WO2023022307A1 - Procédé, dispositif et programme d'identification d'utilisateur par empreinte de navigateur - Google Patents

Procédé, dispositif et programme d'identification d'utilisateur par empreinte de navigateur Download PDF

Info

Publication number
WO2023022307A1
WO2023022307A1 PCT/KR2021/019403 KR2021019403W WO2023022307A1 WO 2023022307 A1 WO2023022307 A1 WO 2023022307A1 KR 2021019403 W KR2021019403 W KR 2021019403W WO 2023022307 A1 WO2023022307 A1 WO 2023022307A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
identifier
candidate
user
browser
Prior art date
Application number
PCT/KR2021/019403
Other languages
English (en)
Korean (ko)
Inventor
홍승표
전진형
오채환
Original Assignee
(주)빅인사이트
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)빅인사이트 filed Critical (주)빅인사이트
Publication of WO2023022307A1 publication Critical patent/WO2023022307A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to a method, apparatus, and program for user identification through browser fingerprinting. More specifically, it relates to a user identification method and apparatus through browser fingerprinting that assigns identification values to users, collects browser information and terminal information of users, and specifies user identification values.
  • a cookie is a file that stores usage records left when a user visits a specific website, and is a file planted by Internet advertising companies to track users. Cookies are actively used in various areas, such as enhancing the user's browser use convenience, identifying users and providing customized advertisements. However, there is a movement to gradually restrict the use of cookies for reasons such as personal information protection. For example, Google announced that it plans to stop supporting third party cookies in its Chrome browser. In this way, if support for third-party cookies is discontinued, Internet advertising companies, in particular, will not be able to conduct retargeting advertisements using third-party cookies.
  • Internet advertising companies need to develop a new technology capable of identifying and retargeting users who browse various websites in order to conduct business. To this end, it is required to develop a user tracking technique using a browser fingerprint technique as an alternative to third party cookies.
  • the problem to be solved by the present invention is to provide a user identification method, apparatus and program through browser fingerprinting.
  • a user identification method through browser fingerprinting for solving the above problems includes obtaining first information including at least a part of users' browser information and terminal information, and in the first information assigning an identifier to each of the users based on the above, matching and storing the identifier and the first information for each of the users, and including at least some of browser information and terminal information newly obtained from a candidate user. Acquiring second information, obtaining a candidate identifier corresponding to the second information, extracting an identifier candidate group having first information corresponding to at least a part of the second information, and the identifier candidate group and the candidate and issuing an identifier of the candidate user based on a similarity between identifiers.
  • the assigning of the identifier may include generating an identifier of each of the users by processing first information of each of the users using a hash algorithm, and issuing the identifier of the candidate user may include: , searching for an identifier most similar to the candidate identifier among the identifier candidate group, and issuing the most similar identifier as an identifier of the candidate user.
  • the assigning of the identifier may include generating an identifier of each of the users by processing the first information of each of the users in a matrix form, and issuing the identifier of the candidate user may include: Calculating a matrix similarity between an identifier candidate group and the candidate identifier, and issuing an identifier having the highest similarity with the candidate identifier as the identifier of the candidate user.
  • first information and the second information include variable information and non-variable information
  • step of extracting the identifier candidate group includes the steps of selecting one or more non-variable information among the second information and the selected non-variable information. It may include extracting an identifier candidate group having first information identical to the information.
  • issuing the identifier of the candidate user may include, if the identifier of the candidate user cannot be determined from the identifier candidate group, issuing the candidate identifier as the identifier of the candidate user, and for the candidate user, the candidate Matching and storing the identifier and the second information may be included.
  • the assigning of the identifier may include determining an attribute of each parameter belonging to the first information, determining a weight of each parameter belonging to the first information based on the determined attribute, and the determined weight Based on, it may include generating an identifier from the first information.
  • issuing the identifier of the candidate user may include determining a property of each parameter belonging to the first information, determining a weight of each parameter belonging to the first information based on the determined property, and The method may include calculating a similarity between the identifier candidate group and the candidate identifier based on the determined weight.
  • the step of determining the attribute of each parameter includes determining whether each of the parameters is variable information or non-variable information and determining variability of each parameter determined as variable information, and determining the weight
  • the step may include determining a weight of each of the parameters based on whether or not variable information and the variability of each of the parameters are present.
  • the determining of the variability may include comparing parameters of the first information and the second information of the identification value issued to the candidate user, respectively, and calculating a change frequency of each parameter based on the comparison result. , determining variability of each parameter based on the calculated frequency of change.
  • An apparatus for user identification through browser fingerprinting for solving the above problems includes a memory for storing one or more instructions, and a processor for executing the one or more instructions stored in the memory, The processor may perform a user identification method through browser fingerprinting by executing the one or more instructions.
  • a user identification program through browser fingerprinting according to an embodiment of the present invention for solving the above problems is combined with a computer, which is hardware, to perform a user identification method through browser fingerprinting.
  • a computer-readable recording medium can be stored in
  • the present invention assigns identification values to users and collects information about users accessing a browser to specify the identification value of the user.
  • user-customized advertisements may be provided by collecting the user's website visit history.
  • FIG. 1 is a diagram illustrating a user identification system through browser fingerprinting according to an embodiment of the present invention.
  • FIG. 2 is a hardware configuration diagram of a user identification device according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating a user identification method through browser fingerprinting according to an embodiment of the present invention.
  • FIG. 4 is a diagram illustrating an operational flow of a user identification system through browser fingerprinting according to an exemplary embodiment.
  • unit or “module” used in the specification means a hardware component such as software, FPGA or ASIC, and "unit” or “module” performs certain roles. However, “unit” or “module” is not meant to be limited to software or hardware.
  • a “unit” or “module” may be configured to reside in an addressable storage medium and may be configured to reproduce one or more processors.
  • a “unit” or “module” may refer to components such as software components, object-oriented software components, class components, and task components, processes, functions, properties, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays and variables. Functions provided within components and “units” or “modules” may be combined into smaller numbers of components and “units” or “modules” or may be combined into additional components and “units” or “modules”. can be further separated.
  • a computer means any kind of hardware device including at least one processor, and may be understood as encompassing a software configuration operating in a corresponding hardware device according to an embodiment.
  • a computer may be understood as including a smartphone, a tablet PC, a desktop computer, a laptop computer, and user clients and applications running on each device, but is not limited thereto.
  • each step described in this specification is described as being performed by a computer, the subject of each step is not limited thereto, and at least a part of each step may be performed in different devices according to embodiments.
  • FIG. 1 is a diagram illustrating a user identification system through browser fingerprinting according to an embodiment of the present invention.
  • a user identification system through browser fingerprinting may include a user identification device 100 , a user terminal 200 and an external server 300 .
  • the user identification system through browser fingerprinting shown in FIG. 1 is according to an embodiment, and its components are not limited to the embodiment shown in FIG. 1, and can be added, changed, or deleted as necessary. there is.
  • the user identification device 100 may collect user browser information and terminal information executing the browser, assign an identification value to each user, match the identification value with the user's browser information and terminal information, and store the information.
  • the user identification device 100 may identify a user corresponding to browser access information and terminal information obtained thereafter.
  • the user identification device 100 compares the obtained browser information and terminal information with stored information, extracts users with high similarity, and identifies a user with the highest similarity among the extracted users as the corresponding user. .
  • the user identification device 100 compares the obtained browser information and terminal information with the stored information to calculate the similarity, and when the calculated similarity is less than a preset value, the corresponding user is a pre-stored user If it is determined that it is not, it can be saved as a new user. As described above, the user identification device 100 may assign an identification value to a new user, match the identification value with browser information and terminal information of the user, and store the information.
  • the user identification device 100 may identify a user and provide the user with a customized advertisement based on the user's browser information and terminal information.
  • the user identification device 100 may provide a customized advertisement to the user's terminal so that the customized advertisement is displayed on the user's terminal when the user uses a browser or accesses a specific website through the terminal.
  • the user terminal 200 may access a website through a network, and may receive a customized advertisement from the user identification device 100 or a third party obtaining user information from the user identification device 100 .
  • the user terminal 200 may include at least one of a smart phone, a tablet PC, a desktop, and a laptop having a display on at least a portion of the user terminal 200, and in the process of executing a browser, the user identification device 100 You can receive customized advertisements provided from However, it is not limited thereto.
  • the external server 300 may be connected to the user identification device 100 through a network, and the user identification device 100 may store and manage various types of information for performing a user identification method through browser fingerprinting.
  • the external server 300 may receive and store various types of information and data generated as the user identification device 100 performs a user identification method through browser fingerprinting.
  • the external server 300 may be a storage server provided separately outside the user identification device 100 . Referring to FIG. 2 , the hardware configuration of the user identification device 100 will be described.
  • FIG. 2 is a hardware configuration diagram of a user identification device according to an embodiment of the present invention.
  • a user identification device 100 (hereinafter referred to as a computing device) according to an embodiment of the present invention loads one or more processors 110 and a computer program 151 executed by the processor 110. ) may include a memory 120, a bus 130, a communication interface 140, and a storage 150 for storing the computer program 151.
  • a computing device loads one or more processors 110 and a computer program 151 executed by the processor 110.
  • FIG. 2 only components related to the embodiment of the present invention are shown. Therefore, those skilled in the art to which the present invention pertains can know that other general-purpose components may be further included in addition to the components shown in FIG. 2 .
  • the processor 110 controls the overall operation of each component of the computing device 100 .
  • the processor 110 includes a Central Processing Unit (CPU), a Micro Processor Unit (MPU), a Micro Controller Unit (MCU), a Graphic Processing Unit (GPU), or any type of processor well known in the art of the present invention. It can be.
  • CPU Central Processing Unit
  • MPU Micro Processor Unit
  • MCU Micro Controller Unit
  • GPU Graphic Processing Unit
  • the processor 110 may perform an operation for at least one application or program for executing a method according to embodiments of the present invention
  • the computing device 100 may include one or more processors.
  • the processor 110 may temporarily and/or permanently store signals (or data) processed in the processor 110 (RAM: Random Access Memory, not shown) and ROM (ROM: Read -Only Memory, not shown) may be further included.
  • the processor 110 may be implemented in the form of a system on chip (SoC) including at least one of a graphics processing unit, RAM, and ROM.
  • SoC system on chip
  • Memory 120 stores various data, commands and/or information. Memory 120 may load computer program 151 from storage 150 to execute methods/operations according to various embodiments of the present invention. When the computer program 151 is loaded into the memory 120, the processor 110 may perform the method/operation by executing one or more instructions constituting the computer program 151.
  • the memory 120 may be implemented as a volatile memory such as RAM, but the technical scope of the present disclosure is not limited thereto.
  • the bus 130 provides a communication function between components of the computing device 100 .
  • the bus 130 may be implemented in various types of buses such as an address bus, a data bus, and a control bus.
  • the communication interface 140 supports wired and wireless Internet communication of the computing device 100 . Also, the communication interface 140 may support various communication methods other than Internet communication. To this end, the communication interface 140 may include a communication module well known in the art. In some embodiments, communication interface 140 may be omitted.
  • the storage 150 may non-temporarily store the computer program 151 .
  • the storage 150 may store various types of information necessary to provide a user identification method through browser fingerprinting.
  • the storage 150 may be a non-volatile memory such as read only memory (ROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, or the like, a hard disk, a removable disk, or a device well known in the art. It may be configured to include any known type of computer-readable recording medium.
  • ROM read only memory
  • EPROM erasable programmable ROM
  • EEPROM electrically erasable programmable ROM
  • flash memory or the like, a hard disk, a removable disk, or a device well known in the art. It may be configured to include any known type of computer-readable recording medium.
  • Computer program 151 may include one or more instructions that when loaded into memory 120 cause processor 110 to perform methods/operations in accordance with various embodiments of the invention. That is, the processor 110 may perform the method/operation according to various embodiments of the present disclosure by executing the one or more instructions.
  • the computer program 151 steps in obtaining first information including at least some of browser information and terminal information of users, and assigning an identifier to each of the users based on the first information. and matching and storing the identifier and the first information for each of the users, obtaining second information including at least a portion of browser information and terminal information newly obtained from a candidate user; Obtaining a candidate identifier corresponding to the second information; extracting an identifier candidate group having first information corresponding to at least a part of the second information; It may include one or more instructions for performing a user identification method through browser fingerprinting, including issuing an identifier of a candidate user.
  • Steps of a method or algorithm described in connection with an embodiment of the present invention may be implemented directly in hardware, implemented in a software module executed by hardware, or implemented by a combination thereof.
  • a software module may include random access memory (RAM), read only memory (ROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, hard disk, removable disk, CD-ROM, or It may reside in any form of computer readable recording medium well known in the art to which the present invention pertains.
  • the computing device 100 may be a server providing a cloud computing service. More specifically, the computing device 100 may be a kind of Internet-based computing, and may be a server that provides a cloud computing service that processes information with another computer connected to the Internet, rather than a user's computer.
  • the cloud computing service may be a service that stores data on the Internet and allows users to use the data stored on the Internet anytime and anywhere through Internet access without installing necessary data or programs on their computers. Easy to share and forward with just a click.
  • the cloud computing service not only simply stores data in a server on the Internet, but also allows users to perform desired tasks by using the functions of application programs provided on the web without installing a separate program. It may be a service that allows you to work while sharing.
  • the cloud computing service may be implemented in the form of at least one of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), virtual machine-based cloud server, and container-based cloud server.
  • IaaS Infrastructure as a Service
  • PaaS Platform as a Service
  • SaaS Software as a Service
  • virtual machine-based cloud server virtual machine-based cloud server
  • container-based cloud server container-based cloud server.
  • the computing device 100 may be implemented in the form of at least one of the aforementioned cloud computing services.
  • the specific description of the cloud computing service described above is just an example, and the present invention may include any platform for constructing a cloud computing environment.
  • Components of the present invention may be implemented as a program (or application) to be executed in combination with a computer, which is hardware, and stored in a medium.
  • Components of the present invention may be implemented as software programming or software elements, and similarly, embodiments may include various algorithms implemented as data structures, processes, routines, or combinations of other programming constructs, such as C, C++ , Java (Java), can be implemented in a programming or scripting language such as assembler (assembler). Functional aspects may be implemented in an algorithm running on one or more processors.
  • assembler assembler
  • FIG. 3 is a diagram illustrating a user identification method through browser fingerprinting according to an embodiment of the present invention.
  • the computing device 100 may obtain first information including at least a portion of users' browser information and terminal information (S110).
  • the terminal may include at least one of a smart phone, a tablet PC, a desktop, and a laptop, but is not limited thereto.
  • the computing device 100 may collect terminal information used by users and information about a browser executed in the corresponding terminal.
  • the acquired browser information and terminal information of users may be defined as first information.
  • the first information may include, but is not limited to, browser type and version, device operating system, active plug-in, time zone, language, screen resolution, and various other active settings.
  • main data properties IP address, canvas element, webGL (web-based graphic library), sound information, etc. may be used, but is not limited thereto.
  • the computing device 100 may assign an identifier to each user based on the first information (S120).
  • the computing device 100 may perform a pre-processing process on each data belonging to the first information. For example, the computing device 100 calculates a single numeric value based on a preset rule for data that is not composed of a single numeric value among data belonging to the first information, or corresponds to each data by using an embedding method. It is possible to derive a numeric value that In addition, the computing device 100 may adjust the value range within a certain range through normalization when the value range is different for each piece of data.
  • the computing device 100 may process the data included in the first information into a form that is easy to calculate an identification value.
  • the computing device 100 may process the data included in the first information to generate an input value to which a hash algorithm is applied or may be configured as matrix data.
  • the computing device 100 may generate an identifier of each user by processing the preprocessed first information of each user using a hash algorithm. For example, the computing device 100 may generate an identifier by hashing the first information using a locality-sensitive hashing (LSH) algorithm, but is not limited thereto. In addition, the computing device 100 may generate a final identifier by hashing the data included in the first information for each attribute and recombining them, and a specific method is not limited to a specific form.
  • LSH locality-sensitive hashing
  • the computing device 100 processes the first information or information (eg, a hash value) obtained by processing the first information using a K-Nearest Neighgor algorithm (or other clustering technique), so that the first information The location on the corresponding data space can be determined.
  • a cluster to which the first information or processed information belongs may be determined, and a probability or degree of agreement corresponding to each cluster may also be determined.
  • the computing device 100 determines the position of the second information in the data space when the second information is input, determines the cluster to which the second information belongs, or determines the probability that the second information belongs to each cluster; A user corresponding to the second information may be identified by determining the degree of matching.
  • the clustering technique and the hash technique may be utilized, respectively, and may operate complementary to each other.
  • the user is identified only when both techniques indicate a specific user, or the user is identified even when only one of the two techniques indicates a specific user. can make it Or, use one of the two techniques first, but if the user is not identified, try to identify using the second technique, or if the first technique succeeds in identification, use the second technique to perform revalidation. can also be used. This may operate differently according to the settings of the computing device 100 .
  • the computing device 100 may generate an identifier for each user by processing the first information of each user in a matrix form. For example, the computing device 100 may generate an n*m matrix or vector including each piece of data belonging to the first information.
  • the computing device 100 may match and store identifiers and first information for each user (S130).
  • the computing device 100 may match and store the calculated identifier for each user and first information corresponding thereto. For example, first information collected about the first user and an identifier calculated from the first information of the first user may be stored in association with each other.
  • the calculated identifier (eg, hash value) for the first user may itself function as a fingerprint ID representing the first user.
  • an index indicating the first user may be provided separately from the identifier for the first user.
  • the index may mean an ID value representing the first user, and a method of assigning the index is not limited.
  • the computing device 100 may assign sequential indexes in the order of registered users, but is not limited thereto.
  • Information on each user may be stored in the computing device 100 or may be stored in a database provided in the external server 300 .
  • the computing device 100 may obtain second information including at least a portion of newly acquired browser information and terminal information from the candidate user (S140).
  • the computing device 100 may obtain information requesting identification of a new user after database construction is completed.
  • the computing device 100 may obtain second information including at least a portion of browser information and terminal information for a new user, and information stored in a database and second information (or information obtained by processing the second information) can be compared to identify new users.
  • the computing device 100 may obtain a candidate identifier corresponding to the second information (S150).
  • the computing device 100 may obtain a candidate identifier from the second information by applying the same method as calculating the identifier using the first information. For example, the computing device 100 may obtain the candidate identifier by applying a hash algorithm to the second information.
  • the computing device 100 may extract an identifier candidate group having first information corresponding to at least a part of the second information (S160).
  • browser information and terminal information acquired from a user terminal may include variable information and non-variable information.
  • operating system type, device type, device model, etc. may be referred to as non-variable information that is not easily changed.
  • the computing device 100 may primarily filter data based on such non-variable information. Specifically, the computing device 100 may select one or more non-variable information from among the obtained second information, and extract an identifier candidate group having first information identical thereto. Through this, the computing device 100 can reduce the amount of data to compare the similarity with and efficiently compare the similarity.
  • the computing device 100 may issue an identifier of a candidate user based on a similarity between the identifier candidate group and the candidate identifier (S170).
  • the computing device 100 may search for an identifier most similar to the candidate identifier among the identifier candidate group, determine the most similar identifier as the identifier of the candidate user, and issue the identifier. . That is, it is possible to identify that the user corresponding to the searched most similar identifier is the same person as the candidate user.
  • the same identifier may be searched for and determined as the identifier of the candidate user and then issued.
  • the degree of similarity between the most similar identifier obtained as a result of the search and the candidate identifier is equal to or less than a preset reference value, it may be determined that there is no similar identifier.
  • LSH locality-sensitive hashing
  • the computing device 100 may calculate the matrix similarity between the identifier candidate group and the candidate identifier, and issue an identifier having the highest similarity to the candidate identifier as the identifier of the candidate user. . That is, it is possible to identify that the user corresponding to the searched most similar identifier is the same person as the candidate user.
  • the computing device 100 may calculate the cosine similarity between the identifier candidate group and the candidate identifier, and search for an identifier having the highest similarity based on the calculated cosine similarity, but is not limited thereto.
  • the computing device 100 may issue the candidate identifier as the identifier of the candidate user when the identifier of the candidate user cannot be determined from the identifier candidate group. Also, the computing device 100 may match and store the candidate identifier and the second information with respect to the candidate user.
  • the computing device 100 may determine that the candidate user is a new user, issue a new identifier, and store related information in the database.
  • the computing device 100 may determine that the candidate user is a new user when an identifier having a similarity of a candidate identifier and a predetermined reference value or more is not found from the identifier candidate group. Then, the computing device 100 may store the candidate identifier as an identifier of the candidate user and may store the second information together.
  • browser information and terminal information used to identify a user include various parameters. These parameters include variable information and non-variable information, and non-variable information always has a constant value, so there is an advantage in obtaining consistent data, but data may not be sufficient to perform fingerprinting with only non-variable information. . Accordingly, it is necessary to prepare a method for performing fingerprinting by utilizing variable information together, but supplementing this.
  • consistent user identification may be possible only when variable information is used, but information whose variability is not large is used. Accordingly, the fingerprinting algorithm can be advanced by analyzing the variability of each parameter to determine whether to use the corresponding parameter or setting a weight.
  • variable information that can be easily changed according to settings, but since users do not frequently change them, the variability can be considered low.
  • the variability is lower in the case of language settings, and the possibility of changing little by little depending on the situation is higher in the case of fonts. In this case, it can be determined that they have different variability.
  • parameters under the same conditions may have different variability according to user characteristics. For example, some users may rarely change the font, while others may change the font size frequently from page to page.
  • the computing device 100 may determine attributes of each of the parameters belonging to the first information and the second information in consideration of these conditions, and determine a weight of each parameter belonging to the first information and the second information based on the determined attributes. can Depending on embodiments, determining the weight may also include determining whether to use each parameter. For example, the weight of data not to be used may be determined to be 0, but is not limited thereto.
  • the computing device 100 may generate an identifier from the first information and the second information in consideration of the weight. For example, the computing device 100 may obtain weight information for each of the parameters included in the first information and generate an identifier using a value obtained by multiplying each parameter value by a weight. Specifically, the computing device 100 may generate an identifier using a result of preprocessing each data included in the first information and multiplying the preprocessed result value by a weight, but a specific method of applying the weight is not limited. don't
  • the computing device 100 may calculate a similarity between the identifier candidate group and the candidate identifier in consideration of the weight. For example, when comparing data included in the identifier candidate group with candidate identifiers, when a specific parameter is different, the difference may be multiplied by a preset weight and reflected in the similarity calculation.
  • the computing device 100 may determine whether each parameter is variable information or non-variable information. Also, the computing device 100 may determine variability of each parameter determined as variable information.
  • the computing device 100 may determine the weight based on the variability of each parameter. For example, in the case of a parameter having average variability, the weight may be set to 1, and if the variability is high, the weight may be close to 0. Conversely, when the variability is low, the weight may be high. Depending on the embodiment, when the weight of the non-variable information is determined (eg 2), this may be set as the upper limit of the weight assigned to the variable information.
  • the weight of the non-variable information eg 2
  • the computing device 100 may learn the variability of each parameter in the process of performing the user identification method according to the disclosed embodiment. For example, the computing device 100 may compare parameters of the first information and the second information of the identification value issued to the candidate user. That is, when the candidate user is identified as a specific user pre-stored in the database, the second information obtained from the candidate user may be compared with the first information stored in the database.
  • the computing device 100 may calculate the frequency of change of each parameter based on the comparison result. That is, when there are different parts of parameters even though they are the same user, it is possible to obtain information about which parameters and how different they are.
  • the computing device 100 may determine variability of each parameter based on the calculated frequency of change. For example, the computing device 100 may obtain information about variability of each parameter by collecting information obtained for a specific user or for all users. That is, in the case of a parameter that is statistically frequently changed and a parameter with a large change range, it may be determined that the variability is high, but is not limited thereto.
  • the computing device 100 may repeatedly perform a comparison between the first information and the second information or between an identifier obtained from the first information and an identifier obtained from the second information a plurality of times. For example, the computing device 100 obtains the second information at a predetermined time interval and compares the obtained second information or the identifier obtained from the second information with the first information to determine the variability of each piece of information. can Through this, it is possible to distinguish variable information that can change within a short time among variable information and variable information that is changed only when there is a special event or that is changed over a long period of time. The computing device 100 may determine the variability of each variable information based on the change probability, change frequency, degree of change, and change period of each variable information.
  • the non-variable information is used to extract the identifier candidate group, and the information used to extract the identifier candidate group may not be used to measure the similarity between the identifier candidate group and candidate identifiers.
  • non-variable information used to extract an identifier candidate group may not be used to calculate an identifier. That is, it may be configured to perform primary categorization with non-variable information and identify users with identifiers generated based on variable information within each category.
  • non-variable information may mainly consist of terminal information. Therefore, even if the same user uses different terminals, it may be difficult to identify them as the same user.
  • the computing device 100 may also analyze the similarity of identifiers for other identifiers that do not belong to the identifier candidate group. For example, in the real-time identification step, a user is identified by comparing identifiers belonging to an identifier candidate group with candidate identifiers, but an identifier whose similarity is equal to or greater than a predetermined reference value by comparing candidate identifiers with other identifiers not belonging to the identifier candidate group during idle time. You can search whether there is. In this case, when an identifier having a similarity equal to or greater than a preset reference value is searched for, the identifier may also be determined to be of the same user and information thereof may be provided.
  • the computing device 100 performs fingerprinting using only browser information excluding terminal information, and if the terminal information is different but there is information matching the fingerprinting information based on the browser information, it can be determined as the same user. .
  • the computing device 100 may further perform a process of verifying whether identifiers of different devices are for the same person. For example, it may be determined that the user is the same person if the user's behavior records (eg, search records, visited pages, purchase records, etc.) stored in correspondence with each identifier have similarities greater than or equal to a preset reference value.
  • the user's behavior records eg, search records, visited pages, purchase records, etc.
  • FIG. 4 is a diagram illustrating an operational flow of a user identification system through browser fingerprinting according to an exemplary embodiment.
  • SDKs 412 and 422 may be distributed and installed in each of the client web servers 410 and 420 .
  • the SDKs 412 and 422 installed in each of the client web servers 410 and 420 are data collection tools, and collect browser and terminal information of users 401 to 404 accessing the customer's website (eg, online shopping mall). can be collected
  • the collected information is transmitted to the computing device 100 through the API 430, and the computing device 100 may acquire and provide identifier information corresponding to the transmitted information based on information stored in the database 440. .
  • each of the client web servers 410 and 420 can identify users accessing the website, match each user's behavior information to the identified user information, and store it.
  • each of the client web servers 410 and 420 may transmit information about users accessing the website and user behavior information to the computing device 100 through the SDKs 412 and 422 .
  • the computing device 100 may identify a user, match and store information about the identified user and behavioral information.
  • each of the client web servers 410 and 420 may identify the corresponding user and provide a customized advertisement or service based on stored behavioral information matched to the corresponding user.
  • Each of the client web servers 410 and 420 may directly provide these services based on information stored in each of the client web servers 410 and 420 .
  • this service is based on information stored in the computing device 100 or the database 440 associated with the computing device 100, the computing device 100, each client web server 410, 420 or each user (401 to 404) can also be provided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Computing Systems (AREA)

Abstract

L'invention divulgue un procédé d'identification d'utilisateur par empreinte de navigateur, qui est effectué par un dispositif informatique, le procédé comprenant les étapes consistant : à acquérir des premières informations comprenant au moins une partie d'informations de navigateur et des informations de terminal d'utilisateurs ; à attribuer un identifiant à chacun des utilisateurs sur la base des premières informations ; à mettre en correspondance et à stocker l'identifiant et les premières informations pour chacun des utilisateurs ; à acquérir des secondes informations comprenant au moins une partie d'informations de navigateur et des informations de terminal nouvellement acquises à partir d'un utilisateur candidat ; à acquérir un identifiant candidat correspondant aux secondes informations ; à extraire un groupe candidat d'identifiant ayant des premières informations correspondant à au moins une partie des secondes informations ; et à émettre un identifiant de l'utilisateur candidat sur la base d'une similarité entre le groupe candidat d'identifiant et l'identifiant candidat.
PCT/KR2021/019403 2021-08-18 2021-12-20 Procédé, dispositif et programme d'identification d'utilisateur par empreinte de navigateur WO2023022307A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020210109034A KR102372996B1 (ko) 2021-08-18 2021-08-18 브라우저 핑거프린팅을 통한 사용자 식별 방법, 장치 및 프로그램
KR10-2021-0109034 2021-08-18

Publications (1)

Publication Number Publication Date
WO2023022307A1 true WO2023022307A1 (fr) 2023-02-23

Family

ID=80814415

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2021/019403 WO2023022307A1 (fr) 2021-08-18 2021-12-20 Procédé, dispositif et programme d'identification d'utilisateur par empreinte de navigateur

Country Status (2)

Country Link
KR (1) KR102372996B1 (fr)
WO (1) WO2023022307A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102643988B1 (ko) * 2023-03-21 2024-03-06 주식회사 에스케어 전자 티켓의 발권 및 검증 방법 및 그를 이용한 서버

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060050688A (ko) * 2004-09-28 2006-05-19 마이크로소프트 코포레이션 조직적 광고 캠페인을 생성하기 위한 시스템 및 방법
KR20110127701A (ko) * 2009-02-17 2011-11-25 구글 인코포레이티드 사용자 정보의 특성화
KR20130068014A (ko) * 2011-12-15 2013-06-25 삼성전자주식회사 단말간 통신을 위한 접속 식별자 할당 방법 및 장치
KR20140042373A (ko) * 2012-09-28 2014-04-07 주식회사 엘지유플러스 관심 키워드 제공 장치 및 방법
KR20150083978A (ko) * 2015-06-29 2015-07-21 플러스기술주식회사 공유 단말 식별 방법 및 그 시스템

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060050688A (ko) * 2004-09-28 2006-05-19 마이크로소프트 코포레이션 조직적 광고 캠페인을 생성하기 위한 시스템 및 방법
KR20110127701A (ko) * 2009-02-17 2011-11-25 구글 인코포레이티드 사용자 정보의 특성화
KR20130068014A (ko) * 2011-12-15 2013-06-25 삼성전자주식회사 단말간 통신을 위한 접속 식별자 할당 방법 및 장치
KR20140042373A (ko) * 2012-09-28 2014-04-07 주식회사 엘지유플러스 관심 키워드 제공 장치 및 방법
KR20150083978A (ko) * 2015-06-29 2015-07-21 플러스기술주식회사 공유 단말 식별 방법 및 그 시스템

Also Published As

Publication number Publication date
KR102372996B1 (ko) 2022-03-11

Similar Documents

Publication Publication Date Title
WO2018142764A1 (fr) Procédé de génération de modèle appris, dispositif de génération de modèle appris et dispositif d'utilisation de modèle appris
US8752043B2 (en) Providing guidance for software installation
CN109614238B (zh) 一种目标对象识别方法、装置、系统及可读存储介质
US20160246981A1 (en) Data secrecy statistical processing system, server device for presenting statistical processing result, data input device, and program and method therefor
US8311337B2 (en) Systems and methods for organizing and accessing feature vectors in digital images
CN111371858B (zh) 群控设备识别方法、装置、介质及电子设备
WO2017155292A1 (fr) Procédé de détection d'anomalie et programme de détection d'anomalie
US20200259895A1 (en) Maintenance of a persistent master identifier for clusters of user identifiers across a plurality of devices
US11244153B2 (en) Method and apparatus for processing information
CN111104825A (zh) 人脸注册库更新方法、装置、设备及介质
CN111611144B (zh) 用于处理性能测试数据的方法、装置、计算设备和介质
WO2023022307A1 (fr) Procédé, dispositif et programme d'identification d'utilisateur par empreinte de navigateur
CN110855648A (zh) 一种网络攻击的预警控制方法及装置
CN111177481B (zh) 用户标识映射方法及装置
US10805377B2 (en) Client device tracking
US20140244641A1 (en) Holistic customer record linkage via profile fingerprints
WO2022025537A1 (fr) Ordinateur de gestion de données, système de sécurité de données comprenant l'ordinateur de gestion de données et procédé de sécurité de données
CN111403011A (zh) 挂号科室推送方法、装置、系统、电子设备及存储介质
CN111967045A (zh) 一种基于大数据的数据发布隐私保护算法及系统
US10599928B2 (en) Method and system for enabling information in augmented reality applications
US20150156169A1 (en) Method for determining validity of command and system thereof
WO2019093755A1 (fr) Système et procédé de protection de droits d'auteur de police de caractères
CN114399259A (zh) 一种员工数据处理方法和装置
WO2016021039A1 (fr) SYSTÈME DE TRAITEMENT DE k-ANONYMISATION ET PROCÉDÉ DE TRAITEMENT DE k-ANONYMISATION
CN114996482B (zh) 知识图谱构建、视频搜索方法、装置及电子设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21954353

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE