CN108234454A - A kind of identity identifying method, server and client device - Google Patents

A kind of identity identifying method, server and client device Download PDF

Info

Publication number
CN108234454A
CN108234454A CN201711331515.XA CN201711331515A CN108234454A CN 108234454 A CN108234454 A CN 108234454A CN 201711331515 A CN201711331515 A CN 201711331515A CN 108234454 A CN108234454 A CN 108234454A
Authority
CN
China
Prior art keywords
client device
attribute information
server
information
legal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711331515.XA
Other languages
Chinese (zh)
Other versions
CN108234454B (en
Inventor
余玮琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201711331515.XA priority Critical patent/CN108234454B/en
Priority to PCT/CN2018/092950 priority patent/WO2019114246A1/en
Publication of CN108234454A publication Critical patent/CN108234454A/en
Priority to TW107127944A priority patent/TWI701932B/en
Application granted granted Critical
Publication of CN108234454B publication Critical patent/CN108234454B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of identity identifying method, server and client devices.The method includes:Server receives the first behavior attribute information that client device is sent, and the legal sample in the first behavior attribute information and legal sample set is subjected to similarity mode, if it fails to match, explicit ID authentication request message is sent to the client device.By this method, since the first behavior attribute information is the information that user's operation client generates, even if malicious user falsely uses the account information of user, due to malicious user it is difficult to imitate or steal the operation information of original subscriber, therefore, malicious user can be identified in use because behavior property is different from original subscriber, so as to effectively avoid the problem that account information is falsely used, the reliability of authentication is improved, and then can ensure the information security of user.

Description

A kind of identity identifying method, server and client device
Technical field
The present invention relates to a kind of field of communication technology more particularly to identity identifying method, server and client devices.
Background technology
With internet and the development of e-commerce, the applications of computer network has penetrated into all trades and professions, global information Change the main trend for having become human development.Network security problem is particularly severe in recent years, and user is frequently by hacker, wood Horse, the attack of Malware, it is commonplace that bank account is stolen, fund is stolen, user identity is falsely used phenomenon etc..Cause This, ensureing the reliability of user identity in internet becomes an important subject.
At present, common identity identifying method includes static password, smart card, dynamic password, short message password, number label Name, bio-identification etc., it is contemplated that these authentication methods are typically that user identity is identified during user logs in, and It will not continue to identification user identity after the user logs.By taking static password as an example, when user is logged in using static password, Need input account title and corresponding static password, Verification System that can pass through account title input by user and corresponding static state Password identification user identity.However this authentication method is used, once the mobile phone of user is lost, and the account that user is logged in is still During in login status, malicious user can falsely use the account information of user.
Based on this, at present there is an urgent need for a kind of identity identifying method, for leading to account after solution in the prior art lost terminal The problem of information is falsely used.
Invention content
The embodiment of the present invention provides a kind of identity identifying method, server and client device, to solve in the prior art The technical issues of account information is caused to be falsely used after lost terminal.
The present invention provides a kind of identity identifying method, the method includes:
Server receives the first behavior attribute information that client device is sent;The first behavior attribute information is described The information that client device described in the user's operation that client device acquires in preset time period generates;
Legal sample in the first behavior attribute information and legal sample set is carried out similarity by the server If it fails to match, explicit ID authentication request message is sent to the client device for matching;The legal sample set is The set of behavior property information acquired by client device described after authentication.
Optionally, the method further includes:
The server receives the explicit authentication response message that the client device is sent;
The server determines explicit authentication by rear, by described according to the explicit authentication response message First behavior attribute information is added in as special sample, and by the special sample in the legal sample set.
Optionally, the server carries out the legal sample in the first behavior attribute information and legal sample set Similarity mode, including:
The server determines to determine that it fails to match when the first behavior attribute information meets the following conditions:
The server determines that the first similarity value is less than first threshold, and first similarity value is first behavior Similarity value between the average value of attribute information and the legal sample in the legal sample set;
And
The server determines that the second similarity value is less than second threshold, and second similarity value is first behavior The similarity value between each special sample in attribute information and the legal sample set.
Optionally, the method further includes:
If successful match, the first behavior attribute information is added to the conjunction by the server as legal sample Method sample set.
The embodiment of the present invention provides a kind of identity identifying method, the method includes:
Client device sends the first behavior attribute information to server;The first behavior attribute information is the client The information that client device described in the user's operation that end equipment acquires in preset time period generates;
The client device receives the explicit ID authentication request message that the server is sent, and the explicit identity is recognized Card request message is that the first behavior attribute information and the legal sample in legal sample set are carried out phase by the server It is sent when like degree, it fails to match, the legal sample set is the behavior acquired by client device described after authentication The set of attribute information.
The embodiment of the present invention provides a kind of server, and the server includes:
Receiving unit, for receiving the first behavior attribute information of client device transmission;The first behavior property letter Cease the information that client device described in the user's operation acquired in preset time period for the client device generates;
Processing unit, for the first behavior attribute information is similar to the legal sample progress in legal sample set Degree matching;The legal sample set is the collection of behavior property information acquired by client device described after authentication It closes;
Transmitting element, for after the processing unit determines that it fails to match, explicit body to be sent to the client device Part authentication request message.
Optionally, the receiving unit is additionally operable to:
Receive the explicit authentication response message that the client device is sent;
The processing unit is additionally operable to, according to the explicit authentication response message, determine that explicit authentication passes through Afterwards, using the first behavior attribute information as special sample, and the special sample is added in the legal sample set.
Optionally, the processing unit is specifically used for:
It determines to determine that it fails to match when the first behavior attribute information meets the following conditions:
Determine that the first similarity value is less than first threshold, first similarity value for the first behavior attribute information and Similarity value between the average value of legal sample in the legal sample set;
And
Determine that the second similarity value is less than second threshold, second similarity value for the first behavior attribute information and The similarity value between each special sample in the legal sample set.
Optionally, the processing unit is additionally operable to:
If it is determined that successful match, then be added to the legal sample using the first behavior attribute information as legal sample Set.
The embodiment of the present invention provides a kind of client device, and the client device includes:
Transmitting element, for sending the first behavior attribute information to server;The first behavior attribute information is described The information that client device described in the user's operation that client device acquires in preset time period generates;
Receiving unit, for receiving the explicit ID authentication request message that the server is sent, the explicit identity is recognized Card request message is that the first behavior attribute information and the legal sample in legal sample set are carried out phase by the server It is sent when like degree, it fails to match, the legal sample set is the behavior acquired by client device described after authentication The set of attribute information.
The embodiment of the present invention provides a kind of computer readable storage medium, and the storage medium is stored with instruction, when described When instruction is run on computers so that computer, which is realized, performs method described above.
The embodiment of the present invention provides a kind of computer equipment, including:
Memory, for storing program instruction;
Processor for calling the program instruction stored in the memory, performs described above according to the program of acquisition Method.
In the embodiment of the present invention, server receives the first behavior attribute information that client device is sent, and by described the One behavior attribute information carries out similarity mode with the legal sample in legal sample set, if it fails to match, to the visitor Family end equipment sends explicit ID authentication request message.Wherein, the first behavior attribute information exists for the client device The information that client device described in the user's operation acquired in preset time period generates;The legal sample set is passes through identity The set of the behavior property information of the client device acquisition after certification.In the embodiment of the present invention, server passes through in user After logining successfully, the information of user's operation client device generation is continued to, and by the information received and legal sample Similarity mode is carried out, by this method, even if malicious user falsely uses the account information of user, due to malicious user it is difficult to mould Operation information that is imitative or stealing original subscriber, therefore, malicious user in use can be different from original subscriber because of behavior property And be identified, so as to effectively avoid the problem that account information is falsely used, the reliability of authentication is improved, Jin Erneng Enough ensure the information security of user.
Description of the drawings
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly introduced, it should be apparent that, the accompanying drawings in the following description is only some embodiments of the present invention, for this For the those of ordinary skill in field, without having to pay creative labor, it can also be obtained according to these attached drawings His attached drawing.
Fig. 1 is a kind of system architecture schematic diagram that the embodiment of the present invention uses;
Fig. 2 is the flow diagram corresponding to a kind of identity identifying method provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic diagram of preset time period provided in an embodiment of the present invention;
Fig. 4 is the schematic diagram of globality flow involved in the embodiment of the present invention;
Fig. 5 is a kind of structure diagram of server provided in an embodiment of the present invention;
Fig. 6 also provides a kind of structure diagram of client device for the embodiment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, the present invention is made below in conjunction with attached drawing into It is described in detail to one step, it is clear that the described embodiments are only some of the embodiments of the present invention rather than whole implementation Example.Based on the embodiments of the present invention, those of ordinary skill in the art are obtained without making creative work All other embodiment, shall fall within the protection scope of the present invention.
Fig. 1 illustrates a kind of system architecture schematic diagram that the embodiment of the present invention uses, as shown in Figure 1, of the invention The system architecture that embodiment is applicable in includes server 101, one or more client devices, such as the client shown in Fig. 1 End equipment 102, client device 103 and client device 104.Server and client device 102, client device 103, visitor Family end equipment 104 can be communicated by network, for example, server 101 can be to client device 102, client device 103rd, any client equipment sends explicit ID authentication request message in client device 104, and any client equipment can be with Explicit authentication response message is returned to according to explicit ID authentication request message.
In the embodiment of the present invention, client device can be a plurality of types of equipment, for example, smart mobile phone, tablet computer, Laptop etc..
Based on system architecture shown in FIG. 1, Fig. 2 is corresponding to a kind of identity identifying method provided in an embodiment of the present invention Flow diagram, as shown in Fig. 2, specifically comprising the following steps:
Step 201, client device sends the first behavior attribute information to server.
Step 202, server receives the first behavior attribute information that client device is sent.
Step 203, the first behavior attribute information and the legal sample in legal sample set are carried out phase by server It is matched like degree, if it fails to match, explicit ID authentication request message is sent to the client device.
Step 204, client device receives the explicit ID authentication request message that the server is sent.
In the embodiment of the present invention, after server in user by logining successfully, continue to user's operation client and set The standby information generated, and the information received and legal sample are subjected to similarity mode, by this method, even if malice is used The account information of user is falsely used at family, due to malicious user it is difficult to imitate or steal the operation information of original subscriber, malicious user It can be identified in use because behavior property is different from original subscriber, so as to effectively avoid account information quilt The problem of falsely using improves the reliability of authentication, and then can ensure the information security of user.
Before step 201 is performed, the embodiment of the present invention needs that legal sample set is generated in advance, wherein, legal sample Collection is combined into the set of behavior property information acquired by client device described after explicit authentication.Specifically, in user After authentication, for example, using explicit identity authentication method login account after, client device acquisition login process in User behavior property information, and using collected behavior property information as legal sample.Wherein, explicit authentication is User is needed to input the authentication method of password, for example, account title and corresponding static password, card number and corresponding static password, Cell-phone number and corresponding short message verification code etc..
In one example, when user logs in a certain application program using client device, for example, user utilizes smart mobile phone It when logging in Mobile banking, needs first to input bank's card number and password, when the bank's card number and password of input are without mistaking, it is determined that logical Cross authentication;Then, smart mobile phone can acquire the behavior property information in process of user login, and by collected behavior Attribute information is as legal sample.
In the embodiment of the present invention, behavior property information is the information that user's operation client device generates.Further, it examines In the information for considering the generation of user's operation client device, it is understood that there may be smaller information is influenced on authentication, it therefore, can be right The information that user's operation client device generates is screened, and using the information being affected to authentication as behavior property Information so that behavior property information is more in line with the behavioural characteristic of user, can improve the accuracy of behavior property information.
As shown in table 1, the information that user's operation client device generates can include IP address, the client device of user The behavioral primitives such as the position at place, the reading rate of user, web page address.Wherein, for same user, the IP address institute of user Position be relatively fixed, therefore can be as the behavioral primitive in behavior property information;Similarly, the reading rate of user is A kind of use habit of user, therefore can also be used as the behavioral primitive in behavior property information;And web page address can be with Change according to the demand of user, therefore, web page address can not be included in behavior property information.
Table 1:User's operation client device generate information whether a kind of example as behavior property information
The information that user's operation client device generates Whether behavior property information is used as
The IP address of user It is
Position where client device It is
The reading rate of user It is
Web page address It is no
…… ……
In step 201, user's operation institute that the first behavior attribute information is acquired for client device in preset time period State the information of client device generation.
In the embodiment of the present invention, preset time period is to N number of before login account next time after user's login account is successful Any one period in period, as shown in figure 3, for a kind of schematic diagram of preset time period provided in an embodiment of the present invention, To log in next time during after user logins successfully, N number of period can be divided into, client device can be at i-th Between the information that generates of client device described in section acquisition user's operation, and believe using collected information as the first behavior property Breath.Wherein, the attribute included by the first behavior attribute information is consistent with the attribute included by the behavior property in legal sample.
It should be noted that content illustrated in fig. 3 is only a kind of possible realization method, those skilled in the art can be with Rule of thumb preset time period is voluntarily determined with actual conditions, do not limit specifically.
In step 202 and step 203, server receive client device transmission the first behavior attribute information after, By the legal sample in the first behavior attribute information and legal sample set carry out similarity mode mode can there are many, one The possible realization method of kind is, for any one legal sample in legal sample set, to obtain the first behavior attribute information With the first similarity value between each legal sample.
Further, after obtaining the first similarity value by the above method, there are many ways to determining that it fails to match, example Such as, however, it is determined that the first similarity value between the first behavior attribute information and each legal sample is respectively less than default similarity Threshold value, then it fails to match;Or, however, it is determined that the first similarity between the first behavior attribute information and each legal sample The number for being more than or equal to default similarity threshold in value is less than predetermined number threshold value, then it fails to match.Wherein, similarity threshold is preset Value, predetermined number threshold value can be that those skilled in the art rule of thumb determine with actual conditions, not limit specifically.
The alternatively possible average value for being that realization method is, determining the legal sample in legal sample set obtains first The first similarity value between the average value of behavior property information and the legal sample in the legal sample set, and judge institute State whether similarity value is less than first threshold, if being less than, it fails to match.Wherein, first threshold can be people in the art What member rule of thumb determined with actual conditions, it does not limit specifically.Lower mask body introduction is carried out using the average value of legal sample The mode of similarity mode, includes the following steps:
Step 301, the average value of the legal sample in legal sample set is determined.
Specifically, legal sample is the collected behavior property information of client, and each legal sample includes at least one A behavioral primitive.Wherein, according to the difference of the property value of behavioral primitive, behavioral primitive can be divided into numeric type behavioral primitive and text This type behavioral primitive, for example, the reading rate of user is " 88.75 rows/min ", due to " reading rate of user " this behavior The property value of element is " 88.75 rows/min ", which is numerical value, and therefore, " reading rate of user " can be used as numeric type Behavioral primitive;Position where client device is " Nanning City Qingxiu District ", due to " position where client device " this The property value of behavioral primitive is " Nanning City Qingxiu District ", which is text, and therefore, " position where client device " can As text-type behavioral primitive.
It, can be using the average value of the property value of numeric type behavioral primitive as behavior element for numeric type behavioral primitive Average value.By taking the reading rate of user as an example, as shown in table 2, legal sample set includes 3 legal samples, wherein, it is legal In sample 1, the reading rate of user is " 88.75 rows/min ";In legal sample 2, the reading rate of user for " 80.75 rows/ min”;In legal sample 3, the reading rate of user is " 84.75 rows/min ", can be obtained using mean value calculation formula, is closed In method sample set, the average value of the reading rate of user is " 84.75 rows/min ".
Table 2:A kind of example of the average value of numeric type behavioral primitive
Legal sample set The reading rate of user
Legal sample 1 88.75 row/min
Legal sample 2 80.75 row/min
Legal sample 3 84.75 row/min
Average value 84.75 row/min
For text-type behavioral primitive, can text be determined according to the probability distribution of the property value of text-type behavioral primitive The average value of type behavioral primitive.As shown in table 3, legal sample set includes 3 legal samples, wherein, in legal sample 1, use The IP address at family is " 172.18.19.20 ", and city where client device is " Nanning ", the city where client device For " Qingxiu District ";In legal sample 2, the IP address of user is " 172.18.19.20 ", and the city where client device is " south Rather ", the city where client device is " Qingxiu District ";In legal sample 3, the IP address of user is " 172.18.19.20 ", City where client device is " Nanning ", and the city where client device is " Jiangnan District ".It is found that above 3 legal In sample, it is 3 times that the IP address of user, which is the probability that " 172.18.19.20 " occurs, can be by the probability distribution of the IP address of user It is denoted as { 172.18.19.20,3 };City where client device is that the probability that " Nanning " occurs is 3 times, can set client The probability distribution in the city at standby place is denoted as in { Nanning, 3 };City where client device is for the probability that " Qingxiu District " occurs 2 times, the city where client device is that the probability that " Jiangnan District " occurs is 1 time, can be by the city where client device Probability distribution be denoted as Qingxiu District, 2;Jiangnan District, 1 }.
Table 3:A kind of example of the probability distribution of text-type behavioral primitive
Legal sample set The IP address of user City where client device City where client device
Legal sample 1 172.18.19.20 Nanning Qingxiu District
Legal sample 2 172.18.19.20 Nanning Qingxiu District
Legal sample 3 172.18.19.20 Nanning Jiangnan District
Probability distribution { 172.18.19.20,3 } { Nanning, 3 } Qingxiu District, 2;Jiangnan District, 1 }
Step 302, for each behavioral primitive of legal sample, the weighted value of the behavioral primitive is determined.
In the embodiment of the present invention, the distribution of the weighted value of behavioral primitive can be conducted directly to the reliability and standard of authentication True property, there are mainly two types of methods for existing weighted value distribution, and a kind of is the subjective weighting method based on policymaker's subjective judgement, another Kind is the objective weighted model based on decision matrix.The embodiment of the present invention determines the weight of behavioral primitive by taking subjective weighting method as an example Value, using subjective weighting method, can avoid the influence of decision matrix, so as to ensure the consistency of policy-making thought, improve weighted value The reasonability of distribution.
In one example, as shown in table 4, a kind of example that the weighted value for behavioral primitive distributes, the behavior of legal sample IP address of the element including user, the city where client device, the city where client device, the reading of user are fast Degree.The weighted value of the IP address of user can be set as 0.2, the weighted value in the city where client device is set as 0.3, it will be objective The weighted value in the city where the end equipment of family is set as 0.2, and the weighted value of the reading rate of user is set as 0.3.
Table 4:A kind of example of the weighted value distribution of behavioral primitive
Behavioral primitive Weighted value
The IP address of user 0.2
City where client device 0.3
City where client device 0.2
The reading rate of user 0.3
Table 4 is only a kind of example, and those skilled in the art can be rule of thumb with actual conditions in shown by table 4 Appearance is modified, and is not limited specifically.
Step 303, according to the average value of the legal sample and the weighted value of the behavioral primitive, the first row is determined For the first similarity value between the average value of attribute information and the legal sample.
It,, can after the average value for determining numeric type behavioral primitive for numeric type behavioral primitive in the embodiment of the present invention With according to the property value of the numeric type behavioral primitive in the first behavior attribute information and the numeric type behavioral primitive in legal sample Average value in set determines the diversity factor between the numeric type behavioral primitive and the legal sample in the first behavior attribute information Value, and then can determine the similarity value between the numeric type behavioral primitive and legal sample.Specifically, for numeric type behavior Similarity value between the average value of element, the first behavior attribute information and the legal sample can pass through the following formula meter It calculates:
Wherein, TsFor the numeric type behavioral primitive numeric type row corresponding with legal sample in the first behavior attribute information For the similarity value between the average value of element;X is the property value of numeric type behavioral primitive in the first behavior attribute information; Average value for numeric type behavioral primitive corresponding in legal sample.
In one example, the numeric type behavioral primitive is the reading rate of user, in legal sample set, user's The average value of reading rate is 84.75 rows/min;In the first behavior attribute information, the reading rate of user is 50 rows/min, Readding for the reading rate of user and the user in legal sample set in the first behavior property is then obtained according to above-mentioned calculation formula Similarity value between the average value of reading rate is 0.59.
In the embodiment of the present invention, for text-type behavioral primitive, after the probability distribution for determining text-type behavioral primitive, It can be according to the property value of text type behavioral primitive and text type behavioral primitive in the first behavior attribute information in legal sample Probability distribution in this set determines similar between the text-type behavioral primitive in the first behavior attribute information and legal sample Angle value.Specifically, for text-type behavioral primitive, the first behavior attribute information and the legal sample similarity value can To be calculated by the following formula:
Wherein, TwFor the text-type behavioral primitive text-type row corresponding with legal sample in the first behavior attribute information Similarity value between element;Y be legal sample set in the text-type behavioral primitive in the first behavior attribute information The identical sample number of property value;N is sample number total in legal sample set.Y is integer more than or equal to 0, N be more than etc. In 1 integer.
In one example, the text-type behavioral primitive is the city where client device, in legal sample set, The probability distribution in the city where client device for Qingxiu District, 2;Jiangnan District, 1 };In the first behavior attribute information, client City where end equipment is Qingxiu District, then according to where above-mentioned calculation formula obtains client device in the first behavior property The similarity value between the city where client device in city and legal sample set is 0.67.
Further, each behavioral primitive and conjunction in the first behavior attribute information is obtained using method as described above It, can be according to the weighted value of each behavioral primitive, really after similarity value in method sample set between corresponding behavioral primitive The first similarity value between fixed first behavior attribute information and the average value of legal sample, can specifically pass through the following formula meter It calculates:
Wherein, first similarity values of the T between the first behavior attribute information and the average value of legal sample,It is Similarity value in one behavior attribute information between i-th of numeric type behavioral primitive and legal sample;ωiFor the first behavior property The weighted value of i-th of numeric type behavioral primitive in information;For j-th of text-type behavioral primitive in the first behavior attribute information With the similarity value between legal sample;ωjWeighted value for j-th of text-type behavioral primitive in the first behavior attribute information.i To be more than or equal to 1 integer, j is the integer more than or equal to 1.
Based on the first similarity value between above-mentioned described first behavior attribute information and the average value of legal sample Computational methods, be exemplified below.
In one example, as shown in table 5, the first phase between the first behavior attribute information and the average value of legal sample Like a kind of example of angle value, however, it is determined that the weighted value of the IP address of user is 0.2, the weighted value in the city where client device It is 0.3, the weighted value in the city where client device is 0.2, and the weighted value of the reading rate of user is 0.3, and, it determines to close In method sample set, the probability distribution of the IP address of user is { 172.18.19.20,3 }, the city where client device Probability distribution is { Nanning, 3 }, the probability distribution in the city where client device for Qingxiu District, 2;Jiangnan District, 1 }, user's The average value of reading rate is 84.75 rows/min, then according to above-mentioned calculation formula, the first behavior attribute information and legal sample The first similarity value between average value is 0.798.
Table 5:A kind of example of first similarity value
It should be noted that above-mentioned described computational methods are only a kind of example provided in an embodiment of the present invention, ability Field technique personnel can rule of thumb modify to the above method with actual conditions, not limit specifically.
Step 304, judge whether first similarity value is less than first threshold, if less than first threshold, match mistake It loses;Otherwise, successful match.
Further, after above-mentioned steps 204 are performed, server sends explicit according to the client device received Authentication response message determines authentication by rear, using the first behavior attribute information as special sample and by institute Special sample is stated to add in the legal sample set, and judge legal sample in the legal sample set number whether More than default sample number threshold value, if more than the longer legal sample of storage time in the legal sample set is then deleted, directly The number of the legal sample in the legal sample set after to deletion is not more than the default sample number threshold value.Wherein, in advance It rule of thumb determines with actual conditions if sample number threshold value can be those skilled in the art, does not limit specifically.Pass through this Kind of mode is updated legal sample set, because the longer legal sample of storage time may not meet current use Family behavior, so the first behavior attribute information every time by authentication is added in legal sample set, and will be legal The legal sample that storage time is longer in sample set is deleted, so as to improve the property of can refer to of legal sample set.
The method that the embodiment of the present invention provides another similarity mode, specifically comprises the following steps:
Step 1, server determine that the first behavior attribute information carries out phase with the legal sample in legal sample set Like degree after it fails to match, it is determined whether there are special sample, if in the presence of step 2 is performed;If being not present, step is performed Three.
The first behavior attribute information and special sample are carried out similarity mode by step 2, server.
Specifically, server is if it is determined that there is only a special sample, then according to the first behavior attribute information and The special sample determines the second similarity value of the first behavior attribute information and the special sample;And judge Whether second similarity value is less than second threshold, if less than second threshold, it fails to match.
Server, then for each special sample, determines first behavior if it is determined that there are multiple special samples Attribute information and the second similarity value of each special sample;And it judges whether more than or equal to above-mentioned second threshold Second similarity value, if being not present, it fails to match.
In the embodiment of the present invention, the circular of the second similarity value can refer to the meter of above-mentioned first similarity value Calculation method, details are not described herein.Those skilled in the art rule of thumb voluntarily can also determine the second similarity with actual conditions The computational methods of value, do not limit specifically.
Step 3, if it is determined that it fails to match, then send explicit ID authentication request to the client device disappears server Breath.
In order to more clearly introduce above-mentioned identity identifying method, with reference to Fig. 4, to involved in the embodiment of the present invention Flow carry out globality explanation.As shown in figure 4, it may comprise steps of:
Step 401, server receives the first behavior attribute information that client device is sent.
Step 402, the server by the legal sample in the first behavior attribute information and legal sample set into Row similarity mode if it fails to match, performs step 403;If successful match performs step 404.
Step 403, the server judges whether special sample, if in the presence of step 405 is performed;If being not present, Then perform step 406.
Step 404, the server adds in the first behavior attribute information in the legal sample set, and returns Step 401.
Step 405, the first behavior attribute information and special sample are carried out similarity mode by the server, if With failure, then step 406 is performed;If successful match performs step 409.
Step 406, the server sends explicit ID authentication request message to client device.
Step 407, the server receives the explicit authentication response message that the client device is sent.
Step 408, the server judges whether, by explicit authentication, if passing through, to perform step 409;If not Pass through, then perform step 410.
Step 409, the server is using the first behavior attribute information as special sample, and by the special sample It adds in the legal sample set, and return to step 401.
Step 410, the server determines that authentication fails, and return to step 401.
In the embodiment of the present invention, after user logins successfully, server can be constantly according to the user behaviour received Make the information of client device generation, whether the user for determining the operation client device is malicious user.Using this side Method, even if malicious user falsely uses the account information of user, due to malicious user it is difficult to imitate or steal the operation information of original subscriber, Therefore, malicious user can be identified in use because behavior property is different from original subscriber, so as to effective It avoids the problem that account information is falsely used, improves the reliability of authentication, and then can ensure the information security of user.
Based on same idea, a kind of server provided in an embodiment of the present invention, as shown in figure 5, the server 500 includes connecing Receive unit 501, processing unit 502, transmitting element 503;Wherein,
Receiving unit 501, for receiving the first behavior attribute information of client device transmission;First behavior property The information that client device described in the user's operation that information is acquired for the client device in preset time period generates;
Processing unit 502, for the legal sample in the first behavior attribute information and legal sample set to be carried out Similarity mode;The legal sample set is the behavior property information acquired by client device described after authentication Set;
Transmitting element 503, for after the processing unit determines that it fails to match, being sent to the client device explicit ID authentication request message.
Optionally, the receiving unit 501 is additionally operable to:
Receive the explicit authentication response message that the client device is sent;
The processing unit is additionally operable to, according to the explicit authentication response message, determine that explicit authentication passes through Afterwards, using the first behavior attribute information as special sample, and the special sample is added in the legal sample set.
Optionally, the processing unit 502 is specifically used for:
It determines to determine that it fails to match when the first behavior attribute information meets the following conditions:
Determine that the first similarity value is less than first threshold, first similarity value for the first behavior attribute information and Similarity value between the average value of legal sample in the legal sample set;
And
Determine that the second similarity value is less than second threshold, second similarity value for the first behavior attribute information and The similarity value between each special sample in the legal sample set.
Optionally, the processing unit 502 is additionally operable to:
If it is determined that successful match, then be added to the legal sample using the first behavior attribute information as legal sample Set.
Based on same inventive concept, the embodiment of the present invention also provides a kind of client device, as shown in fig. 6, the client End equipment 600 includes receiving unit 601, transmitting element 602;Wherein,
Transmitting element 601, for sending the first behavior attribute information to server;The first behavior attribute information is institute State the information that client device described in the user's operation that client device acquires in preset time period generates;
Receiving unit 602, for receiving the explicit ID authentication request message that the server is sent, the explicit identity Authentication request message is that the server carries out the legal sample in the first behavior attribute information and legal sample set What similarity mode was sent when failing, the legal sample set is the row acquired by client device described after authentication Set for attribute information.
The embodiment of the present invention provides a kind of computer readable storage medium, and the storage medium is stored with instruction, when described When instruction is run on computers so that computer, which is realized, performs method described above.
The embodiment of the present invention provides a kind of computer equipment, including:
Memory, for storing program instruction;
Processor for calling the program instruction stored in the memory, performs described above according to the program of acquisition Method.
In the embodiment of the present invention, server receives the first behavior attribute information that client device is sent, and by described the One behavior attribute information carries out similarity mode with the legal sample in legal sample set, if it fails to match, to the visitor Family end equipment sends explicit ID authentication request message.Wherein, the first behavior attribute information exists for the client device The information that client device described in the user's operation acquired in preset time period generates;The legal sample set is passes through identity The set of the behavior property information of the client device acquisition after certification.In the embodiment of the present invention, server passes through in user After logining successfully, the information of user's operation client device generation is continued to, and by the information received and legal sample Similarity mode is carried out, by this method, even if malicious user falsely uses the account information of user, due to malicious user it is difficult to mould Operation information that is imitative or stealing original subscriber, therefore, malicious user in use can be different from original subscriber because of behavior property And be identified, so as to effectively avoid the problem that account information is falsely used, the reliability of authentication is improved, Jin Erneng Enough ensure the information security of user.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the present invention Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the present invention The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) The form of product.
The present invention be with reference to according to the method for the embodiment of the present invention, the flow of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, but those skilled in the art once know basic creation Property concept, then additional changes and modifications may be made to these embodiments.So appended claims be intended to be construed to include it is excellent It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art God and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (12)

1. a kind of identity identifying method, which is characterized in that the method includes:
Server receives the first behavior attribute information that client device is sent;The first behavior attribute information is the client The information that client device described in the user's operation that end equipment acquires in preset time period generates;
Legal sample in the first behavior attribute information and legal sample set is carried out similarity mode by the server, If it fails to match, explicit ID authentication request message is sent to the client device;The legal sample set is passes through The set of the behavior property information of the client device acquisition after authentication.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
The server receives the explicit authentication response message that the client device is sent;
The server determines explicit authentication by rear, by described first according to the explicit authentication response message Behavior property information is added in as special sample, and by the special sample in the legal sample set.
3. according to the method described in claim 2, it is characterized in that, the server is by the first behavior attribute information and closes Legal sample in method sample set carries out similarity mode, including:
The server determines to determine that it fails to match when the first behavior attribute information meets the following conditions:
The server determines that the first similarity value is less than first threshold, and first similarity value is first behavior property Similarity value between the average value of information and the legal sample in the legal sample set;
And
The server determines that the second similarity value is less than second threshold, and second similarity value is first behavior property The similarity value between each special sample in information and the legal sample set.
4. method according to any one of claims 1 to 3, which is characterized in that the method further includes:
If successful match, the first behavior attribute information is added to the legal sample by the server This set.
5. a kind of identity identifying method, which is characterized in that the method includes:
Client device sends the first behavior attribute information to server;The first behavior attribute information is set for the client The information that client device described in the standby user's operation acquired in preset time period generates;
The client device receives the explicit ID authentication request message that the server is sent, and the explicit authentication please It is that the legal sample in the first behavior attribute information and legal sample set is carried out similarity by the server to seek message It is sent when it fails to match, the legal sample set is the behavior property acquired by client device described after authentication The set of information.
6. a kind of server, which is characterized in that the server includes:
Receiving unit, for receiving the first behavior attribute information of client device transmission;The first behavior attribute information is The information that client device described in the user's operation that the client device acquires in preset time period generates;
Processing unit, for the legal sample in the first behavior attribute information and legal sample set to be carried out similarity Match;The legal sample set is the set of behavior property information acquired by client device described after authentication;
Transmitting element, for after the processing unit determines that it fails to match, sending explicit identity to the client device and recognizing Demonstrate,prove request message.
7. server according to claim 6, which is characterized in that the receiving unit is additionally operable to:
Receive the explicit authentication response message that the client device is sent;
The processing unit is additionally operable to according to the explicit authentication response message, determines that explicit authentication, will by rear The first behavior attribute information is added in as special sample, and by the special sample in the legal sample set.
8. server according to claim 7, which is characterized in that the processing unit is specifically used for:
It determines to determine that it fails to match when the first behavior attribute information meets the following conditions:
Determine that the first similarity value is less than first threshold, first similarity value is the first behavior attribute information and described Similarity value between the average value of legal sample in legal sample set;
And
Determine that the second similarity value is less than second threshold, second similarity value is the first behavior attribute information and described The similarity value between each special sample in legal sample set.
9. according to claim 6 to 8 any one of them server, which is characterized in that the processing unit is additionally operable to:
If it is determined that successful match, then be added to the legal sample set using the first behavior attribute information as legal sample It closes.
10. a kind of client device, which is characterized in that the client device includes:
Transmitting element, for sending the first behavior attribute information to server;The first behavior attribute information is the client The information that client device described in the user's operation that end equipment acquires in preset time period generates;
Receiving unit, for receiving the explicit ID authentication request message that the server is sent, the explicit authentication please It is that the legal sample in the first behavior attribute information and legal sample set is carried out similarity by the server to seek message It is sent when it fails to match, the legal sample set is the behavior property acquired by client device described after authentication The set of information.
11. a kind of computer readable storage medium, which is characterized in that the storage medium is stored with instruction, when described instruction exists When being run on computer so that computer realizes that perform claim requires the method described in any one of 1 to 5.
12. a kind of computer equipment, which is characterized in that including:
Memory, for storing program instruction;
Processor, for calling the program instruction stored in the memory, according to acquisition program perform as claim 1 to Method described in 5 any claims.
CN201711331515.XA 2017-12-13 2017-12-13 Identity authentication method, server and client device Active CN108234454B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201711331515.XA CN108234454B (en) 2017-12-13 2017-12-13 Identity authentication method, server and client device
PCT/CN2018/092950 WO2019114246A1 (en) 2017-12-13 2018-06-26 Identity authentication method, server and client device
TW107127944A TWI701932B (en) 2017-12-13 2018-08-10 Identity authentication method, server and client equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711331515.XA CN108234454B (en) 2017-12-13 2017-12-13 Identity authentication method, server and client device

Publications (2)

Publication Number Publication Date
CN108234454A true CN108234454A (en) 2018-06-29
CN108234454B CN108234454B (en) 2020-12-18

Family

ID=62652128

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711331515.XA Active CN108234454B (en) 2017-12-13 2017-12-13 Identity authentication method, server and client device

Country Status (3)

Country Link
CN (1) CN108234454B (en)
TW (1) TWI701932B (en)
WO (1) WO2019114246A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109151518A (en) * 2018-08-06 2019-01-04 武汉斗鱼网络科技有限公司 A kind of recognition methods, device and the electronic equipment of stolen account
CN110570199A (en) * 2019-07-24 2019-12-13 中国科学院信息工程研究所 User identity detection method and system based on user input behaviors
CN111062014A (en) * 2019-12-24 2020-04-24 中国银行股份有限公司 Security authentication method and device and electronic equipment
CN111083141A (en) * 2019-12-13 2020-04-28 广州市百果园信息技术有限公司 Method, device, server and storage medium for identifying counterfeit account

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010131333A1 (en) * 2009-05-12 2010-11-18 パイオニア株式会社 Content search device, content search method, content search program, and recording medium
CN106301778A (en) * 2015-05-19 2017-01-04 中兴通讯股份有限公司 Auth method, device, system and user terminal
CN106384027A (en) * 2016-09-05 2017-02-08 四川长虹电器股份有限公司 User identity recognition system and recognition method thereof
CN106603327A (en) * 2016-11-29 2017-04-26 上海亿账通互联网科技有限公司 Behavior data analysis method and device
JP6203116B2 (en) * 2014-05-20 2017-09-27 ヤフー株式会社 Notary providing device, notary providing method and program

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101299762B (en) * 2008-06-20 2011-08-17 北京中星微电子有限公司 Identification authentication method and apparatus
JP2012219796A (en) * 2011-04-14 2012-11-12 Nissan Motor Co Ltd Combustion chamber of internal combustion engine
CN104579668B (en) * 2013-10-28 2018-12-11 深圳市腾讯计算机系统有限公司 The verification method and cipher protection apparatus and verifying system of a kind of user identity
CN105100376A (en) * 2014-05-16 2015-11-25 中国移动通信集团湖南有限公司 Identity authentication method and apparatus

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010131333A1 (en) * 2009-05-12 2010-11-18 パイオニア株式会社 Content search device, content search method, content search program, and recording medium
JP6203116B2 (en) * 2014-05-20 2017-09-27 ヤフー株式会社 Notary providing device, notary providing method and program
CN106301778A (en) * 2015-05-19 2017-01-04 中兴通讯股份有限公司 Auth method, device, system and user terminal
CN106384027A (en) * 2016-09-05 2017-02-08 四川长虹电器股份有限公司 User identity recognition system and recognition method thereof
CN106603327A (en) * 2016-11-29 2017-04-26 上海亿账通互联网科技有限公司 Behavior data analysis method and device

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109151518A (en) * 2018-08-06 2019-01-04 武汉斗鱼网络科技有限公司 A kind of recognition methods, device and the electronic equipment of stolen account
CN109151518B (en) * 2018-08-06 2021-02-02 武汉斗鱼网络科技有限公司 Stolen account identification method and device and electronic equipment
CN110570199A (en) * 2019-07-24 2019-12-13 中国科学院信息工程研究所 User identity detection method and system based on user input behaviors
CN110570199B (en) * 2019-07-24 2022-10-11 中国科学院信息工程研究所 User identity detection method and system based on user input behaviors
CN111083141A (en) * 2019-12-13 2020-04-28 广州市百果园信息技术有限公司 Method, device, server and storage medium for identifying counterfeit account
CN111062014A (en) * 2019-12-24 2020-04-24 中国银行股份有限公司 Security authentication method and device and electronic equipment

Also Published As

Publication number Publication date
TWI701932B (en) 2020-08-11
TW201929481A (en) 2019-07-16
WO2019114246A1 (en) 2019-06-20
CN108234454B (en) 2020-12-18

Similar Documents

Publication Publication Date Title
US10992478B2 (en) Blockchain-based digital identity management method
US10965668B2 (en) Systems and methods to authenticate users and/or control access made by users based on enhanced digital identity verification
US8719911B2 (en) Methods, systems, and computer program products for authenticating an identity of a user by generating a confidence indicator of the identity of the user based on a combination of multiple authentication techniques
JP6068506B2 (en) System and method for dynamic scoring of online fraud detection
CN108234454A (en) A kind of identity identifying method, server and client device
US20100229223A1 (en) Using social information for authenticating a user session
CN106952096A (en) Security certification system, method and the credible identifying device of client of client device
US20210099431A1 (en) Synthetic identity and network egress for user privacy
US20120072982A1 (en) Detecting potential fraudulent online user activity
CN107026831A (en) A kind of personal identification method and device
WO2015136800A1 (en) Authentication device, authentication system and authentication method
CN110855648B (en) Early warning control method and device for network attack
CN104348624B (en) A kind of method and apparatus of Hash authentication trustworthiness
CN105591743A (en) Method and device for carrying out identity authentication through equipment operation features of user terminal
CN105022939B (en) Information Authentication method and device
CN107871279A (en) User ID authentication method and application server
US11695746B2 (en) Multi-layer user authentication with live interaction
US20200242223A1 (en) Method and apparatus for identity authentication, server and computer readable medium
CN104836777B (en) Identity verification method and system
CN110874638B (en) Behavior analysis-oriented meta-knowledge federation method, device, electronic equipment and system
CN112749973A (en) Authority management method and device and computer readable storage medium
CN105988998B (en) Relational network construction method and device
CN106102059B (en) For the method and apparatus for the owner for determining hotspot
CN114513350A (en) Identity verification method, system and storage medium
CN107977570A (en) Information Authentication method, apparatus, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1255860

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant