address whether to exist
Conventional geographical position is logged or accesses.
Exemplary, in preset time range, target account number is logged in or the number of attempt of access exceeds what is pre-set
Number of times, or, the number of attempt for logging in or accessing the target account number in a certain equipment or a certain IP address exceeds what is pre-set
During number of times, background server can be by the device number logon attempt of target account number or current IP address or current device or access
Activity recognition is a kind of risk behavior.Therefore log in or access number of attempt can also as account number risk identification it is main according to
According to.
Step 120, by behavioral data respectively with the historical behavior data of target account number and default abnormal operation recognition strategy
Matched.
Wherein, the historical behavior data of target account number mainly include target account number after by user's registration, User logs in or
The common equipment information and conventional IP address of access target account number.The acquisition modes of above-mentioned historical behavior data can be:Afterwards
Platform server is determined in preset time period after the facility information or IP address of statistics login or access target account number.
Wherein, preset time period can be configured in advance, for example, be preferably 6 months.It is exemplary, preset time period also dependent on
The concrete facilities real-time update at family.
Wherein, default abnormal operation may include:Target account number initiates the number of attempt for logging in or accessing in Preset Time
More than preset times threshold value, or, same equipment or same IP address in Preset Time are initiated to log in or access the target
The number of attempt of account number exceedes preset times threshold value.Wherein, preset times threshold value is in difference by a large amount of difference account numbers of statistics
In the case of operation and the empirical value that draws.It is generally preferred to initiate per hour to log in or the number of times of access request is 15 times.
It is exemplary, by behavioral data respectively with the historical behavior data of target account number and default abnormal operation recognition strategy
Matched, main including but not limited to following three kinds of situations:
1st, the facility information historical device information corresponding with target account number of current login or access target account number is carried out
Matching;For example, if the facility information of current login or access target account number is corresponding with by target account number determined by statistics
When historical device information is differed, can primarily determine that current goal account number there may be certain risk;
2nd, the IP address history IP address corresponding with target account number of current login or access target account number is matched;
Specifically, when lawless person can be logged in or be accessed to target account number by Agent IP, IP address now may be with target
The corresponding history IP address of account number is different.Therefore, current goal account number there may be certain risk;
3rd, will log in or access number of attempt and matched with preset times threshold value.Exemplary, specific embodiment can
Including as follows:If the number of times that target account number initiates logging request in Preset Time exceedes preset times threshold value, this is can be shown that
There is certain risk in account number;Same equipment can be logged in the Preset Time or access target account number number of attempt with it is pre-
If frequency threshold value compares, if exceeding preset times threshold value, can illustrate that current device may be used by lawless person, enter
And can also illustrate that current device will be logged in or the target account number that accesses there is also certain risk;Can also be by same IP address
Log in the Preset Time or access target account number number of attempt with preset times threshold value compared with, if more than preset times threshold
Value, then can illustrate that current IP address has certain risk, and then can also illustrate to initiate to log in or access under current IP address to ask
The target account number asked there is also certain risk.
For first two situation, from user perspective, using white list strategy, account number normal behaviour is acquired,
The custom of real user and behavior are to be difficult to be imitated by mechanization batch.The attacker in storehouse is hit even with a large amount of Agent IPs simultaneously
Control frequency is fleeing to abnormal capture, it is also difficult to information match such as the conventional of user, common equipments.For the 3rd
The situation of kind, from the angle of attacker, employs blacklist strategy, the characteristics of having fully taken into account when aggressive behavior occurs.
Based on the matching judgment of above-mentioned three kinds of situations, the accuracy of target account number risk identification can be effectively lifted.
It should be noted that above-mentioned three kinds of different matching ways can be judged and be determined matching result simultaneously;Also may be used
Matching result is determined after judging item by item, i.e., when behavioral data is obtained and finished needed for certain matching way, you can carry out performing this
Correlation step with mode, can effectively lift the ageing of risk identification.When above-mentioned any one situation of every appearance, target account
Number risk just deepen once.When above-mentioned three kinds of situations are all unable to successful match, the greatest risk of target account number.
Step 130, the risk factor for determining target account number according to matching result.
Wherein, risk factor is used for describing the height that target account number there is a possibility that risk, specifically can be regarded as risk
The order of severity, risk factor is higher, illustrates that the safety of target account number is lower.Exemplary, for following two situations:1、
Background server can only count the number of times that same account number is logged in preset time period and exceed preset times threshold value;2nd, backstage
Server not only counts the number of times that same account number is logged in preset time period and has exceeded preset times threshold value, while also monitoring
Mismatch to the current IP address of the account IP address conventional with which.The risk factor of second situation is substantially than the first
The risk factor of situation is high.For situation 1, it is also possible to which user gives password for change and carries out in the case where forgetting Password
Repeatedly attempt.For situation 2, then show that current account number is possible to be stolen by lawless person.Therefore, the determination of risk factor can
Improve the accuracy of account number risk identification scheme.
A kind of account number Risk Identification Method that the embodiment of the present invention one is provided, after the behavioral data for obtaining target account number,
By behavioral data is matched with the historical behavior data of target account number and default abnormal operation recognition strategy, according to matching
As a result the risk factor of target account number is can determine, the accuracy of target account number risk identification is improved, and then is ensured target account
Number safety.
Further, it is determined that the risk of target account number after the risk factor of target account number, can be determined according to risk factor
Grade, the risk class according to determined by can perform corresponding risk and process operation.Exemplary, risk class may be configured as
One risk class and the second risk class.The risk class of target account number is higher, and its safety is poorer.For different risk etc.
The corresponding risk of level processes operation may include following manner:1st, for the first risk class, can be by the way of secondary checking.Example
Such as, account number exception announcement information and identifying code can be sent to communication modes reserved during registration target account number, by inquiry
Whether the login or access request that user is currently initiated to target account number is my operation, and need to be input into corresponding identifying code with
Verified.Wherein, reserved communication modes can be phone number or mailbox for associating with target account number etc..2nd, for second
Risk class, due to the safety of now target account number it is extremely inefficient, therefore can in the form of mandatory modification password, with
Ensure the safety of target account number.It is understood that the present embodiment is not specifically limited to the quantity of risk class, for each
The risk carried out by risk class processes the particular content of operation and is also not specifically limited, and can be set according to practical situation.
Optimize herein and be advantageous in that, identify in being easy to take the account number of different degrees of risk different measures, with existing scheme
There is risk and just take the strategy of single solution for diverse problems to compare in account number, improve Consumer's Experience.
Embodiment two
Fig. 2 is a kind of schematic flow sheet of account number Risk Identification Method that the embodiment of the present invention two is provided.The present embodiment pair
Step " determining the risk factor of target account number according to matching result " in above-described embodiment is refined.With reference to Fig. 2, this
Bright embodiment specifically includes following steps:
Step 210, the behavioral data for obtaining target account number, the behavioral data include current login or access target account number
Facility information, IP address and login or access number of attempt.
Step 220, by behavioral data respectively with the historical behavior data of target account number and default abnormal operation recognition strategy
Matched.
Whether step 230, the login of identification target account number or access behavior are machine behaviors.
Exemplary, machine behavior is different from the normal behaviour of user.If user is normally stepped on to target account number
When record or access operation, with login or the submission of access request, background server can capture setting for user's used terminal
Standby number.But the login of the program of utilizing or script (machine behavior) or access cannot generate device number.Or another kind of feelings
Condition is, if cookie information when logging in target account number is stolen by attacker's (machine), and access should on an other equipment
During target account number, cookie information during access is different from cookie information when logging in.
Exemplary, recognize whether the login or access behavior of target account number is that machine behavior may include in the following manner:1、
Judge whether successfully to get device number, if it is not, then identifying that the login or access behavior of target account number is machine behavior;2nd, sentence
With the second device number obtained when target account number is accessed whether the first device number obtained when target account number is logged break
Unanimously, if inconsistent, identify that the login or access behavior of target account number is machine behavior.
Step 240, the risk factor for determining target account number according to matching result and recognition result.
Wherein, combined with matching result determined by step 220 by recognition result determined by step 230, can be entered
One step lifts the accuracy of target account number risk identification.
Exemplary, determine that according to matching result and recognition result the risk factor of target account number may include:By each
Result with operation and recognition result are weighted summation, obtain the risk factor of target account number.In the present embodiment, weighting is asked
Do not limit with the weight coefficient employed in step, risk can be affected according to its corresponding matching object or identification object
Degree determining.So arrange and be advantageous in that, by the solid marking of various dimensions, draw the specific risk system of account number
Number numerical value so that the determination of risk factor is more reasonable, and accuracy is higher.
The embodiment of the present invention two on the basis of above-described embodiment, by the behavioral data of target account number respectively with target account number
Historical behavior data and after default abnormal operation recognition strategy matched, by recognizing the login of target account number or accessing row
For whether being machine behavior, the accuracy of the risk factor for improving target account number that recognition result can be combined with matching result,
And then the safety of guarantee target account number, reach the effect for lifting Consumer's Experience.
Embodiment three
Fig. 3 is a kind of structured flowchart of account number risk identification device that the embodiment of the present invention three is provided, and the device can be by soft
Part and/or hardware are realized, are typically integrated in background server.As shown in figure 3, the device includes:Data acquisition module 310,
Matching module 320 and risk factor determining module 330.
Wherein, data acquisition module 310, for obtaining the behavioral data of target account number, the behavioral data includes currently
Log in or access facility information, IP address and the login of the target account number or access number of attempt;Matching module 320, is used for
The behavioral data is matched with the historical behavior data of the target account number and default abnormal operation recognition strategy respectively;
Risk factor determining module 330, for determining the risk factor of the target account number according to matching result.
A kind of account number risk identification device that the embodiment of the present invention three is provided, after the behavioral data for obtaining target account number,
By behavioral data is matched with the historical behavior data of target account number and default abnormal operation recognition strategy, according to matching
As a result the risk factor of target account number is can determine, the accuracy of target account number risk identification is improved, and then is ensured target account
Number safety.
On the basis of above-described embodiment, the risk factor determining module 330 includes:Machine Activity recognition unit, uses
In recognizing whether the login or access behavior of the target account number are machine behaviors;Risk factor determining unit, for basis
The risk factor of the target account number is determined with result and recognition result.
On the basis of above-described embodiment, the machine Activity recognition unit specifically for:Judge whether successfully to get
Device number, if it is not, then identify that the login or access behavior of the target account number is machine behavior;Or, judging in the target
Whether the first device number that account number is obtained when logged is consistent with the second device number obtained when the target account number is accessed,
If inconsistent, identify that the login or access behavior of the target account number is machine behavior.
On the basis of above-described embodiment, the matching module 320 specifically for:To currently log in or access the target
The facility information of account number historical device information corresponding with the target account number is matched;To currently log in or access the mesh
The IP address history IP address corresponding with the target account number of mark account number is matched;Will log in or access number of attempt with it is pre-
If frequency threshold value is matched.
On the basis of above-described embodiment, the risk factor determining unit specifically for:By the knot of each matching operation
Fruit and recognition result are weighted summation, obtain the risk factor of the target account number.
On the basis of above-described embodiment, the device also includes:Risk class determining module, for according to matching result
After the risk factor that recognition result determines the target account number, the wind of the target account number is determined according to the risk factor
Dangerous grade;Risk processing module, performs corresponding risk for risk class determined by basis and processes operation.
The account number risk identification device provided in above-described embodiment can perform the account number provided by any embodiment of the present invention
Risk Identification Method, possesses the corresponding functional module of execution method and beneficial effect.Not detailed description in the above-described embodiments
Ins and outs, can be found in the account number Risk Identification Method provided by any embodiment of the present invention.
Note, above are only presently preferred embodiments of the present invention and institute's application technology principle.It will be appreciated by those skilled in the art that
The invention is not restricted to specific embodiment described here, can carry out for a person skilled in the art various obvious changes,
Readjust and substitute without departing from protection scope of the present invention.Therefore, although the present invention is carried out by above example
It is described in further detail, but the present invention is not limited only to above example, without departing from the inventive concept, also
More other Equivalent embodiments can be included, and the scope of the present invention is determined by scope of the appended claims.
Claims (12)
1. a kind of account number Risk Identification Method, it is characterised in that include:
The behavioral data of target account number is obtained, the behavioral data includes the equipment letter for currently logging in or accessing the target account number
Breath, IP address and login access number of attempt;
The behavioral data is carried out with the historical behavior data of the target account number and default abnormal operation recognition strategy respectively
Matching;
The risk factor of the target account number is determined according to matching result.
2. method according to claim 1, it is characterised in that the wind for determining the target account number according to matching result
Dangerous coefficient, including:
Whether the login or access behavior for recognizing the target account number is machine behavior;
The risk factor of the target account number is determined according to matching result and recognition result.
3. method according to claim 2, it is characterised in that the login of the identification target account number accesses behavior
Whether it is machine behavior, including:
Judge whether successfully to get device number, if it is not, then identifying that the login or access behavior of the target account number is machine
Behavior;Or,
Judge the first device number obtained when the target account number is logged and obtain when the target account number is accessed
Whether the second device number is consistent, if inconsistent, identifies that the login or access behavior of the target account number is machine behavior.
4. method according to claim 2, it is characterised in that the behavioral data is gone through with the target account number respectively
History behavioral data and default abnormal operation recognition strategy are matched, including:
The facility information historical device information corresponding with the target account number for currently being logged in or being accessed the target account number is entered
Row matching;
The IP address history IP address corresponding with the target account number for currently being logged in or being accessed the target account number is carried out
Match somebody with somebody;
To log in or access number of attempt to be matched with preset times threshold value.
5. method according to claim 4, it is characterised in that the target account is determined according to matching result and recognition result
Number risk factor include:
The result of each matching operation and recognition result are weighted into summation, the risk factor of the target account number is obtained.
6. according to the arbitrary described method of claim 1-5, it is characterised in that determining institute according to matching result and recognition result
After stating the risk factor of target account number, also include:
The risk class of the target account number is determined according to the risk factor;
According to determined by, risk class performs corresponding risk and processes operation.
7. a kind of account number risk identification device, it is characterised in that include:
Data acquisition module, for obtaining the behavioral data of target account number, the behavioral data includes current login or access institute
State facility information, IP address and the login of target account number or access number of attempt;
Matching module, for historical behavior data and default abnormal operation by the behavioral data respectively with the target account number
Recognition strategy is matched;
Risk factor determining module, for determining the risk factor of the target account number according to matching result.
8. device according to claim 7, it is characterised in that the risk factor determining module includes:
Machine Activity recognition unit, for recognizing whether the login or access behavior of the target account number are machine behaviors;
Risk factor determining unit, for determining the risk factor of the target account number according to matching result and recognition result.
9. device according to claim 8, it is characterised in that the machine Activity recognition unit specifically for:
Judge whether successfully to get device number, if it is not, then identifying that the login or access behavior of the target account number is machine
Behavior;Or,
Judge the first device number obtained when the target account number is logged and obtain when the target account number is accessed
Whether the second device number is consistent, if inconsistent, identifies that the login or access behavior of the target account number is machine behavior.
10. device according to claim 8, it is characterised in that the matching module specifically for:
The facility information historical device information corresponding with the target account number for currently being logged in or being accessed the target account number is entered
Row matching;
The IP address history IP address corresponding with the target account number for currently being logged in or being accessed the target account number is carried out
Match somebody with somebody;
To log in or access number of attempt to be matched with preset times threshold value.
11. devices according to claim 8, it is characterised in that the risk factor determining unit specifically for:
The result of each matching operation and recognition result are weighted into summation, the risk factor of the target account number is obtained.
12. according to the arbitrary described device of claim 7-11, it is characterised in that also include:
Risk class determining module, for determined according to matching result and recognition result the target account number risk factor it
Afterwards, the risk class of the target account number is determined according to the risk factor;
Risk processing module, performs corresponding risk for risk class determined by basis and processes operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611034310.0A CN106529288A (en) | 2016-11-16 | 2016-11-16 | Account risk identification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611034310.0A CN106529288A (en) | 2016-11-16 | 2016-11-16 | Account risk identification method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106529288A true CN106529288A (en) | 2017-03-22 |
Family
ID=58356681
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611034310.0A Pending CN106529288A (en) | 2016-11-16 | 2016-11-16 | Account risk identification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106529288A (en) |
Cited By (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107257325A (en) * | 2017-05-09 | 2017-10-17 | 北京潘达互娱科技有限公司 | User profile guard method and device |
| CN108011880A (en) * | 2017-12-04 | 2018-05-08 | 郑州云海信息技术有限公司 | The management method and computer-readable recording medium monitored in cloud data system |
| CN108090332A (en) * | 2017-12-06 | 2018-05-29 | 国云科技股份有限公司 | A kind of air control method that behavioural analysis is logged in based on user |
| CN108092975A (en) * | 2017-12-07 | 2018-05-29 | 上海携程商务有限公司 | Recognition methods, system, storage medium and the electronic equipment of abnormal login |
| CN108108973A (en) * | 2017-12-01 | 2018-06-01 | 北京三快在线科技有限公司 | Business risk control method and device |
| CN108133373A (en) * | 2018-01-04 | 2018-06-08 | 交通银行股份有限公司 | Seek the method and device for the adventure account for relating to machine behavior |
| CN108521402A (en) * | 2018-03-07 | 2018-09-11 | 阿里巴巴集团控股有限公司 | A kind of method, apparatus and equipment of output label |
| CN108600209A (en) * | 2018-04-16 | 2018-09-28 | 新华三信息安全技术有限公司 | A kind of information processing method and device |
| CN108596738A (en) * | 2018-05-08 | 2018-09-28 | 新华三信息安全技术有限公司 | A kind of user behavior detection method and device |
| CN108880829A (en) * | 2018-05-16 | 2018-11-23 | 北京搜狐新动力信息技术有限公司 | A kind of payment member mall system control method and device |
| CN108924118A (en) * | 2018-06-27 | 2018-11-30 | 亚信科技(成都)有限公司 | One kind hitting library behavioral value method and system |
| CN108989150A (en) * | 2018-07-19 | 2018-12-11 | 新华三信息安全技术有限公司 | A kind of login method for detecting abnormality and device |
| CN109034661A (en) * | 2018-08-28 | 2018-12-18 | 腾讯科技(深圳)有限公司 | User identification method, device, server and storage medium |
| CN109040103A (en) * | 2018-08-27 | 2018-12-18 | 深信服科技股份有限公司 | A kind of mail account is fallen detection method, device, equipment and readable storage medium storing program for executing |
| CN109033889A (en) * | 2018-08-13 | 2018-12-18 | 杭州安恒信息技术股份有限公司 | A kind of invasive biology method, apparatus and intelligent terminal based on space-time collision |
| CN109698809A (en) * | 2017-10-20 | 2019-04-30 | 中移(苏州)软件技术有限公司 | A kind of recognition methods of account abnormal login and device |
| CN109727027A (en) * | 2018-06-01 | 2019-05-07 | 平安普惠企业管理有限公司 | Account recognition methods, device, equipment and storage medium |
| CN110213199A (en) * | 2018-02-28 | 2019-09-06 | 中国移动通信集团有限公司 | Method, device and system for monitoring database collision attack and computer storage medium |
| CN110322028A (en) * | 2018-03-29 | 2019-10-11 | 北京红马传媒文化发展有限公司 | Method for managing resource, device and electronic equipment |
| CN110390445A (en) * | 2018-04-16 | 2019-10-29 | 阿里巴巴集团控股有限公司 | The recognition methods of operational risk, device and system |
| CN110493004A (en) * | 2019-07-25 | 2019-11-22 | 东软集团股份有限公司 | Digital certificate configuration method and device, digital certificate sign and issue method and device |
| CN110493163A (en) * | 2018-05-14 | 2019-11-22 | 优酷网络技术(北京)有限公司 | The recognition methods of multimedia resource request and device |
| CN110572700A (en) * | 2019-09-19 | 2019-12-13 | 湖南快乐阳光互动娱乐传媒有限公司 | Client risk identification method and system |
| CN110958236A (en) * | 2019-11-25 | 2020-04-03 | 杭州安恒信息技术股份有限公司 | Dynamic authorization method of operation and maintenance auditing system based on risk factor insight |
| CN111062010A (en) * | 2019-11-08 | 2020-04-24 | 支付宝(杭州)信息技术有限公司 | Identity verification method, device and equipment |
| CN111083165A (en) * | 2019-12-31 | 2020-04-28 | 支付宝(杭州)信息技术有限公司 | Login interception method and system based on combined anti-collision library platform |
| CN111786936A (en) * | 2019-11-27 | 2020-10-16 | 北京沃东天骏信息技术有限公司 | Method and device for authentication |
| CN112131551A (en) * | 2020-09-25 | 2020-12-25 | 平安国际智慧城市科技股份有限公司 | Verification code verification method and device, computer equipment and readable storage medium |
| CN112565164A (en) * | 2019-09-26 | 2021-03-26 | 中国电信股份有限公司 | Dangerous IP identification method, dangerous IP identification device and computer readable storage medium |
| CN112688930A (en) * | 2020-12-18 | 2021-04-20 | 深圳前海微众银行股份有限公司 | Brute force cracking detection method, system, equipment and medium |
| CN112836223A (en) * | 2021-02-01 | 2021-05-25 | 长沙市到家悠享网络科技有限公司 | Data processing method, device and equipment |
| CN113114660A (en) * | 2021-04-08 | 2021-07-13 | 北京顶象技术有限公司 | Voice verification code implementation method and device |
| CN113162912A (en) * | 2021-03-12 | 2021-07-23 | 中航智能建设(深圳)有限公司 | Network security protection method, system and storage device based on big data |
| CN113497807A (en) * | 2021-07-09 | 2021-10-12 | 深圳竹云科技有限公司 | Method and device for detecting user login risk and computer readable storage medium |
| CN113507485A (en) * | 2021-08-12 | 2021-10-15 | 河北民族师范学院 | Cloud security access system and method |
| CN113570199A (en) * | 2021-06-30 | 2021-10-29 | 北京达佳互联信息技术有限公司 | Information processing method, electronic resource distribution method, device, electronic equipment and storage medium |
| CN114285664A (en) * | 2021-12-29 | 2022-04-05 | 赛尔网络有限公司 | Abnormal user identification method, system, device and medium |
| CN114417276A (en) * | 2021-12-30 | 2022-04-29 | 珠海大横琴科技发展有限公司 | Security verification method and device |
| CN115514562A (en) * | 2022-09-22 | 2022-12-23 | 国网山东省电力公司 | Data security early warning method and system |
| CN118174960A (en) * | 2024-05-10 | 2024-06-11 | 华能信息技术有限公司 | User operation auditing method and system of micro-service architecture |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102200987A (en) * | 2011-01-27 | 2011-09-28 | 北京开心人信息技术有限公司 | Method and system for searching sock puppet identification number based on behavioural analysis of user identification numbers |
| CN103516718A (en) * | 2012-06-29 | 2014-01-15 | 微软公司 | Identity risk score generation and implementation |
| CN105740715A (en) * | 2016-01-29 | 2016-07-06 | 广东欧珀移动通信有限公司 | Safety assessment method and terminal equipment |
| CN105763428A (en) * | 2016-04-18 | 2016-07-13 | 徐亚萍 | Information fraud prevention method based on user historical data |
| CN105989155A (en) * | 2015-03-02 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method and device for identifying risk behaviors |
-
2016
- 2016-11-16 CN CN201611034310.0A patent/CN106529288A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102200987A (en) * | 2011-01-27 | 2011-09-28 | 北京开心人信息技术有限公司 | Method and system for searching sock puppet identification number based on behavioural analysis of user identification numbers |
| CN103516718A (en) * | 2012-06-29 | 2014-01-15 | 微软公司 | Identity risk score generation and implementation |
| CN105989155A (en) * | 2015-03-02 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Method and device for identifying risk behaviors |
| CN105740715A (en) * | 2016-01-29 | 2016-07-06 | 广东欧珀移动通信有限公司 | Safety assessment method and terminal equipment |
| CN105763428A (en) * | 2016-04-18 | 2016-07-13 | 徐亚萍 | Information fraud prevention method based on user historical data |
Cited By (52)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107257325A (en) * | 2017-05-09 | 2017-10-17 | 北京潘达互娱科技有限公司 | User profile guard method and device |
| CN109698809A (en) * | 2017-10-20 | 2019-04-30 | 中移(苏州)软件技术有限公司 | A kind of recognition methods of account abnormal login and device |
| CN108108973A (en) * | 2017-12-01 | 2018-06-01 | 北京三快在线科技有限公司 | Business risk control method and device |
| CN108011880A (en) * | 2017-12-04 | 2018-05-08 | 郑州云海信息技术有限公司 | The management method and computer-readable recording medium monitored in cloud data system |
| CN108090332A (en) * | 2017-12-06 | 2018-05-29 | 国云科技股份有限公司 | A kind of air control method that behavioural analysis is logged in based on user |
| CN108092975A (en) * | 2017-12-07 | 2018-05-29 | 上海携程商务有限公司 | Recognition methods, system, storage medium and the electronic equipment of abnormal login |
| CN108092975B (en) * | 2017-12-07 | 2020-09-22 | 上海携程商务有限公司 | Abnormal login identification method, system, storage medium and electronic equipment |
| CN108133373A (en) * | 2018-01-04 | 2018-06-08 | 交通银行股份有限公司 | Seek the method and device for the adventure account for relating to machine behavior |
| CN110213199B (en) * | 2018-02-28 | 2022-05-13 | 中国移动通信集团有限公司 | Method, device and system for monitoring database collision attack and computer storage medium |
| CN110213199A (en) * | 2018-02-28 | 2019-09-06 | 中国移动通信集团有限公司 | Method, device and system for monitoring database collision attack and computer storage medium |
| CN108521402A (en) * | 2018-03-07 | 2018-09-11 | 阿里巴巴集团控股有限公司 | A kind of method, apparatus and equipment of output label |
| CN108521402B (en) * | 2018-03-07 | 2021-01-22 | 创新先进技术有限公司 | Method, device and equipment for outputting label |
| CN110322028A (en) * | 2018-03-29 | 2019-10-11 | 北京红马传媒文化发展有限公司 | Method for managing resource, device and electronic equipment |
| CN108600209A (en) * | 2018-04-16 | 2018-09-28 | 新华三信息安全技术有限公司 | A kind of information processing method and device |
| CN110390445A (en) * | 2018-04-16 | 2019-10-29 | 阿里巴巴集团控股有限公司 | The recognition methods of operational risk, device and system |
| CN108596738A (en) * | 2018-05-08 | 2018-09-28 | 新华三信息安全技术有限公司 | A kind of user behavior detection method and device |
| CN110493163A (en) * | 2018-05-14 | 2019-11-22 | 优酷网络技术(北京)有限公司 | The recognition methods of multimedia resource request and device |
| CN108880829A (en) * | 2018-05-16 | 2018-11-23 | 北京搜狐新动力信息技术有限公司 | A kind of payment member mall system control method and device |
| CN109727027A (en) * | 2018-06-01 | 2019-05-07 | 平安普惠企业管理有限公司 | Account recognition methods, device, equipment and storage medium |
| CN109727027B (en) * | 2018-06-01 | 2024-05-03 | 深圳市秋雨电子科技有限公司 | Account identification method, device, equipment and storage medium |
| CN108924118B (en) * | 2018-06-27 | 2021-07-02 | 亚信科技(成都)有限公司 | Method and system for detecting database collision behavior |
| CN108924118A (en) * | 2018-06-27 | 2018-11-30 | 亚信科技(成都)有限公司 | One kind hitting library behavioral value method and system |
| CN108989150A (en) * | 2018-07-19 | 2018-12-11 | 新华三信息安全技术有限公司 | A kind of login method for detecting abnormality and device |
| CN108989150B (en) * | 2018-07-19 | 2021-03-26 | 新华三信息安全技术有限公司 | Login abnormity detection method and device |
| CN109033889A (en) * | 2018-08-13 | 2018-12-18 | 杭州安恒信息技术股份有限公司 | A kind of invasive biology method, apparatus and intelligent terminal based on space-time collision |
| CN109033889B (en) * | 2018-08-13 | 2020-12-18 | 杭州安恒信息技术股份有限公司 | Intrusion identification method and device based on space-time collision and intelligent terminal |
| CN109040103B (en) * | 2018-08-27 | 2021-09-17 | 深信服科技股份有限公司 | Mail account number defect detection method, device, equipment and readable storage medium |
| CN109040103A (en) * | 2018-08-27 | 2018-12-18 | 深信服科技股份有限公司 | A kind of mail account is fallen detection method, device, equipment and readable storage medium storing program for executing |
| CN109034661A (en) * | 2018-08-28 | 2018-12-18 | 腾讯科技(深圳)有限公司 | User identification method, device, server and storage medium |
| CN110493004A (en) * | 2019-07-25 | 2019-11-22 | 东软集团股份有限公司 | Digital certificate configuration method and device, digital certificate sign and issue method and device |
| CN110572700A (en) * | 2019-09-19 | 2019-12-13 | 湖南快乐阳光互动娱乐传媒有限公司 | Client risk identification method and system |
| CN112565164B (en) * | 2019-09-26 | 2023-07-25 | 中国电信股份有限公司 | Dangerous IP identification method, dangerous IP identification device and computer readable storage medium |
| CN112565164A (en) * | 2019-09-26 | 2021-03-26 | 中国电信股份有限公司 | Dangerous IP identification method, dangerous IP identification device and computer readable storage medium |
| CN111062010A (en) * | 2019-11-08 | 2020-04-24 | 支付宝(杭州)信息技术有限公司 | Identity verification method, device and equipment |
| CN111062010B (en) * | 2019-11-08 | 2022-04-22 | 支付宝(杭州)信息技术有限公司 | Identity verification method, device and equipment |
| CN110958236A (en) * | 2019-11-25 | 2020-04-03 | 杭州安恒信息技术股份有限公司 | Dynamic authorization method of operation and maintenance auditing system based on risk factor insight |
| CN111786936A (en) * | 2019-11-27 | 2020-10-16 | 北京沃东天骏信息技术有限公司 | Method and device for authentication |
| CN111083165B (en) * | 2019-12-31 | 2022-03-29 | 支付宝(杭州)信息技术有限公司 | Login interception method and system based on combined anti-collision library platform |
| CN111083165A (en) * | 2019-12-31 | 2020-04-28 | 支付宝(杭州)信息技术有限公司 | Login interception method and system based on combined anti-collision library platform |
| CN112131551A (en) * | 2020-09-25 | 2020-12-25 | 平安国际智慧城市科技股份有限公司 | Verification code verification method and device, computer equipment and readable storage medium |
| CN112688930A (en) * | 2020-12-18 | 2021-04-20 | 深圳前海微众银行股份有限公司 | Brute force cracking detection method, system, equipment and medium |
| CN112836223A (en) * | 2021-02-01 | 2021-05-25 | 长沙市到家悠享网络科技有限公司 | Data processing method, device and equipment |
| CN113162912A (en) * | 2021-03-12 | 2021-07-23 | 中航智能建设(深圳)有限公司 | Network security protection method, system and storage device based on big data |
| CN113114660A (en) * | 2021-04-08 | 2021-07-13 | 北京顶象技术有限公司 | Voice verification code implementation method and device |
| CN113570199A (en) * | 2021-06-30 | 2021-10-29 | 北京达佳互联信息技术有限公司 | Information processing method, electronic resource distribution method, device, electronic equipment and storage medium |
| CN113497807A (en) * | 2021-07-09 | 2021-10-12 | 深圳竹云科技有限公司 | Method and device for detecting user login risk and computer readable storage medium |
| CN113507485A (en) * | 2021-08-12 | 2021-10-15 | 河北民族师范学院 | Cloud security access system and method |
| CN113507485B (en) * | 2021-08-12 | 2022-07-29 | 河北民族师范学院 | Cloud security access system and method |
| CN114285664A (en) * | 2021-12-29 | 2022-04-05 | 赛尔网络有限公司 | Abnormal user identification method, system, device and medium |
| CN114417276A (en) * | 2021-12-30 | 2022-04-29 | 珠海大横琴科技发展有限公司 | Security verification method and device |
| CN115514562A (en) * | 2022-09-22 | 2022-12-23 | 国网山东省电力公司 | Data security early warning method and system |
| CN118174960A (en) * | 2024-05-10 | 2024-06-11 | 华能信息技术有限公司 | User operation auditing method and system of micro-service architecture |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106529288A (en) | Account risk identification method and device | |
| US11722520B2 (en) | System and method for detecting phishing events | |
| US20180351965A1 (en) | System and Method for Validating Users Using Social Network Information | |
| CN107465642B (en) | Method and device for judging abnormal login of account | |
| CN107888574A (en) | Method, server and the storage medium of Test database risk | |
| CN108092975A (en) | Recognition methods, system, storage medium and the electronic equipment of abnormal login | |
| CN102231745A (en) | Safety system and method for network application | |
| CN108683666A (en) | A kind of web page identification method and device | |
| CN108171519A (en) | The processing of business datum, account recognition methods and device, terminal | |
| WO2017054504A1 (en) | Identity authentication method and device, and storage medium | |
| CN107046518A (en) | The detection method and device of network attack | |
| CN102484640A (en) | Threat detection in a data processing system | |
| CN104901924B (en) | Internet account verification method and device | |
| CN107689936A (en) | Security verification system, the method and device of logon account | |
| CN107277036A (en) | Login validation method based on multistation point data, checking equipment and storage medium | |
| CN111311285A (en) | Method, device, equipment and storage medium for preventing user from illegally logging in | |
| CN109753772A (en) | A kind of account safety verification method and system | |
| CN103605924A (en) | Method and device for preventing malicious program from attacking online payment page | |
| CN109727027B (en) | Account identification method, device, equipment and storage medium | |
| CN105763548A (en) | User login identification method based on behavior model and equipment and system thereof | |
| CN105022939B (en) | Information Authentication method and device | |
| CN107332804A (en) | The detection method and device of webpage leak | |
| CN111814064B (en) | Neo4 j-based abnormal user processing method, neo4 j-based abnormal user processing device, computer equipment and medium | |
| CN117150459A (en) | Zero-trust user identity security detection method and system | |
| CN113836509B (en) | Information acquisition method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170322 |