CN108183914A - A kind of method for preventing malice swipe short message verification code from sending service - Google Patents

A kind of method for preventing malice swipe short message verification code from sending service Download PDF

Info

Publication number
CN108183914A
CN108183914A CN201810023164.4A CN201810023164A CN108183914A CN 108183914 A CN108183914 A CN 108183914A CN 201810023164 A CN201810023164 A CN 201810023164A CN 108183914 A CN108183914 A CN 108183914A
Authority
CN
China
Prior art keywords
address
short message
phone number
threshold value
message verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810023164.4A
Other languages
Chinese (zh)
Inventor
孙鹏
邬柏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur General Software Co Ltd
Original Assignee
Inspur General Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur General Software Co Ltd filed Critical Inspur General Software Co Ltd
Priority to CN201810023164.4A priority Critical patent/CN108183914A/en
Publication of CN108183914A publication Critical patent/CN108183914A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention discloses a kind of method for preventing malice swipe short message verification code from sending service, is related to message protection technical field;The present invention obtains phone number and IP address, whether judges phone number transmission frequency beyond threshold value, then the phone number cannot retransmit beyond threshold value;And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge that IP address whether there is in blacklist, it does not exist in and safety verification is then judged whether in blacklist, it is to carry out safety verification, it is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, it is to notify to carry out early warning, otherwise the IP address sends short message verification code number and is not up to threshold value, it can continue to send short message verification code, the IP address be forbidden to send until reaching threshold value;The present invention prevents the malice swipe of mobile phone note verification code, and ease for use, interactivity when will not reduce normal use system function.

Description

A kind of method for preventing malice swipe short message verification code from sending service
Technical field
The present invention discloses a kind of method for preventing malice from sending service, is related to message protection technical field, specifically A kind of method for preventing malice swipe short message verification code from sending service.
Background technology
With scientific and technological progress, Internet technology continue to develop, the Internet, applications are more and more, many Internet, applications also by It is widely known and be widely used.Meanwhile cell-phone number, as everyone mark, most of Internet application system can be bound User mobile phone number and using cell-phone number as user name.In this way, the authenticity of verification cell-phone number just becomes indispensable one Step, and verify that cell-phone number authenticity has become current main trend by sending short message verification code.And send short-message verification For code verification cell-phone number with being widely known, some problems are also following, for example, malice swipe short message verification code, especially Register interface, all users may not need permission swipe short message verification code, if unlimited swipe, not only consumption is gone back using resource The normal use of other users can be influenced, influences user experience when normal users use system.
And the present invention provides a kind of method for preventing malice swipe short message verification code from sending service, identifies malice brush code, prevents The only malice swipe of mobile phone note verification code, and ease for use, interactivity when will not reduce normal use system function.
Invention content
For the present invention for the demand and shortcoming of the development of current technology, providing one kind prevents malice swipe short message verification code The method for sending service.
A kind of method for preventing malice swipe short message verification code from sending service:When phone number sends short message verification code, obtain Phone number and IP address are obtained, whether judges phone number transmission frequency beyond threshold value, then the phone number cannot beyond threshold value It retransmits, otherwise returns to prompting;
And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge IP Address whether there is in blacklist, does not exist in and safety verification is then judged whether in blacklist, be, carry out safety verification, It is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, be to notify Early warning is carried out, otherwise the IP address sends short message verification code number and is not up to threshold value, can continue to send short message verification code, until reaching The IP address is forbidden to retransmit to threshold value.
Phone number and IP address are obtained in the method, judge phone number form whether correct, number section whether In the presence of and IP address format it is whether correct, be whether to judge phone number transmission frequency beyond threshold value, otherwise phone number Send short message verification code failure.
Judge whether phone number and IP address transmission times reach tactful setting value in the method, if phone number And IP address transmission times reaches setting value, carries out safety verification, safety verification success then judges that IP address whether there is in black Otherwise list continues to verify, until exiting.
Judge whether phone number and IP address transmission times reach tactful setting value, specific steps in the method For:
S1:It obtains phone number and IP address sends short message verification code number, and judge whether transmission times reaches tactful setting Value,
S2:If phone number and IP address are not up to setting value, step S5 is carried out, otherwise carrying out safety using check code tests It demonstrate,proves and carries out step S3,
S3:Refresh check code,
S4:Check code is re-entered, if check code is correct, carries out step S5;Otherwise step S3 is carried out,
S5:Judge that IP address whether there is in blacklist, continue follow-up process.
The IP address in blacklist is not existed in the method, and need carry out safety verification, then using check code into Row safety verification, the specific steps are:
S1:Generate check code,
S2:It verifies checking procedure, judges whether to pass through, by carrying out step S5, otherwise carry out step S3,
S3:New check code is generated, and refreshes check code,
S4:Whether result is re-entered in judgement correct, and step S5 is carried out if correct, otherwise carries out step S3,
S5:It is proved to be successful, judges that the IP address sends whether short message verification code number reaches threshold value, be to notify to carry out early warning, Otherwise the IP address sends short message verification code number and is not up to threshold value, can continue to send short message verification code, until reaching threshold value not It can retransmit.
Check code is picture check code or sliding block check code in the method, wherein to being needed in picture check code really Fixed letter or number addition disturbing factor.
Judge that IP address sends whether short message verification code number reaches threshold value in the method, be to notify to carry out in advance Alert, whether simultaneous selection by the IP address adds in blacklist, the specific steps are:
S1:Judge IP address send short message verification code number whether reach threshold value, step S2 is carried out if threshold value is reached, otherwise into Row step S3,
S2:It sends a notification message to operation maintenance personnel, message is included comprising the transmission phone number of short message verification code and IP address, hair Number is sent, operation maintenance personnel chooses whether to add in this IP address in blacklist;
S3:Continue to judge whether this IP address transmission times reaches threshold value, if reaching the same day cannot retransmit short-message verification Otherwise code carries out step S4;
S4:It sends short message verification code and records and send information to database, transmission terminates.
Tactful setting value refers to that the limit value of preset phone number transmission times or IP address are sent in the method The limit value of number.
Transmission frequency includes frequency per minute, per hour frequency, daily frequency in the method.
A kind of system for preventing malice swipe short message verification code from sending service, including server end and client, client Phone number when sending short message verification code, server end obtains phone number and IP address, judges phone number transmission frequency Whether beyond threshold value, beyond threshold value, then the phone number cannot retransmit, and otherwise return to prompting;
And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge IP Address whether there is in blacklist, does not exist in and safety verification is then judged whether in blacklist, be, carry out safety verification, It is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, be to notify Early warning is carried out, otherwise the IP address of client sends short message verification code number and is not up to threshold value, can continue to send short-message verification Code forbids the IP address to retransmit until reaching threshold service device end.
The present invention has an advantageous effect in that compared with prior art:
The present invention provides a kind of method for preventing malice swipe short message verification code from sending service, and phone number sends short message verification code When, phone number and IP address are obtained, whether judges phone number transmission frequency beyond threshold value, beyond the threshold value then phone number It cannot retransmit, otherwise return to prompting;And judge that phone number and IP address send whether short message verification code number reaches strategy Setting value not up to then judges that IP address whether there is in blacklist, does not exist in and safety is then judged whether in blacklist Verification, is to carry out safety verification, is proved to be successful and judges that the IP address sends short message verification code time without safety verification Whether number reaches threshold value, is to notify to carry out early warning, otherwise the IP address sends short message verification code number and is not up to threshold value, can be after Supervention send short message verification code, the IP address is forbidden to retransmit until reaching threshold value;The present invention is in transmission process to phone number And the transmission of IP address is judged and is limited, and identifies malice brush code, prevents the malice swipe of mobile phone note verification code, and not Ease for use, interactivity when can reduce normal use system function.
Description of the drawings
Fig. 1 the method for the present invention flow diagrams;
Judge whether phone number transmission frequency exceeds the process schematic of threshold value in Fig. 2 the method for the present invention;
Judge that phone number and IP address send whether short message verification code number reaches tactful setting value in Fig. 3 the method for the present invention Process schematic;
Check code verification process flow diagram in Fig. 4 the method for the present invention;
Early warning and blacklist mechanism flow chart are carried out in Fig. 5 the method for the present invention.
Specific embodiment
The present invention provides a kind of method for preventing malice swipe short message verification code from sending service:Phone number sends short message and tests When demonstrate,proving code, phone number and IP address are obtained, whether judges phone number transmission frequency beyond threshold value, beyond the threshold value then mobile phone Number cannot retransmit, and otherwise return to prompting;
And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge IP Address whether there is in blacklist, does not exist in and safety verification is then judged whether in blacklist, be, carry out safety verification, It is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, be to notify Early warning is carried out, otherwise the IP address sends short message verification code number and is not up to threshold value, can continue to send short message verification code, until reaching The IP address is forbidden to retransmit to threshold value.
It provides simultaneously and a kind of corresponding system for preventing malice swipe short message verification code from sending service of the above method, packet Server end and client are included, when the phone number of client sends short message verification code, server end obtains phone number and IP Whether address judges phone number transmission frequency beyond threshold value, and beyond threshold value, then the phone number cannot retransmit, and otherwise return Prompting;
And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge IP Address whether there is in blacklist, does not exist in and safety verification is then judged whether in blacklist, be, carry out safety verification, It is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, be to notify Early warning is carried out, otherwise the IP address of client sends short message verification code number and is not up to threshold value, can continue to send short-message verification Code forbids the IP address to retransmit until reaching threshold service device end.
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with specific embodiment, to this hair Bright further description.
Utilize the method for the present invention and system:
Step 1:The phone number and IP address for sending short message verification code are obtained in server end, judges the transmission frequency of phone number Whether rate exceeds threshold value, and beyond threshold value, then the phone number cannot retransmit, and otherwise returns to prompting and represents without departing from threshold value, Middle transmission frequency includes frequency, per hour frequency, daily frequency per minute, and the number of corresponding transmission per minute is sent out per hour The number sent, the number sent daily set different threshold values, i.e., frequency threshold per minute, per small according to practical O&M situation When frequency threshold, daily frequency threshold can specifically set phone number to send frequency according to practical O&M situation in server end Rate cannot specifically exceed which threshold value or which threshold value;
Step 2:Judge that phone number and IP address send whether short message verification code number reaches tactful setting value:Wherein strategy is set Definite value refers to the limit value of preset phone number transmission times or the limit value of IP address transmission times, meets this limit value, Then phone number and IP address enter safety verification, for example, tactful setting value be phone number transmission times more than 1 time or IP Location transmission times is more than 3 times, and phone number and IP address will carry out first of safety verification, and verification enters correctly into step 3, verifies Mistake is until exit, if phone number and IP address are not up to tactful setting value and are directly entered step 3;
Step 3:Judge that IP address whether there is in blacklist, do not exist in blacklist, enter step 4, be present in black name Dan Zhong is returned and is sent failure news to client;
Step 4:Safety verification is carried out, safety verification may be selected the mode using check code, be proved to be successful and without testing safely Card judges that the IP address sends whether short message verification code number reaches threshold value, and threshold value can be set according to O&M actual conditions It puts,
Reaching threshold value then notifies operation maintenance personnel to carry out early warning, can if the IP address sends short message verification code number and is not up to threshold value Continue to send short message verification code, the IP address is forbidden to retransmit until reaching threshold value.
The frequency for sending mobile phone note verification code is limited using the invention described above method, the flow sent is improved, according to one Fixed strategy setting value, to meeting the cell-phone number and IP address of strategy value, carries out check code verification, while set the ring of safety verification Section and addition early warning and blacklist mechanism, can set several threshold values, when each IP reaches threshold value every time, send message informing fortune Dimension personnel to cope in time;Max-thresholds can be set simultaneously, daily maximum is set to each cell-phone number and each IP address Transmission times cannot use sending function, can effectively prevent the swipe of mobile phone note verification code, and will not after being more than Ease for use, interactivity during reduction normal use system function.
On the basis of the invention described above implementation, can in step 1, after server end obtains phone number and IP address, Addition judges the step that whether form of phone number is correct, number section whether there is and whether IP address format is correct, if just Really, then judge phone number transmission frequency whether beyond threshold value, otherwise phone number transmission short message verification code failure, server end Data can be obtained from database and calculate this cell-phone number transmission frequency and transmission times as record.For example analog subscriber is in client The cell-phone number form (length is less than 11) or one number section being not present of input of input error(100 number sections), also or mould Intend a false IP address(1.1.1.256), send button is clicked, server end returns to error message prompting, need to re-enter Phone number again taps on send button.In this way, input can be prevented, arbitrarily there is no cell-phone number or the false IP address malice of simulation Consume short message resource, it is possible to reduce certain loss.
Meanwhile if phone number frequently clicks acquisition short message verification code, server end is according to the number got from database According to the transmission frequency and transmission times for calculating cell-phone number, transmission frequency is more than setting, then returns to error message prompting, each mobile phone The button push services device end of transmission is clicked after number sending successfully can set into countdown state and forbid clicking, in this way, can keep away Exempt from same cell-phone number and frequently click transmission short message verification code consumption short message resource.
On the basis of the invention described above implementation, wherein judge whether are phone number and IP address transmission times in step 2 Reach tactful setting value, the specific steps are:
Step 201:Server end obtains phone number and the transmission short message verification code number on the IP address same day from database, and Judge whether transmission times reaches tactful setting value,
Step 202:If phone number and IP address are not up to setting value, step 205 is carried out, is otherwise carried out using check code Safety verification simultaneously carries out step 203,
Step 203:Refresh check code,
Step 204:Check code is re-entered, if check code is correct, carries out step 205;Otherwise step 203 is carried out,
Step 205:Judge that IP address whether there is in blacklist, continue follow-up process.
If user uses the not up to tactful setting value of the transmission times of cell-phone number and its client ip address, should User may not necessarily carry out safety verification and directly transmit short-message verification, if user uses cell-phone number and its client ip address to appoint One when reaching tactful setting value, needs to carry out above-mentioned steps 201-205, carries out first of safety verification.Wherein server end is given birth to Into check code, and refresh client check code;It can continue to send short message verification code if user inputs correct check code;It is no Then server end can generate new check code, and refresh client check code, and user needs to re-enter new check code.
When carrying out step 4, it is also desirable to carry out safety verification, verified also with check code, then the specific steps are:
Step 401:Server end generates check code,
Step 402:It verifies checking procedure, whether judges phone number and IP address by verification, it is no by carrying out step 405 Step 403 is then carried out,
Step 403:Server end generates new check code, and refreshes client check code,
Step 404:Whether result is re-entered in server end judgement correct, is carried out step 405 if correct, is otherwise carried out step 403,
Step 405:It is proved to be successful, server end judges that the IP address sends whether short message verification code number reaches threshold value, is then Early warning is carried out using mail and instant communication software notice operation maintenance personnel, otherwise the IP address sends short message verification code number not Reach threshold value, can continue to send short message verification code, until reaching threshold value cannot retransmit.
On the basis of the above-mentioned present invention referred to is implemented, wherein picture check code or sliding block verification can be used in check code Code, wherein can in picture check code it needs to be determined that letter or number add disturbing factor,
Such as in safety verification, checking procedure is specifically as follows:
Identifying code pop-up is slided in pop-up, and server, which generates, slides identifying code, client refreshes identifying code,
The last position coordinates of track, biological characteristic that server end verification user slides etc. and sliding block, if passing through progress Then enter follow-up process, otherwise server end generates new picture validation code, client refreshes identifying code;
Server end judge user whether re-enter result correct, follow-up process is entered if correct, otherwise repeats to refresh Check code.
Server generates new picture validation code, some disturbing factors, wherein picture school can be carried in the picture of generation Test code can add in a small amount of noise and interfere noise and number, letter separation property it is relatively good, by image binaryzation, corrosion and The methods of expansion, opening operation and closed operation can reduce interfering noise and isolate well compares clearly digital alphabet;
Or in addition to adding some noises on picture, addition number of colors is close on letter and number and passes through letter and number Line, and letter and number is distorted, it is possible to it is effectively to prevent machine recognition picture validation code,
And slide identifying code, the position coordinates in addition to judging certain sliding block, then by user drag sliding block mouse track and The biological characteristic gone out by trajectory extraction(Such as sliding speed, slip acceleration etc.)It is verified, you can distinguish people well Machine;
Therefore combination pop-up slip identifying code first neither influences the ease for use of system and interactivity can also distinguish people well Machine;If by sliding verification detects to may be unartificial operation, user can be allowed to input picture validation code, into without influencing The normal use of user.Therefore, ease for use, interactivity when the present invention will not both reduce user's normal use system function, It can effectively prevent through script or act on behalf of malicious attack system, the situation of swipe short message verification code waste corporate resource.
In the slip check code that the example above illustrates, need to record the x coordinate x of the position of sliding block missings(xs>=0)It is sat with y Mark ys(ys>=0), client refreshes slip identifying code, the x coordinate for the rearmost position that user slides into sliding block is xeWith y-coordinate ye, Assuming that the coefficient of deviation of x coordinate is λ x(0<=λx<=1), the coefficient of deviation of y-coordinate is λ y(0<=λy<=1), allow the mistake deviateed Difference ranging from γ, then need coincidence formula
λx*|xs-xe|+λy*|ys-ye|<=γ
Slide position verification can be verified;Except this, identifying code verification is slided also based on sliding trace and biological characteristic, user Sliding trace and biological characteristic parameter can be transmitted to server end in the form of an array array [], server end to this into Row verification, such as
array[i] =(xi,yi,Ti
Wherein, array [i] represents the array value of first collection point, xiIt represents in i-th of collection point x coordinate, yiIt represents the I collection point y-coordinate, Ti represent the time i-th of collection point(ms), it is possible thereby to extract mouse movement speed, movement adds The features such as speed, mobile offset, if appointing access section random length track, y-coordinate offset is all 0(That is straight line)Or Movement speed is equal or acceleration is constant(Uniformly accelrated rectilinear motion;It is uniform motion when perseverance is 0), then can determine that be non- Manually(Robot)Operation.
Before sending short message verification code, server end can be judged again:This time whether request needs input validation code, If desired, whether the identifying code of input is correct.If short message verification code all could be sent by verification.
Therefore, ease for use, interactivity when the present invention will not both reduce user's normal use system function, it is possibility to have effect Prevent by script or act on behalf of malicious attack system, swipe short message verification code waste corporate resource situation.
On the basis of the above-mentioned embodiment of the present invention referred to, wherein judge that IP address sends short message verification code in step 4 Whether number reaches threshold value, is, notifies to carry out early warning, and whether the IP address can be added in blacklist, tool with simultaneous selection Body step is:
Step 411:Server end judges that IP address sends whether short message verification code number reaches threshold value, carries out if threshold value is reached Step 412, step 413 is otherwise carried out,
Step 412:Server end sends a notification message to operation maintenance personnel, and message is included comprising the cell-phone number for sending short message verification code Code and IP address, transmission times, operation maintenance personnel choose whether to add in this IP address in blacklist;
Step 413:Server end continues to judge whether this IP address transmission times reaches threshold value, and the same day cannot be again if reaching Short message verification code is sent, otherwise carries out step 414;
Step 414:Server end sends short message verification code and records the information such as sending time, IP address to database, sends knot Beam.
In the above process, if client ip address is added in blacklist, short message is sent by this client ip address and is tested Code is demonstrate,proved, server end can return to error message, send failure.
And a client ip address is in blacklist, but transmission times is relatively more, and reaches some threshold value, then can lead to It crosses mail and instant communication software and sends message to operation maintenance personnel.
If an IP address reaches same day max-thresholds, error message can be returned to, and the same day cannot retransmit, send and lose It loses.
In this way, the user being present in IP blacklists can be prevented using transmission short message verification code function, and can be effective Prevent same IP address from further can timely remind operation maintenance personnel pair using script malice swipe short message verification code resource Malicious act is made a response as early as possible.
And in the embodiment of the present invention, there is optimization to judge to verify man-machine overall flow, it is short to can effectively prevent mobile phone Ease for use, interactivity when believing the malice swipe of identifying code, and will not reduce normal use system function.
It should be noted that herein, such as first and second etc relational terms are used merely to an entity Or operation is distinguished with another entity or operation, is existed without necessarily requiring or implying between these entities or operation Any actual relationship or order.Moreover, term " comprising ", "comprising" or its any other variant be intended to it is non- It is exclusive to include, so that process, method, article or equipment including a series of elements not only include those elements, But also it including other elements that are not explicitly listed or further includes solid by this process, method, article or equipment Some elements.In the absence of more restrictions, the element limited by sentence " including one ", is not arranged Except in the process, method, article or apparatus that includes the element also in the presence of other identical factor.
It will be appreciated by those skilled in the art that:Program can be passed through by realizing all or part of step of above method embodiment Relevant hardware is instructed to complete, aforementioned program can be stored in computer-readable storage medium, which is holding During row, step including the steps of the foregoing method embodiments is performed;And aforementioned storage medium includes:ROM, RAM, magnetic disc or CD etc. In the various media that can store program code.
It is last it should be noted that:The foregoing is merely presently preferred embodiments of the present invention, is merely to illustrate the skill of the present invention Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention, Equivalent replacement, improvement etc., are all contained in protection scope of the present invention.

Claims (10)

  1. A kind of 1. method for preventing malice swipe short message verification code from sending service, it is characterised in that phone number sends short-message verification During code, phone number and IP address are obtained, whether judges phone number transmission frequency beyond threshold value, beyond the threshold value then cell-phone number Code cannot retransmit, and otherwise return to prompting;
    And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge IP Address whether there is in blacklist, does not exist in and safety verification is then judged whether in blacklist, be, carry out safety verification, It is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, be to notify Early warning is carried out, otherwise the IP address sends short message verification code number and is not up to threshold value, can continue to send short message verification code, until reaching The IP address is forbidden to retransmit to threshold value.
  2. 2. according to the method described in claim 1, it is characterized in that obtain phone number and IP address, the lattice of phone number are judged Whether formula is correct, number section whether there is and whether IP address format is correct, is to judge whether phone number transmission frequency surpasses Go out threshold value, otherwise phone number sends short message verification code failure.
  3. 3. method according to claim 1 or 2, it is characterised in that judge whether phone number and IP address transmission times reach To tactful setting value, if phone number and IP address transmission times reach setting value, safety verification is carried out, safety verification success is then Judge that IP address whether there is in blacklist, otherwise continue to verify, until exiting.
  4. 4. according to the method described in claim 3, it is characterized in that judge whether phone number and IP address transmission times reach Tactful setting value, the specific steps are:
    S1:It obtains phone number and IP address sends short message verification code number, and judge whether transmission times reaches tactful setting Value,
    S2:If phone number and IP address are not up to setting value, step S5 is carried out, otherwise carrying out safety using check code tests It demonstrate,proves and carries out step S3,
    S3:Refresh check code,
    S4:Check code is re-entered, if check code is correct, carries out step S5;Otherwise step S3 is carried out,
    S5:Judge that IP address whether there is in blacklist, continue follow-up process.
  5. 5. the method according to claim 1 or 4, it is characterised in that
    The IP address in blacklist is not existed in, and needs to carry out safety verification, then carries out safety verification using check code, specifically Step is:
    S1:Generate check code,
    S2:It verifies checking procedure, judges whether to pass through, by carrying out step S5, otherwise carry out step S3,
    S3:New check code is generated, and refreshes check code,
    S4:Whether result is re-entered in judgement correct, and step S5 is carried out if correct, otherwise carries out step S3,
    S5:It is proved to be successful, judges that the IP address sends whether short message verification code number reaches threshold value, be to notify to carry out early warning, Otherwise the IP address sends short message verification code number and is not up to threshold value, can continue to send short message verification code, until reaching threshold value not It can retransmit.
  6. 6. according to the method described in claim 5, it is characterized in that check code be picture check code or sliding block check code, wherein To in picture check code it needs to be determined that letter or number add disturbing factor.
  7. 7. the method according to claim 1 or 6, it is characterised in that judge that IP address sends whether short message verification code number reaches To threshold value, be notify carry out early warning, simultaneous selection whether by the IP address add in blacklist, the specific steps are:
    S1:Judge IP address send short message verification code number whether reach threshold value, step S2 is carried out if threshold value is reached, otherwise into Row step S3,
    S2:It sends a notification message to operation maintenance personnel, message is included comprising the transmission phone number of short message verification code and IP address, hair Number is sent, operation maintenance personnel chooses whether to add in this IP address in blacklist;
    S3:Continue to judge whether this IP address transmission times reaches threshold value, if reaching the same day cannot retransmit short-message verification Otherwise code carries out step S4;
    S4:It sends short message verification code and records and send information to database, transmission terminates.
  8. 8. according to the method described in claim 7, it is characterized in that the strategy setting value refers to that preset phone number is sent The limit value of number or the limit value of IP address transmission times.
  9. 9. according to the method described in claim 8, it is characterized in that transmission frequency includes frequency per minute, per hour frequency, every Its frequency.
  10. 10. a kind of system for preventing malice swipe short message verification code from sending service, it is characterised in that including server end and client End, when the phone number of client sends short message verification code, server end obtains phone number and IP address, judges phone number Whether beyond threshold value, beyond threshold value, then the phone number cannot retransmit transmission frequency, otherwise return to prompting;
    And judge that phone number and IP address send whether short message verification code number reaches tactful setting value, not up to then judge IP Address whether there is in blacklist, does not exist in and safety verification is then judged whether in blacklist, be, carry out safety verification, It is proved to be successful and judges that the IP address sends whether short message verification code number reaches threshold value without safety verification, be to notify Early warning is carried out, otherwise the IP address of client sends short message verification code number and is not up to threshold value, can continue to send short-message verification Code forbids the IP address to retransmit until reaching threshold service device end.
CN201810023164.4A 2018-01-10 2018-01-10 A kind of method for preventing malice swipe short message verification code from sending service Pending CN108183914A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810023164.4A CN108183914A (en) 2018-01-10 2018-01-10 A kind of method for preventing malice swipe short message verification code from sending service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810023164.4A CN108183914A (en) 2018-01-10 2018-01-10 A kind of method for preventing malice swipe short message verification code from sending service

Publications (1)

Publication Number Publication Date
CN108183914A true CN108183914A (en) 2018-06-19

Family

ID=62550182

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810023164.4A Pending CN108183914A (en) 2018-01-10 2018-01-10 A kind of method for preventing malice swipe short message verification code from sending service

Country Status (1)

Country Link
CN (1) CN108183914A (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109121100A (en) * 2018-09-27 2019-01-01 沈文策 A kind of short message communication control method and device
CN109618349A (en) * 2019-01-08 2019-04-12 中国联合网络通信集团有限公司 A kind of data transmission method and server
CN110113758A (en) * 2019-05-21 2019-08-09 深圳壹账通智能科技有限公司 A kind of control method and relevant apparatus sending verifying message based on phone number
CN110362985A (en) * 2019-07-16 2019-10-22 北京天融信网络安全技术有限公司 A kind of verification method and device
CN110415124A (en) * 2019-07-31 2019-11-05 深圳市思迪信息技术股份有限公司 The anti-brush method and device of security marketing activity current limliting
CN110677338A (en) * 2019-09-16 2020-01-10 北京达佳互联信息技术有限公司 Verification information timing method and device, electronic equipment and storage medium
CN111132171A (en) * 2019-12-26 2020-05-08 深圳前海环融联易信息科技服务有限公司 Access limiting method and device based on historical short message sending amount and computer equipment
CN111417122A (en) * 2020-03-25 2020-07-14 杭州迪普科技股份有限公司 Attack prevention method and device
CN111918224A (en) * 2020-07-28 2020-11-10 广州市百果园信息技术有限公司 Short message verification method, device, equipment and storage medium
CN111935655A (en) * 2020-05-27 2020-11-13 武汉小码联城科技有限公司 Short message sending processing method, system, client, server and verification device
CN112351131A (en) * 2020-09-30 2021-02-09 北京达佳互联信息技术有限公司 Control method and device of electronic equipment, electronic equipment and storage medium
CN113141336A (en) * 2020-01-19 2021-07-20 上海静客网络科技有限公司 Short message verification code anti-brushing method
CN113438202A (en) * 2021-05-18 2021-09-24 北京达佳互联信息技术有限公司 Processing method and device for verification code request, electronic equipment and storage medium
CN114025356A (en) * 2021-11-02 2022-02-08 湖南快乐阳光互动娱乐传媒有限公司 Malicious short message verification code identification method, related device and computer storage medium
CN114302351A (en) * 2022-03-09 2022-04-08 太平金融科技服务(上海)有限公司深圳分公司 Short message service processing method and device, computer equipment and storage medium
US11695671B2 (en) * 2021-10-25 2023-07-04 Fulian Precision Electronics (Tianjin) Co., Ltd. Method of checking connection integrity of source nodes in cluster, electronic device, and computer readable storage medium applying method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104768139A (en) * 2015-02-28 2015-07-08 北京奇艺世纪科技有限公司 Method and device for sending short messages
US20160232349A1 (en) * 2015-02-09 2016-08-11 Fortinet, Inc. Mobile malware detection and user notification
CN106169995A (en) * 2016-06-30 2016-11-30 武汉斗鱼网络科技有限公司 A kind of webcast website's handset binding short-message verification anti-brush method and system
CN106850608A (en) * 2017-01-23 2017-06-13 山东浪潮商用系统有限公司 A kind of short message verification code transmission times control method for frequency
CN107451459A (en) * 2016-05-30 2017-12-08 北京京东尚科信息技术有限公司 The method and apparatus verified using picture validation code

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160232349A1 (en) * 2015-02-09 2016-08-11 Fortinet, Inc. Mobile malware detection and user notification
CN104768139A (en) * 2015-02-28 2015-07-08 北京奇艺世纪科技有限公司 Method and device for sending short messages
CN107451459A (en) * 2016-05-30 2017-12-08 北京京东尚科信息技术有限公司 The method and apparatus verified using picture validation code
CN106169995A (en) * 2016-06-30 2016-11-30 武汉斗鱼网络科技有限公司 A kind of webcast website's handset binding short-message verification anti-brush method and system
CN106850608A (en) * 2017-01-23 2017-06-13 山东浪潮商用系统有限公司 A kind of short message verification code transmission times control method for frequency

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109121100A (en) * 2018-09-27 2019-01-01 沈文策 A kind of short message communication control method and device
CN109618349A (en) * 2019-01-08 2019-04-12 中国联合网络通信集团有限公司 A kind of data transmission method and server
CN109618349B (en) * 2019-01-08 2022-08-12 中国联合网络通信集团有限公司 Data transmission method and server
CN110113758A (en) * 2019-05-21 2019-08-09 深圳壹账通智能科技有限公司 A kind of control method and relevant apparatus sending verifying message based on phone number
CN110362985A (en) * 2019-07-16 2019-10-22 北京天融信网络安全技术有限公司 A kind of verification method and device
CN110415124A (en) * 2019-07-31 2019-11-05 深圳市思迪信息技术股份有限公司 The anti-brush method and device of security marketing activity current limliting
CN110677338A (en) * 2019-09-16 2020-01-10 北京达佳互联信息技术有限公司 Verification information timing method and device, electronic equipment and storage medium
CN110677338B (en) * 2019-09-16 2021-10-15 北京达佳互联信息技术有限公司 Verification information timing method and device, electronic equipment and storage medium
CN111132171A (en) * 2019-12-26 2020-05-08 深圳前海环融联易信息科技服务有限公司 Access limiting method and device based on historical short message sending amount and computer equipment
CN113141336A (en) * 2020-01-19 2021-07-20 上海静客网络科技有限公司 Short message verification code anti-brushing method
CN111417122B (en) * 2020-03-25 2024-03-01 杭州迪普科技股份有限公司 Attack prevention method and device
CN111417122A (en) * 2020-03-25 2020-07-14 杭州迪普科技股份有限公司 Attack prevention method and device
CN111935655A (en) * 2020-05-27 2020-11-13 武汉小码联城科技有限公司 Short message sending processing method, system, client, server and verification device
CN111918224A (en) * 2020-07-28 2020-11-10 广州市百果园信息技术有限公司 Short message verification method, device, equipment and storage medium
CN111918224B (en) * 2020-07-28 2022-03-04 广州市百果园信息技术有限公司 Short message verification method, device, equipment and storage medium
CN112351131A (en) * 2020-09-30 2021-02-09 北京达佳互联信息技术有限公司 Control method and device of electronic equipment, electronic equipment and storage medium
CN112351131B (en) * 2020-09-30 2021-07-16 北京达佳互联信息技术有限公司 Control method and device of electronic equipment, electronic equipment and storage medium
CN113438202A (en) * 2021-05-18 2021-09-24 北京达佳互联信息技术有限公司 Processing method and device for verification code request, electronic equipment and storage medium
US11695671B2 (en) * 2021-10-25 2023-07-04 Fulian Precision Electronics (Tianjin) Co., Ltd. Method of checking connection integrity of source nodes in cluster, electronic device, and computer readable storage medium applying method
CN114025356A (en) * 2021-11-02 2022-02-08 湖南快乐阳光互动娱乐传媒有限公司 Malicious short message verification code identification method, related device and computer storage medium
CN114302351A (en) * 2022-03-09 2022-04-08 太平金融科技服务(上海)有限公司深圳分公司 Short message service processing method and device, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
CN108183914A (en) A kind of method for preventing malice swipe short message verification code from sending service
US10044656B2 (en) Statistical message classifier
JP4828411B2 (en) Feedback loop to prevent spam
US7925707B2 (en) Declassifying of suspicious messages
CN103379099B (en) Hostile attack identification method and system
US8713175B2 (en) Centralized behavioral information system
EP2498458A2 (en) Obfuscation of spam filter
CN104994060B (en) It is a kind of to provide the method and apparatus of verifying for logging in for user
Saadat Survey on spam filtering techniques
CN105049421A (en) Authentication method based on use behavior characteristic of user, server, terminal, and system
EP1684206A2 (en) Storage abuse prevention
CN109698809A (en) A kind of recognition methods of account abnormal login and device
JP2005011325A (en) Prevention of outgoing spam
Seymour et al. Generative models for spear phishing posts on social media
CN102801706A (en) Terminal and security processing method for information contents
CN109857484A (en) For the processing method and system of interface call request
CN109547426A (en) Service response method and server
US20120185611A1 (en) Threat identification and mitigation in computer mediated communication, including online social network environments
CN108366052A (en) Verify the processing method and system of short message
US10116614B1 (en) Detection of abusive user accounts in social networks
CN109756840A (en) Mobile terminal is registered anti-cheating method, device, system, equipment and storage medium
CN104796877B (en) The method and apparatus that a kind of anti-malice is deducted fees
CN102804732B (en) The method protecting individual privacy information in the audience measurement of digit broadcasting system
Li et al. An Analysis of User Behaviors in Phishing eMail using Machine Learning Techniques.
CN107451247A (en) user identification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180619