CN110213281A - Safety protecting method and device - Google Patents

Safety protecting method and device Download PDF

Info

Publication number
CN110213281A
CN110213281A CN201910498942.XA CN201910498942A CN110213281A CN 110213281 A CN110213281 A CN 110213281A CN 201910498942 A CN201910498942 A CN 201910498942A CN 110213281 A CN110213281 A CN 110213281A
Authority
CN
China
Prior art keywords
client
information
risk
user
risk class
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910498942.XA
Other languages
Chinese (zh)
Inventor
方超
杜威
吴英杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Dingxiang Technology Co ltd
Original Assignee
Kunshan Top Image Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kunshan Top Image Data Technology Co Ltd filed Critical Kunshan Top Image Data Technology Co Ltd
Priority to CN201910498942.XA priority Critical patent/CN110213281A/en
Publication of CN110213281A publication Critical patent/CN110213281A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved

Abstract

The present invention provides a kind of safety protecting method and device, it is related to internet security field, this method carries out risk class division by the use information to client, and corresponding security protection scheme is pushed according to the result of grade classification, due to the difference of the use information of client, the corresponding user of client is divided into different grades, different security protection schemes is pushed to the user of the client of different grades, pass through the difficulty of verifying to increase to forge verification information or forge user information, and then enhances the safety of Internet service.

Description

Safety protecting method and device
Technical field
This application involves internet security fields, in particular to a kind of safety protecting method and device.
Background technique
It is also higher and higher to the safety requirements of internet with the development of Internet service, in the prior art, to client And the method that user is verified is to complete to verify by the verification informations such as user information and picture, text, short message.
But the prior art is used, improper user can be obtained normal by forging verification information or user information The permission of user causes the safety of Internet service low.
Summary of the invention
The purpose of the application is, provides a kind of safety protecting method and device, improper in the prior art for solving User can obtain the permission of normal users by forging verification information or user information, lead to the safety of Internet service The low problem of property.
To achieve the above object, technical solution used by the embodiment of the present application is as follows:
In a first aspect, the embodiment of the present application provides a kind of safety protecting method, this method comprises:
Obtain the use information of client, wherein use information includes: the end message of client, environmental information, operation Information and network path information;
Risk class division is carried out according to user of each single item information in use information to client;
The corresponding security protection scheme of risk class is pushed to the user of client according to risk class.
Optionally, the step of risk class division being carried out according to user of the use information to client, comprising:
The corresponding assessment result of user for obtaining client according to use information;
If the corresponding risk class of the user of client is divided into calm by assessment result less than the first default risk threshold value Dangerous rank;
If assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, by client The corresponding risk class of user is divided into low-risk rank;
If assessment result is more than or equal to the second default risk threshold value, the corresponding risk class of the user of client is divided into High risk rank.
Optionally, the step of user for client being obtained according to use information corresponding assessment result, comprising:
End message, the environmental information, the historical information of operation information and network path information of client are obtained respectively;
According to historical information respectively to the end message of the client of use information, environmental information, operation information and network Path information scores;
According to preset algorithm, the scoring of the end message of client, the scoring of environmental information, the scoring of operation information and net The corresponding score value of client assessment result is calculated in the scoring of network path information.
Optionally, the step of the corresponding security protection scheme of risk class is pushed to the user of client according to risk class Suddenly, comprising:
When risk class is devoid of risk rank, corresponding response message directly is pushed to the user of client;
When risk class is low-risk rank, to client push identifying code protectiving scheme, wherein identifying code protection side Case includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message verification code and language At least one of sound identifying code;
When risk class is high risk rank, to client push protectiving scheme, wherein client push protectiving scheme It include: to intercept use information and/or honey jar safety approach.
Optionally, before the use information step for obtaining client, further includes:
Obtain service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to Security protection scheme.
Second aspect, the embodiment of the present application provide a kind of safety device, which includes: to obtain module, divide mould Block and pushing module;
Obtain module, for obtaining the use information of client, wherein use information include: client end message, Environmental information, operation information and network path information;
Division module is drawn for carrying out risk class according to user of each single item information in use information to client Point;
Pushing module, for pushing the corresponding security protection side of risk class to the user of client according to risk class Case.
Optionally, division module, specifically for the corresponding assessment result of user for obtaining client according to use information;If Assessment result is divided into devoid of risk rank less than the first default risk threshold value, by the corresponding risk class of the user of client;If Assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, and the user of client is corresponding Risk class is divided into low-risk rank;If assessment result is more than or equal to the second default risk threshold value, by the user couple of client The risk class answered is divided into high risk rank.
Optionally, division module is also used to obtain end message, environmental information, operation information and the net of client respectively The historical information of network path information;According to historical information respectively to the end message of the client of use information, environmental information, behaviour Make information and network path information scores;It is commented according to preset algorithm, the scoring of the end message of client, environmental information Divide, the corresponding score value of client assessment result is calculated in the scoring of operation information and the scoring of network path information.
Optionally, pushing module is specifically used for directly pushing away to the user of client when risk class is devoid of risk rank Send corresponding response message;When risk class is low-risk rank, to client push identifying code protectiving scheme, wherein test Card code protectiving scheme includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message At least one of identifying code and speech identifying code;When risk class is high risk rank, to client push protectiving scheme, In, client push protectiving scheme includes: to intercept use information and/or honey jar safety approach.
Optionally, which further includes acquisition request module;Acquisition request module, for obtaining service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to Security protection scheme.
The third aspect, the embodiment of the present application provide a kind of electronic equipment, and the computer including being stored with computer program can Storage medium and processor are read, when computer program is read out by the processor and runs, realizes method described in above-mentioned first aspect.
Fourth aspect, the embodiment of the present application provide a kind of computer readable storage medium, on computer readable storage medium It is stored with computer program, when computer program is read out by the processor and runs, realizes method described in above-mentioned first aspect.
The beneficial effect of the application is: the method for the embodiment of the present application carries out risk etc. by the use information to client Grade divides, and pushes corresponding security protection scheme according to the result of grade classification, due to the difference of the use information of client, The corresponding user of client is divided into different grades, it is anti-to push different safety to the user of the client of different grades Shield scheme forges verification information or forges user information by the difficulty of verifying, and then enhances internet industry to increase The safety of business.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 is a kind of security protection system schematic diagram that one embodiment of the application provides;
Fig. 2 is a kind of flow diagram for safety protecting method that one embodiment of the application provides;
Fig. 3 is the flow diagram for another safety protecting method that one embodiment of the application provides;
Fig. 4 is a kind of module diagram for safety device that one embodiment of the application provides;
Fig. 5 is the module diagram for another safety device that one embodiment of the application provides;
Fig. 6 is the functional block diagram of a kind of electronic equipment provided by the disclosure.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application In attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is Some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is implemented The component of example can be arranged and be designed with a variety of different configurations.
Therefore, the detailed description of the embodiments herein provided in the accompanying drawings is not intended to limit below claimed Scope of the present application, but be merely representative of the selected embodiment of the application.Based on the embodiment in the application, this field is common Technical staff's every other embodiment obtained without creative efforts belongs to the model of the application protection It encloses.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.
In the description of the present application, it should be noted that the orientation or position of the instructions such as term " on ", "lower", "inner", "outside" Set relationship be based on the orientation or positional relationship shown in the drawings or this application product using when the orientation or position usually put Relationship is set, description the application is merely for convenience of and simplifies description, rather than the device or element of indication or suggestion meaning are necessary It with specific orientation, is constructed and operated in a specific orientation, therefore should not be understood as the limitation to the application.In addition, term " first ", " second ", " third " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
Fig. 1 is a kind of security protection system schematic diagram that one embodiment of the application provides, as shown in Figure 1, the system includes: Server 10 and terminal 20, server 10 can communicate to connect between multiple terminals 20, which can answer for internet It with software, may be mounted in terminal, which can carry out business information with server 10 and interact, wherein the business information It may include: solicited message or data processing of information, such as: the client is used to the solicited message of user being sent to service Device, user can carry out human-computer interaction by client pair and the server, and the server is for receiving client transmission Solicited message, and the solicited message is handled, is pushed to the corresponding response message of solicited message after processing terminate Client in terminal, the terminal is for installing client;Wherein, server 10 can be server group, be also possible to single Server, terminal 20 can be hand-held set, smart phone or laptop, be not limited thereto.
Fig. 2 is a kind of flow diagram for safety protecting method that one embodiment of the application provides, as shown in Fig. 2, the party Method is applied to above system, this method comprises:
S101, the use information for obtaining client.
Specifically, server obtains should when the client of user at the terminal logs in or carries out other operations The use information of client, the use information may include: end message, environmental information, operation information and the network of client Path information.
Wherein, the terminal device information of client may include: the hardware version etc. of terminal models, terminal iidentification and terminal Information;The environmental information of client may include: the hardware configuration of terminal and the network environment of terminal, wherein the hardware configuration It is used to indicate whether the terminal can be used for installing and executing the client, which may include: wireless network environment And cable network environment;The operation information of client may include: client operation instruction, the operating time of client and client The operation service etc. at end;Network path information may include: used network, channel and base station etc. during service interaction Information.
S102, risk class division is carried out according to user of each single item information in use information to client.
Server carries out risk class division according to the user of the use information of client to client, in general, can be with It is scored according to user of the client use information to client, wind is then carried out according to user of the appraisal result to client Dangerous grade classification, specific marking mode are set according to actual needs, and this is not restricted, and specific risk class divides Mode is selected according to the actual situation, is not limited thereto;In addition, divide risk class may include: high risk rank, Risk rank and low-risk rank, also may include: prime risk rank, second level risk class and tertiary risk rank, This is not construed as limiting.
In practical applications, use information acquired in server includes the end message of client, environmental information, operation Information and network path information individually can use letter according to one of when carrying out risk class division to client Breath divides the consumer's risk grade of client, can also carry out comprehensive descision according to all use informations of acquisition, divide visitor The consumer's risk grade at family end, the present embodiment are not especially limited this.
S103, the corresponding security protection scheme of risk class is pushed to the user of client according to risk class.
Specifically, different risk class is corresponding with different security protection schemes, it will according to the risk class of client The corresponding security protection scheme of risk class is pushed;For example, if the risk class of user is divided into high risk grade Not, risk rank and low-risk rank, the corresponding security protection scheme of high risk rank are that refusal is responded to client push Information, the corresponding security protection scheme of risk rank are to client push verification information, if the user of the client passes through Verifying, then for server to client push response message, low-risk rank corresponding security protection scheme is directly to client End push response message, the response message be server receive client solicited message, and according to the solicited message at Reason, by obtained processing result, information is sent to client in response;Specifically, the corresponding security protection scheme of risk class It is set, is not limited thereto according to actual needs.
From the above mentioned, the method for the embodiment of the present application carries out risk class division by the use information to client, and Corresponding security protection scheme is pushed according to the result of grade classification, due to the difference of the use information of client, by client Corresponding user is divided into different grades, and different security protection schemes is pushed to the user of the client of different grades, Pass through the difficulty of verifying to increase to forge verification information or forge user information, and then enhances the safety of Internet service Property.
Optionally, the step of risk class division being carried out according to user of the use information to client, comprising:
The corresponding assessment result of user for obtaining client according to use information;
If the corresponding risk class of the user of client is divided into calm by assessment result less than the first default risk threshold value Dangerous rank;
If assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, by client The corresponding risk class of user is divided into low-risk rank;
If assessment result is more than or equal to the second default risk threshold value, the corresponding risk class of the user of client is divided into High risk rank.
Specifically, setting one the first preset threshold and second preset threshold, wherein the second preset threshold is greater than the One preset threshold, the corresponding assessment result of user for obtaining client according to use information, the assessment result can be score value, It can be grade, be not limited thereto, for clear explanation, it is score value that this, which sentences assessment result, and risk class is divided into: high risk Rank, low-risk rank and devoid of risk rank are illustrated, by the score value of obtained assessment result and the first default risk threshold value It is compared, if the score value of assessment result draws the corresponding risk class of the user of client less than the first default risk threshold value It is divided into devoid of risk rank;If the score value of the assessment result is not less than the first default risk threshold value, by the score value of the assessment result It is compared with the second preset threshold, if the score value of assessment result, less than the second default risk threshold value, and it is pre- to be more than or equal to first If risk threshold value, the corresponding risk class of the user of client is divided into low-risk rank;If the score value of assessment result is greater than Equal to the second default risk threshold value, the corresponding risk class of the user of client is divided into high risk rank.
For example, second preset threshold is 85, and risk class is divided into if the first preset threshold is 60: high risk rank, Low-risk rank and devoid of risk rank judge the assessment knot of client if the score value for obtaining the assessment result of client is 75 points The size relation of fruit and the first preset threshold, 75 are greater than 60, then by the score value of the assessment result of client and the second preset threshold It is compared, 75 less than 85, since 75 are greater than 60, and less than 85, then the corresponding risk class of the user of the client is low wind Dangerous rank pushes the corresponding security protection scheme of low-risk rank to the user of client.
Fig. 3 is the flow diagram for another safety protecting method that one embodiment of the application provides, as shown in figure 3, can The step of selection of land, the user that client is obtained according to use information corresponding assessment result, comprising:
The history letter of S201, the respectively end message of acquisition client, environmental information, operation information and network path information Breath.
When user sends solicited message by user end to server, server receives the solicited message, and obtains Take end message, the environmental information, the historical information of operation information and network path information of the client.
S202, according to historical information respectively to the end message of the client of use information, environmental information, operation information and Network path information scores.
It is scored according to historical information client, the method for scoring is set according to the actual situation, in order to more clear The process for illustrating scoring of Chu, at this for example, if criminal manipulation of client remembers 10 in end message in historical information Point, 10 points of note, violation operation of client in operation information the case where one subsidiary risk network environment of client in environmental information 20 points of note, client connects a pseudo-base station and remembers 40 points in network path information, if in historical information client have it is illegal three times Operation, connected a pseudo-base station, then remembered 30 points, 0 point of environmental information note, operation information note 0 point and net to end message respectively Network path information remembers 40 points.
S203, it is commented according to preset algorithm, the scoring of the end message of client, the scoring of environmental information, operation information Point the corresponding score value of client assessment result is calculated with the scoring of network path information.
According to end message, environmental information, operation information and net in the above-mentioned related client use information respectively obtained The scoring of network path information carries out accumulation calculating and obtains the corresponding score value of client use information, to obtain client assessment As a result corresponding score value is 70 points, then according to the corresponding score value of client assessment result, carries out risk to the user of client Grade classification.
Optionally, the step of the corresponding security protection scheme of risk class is pushed to the user of client according to risk class Suddenly, comprising:
When risk class is devoid of risk rank, corresponding response message directly is pushed to the user of client;
When risk class is low-risk rank, to client push identifying code protectiving scheme, wherein identifying code protection side Case includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message verification code and language At least one of sound identifying code;
When risk class is high risk rank, to client push protectiving scheme, wherein client push protectiving scheme It include: to intercept use information and/or honey jar safety approach.
Specifically, the default corresponding security protection scheme of devoid of risk rank is to require no verifying directly to the use of client Family pushes corresponding response message, and the corresponding security protection scheme of low-risk rank is to client push identifying code protection side Case, the corresponding security protection scheme of high risk rank are to intercept use information and/or honey jar safety;Wherein, identifying code protection side Case includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message verification code and language At least one of sound identifying code;Security protection scheme refers to for interception service information intercepts the business information of client, The client traffic information is not handled;Honey jar be safely honey jar host to the business information of the client at Reason, is sent to the client for the response message after processing, while honey jar host receives the business information of the client Collection.
It should be noted that honey jar is substantially the technology that a kind of couple of attacker is cheated, by arranging some conducts Host, network service or the information of bait lure that attacker implements to attack to them into, so as to catch to attack Obtain and analyze, understand attacker used in tool and method, thus it is speculated that attack intension and motivation, can allow defender clearly The security threat that they are faced is solved, and enhances the security protection ability of real system by technology and management means.
Optionally, before the use information step for obtaining client, further includes:
Obtain service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to Security protection scheme.
Specifically, obtaining the service request of client before the use information for obtaining client, passing through the industry of client Business request, obtains the use information of client, correspondingly, server is when receiving service request, according to risk class to client The user at end pushes the corresponding security protection scheme of risk class.
Safety protecting method provided in this embodiment, this method carry out risk class by the use information to client and draw Point, and pushing corresponding security protection scheme according to the result of grade classification will be objective due to the difference of the use information of client The corresponding user in family end is divided into different grades, pushes different security protection sides to the user of the client of different grades Case forges verification information or forges user information by the difficulty of verifying, and then enhances Internet service to increase Safety.
Fig. 4 is a kind of module diagram for safety device that one embodiment of the application provides, as shown in figure 4, this Shen Please embodiment a kind of safety device is provided, which includes: to obtain module 301, division module 302 and pushing module 303;
Module 301 is obtained, for obtaining the use information of client, wherein use information includes: the terminal letter of client Breath, environmental information, operation information and network path information;
Division module 302, for carrying out risk class according to user of each single item information in use information to client It divides;
Pushing module 303, for pushing the corresponding security protection of risk class to the user of client according to risk class Scheme.
Optionally, division module 302 are tied specifically for the corresponding assessment of user for obtaining client according to use information Fruit;If assessment result is divided into devoid of risk grade less than the first default risk threshold value, by the corresponding risk class of the user of client Not;If assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, by the user couple of client The risk class answered is divided into low-risk rank;If assessment result is more than or equal to the second default risk threshold value, by the use of client The corresponding risk class in family is divided into high risk rank.
Optionally, division module 302, be also used to obtain respectively the end message of client, environmental information, operation information and The historical information of network path information;According to historical information respectively to the end message of the client of use information, environmental information, Operation information and network path information score;According to preset algorithm, the scoring of the end message of client, environmental information The corresponding score value of client is calculated in scoring, the scoring of operation information and the scoring of network path information.
Optionally, pushing module 303 are specifically used for when risk class is devoid of risk rank, directly to the use of client Family pushes corresponding response message;When risk class is low-risk rank, to client push identifying code protectiving scheme, In, identifying code protectiving scheme include: text identifying code, picture validation code, click identifying code, sliding identifying code, question and answer identifying code, At least one of short message verification code and speech identifying code;When risk class is high risk rank, to client push protection side Case, wherein client push protectiving scheme includes: to intercept use information and/or honey jar safety approach.
Fig. 5 is the module diagram for another safety device that one embodiment of the application provides, as shown in figure 5, can Selection of land, above-mentioned apparatus further include acquisition request module 304;The acquisition request module 304, for obtaining service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to Security protection scheme.
Safety device provided in this embodiment, the device of the embodiment of the present application by the use information to client into Row risk class divides, and pushes corresponding security protection scheme according to the result of grade classification, since the use of client is believed The corresponding user of client is divided into different grades by the difference of breath, is pushed not to the user of the client of different grades Same security protection scheme passes through the difficulty verified, and then enhancing to increase to forge verification information or forge user information The safety of Internet service.
Fig. 6 is the functional block diagram of a kind of electronic equipment provided by the disclosure, as shown in fig. 6, the electronic equipment It may include the computer readable storage medium 401 and processor 402 for being stored with computer program, processor 402 can call The computer program that computer readable storage medium 401 stores.It, can when the computer program is read and run by processor 402 To realize above method embodiment.Specific implementation is similar with technical effect, and which is not described herein again.
The embodiment of the present application also provides a kind of storage medium, and computer program, computer program are stored on storage medium The step of method in such as preceding method embodiment is executed when being run by processor.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.

Claims (10)

1. a kind of safety protecting method, which is characterized in that the described method includes:
Obtain the use information of client, wherein the use information includes: the end message of client, environmental information, operation Information and network path information;
Risk class division is carried out according to user of each single item information in the use information to the client;
The corresponding security protection scheme of the risk class is pushed to the user of the client according to the risk class.
2. safety protecting method according to claim 1, which is characterized in that it is described according to the use information to the visitor The user at family end carries out the step of risk class division, comprising:
The corresponding assessment result of user for obtaining the client according to the use information;
If the corresponding risk class of the user of the client is divided by the assessment result less than the first default risk threshold value Devoid of risk rank;
If the assessment result is more than or equal to the described first default risk threshold value, and less than the second default risk threshold value, will be described The corresponding risk class of the user of client is divided into low-risk rank;
If the assessment result is more than or equal to the described second default risk threshold value, by corresponding risk of the user of the client etc. Grade is divided into high risk rank.
3. safety protecting method according to claim 2, which is characterized in that obtain the client according to the use information The step of user at end corresponding assessment result, comprising:
End message, the environmental information, the historical information of operation information and network path information of the client are obtained respectively;
According to historical information respectively to end message, environmental information, operation information and the network of the client of the use information Path information scores;
It is logical according to preset algorithm, the scoring of the end message of client, the scoring of environmental information, the scoring of operation information and network The corresponding score value of the client assessment result is calculated in the scoring of road information.
4. safety protecting method according to claim 3, which is characterized in that it is described according to the risk class to the visitor The user at family end pushes the step of risk class corresponding security protection scheme, comprising:
When the risk class is devoid of risk rank, corresponding response message directly is pushed to the user of the client;
When the risk class is low-risk rank, Xiang Suoshu client push identifying code protectiving scheme, wherein the verifying Code protectiving scheme includes: text identifying code, picture validation code, click identifying code, sliding identifying code, question and answer identifying code, short message are tested Demonstrate,prove at least one of code and speech identifying code;
When the risk class is high risk rank, Xiang Suoshu client push protectiving scheme, wherein the protectiving scheme packet It includes: intercepting the use information and/or honey jar safety.
5. safety protecting method according to claim 1, which is characterized in that obtain client use information step it Before, further includes:
Obtain service request;
Correspondingly, pushing the risk to the user of the client according to the risk class when receiving service request The corresponding security protection scheme of grade.
6. a kind of safety device, which is characterized in that described device includes: to obtain module, division module and pushing module;
The acquisition module, for obtaining the use information of client, wherein the use information includes: the terminal of client Information, environmental information, operation information and network path information;
The division module, for carrying out risk according to user of each single item information in the use information to the client Grade classification;
The pushing module, it is corresponding for pushing the risk class to the user of the client according to the risk class Security protection scheme.
7. safety device according to claim 6, which is characterized in that the division module is specifically used for according to institute It states use information and obtains the corresponding assessment result of user of the client;If the assessment result is less than the first default risk threshold Value, is divided into devoid of risk rank for the corresponding risk class of the user of the client;If the assessment result is more than or equal to institute The first default risk threshold value is stated, and less than the second default risk threshold value, the corresponding risk class of the user of the client is drawn It is divided into low-risk rank;If the assessment result is more than or equal to the described second default risk threshold value, by the user of the client Corresponding risk class is divided into high risk rank.
8. safety device according to claim 7, which is characterized in that the division module is also used to obtain respectively The end message of the client, environmental information, the historical information of operation information and network path information;According to historical information point End message, environmental information, operation information and the network path information of the other client to the use information score;Root According to preset algorithm, the scoring of the end message of client, the scoring of environmental information, the scoring of operation information and network path information Scoring the corresponding score value of the client assessment result is calculated.
9. safety device according to claim 8, which is characterized in that the pushing module is specifically used for when described When risk class is devoid of risk rank, corresponding response message directly is pushed to the user of the client;When described risk etc. When grade is low-risk rank, Xiang Suoshu client push identifying code protectiving scheme, wherein the identifying code protectiving scheme includes: Text identifying code, picture validation code click identifying code, sliding identifying code, question and answer identifying code, short message verification code and speech identifying code At least one of;When the risk class is high risk rank, Xiang Suoshu client push protectiving scheme, wherein the visitor Family end push protectiving scheme includes: to intercept the use information and/or honey jar safety approach.
10. safety device according to claim 9, which is characterized in that described device further includes acquisition request module; The acquisition request module, for obtaining service request;
Correspondingly, pushing the risk to the user of the client according to the risk class when receiving service request The corresponding security protection scheme of grade.
CN201910498942.XA 2019-06-10 2019-06-10 Safety protecting method and device Pending CN110213281A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910498942.XA CN110213281A (en) 2019-06-10 2019-06-10 Safety protecting method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910498942.XA CN110213281A (en) 2019-06-10 2019-06-10 Safety protecting method and device

Publications (1)

Publication Number Publication Date
CN110213281A true CN110213281A (en) 2019-09-06

Family

ID=67791778

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910498942.XA Pending CN110213281A (en) 2019-06-10 2019-06-10 Safety protecting method and device

Country Status (1)

Country Link
CN (1) CN110213281A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112217131A (en) * 2020-09-09 2021-01-12 北京国电通网络技术有限公司 Power transmission line inspection method, device, equipment and storage medium
CN113643042A (en) * 2021-08-20 2021-11-12 武汉极意网络科技有限公司 Safety verification system based on online business safety

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753868A (en) * 2013-12-30 2015-07-01 腾讯科技(深圳)有限公司 Safety verification method, service server and safety verification system
CN106682906A (en) * 2015-11-10 2017-05-17 阿里巴巴集团控股有限公司 Risk identification and business processing method and device
CN108092970A (en) * 2017-12-13 2018-05-29 腾讯科技(深圳)有限公司 A kind of wireless network maintaining method and its equipment, storage medium, terminal
CN109831459A (en) * 2019-03-22 2019-05-31 百度在线网络技术(北京)有限公司 Method, apparatus, storage medium and the terminal device of secure access

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753868A (en) * 2013-12-30 2015-07-01 腾讯科技(深圳)有限公司 Safety verification method, service server and safety verification system
CN106682906A (en) * 2015-11-10 2017-05-17 阿里巴巴集团控股有限公司 Risk identification and business processing method and device
CN108092970A (en) * 2017-12-13 2018-05-29 腾讯科技(深圳)有限公司 A kind of wireless network maintaining method and its equipment, storage medium, terminal
CN109831459A (en) * 2019-03-22 2019-05-31 百度在线网络技术(北京)有限公司 Method, apparatus, storage medium and the terminal device of secure access

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112217131A (en) * 2020-09-09 2021-01-12 北京国电通网络技术有限公司 Power transmission line inspection method, device, equipment and storage medium
CN113643042A (en) * 2021-08-20 2021-11-12 武汉极意网络科技有限公司 Safety verification system based on online business safety
CN113643042B (en) * 2021-08-20 2024-04-05 武汉极意网络科技有限公司 Security verification system based on online business security

Similar Documents

Publication Publication Date Title
US11310261B2 (en) Assessing security risks of users in a computing network
EP3930286A1 (en) Prompting users to annotate simulated phishing emails in cybersecurity training
CN109241418B (en) Abnormal user identification method and device based on random forest, equipment and medium
CN107566358B (en) Risk early warning prompting method, device, medium and equipment
JP6609047B2 (en) Method and device for application information risk management
US20150186537A1 (en) Question distribution method and a question distribution system for a q&a platform
CN109345417B (en) Online assessment method and terminal equipment for business personnel based on identity authentication
US20210390181A1 (en) Generating Simulated Spear Phishing Messages and Customized Cybersecurity Training Modules Using Machine Learning
CN105246058B (en) The verification method and short message server of short message
US11637870B2 (en) User responses to cyber security threats
CN104424277A (en) Processing method and device for report information
CN109600336A (en) Store equipment, identifying code application method and device
CN107634947A (en) Limitation malice logs in or the method and apparatus of registration
CN104852916A (en) Social engineering-based webpage verification code recognition method and system
CN110213281A (en) Safety protecting method and device
CN110097289A (en) Risk monitoring and control method, apparatus, equipment and computer readable storage medium
Kamara et al. Do Not Track initiatives: regaining the lost user control
CN107944293B (en) Fictitious assets guard method, system, equipment and storage medium
CN106878347A (en) Information processing method, system, mobile terminal and server
CN106713362A (en) Method for realizing security investigation of WiFi network access
CN108804501A (en) A kind of method and device of detection effective information
CN109688096A (en) Recognition methods, device, equipment and the computer readable storage medium of IP address
CN111224865B (en) User identification method based on payment session, electronic device and storage medium
CN110460593B (en) Network address identification method, device and medium for mobile traffic gateway
CN115426299B (en) Method and device for identifying characteristic-free data, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20190925

Address after: 100085, 0308/0310, room 3, 26 Information Road, Haidian District, Beijing

Applicant after: BEIJING DINGXIANG TECHNOLOGY Co.,Ltd.

Address before: 215000 Room A1, Room 315, Room No. 268 Dengyun Road, Yushan Town, Kunshan City, Suzhou City, Jiangsu Province

Applicant before: Kunshan Top Image Data Technology Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190906