CN117061232B - Early warning method for message security in network communication - Google Patents
Early warning method for message security in network communication Download PDFInfo
- Publication number
- CN117061232B CN117061232B CN202311206272.2A CN202311206272A CN117061232B CN 117061232 B CN117061232 B CN 117061232B CN 202311206272 A CN202311206272 A CN 202311206272A CN 117061232 B CN117061232 B CN 117061232B
- Authority
- CN
- China
- Prior art keywords
- user
- message
- query
- security
- queried
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004891 communication Methods 0.000 title claims abstract description 18
- 238000012795 verification Methods 0.000 claims abstract description 25
- 238000011156 evaluation Methods 0.000 claims description 49
- 230000005540 biological transmission Effects 0.000 claims description 31
- 230000002159 abnormal effect Effects 0.000 claims description 9
- 101100518501 Mus musculus Spp1 gene Proteins 0.000 claims description 3
- 230000001815 facial effect Effects 0.000 description 9
- 241000700605 Viruses Species 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a message security early warning method in network communication, which relates to the technical field of network communication, and comprises the steps of login security verification, message information acquisition, message security analysis, message query acquisition, query security analysis and early warning prompt.
Description
Technical Field
The invention relates to the technical field of network communication, in particular to a message security early warning method in network communication.
Background
With the continuous development of communication and computers, network communication is becoming an indispensable tool in daily life and work of people, and network viruses and phishing are also layered endlessly, so that when people use networks for message transmission, the safety of message transmission and storage is also ensured.
In the prior art, when a user receives a message on the software of network communication, the user can select whether to receive the message of the user at the transmitting end, but the safety of the user at the transmitting end and the condition of message transmission between the user and the user at the transmitting end are not monitored and analyzed, so that the safety of the account of the user at the transmitting end cannot be guaranteed, and meanwhile, the phenomenon that the account of the user at the transmitting end is stolen cannot be avoided.
Disclosure of Invention
Aiming at the technical defects, the invention aims to provide a message security early warning method in network communication.
In order to solve the technical problems, the invention adopts the following technical scheme: the invention provides a message security early warning method in network communication, which comprises the following steps: step one, login security verification: acquiring an account number, a password and an IP address corresponding to a user, verifying login security corresponding to the user, and if the user login fails, executing a step six, otherwise prompting the user that the login is successful;
step two, obtaining information: when a user receives a message, acquiring a message to be received corresponding to the user and basic information corresponding to a sender user;
step three, message security analysis: according to the basic information corresponding to the message to be received and the basic information corresponding to the sender user, analyzing the receiving safety evaluation coefficient of the message to be received corresponding to the user, judging whether the receiving of the message to be received corresponding to the user is safe or not, and executing the step six if the sending of the message to be sent corresponding to the user or the receiving of the message to be received is not safe;
step four, inquiring and acquiring the message: when a user checks a message, acquiring a date corresponding to the message to be queried and a chat party user, taking the chat party user as a target user, and acquiring query information corresponding to the user in a specified period;
fifthly, inquiring safety analysis: analyzing information inquiry safety influence factors corresponding to the user according to the inquiry information corresponding to the user in a designated period, analyzing inquiry state evaluation coefficients of the information to be inquired of the user according to the information to be inquired corresponding to the user, the date corresponding to the information to be inquired and the target user, judging whether the inquiry state of the information to be inquired of the user is normal or not, and executing a step six if the inquiry state of the information to be inquired of the user is in an abnormal state;
step six, early warning prompting: and when the user fails to log in, the sending and receiving of the message to be sent are unsafe, the receiving of the message to be received is unsafe or the inquiring state of the message to be inquired is in an abnormal state, early warning prompt is carried out.
Preferably, the verification of the login security corresponding to the user is performed, and the specific verification process is as follows:
based on the account number corresponding to the user, acquiring a preset password corresponding to the user, comparing the password corresponding to the user with the preset password, judging that the user login fails if the password corresponding to the user is not wanted to be different from the preset password, and acquiring the IP address corresponding to each historical login corresponding to the user if the password corresponding to the user is identical to the preset password;
comparing the IP address corresponding to the user with the IP address corresponding to each historical login, judging the safety of the user login if the IP address corresponding to the user is the same as the IP address corresponding to a certain historical login, calculating the change frequency of the IP address corresponding to the user if the IP address corresponding to the user is different from the IP address corresponding to each historical login, comparing the change frequency with the preset IP address change frequency, prompting the user to carry out biological verification if the change frequency of the IP address corresponding to the user is smaller than the preset IP address change frequency, and judging the login failure of the user if the change frequency of the IP address corresponding to the user is larger than the preset IP address change frequency;
and the user performs biological verification according to the biological verification prompt, if the biological verification of the user is successful, the login of the user is judged to be successful, and if the biological verification of the user is failed, the login of the user is judged to be failed.
Preferably, the basic information corresponding to the message to be received includes the content of the message to be received and the network traffic of the message to be sent;
the basic information corresponding to the sender user comprises the registration time of the sender user, the message sending quantity of the sender user, the sending times of the sender user and the user message and the time corresponding to each message sending.
Preferably, the analysis user corresponds to a receiving security evaluation coefficient of the message to be received, and the specific analysis process is as follows:
analyzing and obtaining content security assessment coefficients corresponding to the message to be received according to the basic information corresponding to the message to be received, and recording as
Analyzing and obtaining account safety evaluation coefficients corresponding to the sender user according to the basic information corresponding to the sender, and recording the account safety evaluation coefficients as
By calculation formulaObtaining a receiving security evaluation coefficient of the user corresponding to the message to be received>Wherein ε is 1 、ε 2 And respectively setting a weight factor corresponding to the content security evaluation coefficient of the message to be received and the security evaluation coefficient of the sender user account.
Preferably, the analysis obtains an account security evaluation coefficient corresponding to the sender user, and the specific analysis process is as follows:
obtaining the frequency of sending the messages of the sender user and the user according to the sending times of the messages of the sender user and the corresponding time of each message sending, and marking the frequency as f;
by calculation formulaObtaining account security evaluation coefficient corresponding to sender user>Wherein t and x respectively represent the registration duration of the sender user and the message transmission quantity of the sender user, and t ', x ' and f ' are respectively set reference registration duration, reference message transmission quantity and frequency of reference message transmission, and gamma 1 、γ 2 、γ 3 Respectively set weight factors corresponding to the registration duration, the message sending quantity and the message sending frequency.
Preferably, the query information corresponding to the user in the specified period comprises the query times, the duration of each query and the operation corresponding to each query.
Preferably, the analyzing the message query security impact factor corresponding to the user includes the following specific analysis process:
to make the user in a specified periodComparing the operation corresponding to each inquiry with the safety value corresponding to each operation stored in the database, if the operation corresponding to a certain inquiry by the user in a specified period is the same as the operation stored in the database, taking the safety value corresponding to the operation as the safety value corresponding to the inquiry operation by the user in the specified period, obtaining the safety value corresponding to each inquiry operation by the user in the specified period in this way, and marking the safety value as A i Where i represents the number corresponding to each query by the user, i=1, 2. N;
according to the calculation formulaObtaining a message query security influence factor kappa corresponding to a user, wherein T i The method and the device are characterized in that the time length of the ith query corresponding to the user in the specified period is represented, C represents the corresponding query times of the user in the specified period, C ', T ', A ' are respectively set reference query times, reference query time length and standard query operation safety values, and eta 1, eta 2 and eta 3 are respectively set query times, query time length and weight factors corresponding to the query operation safety values.
Preferably, the analyzing user evaluates the coefficient of the query state of the message to be queried, and the specific analysis process is as follows:
obtaining a message record corresponding to a user and a target user, thereby obtaining the time of last message corresponding to the user and the target user and the message sending frequency corresponding to the user and the target user, further obtaining the last message sending duration corresponding to the user and the target user, and simultaneously obtaining the sent duration corresponding to the message to be queried based on the date corresponding to the message to be queried;
obtaining the type corresponding to the message to be queried according to the message to be queried, and obtaining the permission query time length corresponding to the message to be queried according to the permission query time length corresponding to each type stored in the database, thereby according to a calculation formulaObtaining a query state evaluation coefficient of a user for a message to be queried>Wherein f1, T1, T respectively represent the frequency of message transmission corresponding to the user and the target user, the last time message transmission duration corresponding to the user and the target user, and the transmitted duration corresponding to the message to be queried, T ' represents the permissible query duration corresponding to the message to be queried, e represents a natural constant, and f1' and T1' are respectively the set frequency of message transmission corresponding to the reference user and the target user, and the last time message transmission duration corresponding to the reference user and the target user, respectively>The method comprises the steps of respectively setting message sending frequency and weight factor corresponding to last message sending duration corresponding to a user and a target user, wherein sigma is the weight factor corresponding to a set query state evaluation coefficient.
Preferably, the determining whether the query state of the message to be queried by the user is normal or not includes the following specific determining process: comparing the query state evaluation coefficient of the message to be queried by the user with a set query state evaluation coefficient threshold, and judging that the query state of the message to be queried by the user is in a normal state and judging that the query state of the message to be queried by the user is in an abnormal state if the query state evaluation coefficient of the message to be queried by the user is greater than or equal to the set query state evaluation coefficient threshold.
The invention has the beneficial effects that: the early warning method for message security in network communication provided by the invention monitors the login security of the user, judges the security of the file to be received according to the content of the file to be received, the transmission network flow and the basic information of the sender, judges whether the query state of the message to be queried is safe or not according to the query information of the user in a designated period and the message transmission condition between the user and a target user when the user queries the message, solves the defects in the prior art, realizes the intelligent monitoring of network communication, ensures the security of a user account and the security of message storage, greatly improves the flexibility and pertinence of message query time period setting, and enhances the experience sense when the user queries the message.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of the steps of the method of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, a method for early warning message security in network communication includes: step one, login security verification: acquiring an account number, a password and an IP address corresponding to a user, verifying login security corresponding to the user, and if the user login fails, executing a step six, otherwise prompting the user that the login is successful;
when a user logs in, an account number and a password corresponding to the user are input, and an IP address corresponding to the user is obtained from a server.
In a specific embodiment, the verification of the login security corresponding to the user is performed, and a specific verification process is as follows: based on the account number corresponding to the user, acquiring a preset password corresponding to the user, comparing the password corresponding to the user with the preset password, judging that the user login fails if the password corresponding to the user is not wanted to be different from the preset password, and acquiring the IP address corresponding to each historical login corresponding to the user if the password corresponding to the user is identical to the preset password;
it should be noted that, the database stores preset passwords, preset fingerprints and preset facial images corresponding to the accounts, so as to obtain preset passwords corresponding to the users according to the accounts corresponding to the users.
Comparing the IP address corresponding to the user with the IP address corresponding to each historical login, judging the safety of the user login if the IP address corresponding to the user is the same as the IP address corresponding to a certain historical login, calculating the change frequency of the IP address corresponding to the user if the IP address corresponding to the user is different from the IP address corresponding to each historical login, comparing the change frequency with the preset IP address change frequency, prompting the user to carry out biological verification if the change frequency of the IP address corresponding to the user is smaller than the preset IP address change frequency, and judging the login failure of the user if the change frequency of the IP address corresponding to the user is larger than the preset IP address change frequency;
and the user performs biological verification according to the biological verification prompt, if the biological verification of the user is successful, the login of the user is judged to be successful, and if the biological verification of the user is failed, the login of the user is judged to be failed.
It should be noted that, the biometric authentication includes fingerprint authentication and facial recognition authentication, the user selects fingerprint authentication or facial recognition authentication according to the biometric authentication prompt, and inputs his own fingerprint or facial image, and extracts a preset fingerprint or a preset facial image corresponding to the user from the database, if the fingerprint of the user is the same as the preset fingerprint or the facial image of the user is the same as the preset facial image, the biometric authentication of the user is successful, and if the fingerprint of the user is different from the preset fingerprint or the facial image of the user is different from the preset facial image, the biometric authentication of the user is failed.
Step two, obtaining information: when a user receives a message, acquiring a message to be received corresponding to the user and basic information corresponding to a sender user;
the basic information corresponding to the message to be received comprises the content of the message to be received and the network flow of the message to be sent;
the basic information corresponding to the sender user comprises the registration time of the sender user, the message sending quantity of the sender user, the sending times of the sender user and the user message and the time corresponding to each message sending.
It should be noted that, the content of the message to be received, the network traffic of the message to be sent, and the basic information corresponding to the sender user are obtained from the server.
Step three, message security analysis: according to the basic information corresponding to the message to be received and the basic information corresponding to the sender user, analyzing the receiving safety evaluation coefficient of the message to be received corresponding to the user, judging whether the receiving of the message to be received corresponding to the user is safe or not, and executing the step six if the sending of the message to be sent corresponding to the user or the receiving of the message to be received is not safe;
in a specific embodiment, the analysis user corresponds to the receiving security evaluation coefficient of the message to be received, and the specific analysis process is as follows: analyzing and obtaining content security assessment coefficients corresponding to the message to be received according to the basic information corresponding to the message to be received, and recording as
In the above, the content security evaluation coefficient corresponding to the message to be received is obtained by analysis, and the specific analysis process is as follows: running antivirus software on the user's equipment, and further scanning the content of the message to be received to obtain the virus amount corresponding to the message to be received, and marking as Y, thereby passing through a calculation formulaObtaining content security evaluation coefficient corresponding to the message to be received>Wherein Y 'and LY' are respectively set reference virus amount and reference network flow, LY represents network flow of message to be sent, and theta 1 and theta 2 are respectively set weight factors corresponding to the virus amount and the network flow.
Analyzing and obtaining account safety evaluation coefficients corresponding to the sender user according to the basic information corresponding to the sender, and recording the account safety evaluation coefficients as
By calculation formulaObtaining a receiving security evaluation coefficient of the user corresponding to the message to be received>Wherein ε is 1 、ε 2 And respectively setting a weight factor corresponding to the content security evaluation coefficient of the message to be received and the security evaluation coefficient of the sender user account.
In another specific embodiment, the analysis obtains the account security assessment coefficient corresponding to the sender user, and the specific analysis process is as follows:
obtaining the frequency of sending the messages of the sender user and the user according to the sending times of the messages of the sender user and the corresponding time of each message sending, and marking the frequency as f;
it should be noted that, according to the time corresponding to each message transmission of the sender user and the user, the interval duration between each message transmission and the last message transmission is obtained, and is recorded as the interval duration of each message transmission, the interval durations of each message transmission are accumulated, and divided by the number of times of user message transmission, so as to obtain the frequency of sending the sender user and the user message transmission.
By calculation formulaObtaining account security evaluation coefficient corresponding to sender user>Wherein t and x respectively represent the registration duration of the sender user and the message transmission quantity of the sender user, and t ', x ' and f ' are respectively set reference registration duration, reference message transmission quantity and frequency of reference message transmission, and gamma 1 、γ 2 、γ 3 Respectively corresponding to the set registration time length, the message sending number and the message sending frequencyWeight factor.
Step four, inquiring and acquiring the message: when a user checks a message, acquiring a date corresponding to the message to be queried and a chat party user, taking the chat party user as a target user, and acquiring query information corresponding to the user in a specified period;
it should be noted that, acquiring a date corresponding to the message to be queried, a chat party user and query information corresponding to the user in a specified period from the server;
it should also be noted that, the chat party user is the sender user sending the message to be queried to the user corresponding to the message to be queried or the receiver user sending the message to be queried to the user.
In a specific embodiment, the query information corresponding to the user in the specified period includes the number of queries, the duration of each query, and the operation corresponding to each query.
Fifthly, inquiring safety analysis: analyzing information inquiry safety influence factors corresponding to the user according to the inquiry information corresponding to the user in a designated period, analyzing inquiry state evaluation coefficients of the information to be inquired of the user according to the information to be inquired corresponding to the user, the date corresponding to the information to be inquired and the target user, judging whether the inquiry state of the information to be inquired of the user is normal or not, and executing a step six if the inquiry state of the information to be inquired of the user is in an abnormal state;
in a specific embodiment, the analyzing the message query security impact factor corresponding to the user includes the following steps: comparing the operation of the user corresponding to each inquiry in the appointed period with the security value corresponding to each operation stored in the database, if the operation of the user corresponding to a certain inquiry in the appointed period is the same as a certain operation stored in the database, taking the security value corresponding to the operation as the security value of the user corresponding to the inquiry operation in the appointed period, thus obtaining the security value of the user corresponding to each inquiry operation in the appointed period, and recording as A i Where i represents the number corresponding to each query by the user, i=1, 2. N;
according to the calculation formulaObtaining a message query security influence factor kappa corresponding to a user, wherein T i The method and the device are characterized in that the time length of the ith query corresponding to the user in the specified period is represented, C represents the corresponding query times of the user in the specified period, C ', T ', A ' are respectively set reference query times, reference query time length and standard query operation safety values, and eta 1, eta 2 and eta 3 are respectively set query times, query time length and weight factors corresponding to the query operation safety values.
In another specific embodiment, the analysis user evaluates the coefficient of the query state of the message to be queried, and the specific analysis process is as follows:
obtaining a message record corresponding to a user and a target user, thereby obtaining the time of last message corresponding to the user and the target user and the message sending frequency corresponding to the user and the target user, further obtaining the last message sending duration corresponding to the user and the target user, and simultaneously obtaining the sent duration corresponding to the message to be queried based on the date corresponding to the message to be queried;
the message sending frequency corresponding to the user and the target user is obtained through analysis according to the analysis process of the message sending frequency of the user and the user at the sender.
Obtaining the type corresponding to the message to be queried according to the message to be queried, and obtaining the permission query time length corresponding to the message to be queried according to the permission query time length corresponding to each type stored in the database, thereby according to a calculation formulaObtaining a query state evaluation coefficient of a user for a message to be queried>Wherein f1, T1, T respectively represent the message sending frequency corresponding to the target user by the user, the last message sending duration corresponding to the target user by the user, the sent duration corresponding to the message to be queried, T' represents the permissible query duration corresponding to the message to be queried, e represents a natural constant,f1 'and t1' are respectively the set message sending frequency, last message sending duration and/or the set message sending time of the reference user and the target user>The method comprises the steps of respectively setting message sending frequency and weight factor corresponding to last message sending duration corresponding to a user and a target user, wherein sigma is the weight factor corresponding to a set query state evaluation coefficient.
In still another specific embodiment, the determining whether the query status of the message to be queried by the user is normal or not includes the following specific determining process: comparing the query state evaluation coefficient of the message to be queried by the user with a set query state evaluation coefficient threshold, and judging that the query state of the message to be queried by the user is in a normal state and judging that the query state of the message to be queried by the user is in an abnormal state if the query state evaluation coefficient of the message to be queried by the user is greater than or equal to the set query state evaluation coefficient threshold.
Step six, early warning prompting: and when the user fails to log in, the sending and receiving of the message to be sent are unsafe, the receiving of the message to be received is unsafe or the inquiring state of the message to be inquired is in an abnormal state, early warning prompt is carried out.
According to the embodiment of the invention, the login security of the user is used for monitoring, the content of the file to be received, the transmission network flow and the basic information of the sender are used for judging the security of the file to be received, and meanwhile, when the user inquires the information, according to the inquiry information of the user in a designated period and the information transmission condition between the user and a target user, whether the inquiry state of the user to be inquired information is safe or not is judged, so that the defects in the prior art are overcome, the intelligent monitoring of network communication is realized, the safety of a user account and the safety of information storage are ensured, the flexibility and pertinence of the information inquiry time limit setting are greatly improved, and the experience sense of the user during information inquiry is enhanced.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (3)
1. The early warning method for message security in network communication is characterized by comprising the following steps:
step one, login security verification: acquiring an account number, a password and an IP address corresponding to a user, verifying login security corresponding to the user, and if the user login fails, executing a step six, otherwise prompting the user that the login is successful;
step two, obtaining information: when a user receives a message, acquiring a message to be received corresponding to the user and basic information corresponding to a sender user;
the basic information corresponding to the message to be received comprises the content of the message to be received and the network flow of the message to be sent; the basic information corresponding to the sender user comprises the registration time of the sender user, the message sending quantity of the sender user, the sending times of the sender user and the user message and the time corresponding to each message sending;
step three, message security analysis: according to the basic information corresponding to the message to be received and the basic information corresponding to the sender user, analyzing the receiving safety evaluation coefficient of the message to be received corresponding to the user, judging whether the receiving of the message to be received corresponding to the user is safe or not, and executing the step six if the sending of the message to be sent corresponding to the user or the receiving of the message to be received is not safe;
the receiving safety evaluation coefficient of the analysis user corresponding to the message to be received comprises the following specific analysis processes: analyzing and obtaining content security assessment coefficients corresponding to the message to be received according to the basic information corresponding to the message to be received, and recording as
Analyzing and obtaining account safety evaluation coefficients corresponding to the sender user according to the basic information corresponding to the sender, and recording the account safety evaluation coefficients as
By calculation formulaObtaining a receiving security evaluation coefficient of the user corresponding to the message to be received>Wherein ε is 1 、ε 2 Respectively setting a weight factor corresponding to the content security evaluation coefficient of the message to be received and the security evaluation coefficient of the sender user account;
the analysis obtains the account safety evaluation coefficient corresponding to the sender user, and the specific analysis process is as follows: obtaining the frequency of sending the messages of the sender user and the user according to the sending times of the messages of the sender user and the corresponding time of each message sending, and marking the frequency as f;
by calculation formulaObtaining account security evaluation coefficient corresponding to sender user>Wherein t and x respectively represent the registration duration of the sender user and the message transmission quantity of the sender user, and t ', x ' and f ' are respectively set reference registration duration, reference message transmission quantity and frequency of reference message transmission, and gamma 1 、γ 2 、γ 3 Respectively setting weight factors corresponding to the registration duration, the message sending quantity and the message sending frequency;
step four, inquiring and acquiring the message: when a user checks a message, acquiring a date corresponding to the message to be queried and a chat party user, taking the chat party user as a target user, and acquiring query information corresponding to the user in a specified period;
the corresponding inquiry information of the user in the appointed period comprises inquiry times, duration of each inquiry and operation corresponding to each inquiry;
fifthly, inquiring safety analysis: analyzing information inquiry safety influence factors corresponding to the user according to the inquiry information corresponding to the user in a designated period, analyzing inquiry state evaluation coefficients of the information to be inquired of the user according to the information to be inquired corresponding to the user, the date corresponding to the information to be inquired and the target user, judging whether the inquiry state of the information to be inquired of the user is normal or not, and executing a step six if the inquiry state of the information to be inquired of the user is in an abnormal state;
the message corresponding to the analysis user is inquired about the security influence factor, and the specific analysis process is as follows: comparing the operation of the user corresponding to each inquiry in the appointed period with the security value corresponding to each operation stored in the database, if the operation of the user corresponding to a certain inquiry in the appointed period is the same as a certain operation stored in the database, taking the security value corresponding to the operation as the security value of the user corresponding to the inquiry operation in the appointed period, thus obtaining the security value of the user corresponding to each inquiry operation in the appointed period, and recording as A i Where i represents the number corresponding to each query by the user, i=1, 2. N;
according to the calculation formulaObtaining a message query security influence factor kappa corresponding to a user, wherein T i The method comprises the steps that the time length of the ith query corresponding to a user in a specified period is represented, C represents the corresponding query times of the user in the specified period, C ', T ', A ' are respectively set reference query times, reference query time length and standard query operation safety values, and eta 1, eta 2 and eta 3 are respectively set query times, query time length and weight factors corresponding to the query operation safety values;
the analysis user evaluates the coefficient of the query state of the message to be queried, and the specific analysis process is as follows: obtaining a message record corresponding to a user and a target user, thereby obtaining the time of last message corresponding to the user and the target user and the message sending frequency corresponding to the user and the target user, further obtaining the last message sending duration corresponding to the user and the target user, and simultaneously obtaining the sent duration corresponding to the message to be queried based on the date corresponding to the message to be queried;
obtaining the type corresponding to the message to be queried according to the message to be queried, and obtaining the permission query time length corresponding to the message to be queried according to the permission query time length corresponding to each type stored in the database, thereby according to a calculation formulaObtaining a query state evaluation coefficient of a user for a message to be queried>Wherein f1, T1, T respectively represent the frequency of message transmission corresponding to the user and the target user, the last time message transmission duration corresponding to the user and the target user, and the transmitted duration corresponding to the message to be queried, T ' represents the permissible query duration corresponding to the message to be queried, e represents a natural constant, and f1' and T1' are respectively the set frequency of message transmission corresponding to the reference user and the target user, and the last time message transmission duration corresponding to the reference user and the target user, respectively>Respectively setting a message sending frequency corresponding to a user and a target user and a weight factor corresponding to the last message sending duration, wherein sigma is a weight factor corresponding to a set query state evaluation coefficient;
step six, early warning prompting: and when the user fails to log in, the sending and receiving of the message to be sent are unsafe, the receiving of the message to be received is unsafe or the inquiring state of the message to be inquired is in an abnormal state, early warning prompt is carried out.
2. The method for pre-warning message security in network communication according to claim 1, wherein the verification of the login security corresponding to the user comprises the following specific verification process:
based on the account number corresponding to the user, acquiring a preset password corresponding to the user, comparing the password corresponding to the user with the preset password, judging that the user login fails if the password corresponding to the user is not wanted to be different from the preset password, and acquiring the IP address corresponding to each historical login corresponding to the user if the password corresponding to the user is identical to the preset password;
comparing the IP address corresponding to the user with the IP address corresponding to each historical login, judging the safety of the user login if the IP address corresponding to the user is the same as the IP address corresponding to a certain historical login, calculating the change frequency of the IP address corresponding to the user if the IP address corresponding to the user is different from the IP address corresponding to each historical login, comparing the change frequency with the preset IP address change frequency, prompting the user to carry out biological verification if the change frequency of the IP address corresponding to the user is smaller than the preset IP address change frequency, and judging the login failure of the user if the change frequency of the IP address corresponding to the user is larger than the preset IP address change frequency;
and the user performs biological verification according to the biological verification prompt, if the biological verification of the user is successful, the login of the user is judged to be successful, and if the biological verification of the user is failed, the login of the user is judged to be failed.
3. The method for pre-warning message security in network communication according to claim 1, wherein the determining whether the query status of the message to be queried is normal or not is performed by the user comprises the following specific determining process: comparing the query state evaluation coefficient of the message to be queried by the user with a set query state evaluation coefficient threshold, and judging that the query state of the message to be queried by the user is in a normal state and judging that the query state of the message to be queried by the user is in an abnormal state if the query state evaluation coefficient of the message to be queried by the user is greater than or equal to the set query state evaluation coefficient threshold.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311206272.2A CN117061232B (en) | 2023-09-18 | 2023-09-18 | Early warning method for message security in network communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311206272.2A CN117061232B (en) | 2023-09-18 | 2023-09-18 | Early warning method for message security in network communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117061232A CN117061232A (en) | 2023-11-14 |
| CN117061232B true CN117061232B (en) | 2024-03-15 |
Family
ID=88653748
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311206272.2A Active CN117061232B (en) | 2023-09-18 | 2023-09-18 | Early warning method for message security in network communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117061232B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257048A (en) * | 2020-12-21 | 2021-01-22 | 南京韦科韬信息技术有限公司 | Information security protection method and device |
| CN113254994A (en) * | 2021-05-27 | 2021-08-13 | 平安普惠企业管理有限公司 | Database access method and device, storage medium and computer equipment |
| CN116389094A (en) * | 2023-03-28 | 2023-07-04 | 江西百晟利科技集团有限公司 | Network information user safety detection management system based on Internet of things |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104518876B (en) * | 2013-09-29 | 2019-01-04 | 腾讯科技(深圳)有限公司 | Service login method and device |
-
2023
- 2023-09-18 CN CN202311206272.2A patent/CN117061232B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257048A (en) * | 2020-12-21 | 2021-01-22 | 南京韦科韬信息技术有限公司 | Information security protection method and device |
| CN113254994A (en) * | 2021-05-27 | 2021-08-13 | 平安普惠企业管理有限公司 | Database access method and device, storage medium and computer equipment |
| CN116389094A (en) * | 2023-03-28 | 2023-07-04 | 江西百晟利科技集团有限公司 | Network information user safety detection management system based on Internet of things |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117061232A (en) | 2023-11-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104518876B (en) | Service login method and device | |
| CN107276982B (en) | Abnormal login detection method and device | |
| WO2019228004A1 (en) | Identity verification method and apparatus | |
| CN112613020B (en) | Identity verification method and device | |
| CN103379099B (en) | Hostile attack identification method and system | |
| CN103095672A (en) | Multidimensional reputation scoring | |
| CN106470204A (en) | User identification method based on request behavior characteristicss, device, equipment and system | |
| CN109698809A (en) | A kind of recognition methods of account abnormal login and device | |
| CN106549902A (en) | A kind of recognition methods of suspicious user and equipment | |
| US10148649B2 (en) | Automated scalable identity-proofing and authentication process | |
| CN111953635B (en) | Interface request processing method and computer-readable storage medium | |
| KR101762615B1 (en) | Identification system and user terminal using usage pattern analysis | |
| CA2830360C (en) | Information monitoring apparatus and information monitoring method | |
| US20220070166A1 (en) | Enhanced authentication techniques using virtual persona | |
| WO2016048129A2 (en) | A system and method for authenticating a user based on user behaviour and environmental factors | |
| US9754209B1 (en) | Managing knowledge-based authentication systems | |
| CN117527430A (en) | Zero-trust network security dynamic evaluation system and method | |
| CN118075017A (en) | Network information security protection detection method and system | |
| CN110445790A (en) | A kind of account method for detecting abnormality logging in behavior based on user | |
| CN117061232B (en) | Early warning method for message security in network communication | |
| CN108282443A (en) | A kind of reptile Activity recognition method and apparatus | |
| CN114666164B (en) | Computer network user identity login verification system and method | |
| CN115118517B (en) | Application authentication method based on application access | |
| CN112235317B (en) | Third-party application login system and method based on big data | |
| CN114301711B (en) | Anti-riot brushing method, device, equipment, storage medium and computer program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |