CN110598392A - Man-machine verification method and device, storage medium and electronic equipment - Google Patents

Man-machine verification method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN110598392A
CN110598392A CN201910865802.1A CN201910865802A CN110598392A CN 110598392 A CN110598392 A CN 110598392A CN 201910865802 A CN201910865802 A CN 201910865802A CN 110598392 A CN110598392 A CN 110598392A
Authority
CN
China
Prior art keywords
question information
verification
client
level
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910865802.1A
Other languages
Chinese (zh)
Inventor
赵云
赵峰
孙世强
朱彬彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tong Shield Holdings Ltd
Tongdun Holdings Co Ltd
Original Assignee
Tong Shield Holdings Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tong Shield Holdings Ltd filed Critical Tong Shield Holdings Ltd
Priority to CN201910865802.1A priority Critical patent/CN110598392A/en
Publication of CN110598392A publication Critical patent/CN110598392A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Abstract

The embodiment of the invention provides a man-machine verification method, a man-machine verification device, a storage medium and electronic equipment, wherein the method comprises the following steps: determining a risk level of a client based on a verification request initiated by the client; sending the question information of the level corresponding to the risk level and the alternative answer image combination to the client; generating a preselected answer image based on the operation of a target object on the client; and performing man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information. The verification defense rate is improved, and the accuracy of the verification result is improved.

Description

Man-machine verification method and device, storage medium and electronic equipment
Technical Field
The invention relates to the technical field of computers, in particular to a man-machine verification method, a man-machine verification device, a storage medium and electronic equipment.
Background
The man-machine authentication refers to authentication of a target object which is a person or a machine, and can be widely used for various safety authentications, for example, when a train ticket is purchased at a website, authentication is required to be carried out so as to avoid ticket swiping of ticket swiping software.
Currently, human-machine verification may include: character-type picture verification code verification and behavioral verification code verification. With the development of scientific technology, more and more technologies are available to resist character-type image verification code verification and behavioral verification code verification. Such as Puppeteer, optical character recognition engine Tesseract, deep learning architecture google, and deep learning techniques, among others. The existing man-machine verification mode cannot meet verification security defense of new situation and cannot meet the requirements of man-machine identification and user friendliness.
Therefore, a new man-machine verification method, device, storage medium and electronic device are needed to improve the defense rate of the verification code.
The above information disclosed in this background section is only for enhancement of understanding of the background of the disclosure and therefore it may contain information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
In view of this, the present invention provides a human-machine verification method, a human-machine verification device, a storage medium and an electronic device, so as to improve the defense rate of verification codes.
Additional features and advantages of the invention will be set forth in the detailed description which follows, or may be learned by practice of the invention.
According to a first aspect of the embodiments of the present invention, there is provided a human-machine verification method, wherein the method includes: determining a risk level of a client based on a verification request initiated by the client; sending the combination of the question information of the level corresponding to the risk level and the alternative answer image to the client; generating a preselected answer image based on the operation of the target object on the alternative answer; and performing man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
In some exemplary embodiments of the present invention, based on the foregoing scheme, sending, to the client, the question information of the level corresponding to the risk level and the alternative answer image combination include: acquiring multi-level question information and a combination of alternative answer images; matching the risk grade with the combination of the multi-grade question information and the alternative answer images to obtain the grade of the combination of the question information and the alternative answer images corresponding to the risk grade; and determining a group of combination of the question information and the alternative answer image from the grade, and sending the combination of the question information and the alternative answer image to the client.
In some exemplary embodiments of the present invention, based on the foregoing scheme, obtaining a combination of multiple levels of question information and alternative answer images includes: constructing a combination of multi-level question information and alternative answer data based on Java 3D; drawing alternative answer images based on the alternative answer data in each combination through ThreeJs to generate multi-level question information and alternative answer image combinations.
In some exemplary embodiments of the present invention, based on the foregoing scheme, a combination of multiple levels of question information and alternative answer data is constructed based on Java3D, including: presetting a multi-level problem model; generating problem information of each level based on the problem material information and the problem model; generating a plurality of candidate answer data including a real answer of each question information based on spatial information of candidate material information including the question material information; and constructing a combination of the multi-level question information and the alternative answer data based on the generated question information of each level and a plurality of alternative answer data including a real answer of each question information.
In some exemplary embodiments of the invention, based on the foregoing, the method further comprises: and storing the corresponding relation between the real answer image in the drawn alternative answer image and the question information.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the pre-selected answer image includes spatial information of the operation therein;
performing human-computer verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information, wherein the human-computer verification comprises the following steps: judging whether the position corresponding to the spatial information of the operation in the preselected answer image is within the position range corresponding to the stored spatial information of the real answer image corresponding to the question information; if the judgment result is yes, determining that the target object is a person; and if the judgment result is negative, determining that the target object is a machine.
In some exemplary embodiments of the present invention, determining the risk level of the client based on the authentication request initiated by the client based on the foregoing scheme includes: verifying a verification token for the client based on the identifier of the client carried in the verification request; determining a risk level of the client based on a result of the validation token validation.
According to a second aspect of embodiments of the present invention, there is provided a human-machine authentication device, wherein the device includes: a determining module configured to determine a risk level of a client based on a verification request initiated by the client; the sending module is configured to send the question information of the level corresponding to the risk level and the alternative answer image combination to the client; a generation module configured to generate a preselected answer image based on the operation of the target object on the alternative answer; and the verification module is configured to perform man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the sending module includes: the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring multi-level question information and a combination of alternative answer images; the matching unit is used for matching the risk level with the combination of the multi-level question information and the alternative answer images to acquire the level of the combination of the question information and the alternative answer images corresponding to the risk level; and the sending unit is used for determining a group of combination of the question information and the alternative answer image from the level and sending the combination of the question information and the alternative answer image to the client.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the obtaining unit includes: a construction subunit for constructing a combination of multi-level question information and alternative answer data based on Java 3D; and the drawing subunit is used for drawing the alternative answer images based on the alternative answer data in each combination through ThreeJs to generate multi-level question information and the combination of the alternative answer images.
In some exemplary embodiments of the invention, based on the foregoing, a subunit is constructed configured to: presetting a multi-level problem model; generating problem information of each level based on the problem material information and the problem model; generating a plurality of candidate answer data including a real answer of each question information based on spatial information of candidate material information including the question material information; and constructing a combination of the multi-level question information and the alternative answer data based on the generated question information of each level and a plurality of alternative answer data including a real answer of each question information.
In some exemplary embodiments of the present invention, based on the foregoing, the apparatus further includes: and the storage module is used for storing the corresponding relation between the real answer image in the drawn alternative answer image and the question information.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the pre-selected answer image includes spatial information of the operation therein;
the verification module is configured to judge whether a position corresponding to the spatial information of the operation in the preselected answer image is within a position range corresponding to the spatial information of the real answer image corresponding to the stored question information; if the judgment result is yes, determining that the target object is a person; and if the judgment result is negative, determining that the target object is a machine.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the determining module is configured to perform authentication of an authentication token for the client based on the identifier of the client carried in the authentication request; determining a risk level of the client based on a result of the validation token validation.
According to a third aspect of embodiments of the present invention, there is provided a computer readable storage medium having a computer program stored thereon, wherein the program when executed by a processor implements the method steps of the first aspect.
According to a fourth aspect of the embodiments of the present invention, there is provided an electronic apparatus, including: one or more processors; storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to carry out the method steps as described in the first aspect.
In the embodiment of the invention, the attribute of a gene file of target equipment is obtained; comparing the attributes with the attributes of the gene files of the identified equipment and acquiring comparison results; and determining whether the target equipment is the identified equipment or not according to the comparison result. The method and the device realize the identification of the equipment based on the gene file, achieve the deeper equipment identification compared with the equipment fingerprint technology, and improve the accuracy of the equipment.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention. It is obvious that the drawings in the following description are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort. In the drawings:
FIG. 1 is a flow diagram illustrating a method for implementing character-type picture authentication code verification using Puppeteeer, according to an example embodiment;
FIG. 2 is a flow diagram illustrating a method for behavioral drag-type captcha verification using Puppeneer, according to an example embodiment;
FIG. 3 is a flow diagram illustrating a method for implementing behavioral point-contact passcode verification using Puppeneer, according to an example embodiment;
FIG. 4 is a flow diagram illustrating a human-machine authentication method in accordance with an exemplary embodiment;
FIG. 5 is a schematic diagram of an alternative answer image according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a pre-selected answer image according to an embodiment of the present invention;
FIG. 7 is a flow diagram illustrating a method of constructing a combination of question information and alternative answer data in accordance with an exemplary embodiment;
FIG. 8 is a data flow diagram illustrating a human-machine authentication method in accordance with an exemplary embodiment;
FIG. 9 is a schematic diagram illustrating the structure of a human-machine authentication device in accordance with an exemplary embodiment;
fig. 10 is a schematic structural diagram of an electronic device according to an exemplary embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar parts in the drawings, and thus, a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention may be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations or operations have not been shown or described in detail to avoid obscuring aspects of the invention.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used to distinguish one element from another. Thus, a first component discussed below may be termed a second component without departing from the teachings of the disclosed concept. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
It is to be understood by those skilled in the art that the drawings are merely schematic representations of exemplary embodiments, and that the blocks or processes shown in the drawings are not necessarily required to practice the present disclosure and are, therefore, not intended to limit the scope of the present disclosure.
Now, a detailed description will be given of a method for performing authentication on an existing authentication method by using Puppeteer, with reference to a specific embodiment.
Fig. 1 is a flowchart illustrating a method of implementing character-type picture authentication code verification using Puppeteer according to an example embodiment. The method may include, but is not limited to, the following procedures:
in S110, the verification code picture is crawled.
According to the embodiment of the invention, the character type verification code picture is a picture produced by arranging Arabic numerals, English letters and Chinese characters according to a certain rule and adding interference noise points.
In S120, the verification code is binarized and GM is wavelet denoised.
In S130, the denoised binarized picture is subjected to character recognition.
According to the embodiment of the invention, the denoised binary image can be subjected to OCR (Optical Character Recognition) Recognition by using an Optical Character Recognition engine Tesseract to obtain an answer. The OCR engine of Tesseract is one of the three most accurate recognition engines in the industry.
In S140, the automatic input completion verification is implemented by Puppeteer.
It should be noted that Puppeteer is a Chrome automation tool produced by Google Chrome team of web browsers, and is used for controlling Chrome to execute commands. The operation of a user can be simulated, and automatic test, reptile and the like can be performed. After the answer is obtained, the answer is automatically input by using Puppeneer.
In the embodiment of the invention, the technologies of GM denoising, Puppeneer and the like are utilized to realize the automatic verification of the verification code picture, for a verification server, whether the verification is performed by a human or a machine cannot be identified at all, the verification defense rate of the character type picture verification code is low, and the verification result is inaccurate.
It should be noted that the behavioral verification code is a popular verification code. It is understood from the word that the verification is completed through the operation action of the user without reading the distorted picture and text. Two are common: dragging and point-contact.
FIG. 2 is a flow diagram illustrating a method for behavioral drag-type captcha verification using Puppeteeer, according to an example embodiment. The method may include, but is not limited to, the following procedures:
in S210, the foreground map and the background map are crawled.
In the embodiment of the invention, Puppeneer is adopted to capture the foreground and background images of the slider.
In S220, a difference calculation is performed.
In the embodiment of the invention, the difference value of the foreground image and the background image is calculated by utilizing rememblejs to obtain the sliding distance.
In S230, Puppeteer simulation verification.
In the embodiment of the invention, after the sliding distance is obtained, the track is added through Puppeneer, and the sliding is simulated to finish verification.
In the embodiment of the invention, the Puppeneer technology is utilized to realize the automatic verification of the behavior dragging type verification code, for a verification server, whether the verification is performed by a human or a machine cannot be identified at all, the behavior dragging type verification code has low verification defense rate and inaccurate verification result.
FIG. 3 is a flow diagram illustrating a method for implementing behavioral point-contact passcode verification using Puppeneer, according to an example embodiment. The method may include, but is not limited to, the following procedures:
in S310, the sample picture or sample question is crawled.
In S320, the sample picture or the sample problem is machine-learned or deep-learned to obtain a model.
In S330, Puppeteer simulation verification.
In the embodiment of the invention, Puppeneer is adopted to collect learning samples and problem libraries for behavior point-touch verification code verification, the images are essentially identified by a picture, a GoogleLeNet algorithm is used to identify the images, a model of a target website is obtained by machine learning or deep learning, and then Puppeneer is used to combine the well-learned model libraries to complete behavior point-touch verification. In the whole process, the GoogLeNet algorithm, deep learning, Puppeneer technology and the like are utilized, automatic verification of the behavior point-touch verification code is achieved, for a verification server, whether a person or a machine is used for verification cannot be identified at all, the behavior point-touch verification code is low in verification defense rate, and the verification result is inaccurate.
By combining the above embodiments, the verification methods of the character-type picture verification code verification, the behavior dragging verification code verification and the behavior point-touch verification code verification have limited decoding space of the character-type/behavior verification code, are easy to bypass in combination with an automatic script in Puppeteer, have low verification defense rate and inaccurate verification result.
Based on the above problems, the embodiment of the invention provides a man-machine verification method, which can improve the verification defense rate and improve the accuracy of the verification result.
The man-machine authentication method proposed by the embodiment of the present invention is described in detail below with reference to specific embodiments. It should be noted that the execution subject executing the embodiment of the present invention may include a device with computing processing capability to execute, for example: servers and/or terminal devices, but the invention is not limited thereto.
FIG. 4 is a flow diagram illustrating a human-machine authentication method in accordance with an exemplary embodiment.
As shown in fig. 4, the method may include, but is not limited to, the following steps:
in S410, a risk level of a client is determined based on a verification request initiated by the client.
According to the embodiment of the invention, the verification request carries the identification of the client, the verification token is verified for the client after the verification request is received, and the risk level of the client is determined based on the verification result of the verification token.
The validation token is mainly used for verifying whether the identifier of the client is recorded, and if so, the occurrence frequency of the client can be further determined.
In the embodiment of the invention, the corresponding frequency threshold is set based on each risk level, and when the valid token verifies the occurrence frequency of a certain client, the occurrence frequency is judged to reach the frequency threshold corresponding to a certain risk level, and the risk level is the risk level of the client.
For example, if the client is authenticated for the first time, the risk level is lower, if the client is authenticated for multiple times, the risk level is higher than that of the client authenticated for the first time, and if the occurrence frequency reaches the frequency threshold (e.g., 10 times) of the level 2 risk level within a preset time period (e.g., 5 minutes), the risk level of the client is level 2.
In S420, the question information of the level corresponding to the risk level and the alternative answer image combination are sent to the client.
In the embodiment of the invention, a combination of multi-level question information and alternative answer data can be constructed based on a three-dimensional graphic model Java3D of Java language, and alternative answer images are drawn based on the alternative answer data in each combination through ThreeJs to generate a combination of multi-level question information and alternative answer images.
It should be noted that the question information may also be sent to the client for presentation in the form of a picture.
Java3D is an extension of the Java language in the field of three-dimensional graphics and is a set of Application Programming Interfaces (APIs). By utilizing the API provided by Java3D, three-dimensional animation based on a webpage, various computer-aided teaching software, three-dimensional games and the like can be written. The program written by Java3D only needs programmers to call the APIs for programming, and the client can browse only by using a standard Java virtual machine, so that the method has the advantage of not needing to install a plug-in. ThreeJs is a3D engine running in a browser that you can use to create various three-dimensional scenes, including various objects such as cameras, shadows, textures, etc. It should be noted that, in the embodiment of the present invention, other 3D engines in the server may also be used to replace ThreeJs, so as to draw the alternative answer image at the server side.
According to the embodiment of the invention, the alternative answer data comprises the object type, the object color and the spatial information of the alternative material. And drawing and rendering alternative answer images including the real answer image based on the object type, the object color and the spatial information of the alternative answer data in each combination through ThreeJs. And after the real answer image is drawn, storing the corresponding relation between the real answer image and the question information in the drawn alternative answer image so as to verify the preselected answer by using the real answer image.
In the embodiment of the invention, a plurality of levels of question information and alternative answer image combinations can be obtained, and each level comprises a plurality of question information and alternative answer image combinations. The corresponding relation between each risk level and the level of the combination of the question information and the alternative answer image is preset, and the higher the risk level is, the higher the level of the combination of the question information and the alternative answer image is, and the larger the difficulty of the question is. After the risk level of the client is determined, matching the risk level with the multi-level question information and alternative answer image combination to obtain the level of the question information and alternative answer image combination corresponding to the risk level, determining a group of question information and alternative answer image combination from the level, and sending the question information and alternative answer image combination to the client.
For example, the preset risk level corresponds to a combination of the question information and the alternative answer image as follows:
risk rating Rank of combination of question information and alternative answer image
Risks Is free of
3 3
2 2
1 1
TABLE 1
As shown in table 1, assuming that the risk level is determined to be 3, a set of question information and a combination of alternative answer images with a combination level of 3 is sent to the client, assuming that the risk level is determined to be 2, a set of question information and a combination of alternative answer images with a combination level of 2 is sent to the client, assuming that the risk level is determined to be 1, a combination of question information and an alternative answer image with a combination level of 1 is sent to the client, assuming that the risk level is determined to be risk, a combination of levels corresponding to the levels is not available, and a message for rejecting authentication is directly sent to the client.
In S430, a preselected answer image is generated based on the operation of the target object on the alternative answer.
According to the embodiment of the invention, a preselected answer image can be generated based on the operation of the target object to the client, and the preselected answer image comprises the spatial information of the operation.
It should be noted that, when the target object is a machine, operations on the client, such as initiating an authentication request and an operation on an alternative answer, may be implemented by Puppeteer in combination with an automation script.
In S440, performing human-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
According to the embodiment of the invention, when the man-machine verification is carried out, whether the position corresponding to the operation space information in the preselected answer image is located in the position range corresponding to the stored space information of the real answer image corresponding to the question information is judged, if the judgment result is yes, the target object is determined to be a person, and if the judgment result is no, the target object is determined to be a machine.
It should be noted that the real answer image corresponding to the question information may be a part of the alternative answer image, the real answer image has spatial information, and the position corresponding to the spatial information is a range, and the verification is successful as long as the operation in the preselected answer image is within the range.
For example, the question information displayed on the client is "please click on the ball on the cylinder", fig. 5 is a schematic diagram of an alternative answer image shown in the embodiment of the present invention, a pre-selected answer image is generated based on the operation of the target object to the client, for example, the target object clicks somewhere in fig. 5 to form a pre-selected answer image, fig. 6 is a schematic view of a pre-selected answer image (in which the operation of the target object is indicated by an arrow) shown in an embodiment of the present invention, the real answer image corresponding to the question is marked as in fig. 6 (for convenience of display, only marked in fig. 6, actually not marked in fig. 6), and it is determined whether the position of the operation in fig. 6 is within the position range of the mark, if so, and if the judgment result is negative, the verification fails, and the target object is determined to be a machine.
In the embodiment of the invention, the risk level of a client is determined based on a verification request initiated by the client; sending the question information of the level corresponding to the risk level and the alternative answer image combination to the client; generating a preselected answer image based on the operation of a target object on the client; and performing man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information. The verification defense rate is improved, and the accuracy of the verification result is improved.
The following describes in detail a method for constructing a combination of multi-level question information and alternative answer data based on Java3D according to an embodiment of the present invention, with reference to specific embodiments.
FIG. 7 is a flowchart illustrating a method of constructing a combination of question information and alternative answer data in accordance with an exemplary embodiment. As shown in fig. 7, the method may include, but is not limited to, the following steps:
in S710, a multi-level problem model is preset.
It should be noted that each level may include at least one problem model, and as the level increases, the problem model requires more and more material to be added or compared/identified/calculated, and the problem model becomes more and more complex. For example:
the problem model for level 1 is "please click on __ up/down/left/right of __".
The problem model at level 2 is "please click __ corresponding to __ & __".
The problem model at level 3 is "please click __ which is the same shape/color as __ & __".
In the embodiment of the invention, the problem model is a common knowledge problem constructed based on causality and spatial sense, and common knowledge is known by people, does not need to be learned and can not be recorded by texts, so that the problem model does not exist in data samples of deep learning or machine learning, can not be learned by machines and cracked, and the verification defense rate is improved.
In S720, problem information for each level is generated based on the problem material information and the problem model.
In the embodiment of the invention, some material information can be preset, some materials can be randomly selected as problem materials, the problem material information is filled into a problem model, and problem information is generated and needs to be explained, wherein the problem information can be in a text form or a picture form.
According to an embodiment of the invention, the material information may comprise an object type. For example, the object types may include: cube, cylinder, cone, sphere, polyhedron, number, capital letter, lowercase letter, triangular pyramid, and circular ring. It should be noted that the material information may also include object colors, such as: red, yellow, blue, green, purple.
In the embodiment of the invention, the problem models are various, and the set { W of the problem information can be obtained by adding different materials and changing different spatial positions1,W2,…,WnW is the problem information, and n is a positive integer greater than 2.
In S730, a plurality of candidate answer data including a real answer to each question information is generated based on spatial information of candidate material information including the question material information.
According to the embodiment of the invention, after the problem material information is determined, some material information can be set/selected again and combined with the problem material information to serve as the alternative material information. It should be noted that some material information may not be set/selected, the question material information is directly used as the candidate material information, and the candidate answer data is generated by setting different spatial information for the question material.
According to the embodiment of the invention, after the question information is generated, the spatial information of the alternative materials including the question materials is set based on the question information, so that a plurality of alternative answer data including the real answer of each question information is generated based on the spatial information of the alternative material information including the question material information. The alternative answer data includes an object type, an object color, and spatial information of the alternative answer.
In the embodiment of the present invention, the spatial information may include volume information and spatial coordinate information of the object.
For example, adding a cylinder and a bead to the level 1 problem model, generates problem information: please clickCylinder bodyOnBall with ball-shaped section". The set alternative material information may include: white-cylinder, white-cube, white-sphere. Further, setting spatial information of the alternative materials, for example, setting: A. volume information: cylinder diameter 2 cm, height 3 cm, sphere: diameter 1 cm. Spatial information: the coordinates of the intersection point of the central axis and the top surface of the cylinder are as follows: (x 1, y 3, z 1), and the sphere center coordinates are: (x ═ 1, y ═ 3.5, and z ═ 1). B. Volume information: cube side length is 2 cm, sphere: diameter 1 cm. Spatial information: the coordinates of the intersection point of the central axis and the top surface of the cube are as follows: (x 1, y 2, z 1), and the sphere center coordinates are: (x-2.5, y-0.5, and z-0.5). C. Volume information: the cube becomes 2 cm long, the sphere: diameter 1 cm. Spatial information: the coordinates of the intersection point of the central axis and the top surface of the cube are as follows: (x 1, y 2, z 1), and the sphere center coordinates are: (x ═ 1, y ═ 2.5, and z ═ 1). D. Volume information: cylinder diameter 2 cm, height 3 cm, sphere: diameter 1 cm. Spatial information: the coordinates of the intersection point of the central axis and the top surface of the cylinder are as follows: (x 2, y 3, z 1), and the sphere center coordinates are: (x is 0.5, y is 0.5, and z is 0.5). Based on the alternative answer data, an alternative answer image as shown in fig. 5 may be drawn.
In S740, a combination of multi-level question information and alternative answer data is constructed based on the generated each level of question information and a plurality of alternative answer data including a real answer for each question information.
In the embodiment of the invention, each question information corresponds to a plurality of alternative answer data, the question information and the alternative answer data are combined into one combination, each level can comprise a plurality of question models, each question model generates a plurality of question information by adding different materials, the plurality of alternative answer data corresponding to each question information can be obtained by setting the spatial information of each question information, a large amount of question information and alternative answers can be obtained by simple setting, and machine learning and deep learning are avoided under the condition of reducing the difficulty of verifying the question based on the common sense problem set by causal relationship and spatial sense, so that the defense rate of verification is increased, the accuracy of the verification result is improved, and the interestingness of the verification question is increased.
Further, according to the embodiment of the present invention, through ThreeJs, the rendered alternative answer image may be rendered based on the object type, the object color and the spatial information of the alternative answer data in each combination. It should be noted that the specific execution subject for executing the process may be a node server NodeServer of the terminal device or the server, the NodeServer polls and accesses Java3D, and the Puppeteer realizes unattended rendering of the scene rendering of the alternative answer data in the three-dimensional space through ThreeJS, and generates multi-level question information and a set { H } of alternative answer images1,H2,…,HnH is a combination of the question information and the alternative answer image, and n is a positive integer greater than 2. It should be noted that, when setting the spatial information of the candidate material, the NodeServer has already acquired the true answer to the question, and after finishing rendering and drawing the candidate answer, the question information and the corresponding true answer image are stored in the server/terminal device for performing the verification service by using a UUID (universal Unique Identifier), so as to subsequently verify the preselected answer image.
It should be noted that after the combination of the multi-level question information and the candidate answer image is obtained, the combination of the question information and the candidate answer image may be distributed to any CDN (Content Delivery Network) server that needs to perform an authentication service by using a distribution mechanism.
The man-machine authentication method in the embodiment of the present invention is described in detail below with reference to specific application scenarios. The method involves a client and a server (or a terminal device, in this embodiment, a server is taken as an example), and fig. 8 is a data flow diagram of a man-machine authentication method according to an exemplary embodiment. As shown in fig. 8, the method may include the steps of:
s801, the client side initiates a verification request.
It should be noted that, the target object initiates the authentication request by operating on the client.
S802, the server determines the risk level of the client based on the verification request.
In the embodiment of the invention, the server verifies the verification token for the client based on the identification of the client carried in the verification request, and determines the risk level of the client based on the verification result of the verification token.
And if the risk level of the client is a risk, the server sends a prompt for refusing verification to the client. In this embodiment, the risk level of the client is set as non-risk (e.g., level 1-3 in table 1) as an example.
And S803, the server sends the combination of the question information corresponding to the risk level and the alternative answer image to the client.
It should be noted that, for the client initiating the authentication request for the first time, if the valid token authentication result is the risk level of the lowest level, the combination of the question information corresponding to the level and the alternative answer image is sent to the client.
And S804, the target object operates on the alternative answers.
In the embodiment of the invention, the target object can be a person or a machine, and when the target object is a machine, the operation on the client side, such as the operation of initiating a verification request and alternative answers, can be realized by combining Puppeneer and an automation script.
S805, the client returns the operation result to the server.
S806, the server generates a pre-selected answer image based on the operation of the target object on the alternative answers.
S807, the server performs man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
If the verification is successful, the verification result is a person, and S808 is executed; if the verification fails, the verification result is machine, and S809 is executed.
And S808, sending a prompt of successful verification to the client.
And S809, sending a prompt of verification failure to the client.
Further, if the authentication fails, the client may continue to perform S801.
In the embodiment of the invention, the risk level of a client is determined based on a verification request initiated by the client; sending the question information of the level corresponding to the risk level and the alternative answer image combination to the client; generating a preselected answer image based on the operation of a target object on the client; and performing man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information. The verification defense rate is improved, and the accuracy of the verification result is improved.
It should be clearly understood that the present disclosure describes how to make and use particular examples, but the principles of the present disclosure are not limited to any details of these examples. Rather, these principles can be applied to many other embodiments based on the teachings of the present disclosure.
The following are embodiments of the apparatus of the present invention that may be used to perform embodiments of the method of the present invention. In the following description of the apparatus, the same parts as those of the foregoing method will not be described again.
Fig. 9 is a schematic structural diagram of a human-machine authentication device according to an exemplary embodiment, where the device 900 includes:
a determining module 910 configured to determine a risk level of a client based on a verification request initiated by the client;
a sending module 920, configured to send the question information and the alternative answer image combination of the level corresponding to the risk level to the client;
a generating module 930 configured to generate a preselected answer image based on the operation of the target object on the alternative answer;
a verification module 940 configured to perform human-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
In the embodiment of the invention, the risk level of a client is determined based on a verification request initiated by the client; sending the question information of the level corresponding to the risk level and the alternative answer image combination to the client; generating a preselected answer image based on the operation of a target object on the client; and performing man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information. The verification defense rate is improved, and the accuracy of the verification result is improved.
Fig. 10 is a schematic structural diagram of an electronic device according to an exemplary embodiment. It should be noted that the electronic device shown in fig. 10 is only an example, and should not bring any limitation to the functions and the use range of the embodiment of the present application.
As shown in fig. 10, the computer system 1000 includes a Central Processing Unit (CPU)1001 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)1002 or a program loaded from a storage section 1008 into a Random Access Memory (RAM) 1003. In the RAM 1003, various programs and data necessary for the operation of the system 1000 are also stored. The CPU1001, ROM 1002, and RAM 1003 are connected to each other via a bus 1004. An input/output (I/O) interface 1005 is also connected to bus 1004.
The following components are connected to the I/O interface 1005: an input section 1006 including a keyboard, a mouse, and the like; an output section 1007 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 1008 including a hard disk and the like; and a communication section 1009 including a network interface card such as a LAN card, a modem, or the like. The communication section 1009 performs communication processing via a network such as the internet. The driver 1010 is also connected to the I/O interface 1005 as necessary. A removable medium 1011 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 1010 as necessary, so that a computer program read out therefrom is mounted into the storage section 1008 as necessary.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication part 1009 and/or installed from the removable medium 1011. The computer program executes the above-described functions defined in the terminal of the present application when executed by the Central Processing Unit (CPU) 1001.
It should be noted that the computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present application may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a determination module, a sending module, a generation module, and a verification module. Wherein the names of the modules do not in some cases constitute a limitation of the module itself.
Exemplary embodiments of the present invention are specifically illustrated and described above. It is to be understood that the invention is not limited to the precise construction, arrangements, or instrumentalities described herein; on the contrary, the invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (10)

1. A method of human-machine authentication, the method comprising:
determining a risk level of a client based on a verification request initiated by the client;
sending the combination of the question information of the level corresponding to the risk level and the alternative answer image to the client;
generating a preselected answer image based on the operation of the target object on the alternative answer;
and performing man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
2. The method of claim 1, wherein sending to the client the question information and alternative answer image combination for the level corresponding to the risk level comprises:
acquiring multi-level question information and a combination of alternative answer images;
matching the risk grade with the combination of the multi-grade question information and the alternative answer images to obtain the grade of the combination of the question information and the alternative answer images corresponding to the risk grade;
and determining a group of combination of the question information and the alternative answer image from the grade, and sending the combination of the question information and the alternative answer image to the client.
3. The method of claim 2, wherein obtaining a combination of multiple levels of question information and alternative answer images comprises:
constructing a combination of multi-level question information and alternative answer data based on Java 3D;
drawing alternative answer images based on the alternative answer data in each combination through ThreeJs to generate multi-level question information and alternative answer image combinations.
4. The method of claim 3, wherein constructing a combination of multiple levels of question information and alternative answer data based on Java3D comprises:
presetting a multi-level problem model;
generating problem information of each level based on the problem material information and the problem model;
generating a plurality of candidate answer data including a real answer of each question information based on spatial information of candidate material information including the question material information;
and constructing a combination of the multi-level question information and the alternative answer data based on the generated question information of each level and a plurality of alternative answer data including a real answer of each question information.
5. The method of claim 4, wherein the method further comprises:
and storing the corresponding relation between the real answer image in the drawn alternative answer image and the question information.
6. The method of claim 5, wherein the pre-selected answer image includes spatial information of the operation;
performing human-computer verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information, wherein the human-computer verification comprises the following steps:
judging whether the position corresponding to the spatial information of the operation in the preselected answer image is within the position range corresponding to the stored spatial information of the real answer image corresponding to the question information;
if the judgment result is yes, determining that the target object is a person;
and if the judgment result is negative, determining that the target object is a machine.
7. The method of claim 1, wherein determining a risk level for a client based on a client-initiated authentication request comprises:
verifying a verification token for the client based on the identifier of the client carried in the verification request;
determining a risk level of the client based on a result of the validation token validation.
8. A human-machine authentication device, the device comprising:
a determining module configured to determine a risk level of a client based on a verification request initiated by the client;
the sending module is configured to send the question information of the level corresponding to the risk level and the alternative answer image combination to the client;
a generation module configured to generate a preselected answer image based on the operation of the target object on the alternative answer;
and the verification module is configured to perform man-machine verification on the target object by using the pre-selected answer image and the real answer image corresponding to the question information.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-7.
CN201910865802.1A 2019-09-12 2019-09-12 Man-machine verification method and device, storage medium and electronic equipment Pending CN110598392A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910865802.1A CN110598392A (en) 2019-09-12 2019-09-12 Man-machine verification method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910865802.1A CN110598392A (en) 2019-09-12 2019-09-12 Man-machine verification method and device, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN110598392A true CN110598392A (en) 2019-12-20

Family

ID=68859247

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910865802.1A Pending CN110598392A (en) 2019-09-12 2019-09-12 Man-machine verification method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN110598392A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414609A (en) * 2020-03-19 2020-07-14 腾讯科技(深圳)有限公司 Object verification method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102696212A (en) * 2009-10-23 2012-09-26 威斯科数据安全国际有限公司 Compact security device with transaction risk level approval capability
CN108875688A (en) * 2018-06-28 2018-11-23 北京旷视科技有限公司 A kind of biopsy method, device, system and storage medium
CN109670291A (en) * 2017-10-17 2019-04-23 腾讯科技(深圳)有限公司 A kind of implementation method of identifying code, device and storage medium
CN109740334A (en) * 2018-11-26 2019-05-10 武汉极意网络科技有限公司 A kind of spatial reasoning verification method, server and terminal
CN109862562A (en) * 2019-01-02 2019-06-07 武汉极意网络科技有限公司 A kind of dynamic verification code choosing method and system
CN109918892A (en) * 2019-02-13 2019-06-21 平安科技(深圳)有限公司 Verification code generation method, device and storage medium, computer equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102696212A (en) * 2009-10-23 2012-09-26 威斯科数据安全国际有限公司 Compact security device with transaction risk level approval capability
CN109670291A (en) * 2017-10-17 2019-04-23 腾讯科技(深圳)有限公司 A kind of implementation method of identifying code, device and storage medium
CN108875688A (en) * 2018-06-28 2018-11-23 北京旷视科技有限公司 A kind of biopsy method, device, system and storage medium
CN109740334A (en) * 2018-11-26 2019-05-10 武汉极意网络科技有限公司 A kind of spatial reasoning verification method, server and terminal
CN109862562A (en) * 2019-01-02 2019-06-07 武汉极意网络科技有限公司 A kind of dynamic verification code choosing method and system
CN109918892A (en) * 2019-02-13 2019-06-21 平安科技(深圳)有限公司 Verification code generation method, device and storage medium, computer equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414609A (en) * 2020-03-19 2020-07-14 腾讯科技(深圳)有限公司 Object verification method and device
CN111414609B (en) * 2020-03-19 2024-01-26 腾讯科技(深圳)有限公司 Object verification method and device

Similar Documents

Publication Publication Date Title
CN109684803B (en) Man-machine verification method based on gesture sliding
CN108229299A (en) The recognition methods of certificate and device, electronic equipment, computer storage media
CN109101919B (en) Method and apparatus for generating information
Chen et al. A case study of user immersion-based systematic design for serious heritage games
CN112966742A (en) Model training method, target detection method and device and electronic equipment
US20110283346A1 (en) Overlay human interactive proof system and techniques
CN103514393A (en) Method for achieving three-dimensional verification code
CN109784415A (en) The method and device of image-recognizing method and device, training convolutional neural networks
Saar et al. Browserbite: cross‐browser testing via image processing
CN112528264A (en) Behavior verification code generation and verification method for random position of random contour
CN110246198B (en) Method and device for generating character selection verification code, electronic equipment and storage medium
CN110598392A (en) Man-machine verification method and device, storage medium and electronic equipment
CN111090849A (en) Memory, verification code implementation method, device and equipment
CN114917590B (en) Virtual reality game system
CN110795706B (en) Hash-based verification method, equipment, storage medium and device
CN117197292A (en) Method, apparatus, device and storage medium for generating image
KR102059017B1 (en) Control method, apparatus and system for knowledge sharing platform
CN110738261A (en) Image classification and model training method and device, electronic equipment and storage medium
US10909754B1 (en) Visual scripting for multi-dimensional elements
CN115150100A (en) Scene-based verification code verification method and device
US20120023549A1 (en) CAPTCHA AND reCAPTCHA WITH SINOGRAPHS
CN111625805B (en) Verification method, verification device, electronic equipment and storage medium
KR20220124549A (en) Management server, method for generating relative pattern information between imitation drawing data and computer program
JP6168645B2 (en) Reverse Turing test method and access authentication method
Chu et al. Automated GUI testing for android news applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191220