CN109600361B - Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium - Google Patents

Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium Download PDF

Info

Publication number
CN109600361B
CN109600361B CN201811418992.4A CN201811418992A CN109600361B CN 109600361 B CN109600361 B CN 109600361B CN 201811418992 A CN201811418992 A CN 201811418992A CN 109600361 B CN109600361 B CN 109600361B
Authority
CN
China
Prior art keywords
user
target
request information
verification
target user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811418992.4A
Other languages
Chinese (zh)
Other versions
CN109600361A (en
Inventor
雷炳盛
陈国庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Jiyi Network Technology Co ltd
Original Assignee
Wuhan Jiyi Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Jiyi Network Technology Co ltd filed Critical Wuhan Jiyi Network Technology Co ltd
Priority to CN201811418992.4A priority Critical patent/CN109600361B/en
Publication of CN109600361A publication Critical patent/CN109600361A/en
Application granted granted Critical
Publication of CN109600361B publication Critical patent/CN109600361B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides a verification code anti-attack method and a verification code anti-attack device based on a Hash algorithm, wherein the method comprises the following steps: acquiring verification request information of a target user in a preset verification period; and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user. According to the verification code anti-attack method and device based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the type of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.

Description

Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium
Technical Field
The embodiment of the invention relates to the technical field of information security, in particular to a verification code anti-attack method and device based on a Hash algorithm.
Background
With the rapid growth of networks, the world wide web has become a carrier of a large amount of information, and how to efficiently extract and utilize such information has become a great challenge. In order to solve the problems, a focused crawler for directionally grabbing related webpage resources is produced. However, a malicious web crawler will seriously impair the interests of the attacker, and even lead to paralysis of the attacker.
In the prior art, a sliding puzzle verification code is usually adopted to identify whether a person performs login or access operation, or a computer program (crawler) or a robot performs the login or access operation, so that the security is improved and malicious attack is prevented. Specifically, a picture containing a sliding block and a shadow area is displayed in a login interface and used as a sliding jigsaw verification code, the sliding block is a part of the picture which is scratched out from an original picture according to a preset shape, the shadow area is an area formed by adding a shadow to the scratched out part, the shape of the shadow area is completely matched with that of the sliding block, and the identification difficulty is increased by using the technologies of picture background interference, random position of the shadow area, picture reverse color and the like in the picture verification code generation process. In the verification process, the user is required to identify operation indication information in the interface and slide the sliding block to the shadow region, so that the sliding block and the shadow region are overlapped as much as possible, and the system recognizes that the position of the sliding block and the position of the shadow region are within an allowable error range when the user releases the sliding block, and can pass the verification to complete the login operation.
However, the sliding behavior is easy to obtain, a sliding track can be operated truly, the sliding track is recorded, a cracker can slide a certain amount of track records truly, behavior verification is successfully completed by replaying the track data in batch, even the track data is changed slightly or is added with noise, so that track data samples are enlarged, the success rate of attack is improved, the reliability and the safety of the sliding jigsaw verification code are low, and the probability of success of attack is high.
Disclosure of Invention
An object of the embodiments of the present invention is to provide a method and an apparatus for preventing an attack of an authentication code based on a hash algorithm, which overcome the above problems or at least partially solve the above problems.
In order to solve the above technical problem, in one aspect, an embodiment of the present invention provides a verification code anti-attack method based on a hash algorithm, including:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
On the other hand, an embodiment of the present invention provides a verification code anti-attack apparatus based on a hash algorithm, including:
the acquisition module is used for acquiring the verification request information of the target user in a preset verification period;
and the verification module is used for discarding the verification request information of the target user if the type of the target user is judged to be the forbidden user.
In another aspect, an embodiment of the present invention provides an electronic device, including:
the processor and the memory are communicated with each other through a bus; the memory stores program instructions executable by the processor, which when called by the processor are capable of performing the methods described above.
In yet another aspect, the present invention provides a non-transitory computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the above-mentioned method.
According to the verification code anti-attack method and device based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the type of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Drawings
Fig. 1 is a schematic diagram of an anti-attack method for a verification code based on a hash algorithm according to an embodiment of the present invention;
FIG. 2 is a distribution histogram of feature values of trajectory data according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an anti-attack apparatus for a verification code based on a hash algorithm according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic diagram of an authentication code anti-attack method based on a hash algorithm according to an embodiment of the present invention, and as shown in fig. 1, an authentication code anti-attack method based on a hash algorithm according to an embodiment of the present invention includes:
step S101, obtaining verification request information of a target user in a preset verification period;
step S102, if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Specifically, the sliding jigsaw verification code is used, a sliding block is a part of a picture which is scratched out from an original picture according to a preset shape, a shadow area is an area formed by adding a shadow to the scratched out part, the shape of the shadow area is completely matched with that of the sliding block, and the identification difficulty is increased by using the technologies of picture background interference, random position of the shadow area, picture reverse color and the like in the picture verification code generation process. In the verification process, the user is required to identify operation indication information in the interface and slide the sliding block to the shadow region, so that the sliding block and the shadow region are overlapped as much as possible, and the system recognizes that the position of the sliding block and the position of the shadow region are within an allowable error range when the user releases the sliding block, and can pass the verification to complete the login operation.
In a preset verification period, firstly, verification request information of a target user is obtained, wherein the verification request information can carry an ID of the user and also can carry track data input by the user, so that the identity of the user can be identified according to the ID of the user, and whether the user is a malicious attack user or not is judged according to the track data input by the same user in an accumulated manner. The length of the preset verification period may be determined according to actual conditions, and is set to 4 days, for example.
If the type of the target user is known to be the forbidden user through judgment, the verification request information of the target user is directly discarded, so that the target user is forbidden, and the target user is prevented from being maliciously attacked.
If the type of the target user is normal user, the track data is analyzed from the verification request information of the target user, and the track data is verified.
For example, the authentication request information of the user a is acquired, and if the category of the user is a forbidden user, the received authentication request information of the user a is directly discarded, so that malicious attack by the user a is prevented.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiment, further, the method further includes:
analyzing the ID of the target user from the verification request information of the target user;
if the ID of the target user exists in a target database, the type of the target user is a forbidden user;
and if the ID of the target user does not exist in the target database, the type of the target user is a normal user.
Specifically, after obtaining the authentication request information of the target user, the type of the target user needs to be identified. The specific method comprises the following steps:
first, the ID of the target user is parsed from the authentication request information of the target user.
Then, the ID of the target user is matched with the user ID stored in the target database, and if the ID of the target user exists in the target database, the category of the target user is a forbidden user.
And if the ID of the target user does not exist in the target database, the category of the target user is a normal user.
For example, authentication request information of the user a is acquired, and the ID of the user a is analyzed from the authentication request information of the user a to be 123456.
Then, the ID123456 of user a is matched with the user ID stored in the target database, and if ID123456 exists in the target database, the category of user a is a prohibited user. If ID123456 is not present in the target database, then user A's category is normal.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiments, further, the target database stores several user IDs, and the user IDs stored in the target database are manually added and/or automatically added.
Specifically, a plurality of user IDs are stored in advance in the target database, and the user IDs stored in the target database may be added manually or by automatic detection.
For example, if the ID of the user a is manually added to the target database for 4 days as an authentication period, the authentication request information of the user a is discarded when the authentication request information of the user a is received for the first time.
If the ID of the user a is added to the target database in an automatic manner, the authentication request information of the user a is not discarded when the authentication request information of the user a is received for a plurality of times, but is recorded separately for analyzing whether the user a is a malicious user, and if the user a is identified as a malicious user, the authentication request information of the user a is discarded when the authentication request information of the user a is received next time.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiments, further, the step of automatically adding the user ID to the target database is as follows:
acquiring authentication request information of a first user in a preset authentication period;
if the type of the first user is judged to be a normal user, analyzing first track data from verification request information of the first user;
calculating a hash value of the first track data;
and if the hash values calculated based on the verification request information of the first user for a first preset number of times are the same, adding the ID of the first user into the target database.
Specifically, if the ID of the user is added to the target database in an automatic manner, the authentication request information of the user is not discarded when the authentication request information of the user is received several times before, but is recorded for analyzing whether the user is a malicious user, and if the user is identified as a malicious user, the authentication request information of the user is discarded when the authentication request information of the user is received next time.
The specific method for judging whether the user is a malicious user according to the track information of the user is as follows:
first, authentication request information of a first user is acquired. The ID of the first user is extracted from the authentication request information.
And matching the ID of the first user with the user ID stored in the target database, and if the ID of the first user does not exist in the target database, the category of the first user is a normal user, and analyzing first track data from the verification request information of the first user.
And calculating the hash value of the first track data according to a preset hash algorithm, and recording the hash value.
And if the hash values calculated based on the verification request information of the first user for the first preset number of times are the same, adding the ID of the first user into the target database. In practical applications, the first preset number may be determined according to practical situations.
For example, with 4 days as an authentication period, after the authentication request information of the user B is acquired for the first time, the ID of the user B is extracted from the authentication request information, and the ID is 654321, for example.
Then, matching the ID654321 of the user B with the user ID stored in the target database, at this time, the target database does not store the ID654321, identifying the category of the user B as a normal user, and then analyzing the first track data from the verification request information of the user B.
And calculating the hash value of the first track data according to a preset hash algorithm, and recording the hash value.
If the hash values calculated based on the authentication request information of the user B are the same in two consecutive times, the ID654321 of the user B is added to the target database.
After receiving the authentication request message of the user B for the third time, the authentication request message of the user B is discarded. Thereby avoiding malicious attacks by user B.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the foregoing embodiments, further, the calculating the hash value of the first track data specifically includes:
extracting a second preset number of characteristic values in the first track data by using a preset characteristic extraction model;
acquiring a coding value of each characteristic value according to a preset characteristic segmentation point of each characteristic value;
and combining the coded values of all the characteristic values according to the serial number sequence of the characteristic values to obtain the hash value of the first track data.
Specifically, the specific method for calculating the hash value of the trace data is as follows:
firstly, a second preset number of characteristic values in the first track data are extracted by using a preset characteristic extraction model. The specific value of the second preset number may be determined according to actual conditions.
And then, acquiring the code value of each characteristic value according to the preset characteristic segmentation point of each characteristic value. The number of feature segmentation points per feature value may also be determined according to practical circumstances. The greater the number of feature values and the number of feature segmentation points, the higher the requirement on computing power.
And finally, combining the coded values of all the characteristic values according to the serial number sequence of the characteristic values to obtain the hash value of the first track data.
For example, the preset feature extraction model extracts 16 feature values from the trajectory data a analyzed from the verification request information of the user B, and the numbers are from 1 to 16.
The cut points of the eigenvalue numbered 1 are 5,10, and 15, and these three cut points divide the value range of the eigenvalue numbered 1 into four intervals, which are [ - ∞,5], [5,10], [10,15], and [15, + ∞ ] respectively, and the code values for these four intervals correspond to 00, 01, 10, and 11, respectively.
If the feature value numbered 1 is 8, the code corresponding to the feature value numbered 1 may be determined to be 01.
According to the same method, the coded values of 16 characteristic values are obtained, and then the coded values are combined according to the numbering sequence of the characteristic values, so that the hash value of the track data A can be obtained.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
On the basis of the above embodiments, further, the feature segmentation point is obtained according to a distribution histogram of feature values of several positive samples.
In particular, a large number of positive samples of trajectory data, for example 100 ten thousand, are acquired. And respectively extracting 16 characteristic values from each positive sample by using a preset characteristic extraction model.
And for each feature value, drawing a distribution histogram of the feature value.
Fig. 2 is a distribution histogram of the feature values of the trajectory data according to the embodiment of the present invention, as shown in fig. 2, an envelope of the distribution histogram of the feature value with the number 1 conforms to a normal distribution, and the feature values are segmented in such a manner that an equal probability (theoretically, the distribution of the positions of the falling points is uniform) of the sample points falls in each small interval, that is, the segmentation points of the feature value with the number 1 are 5,10, and 15, that is, the three segmentation points divide the value range of the feature value with the number 1 into four intervals, that is, [ - ∞,5], [5,10], [10,15], and [15, + ∞ ], and the probability that the feature value with the number 1 falls in each interval is 0.25.
According to the verification code anti-attack method based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the category of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Fig. 3 is a schematic diagram of an authentication code anti-attack apparatus based on a hash algorithm according to an embodiment of the present invention, and as shown in fig. 3, an authentication code anti-attack apparatus based on a hash algorithm according to an embodiment of the present invention is configured to execute the method described in any one of the above embodiments, and specifically includes an obtaining module 301 and an authentication module 302, where:
the obtaining module 301 is configured to obtain verification request information of a target user in a preset verification period; the verification module 302 is configured to discard the verification request information of the target user if it is determined that the type of the target user is the prohibited user.
Specifically, the sliding jigsaw verification code is used, a sliding block is a part of a picture which is scratched out from an original picture according to a preset shape, a shadow area is an area formed by adding a shadow to the scratched out part, the shape of the shadow area is completely matched with that of the sliding block, and the identification difficulty is increased by using the technologies of picture background interference, random position of the shadow area, picture reverse color and the like in the picture verification code generation process. In the verification process, the user is required to identify operation indication information in the interface and slide the sliding block to the shadow region, so that the sliding block and the shadow region are overlapped as much as possible, and the system recognizes that the position of the sliding block and the position of the shadow region are within an allowable error range when the user releases the sliding block, and can pass the verification to complete the login operation.
In a preset verification period, first, the obtaining module 301 obtains verification request information of a target user, where the verification request information may carry an ID of the user or track data input by the user, so as to identify the identity of the user according to the ID of the user, and determine whether the user is a malicious attack user according to the track data input by the same user. The length of the preset verification period may be determined according to actual conditions, and is set to 4 days, for example.
If the verification module 302 determines that the category of the target user is the prohibited user, the verification request information of the target user is directly discarded, so as to block the target user and prevent malicious attack by the target user.
If the type of the target user is normal user, the track data is analyzed from the verification request information of the target user, and the track data is verified.
For example, the authentication request information of the user a is acquired, and if the category of the user is a forbidden user, the received authentication request information of the user a is directly discarded, so that malicious attack by the user a is prevented.
The embodiments of the present invention provide a verification code anti-attack apparatus based on a hash algorithm, which is used to execute the method described in any of the above embodiments, and the specific steps of executing the method described in one of the above embodiments by using the apparatus provided in this embodiment are the same as those in the corresponding embodiments, and are not described here again.
According to the verification code anti-attack device based on the Hash algorithm, the track data of the user is analyzed based on the Hash algorithm, so that the type of the user is determined, malicious users can be effectively prevented from attacking the verification code through a large amount of normal track data, and the reliability and the safety of the verification code are improved.
Fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 4, the electronic device includes: a processor 401, a memory 402, and a bus 403;
wherein, the processor 401 and the memory 402 complete the communication with each other through the bus 403;
processor 401 is configured to call program instructions in memory 402 to perform the methods provided by the various method embodiments described above, including, for example:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Embodiments of the present invention provide a computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions that, when executed by a computer, enable the computer to perform the methods provided by the above-mentioned method embodiments, for example, including:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Embodiments of the present invention provide a non-transitory computer-readable storage medium, which stores computer instructions, where the computer instructions cause the computer to perform the methods provided by the above method embodiments, for example, the methods include:
acquiring verification request information of a target user in a preset verification period;
and if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
The above-described embodiments of the apparatuses and devices are merely illustrative, where the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (6)

1. A verification code anti-attack method based on a Hash algorithm is characterized by comprising the following steps:
acquiring verification request information of a target user in a preset verification period;
if the type of the target user is judged to be the forbidden user, discarding the verification request information of the target user;
further comprising:
analyzing the ID of the target user from the verification request information of the target user;
if the ID of the target user exists in a target database, the type of the target user is a forbidden user;
if the ID of the target user does not exist in the target database, the type of the target user is a normal user;
a plurality of user IDs are stored in the target database, and the user IDs stored in the target database are automatically added;
the steps of automatically adding a user ID to the target database are as follows:
acquiring authentication request information of a first user in a preset authentication period;
if the type of the first user is judged to be a normal user, analyzing first track data from verification request information of the first user;
calculating a hash value of the first track data;
and if the hash values calculated based on the verification request information of the first user for a first preset number of times are the same, adding the ID of the first user into the target database.
2. The method according to claim 1, wherein the calculating the hash value of the first track data specifically includes:
extracting a second preset number of characteristic values in the first track data by using a preset characteristic extraction model;
acquiring a coding value of each characteristic value according to a preset characteristic segmentation point of each characteristic value;
and combining the coded values of all the characteristic values according to the serial number sequence of the characteristic values to obtain the hash value of the first track data.
3. The method of claim 2, wherein the feature segmentation points are derived from a distribution histogram of feature values of a number of positive samples.
4. An authentication code anti-attack device based on a hash algorithm is characterized by comprising:
the acquisition module is used for acquiring the verification request information of the target user in a preset verification period;
the verification module is used for discarding the verification request information of the target user if the type of the target user is judged to be the forbidden user;
further comprising:
analyzing the ID of the target user from the verification request information of the target user;
if the ID of the target user exists in a target database, the type of the target user is a forbidden user;
if the ID of the target user does not exist in the target database, the type of the target user is a normal user;
a plurality of user IDs are stored in the target database, and the user IDs stored in the target database are automatically added;
the steps of automatically adding a user ID to the target database are as follows:
acquiring authentication request information of a first user in a preset authentication period;
if the type of the first user is judged to be a normal user, analyzing first track data from verification request information of the first user;
calculating a hash value of the first track data;
and if the hash values calculated based on the verification request information of the first user for a first preset number of times are the same, adding the ID of the first user into the target database.
5. An electronic device, comprising:
the processor and the memory are communicated with each other through a bus; the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 1 to 3.
6. A non-transitory computer-readable storage medium having stored thereon a computer program, which, when executed by a processor, implements the method of any one of claims 1 to 3.
CN201811418992.4A 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium Active CN109600361B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811418992.4A CN109600361B (en) 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811418992.4A CN109600361B (en) 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium

Publications (2)

Publication Number Publication Date
CN109600361A CN109600361A (en) 2019-04-09
CN109600361B true CN109600361B (en) 2021-05-04

Family

ID=65959637

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811418992.4A Active CN109600361B (en) 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium

Country Status (1)

Country Link
CN (1) CN109600361B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110795706B (en) * 2019-10-22 2022-07-15 武汉极意网络科技有限公司 Hash-based verification method, equipment, storage medium and device
CN113782213B (en) * 2021-08-25 2023-11-07 东软集团股份有限公司 Patient track storage method and device based on blockchain, storage medium and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106470204A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 User identification method based on request behavior characteristicss, device, equipment and system
CN107679374A (en) * 2017-08-23 2018-02-09 北京三快在线科技有限公司 A kind of man-machine recognition methods and device based on sliding trace, electronic equipment
GB2555384A (en) * 2016-10-21 2018-05-02 F Secure Corp Preventing phishing attacks
CN108229130A (en) * 2018-01-30 2018-06-29 中国银联股份有限公司 A kind of verification method and device
CN108287989A (en) * 2018-01-18 2018-07-17 北京科技大学 A kind of man-machine recognition methods of sliding identifying code based on track

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106470204A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 User identification method based on request behavior characteristicss, device, equipment and system
GB2555384A (en) * 2016-10-21 2018-05-02 F Secure Corp Preventing phishing attacks
CN107679374A (en) * 2017-08-23 2018-02-09 北京三快在线科技有限公司 A kind of man-machine recognition methods and device based on sliding trace, electronic equipment
CN108287989A (en) * 2018-01-18 2018-07-17 北京科技大学 A kind of man-machine recognition methods of sliding identifying code based on track
CN108229130A (en) * 2018-01-30 2018-06-29 中国银联股份有限公司 A kind of verification method and device

Also Published As

Publication number Publication date
CN109600361A (en) 2019-04-09

Similar Documents

Publication Publication Date Title
US9813451B2 (en) Apparatus and method for detecting cyber attacks from communication sources
CN108683687B (en) Network attack identification method and system
CN108924118B (en) Method and system for detecting database collision behavior
CN111818103B (en) Traffic-based tracing attack path method in network target range
CN110365636B (en) Method and device for judging attack data source of industrial control honeypot
JP6174520B2 (en) Malignant communication pattern detection device, malignant communication pattern detection method, and malignant communication pattern detection program
CN110798463B (en) Network covert channel detection method and device based on information entropy
EP3684025A1 (en) Web page request identification
CN114205128B (en) Network attack analysis method, device, electronic equipment and storage medium
CN106549980A (en) A kind of malice C&C server determines method and device
CN109600361B (en) Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium
CN114553523A (en) Attack detection method and device based on attack detection model, medium and equipment
CN110691072A (en) Distributed port scanning method, device, medium and electronic equipment
CN114338064B (en) Method, device, system, equipment and storage medium for identifying network traffic type
CN111783073A (en) Black product identification method and device and readable storage medium
CN106911665B (en) Method and system for identifying malicious code weak password intrusion behavior
CN112153062B (en) Multi-dimension-based suspicious terminal equipment detection method and system
CN112070161A (en) Network attack event classification method, device, terminal and storage medium
CN113364722B (en) Network security protection method and device
CN111880942A (en) Network threat processing method and device
CN109190408B (en) Data information security processing method and system
KR101576993B1 (en) Method and System for preventing Login ID theft using captcha
CN113938312B (en) Method and device for detecting violent cracking flow
CN115565222A (en) Face recognition method, face recognition system, terminal device and storage medium
CN114329449A (en) System security detection method and device, storage medium and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant