CN107220543A - The method and apparatus for handling the service request of mobile terminal - Google Patents

The method and apparatus for handling the service request of mobile terminal Download PDF

Info

Publication number
CN107220543A
CN107220543A CN201710399272.7A CN201710399272A CN107220543A CN 107220543 A CN107220543 A CN 107220543A CN 201710399272 A CN201710399272 A CN 201710399272A CN 107220543 A CN107220543 A CN 107220543A
Authority
CN
China
Prior art keywords
embedded page
user
information
mobile terminal
risk class
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710399272.7A
Other languages
Chinese (zh)
Other versions
CN107220543B (en
Inventor
朱德伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Jingdong Shangke Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN201710399272.7A priority Critical patent/CN107220543B/en
Publication of CN107220543A publication Critical patent/CN107220543A/en
Application granted granted Critical
Publication of CN107220543B publication Critical patent/CN107220543B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The present invention provides a kind of method, device, electronic equipment and the computer-readable recording medium of the service request for handling mobile terminal, and can solve the problem that can not accurately judge the problem of the risk class of the service request of the embedded page input of application program.The mobile terminal includes at least one application program, and the application program has at least one embedded page, and methods described comprises the following steps:Gather the facility information of the mobile terminal;Monitor operation information of the user in the embedded page;Risk class is assessed with the interactive relation of the content shown by the embedded page in the operation information of the embedded page according to the facility information of the mobile terminal and user;When risk class is higher than predetermined grade, interception service request.

Description

The method and apparatus for handling the service request of mobile terminal
Technical field
The present invention relates to field of computer technology, more particularly to the method for service request of processing mobile terminal, device, electricity Sub- equipment and readable storage medium storing program for executing.
Background technology
With the development of science and technology, the function of intelligent mobile terminal is also more and more now, it is stronger and stronger.For intelligent sliding Dynamic terminal, have developed various application programs (APP), has much embed the page in the application, such as Html5 pages, its Can easily it replace.
When the embedded page is to backstage system request data-interface, data-interface is done for the request of browser of mobile terminal Special safe handling.If for example, frequently receiving connecing from same user or IP address (Internet protocol address) Mouth request, then carry out current limliting to the user or IP address or forbid the access from the user or IP address.
In process of the present invention is realized, inventor has found that at least there are the following problems in the prior art:When the embedded page to During background system request data interface, browser is difficult the facility information for screening client, while also easily utilizing brush by hacker Data.Because doing request of data by the embedded page of application program, the facility information of mobile terminal user's request is not known about, after Platform system is difficult the information of screening apparatus, may make false judgment, while when a problem occurs, it is difficult to screening apparatus information.
The content of the invention
In view of this, the embodiment of the present invention provide the present invention provide it is a kind of handle mobile terminal service request method, Device, electronic equipment and readable storage medium storing program for executing, can solve the problem that can not accurately judge the industry in the embedded page input of application program The problem of risk class of business request.
To achieve the above object, there is provided a kind of industry for handling mobile terminal for one side according to embodiments of the present invention The method for being engaged in asking, the mobile terminal includes at least one application program, and the application program has at least one embedded page Face, it is characterised in that methods described comprises the following steps:Gather the facility information of the mobile terminal;User is monitored described The operation information of the embedded page;According to the facility information of the mobile terminal and user the embedded page operation information Risk class is assessed with the interactive relation of the content shown by the embedded page;When risk class is higher than predetermined grade, block Cut service request.
Preferably, the facility information includes equipment unique identifier, latitude and longitude information, screen message and operating system letter Breath.
Preferably, the user includes touch letter of the user in the embedded page in the operation information of the embedded page Breath, keyboard operation information and mouse action information.
Preferably, the user includes operation point coordinates in the operation information of the embedded page, when the embedded page When shown content includes button, the button has a coordinate range, the facility information according to the mobile terminal with And user assesses risk etc. in the operation information of the embedded page with the interactive relation of the content shown by the embedded page The step of level, at least includes following sub-step:Sub-step is judged, for judging the operation point coordinates whether in the button In the coordinate range;Sub-step is assessed, the judged result according at least to the judgement sub-step assesses risk class.
Preferably, when the judgement sub-step judges:The operation point coordinates is not in the coordinate model of the button When enclosing interior, assess sub-step and be evaluated as risk class to be higher than predetermined grade.
Preferably, the user includes operating point coordinate set, the operating point in the operation information of the embedded page Coordinate set includes multiple operation point coordinates, and the multiple operation point coordinates corresponds respectively to multiple time points, when described embedded When content shown by the page includes sliding button, the facility information and user according to the mobile terminal is described interior The step of interactive relation of the operation information of the embedding page and the content shown by the embedded page assesses risk class is at least wrapped Include following sub-step:Judge sub-step, judge whether user wraps in the operation of the embedded page according to operating point coordinate set Containing slide;Sub-step is assessed, the judged result according at least to the judgement sub-step assesses risk class.
Preferably, when the judgement sub-step judges:User the embedded page operation not comprising slide When, assess sub-step and be evaluated as risk class to be higher than predetermined grade.
Preferably, call primary API to gather setting for the mobile terminal using Javascript by hybrid technologies Standby information.
Preferably, according to the risk class assessed, for service request, user is given different output.
To achieve the above object, there is provided a kind of processing mobile terminal for another aspect according to embodiments of the present invention The device of service request, the mobile terminal includes at least one application program, and the application program is embedded with least one The page, it is characterised in that described device includes as follows:Acquisition module, gathers the facility information of the mobile terminal;Monitor mould Block, operation information of the monitoring user in the embedded page;Risk evaluation module, according to the facility information of the mobile terminal with And user assesses risk etc. in the operation information of the embedded page with the interactive relation of the content shown by the embedded page Level;Blocking module, for when risk class is higher than predetermined grade, interception service to be asked.
Preferably, the facility information includes equipment unique identifier, latitude and longitude information, screen message and operating system letter Breath.
Preferably, the user includes touch letter of the user in the embedded page in the operation information of the embedded page Breath, keyboard operation information and mouse action information.
Preferably, the user includes operation point coordinates in the operation information of the embedded page, when the embedded page When shown content includes button, the button has coordinate range, and the risk evaluation module at least includes following submodule Block:Judging submodule, for judging the operation point coordinates whether in the coordinate range of the button;Assess submodule Block, the judged result according at least to the judging submodule assesses risk class.
Preferably, when the judging submodule judges:The operation point coordinates is not in the coordinate model of the button When enclosing interior, assess submodule and be evaluated as risk class to be higher than predetermined grade.
Preferably, the user includes operating point coordinate set, the operating point in the operation information of the embedded page Coordinate set includes multiple operation point coordinates, and the multiple operation point coordinates corresponds respectively to multiple time points, when described embedded When content shown by the page includes sliding button, the risk evaluation module at least includes following submodule:Judging submodule, Judge whether user includes slide in the operation of the embedded page according to operating point coordinate set;Submodule is assessed, extremely It is few that risk class is assessed according to the judged result of the judging submodule.
Preferably, when the judging submodule is disconnected:User when the operation of the embedded page is not comprising slide, Submodule is assessed to be evaluated as risk class to be higher than predetermined grade.
Preferably, call primary API to gather setting for the mobile terminal using Javascript by hybrid technologies Standby information.
Preferably, described device also includes:Output module, according to the risk class assessed, for service request, gives The different output of user.
To achieve the above object, there is provided a kind of electronic equipment, its feature for another aspect according to embodiments of the present invention It is, including:One or more processors;Storage device, for storing one or more programs, when one or more of journeys Sequence is by one or more of computing devices so that one or more of processors realize the processing mobile terminal of the present invention Service request method.
To achieve the above object, another aspect according to embodiments of the present invention is there is provided a kind of computer-readable medium, its On be stored with computer program, it is characterised in that the processing mobile terminal of the present invention is realized when described program is executed by processor Service request method.
One embodiment in foregoing invention has the following advantages that or beneficial effect:Because using following technological means:Adopt Collect the facility information of the mobile terminal;Monitor operation information of the user in the embedded page;According to the mobile terminal The interactive relation of content shown by the operation information and the embedded page of facility information and user in the embedded page Risk class is assessed, so overcoming can not accurately judge in risk of service request of embedded page input of application program etc. The technical problem of level, and then reach following technique effect:The use vestige of the page can be embedded in application program by user, it is accurate Risk class is really assessed, the service request that risk class is higher than intended level is intercepted.
The further effect that above-mentioned non-usual optional mode has adds hereinafter in conjunction with embodiment With explanation.
Brief description of the drawings
Accompanying drawing is used to more fully understand the present invention, does not constitute inappropriate limitation of the present invention.Wherein:
Fig. 1 is the signal of the key step of the method for the service request of processing mobile terminal according to embodiments of the present invention Figure;
Fig. 2 is the signal of the main modular of the device of the service request of processing mobile terminal according to embodiments of the present invention Figure;
Fig. 3 is adapted for the structural representation for realizing the terminal device of the embodiment of the present application or the computer system of server Figure.
Embodiment
The one exemplary embodiment of the present invention is explained below in conjunction with accompanying drawing, including the various of the embodiment of the present invention Details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize Arrive, various changes and modifications can be made to the embodiments described herein, without departing from scope and spirit of the present invention.Together Sample, for clarity and conciseness, eliminates the description to known function and structure in following description.
Fig. 1 is the signal of the key step of the method for the service request of processing mobile terminal according to embodiments of the present invention Figure.
Fig. 1 shows the key step of the method for the service request of processing mobile terminal according to embodiments of the present invention, institute Stating mobile terminal includes at least one application program, and the application program has at least one embedded page, and methods described includes Following steps:
Step S1:Gather the facility information of the mobile terminal;
Step S2:Monitor operation information of the user in the embedded page;
Step S3:The operation information in the embedded page and institute according to the facility information of the mobile terminal and user The interactive relation for stating the content shown by the embedded page assesses risk class;
Step S4:When risk class is higher than predetermined grade, interception service request.
In step sl, the facility information of the mobile terminal is gathered.The facility information include equipment unique identifier, Latitude and longitude information, screen message and operation system information.
In step s 2, operation information of the monitoring user in the embedded page.The user is in the embedded page Operation information includes user in the touch information of the embedded page, keyboard operation information and mouse action information.
In step s 2, periodic monitor user obtains operating point coordinate set, operating point in the operation of the embedded page Coordinate set includes multiple operation point coordinates, and the multiple operation point coordinates corresponds respectively to multiple time points.
Native applications Program Interfaces using Javascript can be called by mixed developing (hybrid) technology (API) facility information of the mobile terminal is obtained.For example, by hybrid technologies, such as Android (Android) system System, using JavaScriptInterface interfaces, primary API is called using JavaScript, carrys out the equipment of collecting device now Unique identifier, equipment gps and architecture value, size, the operating system of equipment, and user login information etc., to obtain The facility information of the mobile terminal.
As needed, can be when when the initialization embedded page, starting step S1 and S2.
User can also be worked as when the embedded page clicks on some predetermined-element, starting step S1 and S2.For example, user In the embedded page for being directed to prize drawing of actual use viewer applications, prize drawing position can be clicked on, prize drawing is initiated and asks, this Individual request can starting step S1 and S2.
In step s3, the operation information and institute of the facility information of the mobile terminal and user in the embedded page The interactive relation for stating the content shown by the embedded page assesses risk class.
When the content shown by the embedded page includes button, the button has coordinate range, and step S3 is at least Including following sub-step:
Judge sub-step, for judge obtain in step s 2 operation point coordinates whether the button the coordinate In the range of;
Sub-step is assessed, the judged result according at least to the judgement sub-step assesses risk class.
Preferably, when the judgement sub-step judges:The operation point coordinates is not in the coordinate model of the button When enclosing interior, assess sub-step and be evaluated as risk class to be higher than predetermined grade.
When the content shown by the embedded page includes sliding button, step S3 at least includes following sub-step:
Judge sub-step, behaviour of the user in the embedded page is judged according to operating point coordinate set is obtained in step s 2 Make whether to include slide;
Sub-step is assessed, the judged result according at least to the judgement sub-step assesses risk class.
Preferably, when the judgement sub-step judges:User the embedded page operation not comprising slide When, assess sub-step and be evaluated as risk class to be higher than predetermined grade.
For example, when the embedded page is the prize drawing page, if the page is long, and the page of drawing a lottery is in centre, then only Meeting following requirement could draw a lottery successfully:1. there is page drop-down action (because the page is longer), 2. have the dynamic of click prize drawing button Make 3. and fill in phone number keyboard click information.Otherwise, it is considered as risk subscribers.
It can also be drawn by safety coefficient come estimated risk rank for example, safety coefficient can be integrated by several conditions:
1. if there is equipment unique identifier, safety coefficient+1,
2. if there is equipment gps, safety coefficient+5,
If 3. drop-down action presence, safety coefficient+3 etc..
In step s 4, when risk class is higher than predetermined grade, interception service request.
, for service request, user can also be given different output according to the risk class assessed.For example, for example Risk class is too high, and prize drawing is not allowed, and risk class middle rank can allow its prize drawing once, risk class is relatively low, can repeatedly take out Prize.
Fig. 2 shows the main modular of the device 20 of the service request of processing mobile terminal according to embodiments of the present invention, The mobile terminal includes at least one application program, and the application program has at least one embedded page, described device bag Include:
Acquisition module 21, the facility information for gathering the mobile terminal;
Monitoring modular 22, for monitoring operation information of the user in the embedded page;
Risk evaluation module 23, for the facility information according to the mobile terminal and user in the embedded page Operation information and the interactive relation of the embedded page displayed content assess risk class;
Blocking module 24, for when risk factor is higher than predetermined grade, interception service to be asked.
Acquisition module 21 is used for the facility information for gathering the mobile terminal.The facility information includes equipment unique identification Code, latitude and longitude information, screen message and operation system information.
Monitoring modular 22 is used to monitor operation information of the user in the embedded page.The user is in the embedded page Operation information include user in the touch information of the embedded page, keyboard operation information and mouse action information.
The periodic monitor user of monitoring modular 22 obtains operating point coordinate set, operating point in the operation of the embedded page Coordinate set includes multiple operation point coordinates, and the multiple operation point coordinates corresponds respectively to multiple time points.
Acquisition module 21 primary API using Javascript can be called by hybrid technologies gather it is described it is mobile eventually The facility information at end.For example, by hybrid technologies, such as, for Android (Android) system, using JavaScriptInterface interfaces, primary API is called using JavaScript, is carried out the equipment of collecting device now and is uniquely known Other code, equipment gps and architecture value, size, the operating system of equipment, and user login information etc., to obtain the shifting The facility information of dynamic terminal.
As needed, acquisition module 21 and monitoring modular 22 can be started when initializing the embedded page.
User can also be worked as when the embedded page clicks on some predetermined-element, start acquisition module 21 and monitoring modular 22.For example, user can click on prize drawing position, hair in the embedded page for being directed to prize drawing of actual use viewer applications Prize drawing request is played, this request can start acquisition module 21 and monitoring modular 22.
When the content shown by the embedded page includes button, the button has coordinate range, risk assessment mould Block 23 at least includes following submodule:
Judging submodule, for judging the operation point coordinates whether in the coordinate range of the button;
Submodule is assessed, the judged result according at least to the judging submodule assesses risk class.
Preferably, when the judging submodule judges:The operation point coordinates is not in the coordinate model of the button When enclosing interior, assess submodule and be evaluated as risk class to be higher than predetermined grade.
When the content shown by the embedded page includes sliding button, risk evaluation module 23 at least includes following son Module:
Whether judging submodule, judge operation of the user in the embedded page comprising slip according to operating point coordinate set Operation;
Submodule is assessed, the judged result according at least to the judging submodule assesses risk class.
Preferably, when the judging submodule is disconnected:User when the operation of the embedded page is not comprising slide, Submodule is assessed to be evaluated as risk class to be higher than predetermined grade.
For example, when the embedded page is the prize drawing page, if the page is long, and the page of drawing a lottery is in centre, then only Meeting following requirement could draw a lottery successfully:1. there is page drop-down action (because the page is longer), 2. have the dynamic of click prize drawing button Make 3. and fill in phone number keyboard click information.Otherwise, it is considered as risk subscribers.
It can also be drawn by safety coefficient come estimated risk rank for example, safety coefficient can be integrated by several conditions:
1. if there is equipment unique identifier, safety coefficient+1,
2. if there is equipment gps, safety coefficient+5,
If 3. drop-down action presence, safety coefficient+3 etc..
Blocking module 24 is used for when risk class is higher than predetermined grade, interception service request.
The device of the service request of processing mobile terminal according to embodiments of the present invention can also include:Output module 24, For according to the risk class assessed, for service request, user is given different output.
Acquisition module 21, monitoring modular 22, risk evaluation module 23 and blocking module 24 can be deployed in background system, special It is not that acquisition module 21, monitoring modular 22 and blocking module 24 are deployed in content distributing network with Javascript program forms (CDN) on.
Intra-company mobile terminal developer, in the exploitation accordingly embedded page (such as html5 embeds the page), by embedding Enter this section of Javascript program, mobile terminal can call primary API to gather setting for the mobile terminal by Hybrid technologies Standby information etc., and it is supplied to the risk evaluation module 23 of background system.Because Javascript programs are deployed on CDN, Loading is than very fast.
Embodiments in accordance with the present invention, present invention also offers a kind of electronic equipment and a kind of readable storage medium storing program for executing.
The electronic equipment of the present invention includes:At least one processor;And, it is connected with least one described processor communication Memory;Wherein, the memory storage have can by the instruction of one computing device, the instruction by it is described at least One computing device, so that the service request of at least one described computing device processing mobile terminal provided by the present invention Method.
The non-transient computer readable storage medium storing program for executing of the present invention, the non-transient computer readable storage medium storing program for executing storage is calculated Machine is instructed, and the computer instruction is used for the service request for making the computer perform processing mobile terminal provided by the present invention Method.
Below with reference to Fig. 3, it illustrates suitable for for the computer system 300 for the terminal device for realizing the embodiment of the present application Structural representation.Terminal device shown in Fig. 3 is only an example, to the function of the embodiment of the present application and should not use model Shroud carrys out any limitation.
As shown in figure 3, computer system 300 includes CPU (CPU) 301, it can be read-only according to being stored in Program in memory (ROM) 302 or be loaded into program in random access storage device (RAM) 303 from storage part 308 and Perform various appropriate actions and processing.In RAM 303, the system that is also stored with 300 operates required various programs and data. CPU 301, ROM 302 and RAM 303 are connected with each other by bus 304.Input/output (I/O) interface 305 is also connected to always Line 304.
I/O interfaces 305 are connected to lower component:Importation 306 including keyboard, mouse etc.;Penetrated including such as negative electrode The output par, c 307 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage part 308 including hard disk etc.; And the communications portion 309 of the NIC including LAN card, modem etc..Communications portion 309 via such as because The network of spy's net performs communication process.Driver 310 is also according to needing to be connected to I/O interfaces 305.Detachable media 311, such as Disk, CD, magneto-optic disk, semiconductor memory etc., are arranged on driver 310, in order to read from it as needed Computer program be mounted into as needed storage part 308.
Especially, according to embodiment disclosed by the invention, the process described above with reference to key step figure can be implemented For computer software programs.For example, embodiment disclosed by the invention includes a kind of computer program product, it includes being carried on meter Computer program on calculation machine computer-readable recording medium, the computer program includes the program for being used for performing the method shown in key step figure Code.In such embodiments, the computer program can be downloaded and installed by communications portion 309 from network, and/ Or be mounted from detachable media 311.When the computer program is performed by CPU (CPU) 301, the application is performed System in the above-mentioned functions that limit.
It should be noted that the computer-readable medium shown in the application can be computer-readable signal media or meter Calculation machine readable storage medium storing program for executing either the two any combination.Computer-readable recording medium for example can be --- but not Be limited to --- electricity, magnetic, optical, electromagnetic, system, device or the device of infrared ray or semiconductor, or it is any more than combination.Meter The more specifically example of calculation machine readable storage medium storing program for executing can include but is not limited to:Electrical connection with one or more wires, just Take formula computer disk, hard disk, random access storage device (RAM), read-only storage (ROM), erasable type and may be programmed read-only storage Device (EPROM or flash memory), optical fiber, portable compact disc read-only storage (CD-ROM), light storage device, magnetic memory device, Or above-mentioned any appropriate combination.In this application, computer-readable recording medium can any include or store journey The tangible medium of sequence, the program can be commanded execution system, device or device and use or in connection.And at this In application, computer-readable signal media can be included in a base band or as the data-signal of carrier wave part propagation, Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but not limit In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can Any computer-readable medium beyond storage medium is read, the computer-readable medium, which can send, propagates or transmit, to be used for Used by instruction execution system, device or device or program in connection.Included on computer-readable medium Program code can be transmitted with any appropriate medium, be included but is not limited to:Wirelessly, electric wire, optical cable, RF etc., or above-mentioned Any appropriate combination.
Key step figure and block diagram in accompanying drawing, it is illustrated that according to the system, method and calculating of the various embodiments of the application Architectural framework in the cards, function and the operation of machine program product.At this point, each side in key step figure or block diagram Frame can represent a part for a module, program segment or code, and a part for above-mentioned module, program segment or code includes one Individual or multiple executable instructions for being used to realize defined logic function.It should also be noted that in some realizations as replacement, The function of being marked in square frame can also be with different from the order marked in accompanying drawing generation.For example, two succeedingly represent Square frame can essentially be performed substantially in parallel, and they can also be performed in the opposite order sometimes, and this is according to involved function Depending on.It is also noted that each square frame and block diagram in block diagram or key step figure or the square frame in key step figure Combination, can be realized with the special hardware based system of function or operation as defined in performing, or can with it is special firmly The combination of part and computer instruction is realized.
Being described in module involved in the embodiment of the present application can be realized by way of software, can also be by hard The mode of part is realized.Described module can also be set within a processor, for example, can be described as:A kind of processor bag Include sending module, acquisition module, determining module and first processing module.Wherein, the title of these modules is under certain conditions simultaneously The restriction in itself to the unit is not constituted, for example, sending module is also described as " sending picture to the service end connected Obtain the module of request ".
As on the other hand, present invention also provides a kind of computer-readable medium, the computer-readable medium can be Included in equipment described in above-described embodiment;Can also be individualism, and without be incorporated the equipment in.Above-mentioned calculating Machine computer-readable recording medium carries one or more program, when said one or multiple programs are performed by the equipment, makes Obtain the equipment and perform a kind of method for the service request for handling mobile terminal, the mobile terminal applies journey including at least one Sequence, the application program has at least one embedded page, it is characterised in that methods described comprises the following steps:Collection is described The facility information of mobile terminal;Monitor operation information of the user in the embedded page;Believed according to the equipment of the mobile terminal Breath and user assess wind in the operation information of the embedded page with the interactive relation of the content shown by the embedded page Dangerous grade;When risk class is higher than predetermined grade, interception service request.
Technical scheme according to embodiments of the present invention, reaches following technique effect:Can be by user in application program The use vestige of the embedding page, assesses risk class, intercepts the service request that risk class is higher than intended level.
Above-mentioned embodiment, does not constitute limiting the scope of the invention.Those skilled in the art should be bright It is white, depending on design requirement and other factors, can occur various modifications, combination, sub-portfolio and replacement.It is any Modifications, equivalent substitutions and improvements made within the spirit and principles in the present invention etc., should be included in the scope of the present invention Within.

Claims (20)

1. a kind of method for the service request for handling mobile terminal, the mobile terminal includes at least one application program, described Application program has at least one embedded page, it is characterised in that methods described comprises the following steps:
Gather the facility information of the mobile terminal;
Monitor operation information of the user in the embedded page;
According to the facility information of the mobile terminal and user the embedded page operation information and the embedded page The interactive relation of shown content assesses risk class;
When risk class is higher than predetermined grade, interception service request.
2. according to the method described in claim 1, it is characterised in that the facility information includes equipment unique identifier, longitude and latitude Spend information, screen message and operation system information.
3. according to the method described in claim 1, it is characterised in that the user includes in the operation information of the embedded page User is in the touch information of the embedded page, keyboard operation information and mouse action information.
4. according to the method described in claim 1, it is characterised in that the user includes in the operation information of the embedded page Point coordinates is operated, when the content shown by the embedded page includes button, the button has coordinate range, the basis Shown by operation information and the embedded page of the facility information and user of the mobile terminal in the embedded page The step of interactive relation of content assesses risk class at least includes following sub-step:
Sub-step is judged, for judging the operation point coordinates whether in the coordinate range of the button;
Sub-step is assessed, the judged result according at least to the judgement sub-step assesses risk class.
5. method according to claim 4, it is characterised in that when the judgement sub-step judges:The operation point coordinates When not in the coordinate range of the button, assess sub-step and be evaluated as risk class to be higher than predetermined grade.
6. the method according to claim 1 or 4, it is characterised in that operation information of the user in the embedded page Including operating point coordinate set, the operating point coordinate set includes multiple operation point coordinates, the multiple operation point coordinates point Not Dui Yingyu multiple time points, when the content shown by the embedded page include sliding button when, it is described according to the movement The friendship of content shown by operation information and the embedded page of the facility information and user of terminal in the embedded page The step of mutual relation assesses risk class at least includes following sub-step:
Judge sub-step, judge operation of the user in the embedded page whether comprising slip behaviour according to operating point coordinate set Make;
Sub-step is assessed, the judged result according at least to the judgement sub-step assesses risk class.
7. method according to claim 6, it is characterised in that when the judgement sub-step judges:User is described embedded When the operation of the page is not comprising slide, assesses sub-step and be evaluated as risk class to be higher than predetermined grade.
8. according to the method described in claim 1, it is characterised in that called by hybrid technologies using Javascript primary API gathers the facility information of the mobile terminal.
9. according to the method described in claim 1, it is characterised in that also include:According to the risk class assessed, for business Request, gives user different output.
10. a kind of device for the service request for handling mobile terminal, the mobile terminal includes at least one application program, described Application program has at least one embedded page, it is characterised in that described device includes as follows:
Acquisition module, the facility information for gathering the mobile terminal;
Monitoring modular, for monitoring operation information of the user in the embedded page;
Risk evaluation module, believes for the facility information according to the mobile terminal and user in the operation of the embedded page Breath and the interactive relation of the content shown by the embedded page assess risk class;
Blocking module, for when risk class is higher than predetermined grade, interception service to be asked.
11. device according to claim 10, it is characterised in that the facility information includes equipment unique identifier, warp Latitude information, screen message and operation system information.
12. device according to claim 10, it is characterised in that operation information bag of the user in the embedded page User is included in the touch information of the embedded page, keyboard operation information and mouse action information.
13. device according to claim 10, it is characterised in that operation information bag of the user in the embedded page Operation point coordinates is included, when the content shown by the embedded page includes button, the button has coordinate range, the wind Dangerous evaluation module at least includes following submodule:
Judging submodule, for judging the operation point coordinates whether in the coordinate range of the button;
Submodule is assessed, the judged result according at least to the judging submodule assesses risk class.
14. device according to claim 13, it is characterised in that when the judging submodule judges:The operating point is sat When mark is not in the coordinate range of the button, assesses submodule and be evaluated as risk class to be higher than predetermined grade.
15. the device according to claim 10 or 13, it is characterised in that the user believes in the operation of the embedded page Breath includes operating point coordinate set, and the operating point coordinate set includes multiple operation point coordinates, the multiple operation point coordinates Multiple time points are corresponded respectively to, when the content shown by the embedded page includes sliding button, the risk assessment mould Block at least includes following submodule:
Whether judging submodule, judge operation of the user in the embedded page comprising slip behaviour according to operating point coordinate set Make;
Submodule is assessed, the judged result according at least to the judging submodule assesses risk class.
16. device according to claim 15, it is characterised in that when the judging submodule is disconnected:User is described embedded When the operation of the page is not comprising slide, assesses submodule and be evaluated as risk class to be higher than predetermined grade.
17. device according to claim 10, it is characterised in that original is called using Javascript by hybrid technologies API is given birth to gather the facility information of the mobile terminal.
18. device according to claim 10, it is characterised in that also include:Output module, for according to the wind assessed Dangerous grade, for service request, gives user different output.
19. a kind of electronic equipment, it is characterised in that including:
One or more processors;
Storage device, for storing one or more programs,
When one or more of programs are by one or more of computing devices so that one or more of processors are real The existing method as described in any in claim 1-9.
20. a kind of computer-readable medium, is stored thereon with computer program, it is characterised in that described program is held by processor The method as described in any in claim 1-9 is realized during row.
CN201710399272.7A 2017-05-31 2017-05-31 Method and device for processing service request of mobile terminal Active CN107220543B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710399272.7A CN107220543B (en) 2017-05-31 2017-05-31 Method and device for processing service request of mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710399272.7A CN107220543B (en) 2017-05-31 2017-05-31 Method and device for processing service request of mobile terminal

Publications (2)

Publication Number Publication Date
CN107220543A true CN107220543A (en) 2017-09-29
CN107220543B CN107220543B (en) 2020-11-24

Family

ID=59947091

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710399272.7A Active CN107220543B (en) 2017-05-31 2017-05-31 Method and device for processing service request of mobile terminal

Country Status (1)

Country Link
CN (1) CN107220543B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933503A (en) * 2019-02-13 2019-06-25 平安科技(深圳)有限公司 User's operation risk factor determines method, apparatus and storage medium, server

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994092A (en) * 2015-06-30 2015-10-21 百度在线网络技术(北京)有限公司 Service request processing method, terminal browser and anti-attack server
CN105187521A (en) * 2015-08-25 2015-12-23 努比亚技术有限公司 Service processing device and method
CN105516054A (en) * 2014-09-22 2016-04-20 阿里巴巴集团控股有限公司 User authentication method and user authentication device
CN106656966A (en) * 2016-09-30 2017-05-10 广州华多网络科技有限公司 Method and device for intercepting service processing request

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105516054A (en) * 2014-09-22 2016-04-20 阿里巴巴集团控股有限公司 User authentication method and user authentication device
CN104994092A (en) * 2015-06-30 2015-10-21 百度在线网络技术(北京)有限公司 Service request processing method, terminal browser and anti-attack server
CN105187521A (en) * 2015-08-25 2015-12-23 努比亚技术有限公司 Service processing device and method
CN106656966A (en) * 2016-09-30 2017-05-10 广州华多网络科技有限公司 Method and device for intercepting service processing request

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933503A (en) * 2019-02-13 2019-06-25 平安科技(深圳)有限公司 User's operation risk factor determines method, apparatus and storage medium, server

Also Published As

Publication number Publication date
CN107220543B (en) 2020-11-24

Similar Documents

Publication Publication Date Title
CN110061909B (en) Method and apparatus for processing information
CN109446071A (en) Interface test method, interface test device, electronic equipment and storage medium
CN107395647A (en) Checking system, method and apparatus
CN108459953A (en) test method and device
CN109684188B (en) Test method and device
CN110149298A (en) A kind of method and apparatus for kidnapping detection
CN106875279A (en) Information-pushing method and device
CN109656799A (en) Test method and device
CN104426960B (en) A kind of trial method and device of payment applications
CN112966308A (en) Software delivery method, processing device and storage medium
CN111736918A (en) Buried point configuration method and device and electronic equipment
CN107609953A (en) The quick treating method and apparatus of order
CN108234441A (en) Determine method, apparatus, electronic equipment and the storage medium of forgery access request
CN107766224B (en) Test method and test device
CN107220543A (en) The method and apparatus for handling the service request of mobile terminal
CN109741099B (en) Method and device for acquiring equipment characteristic information
CN110140144A (en) For verifying the image processing system of the data of rendering
CN107634942A (en) The method and apparatus for identifying malicious requests
CN109194567B (en) Method and apparatus for retransmitting information
CN116662193A (en) Page testing method and device
CN111240786A (en) Walkthrough method and device, electronic equipment and storage medium
CN107818262A (en) The security document management method of network security device
CN110689285A (en) Test method, test device, electronic equipment and computer readable storage medium
CN109885564A (en) Method and apparatus for sending information
CN112131092A (en) Page debugging method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant