CN107872439B - Identity recognition method, device and system - Google Patents
Identity recognition method, device and system Download PDFInfo
- Publication number
- CN107872439B CN107872439B CN201610859898.7A CN201610859898A CN107872439B CN 107872439 B CN107872439 B CN 107872439B CN 201610859898 A CN201610859898 A CN 201610859898A CN 107872439 B CN107872439 B CN 107872439B
- Authority
- CN
- China
- Prior art keywords
- request
- operation request
- browser
- user
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- User Interface Of Digital Computer (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses an identity recognition method, which comprises the steps of receiving an operation request sent by a user terminal, wherein the operation request comprises an identity mark generated by utilizing the characteristics of a browser; acquiring operation data corresponding to the identity; and determining whether the operation request is a malicious request according to the operation data, and returning an operation response corresponding to the operation request to the user terminal according to the determination result. The invention also provides an identity recognition device and an identity recognition system. The identity recognition method, the identity recognition device and the identity recognition system provided by the invention automatically recognize the identity by utilizing the identity generated by the browser characteristics and according to the operation data corresponding to the operation identifier, have high safety, do not need manual operation and have good user experience.
Description
Technical Field
The invention relates to the technical field of internet, in particular to an identity recognition method, device and system.
Background
With the development of internet technology and the improvement of Browser/Server (BS) architectures, most websites operate in a Browser-side loading manner, lawless persons achieve their illegal purposes in malicious refresh, automatic submission of forged data, and the like, and a website security side urgently needs a capability of preventing lawless persons from malicious refresh and data forgery for penetration.
The existing webpage identity recognition technology mainly realizes the identity verification of a user by setting a state through a cookie and realizes the operation verification of the user by issuing a verification code, and has low security and poor user experience.
Disclosure of Invention
In view of this, the invention provides an identity recognition method, device and system, which have high security and good user experience.
The embodiment of the invention provides an identity recognition method, which comprises the steps of receiving an operation request sent by a user terminal, wherein the operation request comprises an identity mark generated by utilizing the characteristics of a browser; acquiring operation data corresponding to the identity; and determining whether the operation request is a malicious request according to the operation data, and returning an operation response corresponding to the operation request to the user terminal according to the determination result.
The embodiment of the invention also provides an identity recognition method, which is applied between a user terminal and a server and comprises the steps that the user terminal sends an operation request to the server, and the operation request comprises an identity label generated by utilizing the characteristics of the browser; and the server acquires the operation data corresponding to the identity identification, determines whether the operation request is a malicious request according to the operation data, and returns an operation response corresponding to the operation request to the user terminal according to the determination result.
The embodiment of the invention also provides an identity recognition device which is applied to the server and comprises a receiving module, an obtaining module, a judging module and a response module; the receiving module is used for receiving an operation request sent by a user terminal, wherein the operation request comprises an identity generated by utilizing browser characteristics; the acquisition module is used for acquiring the operation data corresponding to the identity; the judging module is used for determining whether the operation request is a malicious request according to the operation data; and the response module is used for returning an operation response corresponding to the operation request to the user terminal according to the determination result.
The embodiment of the invention also provides an identity recognition system, which comprises a user terminal and a server; the user terminal is used for sending an operation request to the server, wherein the operation request comprises an identity mark generated by utilizing the characteristics of the browser; the server is used for receiving the operation request, acquiring operation data corresponding to the identity, and returning an operation response corresponding to the operation request to the user terminal according to the determination result after determining whether the operation request is a malicious request according to the operation data.
The identity recognition method, the identity recognition device and the identity recognition system provided by the invention automatically recognize the identity by utilizing the identity generated by the browser characteristics and according to the operation data corresponding to the operation identifier, have high safety, do not need manual operation and have good user experience.
In order to make the aforementioned and other objects, features and advantages of the invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
Fig. 1 is an application environment diagram of an identity recognition method, apparatus and system according to an embodiment of the present invention;
FIG. 2 shows a block diagram of a server;
fig. 3 is a flowchart of an identity recognition method according to a first embodiment of the present invention;
fig. 4 is a flowchart of an identity recognition method according to a second embodiment of the present invention;
fig. 5 is a flowchart of an identity recognition method according to a third embodiment of the present invention;
FIG. 6 is a block diagram of an identification device according to a fourth embodiment of the present invention;
fig. 7 is a block diagram of an identification system according to a fifth embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The identity recognition method, the identity recognition device and the identity recognition system provided by the embodiments of the invention can be applied to the application environment shown in fig. 1 to realize webpage access or instant messaging and the like. As shown in fig. 1, the user terminal 100 and the server 200 are located in a wireless network or a wired network through which the user terminal 100 interacts with the server 200.
The user terminal 100 may include a Personal Computer (PC), an all-in-one machine, a laptop portable Computer, a vehicle-mounted terminal, and other Computer terminal devices, and a mobile terminal device such as a smart phone, a tablet PC, an electronic book reader, an MP3 player (Moving Picture Experts Group Audio Layer III, motion Picture Experts compression standard Audio Layer III, MP4(Moving Picture Experts Group Audio Layer IV, motion Picture Experts compression standard Audio Layer 4), and other player devices.
Fig. 2 shows a block diagram of a server. The structure shown in fig. 2 is applicable to a server 200, and as shown in fig. 2, the server includes: memory 301, processor 302, and network module 303.
It will be appreciated that the configuration shown in fig. 2 is merely illustrative and that the server may include more or fewer components than shown in fig. 2 or may have a different configuration than shown in fig. 2. The components shown in fig. 2 may be implemented in hardware, software, or a combination thereof. In addition, the server in the embodiment of the present invention may further include a plurality of servers with different specific functions.
The memory 301 may be used to store software programs and modules, such as program instructions/modules corresponding to the identification method, apparatus, and system in the embodiments of the present invention, and the processor 302 executes various functional applications and data processing by running the software programs and modules stored in the memory 301, so as to implement the identification method in the embodiments of the present invention. The memory 301 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 301 may further include memory located remotely from the processor 302, which may be connected to a server over a network. Further, the software programs and modules may further include: an operating system 321, and a service module 322. The operating system 321, which may be LINUX, UNIX, WINDOWS, for example, may include various software components and/or drivers for managing system tasks (e.g., memory management, storage device control, power management, etc.), and may communicate with various hardware or software components to provide an operating environment for other software components. The service module 322 runs on the basis of the operating system 321, monitors a request from the network through the network service of the operating system 321, completes corresponding data processing according to the request, and returns a processing result to the client. That is, the service module 322 is used to provide web services to clients.
The network module 303 is used for receiving and transmitting network signals. The network signal may include a wireless signal or a wired signal. In one example, the network signal is a wired network signal. At this time, the network module 303 may include a processor, a random access memory, a converter, a crystal oscillator, and the like.
First embodiment
Fig. 3 is a flowchart of an identity recognition method according to a first embodiment of the present invention. The present embodiment is an identification method performed by the server 200 through a network. As shown in fig. 3, the identity recognition method of the present embodiment may include the following steps:
step S31: receiving an operation request sent by a user terminal, wherein the operation request comprises an identity mark generated by utilizing the characteristics of a browser;
the operation request may include, but is not limited to, a web page access request, an account login request, and the like.
Browser features may include, but are not limited to, attributes of the browser itself and/or the operating environment of the browser, among other things.
Preferably, the browser features include data of at least two dimensions, namely, the property of the browser and the running environment of the browser, so as to improve the accuracy of the identity identification.
Specifically, the attributes of the browser itself may include, but are not limited to, the kernel of the browser, the version of the browser, the plug-in of the browser, the language used by the browser, whether tracing is possible (navigator. The operating environment of the browser may include, but is not limited to, the operating system used by the user terminal, the type of central processor, screen resolution, screen orientation, screen palette matching depth, and the like.
Step S32: acquiring operation data corresponding to the identity; and
the operation data may include, but is not limited to, at least one of user interaction data with the page, and a running environment of the current page.
Preferably, the operation data comprises at least two dimensions of interaction data of the user and the page and data of the running environment of the current page, so that identity recognition can be carried out more accurately.
In particular, the user interaction data with the page may include, but is not limited to, at least one of mouse trajectory, mouse click action and time, keyboard tap frequency, touch or slide screen frequency.
Specifically, the runtime environment of the current page may include, but is not limited to, at least one of whether a plug-in is installed, a url (Uniform resource Locator) address, a refer address (also referred to as a page source address), an operating system version.
Step S33: and determining whether the operation request is a malicious request according to the operation data, and returning an operation response corresponding to the operation request to the user terminal according to a determination result.
The identity recognition method provided by the embodiment of the invention automatically recognizes the identity by utilizing the identity generated by the characteristics of the browser and according to the operation data corresponding to the operation identifier, has high safety, does not need manual operation, and has good user experience.
Second embodiment
Fig. 4 is a flowchart of an identity recognition method according to a second embodiment of the present invention. The present embodiment is an identification method performed by the server 200 through a network. As shown in fig. 4, the identity recognition method of the present embodiment may include the following steps:
step S41: receiving an operation request sent by a user terminal, wherein the operation request comprises an identity mark generated by utilizing the characteristics of a browser;
the operation request may include, but is not limited to, a web page access request, an account login request, and the like.
Browser features may include, but are not limited to, attributes of the browser itself and/or the operating environment of the browser, among other things.
Preferably, the browser features include data of at least two dimensions, namely, the property of the browser and the running environment of the browser, so as to improve the accuracy of the identity identification.
Specifically, the attributes of the browser itself may include, but are not limited to, the kernel of the browser, the version of the browser, the plug-in of the browser, the language used by the browser, whether tracing is possible (navigator. The operating environment of the browser may include, but is not limited to, the operating system used by the user terminal, the type of central processor, screen resolution, screen orientation, screen palette matching depth, and the like.
Step S42: acquiring operation data corresponding to the identity;
the operation data may include, but is not limited to, at least one of user interaction data with the page, and a running environment of the current page.
Preferably, the operation data comprises at least two dimensions of interaction data of the user and the page and data of the running environment of the current page, so that identity recognition can be carried out more accurately.
In particular, the user interaction data with the page may include, but is not limited to, at least one of mouse trajectory, mouse click action and time, keyboard tap frequency, touch or slide screen frequency.
Specifically, the running environment of the current page may include, but is not limited to, at least one of whether a plug-in is installed, a url (Uniform resource Locator) address, a refer address (also called a page source address), and an operating system version.
Step S43: confirming the grade of the operation request according to the type of the operation request;
specifically, for example, the level of the operation request may be classified into three levels, where if the operation request is a login request, a payment request, or the like, the level is three levels, if the operation request is a delete account, a change account information, or the like, the level is two levels, and if the operation request is a send request, a mark request, or the like, the level is one level.
Step S44: confirming the grade of the user according to the operation data;
specifically, the operation data includes interaction data of a user and a page and an operation environment of a current page, the interaction data of the user and the page includes a mouse track and a keyboard knocking frequency, the operation environment of the current page includes whether a plug-in is installed or not, if the mouse track does not include a submission button, the keyboard knocking frequency is smaller than a threshold value within a preset time and the plug-in is not installed, the grade of the user is determined to be one grade, if the mouse track does not include the submission button or the keyboard knocking frequency is smaller than the threshold value within the preset time or the plug-in is not installed, the grade of the user is two grade, and if the mouse track includes the submission button, the keyboard knocking frequency is not smaller than the threshold value within the preset time and the plug-in is installed, the grade of the user is three grade. It will of course be understood by those skilled in the art that the foregoing description is by way of example only, and is not intended as limiting.
Step S45: judging whether the level of the user is lower than the level of the operation request;
if the user level is lower than the operation request level, the process proceeds to step S46: determining that the operation request is a malicious request;
step S47, rejecting the operation request;
if the user level is not lower than the operation request level, the process proceeds to step S48: determining that the operation request is a non-malicious request;
step S49: and returning corresponding request data to respond to the operation request.
The identity recognition method provided by the embodiment of the invention utilizes the identity generated by the browser characteristics and automatically carries out identity recognition according to the operation data corresponding to the operation identification, has high safety, does not need manual operation, has good user experience, and further carries out grade distinction on the operation request and the user so as to carry out operation response according to the type of the operation request and further improve the user experience.
Third embodiment
Fig. 5 is a flowchart of an identity recognition method according to a third embodiment of the present invention. The present embodiment is an identification method performed between the user terminal 100 and the server 200 through a network. As shown in fig. 5, the identity recognition method of the present embodiment may include the following steps:
step S51: the user terminal sends an operation request to the server, wherein the operation request comprises an identity label generated by utilizing the characteristics of the browser;
the operation request may include, but is not limited to, a web page access request, an account login request, and the like.
Browser features may include, but are not limited to, attributes of the browser itself and/or the operating environment of the browser, among other things.
Preferably, the browser features include data of at least two dimensions, namely, the property of the browser and the running environment of the browser, so as to improve the accuracy of the identity identification.
Specifically, the attributes of the browser itself may include, but are not limited to, the kernel of the browser, the version of the browser, the plug-in of the browser, the language used by the browser, whether tracing is possible (navigator. The operating environment of the browser may include, but is not limited to, the operating system used by the user terminal, the type of central processor, screen resolution, screen orientation, screen palette matching depth, and the like.
Step S52: the server acquires the operation data corresponding to the identity identification, determines whether the operation request is a malicious request according to the operation data, and returns an operation response corresponding to the operation request to the user terminal according to a determination result.
The operation data may include, but is not limited to, at least one of user interaction data with the page, and a running environment of the current page.
Preferably, the operation data comprises at least two dimensions of interaction data of the user and the page and data of the running environment of the current page, so that identity recognition can be carried out more accurately.
In particular, the user interaction data with the page may include, but is not limited to, at least one of mouse trajectory, mouse click action and time, keyboard tap frequency, touch or slide screen frequency.
Specifically, the running environment of the current page may include, but is not limited to, at least one of whether a plug-in is installed, a url (Uniform resource Locator) address, a refer address (also called a page source address), and an operating system version.
The identity recognition method provided by the embodiment of the invention automatically recognizes the identity by utilizing the identity generated by the characteristics of the browser and according to the operation data corresponding to the operation identifier, has high safety, does not need manual operation, and has good user experience.
Fourth embodiment
Fig. 6 is a structural diagram of an identification device according to a fourth embodiment of the present invention. As shown in fig. 6, the identification apparatus 60 according to the embodiment of the present invention includes a receiving module 601, an obtaining module 602, a determining module 603, and a responding module 604.
The receiving module 601 is configured to receive an operation request sent by a user terminal, where the operation request includes an identity generated by using a browser feature.
The operation request may include, but is not limited to, a web page access request, an account login request, and the like.
Browser features may include, but are not limited to, attributes of the browser itself and/or the operating environment of the browser, among other things.
Preferably, the browser features include data of at least two dimensions, namely, the property of the browser and the running environment of the browser, so as to improve the accuracy of the identity identification.
Specifically, the attributes of the browser itself may include, but are not limited to, the kernel of the browser, the version of the browser, the plug-in of the browser, the language used by the browser, whether tracing is possible (navigator. The operating environment of the browser may include, but is not limited to, the operating system used by the user terminal, the type of central processor, screen resolution, screen orientation, screen palette matching depth, and the like.
The obtaining module 602 is configured to obtain operation data corresponding to the identity.
The operation data may include, but is not limited to, at least one of user interaction data with the page, and a running environment of the current page.
Preferably, the operation data comprises at least two dimensions of interaction data of the user and the page and data of the running environment of the current page, so that identity recognition can be carried out more accurately.
In particular, the user interaction data with the page may include, but is not limited to, at least one of mouse trajectory, mouse click action and time, keyboard tap frequency, touch or slide screen frequency.
Specifically, the running environment of the current page may include, but is not limited to, at least one of whether a plug-in is installed, a url (Uniform resource Locator) address, a refer address (also called a page source address), and an operating system version.
The judging module 603 is configured to determine whether the operation request is a malicious request according to the operation data.
Specifically, the determination module 603 includes an operation request level confirmation unit, a user level confirmation unit, and a determination unit. The operation request grade confirmation unit is used for confirming the grade of the operation request according to the type of the operation request; the user grade confirming unit is used for confirming the grade of the user according to the operation data; the judging unit is used for determining that the operation request is a malicious request when the level of the user is lower than that of the operation request, and determining that the operation request is a non-malicious request when the level of the user is not lower than that of the operation request.
The response module 604 is configured to return an operation response corresponding to the operation request to the user terminal according to the determination result.
The identity recognition device provided by the embodiment of the invention automatically recognizes the identity by utilizing the identity generated by the characteristics of the browser and according to the operation data corresponding to the operation identifier, has high safety, does not need manual operation, and has good user experience.
Fifth embodiment
Fig. 7 is a block diagram of an identification system 70 according to a fifth embodiment of the present invention. As shown in fig. 7, the identification system 70 includes a user terminal 700 and a server 701.
The user terminal 700 is configured to send an operation request to the server 701, where the operation request includes an identity generated by using a browser feature. The server 701 is configured to receive the operation request, obtain operation data corresponding to the identity, determine whether the operation request is a malicious request according to the operation data, and return an operation response corresponding to the operation request to the user terminal 700 according to a determination result.
The operation request may include, but is not limited to, a web page access request, an account login request, and the like.
Browser features may include, but are not limited to, attributes of the browser itself and/or the operating environment of the browser, among other things.
Preferably, the browser features include data of at least two dimensions, namely, the property of the browser and the running environment of the browser, so as to improve the accuracy of the identity identification.
Specifically, the attributes of the browser itself may include, but are not limited to, the kernel of the browser, the version of the browser, the plug-in of the browser, the language used by the browser, whether tracing is possible (navigator. The operating environment of the browser may include, but is not limited to, the operating system used by the user terminal, the type of central processor, screen resolution, screen orientation, screen palette matching depth, and the like.
The operation data may include, but is not limited to, at least one of user interaction data with the page, and a running environment of the current page.
Preferably, the operation data comprises at least two dimensions of interaction data of the user and the page and data of the running environment of the current page, so that identity recognition can be carried out more accurately.
In particular, the user interaction data with the page may include, but is not limited to, at least one of mouse trajectory, mouse click action and time, keyboard tap frequency, touch or slide screen frequency.
Specifically, the running environment of the current page may include, but is not limited to, at least one of whether a plug-in is installed, a URL (Uniform resource Locator) address, a Referer address (also called a page source address), and an operating system version.
The server 701 may include, but is not limited to, an authentication server 711 and a response server 721. The specific structure of the authentication server 711 and the response server 721 can refer to the server shown in fig. 2, and will not be described herein again.
The response server 721 receives the operation request and sends the identity to the authentication server 711.
The authentication server 711 obtains the operation data corresponding to the identity, and after determining whether the operation request is a malicious request according to the operation data, returns a determination result to the response server 721, so that the response server 721 returns an operation response corresponding to the operation request to the user terminal 700 according to the determination result.
Specifically, the authentication server 711 determines the level of the operation request according to the type of the operation request, determines the level of the user according to the operation data corresponding to the identity, determines that the operation request is a malicious request when the level of the user is lower than the level of the operation request, and determines that the operation request is a non-malicious request when the level of the user is not lower than the level of the operation request.
Specifically, the response server 721 receives the confirmation result returned by the authentication server 711, and returns corresponding request data to the user terminal 700 when the operation request is a non-malicious request, so as to respond to the operation request; and refusing the operation request when the operation request is a malicious request.
The identity recognition system provided by the embodiment of the invention automatically recognizes the identity by utilizing the identity generated by the browser characteristics and according to the operation data corresponding to the operation identifier, has high safety, does not need manual operation, and has good user experience.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
It will be understood by those skilled in the art that all or part of the steps of implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Although the present invention has been described with reference to the preferred embodiments, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (8)
1. An identity recognition method, comprising:
receiving an operation request sent by a user terminal, wherein the operation request comprises an identity mark generated by utilizing the characteristics of a browser;
the browser characteristics comprise two dimensions of data of browser attributes and running environments of the browsers;
wherein the browser attributes include: the method comprises the following steps of (1) setting a kernel of the browser, a version of the browser, a plug-in of the browser and a language used by the browser; the running environment of the browser comprises: the operating system, the type of the central processing unit, the screen resolution, the screen direction and the screen palette matching depth used by the user terminal;
acquiring operation data corresponding to the identity;
the operation data comprises interaction data of a user and a page and data of two dimensions of an operation environment of the current page;
the interactive data comprises at least one of mouse track, keyboard knocking frequency, mouse clicking action and time, and screen touching or sliding frequency; the running environment of the current page comprises at least one of whether a plug-in is installed or not, a Uniform Resource Locator (URL) address, a page source address Referer address and an operating system version;
confirming the grade of the user according to the operation data;
wherein the user's rank includes: primary, secondary and tertiary;
wherein the first stage comprises: the mouse track does not comprise a submit button, the keyboard knocking frequency is smaller than a threshold value within a preset time, and a plug-in is not installed; the second stage comprises: the mouse track does not comprise any one or two of a submit button, the keyboard knocking frequency is smaller than the threshold value within preset time, and a plug-in is not installed; the three stages include: the mouse track comprises a submit button, the keyboard knocking frequency is not less than the threshold value within a preset time, and a plug-in is installed;
confirming the grade of the operation request according to the type of the operation request;
wherein the factors confirming the level of the operation request include: at least one of a login request, a payment request, an account deletion, account information change, a sending request and a labeling request;
determining that the operation request is a malicious request when the level of the user is lower than the level of the operation request,
when the level of the user is not lower than the level of the operation request, determining that the operation request is a non-malicious request;
and returning an operation response corresponding to the operation request to the user terminal according to the determination result.
2. The identity recognition method of claim 1, wherein the step of returning the operation response corresponding to the operation request to the user terminal according to the determination result comprises:
if the operation request is a non-malicious request, returning corresponding request data to respond to the operation request;
and if the operation request is a malicious request, rejecting the operation request.
3. An identity recognition method, wherein the identity recognition method is applied between a user terminal and a server, the method comprising:
the user terminal sends an operation request to the server, wherein the operation request comprises an identity mark generated by utilizing browser characteristics;
the browser characteristics comprise two dimensions of data of browser attributes and running environments of the browsers;
wherein the browser attributes include: the method comprises the following steps of (1) setting a kernel of the browser, a version of the browser, a plug-in of the browser and a language used by the browser; the running environment of the browser comprises: the operating system, the type of the central processing unit, the screen resolution, the screen direction and the screen palette matching depth used by the user terminal;
the server acquires operation data corresponding to the identity;
the operation data comprises interaction data of a user and a page and data of two dimensions of an operation environment of the current page;
the interactive data comprises at least one of mouse track, keyboard knocking frequency, mouse clicking action and time, and screen touching or sliding frequency; the running environment of the current page comprises at least one of whether a plug-in is installed or not, a Uniform Resource Locator (URL) address, a page source address Referer address and an operating system version;
confirming the grade of the user according to the operation data;
wherein the user's rank includes: primary, secondary and tertiary;
wherein the first stage comprises: the mouse track does not comprise a submission button, the keyboard knocking frequency is smaller than a threshold value within a preset time, and a plug-in is not installed; the second stage comprises: the mouse track does not comprise any one or two of a submit button, the keyboard knocking frequency is smaller than the threshold value within preset time, and a plug-in is not installed; the three stages include: the mouse track comprises a submit button, the keyboard knocking frequency is not less than the threshold value within a preset time, and a plug-in is installed;
confirming the grade of the operation request according to the type of the operation request;
wherein the factors confirming the level of the operation request include: at least one of a login request, a payment request, an account deletion, account information change, a sending request and a labeling request;
determining that the operation request is a malicious request when the level of the user is lower than the level of the operation request,
when the level of the user is not lower than the level of the operation request, determining that the operation request is a non-malicious request;
and returning an operation response corresponding to the operation request to the user terminal according to the determination result.
4. The identity recognition method of claim 3, wherein the step of returning the operation response corresponding to the operation request to the user terminal according to the determination result comprises:
if the operation request is a non-malicious request, corresponding request data is returned to the user terminal so as to respond to the operation request;
and if the operation request is a malicious request, rejecting the operation request.
5. An identity recognition device is applied to a server and is characterized by comprising a receiving module, an obtaining module, a judging module and a response module;
the receiving module is used for receiving an operation request sent by a user terminal, wherein the operation request comprises an identity generated by utilizing browser characteristics;
the browser characteristics comprise two dimensions of data of browser attributes and running environments of the browsers;
wherein the browser attributes include: the method comprises the following steps of (1) setting a kernel of the browser, a version of the browser, a plug-in of the browser and a language used by the browser; the running environment of the browser comprises: the operating system, the type of the central processing unit, the screen resolution, the screen direction and the screen palette matching depth used by the user terminal;
the acquisition module is used for acquiring the operation data corresponding to the identity;
the operation data comprises interaction data of a user and a page and data of two dimensions of an operation environment of the current page;
the interactive data comprises at least one of mouse track, keyboard knocking frequency, mouse clicking action and time, and screen touching or sliding frequency; the running environment of the current page comprises at least one of whether a plug-in is installed or not, a Uniform Resource Locator (URL) address, a page source address Referer address and an operating system version;
the judging module is used for confirming the grade of the user according to the operation data;
wherein the user's rank includes: primary, secondary and tertiary;
wherein the first stage comprises: the mouse track does not comprise a submission button, the keyboard knocking frequency is smaller than a threshold value within a preset time, and a plug-in is not installed; the second stage comprises: the mouse track does not comprise any one or two of a submit button, the keyboard knocking frequency is smaller than the threshold value within preset time, and a plug-in is not installed; the three stages include: the mouse track comprises a submit button, the keyboard knocking frequency is not less than the threshold value within a preset time, and a plug-in is installed;
the judging module is also used for confirming the grade of the operation request according to the type of the operation request;
wherein the factors confirming the level of the operation request include: at least one of a login request, a payment request, an account deletion, account information change, a sending request and a labeling request;
determining that the operation request is a malicious request when the level of the user is lower than the level of the operation request,
when the level of the user is not lower than the level of the operation request, determining that the operation request is a non-malicious request;
and the response module is used for returning an operation response corresponding to the operation request to the user terminal according to the determination result.
6. An identity recognition system is characterized by comprising a user terminal and a server;
the user terminal is used for sending an operation request to the server, wherein the operation request comprises an identity mark generated by utilizing browser characteristics;
the browser characteristics comprise two dimensions of data of browser attributes and running environments of the browsers;
wherein the browser attributes include: the method comprises the following steps of (1) setting a kernel of the browser, a version of the browser, a plug-in of the browser and a language used by the browser; the running environment of the browser comprises: the operating system, the type of the central processing unit, the screen resolution, the screen direction and the screen palette matching depth used by the user terminal;
the server is used for receiving the operation request and acquiring operation data corresponding to the identity;
the operation data comprises interaction data of a user and a page and data of two dimensions of an operation environment of the current page;
the interactive data comprises at least one of mouse track, keyboard knocking frequency, mouse clicking action and time, and screen touching or sliding frequency; the running environment of the current page comprises at least one of whether a plug-in is installed or not, a Uniform Resource Locator (URL) address, a page source address Referer address and an operating system version;
confirming the grade of the user according to the operation data;
wherein the user's rank includes: primary, secondary and tertiary;
wherein the first stage comprises: the mouse track does not comprise a submission button, the keyboard knocking frequency is smaller than a threshold value within a preset time, and a plug-in is not installed; the second stage comprises: the mouse track does not comprise any one or two of a submit button, the keyboard knocking frequency is smaller than the threshold value within preset time, and a plug-in is not installed; the three stages include: the mouse track comprises a submit button, the keyboard knocking frequency is not less than the threshold value within a preset time, and a plug-in is installed;
confirming the grade of the operation request according to the type of the operation request;
wherein the factors confirming the level of the operation request include: at least one of a login request, a payment request, an account deletion, account information change, a sending request and a labeling request;
determining that the operation request is a malicious request when the level of the user is lower than the level of the operation request,
when the level of the user is not lower than the level of the operation request, determining that the operation request is a non-malicious request;
and returning an operation response corresponding to the operation request to the user terminal according to the determination result.
7. The identification system of claim 6, wherein the server comprises an authentication server and a response server; wherein the content of the first and second substances,
the response server is used for: receiving the operation request and sending the identity identification to the authentication server;
the authentication server is used for:
acquiring operation data corresponding to the identity;
confirming the grade of the user according to the operation data;
confirming the grade of the operation request according to the type of the operation request;
when the level of the user is lower than that of the operation request, determining that the operation request is a malicious request;
when the level of the user is not lower than the level of the operation request, determining that the operation request is a non-malicious request, and returning a determination result to the response server, so that the response server returns an operation response corresponding to the operation request to the user terminal according to the determination result;
the response server is used for: receiving a confirmation result returned by the authentication server, and returning corresponding request data to the user terminal when the operation request is a non-malicious request so as to respond to the operation request; and refusing the operation request when the operation request is a malicious request.
8. A computer-readable storage medium having executable instructions stored thereon; the executable instructions, when executed by a processor, are capable of implementing the identification method of any one of claims 1 to 2, or the identification method of any one of claims 3 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610859898.7A CN107872439B (en) | 2016-09-28 | 2016-09-28 | Identity recognition method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610859898.7A CN107872439B (en) | 2016-09-28 | 2016-09-28 | Identity recognition method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107872439A CN107872439A (en) | 2018-04-03 |
| CN107872439B true CN107872439B (en) | 2021-02-05 |
Family
ID=61761078
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610859898.7A Active CN107872439B (en) | 2016-09-28 | 2016-09-28 | Identity recognition method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107872439B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571873A (en) * | 2010-12-31 | 2012-07-11 | 上海可鲁系统软件有限公司 | Bidirectional security audit method and device in distributed system |
| CN103763124A (en) * | 2013-12-26 | 2014-04-30 | 孙伟力 | Internet user behavior analyzing and early-warning system and method |
| CN103763355A (en) * | 2014-01-07 | 2014-04-30 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN103902885A (en) * | 2014-03-04 | 2014-07-02 | 重庆邮电大学 | Virtual machine security isolation system and method oriented to multi-security-level virtual desktop system |
| CN105897776A (en) * | 2016-06-27 | 2016-08-24 | 浪潮(北京)电子信息产业有限公司 | Safety management and control method based on cloud computation system and safety management and control system based on cloud computation system |
| CN105930726A (en) * | 2016-04-20 | 2016-09-07 | 广东欧珀移动通信有限公司 | Processing method for malicious operation behavior and user terminal |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101179560B (en) * | 2006-11-28 | 2010-12-15 | 腾讯科技(深圳)有限公司 | Method and device for detecting age of user |
| CN102737019B (en) * | 2011-03-31 | 2016-08-24 | 阿里巴巴集团控股有限公司 | Machine behavior determines method, web browser and web page server |
| CN102938037B (en) * | 2012-11-26 | 2016-06-29 | 北京奇虎科技有限公司 | A kind of plug-in unit call method for browser and plugin manager |
| WO2015042547A1 (en) * | 2013-09-20 | 2015-03-26 | Oracle International Corporation | Web-based interface integration for single sign-on |
-
2016
- 2016-09-28 CN CN201610859898.7A patent/CN107872439B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571873A (en) * | 2010-12-31 | 2012-07-11 | 上海可鲁系统软件有限公司 | Bidirectional security audit method and device in distributed system |
| CN103763124A (en) * | 2013-12-26 | 2014-04-30 | 孙伟力 | Internet user behavior analyzing and early-warning system and method |
| CN103763355A (en) * | 2014-01-07 | 2014-04-30 | 天地融科技股份有限公司 | Cloud data uploading and access control method |
| CN103902885A (en) * | 2014-03-04 | 2014-07-02 | 重庆邮电大学 | Virtual machine security isolation system and method oriented to multi-security-level virtual desktop system |
| CN105930726A (en) * | 2016-04-20 | 2016-09-07 | 广东欧珀移动通信有限公司 | Processing method for malicious operation behavior and user terminal |
| CN105897776A (en) * | 2016-06-27 | 2016-08-24 | 浪潮(北京)电子信息产业有限公司 | Safety management and control method based on cloud computation system and safety management and control system based on cloud computation system |
Non-Patent Citations (2)
| Title |
|---|
| 《基于浏览器的用户身份识别系统》;徐晏等;《计算机技术与发展》;20130422;第23卷(第8期);正文79-83页,图1 * |
| 《浏览器的安全访问及指纹识别技术》;张梦媛;《中国优秀硕士学位论文全文数据库 信息科技辑》;20120715;第2012卷(第7期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107872439A (en) | 2018-04-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11294983B2 (en) | Inferred user identity in content distribution | |
| CN105530175B (en) | Message processing method, device and system | |
| CN110537180B (en) | System and method for tagging elements in internet content within a direct browser | |
| US10313364B2 (en) | Adaptive client-aware session security | |
| KR102151331B1 (en) | Electronic payment service processing method and device, and electronic payment method and device | |
| US10848511B2 (en) | Method and apparatus for identifying fake traffic | |
| CN111160845A (en) | Service processing method and device | |
| CN110875933B (en) | Information matching confirmation method and device | |
| CN110516173B (en) | Illegal network station identification method, illegal network station identification device, illegal network station identification equipment and illegal network station identification medium | |
| CN103428309A (en) | Jump processing method for two-dimensional bar codes | |
| EP3304402A1 (en) | Security vulnerability detection | |
| US11855976B2 (en) | Utilizing behavioral features to authenticate a user entering login credentials | |
| CN102739776A (en) | Method, device and system for revealing information | |
| CN110677506A (en) | Network access method, device, computer equipment and storage medium | |
| CN107357562B (en) | Information filling method, device and client | |
| EP3804221B1 (en) | Improving data integrity with trusted code attestation tokens | |
| CN104811304B (en) | Identity verification method and device | |
| CN107872439B (en) | Identity recognition method, device and system | |
| CN105426363A (en) | Method and device for determining sharing conversion information | |
| CN108156071B (en) | Method for adding members to community, terminal device and computer readable storage medium | |
| CN102984282A (en) | Method and device of intelligent terminal for acquiring media data of cloud storage file | |
| US10742639B1 (en) | System and method for improving login and registration efficiency to network-accessed data | |
| US20200036749A1 (en) | Web browser incorporating social and community features | |
| CN103559195A (en) | Searching method and terminal | |
| CN109543398B (en) | Application program account migration method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |