CN113709513A - Equipment fingerprint processing method, user side, server, system and storage medium - Google Patents
Equipment fingerprint processing method, user side, server, system and storage medium Download PDFInfo
- Publication number
- CN113709513A CN113709513A CN202111006817.6A CN202111006817A CN113709513A CN 113709513 A CN113709513 A CN 113709513A CN 202111006817 A CN202111006817 A CN 202111006817A CN 113709513 A CN113709513 A CN 113709513A
- Authority
- CN
- China
- Prior art keywords
- fingerprint
- device fingerprint
- live broadcast
- wind control
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/21—Server components or server architectures
- H04N21/218—Source of audio or video content, e.g. local disk arrays
- H04N21/2187—Live feed
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2542—Management at additional data server, e.g. shopping server, rights management server for selling goods, e.g. TV shopping
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25866—Management of end-user data
- H04N21/25875—Management of end-user data involving end-user authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
Abstract
The application relates to a processing method of device fingerprints, a user side, a server, a system and a storage medium, and relates to a wind control server and a live broadcast user side, wherein the live broadcast user side is used for acquiring self device information by using an acquisition script; acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm; sending the second device fingerprint and the device information to the wind control server; the wind control server is used for acquiring the first equipment fingerprint from the second equipment fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same. The embodiment is beneficial to improving the security and the stability of the device fingerprints.
Description
Technical Field
The present application relates to the field of computer software technologies, and in particular, to a method, a client, a server, a system, and a storage medium for processing device fingerprints.
Background
A device fingerprint refers to a device characteristic or unique device identification that can be used to uniquely identify the device. The device fingerprint of the electronic device is similar to the situation that the government uses an identity card to identify the citizen in the real world, and is a technology for distinguishing different electronic devices in the fields of internet and mobile internet.
The device fingerprint has a wide range of usage scenarios, for example, in a live air control scenario, the device fingerprint may be used to assist user authentication, such as confirming and analyzing an event of "whether a certain operation is performed by the user himself" using the device fingerprint. Therefore, the safety and the stability of the generated device fingerprint are improved, and the method is an important technical means for improving the interaction safety of the interconnection information.
Disclosure of Invention
Based on the above, the application provides a device fingerprint processing method, a user side, a server, a system and a storage medium.
According to a first aspect of an embodiment of the present application, a live broadcast wind control system is provided, where the live broadcast wind control system includes a wind control server and a live broadcast user side;
the live broadcast user side acquires own equipment information by using an acquisition script; acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm; sending the second device fingerprint and the device information to the wind control server;
the wind control server acquires the first equipment fingerprint from the second equipment fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
According to a second aspect of the embodiments of the present application, a method for processing a device fingerprint is provided, where the method is applied to a live broadcast user side in a live broadcast wind control system, and the method includes:
collecting self equipment information by using a collection script;
acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm;
generating a check code by using a preset algorithm, inserting the check code into the first device fingerprint, and generating a second device fingerprint;
sending the second device fingerprint and the device information to the wind control server;
the second device fingerprint and the device information are used for triggering the wind control server to acquire the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
According to a third aspect of the embodiments of the present application, a method for processing a device fingerprint is provided, where the method is applied to a wind control server in a live broadcast wind control system, and the method includes:
receiving a second device fingerprint and device information sent by a live broadcast user side; the second device is generated by the first device fingerprint and a check code, and the check code is generated by using a preset algorithm; the first equipment is generated according to the equipment information, and the equipment information is acquired by the live broadcast user side through an acquisition script;
acquiring the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm;
acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information;
determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
According to a fourth aspect of the embodiments of the present application, there is provided a live broadcast user end, including a memory for storing executable instructions and a processor; wherein the processor, when executing the executable instructions, performs the steps of the method of any one of the second aspects.
According to a fifth aspect of embodiments of the present application, there is provided a wind control server, comprising a memory for storing executable instructions and a processor; wherein the processor, when executing the executable instructions, performs the steps of the method of any one of the third aspects.
According to a sixth aspect of embodiments herein, there is provided a computer readable storage medium, having stored thereon a computer program which, when executed by a processor, performs the steps of the method of any one of the first aspects.
The scheme of the embodiment of the application relates to a live broadcast user side and a wind control server, wherein the live broadcast user side acquires own equipment information by using an acquisition script, then acquires a second equipment fingerprint, the second equipment fingerprint is generated by a first equipment fingerprint and a check code, the first equipment fingerprint is generated according to the equipment information, the check code is generated according to a preset algorithm, and finally the second equipment fingerprint and the equipment information are sent to the wind control server; and the wind control server acquires the first equipment fingerprint from the second equipment fingerprint by using an inverse algorithm of the preset algorithm, acquires a third equipment fingerprint, generates the third equipment fingerprint according to the equipment information, and determines that the second equipment fingerprint is valid under the condition that the first equipment fingerprint is the same as the third equipment fingerprint. In this embodiment, in a first aspect, when the device fingerprint is transmitted, the second device fingerprint (obtained by inserting the verification code into the first device fingerprint) is transmitted instead of directly transmitting the first device fingerprint, and the second device fingerprint cannot be used even if illegally acquired by a third party in the transmission process, so that the risk of tampering the device fingerprint is effectively prevented, and thus, the security and the stability of the generated device fingerprint are favorably ensured; in a second aspect, the server may verify whether the second device fingerprint has been tampered with based on the third device fingerprint, thereby facilitating security and stability of the generated device fingerprint.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 and 2 are schematic structural diagrams of a wind control system according to an embodiment.
Fig. 3 and 4 are schematic diagrams illustrating two kinds of interaction timing sequences between the user terminal and the wind control server according to an embodiment.
Fig. 5 is a schematic diagram illustrating an interaction timing sequence between a user side, a wind control server, and a service server according to an embodiment of the present application.
Fig. 6 and 7 are schematic diagrams illustrating two flow charts of a processing method of device fingerprints according to an embodiment.
Fig. 8 is a schematic structural diagram of a user side according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
In order to solve the problems in the related art, an embodiment of the present application provides a method for processing a device fingerprint, which relates to a live broadcast client and a wind control server, where the live broadcast client acquires device information thereof using an acquisition script, and then acquires a second device fingerprint, where the second device fingerprint is generated from a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, the check code is generated according to a preset algorithm, and finally the second device fingerprint and the device information are sent to the wind control server; and the wind control server acquires the first equipment fingerprint from the second equipment fingerprint by using an inverse algorithm of the preset algorithm, acquires a third equipment fingerprint, generates the third equipment fingerprint according to the equipment information, and determines that the second equipment fingerprint is valid under the condition that the first equipment fingerprint is the same as the third equipment fingerprint. In this embodiment, in a first aspect, when the device fingerprint is transmitted, the second device fingerprint (obtained by inserting the verification code into the first device fingerprint) is transmitted instead of directly transmitting the first device fingerprint, and the second device fingerprint cannot be used even if illegally acquired by a third party in the transmission process, so that the risk of tampering the device fingerprint is effectively prevented, and thus, the security and the stability of the generated device fingerprint are favorably ensured; in the second aspect, the server may verify whether the second device fingerprint is tampered with according to the generated third device fingerprint, thereby facilitating to ensure security and stability of the generated device fingerprint.
In some exemplary application scenarios, statistical data analysis may be performed from the dimension of the hardware device of the user based on the device fingerprint, such as statistics of daily activity (number of active users), page browsing amount, user effective click amount, or user retention of the APP.
In other exemplary application scenarios, in the live broadcast field, there are behaviors related to internet financial activities such as live broadcast shopping, virtual gift purchase, red envelope robbing, etc., the core of the internet financial activities lies in risk control, and the basic problems to be solved by wind control are: "who you are? Where do you come from? What are you going to do? The unique identity confirmation is difficult to carry out in the online transaction, so that the equipment fingerprint can be used for assisting judgment to confirm and analyze various behaviors in the online transaction process, thereby effectively preventing the problems of garbage registration, library collision prevention, wool pulling prevention, single reverse swiping, accurate marketing, payment anti-fraud, credit-giving anti-fraud, user portrait analysis, complex relationship network and the like.
In some embodiments, referring to fig. 1, fig. 1 illustrates a schematic structural diagram of a live wind control system, where the live wind control system includes a wind control server 20 and a live client 10. The live broadcast user terminal 10 may be a main broadcast terminal in a live broadcast scene, or may be a viewer terminal in the live broadcast scene, which is not limited in this embodiment.
The live broadcast user terminal 10 collects the own equipment information by using the collection script; acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm; and sending the second device fingerprint and the device information to the wind control server 20.
The wind control server 20 obtains the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
In some embodiments, a device fingerprint processing component may be loaded in the live client 10, so that the live client 10 may execute the process related to the device fingerprint mentioned in this embodiment through the device fingerprint processing component, where the device fingerprint processing component is configured to actively send an acquisition request to the wind control server 20 after detecting a specified operation (such as entering a specified page or triggering a specified control) of the live client 10.
In an example, the device fingerprint processing component may be generated in an SDK manner, and an SDK may be implanted in the live broadcast user terminal 10 to be embedded in a required service scene, where the service scene may be a scene in which the live broadcast user terminal 10 enters a specified page or a scene in which the live broadcast user terminal 10 triggers a specified control; in one example, the designated page can be, for example, a login page, a payment page, a coupon pickup page, a red envelope distribution page, or the like, and the designated control can be, for example, a payment control, a login control, a coupon pickup control, or the like.
Then, under the condition that it is detected that the live broadcast user end 10 enters a specified page or a specified control is triggered, the live broadcast user end 10 may actively send a collection request to the wind control server 20, so that the wind control server 20 may respond to the collection request and return the collection script to the live broadcast user end 10, and then the live broadcast user end 10 uses the collection script to collect the own device information after receiving the collection script. The device information includes, but is not limited to, system environment information, hardware information, sensor information, a system ID or a MAC address, etc. For example, the live client 10 may delete the capture script after capturing the device information using the capture script. In this embodiment, the acquisition script is stored in the wind control server 20, and is not locally stored at the live broadcast client 10, and the live broadcast client 10 needs to acquire the device information based on the acquisition script issued by the wind control server 20 at each time, so that the acquisition script can be effectively prevented from being statically analyzed reversely, a third-party device cannot know specific content of the acquired device information, and the security and stability of the generated device fingerprint can be ensured.
In order to further improve the security of the device fingerprint, the live broadcast user terminal 10 and the wind control server 20 can predetermine in advance the key pair that can carry out encryption and decryption, the wind control server 20 can respond to after receiving the acquisition request uses the public key pair the acquisition script is encrypted, and sends the acquisition script after encrypting to the live broadcast user terminal 10, then the live broadcast user terminal 10 can use the private key to decrypt the acquisition script after encrypting, and uses the acquisition script after decrypting to collect the device information.
Of course, considering that the live broadcast client 10 may not receive the acquisition script sent by the wind control server 20 after sending the acquisition request due to a network fault, a network congestion or a wind control server fault, in this case, it may be preset that the device fingerprint processing component carries the acquisition script, and in the case that the acquisition script sent by the wind control server 20 is not received within a preset time period, the acquisition script carried by the device fingerprint processing component may be used to acquire the device information, thereby ensuring that the device information can be normally and effectively acquired. In some embodiments, the device information that can be collected by different operating systems may vary, taking into account the different open permissions of the different operating systems. Therefore, the collection script may include sub-collection scripts for different operating systems, and the device information collected by the sub-collection scripts corresponding to the different operating systems is different. It can be understood that the device information collected by the sub-collection scripts corresponding to different operating systems is data that can be collected within the open authority permitted by the operating systems. The live broadcast client 10 may select a target sub-collection script from the collection scripts according to its own operating system, and then collect the device information using the target sub-collection script. The embodiment acquires the corresponding device information according to different operating systems, and is beneficial to ensuring that the device fingerprints capable of playing a role of unique identification can be generated on different devices and carriers.
For example, the acquisition script further carries mapping relationships between different operating systems and sub acquisition scripts, so that the live broadcast client 10 may select a target sub acquisition script from the acquisition scripts according to its own operating system and the mapping relationships.
In some embodiments, in order to save operating resources of the live user side 10, the live user side 10 may store the second device fingerprint in the local storage space after first generating the second device fingerprint, so that the second device fingerprint may be reused without being regenerated. The live broadcast user end 10 may detect whether the second device fingerprint is stored in a local storage space after acquiring the device information by using the issued acquisition script each time, and under the condition that the second device fingerprint is stored in the local storage space, the live broadcast user end 10 may acquire the second device fingerprint from the local storage space, and directly send the second device fingerprint and the device information acquired by using the acquisition script this time to the wind control server 20 without generating the second device fingerprint again, which is beneficial to saving the running resources of the live broadcast user end 10; and in the case that the local storage space does not store the second device fingerprint, after the live broadcast user end 10 collects the device information, the live broadcast user end may generate a first device fingerprint according to the device information, then generate a check code by using a preset algorithm, fuse the first device fingerprint and the check code to generate a second device fingerprint, and then send the second device fingerprint and the device information to the wind control server 20.
For example, in a case that the local storage space does not store the second device fingerprint, after the live client 10 collects the device information, the device information may be processed by using a preset encryption algorithm to obtain the first device fingerprint, where the preset encryption algorithm includes, but is not limited to, a DES encryption algorithm, an MD5 algorithm, and the like; and then generating a check code by using a preset algorithm, and fusing the first equipment fingerprint and the check code to generate a second equipment fingerprint.
For example, a check code may be generated in a variety of ways and fused with the first device fingerprint to generate the second device fingerprint.
In some possible implementations, the live client 10 may process the first device fingerprint to generate a check code; if the first device fingerprint is subjected to hash operation, a first character string is obtained, then characters at least one appointed position in the first character string are extracted to obtain a check code, and then the check code and the first device fingerprint are spliced to obtain the second device fingerprint; for another example, the first device fingerprint is encoded (e.g., dictionary encoding, interval encoding, and the like) to obtain a check code, and the check code is inserted into a designated position in the first device information to obtain a second device fingerprint.
In some possible implementations, the live client 10 may process the attribute information of the first device fingerprint to generate a check code; the attribute information includes, but is not limited to, a length value (or a data size) and a generation time of the first device information, and the length value is taken as an example: if the length value of the first device information can be negated, a check code is obtained, and the check code is inserted into a specified position in the first device fingerprint to generate a second device fingerprint; if the length value of the first device information is encoded to obtain a check code, the check code and the first device information are spliced to obtain a second device fingerprint.
In some possible implementations, to further improve the confidentiality and security of the second device fingerprint, the live user terminal 10 may further synthesize the first device fingerprint and its attribute information to generate the check code. In an example, when generating a second device fingerprint, the live broadcast user terminal 10 performs a hash operation on the first device fingerprint to obtain a first character string, and then extracts a character in at least one specified position in the first character string to obtain a first password string; the at least one designated location may be specifically set according to an actual application scenario, for example, bits 1, 8, 16, and 24 in the first string are extracted and then spliced into the first password string. Then, the live broadcast user side 10 processes the first character string to obtain a subscript character, encodes the subscript character by using a preset password dictionary to obtain an encoded character, and splices the encoded character and the first password string to obtain a second password string; the preset password dictionary may be set according to an actual application scenario, and this embodiment does not limit this, for example, the preset password dictionary is "mzrypbqxtwkfuacsvgldjhnio". Then, the live broadcast user end 10 performs a modulo multi-round switching process on the first character string to obtain a first flag character, and inserts the first flag character into the first device fingerprint according to the position indicated by the subscript character; then, a length value of the device information is obtained, and a second zone character is generated according to the length value and the first zone character, for example, the length value and the first zone character are subjected to xor operation to generate the second zone character; finally, the second password string, the first zone bit character, the second zone bit character, the length value after the negation and the first equipment fingerprint inserted with the first zone bit character are spliced to obtain a second character string; and encrypting the second character string to generate the second device fingerprint. In this embodiment, generating the second device fingerprint in the above manner is beneficial to improving the security and safety of the second device fingerprint, so that the second device fingerprint is difficult to be illegally tampered in the transmission process.
In this embodiment, the splicing sequence of the second password string, the first flag character, the second flag character, the inverted length value, and the first device fingerprint into which the first flag character is inserted is not limited in any way, and may be specifically set according to an actual application scenario, for example, the splicing sequence of "the second password string → the first flag character → the second flag character → the first device fingerprint into which the first flag character is inserted → the inverted length value" is performed to obtain the second character string, and then the second character string may be encrypted by using a preset encryption algorithm, such as a DES encryption algorithm, to generate the second device fingerprint.
Further, the second device fingerprint may be processed into a visible string using a preset visibility algorithm, such as a base64 algorithm, so as to facilitate viewing and transmission.
Under the condition that the local storage space does not store the second device fingerprint, after the live broadcast client 10 generates the second device fingerprint, the live broadcast client stores the second device fingerprint in the current storage space, and sends the generated second device fingerprint and the device information acquired by using the acquisition script to the wind control server 20. Under the condition that the local storage space stores the second device fingerprint, the live broadcast user side 10 acquires the second device fingerprint from the local storage space, and sends the acquired second device fingerprint and the device information acquired by using the acquisition script to the wind control server 20.
In some embodiments, for a scenario in which the wind control server 20 issues the acquisition script, it is considered that there may be behaviors such as virtual execution that affect the security of the device fingerprint, for example, after a certain live user terminal 10 acquires device information using the acquisition script issued at the current time, the device information is illegally acquired by a third-party user, and after the third-party user receives the acquisition script, the third-party user does not execute the acquisition script but sends the illegally acquired device information to the wind control server 20, which causes a security risk problem in the device fingerprint generation or verification process. Based on this, the acquisition script issued by the wind control server 20 further carries a verification instruction, the verification instruction is randomly acquired from a first database by the wind control server 20, the first database stores a plurality of different verification instructions, after receiving the acquisition script, the live broadcast user terminal 10 further executes the verification instruction to obtain a verification result, and synchronously sends the verification result, the second device fingerprint and the device information to the wind control server 20; the wind control server 20 may determine whether the device information is acquired based on the collection script issued this time according to the verification result, so as to effectively determine whether the collection script is virtually executed, and thus protect the security and stability of the device fingerprint in all directions.
As an example, the first database may store the plurality of different verification instructions and verification results thereof, after receiving the verification result, the second device fingerprint, and the device information, the wind control server 20 may compare the verification result sent by the live broadcast user terminal 10 with the verification result of the verification instruction stored in the first database, if the comparison is consistent, it is determined that the device information is acquired based on the collection script issued this time, and if the comparison is inconsistent, it is determined that the device information does not meet the requirement, the second device fingerprint and the device information sent by the live broadcast user terminal 10 this time are discarded, further, the collection script may be issued to the live broadcast user terminal 10 again, thereby facilitating improvement of security of a device fingerprint generation or verification process.
It can be understood that, in this embodiment, the verification instruction is not limited at all, and may be specifically set according to an actual application scenario, for example, the verification instruction may be a mathematical operation problem, and for example, the verification instruction may be an object that meets requirements and is selected from a plurality of objects (such as pictures, characters, or characters).
In some embodiments, after receiving the verification result, the second device fingerprint, and the device information, and determining, based on the verification result, that the device information is acquired based on the acquisition script issued this time, the wind control server may acquire, by using an inverse algorithm of the preset algorithm, the first device fingerprint from the second device fingerprint, and then acquire a third device fingerprint, where the third device fingerprint is generated according to the device information, compare the first device fingerprint with the third device fingerprint, and if the first device fingerprint is the same as the third device fingerprint, determine that the second device fingerprint is valid; wherein the third device fingerprint and device information used to generate the third device fingerprint may be stored in a second database. In this embodiment, the wind control server 20 may verify whether the second device fingerprint is tampered with according to the third device fingerprint, and may effectively identify the swipe registration, the library collision, the swipe of the black, grey and wool parties, the fraud, and the like, thereby being beneficial to ensuring the security and the stability of the generated device fingerprint.
Under the condition that the local storage space of the live broadcast user end 10 stores the second device fingerprint and the wind control server 20 stores the third device fingerprint correspondingly, there may be some special situations that cause the storage space of the live broadcast user end 10 to be refreshed, the second device fingerprint stored in the local storage space of the live broadcast user end 10 is deleted, the live broadcast user end 10 regenerates the second device fingerprint, but the wind control server 20 already has the corresponding third device fingerprint. For example, the system or version of the live broadcast client 10 is updated, or the APP related to the second device fingerprint is uninstalled and then reinstalled, and the second device fingerprint stored in the local storage space of the live broadcast client 10 is deleted, that is, the local storage space of the live broadcast client 10 does not store the second device fingerprint, so that the live broadcast client 10 collects device information based on the currently issued collection script and regenerates the second device fingerprint.
In order to be compatible with the above situation, after receiving the second device fingerprint and the device information, the wind control server compares the device information sent by the live broadcast user terminal 10 with the device information stored in the second database, and determines the similarity between the two devices; in an example, the device information sent by the live broadcast user terminal 10 may be compared with all the device information stored in the second database one by one, and the similarity between the two devices is determined; in another example, considering that the amount of data stored in the second database is increasing with time, in order to save the calculation resources of the wind control server 20, the device information sent by the live client 10 may be compared with the device information stored in the second database in a preset time period one by one, and the similarity between the two devices may be determined.
In some embodiments, if the similarity is greater than a preset threshold, it indicates that the live broadcast user terminal 10 does not generate a second device fingerprint for the first time, and a corresponding third device fingerprint is already stored in the wind control server 20, the wind control server 20 obtains a third device fingerprint corresponding to the device information in the second database, obtains the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm, and compares the first device fingerprint with the third device fingerprint, and if the first device fingerprint is the same as the third device fingerprint, it determines that the second device fingerprint is valid; if the first device fingerprint and the third device fingerprint are different, it indicates that the live broadcast user end 10 may have a small amount of information changed due to a system or version update, and the like, in the re-collected device information, so that a new second device fingerprint is generated, in order to uniquely identify the same live broadcast user end, the wind control server 20 may send the third device fingerprint corresponding to the device information in the second database to the live broadcast user end 10, after receiving the third device fingerprint, the live broadcast user end 10 generates a check code using a preset algorithm and inserts the check code into the third device fingerprint, generates the second device fingerprint, and then replaces the original second device fingerprint with the generated second device fingerprint. In this embodiment, based on the above comparison method, even if a small amount of device information is changed due to a system update or version update of the live broadcast user terminal 10, the same device fingerprint may be used to ensure the unique identifier of the live broadcast user terminal 10, which is beneficial to improving the stability of the device fingerprint.
In addition, in consideration of the security problem during the transmission process, under the condition that the similarity is greater than the preset threshold and the first device fingerprint and the third device fingerprint are different, the wind control server 20 may also generate a check code by using a preset algorithm after acquiring the third device fingerprint corresponding to the device information in the second database, insert the check code into the third device fingerprint, generate a second device fingerprint, and send the second device fingerprint to the live broadcast client 10, where the live broadcast client 10 replaces the original second device fingerprint with the second device fingerprint sent by the wind control server 20. In this embodiment, the second device fingerprint is transmitted instead of directly transmitting the third device fingerprint, which effectively prevents the risk of tampering the device fingerprint, thereby facilitating the security and stability of the generated device fingerprint.
In other embodiments, if the similarity is less than or equal to a preset threshold, it indicates that the live broadcast user end 10 generates a second device fingerprint for the first time, and a corresponding third device fingerprint is not stored in the wind control server 20, the wind control server 20 generates a third device fingerprint according to the device information sent by the live broadcast user end 10, and obtains the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; and comparing the third device fingerprint with the first device fingerprint, and if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid, and storing the third device fingerprint and corresponding device information in a second database.
It can be understood that the preset threshold corresponding to the similarity may be specifically set according to an actual application scenario, which is not limited in this embodiment, for example, the preset threshold is set to be sufficient to distinguish device fingerprints between different live broadcast user terminals.
In some embodiments, the third device fingerprint is further associated with a trustworthiness score of the live user terminal 10; as mentioned above, when the similarity is less than or equal to the preset threshold, the wind control server 20 generates a third device fingerprint according to the device information sent by the live broadcast user terminal 10, and the generated third device fingerprint is not associated with the confidence score of the live broadcast user terminal 10, so that the preset confidence score of the live broadcast user terminal 10 is associated with the third device fingerprint under the condition that the third device fingerprint is determined to be stored. For example, in a case where a third device fingerprint is generated for the first time, the reliability of the live broadcast user end 10 corresponding to the third device fingerprint cannot be evaluated yet, so an initial reliability score may be preset for the live broadcast user end 10, for example, the same initial reliability score may be preset for all the live broadcast user ends 10.
When the similarity is greater than the preset threshold, the wind control server 20 already stores a corresponding third device fingerprint, and the third device fingerprint is associated with the credibility score of the live broadcast user terminal 10, so that the wind control server 20 may adjust the credibility score of the live broadcast user terminal 10 associated with the third device fingerprint according to the similarity. In this embodiment, by associating the credibility scores of the live broadcast user terminals 10, it is helpful to effectively evaluate the variation degree of the device information of the live broadcast user terminals 10, and thus, the security evaluation of the live broadcast user terminals 10 is realized.
Illustratively, in the process of adjusting the credibility score of the live broadcast user terminal 10 associated with the third device fingerprint according to the similarity, the similarity and the reduction of the credibility score form a negative correlation relationship, the greater the similarity, the smaller the reduction of the credibility score, the smaller the similarity, and the greater the reduction of the credibility score; in an example, for example, the feasibility score of the live broadcast user terminal 10 is 90 points, if the similarity is 100%, the reduction of the credibility score is 0, that is, the credibility score is unchanged, and is still 90 points; if the similarity is 80%, the reduction amplitude of the credibility score is 5, namely the adjusted credibility score is 85 (90-5).
For example, the adjustment times of the credibility score of the live broadcast user end 10 associated with the third device fingerprint may be counted, generally, a normal user rarely actively tampers with the device fingerprint, and if the acquired device information changes frequently, the credibility score of the live broadcast user end 10 associated with the same third device fingerprint needs to be adjusted multiple times, which may be a suspicious user, the credibility score of the live broadcast user end 10 associated with the third device fingerprint may be further reduced, that is, the credibility score is also in a negative correlation with the adjustment times, and the larger the adjustment times, the smaller the credibility score is, thereby accurately evaluating the security of the live broadcast user end 10.
In some embodiments, referring to fig. 2, the live broadcast wind control system further includes a service server 30; the live broadcast client 10 is further configured to respond to a service request operation, and send the second device fingerprint and a service request corresponding to the service request operation to the service server 30; the service server 30 is configured to send the second device fingerprint to the wind control server 20; the wind control server 20 is further configured to obtain the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm, search the second database for a target third device fingerprint that is the same as the first device fingerprint, and send the credibility score of the live broadcast user end 10 associated with the target third device fingerprint to the service server 30; the service server 30 is further configured to determine a processing manner for the service request according to the credibility score of the live broadcast user terminal 10; the processing mode comprises responding to the service request or discarding the service request; that is to say, the service server 30 may determine to release or intercept the user operation according to the credibility score of the live broadcast user end 10 associated with the target third device fingerprint, and can effectively identify the registration, library collision, order brushing, fraud, and the like of black, grey and wool parties, thereby ensuring the safe execution of the service request.
Referring to fig. 3, fig. 3 shows a timing chart of an interaction between the live client 10 and the wind server 20.
In step 11, the live broadcast client 10 sends an acquisition request to the wind control server 20 in response to entering a specified page or triggering a specified control;
in step 12, the wind control server 20 responds to the acquisition request, and sends an acquisition script carrying a verification instruction;
in step 13, the live broadcast client 10 acquires device information of itself according to the acquisition script, and executes the verification instruction to obtain a verification result.
In step 14, in the case that the storage space does not store the second device fingerprint, the live broadcast client 10 generates a first device fingerprint according to the device information; generating a check code by using a preset algorithm, inserting the check code into the first device fingerprint, generating a second device fingerprint and storing the second device fingerprint in a local storage space; under the condition that the storage space stores the second device fingerprint, the live broadcast user side 10 acquires the second device fingerprint from the local storage space;
in step 15, the live client 10 sends the verification result, the second device fingerprint, and the device information to the wind control server 20 synchronously;
in step 16, the wind control server 20 compares the device information sent by the live broadcast user terminal 10 with the device information stored in the second database, and determines the similarity between the two devices;
in step 17, if the similarity is smaller than or equal to a preset threshold, generating a third device fingerprint according to the device information sent by the live broadcast user terminal 10, and acquiring the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; and if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid, storing the third device fingerprint and device information for generating the third device fingerprint, and associating the third device fingerprint with a preset credibility score of the live broadcast user terminal 10.
Referring to fig. 4, fig. 4 shows another interaction timing diagram between the live client 10 and the wind server 20.
In step 11, the live broadcast client 10 sends an acquisition request to the wind control server 20 in response to entering a specified page or triggering a specified control;
in step 12, the wind control server 20 responds to the acquisition request, and sends an acquisition script carrying a verification instruction;
in step 13, the live broadcast client 10 acquires device information of itself according to the acquisition script, and executes the verification instruction to obtain a verification result.
In step 14, in the case that the storage space does not store the second device fingerprint, the live broadcast client 10 generates a first device fingerprint according to the device information; generating a check code by using a preset algorithm, inserting the check code into the first device fingerprint, generating a second device fingerprint and storing the second device fingerprint in a local storage space; under the condition that the storage space stores the second device fingerprint, the live broadcast user side 10 acquires the second device fingerprint from the local storage space;
in step 15, the live client 10 sends the verification result, the second device fingerprint, and the device information to the wind control server 20 synchronously;
in step 16, the wind control server 20 compares the device information sent by the live broadcast user terminal 10 with the device information stored in the second database, and determines the similarity between the two devices;
in step 18, if the similarity is greater than a preset threshold, acquiring a third device fingerprint corresponding to the device information of the second database, acquiring the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm, and if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid;
in step 19, if the first device fingerprint and the third device fingerprint are different, sending the third device fingerprint to the live user end 10;
in step 20, if the similarity is greater than a preset threshold, adjusting the reliability score of the live broadcast user terminal 10 associated with the third device fingerprint according to the similarity;
in step 21, the live broadcast user terminal 10 generates a check code by using a preset algorithm and inserts the check code into the third device fingerprint to generate a second device fingerprint; the generated second device fingerprint is used to replace the original second device fingerprint.
Referring to fig. 5, fig. 5 shows a sequence diagram of interaction between the live client 10, the service server 30 and the wind control server 20.
In step 21, the live broadcast client 10 responds to a service request operation, and sends the second device fingerprint and a service request corresponding to the service request operation to the service server 30;
in step 22, the service server 30 sends the second device fingerprint to the wind control server 20;
in step 23, the wind control server 20 obtains the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm, and searches for a target third device fingerprint identical to the first device fingerprint from the second database;
in step 24, the wind control server 20 sends the credibility score of the live client 10 associated with the target third device fingerprint to the service server 30;
in step 25, the service server 30 determines a processing manner for the service request according to the credibility score of the live broadcast user terminal 10; the processing mode comprises responding to the service request or discarding the service request;
in step 26, the service server 30 returns a request result to the live broadcast client 10 according to a processing manner for the service request, for example, the request result is an execution result of the service request when the processing manner is to respond to the service request; and aiming at the processing mode of discarding the service request, the request result is a notification message of intercepted request.
Correspondingly, referring to fig. 6, an embodiment of the present application further provides a method for processing a device fingerprint, which is applied to a live broadcast client in a live broadcast wind control system, where the method includes:
in step S301, the device information of the live broadcast client itself is collected using a collection script.
In step S302, a second device fingerprint is obtained, where the second device fingerprint is generated from a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm.
In step S303, sending the second device fingerprint and the device information to the wind control server; the second device fingerprint and the device information are used for triggering the wind control server to acquire the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
In some embodiments, further comprising: storing the second device fingerprint in a local memory space.
Wherein the obtaining a second device fingerprint comprises:
and under the condition that the local storage space does not store the second device fingerprint, after the device information is collected, generating a first device fingerprint according to the device information, generating a check code by using a preset algorithm, and fusing the first device fingerprint and the check code to generate the second device fingerprint.
And under the condition that the local storage space stores the second equipment fingerprint, acquiring the second equipment fingerprint from the local storage space after the equipment information is acquired, and sending the second equipment fingerprint and the equipment information acquired by using the acquisition script to the wind control server.
In some embodiments, the collection script is sent by the wind control server, and the collection script further carries a verification instruction.
The method further comprises the following steps: and executing the verification instruction to obtain a verification result, and synchronously sending the verification result, the second equipment fingerprint and the equipment information to the wind control server.
In some embodiments, before the receiving the acquisition script sent by the wind control server, the method further includes:
if the live broadcast user side is detected to enter a specified page or a specified control is triggered, sending a collection request to the wind control server; the collection request is used for triggering the wind control server to respond to the collection request and return the collection script.
In some embodiments, the collection scripts include child collection scripts for different operating systems; the sub-acquisition scripts corresponding to different operating systems acquire different equipment information.
The collecting the equipment information of the live broadcast user side by using the collecting script comprises the following steps:
and acquiring a target sub-acquisition script from the acquisition script according to an operating system of the device, and acquiring the equipment information by using the target sub-acquisition script.
In some embodiments, the method further comprises: receiving a third device fingerprint sent by the wind control server, generating a check code by using a preset algorithm, inserting the check code into the third device fingerprint, and generating a second device fingerprint; the generated second device fingerprint is used to replace the original second device fingerprint.
In some embodiments, the method further comprises: and responding to a service request operation, and sending the second device fingerprint and a service request corresponding to the service request operation to a service server.
In some embodiments, the generating a second device fingerprint by generating a check code using a preset algorithm and inserting the check code into the first device fingerprint comprises:
performing hash operation on the first device fingerprint to obtain a first character string;
extracting characters at least one appointed position in the first character string to obtain a first password string;
processing the first character string to obtain a subscript character, encoding the subscript character by using a preset password dictionary to obtain an encoding character, and splicing the encoding character and the first password string to obtain a second password string;
performing a modulo multi-round exchange processing on the first character string to obtain a first marker character, and inserting the first marker character into the first device fingerprint according to a position indicated by the subscript character;
acquiring a length value of the equipment information, and generating a second zone bit character according to the length value and the first zone bit character;
splicing the second password string, the first zone bit character, the second zone bit character, the length value after inversion and the first equipment fingerprint into which the first zone bit character is inserted to obtain a second character string;
and encrypting the second character string to generate the second device fingerprint.
In some embodiments, the device information comprises at least one or more of: system environment information, hardware information, sensor information, system ID, and MAC address.
Correspondingly, referring to fig. 7, an embodiment of the present application further provides a device fingerprint processing method, which is applied to a wind control server in a live broadcast wind control system, and the method includes:
in step S401, receiving a second device fingerprint and device information sent by a live client; the second device is generated by the first device fingerprint and a check code, and the check code is generated by using a preset algorithm; the first equipment is generated according to the equipment information, and the equipment information is acquired by the live broadcast user side through an acquisition script.
In step S402, the first device fingerprint is obtained from the second device fingerprint using an inverse algorithm of the preset algorithm.
In step S403, a third device fingerprint is acquired, which is generated from the device information.
In step S404, the third device fingerprint is stored if the first device fingerprint and the third device fingerprint are identical.
In some embodiments, the device information is acquired by the live broadcast user side using an acquisition script sent by the wind control server; the acquisition script also carries a verification instruction, the verification instruction is randomly acquired from a first database by the wind control server, and the first database stores a plurality of different verification instructions;
the method further comprises the following steps: and receiving a verification result obtained by the live broadcast user side executing the verification instruction, and determining whether the equipment information is acquired based on the acquisition script issued this time according to the verification result.
In some embodiments, the method further comprises: and returning the acquisition script according to the acquisition request sent by the live broadcast user side.
In some embodiments, the collection scripts include child collection scripts for different operating systems; the sub-acquisition scripts corresponding to different operating systems acquire different equipment information.
In some embodiments, the third device fingerprint and device information used to generate the third device fingerprint are stored in a second database;
after step S401, the method further comprises: comparing the equipment information sent by the live broadcast user side with the equipment information stored in the second database, and determining the similarity of the two equipment information; if the similarity is smaller than or equal to a preset threshold value, generating a third device fingerprint according to the device information sent by the live broadcast user terminal, and if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid; and if the similarity is greater than a preset threshold value, acquiring a third device fingerprint corresponding to the device information of the second database, if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid, and if not, determining that the second device fingerprint is invalid and sending the third device fingerprint to the live broadcast user side.
In some embodiments, the method further comprises: if the similarity is smaller than or equal to a preset threshold value, associating the generated third device fingerprint with a preset credibility score of the live broadcast user terminal; and if the similarity is larger than a preset threshold value, adjusting the credibility score of the live broadcast user end associated with the third equipment fingerprint according to the similarity.
In some embodiments, the method further comprises: receiving a second device fingerprint sent by a service server, acquiring the first device fingerprint from the second device fingerprint by using the inverse algorithm of the preset algorithm, searching a target third device fingerprint which is the same as the first device fingerprint from the second database, and sending the credibility score of the live broadcast user end associated with the target third device fingerprint to the service server.
For the method embodiment, since it basically corresponds to the system embodiment, the relevant points may be referred to the partial description of the system embodiment.
Accordingly, referring to fig. 8, an embodiment of the present application further provides a live client 10, which includes a memory 52 for storing executable instructions, a processor 51, and a communication module 53.
Wherein the processor 51, when executing the executable instructions, is configured to: acquiring the self equipment information of the live broadcast user side by using an acquisition script; and acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm.
The communication module 53 is configured to: sending the second device fingerprint and the device information to the wind control server; the second device fingerprint and the device information are used for triggering the wind control server to acquire the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
The Processor 51 executes executable instructions included in the memory 52, and the Processor 51 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, a discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 52 stores executable instructions of a processing method of a device fingerprint, and the memory 52 may include at least one type of storage medium including a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. Also, the apparatus may cooperate with a network storage device that performs a storage function of the memory through a network connection. The storage 52 may be an internal storage unit of the live client 10, such as a hard disk or a memory of the live client 10. The memory 52 may also be an external storage device of the live client 10, such as a plug-in hard disk provided on the live client 10, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 52 may also include both internal storage units and external storage devices of the live user terminal 10. The memory 52 is used to store executable instructions and other programs and data required by the device. The memory 52 may also be used to temporarily store data that has been output or is to be output.
The communication module 53 and the specific communication mode of the wind control server can be specifically set according to an actual application scene, for example, the communication module 53 establishes a wireless communication connection with the wind control server through a near field communication mode (such as bluetooth, wifi, infrared or UWB) or a mobile communication mode (such as 3G, 4G) to realize data interaction between the two.
Correspondingly, the embodiment of the application also provides a wind control server which comprises a memory used for storing executable instructions, a processor and a communication module.
The communication module is used for receiving a second device fingerprint and device information sent by a live broadcast user side; the second equipment is generated by a first equipment fingerprint and a check code, and the check code is generated by using a preset algorithm; the first equipment is generated according to the equipment information, and the equipment information is acquired by the live broadcast user side through an acquisition script.
The processor, when executing the executable instructions, is configured to: acquiring the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
The various embodiments described herein may be implemented using a computer-readable medium such as computer software, hardware, or any combination thereof. For a hardware implementation, the embodiments described herein may be implemented using at least one of an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a processor, a controller, a microcontroller, a microprocessor, and an electronic unit designed to perform the functions described herein. For a software implementation, the implementation such as a process or a function may be implemented with a separate software module that allows performing at least one function or operation. The software codes may be implemented by software applications (or programs) written in any suitable programming language, which may be stored in memory and executed by the controller.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
In one embodiment, the present application further provides a computer-readable storage medium having a computer program stored thereon, which when executed by a processor, performs the steps of the method of any of the above embodiments.
This application may take the form of a computer program product embodied on one or more storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having program code embodied therein. Computer-usable storage media include permanent and non-permanent, removable and non-removable media, and information storage may be implemented by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of the storage medium of the computer include, but are not limited to: phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technologies, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic tape storage or other magnetic storage devices, or any other non-transmission medium, may be used to store information that may be accessed by a computing device.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (15)
1. A live broadcast wind control system is characterized by comprising a wind control server and a live broadcast user side;
the live broadcast user side acquires own equipment information by using an acquisition script; acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm; sending the second device fingerprint and the device information to the wind control server;
the wind control server acquires the first equipment fingerprint from the second equipment fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
2. The live wind control system of claim 1,
when acquiring the fingerprint of the second device, the live broadcast user side executes the following steps:
under the condition that the second device fingerprint is not stored in the local storage space, executing the step of generating the second device fingerprint, storing the generated second device fingerprint into the local storage space, and sending the second device fingerprint and the device information to the wind control server;
and under the condition that the local storage space stores the second equipment fingerprint, acquiring the second equipment fingerprint from the local storage space, and sending the second equipment fingerprint and the equipment information acquired by using the acquisition script to the wind control server.
3. Live wind control system according to claim 1 or 2,
the wind control server sends the acquisition script to the live broadcast user side; the wind control server acquires the verification instruction from a first database at random, and the first database stores a plurality of different verification instructions;
the live broadcast user side executes the verification instruction to obtain a verification result, and synchronously sends the verification result, the second equipment fingerprint and the equipment information to the wind control server;
and the wind control server determines whether the equipment information is acquired based on the acquisition script issued this time according to the verification result.
4. The live broadcast wind control system according to claim 3, wherein if it is detected that the live broadcast user side enters a specified page or a specified control is triggered, the live broadcast user side sends a collection request to the wind control server; the collection request is used for triggering the wind control server to respond to the collection request and return the collection script.
5. The live wind control system according to claim 1, wherein the collection scripts include sub-collection scripts for different operating systems; the sub-acquisition scripts corresponding to different operating systems acquire different equipment information;
and the live broadcast user side acquires a target sub-acquisition script from the acquisition script according to an operating system of the live broadcast user side, and acquires the equipment information by using the target sub-acquisition script.
6. The live wind control system of claim 1, wherein the third device fingerprint and device information used to generate the third device fingerprint are stored in a second database;
after receiving the second device fingerprint and the device information, the wind control server performs the following steps:
comparing the equipment information sent by the live broadcast user side with the equipment information stored in the second database, and determining the similarity of the two equipment information;
if the similarity is smaller than or equal to a preset threshold value, generating a third device fingerprint according to the device information sent by the live broadcast user terminal, and if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid;
if the similarity is greater than the preset threshold value, acquiring a third device fingerprint corresponding to the device information of the second database, if the first device fingerprint is the same as the third device fingerprint, determining that the second device fingerprint is valid, otherwise, determining that the second device fingerprint is invalid and sending the third device fingerprint to the live broadcast user end;
after receiving the third fingerprint, the live broadcast user side generates a check code by using a preset algorithm and inserts the check code into the third equipment fingerprint to generate a second equipment fingerprint; the generated second device fingerprint is used to replace the original second device fingerprint.
7. The live wind control system of claim 6, wherein the third device fingerprint is further associated with a trustworthiness score of the live user;
the wind control server executes the following steps:
if the similarity is smaller than or equal to a preset threshold value, associating the generated third device fingerprint with a preset credibility score of the live broadcast user terminal;
and if the similarity is larger than a preset threshold value, adjusting the credibility score of the live broadcast user end associated with the third equipment fingerprint according to the similarity.
8. The live air control system of claim 7, further comprising a business server;
the live broadcast user side also responds to a service request operation and sends the second equipment fingerprint and a service request corresponding to the service request operation to the service server;
the business server sends the second equipment fingerprint to the wind control server;
the wind control server acquires the first equipment fingerprint from the second equipment fingerprint by using an inverse algorithm of the preset algorithm, searches a target third equipment fingerprint which is the same as the first equipment fingerprint from the second database, and sends the credibility score of the live broadcast user end associated with the target third equipment fingerprint to the service server;
the service server determines a processing mode aiming at the service request according to the credibility score of the live broadcast user side; the processing mode comprises responding to the service request or discarding the service request.
9. The live wind control system according to claim 1, wherein in generating the second device fingerprint, the live client performs the steps of:
performing hash operation on the first device fingerprint to obtain a first character string;
extracting characters at least one appointed position in the first character string to obtain a first password string;
processing the first character string to obtain a subscript character, encoding the subscript character by using a preset password dictionary to obtain an encoding character, and splicing the encoding character and the first password string to obtain a second password string;
performing a modulo multi-round exchange processing on the first character string to obtain a first marker character, and inserting the first marker character into the first device fingerprint according to a position indicated by the subscript character;
acquiring a length value of the equipment information, and generating a second zone bit character according to the length value and the first zone bit character;
splicing the second password string, the first zone bit character, the second zone bit character, the length value after inversion and the first equipment fingerprint into which the first zone bit character is inserted to obtain a second character string;
and encrypting the second character string to generate the second device fingerprint.
10. The live wind control system of claim 1, wherein the device information comprises at least one or more of: system environment information, hardware information, sensor information, system ID, and MAC address.
11. A processing method of device fingerprints is applied to a live broadcast user side in a live broadcast wind control system, and the method comprises the following steps:
collecting self equipment information by using a collection script;
acquiring a second device fingerprint, wherein the second device fingerprint is generated by a first device fingerprint and a check code, the first device fingerprint is generated according to the device information, and the check code is generated according to a preset algorithm; sending the second device fingerprint and the device information to the wind control server;
the second device fingerprint and the device information are used for triggering the wind control server to acquire the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm; acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information; determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
12. A processing method of device fingerprints is applied to a wind control server in a live broadcast wind control system, and the method comprises the following steps:
receiving a second device fingerprint and device information sent by a live broadcast user side; the second equipment is generated by a first equipment fingerprint and a check code, and the check code is generated by using a preset algorithm; the first equipment is generated according to the equipment information, and the equipment information is acquired by the live broadcast user side through an acquisition script;
acquiring the first device fingerprint from the second device fingerprint by using an inverse algorithm of the preset algorithm;
acquiring a third device fingerprint, wherein the third device fingerprint is generated according to the device information;
determining that the second device fingerprint is valid if the first device fingerprint and the third device fingerprint are the same.
13. A live broadcast user end is characterized by comprising a memory, a processor and a communication module, wherein the memory is used for storing executable instructions;
wherein the processor, when executing the executable instructions, performs the steps of the method of claim 11;
and the communication module is used for sending the second equipment fingerprint and the equipment information to a wind control server.
14. A wind control server comprising a memory for storing executable instructions, a processor and a communication module;
the communication module is used for receiving a second device fingerprint and device information sent by a live broadcast user side;
the steps of the method of claim 12 are implemented when the processor executes the executable instructions.
15. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of one of the claims 11 or 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111006817.6A CN113709513B (en) | 2021-08-30 | 2021-08-30 | Equipment fingerprint processing method, user side, server, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111006817.6A CN113709513B (en) | 2021-08-30 | 2021-08-30 | Equipment fingerprint processing method, user side, server, system and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113709513A true CN113709513A (en) | 2021-11-26 |
| CN113709513B CN113709513B (en) | 2023-03-10 |
Family
ID=78657001
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111006817.6A Active CN113709513B (en) | 2021-08-30 | 2021-08-30 | Equipment fingerprint processing method, user side, server, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113709513B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114971349A (en) * | 2022-06-09 | 2022-08-30 | 北京百度网讯科技有限公司 | Information generation method, device, equipment, storage medium and program product |
| CN116015812A (en) * | 2022-12-16 | 2023-04-25 | 迈普通信技术股份有限公司 | Server fingerprint authentication method, device and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106529963A (en) * | 2016-11-26 | 2017-03-22 | 杭州邦盛金融信息技术有限公司 | System and method for security authentication of mobile devices |
| CN109818906A (en) * | 2017-11-21 | 2019-05-28 | 深圳市腾讯计算机系统有限公司 | A kind of device-fingerprint information processing method, device and server |
| CN109902493A (en) * | 2019-01-04 | 2019-06-18 | 平安科技(深圳)有限公司 | The delivery method and server of script |
| CN111585995A (en) * | 2020-04-27 | 2020-08-25 | 平安银行股份有限公司 | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium |
| US10862883B1 (en) * | 2017-10-09 | 2020-12-08 | Amazon Technologies, Inc. | Custom authorization of network connected devices using signed credentials |
| CN112182547A (en) * | 2020-09-15 | 2021-01-05 | 中信银行股份有限公司 | Trusted device authentication method, system, device and storage medium |
-
2021
- 2021-08-30 CN CN202111006817.6A patent/CN113709513B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106529963A (en) * | 2016-11-26 | 2017-03-22 | 杭州邦盛金融信息技术有限公司 | System and method for security authentication of mobile devices |
| US10862883B1 (en) * | 2017-10-09 | 2020-12-08 | Amazon Technologies, Inc. | Custom authorization of network connected devices using signed credentials |
| CN109818906A (en) * | 2017-11-21 | 2019-05-28 | 深圳市腾讯计算机系统有限公司 | A kind of device-fingerprint information processing method, device and server |
| CN109902493A (en) * | 2019-01-04 | 2019-06-18 | 平安科技(深圳)有限公司 | The delivery method and server of script |
| CN111585995A (en) * | 2020-04-27 | 2020-08-25 | 平安银行股份有限公司 | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium |
| CN112182547A (en) * | 2020-09-15 | 2021-01-05 | 中信银行股份有限公司 | Trusted device authentication method, system, device and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114971349A (en) * | 2022-06-09 | 2022-08-30 | 北京百度网讯科技有限公司 | Information generation method, device, equipment, storage medium and program product |
| CN116015812A (en) * | 2022-12-16 | 2023-04-25 | 迈普通信技术股份有限公司 | Server fingerprint authentication method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113709513B (en) | 2023-03-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11550935B2 (en) | Method, apparatus, and electronic device for blockchain-based recordkeeping | |
| CN107426181B (en) | The hold-up interception method and device of malice web access request | |
| CN107749848B (en) | Internet of things data processing method and device and Internet of things system | |
| CN103401957B (en) | A kind of unique method identifying client machine under web environment | |
| CN110086608A (en) | User authen method, device, computer equipment and computer readable storage medium | |
| CN103279693B (en) | A kind of file encrypting method | |
| CN110011958B (en) | Information encryption method and device, computer equipment and storage medium | |
| CN113709513B (en) | Equipment fingerprint processing method, user side, server, system and storage medium | |
| EP3887981B1 (en) | Verifying user interactions on a content platform | |
| CN112333198A (en) | Secure cross-domain login method, system and server | |
| CN112217835A (en) | Message data processing method and device, server and terminal equipment | |
| CN109447809B (en) | Video active identification method combined with block chain | |
| CN109242666A (en) | Personal reference method, apparatus and computer equipment are obtained based on block chain | |
| US7739500B2 (en) | Method and system for consistent recognition of ongoing digital relationships | |
| CN108900472B (en) | Information transmission method and device | |
| CN109145543B (en) | Identity authentication method | |
| CN113992353B (en) | Login certificate processing method and device, electronic equipment and storage medium | |
| CN111582954B (en) | False data identification method and device | |
| CN115039376A (en) | Terminal equipment information transmission method, equipment fingerprint generation method and related products | |
| CN113890866B (en) | Illegal application software identification method, device, medium and electronic equipment | |
| CN113761489B (en) | Verification method, device and equipment and storage medium | |
| CN116798153B (en) | Access control authorization opening method and device | |
| CN113420613B (en) | Identity verification method based on face recognition, face recognition system and associated equipment | |
| CN111967556B (en) | Two-dimensional code offline generation method and storage medium | |
| CN117499159B (en) | Block chain-based data transaction method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |