CN108595923A - Identity identifying method, device and terminal device - Google Patents

Identity identifying method, device and terminal device Download PDF

Info

Publication number
CN108595923A
CN108595923A CN201810359512.5A CN201810359512A CN108595923A CN 108595923 A CN108595923 A CN 108595923A CN 201810359512 A CN201810359512 A CN 201810359512A CN 108595923 A CN108595923 A CN 108595923A
Authority
CN
China
Prior art keywords
behavior
preset
data
recognition
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810359512.5A
Other languages
Chinese (zh)
Inventor
奚智
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Yuanxin Science and Technology Co Ltd
Original Assignee
Beijing Yuanxin Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Yuanxin Science and Technology Co Ltd filed Critical Beijing Yuanxin Science and Technology Co Ltd
Priority to CN201810359512.5A priority Critical patent/CN108595923A/en
Publication of CN108595923A publication Critical patent/CN108595923A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)
  • Collating Specific Patterns (AREA)

Abstract

An embodiment of the present invention provides a kind of identity identifying method, device and terminal devices, wherein identity identifying method includes:When detecting the default behavior of user, the corresponding behavioral data of at least two default behavior of acquisition;Based on the behavioral data got, it is determined whether meet the condition of authentication;When meeting the condition of authentication, the legitimacy of user identity is authenticated.Identity identifying method provided in an embodiment of the present invention, when carrying out authentication, by combining a variety of behavioral datas got, come the legitimacy of user identity stablize, effective certification, the problems such as effectively preventing using certification unstability and randomness caused by single behavioral data.

Description

Identity authentication method and device and terminal equipment
Technical Field
The invention relates to the technical field of security, in particular to an identity authentication method, an identity authentication device and terminal equipment.
Background
With the advance of social informatization and intelligent trendy in recent years, intelligent terminals, particularly touch screen terminals (such as smart phones and tablet computers), have become inseparable from people's daily life, for example, online shopping is performed through shopping APPs installed on mobile phones, and account transfer, payment and the like are performed through financial APPs installed on mobile phones. A large amount of personal privacy information (such as short messages, address lists, bank accounts, payment accounts and the like) is stored in the intelligent terminal, and the phenomenon that the personal information is maliciously stolen is frequent, so that the rights and interests of an intelligent terminal user are seriously damaged, and the safety protection of the intelligent terminal becomes a problem which is generally concerned by people.
The safe and effective identity authentication is the core problem of the safety protection of the intelligent terminal, the traditional identity authentication mainly adopts a password, a nine-grid pattern lock, a fingerprint, a human face and the like, wherein the password and the nine-grid pattern lock belong to an identification technology based on user knowledge and are easily attacked by observation and guessing, so that an attacker steals an unlocking mode; the fingerprint and the face belong to identification technologies based on biological characteristics, although the defects of the identification technologies based on user knowledge can be effectively avoided, special hardware support is needed, the production cost is greatly increased, and higher acquisition precision is needed in the identification process. Therefore, a method for verifying the user identity and ensuring data security, which is simple, fast, safe and efficient, is needed.
Disclosure of Invention
The invention aims to solve at least one of the technical defects, in particular to the technical defect that the identity of a user cannot be verified simply, quickly, safely and efficiently to ensure the data security.
According to an aspect, an embodiment of the present invention provides an identity authentication method, including:
when the preset behaviors of the user are detected, behavior data corresponding to at least two preset behaviors are obtained;
determining whether the condition of identity authentication is met or not based on the acquired behavior data;
and when the condition of identity authentication is met, authenticating the validity of the user identity.
Preferably, the determining whether the condition of identity authentication is satisfied based on the acquired behavior data includes:
determining behavior grades corresponding to all preset behaviors according to the acquired behavior data, and determining that the condition of identity authentication is met if any behavior grade reaches the preset grade; or,
and determining the data volume of the behavior data of each preset behavior according to the acquired behavior data, and determining that the condition of identity authentication is met if the data volume of the behavior data of at least one preset behavior reaches a preset data volume threshold value.
Preferably, when the condition of identity authentication is satisfied, authenticating the validity of the user identity specifically includes:
determining behavior recognition results of the acquired preset behaviors based on a pre-trained mathematical model and a recognition algorithm;
determining weight coefficients of behavior recognition results of all the preset behaviors based on a pre-trained weight distribution model, wherein the sum of all the weight coefficients is a preset value;
and authenticating the legality of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior.
Preferably, the determining the behavior recognition result of each acquired preset behavior based on the pre-trained mathematical model and recognition algorithm includes:
identifying the acquired behavior data of each preset behavior based on a pre-trained mathematical model and an identification algorithm to obtain an identification result of the behavior data of each preset behavior;
and determining the behavior recognition result of each preset behavior according to the recognition result of the behavior data of each preset behavior based on a preset mode.
Preferably, the identifying the behavior data of each acquired preset behavior based on the pre-trained mathematical model and the identification algorithm to obtain the identification result of the behavior data of each preset behavior includes:
identifying the behavior data of any preset behavior through a mathematical model and an identification algorithm matched with any preset behavior, and comparing the obtained algorithm identification result with a behavior identification threshold value to obtain the identification result of the behavior data of the preset behavior;
the mathematical model and the recognition algorithm of the preset behavior are determined according to the behavior characteristics and the distribution characteristics of the behavior data of the preset behavior;
the behavior recognition threshold value is obtained by pre-training according to a mathematical model and a recognition algorithm of a preset behavior.
Preferably, the determining the weight coefficient of the behavior recognition result of each preset behavior based on the pre-trained weight distribution model includes:
determining the behavior recognition accuracy of each preset behavior according to the recognition result of the behavior data of each preset behavior;
and determining a weight coefficient of a behavior recognition result of each preset behavior according to the behavior recognition accuracy of each preset behavior based on the pre-trained weight distribution model.
Preferably, the authenticating the validity of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior includes:
determining a behavior recognition result of each preset behavior and a weighted sum of corresponding weight coefficients thereof;
and authenticating the legality of the user identity according to the comparison result of the weighted sum and a preset threshold value.
Preferably, the preset behavior of the user comprises at least one of:
a motion gait behavior; a sliding behavior of the touch screen; a click behavior of the touch screen; the clicking behavior of the keyboard.
According to another aspect, an embodiment of the present invention further provides an identity authentication apparatus, including:
the acquisition module is used for acquiring behavior data corresponding to at least two preset behaviors when the preset behaviors of the user are detected;
the determining module is used for determining whether the condition of identity authentication is met or not based on the acquired behavior data;
and the authentication module is used for authenticating the legality of the user identity when the identity authentication condition is met.
Preferably, the determining module is specifically configured to determine, according to the acquired behavior data, behavior levels corresponding to the preset behaviors, respectively, and if any behavior level reaches a preset level, determine that a condition for identity authentication is satisfied; or, the method is used for determining the data volume of the behavior data of each preset behavior according to the acquired behavior data, and if the data volume of the behavior data of at least one preset behavior reaches a preset data volume threshold, determining that the condition of identity authentication is met.
Preferably, the authentication module comprises a behavior recognition result determining sub-module, a weight coefficient determining sub-module and an identity authentication sub-module;
the behavior recognition result determining submodule is used for determining the acquired behavior recognition result of each preset behavior based on a pre-trained mathematical model and a recognition algorithm;
the weight coefficient determining submodule is used for determining the weight coefficient of the behavior recognition result of each preset behavior based on a pre-trained weight distribution model, and the sum of the weight coefficients is a preset value;
and the identity authentication submodule is used for authenticating the validity of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior.
Preferably, the behavior identification result determining submodule is specifically configured to identify the acquired behavior data of each preset behavior based on a pre-trained mathematical model and an identification algorithm, so as to obtain an identification result of the behavior data of each preset behavior; and the behavior recognition device is used for determining the behavior recognition result of each preset behavior according to the recognition result of the behavior data of each preset behavior based on a preset mode.
Preferably, the behavior identification result determining submodule is specifically configured to identify the behavior data of any preset behavior through a mathematical model and an identification algorithm matched with the any preset behavior, and compare an obtained algorithm identification result with a behavior identification threshold value to obtain an identification result of the behavior data of the preset behavior; the mathematical model and the recognition algorithm of the preset behavior are determined according to the behavior characteristics and the distribution characteristics of the behavior data of the preset behavior; the behavior recognition threshold value is obtained by pre-training according to a mathematical model and a recognition algorithm of a preset behavior.
Preferably, the weight coefficient determination submodule is specifically configured to determine a behavior recognition accuracy of each preset behavior according to a recognition result of behavior data of each preset behavior; and the weight coefficient is used for determining the weight coefficient of the behavior recognition result of each preset behavior according to the behavior recognition accuracy of each preset behavior based on the pre-trained weight distribution model.
Preferably, the identity authentication sub-module is specifically configured to determine a behavior recognition result of each preset behavior and a weighted sum of weight coefficients corresponding to the behavior recognition result; and the authentication module is used for authenticating the legality of the user identity according to the comparison result of the weighted sum and a preset threshold value.
Preferably, the preset behavior of the user comprises at least one of:
a motion gait behavior; a sliding behavior of the touch screen; a click behavior of the touch screen; the clicking behavior of the keyboard.
According to another aspect, the embodiment of the present invention further provides a terminal device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the identity authentication method is implemented.
According to another aspect, the embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the identity authentication method described above.
According to the identity authentication method provided by the embodiment of the invention, when the preset behaviors of the user are detected, behavior data corresponding to at least two preset behaviors are obtained, and a precondition guarantee is provided for the subsequent combination of the behavior data of multiple preset behaviors and the authentication of the legality of the identity of the user; determining whether the condition of identity authentication is met or not based on the acquired behavior data, thereby ensuring that the legality of the user identity is authenticated only when the acquired behavior data meets the condition of identity authentication, delaying the time of identity authentication as far as possible under the condition of not influencing the user operation so as to acquire enough behavior data and improve the accuracy of identity authentication; when the condition of identity authentication is met, the legality of the user identity is authenticated, so that when the identity authentication is needed, the legality of the user identity is effectively authenticated through the multiple behavior data obtained in a combined mode, and the problems of instability and randomness and the like of authentication caused by the adoption of single behavior data are effectively solved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a flowchart illustrating an identity authentication method according to a first embodiment of the present invention;
FIG. 2 is a schematic diagram of a basic structure of an identity authentication apparatus according to a second embodiment of the present invention;
fig. 3 is a detailed structural diagram of an identity authentication device according to a second embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, a "terminal" as used herein includes both devices having a wireless signal receiver, which are devices having only a wireless signal receiver without transmit capability, and devices having receive and transmit hardware, which have devices having receive and transmit hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.
Because the identity authentication technology based on the behavior characteristics has the characteristics of convenience, no perception, no forgetting or loss, difficult stealing and the like, and does not need special hardware support, the equipment cost can be greatly reduced, and thus, the identity identification and verification mode based on the behavior characteristics of the user is more and more concerned by researchers at home and abroad. When a user performs specific actions such as sliding a mobile phone screen, inputting a soft keyboard, clicking a screen, operating software and the like, various sensors (such as a touch sensor, a gravity sensor, a gyroscope sensor, an acceleration sensor, a GPS positioning sensor, a pressure sensor, a microphone and the like) of the intelligent terminal and traces of software operation performed by the user provide a large amount of user behavior data, and a basis is provided for an identity authentication technology based on user behavior characteristics.
In the existing identity authentication technology based on the behavior characteristics, identity authentication is performed only by using a certain single behavior characteristic (such as gait-based identity authentication technology), so that the identity authentication result is unstable and has high randomness, and a user is often required to use an intelligent terminal after performing identity authentication, that is, the user performs identity authentication before using the intelligent terminal, so that enough behavior data cannot be collected for identity authentication in a short time, and the accuracy of identity authentication is seriously influenced.
The embodiment of the invention provides an identity authentication method under the condition that enough behavior data cannot be collected in a short time and the identity authentication result is unstable and has high randomness due to single behavior characteristics, wherein the identity authentication method provided by the first embodiment of the invention comprises the following steps as shown in figure 1: step 11, when the preset behaviors of the user are detected, behavior data corresponding to at least two preset behaviors are obtained; step 12, determining whether the condition of identity authentication is met or not based on the acquired behavior data; and step 13, when the condition of identity authentication is met, authenticating the legality of the user identity.
Compared with the prior art, the identity authentication method provided by the embodiment of the invention has the advantages that when the preset behavior of the user is detected, the behavior data corresponding to at least two preset behaviors are obtained, and a precondition guarantee is provided for the subsequent combination of the behavior data of multiple preset behaviors and the authentication of the legality of the identity of the user; determining whether the condition of identity authentication is met or not based on the acquired behavior data, thereby ensuring that the legality of the user identity is authenticated only when the acquired behavior data meets the condition of identity authentication, delaying the time of identity authentication as far as possible under the condition of not influencing the user operation so as to acquire enough behavior data and improve the accuracy of identity authentication; when the condition of identity authentication is met, the legality of the user identity is authenticated, so that when the identity authentication is needed, the legality of the user identity is stably and effectively authenticated through the multiple behavior data obtained in a combined mode, and the problems of instability and randomness and the like of authentication caused by the adoption of single behavior data are effectively solved.
The following further explains the specific implementation of each step:
in step 11, when the preset behavior of the user is detected, behavior data corresponding to at least two preset behaviors are obtained.
Specifically, the preset behavior of the user includes at least one of a movement gait behavior, a sliding behavior of the touch screen, a clicking behavior of the touch screen, and a clicking behavior of the keyboard.
Furthermore, a certain amount of behavior data generated by various operation behaviors of the user can be collected in advance, the collected behavior data is used as sample data, then, the sample data is specifically analyzed to determine which user behavior is mainly generated, so that the determined user behavior is used as a typical behavior of the identity authentication basis, and the determined user behavior is used as the preset behavior of the user. For example, if 18% of sample data is generated by the motion gait behavior of the user, 21% of sample data is generated by the user sliding the touch screen, 25% of sample data is generated by the user clicking the touch screen, 32% of sample data is generated by the user clicking the keyboard, and 4% of sample data is generated by the user running software, the motion gait behavior, the sliding behavior of the touch screen, the clicking behavior of the touch screen, and the clicking behavior of the keyboard can be used as the preset behaviors of the user for subsequent identity authentication; for another example, if 35% of the sample data is generated by the motion gait behavior of the user, 20% of the sample data is generated by the user sliding the touch screen, 40% of the sample data is generated by the user clicking the touch screen, and 5% of the sample data is generated by the network behavior, the motion gait behavior, the touch screen sliding behavior, and the touch screen clicking behavior may be used as the preset behaviors of the user for the subsequent identity authentication; for another example, if 25% of the sample data is generated by the user sliding the touch screen, 45% of the sample data is generated by the user clicking the keyboard, 25% of the sample data is generated by the network behavior, and 5% of the sample data is generated by the exercise gait behavior of the user, the sliding behavior of the touch screen, the clicking behavior of the keyboard, and the network behavior may be used as the preset behaviors of the user for the subsequent identity authentication. It should be noted that only some common user behaviors are listed here, and other common user behaviors that are not listed may also be used as the preset behaviors of the user.
Furthermore, when the preset behavior of the user is detected, behavior data corresponding to at least two preset behaviors are obtained, so that the behavior data of the at least two behaviors are combined to be used as the basis of identity authentication, and the problems of unstable identity authentication result and high randomness caused by identity authentication based on the behavior data of a single behavior are effectively solved.
In step 12, it is determined whether the condition for identity authentication is satisfied based on the acquired behavior data.
Specifically, determining whether a condition for identity authentication is satisfied based on the acquired behavior data includes: determining behavior grades corresponding to all preset behaviors according to the acquired behavior data, and determining that the condition of identity authentication is met if any behavior grade reaches the preset grade; or determining the data volume of the behavior data of each preset behavior according to the acquired behavior data, and determining that the identity authentication condition is met if the data volume of the behavior data of at least one preset behavior reaches a preset data volume threshold value.
Further, the acquired behavior data of each preset behavior (i.e., the behavior data of at least two preset behaviors) is correspondingly analyzed, the sensitivity degree (i.e., the sensitivity level) of the acquired behavior data of each preset behavior is determined, the level of the user behavior corresponding to the behavior data is determined according to the sensitivity level of the behavior data, wherein the sensitivity level of the data is preset by the user according to the self-requirement, the level of the user behavior triggering the identity authentication is also preset by the user according to the self-requirement, and generally, the sensitivity level of the behavior data corresponds to the level of the corresponding user behavior one by one. For example, if the user sets the sensitivity level of behavior data such as power on/off, calendar APP, weather APP, etc. to be low according to the user's own needs, the level of the user behavior corresponding thereto is also low; setting the sensitivity level of the behavior data of the address book, the short message, the picture and the like to be medium, and setting the level of the user behavior corresponding to the sensitivity level to be medium; the sensitivity level of the behavior data of the telephone, the payment service, the banking service, and the like is set to be high, and the level of the user behavior corresponding thereto is also high. Therefore, when the user presets a user behavior level or a behavior data sensitivity level for triggering identity authentication to be medium, if the specific operation behavior level of the user is low or the behavior data sensitivity level is low, such as browsing a calendar APP, a weather APP and the like, the condition of identity authentication is not met, and identity authentication cannot be triggered; if the specific operation behavior level of the user is medium or the behavior data sensitivity level is medium, such as browsing an address book or a short message, the identity authentication condition is met, and identity authentication is triggered; certainly, if the specific operation behavior level of the user is high or the behavior data sensitivity level is high, such as triggering a phone call, paying a service, etc., the condition of identity authentication is also necessarily satisfied, and identity authentication is triggered.
Further, although the specific operation behavior level of the user is low or the sensitivity level of the behavior data is low, such as browsing a calendar APP and browsing a weather APP, when the behavior data of at least one preset behavior is collected enough, for example, a preset data amount threshold is reached, the identity authentication is triggered, in other words, even if the sensitivity level or the behavior level of the behavior data of the user browsing the calendar APP does not reach the level set by the user and is not enough to trigger the identity authentication, at this time, the behavior data of the user browsing the calendar APP is already collected, the identity authentication is triggered, wherein whether the behavior data is collected or not can be determined by means of the preset data amount threshold of the user, for example, the data amount threshold of the behavior data of the user browsing the calendar APP is 100, when the data amount of the behavior data of the calendar APP reaches 100, the behavior data is considered to be collected completely, and then, when the amount of collected data of the browsing calendar APP reaches 100, even if the behavior level of the browsing calendar APP is low, authentication will be triggered.
It should be noted that the data amount threshold preset by the user may be reasonably set according to the behavior data amount (i.e., sample data amount) generated by the pre-collected corresponding user behavior, for example, the behavior amount collected by the user executing the browsing behavior of the calendar APP for 10 times is 100, and compared with the behavior amount 105 collected by the user executing the browsing behavior of the calendar APP for 30 times and 50 times, the floating amount is not more than 5%, and then when the behavior data amount of the user executing the browsing behavior of the calendar APP reaches 100, it is considered that the collection work of the behavior data is completed, and the condition of the identity authentication is satisfied, that is, if the behavior data amount of the browsing APP reaches the preset data amount threshold, it is determined that the condition of the identity authentication is satisfied.
In addition, the foregoing is only an example of a single user behavior for browsing the calendar APP, and a process of determining whether the behavior data is collected is specifically described, and a similar method is also used for determining whether other behavior data is collected. If the acquired predetermined behaviors include multiple types, such as the predetermined behaviors A, B and C, at this time: (1) if the data amount of the behavior data of only one preset behavior a reaches the corresponding preset data amount threshold, and the data volume of the behavior data of other preset behaviors B and C does not reach the respective preset data volume threshold, which indicates that the recognition of the preset behavior A only reaches the expected standard, the recognition of the preset behaviors B and C does not meet the expected standard, and at the moment, although the condition of user identity authentication is also met, however, since the data amount of the behavior data of the preset behaviors B and C does not reach the respective preset data amount threshold, it may cause that in the subsequent recognition process, the recognition accuracy of the preset behaviors B and C is relatively low, a relatively small weight coefficient is obtained, further, the influence of the preset behaviors B and C on the combined recognition result is possibly small, so that the authentication effect when the legality of the user identity is authenticated subsequently is relatively poor; (2) if the data volume of the behavior data of the preset behaviors A and B reaches the respective preset data volume threshold value, and the data volume of the behavior data of the preset behavior C does not reach the corresponding preset data volume threshold value, the recognition of the preset behaviors A and B reaches the respective expected standard, and the recognition of the preset behavior C does not reach the expected standard, at this moment, the condition of user identity authentication is met, but because the data volume of the behavior data of the preset behavior C does not reach the preset data volume threshold value, the subsequent recognition process is likely to be caused, the recognition accuracy of the preset behavior C is relatively low, a relatively small weight coefficient is obtained, the influence of the preset behavior C on the joint recognition result is likely to be caused to be small, and the subsequent authentication effect when the legality of the user identity is authenticated is still relatively poor; (3) if the data volumes of the behavior data of the preset behaviors A, B and C reach the respective preset data volume thresholds, it indicates that the identification of the preset behaviors A, B and C only reaches the expected standard, and at this time, the condition of user identity authentication is met, and the identifications of the preset behaviors B and C do not reach the expected standard, so that the best authentication effect is achieved when the validity of the user identity is authenticated. In other words, when the acquired preset behaviors include multiple types, if the data amount of the behavior data of more preset behaviors reaches the respective preset data amount threshold, the better authentication effect can be obtained when the legality of the user identity is authenticated, and in practical application, a compromise can be made between the number of preset behaviors reaching the preset data amount threshold and the authentication effect of the legality authentication of the user identity as required.
In step 13, when the condition of identity authentication is satisfied, the validity of the user identity is authenticated.
Specifically, when the condition that the identity authentication is met is determined, the legality of the user identity is authenticated according to the behavior data corresponding to the at least two acquired preset behaviors, namely the legality of the user identity is comprehensively evaluated by combining the acquired behavior data of the preset behaviors, so that the stability and the accuracy of the identity authentication are greatly improved, and the problems of instability and randomness of the authentication and the like caused by the fact that the identity authentication is performed only by using the behavior data of a single preset behavior are effectively solved.
In a preferred embodiment, step 13 includes step 131 (not shown), step 132 (not shown) and step 133 (not shown), step 131: determining behavior recognition results of the acquired preset behaviors based on a pre-trained mathematical model and a recognition algorithm; step 132: determining weight coefficients of behavior recognition results of all the preset behaviors based on a pre-trained weight distribution model, wherein the sum of all the weight coefficients is a preset value; step 133: and authenticating the legality of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior.
In another preferred embodiment, step 131 includes step 1311 (not shown) and step 1312 (not shown), step 1311: identifying the acquired behavior data of each preset behavior based on a pre-trained mathematical model and an identification algorithm to obtain an identification result of the behavior data of each preset behavior; step 1312: and determining the behavior recognition result of each preset behavior according to the recognition result of the behavior data of each preset behavior based on a preset mode.
Specifically, the method for recognizing the behavior data of each preset behavior based on a pre-trained mathematical model and a recognition algorithm to obtain a recognition result of the behavior data of each preset behavior includes: identifying the behavior data of any preset behavior through a mathematical model and an identification algorithm matched with any preset behavior, and comparing the obtained algorithm identification result with a behavior identification threshold value to obtain the identification result of the behavior data of the preset behavior; the mathematical model and the recognition algorithm of the preset behavior are determined according to the behavior characteristics and the distribution characteristics of the behavior data of the preset behavior; the behavior recognition threshold value is obtained by pre-training according to a mathematical model and a recognition algorithm of the preset behavior.
Preferably, determining a weight coefficient of the behavior recognition result of each preset behavior based on the pre-trained weight distribution model includes: determining the behavior recognition accuracy of each preset behavior according to the recognition result of the behavior data of each preset behavior; and determining a weight coefficient of a behavior recognition result of each preset behavior according to the behavior recognition accuracy of each preset behavior based on the pre-trained weight distribution model.
Preferably, the authenticating the validity of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior includes: determining a behavior recognition result of each preset behavior and a weighted sum of corresponding weight coefficients thereof; and authenticating the legality of the user identity according to the comparison result of the weighted sum and the preset threshold.
Further, when the behavior level of any corresponding preset behavior reaches a preset level or the data volume of the behavior data of at least one preset behavior reaches a preset data volume threshold value according to the acquired behavior data, the validity of the user identity is authenticated. In the process of authenticating the legality of the user identity, correspondingly analyzing the acquired behavior data of at least two preset behaviors to determine whether the behavior data of the at least two preset behaviors is the behavior of a legal user (such as a mobile phone owner) of the terminal equipment. The basic process of authenticating the legality of the user identity comprises the following steps: firstly, analyzing and identifying the acquired behavior data of each preset behavior based on a pre-trained mathematical model and an identification algorithm to obtain an identification result of the behavior data of each preset behavior, then determining the behavior identification result of each preset behavior based on a predetermined mode according to the identification result of the behavior data of each preset behavior, and then determining the behavior identification accuracy of each preset behavior according to the identification result of the behavior data of each preset behavior; and then determining a weight coefficient of a behavior recognition result of each preset behavior according to the behavior recognition accuracy of each preset behavior based on a pre-trained weight distribution model, and finally authenticating the legality of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior.
Further, different mathematical models and recognition algorithms are adopted for different preset behaviors, that is, each preset behavior has a pre-trained mathematical model matched with the preset behavior, for example, the preset behavior a corresponds to the mathematical model a, the preset behavior B corresponds to the mathematical model B, the preset behavior C corresponds to the mathematical model C, and the preset behavior D corresponds to the mathematical model D; after the mathematical model is determined, an identification algorithm ideally matched with both the mathematical model and the preset behavior is further determined, wherein the identification algorithm can be embedded into the mathematical model or can exist independently, for example, the mathematical model A corresponds to the identification algorithm FA, the mathematical model B corresponds to the identification algorithm FB, the mathematical model C corresponds to the identification algorithm FC, the mathematical model D corresponds to the identification algorithm FD, and then the behavior data of the preset behavior can be specifically analyzed and identified through the mathematical model and the identification algorithm matched with a certain preset behavior.
The mathematical model and the recognition algorithm for analyzing the behavior data are obtained by training in advance according to a certain amount of behavior data (i.e., sample data) generated by a certain behavior of a user, which is acquired in advance. In the specific training process, the behavior characteristics and distribution rules of various behavior data determine which mathematical model and recognition algorithm are specifically adopted, for example, the motion gait behavior is periodic behavior, the corresponding behavior data are periodically distributed, the mathematical model can adopt a hidden markov model based on statistical distribution, the recognition algorithm can adopt a behavior characteristic sequence to obtain the output probability based on the hidden markov model, and for other behavior data, other matched mathematical models and recognition algorithms are adopted according to the behavior characteristics and the distribution rules.
In the training process of the mathematical model and the recognition algorithm, if Gaussian model A based on Gaussian distribution is described by A (mu, sigma ^2), mu identifies the position, and sigma identifies the positionThe magnitude of the distribution thereof) has the best effect on the behavior data of the preset behavior a, and thus the gaussian model a based on the gaussian distribution is determined as the mathematical model a matching the preset behavior a, and the probability density function of the gaussian model a is determinedThe identification algorithm FA corresponding to the preset behavior A is used, and f (x) represents the probability that input x (behavior data of the preset behavior A) belongs to A (mu, sigma ^ 2); if the effect of the feature template B on the behavior data of the preset behavior B is the best, then the feature template B is determined as the mathematical model B matched with the preset behavior B, that is, the behavior data of the preset behavior B is identified through the feature template B, and meanwhile, a distance function describing the distance from the coordinate point to the multidimensional vector VectorB (B1, B2, …) is obtainedAs a recognition algorithm corresponding to the model B, i.e. as a recognition algorithm of the preset behavior B; if the binary recognition model C based on the neural network has the best effect on the behavior data of the preset behavior C, the binary recognition model C is determined as the mathematical model C matched with the preset behavior C, that is, the behavior data of the preset behavior C is recognized through the binary recognition model C, the recognition algorithm corresponding to the binary recognition model C is a trained neural network, that is, the recognition algorithm FC of the preset behavior C is a trained neural network, and the output result of the neural network is only 0 (correct, behavior data belonging to a legal user) or 1 (wrong, behavior data belonging to an illegal user).
It should be noted that, the mathematical model a and the identification algorithm FA corresponding to the preset behavior a, the mathematical model B and the identification algorithm FB corresponding to the preset behavior B, and the mathematical model C and the identification algorithm FC corresponding to the preset behavior C are different in the representation manner of the identification result for identifying the corresponding behavior data, where the mathematical model a and the identification algorithm FA use the probability as the output result (i.e., the identification result of the characterizing behavior data), the mathematical model B and the identification algorithm FB use the distance as the output result (i.e., the identification result of the characterizing behavior data), and the mathematical model C and the identification algorithm FC use 0 or 1 as the output result (i.e., the identification result of the characterizing behavior data).
Furthermore, because the above mathematical models and recognition algorithms all have a certain accuracy, therefore, the behavior data of any preset behavior, the result of identification (written as algorithm identification result) through the mathematical model and the identification algorithm matched with any preset behavior, the identification result of the behavior data of the preset behavior cannot be directly used, and the obtained algorithm identification result needs to be compared with corresponding behavior identification thresholds (for example, the behavior identification thresholds of the mathematical model a and the identification algorithm FA are TA, the behavior identification thresholds of the mathematical model B and the identification algorithm FB are TB, and the behavior identification thresholds of the mathematical model C and the identification algorithm FC are TC), and the algorithm identification result larger than the identification threshold is used as the identification result of the behavior data of any preset behavior, the behavior recognition threshold is obtained by pre-training the mathematical model and recognition algorithm of any preset behavior according to the training sample.
Further, according to the above description, the recognition result of certain behavior data for the preset behavior a may be expressed as follows:
A
the recognition result of certain behavior data for the preset behavior B may be expressed as follows:
B
the recognition result of certain behavior data of the preset behavior C may be expressed as follows:
C
in addition, due to different mathematical models andthe characterization modes of the recognition results of the behavior data by the recognition algorithm are different, so that the recognition process of recognizing the acquired behavior data of each preset behavior is slightly different based on the pre-trained mathematical model and the recognition algorithm, especially when the number of the behavior data of the preset behavior is greater than 1. The following is a brief description of the process of identifying multiple behavior data by the mathematical models and the identification algorithms, taking multiple behavior data of any preset behavior as an example: (1) for the mathematical model A and the identification algorithm FA with probability output result, the following processing procedure is adopted, and a plurality of (for example, 10) behavior data (x) are processed1,x2,…,x10) Respectively inputting the data into a mathematical model A and an identification algorithm FA to respectively obtain algorithm identification results f (x) of each behavior data1),f(x2),…,f(x10) Then f (x)1),f(x2),…,f(x10) And comparing with the behavior recognition threshold value TA to obtain the recognition result of each behavior data, such as-1, 1, -1, -1, -1, -1, -1, -1, 1. Since each preset behavior corresponds to a unique behavior recognition result, it is required to obtain a behavior recognition result of the corresponding preset behavior according to the recognition results of the plurality of behavior data, wherein the recognition results of all behavior data can be averaged, that is, avg [ (-1) +1+ (-1) + (-1) + (-1) + (-1) + (-1) + (-1) +1 ═ 1 {, and]10 when avg>When 0, the behavior recognition result of the preset behavior is 1, and when avg<When the value is 0, the behavior recognition result of the preset behavior is-1, and in addition, the recognition result-1 with the largest occurrence in all the behavior data-1, 1, -1, -1, -1, -1, -1, 1 may also be used as the behavior recognition result of the preset behavior. (2) The mathematical model B and the recognition algorithm FB with the distance as the output result have the following processing procedures that a plurality of (for example, 10) behavior data (x) are firstly processed1,x2,…,x10) Averaging, e.g. x ═ x1+x2+…+x10) And 10, taking the mean value x as the input of the mathematical model B and the recognition algorithm FB to obtain a corresponding output result (namely an algorithm recognition result), and then comparing the algorithm recognition result with a behavior recognition threshold TB to obtain a behavior recognition result of the preset behavior, wherein for the comparison, the average value x is used as the input of the mathematical model B and the recognition algorithm FBFor the mathematical model B and the recognition algorithm FB, the recognition algorithm 1 for recognizing a single input behavior data is slightly different from the recognition algorithm 2 for recognizing a mean value of a plurality of input behavior data, and is adjusted as necessary in practical application.
Further, after the recognition results of the plurality of behavior data of any preset behavior are obtained, the recognition accuracy of the corresponding mathematical model and recognition algorithm for any preset behavior can be calculated according to the recognition results of the plurality of behavior data, wherein the recognition accuracy of any preset behavior can be expressed as the ratio of the correct recognition number to all recognition numbers. The distribution of the weight coefficient of each preset behavior by the pre-trained weight distribution model is based on the identification accuracy of each preset behavior, namely, the weight distribution model dynamically distributes the weight coefficient of each preset behavior according to the identification accuracy, so that the identification accuracy of each preset behavior can be used as the weight distribution model, the weight coefficient is used as the output of the weight coefficient, the behavior identification result of each preset behavior and the weighted sum of the corresponding weight coefficients are subsequently determined, and the legality of the user identity is authenticated according to the comparison result of the weighted sum and the preset threshold. The weight distribution model is obtained by training according to behavior data under different conditions, and may be a mathematical model constructed based on a deep neural network of machine learning, or a mathematical model constructed based on probability distribution based on the distribution condition of each behavior data.
It should be noted that the quantity of the behavior data of each preset behavior influences the recognition accuracy of the preset behavior to some extent, and further influences the distribution of the weight coefficient of each preset behavior by the weight distribution model. In the following, briefly explaining the process of assigning the weight coefficient by the weight assignment model, if only one of the behavior data Xa of the behavior a, the behavior data Xb of the behavior B, the behavior data Xc of the behavior C, and the behavior data Xd of the behavior D is collected, at this time, the recognition accuracy of the behavior recognition result of the preset behavior a corresponding to the behavior data Xa by the mathematical model a and the recognition algorithm FA is 95%, the recognition accuracy of the behavior recognition result of the preset behavior B corresponding to the behavior data Xb by the mathematical model B and the recognition algorithm FB is 90%, the recognition accuracy of the behavior recognition result of the preset behavior C corresponding to the behavior data Xc by the mathematical model C and the recognition algorithm FC is 97%, the weight assignment model may configure the weight coefficient of the preset behavior a as 0.332, the weight coefficient of the preset behavior B as 0.295, and the weight coefficient of the behavior C as 0.373, wherein, the sum of the weight coefficients is a preset value 1. If 5 pieces of behavior data Xa of the preset behavior a are collected, 6 pieces of behavior data Xb of the preset behavior B are collected, and 3 pieces of behavior data Xc of the preset behavior C are collected, then the recognition accuracy of the mathematical model a on the behavior recognition result of the preset behavior a corresponding to the behavior data Xa may be 98%, the recognition accuracy of the mathematical model B on the behavior recognition result of the preset behavior a corresponding to the behavior data Xb may be 97%, and the recognition accuracy of the mathematical model C on the behavior recognition result of the preset behavior a corresponding to the behavior data Xc may be 98%, at this time, the weight distribution model reconfigures the weight coefficient corresponding to each preset behavior according to the obtained recognition accuracy of the behavior recognition result of each preset behavior, at this time, the weight coefficient of the preset behavior a may be reconfigured to 0.345, the weight coefficient of the preset behavior B may be reconfigured to 0.325, the weight coefficient of the preset behavior C is reconfigured to be 0.33, and it can be seen that the data size of the behavior data of each preset behavior influences the recognition accuracy of the mathematical model and the recognition algorithm on the behavior recognition result of each preset behavior, and further influences the distribution of the weight coefficient of each preset behavior by the weight distribution model.
Further, after determining the behavior recognition result and the weight coefficient corresponding to each preset behavior, calculating a weighted sum of the behavior recognition result and the weight coefficient corresponding to each preset behavior, if the behavior recognition result of the preset behavior a is-1, the weight coefficient corresponding to each preset behavior a is 0.345, the behavior recognition result of the preset behavior B is-1, the weight coefficient corresponding to each preset behavior a is 0.325, the behavior recognition result of the preset behavior C is 1, and the weight coefficient corresponding to each preset behavior B is 0.33, the weighted sum is 0.345 (-1) +0.325 (-1) +0.33 x 1-0.34, since the weighted sum-0.34 is smaller than a preset threshold (e.g., -0.1, 0, 1, etc.), it is determined that the user corresponding to each preset behavior is an illegal user, at this time, the user is prohibited from performing subsequent operations, and certain safety measures can be taken, including but not limited to alarm reminding, and locking the terminal equipment, sending a message to a host of the terminal equipment through a preset communication mode (such as short message, WeChat and the like), sending a reminding message to a server of the terminal equipment and the like. In addition, when the behavior recognition result of each preset behavior and the weighted sum of the corresponding weight coefficients thereof are greater than or equal to a preset threshold (e.g., -0.1, 0, 1, etc.), it is determined that the user corresponding to each behavior data is a valid user, and at this time, the user is allowed to perform corresponding subsequent operations.
The whole process of the above embodiment of the present invention is further explained by specific examples as follows:
assuming that the number of preset behaviors of a user is mainly 3, respectively recording the behaviors as a behavior A, a behavior B and a behavior C, wherein behavior data of the behavior A is recorded as Xa, a mathematical model corresponding to the behavior A is a model A, and an identification algorithm based on the model A is FA; behavior data of the behavior B is recorded as Xb, a mathematical model of the behavior B is a model B, and an identification algorithm based on the model B is FB; behavior data Xc of behavior C, wherein a mathematical model of the behavior C is a model C, and an identification algorithm based on the model C is FC; the model and the recognition algorithm are obtained through training respectively, the recognition algorithm represents the probability of correctly recognizing the behavior data of the pre-trained mathematical model and the recognition algorithm, and the behavior data are obtained through sampling and feature extraction of a sensor of the terminal equipment. Therefore, the correct recognition rate of the model A and the recognition algorithm FA on the behavior data Xa of the behavior A can be obtained as FA (Xa); the correct recognition rate of the model B and the recognition algorithm FB on the behavior data Xb of the behavior B is FB (Xb); the correct recognition rate of the model C and the recognition algorithm FC on the behavior data Xc of the behavior C is FC (Xc).
Although the behavior recognition rate of the behavior data of each behavior, such as FA (Xa), FB (Xb), FC (Xc), etc., can be obtained in the above manner, it cannot be simply considered that the behavior recognition rate is greater than 0.5, and the behavior data of each preset behavior can be determined to be the behavior data of the valid user, but the behavior recognition rate threshold corresponding to each model and recognition algorithm needs to be obtained according to the training data sample, for example, the behavior recognition rate threshold of model a and recognition algorithm FA is TA, the behavior recognition rate threshold of model B and recognition algorithm FB is TB, and the behavior recognition rate threshold of model C and recognition algorithm FC is TC, and only when the correct recognition rate satisfies the preset behavior recognition rate threshold, the behavior data of each preset behavior can be determined to be the behavior data of the valid user. That is, if FA (Xa) is greater than or equal to TA, it is determined that the behavior data Xa is behavior data of a valid user, that is, the behavior recognition result test (Xa) of the behavior data Xa is 1, and if FA (Xa) is smaller than TA, it is determined that the behavior data Xa is behavior data of an invalid user, that is, the behavior recognition result test (Xa) of the behavior data Xa is-1, where the recognition result of the behavior data of the valid user is set in advance to be 1 and the recognition result of the behavior data of the invalid user is-1. Similarly, if FB (Xb) is less than or equal to TB, it is determined that the behavior recognition result test (Xb) of the behavior data Xb is 1, and if FB (Xb) is greater than TB, it is determined that the behavior recognition result test (Xb) of the behavior data Xb is-1; if FC (Xc) is greater than or equal to TC, it is determined that the behavior recognition result test (Xc) of the behavior data Xc is 1, and if FC (Xc) is less than TB, it is determined that the behavior recognition result test (Xc) of the behavior data Xc is-1.
The recognition accuracy of the recognition algorithms FA, FB, and FC under the standard condition is obtained by testing behavior data samples of a preset number of legal users (theoretical recognition result-1) and a preset number of illegal users (theoretical recognition result-1), for example, 100 behavior data Xa, 100 behavior data Xb, and 100 behavior data Xc. That is to say, the behavior data Xa, Xb, or Xc of the valid user, after the above steps, is the valid user, that is, FA (Xa) ≧ TA or FB (Xb) ≦ TB or FC (Xc) ≧ TC, that is, Test (Xa) ═ 1, Test (Xb) ═ 1, and Test (Xc) ≥ 1; the behavior data Xa, Xb, or Xc of the illegal user is also the illegal user according to the identification result obtained through the above steps, that is, FA (Xa) < TA or FB (Xb) > TB, FC (Xc) < TC, that is, Test (Xa) ═ 1, Test (Xb) ═ 1, and Test (Xc) ═ 1; otherwise, the FA, FB and FC are identified wrongly, namely the identification result is different from the theoretical result.
If the correct recognition rate of the recognition algorithm FA of the model A is 95%, namely 95 of 100 behavior data can be correctly recognized, and 5 recognition errors occur; the correct recognition rate of the recognition algorithm FB of the B model is 90%, namely 90 can be correctly recognized in 100 pieces of behavior data, and 10 recognition errors exist; the recognition algorithm FC of the model C has a correct recognition rate of 85%, that is, 85 of the 100 behavior data can be correctly recognized, and 15 recognition errors occur. It can be seen that the recognition effect of the recognition algorithm FA of the behavior a is the best, the recognition algorithm FB of the behavior B is relatively poor, and the recognition algorithm FC of the behavior C is the worst and is reflected to the weight coefficient, so under the standard condition: the weight coefficient Ra of FA > the weight coefficient Rb of FB > the weight coefficient Rc of FC; then, Ra may be set to 0.352 (maximum), Rb may be set to 0.333, and Rc may be set to 0.315 (minimum), and Ra + Rb + Rc may be set to 1.0 (i.e., the sum of the weight coefficients is a preset value 1).
If the identification is performed under the standard condition, the identification result of the identification algorithm FA is a legal user (i.e. the identification result is 1), the identification result of the identification algorithm FB is an illegal user (i.e. the identification result is-1), and the identification result of the identification algorithm FC is an illegal user (i.e. the identification result is-1). Then the joint identification result is 0.352 x 1+0.333 x (-1) +0.315 x (-1) — 0.296, -0.296<0, and closer to-1 (i.e. the illegal user). According to the known prior experience, although the FA identification accuracy rate is the highest, because the other 2 models are considered to be illegal, the final joint identification result is also considered to be illegal, and therefore, it can be found that when the number of models is more, the joint identification is influenced by a single model to be smaller and tends to be more stable.
It should be noted that, the above is all recognition based on one behavior data (i.e. standard case), and in actual recognition, all collected behavior data participate in recognition, and the recognition result is only one (because of the operation behavior of the same user). In addition, when identification is performed in practical application, for example, identification based on a sliding model is generally performed based on all sliding behavior data during a period from the terminal being turned on to the identity authentication, and the number of the behavior data is not only one, so that there are a batch of behavior data of the same usern represents the number of behavior data, a represents a preset behavior A,behavior data representing preset behaviors a of n identical users (legitimate users or illegitimate users),the behavior data is behavior data of a preset behavior A and corresponds to a standard condition.
Thus, n>1 corresponds to a plurality of behavior data, and the behavior recognition results obtained by the above steps may be different, for example, 1, -1, …, and the n behavior data are all data of the same user, so the n behavior data are all data of the same userOnly one behavior recognition result is available, i.e. the result is a composite of all recognition results, for example, the average value may be simply taken, i.e. avg ═ 1+ -1+ …)/n. Wherein, when avg>When equal to 0Behavior recognition result ofDetermining the user as a legal user; when avg<At the time of 0, the number of the first,is recognized as a resultAnd determining as an illegal user. With increasing n, obtainedBehavior recognition result ofThe more accurate will be, but there will be one poleA limit value, for example, an infinite limit of 99.999%, may be preset as a data amount threshold NA, and when n is equal to NA, it is considered that n is equal to NATo the expected recognition accuracy, i.e. a relatively high recognition accuracy (e.g. 99%) is achieved with a smaller amount of data (NA).
In the process of dynamically allocating the weight, when the data volume n is different, the behavior recognition rates of the models are different, and further, the recognition results of the models are also different, and the model with the low recognition rate may improve the behavior recognition rate because the behavior data volume n of the behavior is larger under the standard condition. For example, in the case of identification authentication, the number of behavior data of behavior A is 3, and at this timeHas a behavior recognition rate of 98%, and a weight dynamically assigned accordinglyThe behavior data of behavior B is 4, at this timeHas a behavior recognition rate of 98%, and a weight dynamically assigned accordinglyThe behavior data of behavior C is 6, and the time isHas a behavior recognition rate of 99%, and a weight dynamically assigned accordinglyIt can be seen that the behavior recognition rate changes with the change of the behavior data amount n, and the dynamically assigned weight also changes with respect to the standard case. The joint recognition result at this time is test (A) is the recognition result of model A. If there isThe result of the recognition is 1 and,the result of the recognition is-1,if the recognition result is 1, then: test is 0.336, 1 x 0.332+ (-1) 0.332+1 x 0.336, where 0.336 is closer to 1 and is therefore identified as a legitimate user.
The identity authentication method provided by the embodiment of the invention not only fully considers the user experience, delays the time for identity authentication according to the behavior grade of the user behavior or the sensitivity grade of the behavior data under the condition that the user does not sense as much as possible so as to acquire the behavior data of the user as much as possible and ensure the accuracy of the identity authentication of the user, but also combines the behavior data of at least two behaviors for identity authentication, greatly improves the stability and the accuracy of the identity authentication, and dynamically distributes the weight coefficient according to the recognition result and the data volume of the behavior data, thereby further improving the robustness of the identity authentication.
A second embodiment of the present invention provides an identity authentication apparatus, as shown in fig. 2, including an obtaining module 21, a determining module 22, and an authentication module 23, where the obtaining module 21 is configured to obtain behavior data corresponding to at least two preset behaviors when the preset behaviors of a user are detected; the determining module 22 is configured to determine whether a condition of identity authentication is satisfied based on the acquired behavior data; the authentication module 23 is configured to authenticate the validity of the user identity when the condition of identity authentication is satisfied.
Further, the determining module 22 is specifically configured to determine, according to the acquired behavior data, behavior levels corresponding to the preset behaviors, respectively, and if any behavior level reaches the preset level, determine that the condition of identity authentication is satisfied; or, the method is used for determining the data volume of the behavior data of each preset behavior according to the acquired behavior data, and if the data volume of the behavior data of at least one preset behavior reaches a preset data volume threshold, determining that the condition of identity authentication is met.
Further, the authentication module 23 includes a behavior recognition result determining submodule 231, a weight coefficient determining submodule 232, and an identity authentication submodule 233, as shown in fig. 3, the behavior recognition result determining submodule 231 is configured to determine the behavior recognition result of each acquired preset behavior based on a pre-trained mathematical model and a recognition algorithm; the weight coefficient determination submodule 232 is configured to determine weight coefficients of behavior recognition results of each preset behavior based on a pre-trained weight distribution model, where a sum of the weight coefficients is a preset value; the identity authentication sub-module 233 is configured to authenticate the validity of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior.
Preferably, the behavior identification result determining submodule 231 is specifically configured to identify the acquired behavior data of each preset behavior based on a pre-trained mathematical model and an identification algorithm, so as to obtain an identification result of the behavior data of each preset behavior; and the behavior recognition device is used for determining the behavior recognition result of each preset behavior according to the recognition result of the behavior data of each preset behavior based on a preset mode.
Preferably, the behavior recognition result determining submodule 231 is specifically configured to recognize the behavior data of any preset behavior through a mathematical model and a recognition algorithm matched with the any preset behavior, and compare the obtained algorithm recognition result with a behavior recognition threshold value to obtain a recognition result of the behavior data of the preset behavior; the mathematical model and the recognition algorithm of the preset behavior are determined according to the behavior characteristics and the distribution characteristics of the behavior data of the preset behavior; the behavior recognition threshold value is obtained by pre-training according to a mathematical model and a recognition algorithm of the preset behavior.
Preferably, the weight coefficient determining submodule 232 is specifically configured to determine the behavior recognition accuracy of each preset behavior according to the recognition result of the behavior data of each preset behavior; and the weight coefficient is used for determining the weight coefficient of the behavior recognition result of each preset behavior according to the behavior recognition accuracy of each preset behavior based on the pre-trained weight distribution model.
Preferably, the identity authentication sub-module 233 is specifically configured to determine a behavior recognition result of each preset behavior and a weighted sum of weight coefficients corresponding to the behavior recognition result; and the authentication module is used for authenticating the legality of the user identity according to the comparison result of the weighted sum and a preset threshold value.
Further, the preset behavior of the user comprises at least one of: a motion gait behavior; a sliding behavior of the touch screen; a click behavior of the touch screen; the clicking behavior of the keyboard.
According to the identity authentication device provided by the embodiment of the invention, when the preset behaviors of the user are detected, behavior data corresponding to at least two preset behaviors are obtained, and a precondition guarantee is provided for the subsequent combination of the behavior data of multiple preset behaviors and the authentication of the legality of the identity of the user; determining whether the condition of identity authentication is met or not based on the acquired behavior data, thereby ensuring that the legality of the user identity is authenticated only when the acquired behavior data meets the condition of identity authentication, delaying the time of identity authentication as far as possible under the condition of not influencing the user operation so as to acquire enough behavior data and improve the accuracy of identity authentication; when the condition of identity authentication is met, the legality of the user identity is authenticated, so that when the identity authentication is needed, the legality of the user identity is stably and effectively authenticated through the multiple behavior data obtained in a combined mode, and the problems of instability and randomness and the like of authentication caused by the adoption of single behavior data are effectively solved.
A third embodiment of the present invention provides a terminal device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the identity authentication method is implemented.
A fourth embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the above-described identity authentication method.
Those skilled in the art will appreciate that the present invention includes apparatus directed to performing one or more of the operations described in the present application. These devices may be specially designed and manufactured for the required purposes, or they may comprise known devices in general-purpose computers. These devices have stored therein computer programs that are selectively activated or reconfigured. Such a computer program may be stored in a device (e.g., computer) readable medium, including, but not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magnetic-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable programmable Read-Only memories), EEPROMs (Electrically Erasable programmable Read-Only memories), flash memories, magnetic cards, or optical cards, or any type of media suitable for storing electronic instructions, and each coupled to a bus. That is, a readable medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the features specified in the block or blocks of the block diagrams and/or flowchart illustrations of the present disclosure.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (10)

1. An identity authentication method, comprising:
when the preset behaviors of the user are detected, behavior data corresponding to at least two preset behaviors are obtained;
determining whether the condition of identity authentication is met or not based on the acquired behavior data;
and when the condition of identity authentication is met, authenticating the validity of the user identity.
2. The method of claim 1, wherein determining whether a condition for identity authentication is satisfied based on the obtained behavior data comprises:
determining behavior grades corresponding to all preset behaviors according to the acquired behavior data, and determining that the condition of identity authentication is met if any behavior grade reaches the preset grade; or,
and determining the data volume of the behavior data of each preset behavior according to the acquired behavior data, and determining that the condition of identity authentication is met if the data volume of the behavior data of at least one preset behavior reaches a preset data volume threshold value.
3. The method according to claim 1, wherein the authenticating the validity of the user identity when the condition of identity authentication is satisfied specifically comprises:
determining behavior recognition results of the acquired preset behaviors based on a pre-trained mathematical model and a recognition algorithm;
determining weight coefficients of behavior recognition results of all the preset behaviors based on a pre-trained weight distribution model, wherein the sum of all the weight coefficients is a preset value;
and authenticating the legality of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior.
4. The method according to claim 3, wherein the determining the behavior recognition result of each acquired preset behavior based on the pre-trained mathematical model and recognition algorithm comprises:
identifying the acquired behavior data of each preset behavior based on a pre-trained mathematical model and an identification algorithm to obtain an identification result of the behavior data of each preset behavior;
and determining the behavior recognition result of each preset behavior according to the recognition result of the behavior data of each preset behavior based on a preset mode.
5. The method according to claim 4, wherein the identifying the acquired behavior data of each preset behavior based on the pre-trained mathematical model and the identification algorithm to obtain the identification result of the behavior data of each preset behavior comprises:
identifying the behavior data of any preset behavior through a mathematical model and an identification algorithm matched with any preset behavior, and comparing the obtained algorithm identification result with a behavior identification threshold value to obtain the identification result of the behavior data of the preset behavior;
the mathematical model and the recognition algorithm of the preset behavior are determined according to the behavior characteristics and the distribution characteristics of the behavior data of the preset behavior;
the behavior recognition threshold value is obtained by pre-training according to a mathematical model and a recognition algorithm of a preset behavior.
6. The method according to any one of claims 3 to 5, wherein the determining the weight coefficient of the behavior recognition result of each preset behavior based on the pre-trained weight distribution model comprises:
determining the behavior recognition accuracy of each preset behavior according to the recognition result of the behavior data of each preset behavior;
and determining a weight coefficient of a behavior recognition result of each preset behavior according to the behavior recognition accuracy of each preset behavior based on the pre-trained weight distribution model.
7. The method according to any one of claims 3 to 6, wherein the step of authenticating the validity of the user identity according to the determined weight coefficient and the behavior recognition result of each preset behavior comprises the steps of:
determining a behavior recognition result of each preset behavior and a weighted sum of corresponding weight coefficients thereof;
and authenticating the legality of the user identity according to the comparison result of the weighted sum and a preset threshold value.
8. An identity authentication apparatus, comprising:
the acquisition module is used for acquiring behavior data corresponding to at least two preset behaviors when the preset behaviors of the user are detected;
the determining module is used for determining whether the condition of identity authentication is met or not based on the acquired behavior data;
and the authentication module is used for authenticating the legality of the user identity when the identity authentication condition is met.
9. A terminal device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the identity authentication method of any one of claims 1 to 7 when executing the program.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when being executed by a processor, carries out the identity authentication method according to any one of claims 1 to 7.
CN201810359512.5A 2018-04-20 2018-04-20 Identity identifying method, device and terminal device Pending CN108595923A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810359512.5A CN108595923A (en) 2018-04-20 2018-04-20 Identity identifying method, device and terminal device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810359512.5A CN108595923A (en) 2018-04-20 2018-04-20 Identity identifying method, device and terminal device

Publications (1)

Publication Number Publication Date
CN108595923A true CN108595923A (en) 2018-09-28

Family

ID=63614242

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810359512.5A Pending CN108595923A (en) 2018-04-20 2018-04-20 Identity identifying method, device and terminal device

Country Status (1)

Country Link
CN (1) CN108595923A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109614777A (en) * 2018-11-23 2019-04-12 第四范式(北京)技术有限公司 The user ID authentication method and device of smart machine and smart machine
CN110418337A (en) * 2019-07-29 2019-11-05 北京邮电大学 Identity identifying method and device
CN111291350A (en) * 2018-12-06 2020-06-16 夏普株式会社 Information processing system and information processing method
CN111901347A (en) * 2020-07-29 2020-11-06 南方电网科学研究院有限责任公司 Dynamic identity authentication method and device under zero trust
CN111984952A (en) * 2020-09-03 2020-11-24 四川长虹电器股份有限公司 HMM-based user input behavior abnormity identification method
CN112819486A (en) * 2020-02-20 2021-05-18 支付宝实验室(新加坡)有限公司 Method and system for identity certification
CN113742665A (en) * 2020-06-05 2021-12-03 国家计算机网络与信息安全管理中心 User identity identification model construction method, user identity authentication method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030145307A1 (en) * 2001-12-13 2003-07-31 Jahnke Steven R. Software development tool with embedded cache analysis
CN105590055A (en) * 2014-10-23 2016-05-18 阿里巴巴集团控股有限公司 Method and apparatus for identifying trustworthy user behavior in network interaction system
CN106022030A (en) * 2016-06-30 2016-10-12 深圳卡通新技术有限公司 Identity authentication system and method based on user habit behavior features
CN107194213A (en) * 2016-03-14 2017-09-22 阿里巴巴集团控股有限公司 A kind of personal identification method and device
CN107368718A (en) * 2017-07-06 2017-11-21 同济大学 A kind of user browsing behavior authentication method and system
CN107516218A (en) * 2017-09-30 2017-12-26 北京梆梆安全科技有限公司 A kind of user ID authentication method and device based on multiple features

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030145307A1 (en) * 2001-12-13 2003-07-31 Jahnke Steven R. Software development tool with embedded cache analysis
CN105590055A (en) * 2014-10-23 2016-05-18 阿里巴巴集团控股有限公司 Method and apparatus for identifying trustworthy user behavior in network interaction system
CN107194213A (en) * 2016-03-14 2017-09-22 阿里巴巴集团控股有限公司 A kind of personal identification method and device
CN106022030A (en) * 2016-06-30 2016-10-12 深圳卡通新技术有限公司 Identity authentication system and method based on user habit behavior features
CN107368718A (en) * 2017-07-06 2017-11-21 同济大学 A kind of user browsing behavior authentication method and system
CN107516218A (en) * 2017-09-30 2017-12-26 北京梆梆安全科技有限公司 A kind of user ID authentication method and device based on multiple features

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109614777A (en) * 2018-11-23 2019-04-12 第四范式(北京)技术有限公司 The user ID authentication method and device of smart machine and smart machine
CN111291350A (en) * 2018-12-06 2020-06-16 夏普株式会社 Information processing system and information processing method
CN110418337A (en) * 2019-07-29 2019-11-05 北京邮电大学 Identity identifying method and device
CN112819486A (en) * 2020-02-20 2021-05-18 支付宝实验室(新加坡)有限公司 Method and system for identity certification
CN113742665A (en) * 2020-06-05 2021-12-03 国家计算机网络与信息安全管理中心 User identity identification model construction method, user identity authentication method and device
CN113742665B (en) * 2020-06-05 2024-03-26 国家计算机网络与信息安全管理中心 User identity recognition model construction and user identity verification methods and devices
CN111901347A (en) * 2020-07-29 2020-11-06 南方电网科学研究院有限责任公司 Dynamic identity authentication method and device under zero trust
CN111901347B (en) * 2020-07-29 2022-12-06 南方电网科学研究院有限责任公司 Dynamic identity authentication method and device under zero trust
CN111984952A (en) * 2020-09-03 2020-11-24 四川长虹电器股份有限公司 HMM-based user input behavior abnormity identification method

Similar Documents

Publication Publication Date Title
CN108595923A (en) Identity identifying method, device and terminal device
AU2022202047B2 (en) Remote usage of locally stored biometric authentication data
CN110163611B (en) Identity recognition method, device and related equipment
US20210076212A1 (en) Recognizing users with mobile application access patterns learned from dynamic data
US10440019B2 (en) Method, computer program, and system for identifying multiple users based on their behavior
US8942431B2 (en) Biometrics based methods and systems for user authentication
US20170227995A1 (en) Method and system for implicit authentication
CN107800672B (en) Information verification method, electronic equipment, server and information verification system
Centeno et al. Smartphone continuous authentication using deep learning autoencoders
US20090320123A1 (en) Method and apparatus for user recognition employing motion passwords
US20080305769A1 (en) Device Method &amp; System For Facilitating Mobile Transactions
US20120117633A1 (en) Enhanced Security For Pervasive Devices Using A Weighting System
US9202035B1 (en) User authentication based on biometric handwriting aspects of a handwritten code
KR20110106887A (en) Passive security enforcement
CN103164646A (en) High-security biometric authentication system
US11102648B2 (en) System, method, and apparatus for enhanced personal identification
Li et al. Studying WiFi and accelerometer data based authentication method on mobile phones
Buriro et al. Evaluation of motion-based touch-typing biometrics for online banking
US11695746B2 (en) Multi-layer user authentication with live interaction
EP4248341A1 (en) Method and apparatus for user recognition
CN105450412B (en) Identity identifying method and device
Yang et al. Bubblemap: Privilege mapping for behavior-based implicit authentication systems
Vongsingthong et al. A survey on smartphone authentication
CN112272195B (en) Dynamic detection authentication system and method thereof
KR102060563B1 (en) Method and apparatus for providing authentication using voice and facial data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180928