CN113806824A - Mouse track-based security verification method and device and computer equipment - Google Patents

Mouse track-based security verification method and device and computer equipment Download PDF

Info

Publication number
CN113806824A
CN113806824A CN202011584092.4A CN202011584092A CN113806824A CN 113806824 A CN113806824 A CN 113806824A CN 202011584092 A CN202011584092 A CN 202011584092A CN 113806824 A CN113806824 A CN 113806824A
Authority
CN
China
Prior art keywords
aggregation
mouse
track
mouse track
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011584092.4A
Other languages
Chinese (zh)
Other versions
CN113806824B (en
Inventor
陈海龙
王美青
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Holding Co Ltd
Original Assignee
Jingdong Technology Holding Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Holding Co Ltd filed Critical Jingdong Technology Holding Co Ltd
Priority to CN202011584092.4A priority Critical patent/CN113806824B/en
Publication of CN113806824A publication Critical patent/CN113806824A/en
Application granted granted Critical
Publication of CN113806824B publication Critical patent/CN113806824B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The application provides a safety verification method and device based on mouse track and computer equipment, and particularly relates to the technical field of computers. Wherein, the method comprises the following steps: responding to an acquired service request sent by a client, and acquiring a mouse track of the client within a preset time period; carrying out segmentation aggregation on the mouse track of the client within a preset time period to determine a first aggregation characteristic corresponding to the mouse track; and rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic. Therefore, when a service request sent by a client is acquired, the acquired mouse track of the client is subjected to segmentation aggregation, and when the corresponding first aggregation characteristic is matched with the illegal aggregation characteristic, the service request is rejected, so that machine attack can be effectively intercepted, safety is guaranteed, the interception speed is higher, the efficiency is higher, and good experience is provided for a user.

Description

Mouse track-based security verification method and device and computer equipment
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for security verification based on a mouse track, and a computer device.
Background
With the rapid development of computer technology, the internet has more and more machine traffic, some machine traffic may be a web crawler collecting information, and some machine traffic may be a machine attack of the black and grey industry chain. In order to ensure that the normal operation of the internet company and the benefit of the internet company are not damaged, harmful attacks need to be prevented through various ways, and various types of verification codes are generated. The verification code can intercept machine attacks to a great extent, but the normal experience of a user is influenced by the mode. How to effectively intercept machine attacks and not influence user experience is very important.
Disclosure of Invention
The present application is directed to solving, at least to some extent, one of the technical problems in the related art.
The application provides a security verification method and device based on a mouse track, computer equipment and a storage medium, so that when a service request sent by a client is obtained, the obtained mouse track of the client is subjected to segmentation aggregation, and when a corresponding first aggregation characteristic is matched with a non-legal aggregation characteristic, the service request is rejected, and the technical problem that normal experience of a user is influenced when machine attack is intercepted in the prior art is solved.
An embodiment of a first aspect of the present application provides a security verification method based on a mouse track, including:
responding to an acquired service request sent by a client, and acquiring a mouse track of the client within a preset time period;
carrying out segmentation aggregation on the mouse track of the client within a preset time period to determine a first aggregation characteristic corresponding to the mouse track;
and rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic.
According to the mouse track-based security verification method, the mouse track of the client within the preset time period is obtained by responding to the obtained service request sent by the client, then the mouse track of the client within the preset time period is subjected to segmentation aggregation to determine the first aggregation characteristic corresponding to the mouse track, and the service request is rejected under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any one preset illegal aggregation characteristic. Therefore, when a service request sent by a client is acquired, the acquired mouse track of the client is subjected to segmentation aggregation, and when the corresponding first aggregation characteristic is matched with the illegal aggregation characteristic, the service request is rejected, so that machine attack can be effectively intercepted, safety is guaranteed, the interception speed is higher, the efficiency is higher, and good experience is provided for a user.
An embodiment of a second aspect of the present application provides a security verification apparatus based on a mouse track, including:
the first acquisition module is used for responding to the acquired service request sent by the client and acquiring the mouse track of the client within a preset time period;
the first determining module is used for carrying out segmentation aggregation on the mouse track of the client within a preset time period so as to determine a first aggregation characteristic corresponding to the mouse track;
and the processing module is used for rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic.
According to the mouse track-based security verification device, the mouse track of the client within the preset time period is obtained through responding to the obtained service request sent by the client, then the mouse track of the client within the preset time period is subjected to segmentation aggregation to determine the first aggregation characteristic corresponding to the mouse track, and the service request is rejected under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any one preset illegal aggregation characteristic. Therefore, when a service request sent by a client is acquired, the acquired mouse track of the client is subjected to segmentation aggregation, and when the corresponding first aggregation characteristic is matched with the illegal aggregation characteristic, the service request is rejected, so that machine attack can be effectively intercepted, safety is guaranteed, the interception speed is higher, the efficiency is higher, and good experience is provided for a user.
An embodiment of a third aspect of the present application provides a computer device, including: the device comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein when the processor executes the program, the security verification method based on the mouse track is realized.
An embodiment of a fourth aspect of the present application provides a non-transitory computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the mouse trajectory based security verification method as set forth in the embodiment of the first aspect of the present application.
An embodiment of a fifth aspect of the present application provides a computer program product, and when an instruction processor in the computer program product executes, the method for security verification based on a mouse track provided in the embodiment of the first aspect of the present application is performed.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic flowchart of a security verification method based on a mouse track according to an embodiment of the present application;
FIG. 2 is a schematic flowchart of a security verification method based on a mouse track according to another embodiment of the present disclosure;
FIG. 3 is a schematic flowchart of a security verification method based on a mouse track according to another embodiment of the present application;
FIG. 4 is a schematic flowchart illustrating a security verification method based on a mouse track according to yet another embodiment of the present application;
fig. 5 is a schematic structural diagram of a security verification apparatus based on a mouse track according to an embodiment of the present application;
FIG. 6 is a schematic structural diagram of a security verification apparatus based on mouse tracks according to another embodiment of the present application;
FIG. 7 illustrates a block diagram of an exemplary computer device suitable for use to implement embodiments of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary and intended to be used for explaining the present application and should not be construed as limiting the present application.
The following describes a mouse trajectory-based security verification method, apparatus, computer device, and storage medium according to an embodiment of the present application with reference to the drawings.
Fig. 1 is a schematic flowchart of a security verification method based on a mouse track according to an embodiment of the present application.
The embodiment of the present application is exemplified by the fact that the security verification method based on the mouse track is configured in the security verification apparatus based on the mouse track, and the security verification apparatus based on the mouse track can be applied to any computer device, so that the computer device can execute the security verification function based on the mouse track.
The Computer device may be a Personal Computer (PC), a cloud device, a mobile device, and the like, and the mobile device may be a hardware device having various operating systems, touch screens, and/or display screens, such as a mobile phone, a tablet Computer, a Personal digital assistant, a wearable device, and an in-vehicle device.
As shown in fig. 1, the security verification method based on mouse track may include the following steps:
step 101, responding to the acquired service request sent by the client, acquiring a mouse track of the client within a preset time period.
The client may be of various types, such as a web browser, an email client, and the like, which is not limited in this application.
It can be understood that the duration corresponding to the preset time period may be a preset fixed duration, or may be different durations correspondingly set according to factors such as the type of the client, and the like, which is not limited in the present application.
In addition, the mouse track is a moving track of the mouse within a preset time period of the client, and may include one or more coordinate points, and may further include a corresponding position coordinate, a corresponding time and the like when the mouse is clicked within the preset time period, which is not limited in the present application.
For example, the acquired mouse track within the preset time period may be represented as (x)1,y1,t1),(x2,y2,t2),…,(xn,yn,tn) I is 1,2, … n wherein (x)i,yi,ti) And i is 1,2, … n at time tiThe coordinate of the pixel point of the mouse on the screen is (x)i,yi)。
Alternatively, the acquired mouse track within the preset time period may be represented as (x)1,y1),(x2,y2),…,(xn,yn) I is 1,2, … n, wherein (x)i,yi) And i is 1,2, … n, which represents the coordinate of the pixel point of the mouse on the screen as (x)i,yi)。
It should be noted that the above examples are only illustrative, and should not be taken as limiting the mouse track in the embodiment of the present application.
Step 102, carrying out segmentation aggregation on the mouse track of the client within a preset time period to determine a first aggregation characteristic corresponding to the mouse track.
For example, if the acquired mouse track within the preset time period is (x)1,y1,t1),(x2,y2,t2),…,(x1000,y1000,t1000) The method includes the steps of dividing each track point in a mouse track into 10 sections in sequence according to coordinates of the track point in the mouse track, and then conducting aggregation processing on the 10 sections of mouse tracks respectively, so that a first aggregation characteristic corresponding to the mouse track is determined.
Or the acquired mouse track in the preset time period is (x)1,y1,t1),(x2,y2,t2),…,(x20,y20,t20) The method can be divided into 4 segments in sequence, and then the 4 segments of mouse tracks are respectively subjected to aggregation processing, so that the first aggregation characteristics corresponding to the mouse tracks are determined.
It should be noted that the number of coordinates of the mouse track point and the number of corresponding segments in the above example are only examples, and cannot be used as a limitation to perform segment aggregation on the mouse track in the embodiment of the present application.
In the embodiment of the application, the mouse track of the client in the preset time period is segmented and aggregated, so that the data volume to be processed is reduced to the segmented quantity after the segmentation aggregation by the coordinate quantity of the mouse track point, the data volume to be processed is greatly reduced, data processing can be rapidly performed, and the data processing efficiency is effectively improved.
And 103, rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic.
The illegal aggregation feature may be an aggregation feature corresponding to a mouse track generated by an illegal operation, for example, an aggregation feature corresponding to a mouse track caused by a malicious attack or the like, which is not limited in this application.
In the embodiment of the application, the first aggregation feature corresponding to the acquired mouse track may be matched with a preset illegal aggregation feature, and if the first aggregation feature can be successfully matched with the illegal aggregation feature, it indicates that the mouse track may not be normally initiated by a user, for example, the mouse track may be controlled by a machine or generated by malicious attack, and further indicates that the service request may be unsafe, and for safety, the service request may be rejected.
According to the method and the device for the mouse track aggregation, the mouse track of the client within the preset time period is obtained through responding to the obtained service request sent by the client, then the mouse track of the client within the preset time period is subjected to segmentation aggregation to determine the first aggregation characteristic corresponding to the mouse track, and the service request is rejected under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any one preset illegal aggregation characteristic. Therefore, when a service request sent by a client is acquired, the acquired mouse track of the client is subjected to segmentation aggregation, and when the corresponding first aggregation characteristic is matched with the illegal aggregation characteristic, the service request is rejected, so that machine attack can be effectively intercepted, safety is guaranteed, the interception speed is higher, the efficiency is higher, and good experience is provided for a user.
In the embodiment, the acquired mouse track is segmented and aggregated to determine the corresponding first aggregation characteristic, and then the first aggregation characteristic is matched with the illegal aggregation characteristic, and if the matching is successful, the service request is rejected, so that the security check based on the mouse track can be realized. Further, when performing the segmentation aggregation on the mouse track of the client within the preset time period, the current segmentation aggregation parameter may be determined according to the type of the client, and then the mouse track may be subjected to the segmentation aggregation, which will be described in detail with reference to fig. 2.
As shown in fig. 2, the security verification method based on mouse track may include the following steps:
step 201, in response to the acquired service request sent by the client, acquiring a mouse track of the client within a preset time period.
Step 202, determining the current segmentation aggregation parameter according to the type of the client.
The segmentation aggregation parameter may include a segmentation sequence length L and an approximation degree b, or may include other parameters, which are not limited in this application.
It can be understood that the length L of the segmentation sequence is determined according to factors such as the type of the client and the like when the mouse tracks are segmented and aggregated, and this is not limited in the present application.
The approximation degree b may be determined according to factors such as the type of the client, which is not limited in the present application.
For example, if the current client type is a web browser, the obtained mouse track within the preset time is (x)1,y1,t1),(x2,y2,t2),…,(x100,y100,t100) In the process, because the networking state is controlled by a machine or the possibility of malicious attack is high, the length L of the segmentation sequence can be set to be smaller, for example, to be a numerical value of 5, 10 and the like, so that the number of the mouse track segments can be increased, and the segments are more detailed.
Or, if the current client type is the local game software page, the acquired mouse track within the preset time is (x)1,y1,t1),(x2,y2,t2),…,(x100,y100,t100) Because the possibility of malicious attack is low, the segment sequence length L may be set to be larger, for example, 20, 25, etc., so that the segment sequence length is larger and the number of segments is smaller.
It should be noted that the foregoing examples are merely illustrative, and cannot be taken as limitations for determining the current segmentation and aggregation parameters in the embodiments of the present application.
And step 203, carrying out segmentation and aggregation on the mouse track of the client within a preset time period based on the current segmentation and aggregation parameters.
It can be understood that, in the actual use process, when the mouse track of the client is segmented and aggregated within the preset time period, the mouse track may be segmented based on the length of the segmentation sequence to determine the track point coordinate set corresponding to each segment.
For example, if the acquired mouse track within the preset time is (x)1,y1,t1),(x2,y2,t2),…,(x100,y100,t100) And the length L of the segmentation sequence is 10, so that the mouse track can be divided into 10 segments, and then the track point coordinate set corresponding to each segment is determined.
Or the acquired mouse track within the preset time is (x)1,y1,t1),(x2,y2,t2),…,(x20,y20,t20) The length L of the segment sequence is 4Therefore, the mouse track can be divided into 5 segments, and then the track point coordinate set corresponding to each segment is determined.
It should be noted that the foregoing examples are merely illustrative, and cannot be taken as limitations for determining current segmentation aggregation parameters in the embodiments of the present application.
Further, based on the approximation degree, the track point coordinate set corresponding to each segment is aggregated to determine the aggregated coordinate corresponding to each segment.
The track point coordinate set corresponding to each segment can be aggregated in a form shown in formula (1), and the aggregated coordinate corresponding to each segment can be expressed as:
Figure BDA0002866536530000051
wherein L is the length of the segmentation sequence, xiThe coordinate value of each track point in each segment may be an average value of x coordinates of each track point included in each segment, or may be a certain coordinate value correspondingly selected in each segment, for example, an x coordinate value corresponding to a coordinate track located in a middle position in each segment, or other special coordinate values.
In addition, the approximation degree b in the formula may be specifically determined according to the client type and the like, which is not limited in the present application.
It is understood that the aggregation coordinate corresponding to each segment can be used as the first aggregation feature corresponding to the mouse track.
And 204, under the condition that the first aggregation characteristics corresponding to the mouse track are not matched with the preset illegal aggregation characteristics, updating the occurrence times of the first aggregation characteristics.
When the first aggregation characteristics corresponding to the mouse track are not matched with the preset illegal aggregation characteristics, the fact that the first aggregation characteristics are not in the illegal aggregation characteristic library currently is indicated. The mouse track may be a safe mouse track actively operated by a user, or may be a mouse track generated by an illegal operation.
In the embodiment of the application, in order to timely and effectively discover various illegal aggregation characteristics, any aggregation characteristics which cannot be determined whether the aggregation characteristics are legal or not can be stored, and the corresponding occurrence times of the aggregation characteristics can be updated.
It should be noted that, when the first aggregation feature corresponding to the mouse track is not matched with each preset illegal aggregation feature, the service request may be accepted.
Step 205, rejecting the service request under the condition that the first aggregation feature corresponding to the mouse track is matched with any preset illegal aggregation feature.
It should be noted that, step 204 and step 205 are not executed in a sequential order, and the present application is explained by taking step 205 after step 204 as an example, but cannot be taken as a limitation of the present application.
In the embodiment of the application, a mouse track of a client within a preset time period is obtained in response to an obtained service request sent by the client, a current segmentation and aggregation parameter is determined according to the type of the client, segmentation and aggregation are performed on the mouse track of the client within the preset time period based on the current segmentation and aggregation parameter, the occurrence frequency of a first aggregation characteristic is updated under the condition that a first aggregation characteristic corresponding to the mouse track is not matched with each preset illegal aggregation characteristic, and the first aggregation characteristic is added into an illegal aggregation characteristic library under the condition that the occurrence frequency of the first aggregation characteristic is greater than a first threshold value. Therefore, when a service request sent by the client is obtained, the mouse track of the client in a preset time period can be subjected to sectional aggregation according to the type of the client, and whether the service request is received or not is determined based on the obtained first aggregation characteristic and the matching condition of each illegal aggregation characteristic, so that the accuracy of the matching result of the first aggregation characteristic and each illegal aggregation characteristic can be improved, machine attack is effectively intercepted, safety is guaranteed, the interception efficiency is improved, and good experience is provided for a user.
In the embodiment, the mouse track is segmented and aggregated by using the segmentation and aggregation parameters determined by the type of the client to obtain the first aggregation characteristic, and whether to accept the service request is determined according to the matching condition of the first aggregation characteristic and each illegal aggregation characteristic. In one possible implementation, to further reduce the amount of data to be processed and improve the efficiency, further operations may be performed on the aggregated coordinates, which is described in detail below with reference to fig. 3.
Step 301, in response to the acquired service request sent by the client, acquiring a mouse track of the client within a preset time period.
The mouse track may include one or more coordinate points, and may further include a position coordinate, a time, and the like corresponding to when the mouse is clicked within a preset time period, which is not limited in the present application.
Step 302, determining the current segmentation aggregation parameters according to the type of the client.
The segmentation aggregation parameter may include the segmentation sequence length L and the approximation degree b, or may include other parameters, which is not limited in this application.
And 303, segmenting the mouse track based on the length of the segmentation sequence to determine a track point coordinate set corresponding to each segment.
For example, the acquired mouse trajectory is represented as (x)1,y1,t1),(x2,y2,t2),…,(xn,yn,tn) I is 1,2, … n, taking the similarity of the x-axis as an example: the segment sequence length L may be set to 20, 40, 100, etc.
It should be noted that the length L of the segment sequence may be specifically determined according to actual situations, which is not limited in this application.
And step 304, carrying out normalization processing on the coordinates of each track point in the mouse track to obtain each normalized coordinate.
Wherein, the form as shown in formula (2) can be adopted for each track point x in the mouse track1,x2,…,xnAnd carrying out normalization processing to obtain each normalized coordinate as follows:
xi=xi-x0 (2)
wherein x is0May be any selected coordinate point.
It should be noted that the above example is only an example, and other normalization methods may also be used to perform the normalization process, which is not limited in the present application.
And 305, performing smooth filtering processing on each coordinate to obtain a filtered coordinate set corresponding to each segment.
In order to reduce the influence of the abrupt change point in the mouse track, smooth filtering processing can be carried out on each coordinate, so that the data can be more accurate.
The form shown in equation (3) can be adopted, and after the smoothing filtering process is used, the coordinate set corresponding to each segment is:
Figure BDA0002866536530000061
and step 306, aggregating the filtered coordinate sets corresponding to each segment based on the approximation degree to determine an aggregated coordinate corresponding to each segment.
The approximation degree b may be set to a corresponding value, such as 10, 100, and the like, according to the type of the client, which is not limited in this application.
The filtered coordinate set corresponding to each segment may be aggregated as shown in formula (1), and the corresponding aggregated coordinate corresponding to each segment may be expressed as:
Figure BDA0002866536530000062
wherein, L is the length of the segmentation sequence, and b is the approximation degree.
And 307, performing encryption operation on each aggregation coordinate corresponding to the mouse track to generate a first aggregation characteristic corresponding to the mouse track.
Various Encryption algorithms may be used for the Encryption operation, such as MD5(Message-Digest Algorithm 5), DES (Data Encryption Standard), AES (Advanced Encryption Standard), and the like, which is not limited in this application.
For example, when the MD5 algorithm is used for the encryption operation, the aggregation coordinate corresponding to each segment of the mouse track may be encrypted in the form shown in equation (4), and the generated first aggregation characteristic may be represented as:
m=md5(w1,w2,…wL) (4)
or the obtained mouse track has 1000 track points in total, when the length of the segmentation sequence is 5, the mouse track can be divided into 200 segments, 200 groups of aggregation coordinates are provided, the aggregation coordinates are encrypted, the generated first aggregation characteristic is 1 group, and the data volume to be processed is changed from the original 200 to 1, so that the data volume of online system data storage and data transmission can be reduced, the efficiency is effectively improved, and good experience can be provided for a user.
It should be noted that the above example is only an example, and is not intended to limit the encryption operation performed on each aggregation coordinate in the embodiment of the present application.
And 308, rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic.
In the embodiment of the application, when a service request sent by a client is obtained, current segmentation aggregation parameters can be determined according to the type of the client, a mouse track is segmented based on the length of a segmentation sequence to determine a track point coordinate set corresponding to each segment, then the coordinates of each track point in the mouse track are subjected to normalization processing and smooth filtering processing to obtain a filtered coordinate set corresponding to each segment, the filtered coordinate sets corresponding to each segment are aggregated based on the approximation degree to determine an aggregation coordinate corresponding to each segment, each aggregation coordinate corresponding to the mouse track is subjected to encryption operation to generate a first aggregation characteristic corresponding to the mouse track, and when the corresponding first aggregation characteristic is matched with a non-legal aggregation characteristic, the service request is rejected, and the data volume of on-line system data storage and data transmission can be effectively reduced, the efficiency of data processing is improved to further guarantee safety, and improve interception efficiency, give the user good experience.
In a possible implementation manner, when the number of times of occurrence of the aggregation feature corresponding to the historical mouse track reaches a certain number, it may be determined that the aggregation feature is an illegal aggregation feature, and a detailed description is given below with reference to fig. 4 on how to determine the aggregation feature corresponding to the historical mouse track as the illegal aggregation feature according to the historical mouse track.
Step 401, obtaining each historical mouse track associated with each historical server request.
The historical mouse track can be a mouse track generated when the historical mouse track is associated with the historical server request.
And step 402, performing segmentation aggregation on each historical mouse track respectively to determine a second aggregation characteristic corresponding to each historical mouse track.
It can be understood that, when performing segment aggregation on the historical mouse tracks, corresponding segment aggregation parameters may be determined according to the type of the client, and then based on the segment aggregation parameters, the historical mouse tracks are subjected to segment aggregation to determine second aggregation characteristics corresponding to each historical mouse track.
At step 403, the number of occurrences of each second aggregation characteristic is determined.
The second polymerization feature may occur once or multiple times, which is not limited in this application.
And step 404, determining that the second aggregation characteristic is an illegal aggregation characteristic when the occurrence frequency of any second aggregation characteristic is larger than a second threshold value.
The second threshold is a preset value, for example, 1000, 2000, etc., which is not limited in this application.
For example, when the second threshold is 1000, if the number of times of occurrence of the second aggregation feature is greater than 1000, it indicates that the mouse track corresponding to the second aggregation feature also occurs more than 1000 times, and since the 1000 mouse tracks are approximately the same, it may be considered that the mouse track may be generated due to malicious attack, and the second aggregation feature may be determined to be an illegal aggregation feature.
In a possible implementation manner, under the condition that the first aggregation characteristics corresponding to the mouse track are not matched with the preset illegal aggregation characteristics, updating the occurrence times of the first aggregation characteristics; and adding the first aggregation feature into the illegal aggregation feature library under the condition that the occurrence number of the first aggregation feature is larger than a first threshold value.
The first threshold is a preset value, and may be a value of 100, 1000, 2000, etc., which is not limited in this application.
According to the embodiment of the application, the first aggregation characteristics with the occurrence frequency larger than the first threshold value in the online state can be added into the illegal aggregation characteristic library, so that the illegal aggregation characteristic library can be updated in real time.
According to the embodiment of the application, historical mouse tracks associated with historical server requests are obtained, then the historical mouse tracks are respectively subjected to segmentation aggregation to determine second aggregation characteristics corresponding to the historical mouse tracks, the occurrence frequency of each second aggregation characteristic is determined, and the second aggregation characteristics are determined to be illegal aggregation characteristics under the condition that the occurrence frequency of any second aggregation characteristic is larger than a second threshold value. Therefore, the corresponding second aggregation characteristics are determined by carrying out segmentation aggregation on each historical mouse track, then the second aggregation characteristics with the occurrence frequency larger than the second threshold value can be determined as illegal aggregation characteristics, and the first aggregation characteristics with the occurrence frequency larger than the first threshold value are added into an illegal aggregation library, namely, the illegal aggregation characteristic library can be generated off line and can be updated on line in real time, so that the illegal aggregation characteristic library is more comprehensive and complete, the aggregation characteristics can be more timely and accurately judged, and the use feeling of a user is further improved.
In order to implement the above embodiments, the present application further provides a mouse track-based security verification apparatus for security verification based on a mouse track.
Fig. 5 is a schematic structural diagram of a security verification apparatus based on a mouse track for security verification based on a mouse track according to an embodiment of the present application.
As shown in fig. 5, the mouse trajectory-based security verification apparatus 100 may include: a first obtaining module 110, a first determining module 120, and a processing module 130.
The first obtaining module 110 is configured to, in response to an obtained service request sent by a client, obtain a mouse track of the client within a preset time period.
The first determining module 120 is configured to perform segmentation aggregation on the mouse track of the client within a preset time period to determine a first aggregation characteristic corresponding to the mouse track.
The processing module 130 is configured to reject the service request when the first aggregation feature corresponding to the mouse track matches any preset illegal aggregation feature.
It should be noted that the foregoing explanation of the embodiment of the security verification method based on a mouse track is also applicable to the security verification apparatus based on a mouse track of the embodiment, and is not repeated here.
According to the mouse track-based security verification device, the mouse track of the client within the preset time period is obtained through responding to the obtained service request sent by the client, then the mouse track of the client within the preset time period is subjected to segmentation aggregation to determine the first aggregation characteristic corresponding to the mouse track, and the service request is rejected under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any one preset illegal aggregation characteristic. Therefore, when a service request sent by a client is acquired, the acquired mouse track of the client is subjected to segmentation aggregation, and when the corresponding first aggregation characteristic is matched with the illegal aggregation characteristic, the service request is rejected, so that machine attack can be effectively intercepted, safety is guaranteed, the interception speed is higher, the efficiency is higher, and good experience is provided for a user.
Further, in a possible implementation manner of the embodiment of the present application, referring to fig. 6, on the basis of the embodiment shown in fig. 5, the first determining module 120 may include:
a determining unit 121, configured to determine a current segmentation and aggregation parameter according to the type of the client;
and an aggregation unit 122, configured to perform segment aggregation on the mouse tracks of the client within a preset time period based on the current segment aggregation parameter.
Further, in a possible implementation manner of the embodiment of the present application, the aggregation unit 122 may include:
the first determining subunit is configured to segment the mouse track based on the segment sequence length to determine a track point coordinate set corresponding to each segment;
and the second determining subunit is used for aggregating the track point coordinate set corresponding to each segment based on the approximation degree so as to determine an aggregated coordinate corresponding to each segment.
And the generating subunit is configured to perform encryption operation on each aggregation coordinate corresponding to the mouse track to generate a first aggregation feature corresponding to the mouse track.
Further, in a possible implementation manner of the embodiment of the present application, the second determining subunit is specifically configured to: normalizing the coordinates of each track point in the mouse track to obtain each normalized coordinate; performing smooth filtering processing on each coordinate to obtain a filtered coordinate set corresponding to each segment; and aggregating the filtered coordinate sets corresponding to each segment based on the approximation degree.
Further, in a possible implementation manner of the embodiment of the present application, referring to fig. 6, on the basis of the embodiment shown in fig. 5, the security verification apparatus 100 based on a mouse track may further include:
the first updating module 140 is configured to update the occurrence frequency of the first aggregation feature when the aggregation feature corresponding to the mouse track is not matched with each preset illegal aggregation feature.
Further, in a possible implementation manner of the embodiment of the present application, referring to fig. 6, on the basis of the embodiment shown in fig. 5, the security verification apparatus 100 based on a mouse track may further include:
and a second updating module 150, configured to add any aggregated feature to the illegal aggregated feature library when the occurrence number of the aggregated feature is greater than the first threshold.
Further, in a possible implementation manner of the embodiment of the present application, referring to fig. 6, on the basis of the embodiment shown in fig. 5, the security verification apparatus 100 based on a mouse track may further include:
a second obtaining module 160, configured to obtain history mouse tracks associated with history server requests.
The second determining module 170 is configured to perform segmentation aggregation on the historical mouse tracks, so as to determine a second aggregation characteristic corresponding to each historical mouse track.
A third determining module 180, configured to determine the number of occurrences of each of the second aggregation characteristics.
A fourth determining module 190, configured to determine that any second aggregation feature is an illegal aggregation feature when the occurrence number of the second aggregation feature is greater than the second threshold.
It should be noted that the foregoing explanation of the embodiment of the security verification method based on a mouse track is also applicable to the security verification apparatus based on a mouse track of the embodiment, and is not repeated here.
The security verification device based on the mouse track of the embodiment of the application can determine the current segmentation aggregation parameters according to the type of the client when acquiring the service request sent by the client, segment the mouse track based on the segmentation sequence length to determine the track point coordinate set corresponding to each segment, then perform normalization processing and smooth filtering processing on the coordinates of each track point in the mouse track to acquire the filtered coordinate set corresponding to each segment, aggregate the filtered coordinate set corresponding to each segment based on the approximation degree to determine the aggregate coordinate corresponding to each segment, perform encryption operation on each aggregate coordinate corresponding to the mouse track to generate the first aggregate characteristic corresponding to the mouse track, reject the service request when the corresponding first aggregate characteristic is matched with the illegal aggregate characteristic, and effectively reduce the data volume of online system data storage and data transmission, the efficiency of data processing is improved to further guarantee safety, and improve interception efficiency, give the user good experience.
In order to implement the foregoing embodiments, the present application also provides a computer device, including: the device comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein when the processor executes the program, the security verification method based on the mouse track is realized.
In order to implement the foregoing embodiments, the present application further proposes a non-transitory computer-readable storage medium storing a computer program, which when executed by a processor implements the mouse trajectory based security verification method as proposed in the foregoing embodiments of the present application.
In order to implement the foregoing embodiments, the present application further provides a computer program product, which when executed by an instruction processor in the computer program product, executes the mouse trajectory-based security verification method as set forth in the foregoing embodiments of the present application.
FIG. 7 illustrates a block diagram of an exemplary computer device suitable for use to implement embodiments of the present application. The computer device 12 shown in fig. 7 is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present application.
As shown in FIG. 7, computer device 12 is in the form of a general purpose computing device. The components of computer device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.
Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. These architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus, to name a few.
Computer device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by computer device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
Memory 28 may include computer system readable media in the form of volatile Memory, such as Random Access Memory (RAM) 30 and/or cache Memory 32. Computer device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 7, and commonly referred to as a "hard drive"). Although not shown in FIG. 7, a disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a Compact disk Read Only Memory (CD-ROM), a Digital versatile disk Read Only Memory (DVD-ROM), or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the application.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally perform the functions and/or methodologies of the embodiments described herein.
Computer device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with computer device 12, and/or with any devices (e.g., network card, modem, etc.) that enable computer device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Moreover, computer device 12 may also communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public Network such as the Internet) via Network adapter 20. As shown, network adapter 20 communicates with the other modules of computer device 12 via bus 18. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with computer device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 16 executes various functional applications and data processing, for example, implementing the methods mentioned in the foregoing embodiments, by executing programs stored in the system memory 28.
According to the technical scheme of the embodiment of the application, the mouse track of the client within the preset time period is obtained by responding to the obtained service request sent by the client, then the mouse track of the client within the preset time period is subjected to segmentation aggregation to determine the first aggregation characteristic corresponding to the mouse track, and the service request is rejected under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic. Therefore, when a service request sent by a client is acquired, the acquired mouse track of the client is subjected to segmentation aggregation, and when the corresponding first aggregation characteristic is matched with the illegal aggregation characteristic, the service request is rejected, so that machine attack can be effectively intercepted, safety is guaranteed, the interception speed is higher, the efficiency is higher, and good experience is provided for a user.
In the description herein, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present application, "plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing steps of a custom logic function or process, and alternate implementations are included within the scope of the preferred embodiment of the present application in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present application.
The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. If implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc. Although embodiments of the present application have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present application, and that variations, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present application.

Claims (19)

1. A safety verification method based on mouse tracks is characterized by comprising the following steps:
responding to an acquired service request sent by a client, and acquiring a mouse track of the client within a preset time period;
carrying out segmentation aggregation on the mouse track of the client within a preset time period to determine a first aggregation characteristic corresponding to the mouse track;
and rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic.
2. The method of claim 1, wherein the step of performing segment aggregation on the mouse tracks of the client within a preset time period comprises:
determining a current segmentation aggregation parameter according to the type of the client;
and carrying out segmentation and aggregation on the mouse track of the client in a preset time period based on the current segmentation and aggregation parameters.
3. The method according to claim 2, wherein the mouse track includes coordinates of a plurality of track points, the segmentation and aggregation parameter includes a segmentation sequence length and an approximation degree, and the performing segmentation and aggregation on the mouse track of the client within a preset time period based on the current segmentation and aggregation parameter includes:
segmenting the mouse track based on the segmentation sequence length to determine a track point coordinate set corresponding to each segment;
and based on the approximation degree, aggregating the track point coordinate set corresponding to each segment to determine an aggregated coordinate corresponding to each segment.
4. The method of claim 3, wherein after said determining the aggregate coordinates for each segment, further comprising:
and carrying out encryption operation on each aggregation coordinate corresponding to the mouse track to generate a first aggregation characteristic corresponding to the mouse track.
5. The method of claim 3, wherein aggregating the set of trace point coordinates corresponding to each segment based on the approximation comprises:
normalizing the coordinates of each track point in the mouse track to obtain each normalized coordinate;
performing smooth filtering processing on each coordinate to obtain a filtered coordinate set corresponding to each segment;
and aggregating the filtered coordinate sets corresponding to each segment based on the approximation degree.
6. The method of any of claims 1-5, further comprising:
and under the condition that the first aggregation characteristics corresponding to the mouse track are not matched with the preset illegal aggregation characteristics, updating the occurrence times of the first aggregation characteristics.
7. The method of claim 6, further comprising:
and adding the first aggregation feature into an illegal aggregation feature library under the condition that the occurrence frequency of the first aggregation feature is greater than a first threshold value.
8. The method of any of claims 1-5, further comprising:
acquiring historical mouse tracks associated with the historical server requests;
performing segmentation aggregation on each historical mouse track to determine a second aggregation characteristic corresponding to each historical mouse track;
determining a number of occurrences of each of the second polymerization features;
and determining that the second aggregation characteristic is an illegal aggregation characteristic when the occurrence number of any second aggregation characteristic is larger than a second threshold value.
9. A safety verification device based on mouse track is characterized by comprising:
the first acquisition module is used for responding to the acquired service request sent by the client and acquiring the mouse track of the client within a preset time period;
the first determining module is used for carrying out segmentation aggregation on the mouse track of the client within a preset time period so as to determine a first aggregation characteristic corresponding to the mouse track;
and the processing module is used for rejecting the service request under the condition that the first aggregation characteristic corresponding to the mouse track is matched with any preset illegal aggregation characteristic.
10. The apparatus of claim 9, wherein the first determining module comprises:
a determining unit, configured to determine a current segmentation aggregation parameter according to the type of the client;
and the aggregation unit is used for carrying out segmentation aggregation on the mouse track of the client within a preset time period based on the current segmentation aggregation parameters.
11. The apparatus of claim 10, wherein the aggregation unit comprises:
the first determining subunit is configured to segment the mouse track based on the segment sequence length to determine a track point coordinate set corresponding to each segment;
and the second determining subunit is used for aggregating the track point coordinate set corresponding to each segment based on the approximation degree so as to determine an aggregated coordinate corresponding to each segment.
12. The apparatus of claim 11, wherein the aggregation unit further comprises:
and the generating subunit is configured to perform encryption operation on each aggregation coordinate corresponding to the mouse track to generate a first aggregation feature corresponding to the mouse track.
13. The apparatus of claim 11, wherein the second determining subunit is specifically configured to:
normalizing the coordinates of each track point in the mouse track to obtain each normalized coordinate;
performing smooth filtering processing on each coordinate to obtain a filtered coordinate set corresponding to each segment;
and aggregating the filtered coordinate sets corresponding to each segment based on the approximation degree.
14. The apparatus of any of claims 9-13, further comprising:
and the first updating module is used for updating the occurrence frequency of the first aggregation characteristic under the condition that the first aggregation characteristic corresponding to the mouse track is not matched with each preset illegal aggregation characteristic.
15. The apparatus of claim 14, further comprising:
and the second updating module is used for adding the first aggregation characteristic into an illegal aggregation characteristic library under the condition that the occurrence frequency of the first aggregation characteristic is greater than a first threshold value.
16. The apparatus of any of claims 9-13, further comprising:
the second acquisition module is used for acquiring various historical mouse tracks associated with various historical server requests;
the second determining module is used for respectively carrying out segmentation aggregation on the historical mouse tracks so as to determine a second aggregation characteristic corresponding to each historical mouse track;
a third determining module for determining the number of occurrences of each of the second aggregated features;
and the fourth determining module is used for determining that any second aggregation characteristic is an illegal aggregation characteristic under the condition that the occurrence frequency of the second aggregation characteristic is greater than a second threshold value.
17. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the mouse trajectory based security verification method of any one of claims 1 to 8 when executing the program.
18. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out a method for mouse trajectory based security verification according to any one of claims 1 to 8.
19. A computer program product, comprising a computer program which, when executed by a processor, implements the mouse trajectory based security check method of any one of claims 1 to 8.
CN202011584092.4A 2020-12-28 2020-12-28 Safety verification method and device based on mouse track and computer equipment Active CN113806824B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011584092.4A CN113806824B (en) 2020-12-28 2020-12-28 Safety verification method and device based on mouse track and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011584092.4A CN113806824B (en) 2020-12-28 2020-12-28 Safety verification method and device based on mouse track and computer equipment

Publications (2)

Publication Number Publication Date
CN113806824A true CN113806824A (en) 2021-12-17
CN113806824B CN113806824B (en) 2024-05-17

Family

ID=78943579

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011584092.4A Active CN113806824B (en) 2020-12-28 2020-12-28 Safety verification method and device based on mouse track and computer equipment

Country Status (1)

Country Link
CN (1) CN113806824B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110161005A1 (en) * 2009-12-31 2011-06-30 The Aerospace Corporation Systems and methods for end-to-end location and media content tracking
CN104065633A (en) * 2013-04-18 2014-09-24 深圳市腾讯计算机系统有限公司 Method, device and system for verifying by virtue of verification diagram
US8910305B1 (en) * 2013-03-14 2014-12-09 Ca, Inc. Method and apparatus for analyzing mouse cursor path
US20160142380A1 (en) * 2014-11-19 2016-05-19 rocket-fueled, Inc. Systems and methods for maintaining user privacy and security over a computer network and/or within a related database
CN107679374A (en) * 2017-08-23 2018-02-09 北京三快在线科技有限公司 A kind of man-machine recognition methods and device based on sliding trace, electronic equipment
CN107911338A (en) * 2017-10-13 2018-04-13 深圳市迅雷网络技术有限公司 A kind of data verification method, relevant device and system
CN109413047A (en) * 2018-09-29 2019-03-01 武汉极意网络科技有限公司 Determination method, system, server and the storage medium of Behavior modeling
CN110795706A (en) * 2019-10-22 2020-02-14 武汉极意网络科技有限公司 Hash-based verification method, equipment, storage medium and device
WO2020190165A1 (en) * 2019-03-19 2020-09-24 Общество С Ограниченной Ответственностью "Группа Айби" Method and system for identifying a user from cursor movement trajectory
CN111784728A (en) * 2020-06-29 2020-10-16 杭州海康威视数字技术股份有限公司 Track processing method, device, equipment and storage medium

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110161005A1 (en) * 2009-12-31 2011-06-30 The Aerospace Corporation Systems and methods for end-to-end location and media content tracking
US8910305B1 (en) * 2013-03-14 2014-12-09 Ca, Inc. Method and apparatus for analyzing mouse cursor path
CN104065633A (en) * 2013-04-18 2014-09-24 深圳市腾讯计算机系统有限公司 Method, device and system for verifying by virtue of verification diagram
US20160142380A1 (en) * 2014-11-19 2016-05-19 rocket-fueled, Inc. Systems and methods for maintaining user privacy and security over a computer network and/or within a related database
CN107679374A (en) * 2017-08-23 2018-02-09 北京三快在线科技有限公司 A kind of man-machine recognition methods and device based on sliding trace, electronic equipment
CN107911338A (en) * 2017-10-13 2018-04-13 深圳市迅雷网络技术有限公司 A kind of data verification method, relevant device and system
CN109413047A (en) * 2018-09-29 2019-03-01 武汉极意网络科技有限公司 Determination method, system, server and the storage medium of Behavior modeling
WO2020190165A1 (en) * 2019-03-19 2020-09-24 Общество С Ограниченной Ответственностью "Группа Айби" Method and system for identifying a user from cursor movement trajectory
CN110795706A (en) * 2019-10-22 2020-02-14 武汉极意网络科技有限公司 Hash-based verification method, equipment, storage medium and device
CN111784728A (en) * 2020-06-29 2020-10-16 杭州海康威视数字技术股份有限公司 Track processing method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN113806824B (en) 2024-05-17

Similar Documents

Publication Publication Date Title
JP6068506B2 (en) System and method for dynamic scoring of online fraud detection
US9485204B2 (en) Reducing photo-tagging spam
CN108229963B (en) Risk identification method and device for user operation behaviors
CN110442712B (en) Risk determination method, risk determination device, server and text examination system
CN110383278A (en) The system and method for calculating event for detecting malice
Chen et al. An anti-phishing system employing diffused information
US10580272B1 (en) Techniques to provide and process video data of automatic teller machine video streams to perform suspicious activity detection
US20220189008A1 (en) Method for detecting data defects and computing device utilizing method
CN111914408B (en) Threat modeling-oriented information processing method and system and electronic equipment
CN110855648A (en) Early warning control method and device for network attack
CN113010896A (en) Method, apparatus, device, medium and program product for determining an abnormal object
WO2024098699A1 (en) Entity object thread detection method and apparatus, device, and storage medium
CN112508200A (en) Method, apparatus, device, medium, and program for processing machine learning model file
CN111316272A (en) Advanced cyber-security threat mitigation using behavioral and deep analytics
CN116910816B (en) Multiparty asset collaborative management method and device for improving privacy protection
CN117061254B (en) Abnormal flow detection method, device and computer equipment
CN116432210B (en) File management method and system based on security protection
CN111488574B (en) Malicious software classification method, system, computer equipment and storage medium
CN112184059A (en) Scoring analysis method and device, electronic equipment and storage medium
WO2021212753A1 (en) Computer performance data determining method and apparatus, computer device, and storage medium
CN113806824B (en) Safety verification method and device based on mouse track and computer equipment
CN110070383B (en) Abnormal user identification method and device based on big data analysis
TWI792923B (en) Computer-implemented method, computer system and computer program product for enhancing user verification in mobile devices using model based on user interaction history
CN116245630A (en) Anti-fraud detection method and device, electronic equipment and medium
CN113452648A (en) Method, device, equipment and computer readable medium for detecting network attack

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant