CN109600361B - Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium - Google Patents
Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium Download PDFInfo
- Publication number
- CN109600361B CN109600361B CN201811418992.4A CN201811418992A CN109600361B CN 109600361 B CN109600361 B CN 109600361B CN 201811418992 A CN201811418992 A CN 201811418992A CN 109600361 B CN109600361 B CN 109600361B
- Authority
- CN
- China
- Prior art keywords
- user
- target
- request information
- verification
- target user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a verification code anti-attack method and a verification code anti-attack device based on a Hash algorithm, wherein the method comprises the following steps: acquiring verification request information of a target user in a preset verification period; and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user. According to the verification code anti-attack method and device based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the type of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Description
Technical Field
The embodiment of the invention relates to the technical field of information security, in particular to a verification code anti-attack method and device based on a Hash algorithm.
Background
With the rapid growth of networks, the world wide web has become a carrier of a large amount of information, and how to efficiently extract and utilize such information has become a great challenge. In order to solve the problems, a focused crawler for directionally grabbing related webpage resources is produced. However, a malicious web crawler will seriously impair the interests of the attacker, and even lead to paralysis of the attacker.
In the prior art, a sliding puzzle verification code is usually adopted to identify whether a person performs login or access operation, or a computer program (crawler) or a robot performs the login or access operation, so that the security is improved and malicious attack is prevented. Specifically, a picture containing a sliding block and a shadow area is displayed in a login interface and used as a sliding jigsaw verification code, the sliding block is a part of the picture which is scratched out from an original picture according to a preset shape, the shadow area is an area formed by adding a shadow to the scratched out part, the shape of the shadow area is completely matched with that of the sliding block, and the identification difficulty is increased by using the technologies of picture background interference, random position of the shadow area, picture reverse color and the like in the picture verification code generation process. In the verification process, the user is required to identify operation indication information in the interface and slide the sliding block to the shadow region, so that the sliding block and the shadow region are overlapped as much as possible, and the system recognizes that the position of the sliding block and the position of the shadow region are within an allowable error range when the user releases the sliding block, and can pass the verification to complete the login operation.
However, the sliding behavior is easy to obtain, a sliding track can be operated truly, the sliding track is recorded, a cracker can slide a certain amount of track records truly, behavior verification is successfully completed by replaying the track data in batch, even the track data is changed slightly or is added with noise, so that track data samples are enlarged, the success rate of attack is improved, the reliability and the safety of the sliding jigsaw verification code are low, and the probability of success of attack is high.
Disclosure of Invention
An object of the embodiments of the present invention is to provide a method and an apparatus for preventing an attack of an authentication code based on a hash algorithm, which overcome the above problems or at least partially solve the above problems.
In order to solve the above technical problem, in one aspect, an embodiment of the present invention provides a verification code anti-attack method based on a hash algorithm, including:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
On the other hand, an embodiment of the present invention provides a verification code anti-attack apparatus based on a hash algorithm, including:
the acquisition module is used for acquiring the verification request information of the target user in a preset verification period;
and the verification module is used for discarding the verification request information of the target user if the type of the target user is judged to be the forbidden user.
In another aspect, an embodiment of the present invention provides an electronic device, including:
the processor and the memory are communicated with each other through a bus; the memory stores program instructions executable by the processor, which when called by the processor are capable of performing the methods described above.
In yet another aspect, the present invention provides a non-transitory computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the above-mentioned method.
According to the verification code anti-attack method and device based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the type of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Drawings
Fig. 1 is a schematic diagram of an anti-attack method for a verification code based on a hash algorithm according to an embodiment of the present invention;
FIG. 2 is a distribution histogram of feature values of trajectory data according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an anti-attack apparatus for a verification code based on a hash algorithm according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic diagram of an authentication code anti-attack method based on a hash algorithm according to an embodiment of the present invention, and as shown in fig. 1, an authentication code anti-attack method based on a hash algorithm according to an embodiment of the present invention includes:
step S101, obtaining verification request information of a target user in a preset verification period;
step S102, if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Specifically, the sliding jigsaw verification code is used, a sliding block is a part of a picture which is scratched out from an original picture according to a preset shape, a shadow area is an area formed by adding a shadow to the scratched out part, the shape of the shadow area is completely matched with that of the sliding block, and the identification difficulty is increased by using the technologies of picture background interference, random position of the shadow area, picture reverse color and the like in the picture verification code generation process. In the verification process, the user is required to identify operation indication information in the interface and slide the sliding block to the shadow region, so that the sliding block and the shadow region are overlapped as much as possible, and the system recognizes that the position of the sliding block and the position of the shadow region are within an allowable error range when the user releases the sliding block, and can pass the verification to complete the login operation.
In a preset verification period, firstly, verification request information of a target user is obtained, wherein the verification request information can carry an ID of the user and also can carry track data input by the user, so that the identity of the user can be identified according to the ID of the user, and whether the user is a malicious attack user or not is judged according to the track data input by the same user in an accumulated manner. The length of the preset verification period may be determined according to actual conditions, and is set to 4 days, for example.
If the type of the target user is known to be the forbidden user through judgment, the verification request information of the target user is directly discarded, so that the target user is forbidden, and the target user is prevented from being maliciously attacked.
If the type of the target user is normal user, the track data is analyzed from the verification request information of the target user, and the track data is verified.
For example, the authentication request information of the user a is acquired, and if the category of the user is a forbidden user, the received authentication request information of the user a is directly discarded, so that malicious attack by the user a is prevented.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiment, further, the method further includes:
analyzing the ID of the target user from the verification request information of the target user;
if the ID of the target user exists in a target database, the type of the target user is a forbidden user;
and if the ID of the target user does not exist in the target database, the type of the target user is a normal user.
Specifically, after obtaining the authentication request information of the target user, the type of the target user needs to be identified. The specific method comprises the following steps:
first, the ID of the target user is parsed from the authentication request information of the target user.
Then, the ID of the target user is matched with the user ID stored in the target database, and if the ID of the target user exists in the target database, the category of the target user is a forbidden user.
And if the ID of the target user does not exist in the target database, the category of the target user is a normal user.
For example, authentication request information of the user a is acquired, and the ID of the user a is analyzed from the authentication request information of the user a to be 123456.
Then, the ID123456 of user a is matched with the user ID stored in the target database, and if ID123456 exists in the target database, the category of user a is a prohibited user. If ID123456 is not present in the target database, then user A's category is normal.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiments, further, the target database stores several user IDs, and the user IDs stored in the target database are manually added and/or automatically added.
Specifically, a plurality of user IDs are stored in advance in the target database, and the user IDs stored in the target database may be added manually or by automatic detection.
For example, if the ID of the user a is manually added to the target database for 4 days as an authentication period, the authentication request information of the user a is discarded when the authentication request information of the user a is received for the first time.
If the ID of the user a is added to the target database in an automatic manner, the authentication request information of the user a is not discarded when the authentication request information of the user a is received for a plurality of times, but is recorded separately for analyzing whether the user a is a malicious user, and if the user a is identified as a malicious user, the authentication request information of the user a is discarded when the authentication request information of the user a is received next time.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiments, further, the step of automatically adding the user ID to the target database is as follows:
acquiring authentication request information of a first user in a preset authentication period;
if the type of the first user is judged to be a normal user, analyzing first track data from verification request information of the first user;
calculating a hash value of the first track data;
and if the hash values calculated based on the verification request information of the first user for a first preset number of times are the same, adding the ID of the first user into the target database.
Specifically, if the ID of the user is added to the target database in an automatic manner, the authentication request information of the user is not discarded when the authentication request information of the user is received several times before, but is recorded for analyzing whether the user is a malicious user, and if the user is identified as a malicious user, the authentication request information of the user is discarded when the authentication request information of the user is received next time.
The specific method for judging whether the user is a malicious user according to the track information of the user is as follows:
first, authentication request information of a first user is acquired. The ID of the first user is extracted from the authentication request information.
And matching the ID of the first user with the user ID stored in the target database, and if the ID of the first user does not exist in the target database, the category of the first user is a normal user, and analyzing first track data from the verification request information of the first user.
And calculating the hash value of the first track data according to a preset hash algorithm, and recording the hash value.
And if the hash values calculated based on the verification request information of the first user for the first preset number of times are the same, adding the ID of the first user into the target database. In practical applications, the first preset number may be determined according to practical situations.
For example, with 4 days as an authentication period, after the authentication request information of the user B is acquired for the first time, the ID of the user B is extracted from the authentication request information, and the ID is 654321, for example.
Then, matching the ID654321 of the user B with the user ID stored in the target database, at this time, the target database does not store the ID654321, identifying the category of the user B as a normal user, and then analyzing the first track data from the verification request information of the user B.
And calculating the hash value of the first track data according to a preset hash algorithm, and recording the hash value.
If the hash values calculated based on the authentication request information of the user B are the same in two consecutive times, the ID654321 of the user B is added to the target database.
After receiving the authentication request message of the user B for the third time, the authentication request message of the user B is discarded. Thereby avoiding malicious attacks by user B.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the foregoing embodiments, further, the calculating the hash value of the first track data specifically includes:
extracting a second preset number of characteristic values in the first track data by using a preset characteristic extraction model;
acquiring a coding value of each characteristic value according to a preset characteristic segmentation point of each characteristic value;
and combining the coded values of all the characteristic values according to the serial number sequence of the characteristic values to obtain the hash value of the first track data.
Specifically, the specific method for calculating the hash value of the trace data is as follows:
firstly, a second preset number of characteristic values in the first track data are extracted by using a preset characteristic extraction model. The specific value of the second preset number may be determined according to actual conditions.
And then, acquiring the code value of each characteristic value according to the preset characteristic segmentation point of each characteristic value. The number of feature segmentation points per feature value may also be determined according to practical circumstances. The greater the number of feature values and the number of feature segmentation points, the higher the requirement on computing power.
And finally, combining the coded values of all the characteristic values according to the serial number sequence of the characteristic values to obtain the hash value of the first track data.
For example, the preset feature extraction model extracts 16 feature values from the trajectory data a analyzed from the verification request information of the user B, and the numbers are from 1 to 16.
The cut points of the eigenvalue numbered 1 are 5,10, and 15, and these three cut points divide the value range of the eigenvalue numbered 1 into four intervals, which are [ - ∞,5], [5,10], [10,15], and [15, + ∞ ] respectively, and the code values for these four intervals correspond to 00, 01, 10, and 11, respectively.
If the feature value numbered 1 is 8, the code corresponding to the feature value numbered 1 may be determined to be 01.
According to the same method, the coded values of 16 characteristic values are obtained, and then the coded values are combined according to the numbering sequence of the characteristic values, so that the hash value of the track data A can be obtained.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiments, further, the feature segmentation point is obtained according to a distribution histogram of feature values of several positive samples.
In particular, a large number of positive samples of trajectory data, for example 100 ten thousand, are acquired. And respectively extracting 16 characteristic values from each positive sample by using a preset characteristic extraction model.
And for each feature value, drawing a distribution histogram of the feature value.
Fig. 2 is a distribution histogram of the feature values of the trajectory data according to the embodiment of the present invention, as shown in fig. 2, an envelope of the distribution histogram of the feature value with the number 1 conforms to a normal distribution, and the feature values are segmented in such a manner that an equal probability (theoretically, the distribution of the positions of the falling points is uniform) of the sample points falls in each small interval, that is, the segmentation points of the feature value with the number 1 are 5,10, and 15, that is, the three segmentation points divide the value range of the feature value with the number 1 into four intervals, that is, [ - ∞,5], [5,10], [10,15], and [15, + ∞ ], and the probability that the feature value with the number 1 falls in each interval is 0.25.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Fig. 3 is a schematic diagram of an authentication code anti-attack apparatus based on a hash algorithm according to an embodiment of the present invention, and as shown in fig. 3, an authentication code anti-attack apparatus based on a hash algorithm according to an embodiment of the present invention is configured to execute the method described in any one of the above embodiments, and specifically includes an obtaining module 301 and an authentication module 302, where:
the obtaining module 301 is configured to obtain verification request information of a target user in a preset verification period; the verification module 302 is configured to discard the verification request information of the target user if it is determined that the type of the target user is the prohibited user.
Specifically, the sliding jigsaw verification code is used, a sliding block is a part of a picture which is scratched out from an original picture according to a preset shape, a shadow area is an area formed by adding a shadow to the scratched out part, the shape of the shadow area is completely matched with that of the sliding block, and the identification difficulty is increased by using the technologies of picture background interference, random position of the shadow area, picture reverse color and the like in the picture verification code generation process. In the verification process, the user is required to identify operation indication information in the interface and slide the sliding block to the shadow region, so that the sliding block and the shadow region are overlapped as much as possible, and the system recognizes that the position of the sliding block and the position of the shadow region are within an allowable error range when the user releases the sliding block, and can pass the verification to complete the login operation.
In a preset verification period, first, the obtaining module 301 obtains verification request information of a target user, where the verification request information may carry an ID of the user or track data input by the user, so as to identify the identity of the user according to the ID of the user, and determine whether the user is a malicious attack user according to the track data input by the same user. The length of the preset verification period may be determined according to actual conditions, and is set to 4 days, for example.
If the verification module 302 determines that the category of the target user is the prohibited user, the verification request information of the target user is directly discarded, so as to block the target user and prevent malicious attack by the target user.
If the type of the target user is normal user, the track data is analyzed from the verification request information of the target user, and the track data is verified.
For example, the authentication request information of the user a is acquired, and if the category of the user is a forbidden user, the received authentication request information of the user a is directly discarded, so that malicious attack by the user a is prevented.
The embodiments of the present invention provide a verification code anti-attack apparatus based on a hash algorithm, which is used to execute the method described in any of the above embodiments, and the specific steps of executing the method described in one of the above embodiments by using the apparatus provided in this embodiment are the same as those in the corresponding embodiments, and are not described here again.
According to the verification code anti-attack device based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the type of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 4, the electronic device includes: a processor 401, a memory 402, and a bus 403;
wherein, the processor 401 and the memory 402 complete the communication with each other through the bus 403;
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Embodiments of the present invention provide a computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions that, when executed by a computer, enable the computer to perform the methods provided by the above-mentioned method embodiments, for example, including:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Embodiments of the present invention provide a non-transitory computer-readable storage medium, which stores computer instructions, where the computer instructions cause the computer to perform the methods provided by the above method embodiments, for example, the methods include:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
The above-described embodiments of the apparatuses and devices are merely illustrative, where the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (6)
1. A verification code anti-attack method based on a Hash algorithm is characterized by comprising the following steps:
acquiring verification request information of a target user in a preset verification period;
if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user;
further comprising:
analyzing the ID of the target user from the verification request information of the target user;
if the ID of the target user exists in a target database, the type of the target user is a forbidden user;
if the ID of the target user does not exist in the target database, the type of the target user is a normal user;
a plurality of user IDs are stored in the target database, and the user IDs stored in the target database are automatically added;
the steps of automatically adding a user ID to the target database are as follows:
acquiring authentication request information of a first user in a preset authentication period;
if the type of the first user is judged to be a normal user, analyzing first track data from verification request information of the first user;
calculating a hash value of the first track data;
and if the hash values calculated based on the verification request information of the first user for a first preset number of times are the same, adding the ID of the first user into the target database.
2. The method according to claim 1, wherein the calculating the hash value of the first track data specifically includes:
extracting a second preset number of characteristic values in the first track data by using a preset characteristic extraction model;
acquiring a coding value of each characteristic value according to a preset characteristic segmentation point of each characteristic value;
and combining the coded values of all the characteristic values according to the serial number sequence of the characteristic values to obtain the hash value of the first track data.
3. The method of claim 2, wherein the feature segmentation points are derived from a distribution histogram of feature values of a number of positive samples.
4. An authentication code anti-attack device based on a hash algorithm is characterized by comprising:
the acquisition module is used for acquiring the verification request information of the target user in a preset verification period;
the verification module is used for discarding the verification request information of the target user if the type of the target user is judged to be the forbidden user;
further comprising:
analyzing the ID of the target user from the verification request information of the target user;
if the ID of the target user exists in a target database, the type of the target user is a forbidden user;
if the ID of the target user does not exist in the target database, the type of the target user is a normal user;
a plurality of user IDs are stored in the target database, and the user IDs stored in the target database are automatically added;
the steps of automatically adding a user ID to the target database are as follows:
acquiring authentication request information of a first user in a preset authentication period;
if the type of the first user is judged to be a normal user, analyzing first track data from verification request information of the first user;
calculating a hash value of the first track data;
and if the hash values calculated based on the verification request information of the first user for a first preset number of times are the same, adding the ID of the first user into the target database.
5. An electronic device, comprising:
the processor and the memory are communicated with each other through a bus; the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 1 to 3.
6. A non-transitory computer-readable storage medium having stored thereon a computer program, which, when executed by a processor, implements the method of any one of claims 1 to 3.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811418992.4A CN109600361B (en) | 2018-11-26 | 2018-11-26 | Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811418992.4A CN109600361B (en) | 2018-11-26 | 2018-11-26 | Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109600361A CN109600361A (en) | 2019-04-09 |
CN109600361B true CN109600361B (en) | 2021-05-04 |
Family
ID=65959637
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811418992.4A Active CN109600361B (en) | 2018-11-26 | 2018-11-26 | Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109600361B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110795706B (en) * | 2019-10-22 | 2022-07-15 | 武汉极意网络科技有限公司 | Hash-based verification method, equipment, storage medium and device |
CN113782213B (en) * | 2021-08-25 | 2023-11-07 | 东软集团股份有限公司 | Patient track storage method and device based on blockchain, storage medium and electronic equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106470204A (en) * | 2015-08-21 | 2017-03-01 | 阿里巴巴集团控股有限公司 | User identification method based on request behavior characteristicss, device, equipment and system |
CN107679374A (en) * | 2017-08-23 | 2018-02-09 | 北京三快在线科技有限公司 | A kind of man-machine recognition methods and device based on sliding trace, electronic equipment |
GB2555384A (en) * | 2016-10-21 | 2018-05-02 | F Secure Corp | Preventing phishing attacks |
CN108229130A (en) * | 2018-01-30 | 2018-06-29 | 中国银联股份有限公司 | A kind of verification method and device |
CN108287989A (en) * | 2018-01-18 | 2018-07-17 | 北京科技大学 | A kind of man-machine recognition methods of sliding identifying code based on track |
-
2018
- 2018-11-26 CN CN201811418992.4A patent/CN109600361B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106470204A (en) * | 2015-08-21 | 2017-03-01 | 阿里巴巴集团控股有限公司 | User identification method based on request behavior characteristicss, device, equipment and system |
GB2555384A (en) * | 2016-10-21 | 2018-05-02 | F Secure Corp | Preventing phishing attacks |
CN107679374A (en) * | 2017-08-23 | 2018-02-09 | 北京三快在线科技有限公司 | A kind of man-machine recognition methods and device based on sliding trace, electronic equipment |
CN108287989A (en) * | 2018-01-18 | 2018-07-17 | 北京科技大学 | A kind of man-machine recognition methods of sliding identifying code based on track |
CN108229130A (en) * | 2018-01-30 | 2018-06-29 | 中国银联股份有限公司 | A kind of verification method and device |
Also Published As
Publication number | Publication date |
---|---|
CN109600361A (en) | 2019-04-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9813451B2 (en) | Apparatus and method for detecting cyber attacks from communication sources | |
CN108683687B (en) | Network attack identification method and system | |
CN108924118B (en) | Method and system for detecting database collision behavior | |
CN111818103B (en) | Traffic-based tracing attack path method in network target range | |
CN110365636B (en) | Method and device for judging attack data source of industrial control honeypot | |
JP6174520B2 (en) | Malignant communication pattern detection device, malignant communication pattern detection method, and malignant communication pattern detection program | |
CN110798463B (en) | Network covert channel detection method and device based on information entropy | |
EP3684025A1 (en) | Web page request identification | |
CN114205128B (en) | Network attack analysis method, device, electronic equipment and storage medium | |
CN106549980A (en) | A kind of malice C&C server determines method and device | |
CN109600361B (en) | Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium | |
CN114553523A (en) | Attack detection method and device based on attack detection model, medium and equipment | |
CN110691072A (en) | Distributed port scanning method, device, medium and electronic equipment | |
CN114338064B (en) | Method, device, system, equipment and storage medium for identifying network traffic type | |
CN111783073A (en) | Black product identification method and device and readable storage medium | |
CN106911665B (en) | Method and system for identifying malicious code weak password intrusion behavior | |
CN112153062B (en) | Multi-dimension-based suspicious terminal equipment detection method and system | |
CN112070161A (en) | Network attack event classification method, device, terminal and storage medium | |
CN113364722B (en) | Network security protection method and device | |
CN111880942A (en) | Network threat processing method and device | |
CN109190408B (en) | Data information security processing method and system | |
KR101576993B1 (en) | Method and System for preventing Login ID theft using captcha | |
CN113938312B (en) | Method and device for detecting violent cracking flow | |
CN115565222A (en) | Face recognition method, face recognition system, terminal device and storage medium | |
CN114329449A (en) | System security detection method and device, storage medium and electronic device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |