WO2023138135A1 - 人机识别的方法和装置 - Google Patents

人机识别的方法和装置 Download PDF

Info

Publication number
WO2023138135A1
WO2023138135A1 PCT/CN2022/127091 CN2022127091W WO2023138135A1 WO 2023138135 A1 WO2023138135 A1 WO 2023138135A1 CN 2022127091 W CN2022127091 W CN 2022127091W WO 2023138135 A1 WO2023138135 A1 WO 2023138135A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
machine
data
token
application
Prior art date
Application number
PCT/CN2022/127091
Other languages
English (en)
French (fr)
Inventor
王晖
欧阳也可
史磊
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023138135A1 publication Critical patent/WO2023138135A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present application relates to the field of computer technology, in particular to a method and device for human-computer identification.
  • CAPTCHA fully automated public turing test to tell computers and humans apart
  • the present application provides a method and device for man-machine recognition, which can improve the efficiency and accuracy of man-machine recognition.
  • a first aspect provides a method for human-machine identification, including: a server generates a token according to a human-machine identification model and first characteristic data, and sends the token to the terminal.
  • the human-machine identification model is a classifier for user operation and machine operation obtained by training user characteristic data and machine characteristic data.
  • the first characteristic data is data generated by a first application displayed on the screen of the terminal when clicked.
  • the token is used to indicate that the first service request generated by the first application is sent.
  • the token is carried, and the user characteristic data and the machine characteristic data are data generated by clicking on the screen of the terminal;
  • the request sent by the terminal, the request includes the first service request and the token;
  • the server determines that the first service request is a user operation or a machine operation according to the first association relationship and the token, and the server stores the first association relationship, and the first association relationship is an association relationship between the token and the operator who generated the first service request.
  • the user feature data is the data generated by the user clicking the screen of the terminal
  • the machine feature data is the data generated by the machine clicking the screen of the terminal.
  • Any feature data may be at least one of the following: motion sensor data of the terminal, or touch screen data of the terminal.
  • the touch screen data includes at least one of the following: touch screen area, touch screen time stamp, touch screen delay, touch screen pressure, or touch screen coordinates.
  • the touch screen timestamp can be understood as the moment when the operator touches the screen of the terminal.
  • the touch screen delay can be understood as the moment when the operator lifts up from the terminal screen minus the moment when the operator presses the terminal screen.
  • the touch screen data of the terminal may be raw data generated by the screen of the terminal, or feature data after feature extraction is performed on the raw data generated by the screen of the terminal.
  • the motion sensor includes at least one of the following: an acceleration sensor, a gravity acceleration sensor, or a gyroscope.
  • the motion sensor data of the terminal may be raw data generated by the motion sensor of the terminal, or feature data after feature extraction is performed on the raw data generated by the motion sensor of the terminal.
  • the first feature data is data generated by clicking on the first application displayed on the terminal's screen, and the first feature data may be data acquired by the server from the terminal. That is to say, the first characteristic data may be collected and acquired by the terminal, and the implementation manner of collecting and obtaining the first characteristic data by the terminal is not specifically limited.
  • the first feature data may be the original data generated by clicking on the first application program displayed on the screen of the terminal, or the feature data obtained after feature extraction is performed on the original data generated by the first application program displayed on the screen of the terminal.
  • the amount of data included in the first feature data is not specifically limited.
  • the first feature data may be data generated during a period of time when the first application program of the terminal is clicked.
  • the human-machine recognition model is a classifier for user operations and machine operations obtained by training the server on user feature data and machine feature data, and the method of model training is not specifically limited.
  • the classifier may be a linear classifier.
  • the working mode combining the server and the terminal is adopted.
  • the server side generates a token according to the human-computer identification model and the first characteristic data, and the token is used to indicate that the first service request generated by the first application program should carry the token, so that the server receives the request sent by the terminal and includes both the first service request and the token.
  • the server can determine, according to the first association relationship and the token, that the operation corresponding to the first service request is a user operation or a machine operation.
  • this method When using this method for human-machine identification, it avoids the need for the user to perform additional operations in the prior art (for example, the user identifies the random number on the picture according to the picture provided by the system), and this method can improve the efficiency of human-machine identification.
  • the human-machine recognition model is trained based on user characteristic data and machine characteristic data. There are obvious differences in the changes of user characteristic data and machine characteristic data. This method can also improve the accuracy of human-machine recognition.
  • the server generates the token according to the human-machine identification model and the first feature data, including: the server inputs the first feature data into the human-machine identification model to obtain a first confidence level; the server determines that the operator who generates the first service request is a user or a machine according to the first threshold and the first confidence level, and generates the token.
  • the server determines that the operator who generates the first service request is the user or the machine according to the first threshold and the first confidence level, and generating the token includes: when the operator determining the first service request according to the first threshold and the first confidence level is the same as the operator determining the first service request according to the second confidence level and the first threshold value, the server generates the token according to the operator who generates the first service request as the user or the machine.
  • the operator determining the first service request according to the first threshold and the first confidence level is the same as the operator determining the first service request according to the second confidence level and the first threshold value, that is, during the process from the terminal sending the first feature data to the server receiving the first feature data, the first feature data has not been attacked by an attacker, that is, the first feature data is trustworthy data.
  • the operator who determines the first service request according to the first threshold and the first confidence level and the operator who determines the first service request according to the second confidence level and the first threshold may be a server.
  • the server generates tokens only when the operator determining the first service request according to the first threshold and the first confidence level is the same as the operator determining the first service request according to the second confidence level and the first threshold value.
  • the method further includes: the server uses the first public key to encrypt the parameters of the human-computer identification model to generate a first ciphertext, and sends the first ciphertext to the terminal; the server receives the second ciphertext sent by the terminal, and the second ciphertext is obtained by using the first ciphertext and the first public key to perform a homomorphic operation on the first characteristic data; the server uses the first private key to perform homomorphic decryption on the second ciphertext to obtain the second confidence.
  • the method before the server inputs the first characteristic data into the human-computer identification model to obtain the first confidence degree, the method further includes: the server receives the first signature value and the first characteristic data sent by the terminal, the first signature value is obtained by digitally signing the first characteristic data with a first private key; the server verifies the first signature value with a first public key, and determines that the verification is passed.
  • the server uses the first public key to verify the first signature value, and determines that the verification is passed, that is, during the process from the terminal sending the first feature data to the server receiving the first feature data, the first feature data has not been attacked by an attacker, that is, the first feature data is trustworthy data.
  • the server will input the first feature data into the human-machine recognition model to obtain the first confidence level only when it determines that the first feature data is trustworthy data, and then determine it as user operation or machine operation based on the first confidence level and the first threshold value, and generate a corresponding token.
  • the server determines that the operator who generates the first service request is the user or the machine according to the first threshold and the first confidence level, including: when the first confidence level is greater than or equal to the first threshold value, the server determines that the operator of the first service request is the user; or, when the first confidence level is smaller than the first threshold value, the server determines that the operator of the first service request is the machine.
  • the server determines that the operator of the first service request corresponding to the first confidence level is a user or a machine through threshold comparison, the implementation process is simple, and the efficiency of man-machine identification can be improved.
  • the server determines that the first service request is a user operation or a machine operation according to the first association relationship and the token, including: the server determines that the first service request is a user operation according to the first association relationship and the token, the operator who generates the first service request is a user, and the first characteristic data is data generated by the first application program that the user clicks on the screen of the terminal; The feature data is the data generated by the machine clicking on the first application displayed on the terminal's screen.
  • the server directly determines that the first service request carried in the request is a user operation or a machine operation according to the locally stored first association relationship and the token carried in the request.
  • the implementation process does not require user participation, which can improve the efficiency of human-machine identification.
  • the first feature data includes at least one of the following: feature data generated by a motion sensor of the terminal when the first application is clicked, or feature data generated by a screen of the terminal when the first application is clicked.
  • the first characteristic data is the data generated by clicking on the screen of the terminal, that is, the first characteristic data can be obtained when the user is using the terminal normally, avoiding any additional operations by the user, enabling the human-machine recognition without the user's perception, and improving the efficiency of human-machine recognition.
  • the characteristic data generated by the motion sensor of the terminal when the first application is clicked includes at least one of the following: the average value of the data generated by the motion sensor of the terminal when the first application is clicked, or the standard deviation of the data generated by the motion sensor of the terminal when the first application is clicked;
  • the server cannot restore the original data according to the first characteristic data, which can improve the privacy of user data.
  • a second aspect provides a method for man-machine identification, comprising: a terminal receiving a token sent by a server, the token being generated according to a man-machine recognition model and first characteristic data, the man-machine recognition model being a classifier for user operation and machine operation obtained by training user characteristic data and machine characteristic data, the first characteristic data being data generated by a first application program displayed on the screen of the terminal, and the token being used to indicate that the first service request generated by the first application program is sent to carry the token, the user characteristic data and the machine characteristic data being data generated by clicking on the screen of the terminal; Send a request to the server, where the request includes the first service request and the token.
  • the user feature data is the data generated by the user clicking the screen of the terminal
  • the machine feature data is the data generated by the machine clicking the screen of the terminal.
  • Any feature data may be at least one of the following: motion sensor data of the terminal, or touch screen data of the terminal.
  • the touch screen data includes at least one of the following: touch screen area, touch screen time stamp, touch screen delay, touch screen pressure, or touch screen coordinates.
  • the touch screen timestamp can be understood as the moment when the operator touches the screen of the terminal.
  • the touch screen delay can be understood as the moment when the operator lifts up from the terminal screen minus the moment when the operator presses the terminal screen.
  • the touch screen data of the terminal may be raw data generated by the screen of the terminal, or feature data after feature extraction is performed on the raw data generated by the screen of the terminal.
  • the motion sensor includes at least one of the following: an acceleration sensor, a gravity acceleration sensor, or a gyroscope.
  • the motion sensor data of the terminal may be raw data generated by the motion sensor of the terminal, or feature data after feature extraction is performed on the raw data generated by the motion sensor of the terminal.
  • the first feature data is data generated by clicking on the first application displayed on the terminal's screen, and the first feature data may be data acquired by the server from the terminal. That is to say, the first characteristic data may be collected and acquired by the terminal, and the implementation manner of collecting and obtaining the first characteristic data by the terminal is not specifically limited.
  • the first feature data may be the original data generated by clicking on the first application program displayed on the screen of the terminal, or the feature data obtained after feature extraction is performed on the original data generated by the first application program displayed on the screen of the terminal.
  • the amount of data included in the first feature data is not specifically limited.
  • Exemplary first feature data may be data generated during a period of time when the first application program of the terminal is clicked.
  • the human-machine recognition model is a classifier for user operations and machine operations obtained by training the server on user feature data and machine feature data, and the method of model training is not specifically limited.
  • the classifier may be a linear classifier.
  • the working mode combining the server and the terminal is adopted.
  • the terminal receives the token sent by the server, and the token is used to indicate that the token is carried when sending the first service request generated by the first application program, so that the terminal will carry the token when sending the first service request.
  • the server can determine, according to the first association relationship and the token, that the operation corresponding to the first service request is a user operation or a machine operation.
  • this method for human-machine identification it avoids the need for the user to perform additional operations in the prior art (for example, the user identifies the random number on the picture according to the picture provided by the system), and this method can improve the efficiency of human-machine identification.
  • the human-machine recognition model is trained based on user characteristic data and machine characteristic data. There are obvious differences in the changes of user characteristic data and machine characteristic data. This method can also improve the accuracy of human-machine recognition.
  • the method further includes: the terminal receiving the first ciphertext sent by the server, the first ciphertext is obtained by encrypting the parameters of the human-computer identification model by using the first public key; the terminal uses the first ciphertext and the first public key to perform a homomorphic operation on the first feature data to obtain a second ciphertext; the terminal sends the second ciphertext and the first feature data to the server.
  • the method further includes: the terminal digitally signs the first feature data with a first private key to obtain a first signature value; the terminal sends the first signature value and the first feature data to the server.
  • the first feature data includes at least one of the following: feature data generated by a motion sensor of the terminal device when the first application is clicked, or feature data generated by a screen of the terminal device when the first application is clicked.
  • the first characteristic data is the data generated by clicking on the screen of the terminal, that is, the first characteristic data can be obtained when the user is using the terminal normally, avoiding any additional operations by the user, enabling the human-machine recognition without the user's perception, and improving the efficiency of human-machine recognition.
  • the characteristic data generated by the motion sensor of the terminal when the first application is clicked includes at least one of the following: the average value of the data generated by the motion sensor of the terminal when the first application is clicked, or the standard deviation of the data generated by the motion sensor of the terminal when the first application is clicked;
  • the server cannot restore the original data according to the first characteristic data, which can improve the privacy of user data.
  • a device for human-machine identification including: a processing unit configured to generate a token according to a human-machine identification model and first characteristic data, the human-machine identification model is a classifier for user operation and machine operation obtained by training user characteristic data and machine characteristic data, the first characteristic data is data generated by a first application program displayed by clicking on the screen of the terminal, the token is used to indicate that the token is carried when sending the first service request generated by the first application program, the user characteristic data and the machine characteristic data are data generated by clicking the screen of the terminal; a transceiver unit configured to send the token to the terminal Token; the transceiving unit is also used to receive the request sent by the terminal, the request includes the first service request and the token; the processing unit is also used to determine that the first service request is a user operation or a machine operation according to the first association relationship and the token, and the server stores the first association relationship, which is the association relationship between the token and the operator who generated the first service request.
  • the human-machine identification model is a classifier for
  • the processing unit is further configured to: input the first feature data into the human-machine identification model to obtain a first confidence level; determine the operator who generated the first service request as a user or a machine according to the first threshold and the first confidence level, and generate the token.
  • the processing unit is also used for the operator who determines the first business request based on the first threshold and the first letter of trust.
  • the operator who determines the first business request based on the first threshold and the first threshold according to the first threshold and the first threshold according to the first threshold and the first threshold.
  • the operators who are required are the same; the operator who generates the first business request is the user or the machine to generate the token.
  • the processing unit is further configured to use the first public key to encrypt the parameters of the human-machine identification model to generate a first ciphertext; the transceiver unit is also used to: send the first ciphertext to the terminal; receive the second ciphertext sent by the terminal, the second ciphertext is obtained by using the first ciphertext and the first public key to perform a homomorphic operation on the first feature data; the processing unit is also used to use the first private key to perform homomorphic decryption on the second ciphertext to obtain the second confidence.
  • the transceiver unit is further configured to receive the first signature value and the first characteristic data sent by the terminal, the first signature value is obtained by digitally signing the first characteristic data with a first private key; the processing unit is further configured to verify the first signature value with a first public key to determine that the verification is passed.
  • the processing unit is further configured to: if the first confidence level is greater than or equal to the first threshold, determine that the operator of the first service request is the user; or, if the first confidence level is less than the first threshold, determine that the operator of the first service request is the machine.
  • the processing unit is further configured to: according to the first association relationship and the token, determine that the first service request is operated by the user, the operator who generates the first service request is the user, and the first characteristic data is data generated by the first application program that the user clicks on the screen display of the terminal; or, according to the first association relationship and the token, determine that the first service request is the operation of the machine, the operator generating the first service request is a machine, and the first feature data is data generated by the first application program that the machine clicks on the screen display of the terminal.
  • the first feature data includes at least one of the following: feature data generated by a motion sensor of the terminal when the first application is clicked, or feature data generated by a screen of the terminal when the first application is clicked.
  • the characteristic data generated by the motion sensor of the terminal when the first application is clicked includes at least one of the following: the average value of the data generated by the motion sensor of the terminal when the first application is clicked, or the standard deviation of the data generated by the motion sensor of the terminal when the first application is clicked;
  • a human-machine identification device including: a transceiver unit, configured to receive a token sent by a server.
  • the token is generated based on a human-machine identification model and first characteristic data.
  • the human-machine identification model is a classifier for user operation and machine operation obtained by training user characteristic data and machine characteristic data.
  • the first characteristic data is data generated by clicking on a first application displayed on the screen of the terminal.
  • the token is used to indicate that the first service request generated by the first application program should carry the token.
  • the transceiving unit is further configured to send a request to the server, where the request includes the first service request and the token.
  • the device further includes a processing unit, the transceiving unit is further configured to receive the first ciphertext sent by the server, the first ciphertext is obtained by encrypting the parameters of the human-machine identification model by using the first public key; the processing unit is configured to use the first ciphertext and the first public key to perform a homomorphic operation on the first feature data to obtain a second ciphertext; the transceiver unit is also used to send the second ciphertext and the first feature data to the server.
  • the device further includes a processing unit, configured to digitally sign the first characteristic data using a first private key to obtain a first signature value; the transceiver unit is also configured to send the first signature value and the first characteristic data to the server.
  • the first feature data includes at least one of the following: feature data generated by a motion sensor of the terminal when the first application is clicked, or feature data generated by a screen of the terminal when the first application is clicked.
  • a server has the functions of the device for realizing the above-mentioned human-machine identification.
  • the functions may be implemented based on hardware, or corresponding software may be implemented based on hardware.
  • the hardware or software includes one or more modules corresponding to the above functions.
  • the structure of the server includes a processor, and the processor is configured to support the server to perform corresponding functions in the above method.
  • the server may also include a memory, which is used to be coupled with the processor, and stores necessary program instructions and data of the server.
  • the server includes: a processor, a transmitter, a receiver, a random access memory, a read only memory, and a bus.
  • the processor is respectively coupled to the transmitter, the receiver, the random access memory and the read-only memory through the bus.
  • the basic input/output system solidified in the read-only memory or the bootloader boot system in the embedded system is started to guide the server into a normal running state. After the server enters the normal running state, run the application program and the operating system in the random access memory, so that the processor executes the method in the first aspect or any possible implementation manner of the first aspect.
  • a terminal has the function of the device for realizing the above-mentioned human-machine identification.
  • the functions may be implemented based on hardware, or corresponding software may be implemented based on hardware.
  • the hardware or software includes one or more modules corresponding to the above functions.
  • the structure of the terminal includes a processor, and the processor is configured to support the terminal to perform corresponding functions in the foregoing method.
  • the terminal may include a memory, which is used to be coupled with the processor, and stores necessary program instructions and data of the terminal.
  • the terminal includes: a processor, a transmitter, a receiver, a random access memory, a read only memory, and a bus.
  • the processor is respectively coupled to the transmitter, the receiver, the random access memory and the read-only memory through the bus.
  • the basic input/output system solidified in the read-only memory or the bootloader boot system in the embedded system is started to guide the terminal into a normal operating state. After the terminal enters the normal running state, run the application program and the operating system in the random access memory, so that the processor executes the second aspect or the method in any possible implementation manner of the second aspect.
  • a computer program product includes: computer program code, when the computer program code is run on a computer, it causes the computer to execute the above first aspect or any possible implementation method of the first aspect.
  • a computer program product includes: computer program code, when the computer program code is run on a computer, it causes the computer to execute the second aspect or any possible implementation method of the second aspect.
  • a computer-readable medium stores program codes, and when the computer program codes run on a computer, the computer executes the above-mentioned first aspect or any possible implementation method of the first aspect.
  • These computer-readable storages include, but are not limited to, one or more of the following: read-only memory (read-only memory, ROM), programmable ROM (programmable ROM, PROM), erasable PROM (erasable PROM, EPROM), Flash memory, electrical EPROM (electrically EPROM, EEPROM) and hard drive (hard drive).
  • a computer-readable medium stores program codes, and when the computer program codes run on a computer, the computer executes the above-mentioned second aspect or any possible implementation method of the second aspect.
  • These computer-readable storages include, but are not limited to, one or more of the following: read-only memory (read-only memory, ROM), programmable ROM (programmable ROM, PROM), erasable PROM (erasable PROM, EPROM), Flash memory, electrical EPROM (electrically EPROM, EEPROM) and hard drive (hard drive).
  • a chip in an eleventh aspect, includes a processor and a data interface, wherein the processor reads instructions stored in the memory through the data interface, so as to execute the method in the first aspect or any possible implementation of the first aspect.
  • the chip can be implemented as a central processing unit (CPU), microcontroller (micro controller unit, MCU), microprocessor (micro processing unit, MPU), digital signal processor (digital signal processing, DSP), system on chip (system on chip, SoC), application-specific integrated circuit (application-specific integrated circuit, ASIC) , field programmable gate array (field programmable gate array, FPGA) or programmable logic device (programmable logic device, PLD).
  • CPU central processing unit
  • MCU microcontroller
  • microprocessor micro processing unit, MPU
  • digital signal processor digital signal processing
  • system on chip system on chip
  • SoC system on chip
  • application-specific integrated circuit application-specific integrated circuit
  • FPGA field programmable gate array
  • PLD programmable logic device
  • a chip in a twelfth aspect, includes a processor and a data interface, wherein the processor reads instructions stored in the memory through the data interface to execute the method in the second aspect or any possible implementation of the second aspect.
  • the chip can be implemented as a central processing unit (CPU), microcontroller (micro controller unit, MCU), microprocessor (micro processing unit, MPU), digital signal processor (digital signal processing, DSP), system on chip (system on chip, SoC), application-specific integrated circuit (application-specific integrated circuit, ASIC) , field programmable gate array (field programmable gate array, FPGA) or programmable logic device (programmable logic device, PLD).
  • CPU central processing unit
  • MCU microcontroller
  • microprocessor micro processing unit, MPU
  • digital signal processor digital signal processing
  • system on chip system on chip
  • SoC system on chip
  • application-specific integrated circuit application-specific integrated circuit
  • FPGA field programmable gate array
  • PLD programmable logic device
  • a human-machine identification system which includes the above-mentioned device for human-machine identification in the third aspect or any possible implementation of the third aspect and/or the above-mentioned device for human-computer identification in the fourth aspect or any possible implementation of the fourth aspect.
  • FIG. 1 is a schematic block diagram of a system architecture 100 to which the present application applies.
  • Fig. 2 is a schematic flow chart of a method for human-computer identification provided by an embodiment of the present application.
  • Fig. 3 is a schematic flowchart of a specific embodiment of the method for human-computer identification provided by the embodiment of the present application.
  • Fig. 4 is a schematic flowchart of another specific embodiment of the method for human-computer identification provided by the embodiment of the present application.
  • Fig. 5 is a schematic flow chart of a method for human-computer identification provided by an embodiment of the present application.
  • FIG. 6 is a schematic structural diagram of a device 600 for human-machine recognition provided by an embodiment of the present application.
  • FIG. 7 is a schematic diagram of a hardware structure of a human-machine recognition device 700 provided in an embodiment of the present application.
  • first”, “second”, and “third” in this application are used to distinguish the same or similar items with basically the same function and function, and there is no logical or sequential dependency between “first”, “second” and “third”, and there is no limitation on the number and execution order.
  • the present application presents various aspects, embodiments or features in terms of a system that can include a number of devices, components, modules and the like. It is to be understood and appreciated that the various systems may include additional devices, components, modules, etc. and/or may not include all of the devices, components, modules etc. discussed in connection with the figures. Additionally, combinations of these schemes can also be used.
  • the network architecture and business scenarios described in the embodiments of the present application are for the purpose of more clearly explaining the technical solutions of the embodiments of the present application, and do not constitute limitations on the technical solutions provided by the embodiments of the present application.
  • Those of ordinary skill in the art know that with the evolution of the network architecture and the emergence of new business scenarios, the technical solutions provided by the embodiments of the present application are also applicable to similar technical problems.
  • references to "one embodiment” or “some embodiments” or the like in this specification means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application.
  • appearances of the phrases “in one embodiment,” “in some embodiments,” “in other embodiments,” “in other embodiments,” etc. in various places in this specification do not necessarily all refer to the same embodiment, but mean “one or more, but not all,” unless specifically emphasized otherwise.
  • the terms “including”, “comprising”, “having” and variations thereof mean “including but not limited to”, unless specifically stated otherwise.
  • At least one means one or more, and “multiple” means two or more.
  • “And/or” describes the association relationship of associated objects, indicating that there can be three types of relationships, for example, A and/or B, which can mean: A exists alone, A and B exist simultaneously, and B exists alone, where A and B can be singular or plural.
  • the character “/” generally indicates that the contextual objects are an “or” relationship.
  • “At least one of the following” or similar expressions refer to any combination of these items, including any combination of single or plural items.
  • At least one item (piece) of a, b, or c can represent: a, b, c, a-b, a-c, b-c, or a-b-c, where a, b, and c can be single or multiple.
  • the user touch screen operation refers to an operation in which the user touches the screen of the terminal.
  • Touch screen operation that is, the operation of clicking the screen.
  • Human-machine recognition refers to identifying whether an operation is triggered by a human or a robot (Bot).
  • Robots are also called machines. Bots usually refer to scripts or automated tools that can execute business requests.
  • Homomorphic encryption is a symmetric encryption algorithm. Homomorphic encryption provides a function of processing encrypted data, which is characterized by allowing data to implement mathematical or logical operations under encrypted conditions. Raceman can process encrypted data, but the process will not reveal any original content. At the same time, after the user with the private key decrypts the processed data, what he gets is exactly the processed result. Homomorphic encryption is usually asymmetric encryption (also known as asymmetric encryption algorithm). Asymmetric encryption usually includes the following three steps:
  • Step 1 generate a pair of keys, namely a public key (public key) and a private key (private key);
  • Homomorphic encryption allows the processing of encrypted data, and the obtained decryption result is equivalent to performing operations on the original data. That is to say, processing the homomorphically encrypted data to obtain an output, and decrypting this output, the result is the same as the output obtained by processing the unencrypted original data in the same way.
  • the most basic security of a homomorphic encryption scheme is semantic security. Intuitively speaking, the ciphertext does not reveal any information in the plaintext.
  • Digital signature is also known as public key digital signature.
  • a digital signature is a digital string that only the sender of the message can produce and cannot be forged by others. This digital string is also an effective proof of the authenticity of the message sent by the sender of the message. It is a method for authenticating digital information similar to an ordinary physical signature written on paper, but implemented using techniques in the field of public key cryptography.
  • a set of digital signatures usually defines two complementary operations, one for signing and the other for verification.
  • Digital signature is the application of asymmetric key encryption technology and digital abstract technology.
  • Step 1 send the original text. That is, the sender uses a hash function to generate a digest of the original text from the original text, and then encrypts the digest with its own private key. The encrypted digest will be sent to the receiver together with the original text as the digital signature of the original text.
  • Step 2 receive the original text. That is, the receiver first uses the same hash function as the sender to calculate the digest of the original text from the received original text, and then uses the sender's public key to decrypt the digital signature attached to the original text.
  • the receiver determines that the two digests are the same, then the receiver can confirm that the digital signature belongs to the sender.
  • SDK Software development kit
  • a software development kit is a collection of development tools used by software engineers to create application software for a specific software package, software framework, hardware platform, operating system, etc. It can simply provide some files of an application programming interface (API) for a programming language, but it may also include complex hardware that can communicate with an embedded system.
  • API application programming interface
  • General tools include utilities for debugging and other purposes.
  • SDKs also often include sample code, supporting technical notes, or other supporting documentation that clarifies basic reference material.
  • TEE Trusted execution environment
  • TEE is an independent operating environment parallel to a secondary operating system (Rich OS) (for example, Android (Android)), providing security protection for Rich OS.
  • Rich OS for example, Android (Android)
  • TEE includes an execution space to provide a higher level of security protection than Rich OS.
  • SE secure element
  • Tokens objects that represent the right to perform certain actions.
  • a token can also be understood as a secret code.
  • the device that transmits the data and the device that receives the data need to check the secret code first. Different secret codes are authorized for different data operations.
  • CAPTCHA CAPTCHA
  • the present application provides a method for man-machine recognition, which can improve the efficiency and accuracy of man-machine recognition.
  • the human-machine recognition model is trained by using the following data: the data obtained by performing feature processing (such as but not limited to, averaging and/or standard deviation) on the raw data of the data generated by the user clicking on the screen of the terminal, and the data obtained by performing feature processing on the raw data of the data generated by the machine clicking on the terminal screen (such as but not limited to, calculating the average and/or standard deviation), this method can also improve the privacy of the human-machine recognition model.
  • the first feature data is the data obtained by performing feature processing (such as but not limited to, mean value and/or standard deviation) on the raw data generated by the first application program displayed on the screen of the click terminal, this method can also improve the privacy of user data.
  • FIG. 1 is a schematic block diagram of a system architecture 100 to which the present application applies.
  • a system architecture 100 includes a cloud server and a terminal.
  • the cloud server includes machine protection service 110 and application server 120 .
  • the terminal includes applications 130 .
  • the terminal includes one application program 130 as an example.
  • the terminal may also include more application programs.
  • the terminal may also include modules other than the application program 130
  • the cloud server may also include modules other than the machine protection service 110 and the application server 120 .
  • the machine protection service 110 may be a software service.
  • the machine protection service 110 can communicate with the application program 130 to realize data transmission.
  • the application server 120 can communicate with the application program 130 to implement data transmission.
  • the machine protection service 110 can communicate with the application server 120 to obtain an association relationship, which indicates the association relationship between the token and the operator who generates the service request, and the service request can be a request sent by the application program 130 .
  • the working principle of the system architecture 100 is as follows: the application program 130 is used to collect terminal-side data and perform feature calculation on the collected data. Thereafter, the application program 130 sends the result of the feature calculation to the machine guarding service 110 .
  • the machine protection service 110 is used to process the result of feature calculation obtained from the application program 130 to obtain a detection result (for example, the detection result indicates that the operator who generated the service request is a user or a machine), generate a token according to the detection result, and send the token to the application program 130. Thereafter, the application program 130 sends a service request to the application server 120, and the service request carries the token corresponding to the detection result.
  • a detection result for example, the detection result indicates that the operator who generated the service request is a user or a machine
  • the application program 130 sends a service request to the application server 120, and the service request carries the token corresponding to the detection result.
  • the application server 120 receives the token and the service request, it determines the operator type corresponding to the token (for example, the operator is a user or a machine) by querying the association relationship corresponding to the token;
  • the machine protection SDK may be integrated in the application program 130, and the machine protection SDK is specifically used to collect terminal-side data and perform feature calculation on the collected data.
  • a terminal in system architecture 100 may refer to a client, user equipment, access terminal, subscriber unit, subscriber station, mobile station, mobile station, remote station, remote terminal, mobile device, user terminal, terminal device, wireless communication device, user agent, or user device.
  • the terminal can also be a mobile phone, tablet, smart watch, cellular phone, cordless phone, session initiation protocol (session initiation protocol, SIP) phone, wireless local loop (wireless local loop, WLL) station, personal digital assistant (PDA), handheld device with wireless communication function, computing device or other processing device connected to a wireless modem, vehicle-mounted device, wearable device, future fifth generation (5th Generation, 5 G)
  • the terminal equipment in the network or the terminal equipment in the public land mobile communication network public land mobile communication network (public land mobile network, PLMN) that will evolve in the future, etc., this embodiment of the present application is not limited to this.
  • the above-mentioned system architecture 100 is only for illustration, and does not constitute any limitation to the applicable system architecture of the human-machine identification method provided in this application.
  • the terminals in the above-mentioned system architecture 100 may also include a greater number of application programs.
  • the cloud server in the above system architecture 100 may further include other modules.
  • the other modules may be storage modules, and the storage modules may be used to store computer instructions.
  • Fig. 2 is a schematic flow chart of a method for human-computer identification provided by an embodiment of the present application. The method can be applied to, but not limited to, the system architecture 100 shown in FIG. 1 above. As shown in FIG. 2 , the method includes step 210 to step 230 . Steps 210 to 230 will be described in detail below.
  • Step 210 the server generates a token according to the human-machine identification model and the first characteristic data, and sends the token to the terminal.
  • the human-machine identification model is a classifier of user operation and machine operation obtained by training the user characteristic data and machine characteristic data.
  • the first characteristic data is the data generated by the first application displayed on the screen of the terminal, and the token is used to indicate that the token is carried when sending the first service request generated by the first application.
  • the user characteristic data and machine characteristic data are data generated by clicking on the terminal screen.
  • the terminal receives the token sent by the server.
  • the server in step 210 above may be the cloud server shown in FIG. 1 above, and the terminal may be the terminal shown in FIG. 1 above.
  • the server receives the first feature data sent by the terminal. That is to say, the first feature data may be collected and acquired by the terminal. There is no specific limitation on the implementation manner of collecting and acquiring the first feature data by the terminal. The amount of data included in the first feature data is not specifically limited. Exemplarily, the first feature data may be data generated during a period of time when the first application program of the terminal is clicked.
  • the human-machine recognition model is a classifier of user operation and machine operation obtained by training user characteristic data and machine characteristic data, that is, the output of the human-machine recognition model is used to determine whether the operation corresponding to the input of the human-machine recognition model is user operation or machine operation.
  • the output of the man-machine recognition model may be a confidence degree, and the value range of the confidence degree may be any value from 0 to 1, for example, the confidence degree may be 0, 0.12, 0.3 or 1, etc.
  • the classifier may be a linear classifier.
  • the human-computer recognition model can be expressed by the following formula:
  • w and b are the model parameters of the human-machine recognition model.
  • x is the input of the human-machine recognition model, for example, the x can be a 14-dimensional vector, and the 14-dimensional vector corresponds to the above-mentioned first feature data.
  • y is the output of the human-machine recognition model, and the output may be a confidence level.
  • w and x can be n-dimensional vectors, n is a positive integer.
  • the first feature data includes at least one of the following: feature data generated by a motion sensor of the terminal when the first application program is clicked, or feature data generated by a screen of the terminal when the first application program is clicked.
  • the feature data generated by the motion sensor of the terminal when the first application is clicked may also be replaced by feature data generated by the motion sensor of the terminal from the first moment to the second moment.
  • the first moment is the moment before the first application is clicked
  • the second moment is the moment after the first application is clicked.
  • the first moment and the second moment can be set according to actual application conditions. For example, if the moment when the first application is clicked is 10:00:00, the first moment may be 09:59:59, and the second moment may be 10:00:01.
  • the characteristic data generated on the screen of the terminal when the first application is clicked may also be replaced by the characteristic data generated on the screen of the terminal from the first moment to the second moment.
  • the motion sensor includes but is not limited to at least one of the following: an acceleration sensor, a gravity acceleration sensor, or a gyroscope.
  • the feature data generated on the screen of the terminal when the first application is clicked includes but is not limited to at least one of the following: feature data of touch screen area, feature data of touch screen time stamp, feature data of touch screen delay, feature data of touch screen pressure, or feature data of touch screen coordinates.
  • the screen touch time stamp can be understood as the moment when the operator (for example, a user or a machine) touches the screen of the terminal.
  • the touch screen delay can be understood as the moment when the operator lifts up from the terminal screen minus the moment when the operator presses the terminal screen.
  • the feature data generated by the motion sensor of the terminal when the first application is clicked includes at least one of the following: an average value of data generated by the motion sensor of the terminal when the first application is clicked, or a standard deviation of data generated by the motion sensor of the terminal when the first application is clicked.
  • the feature data generated by the motion sensor of the terminal when the first application is clicked may also include at least one of the following: the average value of the difference between adjacent data in the data generated by the motion sensor of the terminal when the first application is clicked, or the standard deviation of the difference between adjacent data in the data generated by the motion sensor of the terminal when the first application is clicked.
  • the feature data generated by the motion sensor of the terminal when the first application program is clicked in the embodiment of the present application includes but is not limited to the above content, that is, as long as the feature data obtained after feature extraction is performed on the "raw data generated by the motion sensor of the terminal when the first application program is clicked", it can be called feature data generated by the motion sensor of the terminal when the first application program is clicked.
  • the standard deviation of the data generated by the motion sensor of the terminal when the first application is clicked may be replaced by the variance of the data generated by the motion sensor of the terminal when the first application is clicked.
  • the data generated by the motion sensor of the terminal includes: X1, X2 and X3, then when the first application is clicked, the average value of the difference between adjacent data in the data generated by the motion sensor of the terminal can be represented by the following formula:
  • X1 is the data generated by the motion sensor of the terminal at time 1
  • X2 is the data generated by the motion sensor of the terminal at time 2
  • X3 is the data generated by the motion sensor of the terminal at time 3.
  • the feature data generated on the screen of the terminal when the first application is clicked includes at least one of the following: an average value of data generated on the screen of the terminal when the first application is clicked, or a standard deviation of data generated on the screen of the terminal when the first application is clicked.
  • the feature data generated on the terminal screen when the first application is clicked may also include at least one of the following: the average value of the difference between adjacent data in the data generated on the terminal screen when the first application is clicked, the standard deviation of the difference between adjacent data in the data generated on the terminal screen when the first application is clicked, or the geometric distance (such as but not limited to, Euclidean distance or Mahalanobis distance, etc.) of adjacent data in the data generated on the terminal screen when the first application is clicked.
  • the characteristic data generated on the screen of the terminal when the first application is clicked includes but is not limited to the above content, that is, as long as the characteristic data obtained after feature extraction is performed on the "raw data generated on the screen of the terminal when the first application is clicked", it can be called the characteristic data generated on the screen of the terminal when the first application is clicked.
  • the standard deviation of the data generated on the screen of the terminal when the first application is clicked may also be replaced by the variance of the data generated on the screen of the terminal when the first application is clicked.
  • the user feature data is the data generated by the user clicking the screen of the terminal
  • the machine feature data is the data generated by the machine clicking the screen of the terminal.
  • any kind of feature data may be at least one of the following: motion sensor data of the terminal, or touch screen data of the terminal.
  • the motion sensor data of the terminal may be raw data generated by the motion sensor of the terminal, or feature data after feature extraction is performed on the raw data generated by the motion sensor of the terminal.
  • the server generates the token according to the human-machine identification model and the first characteristic data, including: the server inputs the first characteristic data into the human-computer identification model to obtain the first confidence degree; the server determines that the operator who generates the first service request is a user or a machine according to the first threshold and the first confidence degree, and generates a token.
  • the server determines that the operator who generates the first service request is a user or a machine according to the first confidence degree and the first threshold value, including: when the first confidence degree is greater than or equal to the first threshold value, the server determines that the operator of the first service request is a user; or, when the first confidence degree is less than the first threshold value, the server determines that the operator of the first service request is a machine.
  • the value range of the first threshold can be any value from 0 to 1, and the specific value of the first threshold can be set according to actual needs, that is, the value of the first threshold is not specifically limited.
  • the first threshold may be equal to 0, 0.1, 0.25 or 1, etc.
  • the server determines that the operator who generates the first service request is a user or a machine according to the first threshold and the first confidence level, and generates a token, including: when the operator determining the first service request according to the first threshold and the first confidence level is the same as the operator determining the first service request according to the second confidence level and the first threshold value, the server generates a token based on the operator who generates the first service request as a user or a machine.
  • the operator who determines the first service request according to the first threshold and the first confidence level, and the operator who determines the first service request according to the second confidence level and the first threshold may be the server.
  • the server uses the first public key to encrypt the parameters of the captcha to generate the first ciphertext, and sends the first ciphertext to the terminal; the server receives the second ciphertext sent by the terminal, and the second ciphertext is obtained by using the first ciphertext and the first public key to perform a homomorphic operation on the first feature data; the server uses the first private key to perform homomorphic decryption on the second ciphertext to obtain the second confidence.
  • the first private key and the first public key are the public-private key pair used in the homomorphic operation
  • the method for obtaining the first private key and the first public key is not specifically limited, for example, the first private key and the first public key can be obtained by using the existing method for obtaining the public-private key pair in the homomorphic operation.
  • the first ciphertext may also be preset in an application program of the terminal in advance.
  • FIG. 3 below shows a specific example of this implementation manner. For details, refer to the flow of the human-machine identification method described in FIG. 3 below, and details will not be repeated here.
  • the server before the server inputs the first characteristic data into the human-computer identification model to obtain the first confidence degree, the following steps may also be performed: the server receives the first signature value and the first characteristic data sent by the terminal, the first signature value is obtained by digitally signing the first characteristic data with the first private key; the server verifies the first signature value with the first public key, and determines that the verification is passed.
  • the first private key and the first public key are the public-private key pair used in the digital signature, and the method for obtaining the first private key and the first public key is not specifically limited, for example, the first private key and the first public key can be obtained by using the method of obtaining the public-private key pair in the existing digital signature technology.
  • FIG. 4 below shows a specific example of this implementation manner. For details, please refer to the flow of the human-machine identification method described in FIG. 4 below, which will not be described in detail here.
  • the token is used to indicate that the token is carried when sending the first service request of the first application program. That is to say, after the terminal device receives the token, if the terminal wants to send the first service request, the terminal needs to carry the token when sending the first service request.
  • the token may have a life cycle, and the length of the life cycle of the token is not specifically limited. For example, the token's lifetime may be 60 second(s) in length. It can be understood that when the token expires, the token can be released or deleted by the first application.
  • the first feature data may correspond to the first service request, or the first feature data may not correspond to the first service request.
  • the first service request can be understood as any service request sent by the first application program.
  • Step 220 the server receives the request sent by the terminal, and the request includes the first service request and the token.
  • the terminal sends the request to the server.
  • Step 230 the server determines that the first service request is a user operation or a machine operation according to the first association relationship and the token, and the server stores the first association relationship, which is the association relationship between the token and the operator who generated the first service request.
  • the first association relationship is stored on the server side, that is, after the server recognizes the token, it can know that the operator of the first service request corresponding to the token is a user or a machine.
  • the terminal side does not store the first association relationship, that is, the terminal does not know the function of the token after identifying the token, and the terminal only knows that the token is used to indicate that the token is carried when sending the first service request of the first application program. Based on this, the terminal will carry the token when sending the first service request to the server.
  • the server determines that the first service request is a user operation or machine operation according to the first association relationship and the token, including: the server determines the first service request as a user operation according to the first association relationship and the token, the operator who generates the first service request is the user, and the first characteristic data is data generated by the first application program that the user clicks on the terminal screen display;
  • the cloud server may also perform the following step: update the human-machine recognition model in the above step 210 by using the first feature data.
  • the above method shown in FIG. 2 is only for illustration and does not constitute any limitation to the human-machine identification method provided in this application.
  • the above-mentioned human-machine identification method shown in FIG. 2 provides a scheme for performing human-machine identification based on the data generated by clicking on the screen of the terminal by combining the server and the terminal.
  • the working mode combining the server and the terminal is adopted.
  • the server side generates a token according to the human-computer identification model and the first characteristic data, and the token is used to indicate that the token is carried when sending the first service request of the first application program, so that the request sent by the terminal received by the server includes both the first service request and the token.
  • the server can determine, according to the first association relationship and the token, that the operation corresponding to the first service request is a user operation or a machine operation.
  • this method can improve the efficiency of human-machine identification.
  • the human-machine recognition model is trained based on user characteristic data and machine characteristic data. There are obvious differences in the changes of user characteristic data and machine characteristic data. This method can also improve the accuracy of human-machine recognition.
  • the method can also improve the privacy of the human-machine identification model and the privacy information of the user data.
  • FIG. 3 and FIG. 4 are only intended to help those skilled in the art understand the embodiments of the present application, and are not intended to limit the embodiments of the present application to the illustrated specific values or specific scenarios. Those skilled in the art can obviously make various equivalent modifications or changes according to the examples in FIG. 3 and FIG. 4 given below, and such modifications and changes also fall within the scope of the embodiments of the present application.
  • Fig. 3 is a schematic flowchart of a specific embodiment of the method for human-computer identification provided by the embodiment of the present application. The method can be applied to, but not limited to, the system architecture 100 shown in FIG. 1 above. As shown in FIG. 3 , the method includes step 310 to step 370 . Steps 310 to 370 will be described in detail below.
  • Step 310 the cloud server trains the user feature data and the machine feature data to obtain a human-machine recognition model.
  • the user feature data at least includes motion sensor data generated by the user touching the screen, where the user touching the screen means that the user clicks on the screen of the terminal.
  • the motion sensor data generated by the user touch screen includes at least one of the following: the raw data of the motion sensor generated by the user touch screen (abbreviated as user raw data 1), the average value of the user raw data 1, the standard deviation of the user raw data 1, the average value of the difference between adjacent data in the user raw data 1, or the standard deviation of the difference between adjacent data in the user raw data 1.
  • Adjacent data in raw data 1 can be understood as motion sensor data collected at adjacent moments.
  • the above user feature data may also include touch screen data of the user's touch screen.
  • the touch screen data of the user touch screen includes at least one of the following: touch screen data generated by the user touch screen (abbreviated as user original data 2), the average value of the user original data 2, the standard deviation of the user original data 2, the average value of the difference between adjacent data in the user original data 2, or the standard deviation of the difference between adjacent data in the user original data 2.
  • Adjacent data in raw data 2 can be understood as motion sensor data collected at adjacent moments.
  • the above standard deviation can also be replaced by variance.
  • the touch screen data of the above-mentioned user touch screen may also include: the geometric distance (such as but not limited to, Euclidean distance or Mahalanobis distance, etc.) of adjacent data in the data generated by the terminal screen when the user clicks on the terminal application program.
  • the geometric distance such as but not limited to, Euclidean distance or Mahalanobis distance, etc.
  • the machine feature data includes at least motion sensor data generated by the machine touch screen, where the machine touch screen means that the machine clicks on the screen of the terminal.
  • the machine feature data may also include touch screen data of the machine touch screen.
  • the motion sensor data generated by the machine touch screen includes at least one of the following: the raw data of the motion sensor generated by the machine touch screen (abbreviated as machine raw data 1), the average value of the machine raw data 1, the standard deviation of the machine raw data 1, the average value of the difference between adjacent data in the machine raw data 1, or the standard deviation of the difference between adjacent data in the machine raw data 1.
  • Adjacent data in raw data 1 can be understood as motion sensor data collected at adjacent moments.
  • the above machine feature data may also include touch screen data of the machine touch screen.
  • the touch screen data of the machine touch screen includes at least one of the following: touch screen data generated by the machine touch screen (abbreviated as machine raw data 2), the average value of the machine raw data 2, the standard deviation of the machine raw data 2, the average value of the difference between adjacent data in the machine raw data 2, or the standard deviation of the difference between adjacent data in the machine raw data 2.
  • Adjacent data in raw data 2 can be understood as motion sensor data collected at adjacent moments.
  • the above standard deviation can also be replaced by variance.
  • the above-mentioned touch screen data of the machine touch screen may also include: the geometric distance (such as but not limited to, Euclidean distance or Mahalanobis distance, etc.) of adjacent data in the data generated by the terminal screen when the machine clicks on the terminal application.
  • the motion sensor data includes at least one of the following: an acceleration sensor, a gravity acceleration sensor, or a gyroscope.
  • the above touch screen data includes at least one of the following: touch screen area, touch screen delay stamp, touch screen delay, touch screen pressure, or touch screen coordinates.
  • the touch screen timestamp can be understood as the moment when the operator touches the screen of the terminal.
  • the touch screen delay can be understood as the moment when the operator lifts up from the terminal screen minus the moment when the operator presses the terminal screen.
  • the input and output of the human-machine recognition model may satisfy a linear relationship.
  • the human-machine recognition model can be a linear model, and the linear model can be expressed as the following formula:
  • w and b are the model parameters of the human-machine recognition model.
  • x is the input of the human-machine recognition model, for example, x may be a 14-dimensional vector, and the 14-dimensional vector may correspond to the average value of the above-mentioned user original data 1 .
  • the x may be a 10-dimensional vector, and the 10-dimensional vector may correspond to the standard deviation of the above-mentioned user original data 2 .
  • y is the output of the human-machine recognition model, and the output may be a confidence level.
  • w and x can be n-dimensional vectors, n is a positive integer.
  • the cloud server can determine whether the input corresponding to the confidence is a user operation or a machine operation by comparing the confidence with the threshold.
  • the selection of the threshold is not specifically limited.
  • the threshold may be, but not limited to, 0, 0.1, 0.5 or 1. Exemplarily, it is assumed that the threshold is equal to 0, if the confidence level is greater than 0, it is a machine operation, otherwise it is a user operation.
  • the cloud server can determine that the operation corresponding to x is a machine operation by comparing the threshold with y.
  • the cloud server may also perform the following operations: obtain the above-mentioned user feature data and the above-mentioned machine feature data from the terminal. It can be understood that when the terminal collects user characteristic data and machine characteristic data, it does not need to apply for any system authority, that is, the terminal can collect these data in a safe and compliant manner.
  • the human-machine recognition model is described below as an example based on the training of the following data: the average value of user original data 1, the average value of user original data 2, the average value of machine original data 1, and the average value of machine original data 2.
  • Step 320 the cloud server uses the public key #1 to encrypt the model parameters of the captcha model to obtain ciphertext #1, and sends the ciphertext #1 to the terminal, where the public key #1 is a key used by the homomorphic encryption algorithm.
  • the public key #1 is the key used by the homomorphic encryption algorithm, that is, the public key #1 is a key calculated by using the homomorphic encryption algorithm.
  • the homomorphic encryption algorithm can also be used to obtain the private key #1, and the private key #1 and the public key #1 are a public-private key pair.
  • the cloud server may also perform the following operations: use a homomorphic encryption algorithm to generate a public-private key pair, and the public-private key pair includes private key #1 and public key #1.
  • a homomorphic encryption algorithm to generate a public-private key pair
  • the public-private key pair includes private key #1 and public key #1.
  • the method for the cloud server to generate the public-private key pair by using the homomorphic encryption algorithm can be obtained by using the existing homomorphic encryption algorithm.
  • the model parameters of the human-computer recognition model include w.
  • the model parameters may also include b.
  • the model parameters of the human-computer identification model including w are used as an example in the following introduction.
  • the ciphertext #1 can be expressed as E(w), that is, E(w) is the result of encrypting w with the public key #1.
  • Step 330 in response to touch screen operation #1, the terminal acquires touch screen data #1 and sensor data #1.
  • the above touch screen operation #1 is not specifically limited.
  • the touch screen operation #1 may be a user touch screen operation.
  • the touch screen operation #1 may be a machine touch screen operation.
  • the touch screen operation #1 may include a user touch screen operation and a machine touch screen operation.
  • Touch screen data #1 may include touch screen data collected by the terminal within a period of time.
  • Sensor data #1 may include sensor data collected by the terminal within a period of time.
  • the length of the period of time is not specifically limited.
  • the period of time can be 5 seconds, 10 seconds, or 20 seconds.
  • a user can be understood as a human being.
  • the touch screen operation can be understood as the operation of clicking the screen of the terminal.
  • User touch screen operation (may be referred to as user operation for short), that is, an operation in which the user touches the screen of the terminal.
  • touch screen data #1 and sensor data #1 which may include the following steps: when the application (application, App) program of the terminal starts, SDK initialization is performed, and then the activity (activity) life cycle of the application is monitored.
  • touch screen operation #1 is detected, the SDK starts to collect touch screen data and sensor data collection, thereby obtaining touch screen data #1 and sensor data #1.
  • touch screen data #1 and sensor data #1 which may include the following steps: when the App of the terminal starts, initialize the SDK, then monitor the application's activity (activity) life cycle, and at the same time, the SDK starts to collect sensor data of the terminal; when touch screen operation #1 is detected, the SDK starts to collect touch screen data, thereby obtaining touch screen data #1.
  • the terminal can filter the terminal's sensors collected by the SDK according to the touch screen event timestamp to obtain sensor data #1.
  • the touch screen operation #1 is the operation of the application program #1 of the user's touch screen terminal as an example for introduction, that is, the touch screen data #1 and the sensor data #1 can be understood as the data generated by the application program #1 displayed by the user clicking on the terminal screen.
  • the touch screen data #1 may include the average value of the original data of the touch screen data generated by the user touching the screen.
  • the original data of the touch screen data may include but not limited to: touch screen area, touch screen delay stamp, touch screen delay, touch screen pressure and touch screen coordinates.
  • the sensor data #1 may include an average value of raw data of the motion sensor generated by the user touching the screen, and the raw data of the motion sensor includes output values of the motion sensor on the x-axis, y-axis and z-axis during the user's touch on the screen.
  • step 330 in response to touch screen operation #1, the terminal acquires touch screen data #1 and sensor data #1. That is to say, the data included in any set of touch screen data #1 and sensor data #1 can be obtained when the user normally touches (clicks) the application program #1 displayed on the screen of the terminal, without any additional operation by the user, and can realize human-machine recognition without user perception.
  • step 340 the terminal uses the ciphertext #1 to perform a homomorphic operation on the touch screen characteristic data #1 and the sensor characteristic data #1 to obtain ciphertext #2, and sends the ciphertext #2 to the cloud server.
  • the touch screen feature data #1 is obtained by processing the data in the touch screen data #1.
  • the touch screen feature data #1 may include: data obtained by averaging the touch screen area in the touch screen data #1, data obtained by averaging the touch screen delay in the touch screen data #1, and data obtained by averaging the touch screen pressure in the touch screen data #1.
  • the sensor feature data #1 is obtained by processing the data in the sensor data #1.
  • the sensor feature data #1 may include: data obtained by averaging the data on the x-axis in the sensor data #1, data obtained by averaging the data on the y-axis in the sensor data #1, and data obtained by averaging the data on the z-axis in the sensor data #1.
  • xi is the mean value feature of the x-axis data of the accelerometer, assuming that x i is obtained from m (m is a positive integer) group of data, then This equation is also a multivariate linear equation and does not have a unique solution. Therefore, even if the cloud server can recover the plaintext features, it cannot calculate the corresponding sensor data, and thus cannot obtain the biometric features of the user corresponding to the device.
  • the terminal motion sensor data cannot be recovered on the cloud server, that is, the user does not have private data transmitted to the cloud server, so as to ensure the privacy of user data.
  • the above step 340 may also include the following step: sending the touch screen characteristic data #1 and the sensor characteristic data #1 to the cloud server.
  • the cloud server side can also use the touch screen feature data #1 and sensor feature data #1 to retrain the human-machine recognition model obtained in step 310 to optimize the human-machine recognition model.
  • Step 350 the cloud server determines that the touch screen operation #1 is a user operation according to the human-machine identification confidence #1 and the threshold #1, generates a token #1, and sends the token #1 to the terminal.
  • the human-machine identification confidence #1 is obtained by decrypting the ciphertext #2 with the private key #1.
  • the terminal receives the token #1 sent by the cloud server.
  • the token #1 is used to indicate that the service request #1 generated by the application program #1 carries the token #1.
  • Business request #1 can be understood as any business request generated by application program #1.
  • service request #1 may be a service request corresponding to touch screen characteristic data #1 and sensor characteristic data #1.
  • the service request #1 may not be the service request corresponding to the touch screen characteristic data #1 and the sensor characteristic data #1.
  • the cloud server In the above step 350, the cloud server generates the corresponding token #1 after determining that the touch screen operation #1 is a user operation. Thereafter, the cloud server side stores an association relationship #1, which represents the association relationship between the token #1 and the operator who generates the service request #1 by the application program #1 of the terminal as the user.
  • the method for the cloud server to generate the corresponding token #1 according to the touch screen operation #1 as the user operation is not specifically limited. In the embodiment of the present application, after the cloud server identifies the token #1, it can determine that the touch screen operation #1 indicated by the token #1 is a user operation according to the association relationship #1.
  • the terminal side (such as but not limited to the application program #1 on the terminal side) can store token #1, but after the terminal recognizes the token #1, the terminal can only know that the token #1 needs to be carried when sending the service request #1 of the application program #1, but the terminal does not know the role of the token #1. That is to say, after the terminal acquires the token #1, the following result cannot be obtained by processing the token #1: the touch screen operation #1 corresponding to the service request #1 is a user operation. In other words, association relationship #1 is not stored in the terminal.
  • the token #1 may have a life cycle, and the length of the life cycle of the token #1 is not specifically limited. For example, the length of the lifetime of token #1 may be 30 second(s). It can be understood that when the token #1 expires, the token #1 can be released or deleted by the application #1.
  • the private key #1 is the key used by the homomorphic encryption algorithm, and the private key #1 and the public key #1 are a key pair.
  • the value range of the human-computer recognition confidence level #1 can be any value from 0 to 1.
  • the size of the threshold #1 may be determined according to an actual application scenario, and the size of the threshold #1 is not specifically limited. For the convenience of description, in this embodiment of the present application, it is assumed that: threshold #1 is equal to 0; the human-computer recognition confidence (that is, the output result of the human-computer recognition model) is greater than or equal to the threshold #1, and the operation corresponding to the input of the human-computer recognition model corresponding to the human-computer recognition confidence is a user operation.
  • the cloud server may also perform the following steps after the above step 350: use the touch screen feature data #1 and sensor feature data #1 to update the human-machine recognition model obtained in the above step 310.
  • Step 360 within the life cycle of the token #1, the terminal sends a request #1 to the cloud server, the request #1 includes the service request #1 and the token #1, and the service request #1 is a service request sent by the application program #1 of the terminal.
  • the terminal has received the token #1 sent by the cloud server, and the token #1 is used to indicate that the service request #1 of the application program #1 carries the token #1, token #1. Based on this, the terminal will carry the token #1 when sending the service request #1, that is, the terminal can send the service request #1 and the token #1 to the cloud server by sending the request #1.
  • Step 370 the cloud server determines the operation performed by the user for the service request #1 according to the token #1, and executes the request corresponding to the service request #1.
  • the cloud server determines that the service request #1 is an operation performed by the user according to the token #1, which may include the following steps: the cloud server determines that the service request #1 is the operation token #1 performed by the user according to the locally stored association relationship #1 and request #1.
  • the operations performed by the terminal in the above method can be implemented, but not limited to, at the application layer of the terminal, and the operating system of the terminal can be but not limited to one of the following: Android, iOS, or HarmonyOs.
  • FIG. 3 is only for illustration, and does not constitute any limitation to the human-machine identification method provided in the embodiment of the present application.
  • the methods described in FIG. 3 above all take touch screen operation #1 as user operation as an example.
  • touch screen operation #1 can also be replaced by machine operation.
  • association relationship #1 represents the association relationship between token #1 and machine operation.
  • the cloud server determines that touch screen operation #1 is a user operation according to human-machine recognition confidence #1 and threshold #1 can be replaced with "the cloud server determines touch-screen operation #1 as machine operation according to human-machine recognition confidence #1 and threshold #1”
  • the above step 370 can be replaced with the following step: the cloud server determines that the service request #1 is an operation performed by a machine according to the token #1, and does not execute the request corresponding to the service request #1.
  • the human-machine identification method provided in the embodiment of the present application uses a working mode combining a cloud server and a terminal.
  • the data sent by the terminal to the cloud server are data features extracted from a small amount of motion sensor data and touch screen data (for example, average value and/or standard deviation, etc.), and the cloud server cannot recover the original sensor data based on these data features, that is, the data sent by the terminal to the cloud server cannot be associated with specific users and specific devices, and does not contain user privacy information;
  • the human-computer identification model used for human-machine identification is deployed on the cloud server, and the human-machine identification is completed in the cloud server.
  • the working logic of the model can be deduced further, so the confidentiality of the captcha model can also be protected.
  • the human-machine recognition model is trained based on user characteristic data and machine characteristic data. There are obvious differences in the changes of user characteristic data and machine characteristic data (user characteristic data fluctuates greatly, and machine characteristic data fluctuates less). This method can also improve the accuracy of human-machine recognition.
  • the human-machine identification method provided by the embodiment of the present application not only realizes machine automation attack protection, but also ensures user privacy and the confidentiality of the human-machine identification model, and can also improve the accuracy of human-machine identification.
  • Fig. 4 is a schematic flowchart of another specific embodiment of the method for human-computer identification provided by the embodiment of the present application.
  • the method can be applied to, but not limited to, the system architecture 100 shown in FIG. 1 above.
  • the method includes step 410 to step 470. Step 410 to step 470 will be described in detail below.
  • Step 410 the cloud server trains the user feature data and the machine feature data to obtain a human-machine recognition model.
  • the user feature data at least includes motion sensor data generated by the user touching the screen, where the user touching the screen means that the user clicks on the screen of the terminal.
  • the motion sensor data generated by the user touch screen includes at least one of the following: the raw data of the motion sensor generated by the user touch screen (abbreviated as user raw data 1), the average value of the user raw data 1, the standard deviation of the user raw data 1, the average value of the difference between adjacent data in the user raw data 1, or the standard deviation of the difference between adjacent data in the user raw data 1.
  • Adjacent data in raw data 1 can be understood as motion sensor data collected at adjacent moments.
  • the above user feature data may also include touch screen data of the user's touch screen.
  • the touch screen data of the user touch screen includes at least one of the following: touch screen data generated by the user touch screen (abbreviated as user original data 2), the average value of the user original data 2, the standard deviation of the user original data 2, the average value of the difference between adjacent data in the user original data 2, or the standard deviation of the difference between adjacent data in the user original data 2.
  • Adjacent data in raw data 2 can be understood as motion sensor data collected at adjacent moments.
  • the above standard deviation can also be replaced by variance.
  • the touch screen data of the above-mentioned user touch screen may also include: the geometric distance (such as but not limited to, Euclidean distance or Mahalanobis distance, etc.) of adjacent data in the data generated by the terminal screen when the user clicks on the terminal application program.
  • the geometric distance such as but not limited to, Euclidean distance or Mahalanobis distance, etc.
  • the machine feature data includes at least motion sensor data generated by the machine touch screen, where the machine touch screen means that the machine clicks on the screen of the terminal.
  • the machine feature data may also include touch screen data of the machine touch screen.
  • the motion sensor data generated by the machine touch screen includes at least one of the following: the raw data of the motion sensor generated by the machine touch screen (abbreviated as machine raw data 1), the average value of the machine raw data 1, the standard deviation of the machine raw data 1, the average value of the difference between adjacent data in the machine raw data 1, or the standard deviation of the difference between adjacent data in the machine raw data 1.
  • Adjacent data in raw data 1 can be understood as motion sensor data collected at adjacent moments.
  • the above machine feature data may also include touch screen data of the machine touch screen.
  • the touch screen data of the machine touch screen includes at least one of the following: touch screen data generated by the machine touch screen (abbreviated as machine raw data 2), the average value of the machine raw data 2, the standard deviation of the machine raw data 2, the average value of the difference between adjacent data in the machine raw data 2, or the standard deviation of the difference between adjacent data in the machine raw data 2.
  • Adjacent data in raw data 2 can be understood as motion sensor data collected at adjacent moments.
  • the above standard deviation can also be replaced by variance.
  • the above-mentioned touch screen data of the machine touch screen may also include: the geometric distance (such as but not limited to, Euclidean distance or Mahalanobis distance, etc.) of adjacent data in the data generated by the terminal screen when the machine clicks on the terminal application.
  • the motion sensor data includes at least one of the following: an acceleration sensor, a gravity acceleration sensor, or a gyroscope.
  • the above touch screen data includes at least one of the following: touch screen area, touch screen delay stamp, touch screen delay, touch screen pressure, or touch screen coordinates (Euclidean distance can be calculated).
  • the touch screen timestamp can be understood as the moment when the operator touches the screen of the terminal.
  • the touch screen delay can be understood as the moment when the operator lifts up from the terminal screen minus the moment when the operator presses the terminal screen.
  • the input and output of the human-machine recognition model may satisfy a linear relationship.
  • the human-machine recognition model can be a linear model, and the linear model can be expressed as the following formula:
  • w and b are the model parameters of the human-machine recognition model.
  • x is the input of the human-machine recognition model, for example, x may be a 14-dimensional vector, and the 14-dimensional vector may correspond to the average value of the above-mentioned user original data 1 .
  • the x may be a 10-dimensional vector, and the 10-dimensional vector may correspond to the standard deviation of the above-mentioned user original data 2 .
  • y is the output of the human-machine recognition model, and the output may be a confidence level.
  • w and x can be n-dimensional vectors, n is a positive integer.
  • the cloud server can determine whether the input corresponding to the confidence is a user operation or a machine operation by comparing the confidence with the threshold.
  • the range of the threshold is any value from 0 to 1, and the selection of the threshold is not specifically limited.
  • the threshold may be but not limited to one of the following: 0, 0.1, 0.2, or 0.5.
  • the cloud server can determine that the operation corresponding to x is a machine operation by comparing the threshold with y.
  • the cloud server may also perform the following operations: obtain the above-mentioned user feature data and the above-mentioned machine feature data from the terminal.
  • the human-machine recognition model is trained according to the following data: the average value of user original data 1, the standard deviation of user original data 1, the average value of machine original data 1, and the standard deviation of machine original data 1.
  • Step 420 in response to touch screen operation #1, the terminal obtains touch screen characteristic data #1 and sensor characteristic data #1.
  • the above touch screen operation #1 is not specifically limited.
  • the touch screen operation #1 may be a user touch screen operation.
  • the touch screen operation #1 may be a machine touch screen operation.
  • the touch screen operation #1 may include a user touch screen operation and a machine touch screen operation.
  • Touch screen feature data #1 may include touch screen data collected by the terminal within a period of time.
  • Sensor feature data #1 may include sensor data collected by the terminal within a period of time.
  • the length of the period of time is not specifically limited.
  • the period of time can be 5 seconds, 10 seconds, or 20 seconds.
  • a user can be understood as a human being.
  • the touch screen operation can be understood as the operation of clicking the screen of the terminal.
  • User touch screen operation (may be referred to as user operation for short), that is, an operation in which the user touches the screen of the terminal.
  • touch screen characteristic data #1 and sensor characteristic data #1 which may include the following steps: when the App of the terminal is started, perform SDK initialization, and then monitor the application activity (activity) life cycle.
  • touch screen operation #1 is detected, the SDK starts to collect touch screen data and sensor data collection, thereby obtaining touch screen characteristic data #1 and sensor characteristic data #1.
  • touch screen data #1 and sensor data #1 which may include the following steps: when the App of the terminal starts, initialize the SDK, then monitor the application's activity (activity) life cycle, and at the same time, the SDK starts to collect sensor data of the terminal; when touch screen operation #1 is detected, the SDK starts to collect touch screen data, thereby obtaining touch screen data #1.
  • the terminal can filter the terminal's sensors collected by the SDK according to the touch screen event timestamp to obtain sensor data #1.
  • the touch screen operation #1 is the operation of the application program #1 of the touch screen terminal of the machine as an example. That is, the touch screen characteristic data #1 and the sensor characteristic data #1 can be understood as the data generated by the application program #1 displayed by the machine clicking on the terminal screen.
  • the touch screen characteristic data #1 may include the average value of the original data of the touch screen data generated by the machine touch screen.
  • the original data of the touch screen data may include but not limited to: touch screen area, touch screen delay stamp, touch screen delay, touch screen pressure and touch screen coordinates.
  • the sensor characteristic data #1 may include the average value of the raw data of the motion sensor generated by the machine touch screen, and the raw data of the motion sensor includes the output values of the motion sensor on the x-axis, y-axis and z-axis during the machine touch screen.
  • Step 430 the terminal uses the private key #1 to digitally sign the touch screen characteristic data #1 and the sensor characteristic data #1 to obtain the signature value #1, and send the signature value #1, touch screen characteristic data #1 and sensor characteristic data #1 to the cloud server.
  • the terminal uses the private key #1 to digitally sign the touch screen characteristic data #1 and the sensor characteristic data #1 to obtain the signature value #1, which may include the following steps: the terminal performs hash processing on the touch screen characteristic data #1 and the sensor characteristic data #1 to obtain a hash value; encrypts the hash value with the private key #1 to obtain the signature value #1.
  • the terminal when the terminal executes the above step 420 and the above step 430, it may be executed in the TEE.
  • Step 440 the cloud server uses the public key #1 to verify the signature value #1, and determines that the verification is passed.
  • the cloud server determines that the verification is passed, that is, the signature value #1 has not been attacked by an attacker (for example, tampering with the information of the signature value #1) during the process from the terminal to the cloud server to the cloud server receiving the signature value #1. It can also be understood that the signature value #1 has passed the verification, that is, any set of touch screen feature data #1 and sensor feature data #1 sent to the cloud server together with the signature value #1 has not been attacked by an attacker, that is, any set of touch screen feature data #1 and sensor feature data #1 received by the cloud server is trusted data.
  • step 440 can also be replaced with the following step: the cloud server uses the public key #1 to verify the signature value #1, and determines that the verification fails. That is, the signature value #1 received by the cloud server is the signature value after being attacked by the attacker.
  • the following steps 450 to 470 are not executed.
  • Step 450 when the signature value #1 is verified, the cloud server determines that the touch screen operation #1 is a machine operation according to the touch screen feature data #1 and the sensor feature data #1, generates a token #1, and sends the token #1 to the terminal.
  • the terminal receives the token #1 sent by the cloud server.
  • Token #1 is used to indicate that token #1 is carried when sending service request #1 of application #1.
  • Business request #1 can be understood as any business request generated by application program #1.
  • service request #1 may be a service request corresponding to touch screen characteristic data #1 and sensor characteristic data #1.
  • the service request #1 may not be the service request corresponding to the touch screen characteristic data #1 and the sensor characteristic data #1.
  • the cloud server In the above step 450, the cloud server generates the corresponding token #1 after determining that the touch screen operation #1 is a machine operation. Thereafter, the cloud server side stores an association relationship #1, which indicates the association relationship between the token #1 and the operator who generates the service request #1 by the application program #1 of the terminal as a machine operation. Token #1 Token #1 does not specifically limit the method for generating the corresponding token #1 according to the touch screen operation #1 as a machine operation. In the embodiment of the present application, after the cloud server identifies the token #1, it can be determined according to the association relationship #1 that the touch screen operation #1 indicated by the token #1 is a machine operation.
  • Token #1 Token #1 Token #1 It can be understood that in the embodiment of the present application, the terminal side (such as but not limited to application program #1) can store token #1, but after the terminal recognizes the token #1, the terminal can only know that the token #1 needs to be carried when sending the service request #1, but the terminal does not know the role of the token #1.
  • Token #1 means that after the token #1 terminal acquires the token #1, the following result cannot be obtained by processing the token #1: the touch screen operation #1 corresponding to the service request #1 of the token #1 is a machine operation.
  • the association relationship #1 token #1 is not stored in the terminal.
  • the token #1 may have a life cycle, and the length of the life cycle of the token #1 is not specifically limited. For example, the length of the lifetime of token #1 may be 30 second(s). It can be understood that when the token #1 expires, the token #1 can be released or deleted by the application #1.
  • the cloud server determines that the touch screen operation #1 is a machine operation according to the touch screen feature data #1 and the sensor feature data #1, which may include the following steps: the cloud server obtains the confidence level #1 by inputting the touch screen feature data #1 and the sensor feature data #1 into the human-machine recognition model, and the confidence level #1 is the output result of the human-machine recognition model; the cloud server determines that the touch screen operation #1 is a machine operation by comparing the confidence level #1 and the threshold #1.
  • the value range of the human-computer recognition confidence level #1 can be any value from 0 to 1.
  • the size of the threshold #1 may be determined according to an actual application scenario, and the size of the threshold #1 is not specifically limited.
  • the threshold #1 is equal to 0.2; the human-machine recognition confidence (that is, the output result of the human-computer recognition model) is greater than or equal to the threshold #1, and the operation corresponding to the input of the human-computer recognition model corresponding to the human-computer recognition confidence is a machine operation.
  • the confidence level #1 may be any value greater than or equal to the threshold #1 and not greater than 1, for example, the confidence level #1 may be 0.3 or 0.69.
  • the cloud server may also perform the following step: update the human-machine recognition model obtained in the above step 410 by using the touch screen characteristic data #1 and the sensor characteristic data #1.
  • Step 460 within the life cycle of the token #1, the terminal sends a request #1 to the cloud server, the request #1 includes the service request #1 and the token #1, and the service request #1 is a service request sent by the application program #1 of the terminal.
  • the terminal has received the token #1 sent by the cloud server, and the token #1 is used to indicate that the token #1 is carried when sending the service request #1. Based on this, the terminal will carry the token #1 when sending the service request #1, that is, the terminal can send the service request #1 and the token #1 to the cloud server by sending the request #1.
  • Step 470 the cloud server determines that the service request #1 is an operation performed by the machine according to the token #1, and ignores the request corresponding to the service request #1.
  • the cloud server determines that the service request #1 is an operation performed by the machine according to the token #1, which may include the following steps: the cloud server determines that the service request #1 is an operation performed by the machine according to the locally stored association relationship #1 and request #1, token #1.
  • the operations performed by the terminal can be, but not limited to, implemented at the application layer of the terminal, and the operating system of the terminal can be but not limited to one of the following: Android, iOS, or HarmonyOs.
  • touch screen operation #1 can also be replaced by user operation.
  • association relationship #1 represents the association relationship between token #1 and user operation.
  • the characteristic data #1 and the sensor characteristic data #1 determine that the touch screen operation #1 is a user operation”
  • the above step 470 can be replaced by the following step: the cloud server determines that the service request #1 is an operation performed by the user according to the token #1, and executes the request corresponding to the service request #1.
  • the human-machine identification method uses a working mode combining a cloud server and a terminal.
  • the details include: the data sent by the terminal to the cloud server is data features extracted from a small amount of motion sensor data and touch screen data (for example, average value or standard deviation, etc.), the cloud server cannot restore the original sensor data based on these data features, the data sent by the terminal device to the cloud server cannot be associated with specific users and specific devices, and does not contain user privacy information; Then the working logic of the model can be deduced, so the confidentiality of the human-computer identification model can also be protected.
  • the human-machine recognition model is trained based on user characteristic data and machine characteristic data. There are obvious differences in the changes of user characteristic data and machine characteristic data.
  • This method can also improve the accuracy of human-machine recognition.
  • this method realizes the privacy protection of user data (namely, touch screen characteristic data #1 and sensor characteristic data #1) by using digital signature method in TEE, removes the homomorphic encryption operation on the terminal side, and this method can be optimized in terms of calculation speed and memory usage.
  • the human-machine identification method provided by the embodiment of the present application not only realizes machine automation attack protection, but also ensures user privacy and the confidentiality of the human-machine identification model, and can also improve the accuracy and efficiency of human-machine identification.
  • the method for human-computer identification shown in FIG. 3 above is introduced by taking the homomorphic encryption algorithm as an example.
  • the human-computer identification method shown in FIG. 4 above is introduced by taking the digital signature algorithm as an example.
  • the embodiments of the human-machine identification method shown in the above-mentioned FIG. 3 and the above-mentioned FIG. 4 are only illustrative, and do not constitute any limitation to the human-machine identification method provided in the embodiment of the present application.
  • the above encryption algorithm (that is, homomorphic encryption algorithm or digital signature) can also be replaced by other encryption algorithms, such as other encryption algorithms can be but not limited to advanced encryption standard (advanced encryption standard, AES) algorithm, the encryption process using AES encryption can be the existing AES encryption process, the embodiment of the present application does not specifically limit this.
  • AES advanced encryption standard
  • Fig. 5 is a schematic flow chart of a method for human-computer identification provided by an embodiment of the present application. This method can be applied to terminals. As shown in FIG. 5 , the method includes step 510 to step 540 . Step 510 to step 540 will be described in detail below.
  • step 510 the terminal acquires a human-machine identification model.
  • the terminal obtaining the human-machine recognition model may include the following steps: the terminal obtains the human-machine recognition model from a server, and the human-machine recognition model may be obtained by the server training user characteristic data and machine characteristic data.
  • the terminal may also send user characteristic data and machine characteristic data to the server.
  • the method for the server to train the human-machine recognition model obtained by the user characteristic data and the machine characteristic data is the same as the execution flow of the method shown in the above step 310 and the above step 410 .
  • the terminal obtaining the human-machine recognition model may include the following steps: the terminal obtains the human-machine recognition model from a server, and the human-machine recognition model may be obtained by the server training user characteristic data and machine characteristic data.
  • the terminal may also send user characteristic data and machine characteristic data to the server.
  • the method for the server to train the human-machine recognition model obtained by the user characteristic data and the machine characteristic data is the same as the execution flow of the method shown in the above step 310 and the above step 410 .
  • acquiring the human-machine recognition model by the terminal may also include the following steps: the terminal trains user characteristic data and machine characteristic data to obtain the human-computer recognition model.
  • the terminal trains user characteristic data and machine characteristic data to obtain the human-computer recognition model.
  • the method for the terminal to obtain the human-machine recognition model by training according to the user characteristic data and the machine characteristic data for example, but not limited to, using the existing machine learning method to obtain the human-machine recognition model.
  • Step 520 in response to touch screen operation #1, the terminal acquires touch screen data #1 and sensor data #1, which are data generated by the application program #1 displayed by the user clicking on the screen of the terminal.
  • the method for the terminal to obtain touch screen data #1 and sensor data #1 is the same as the execution process of the method shown in the above step 330 and the above step 420, only the execution subject is different.
  • the execution process of the method shown in the above step 330 and the above step 420 is the same as the execution process of the method shown in the above step 330 and the above step 420, only the execution subject is different.
  • Step 530 the terminal determines that the touch screen operation #1 is a user operation according to the human-computer identification model, the touch screen feature data #1 and the sensor feature data #1, and generates a token #1, which is used to indicate the service request of the application program #1.
  • the terminal determines that the touch screen operation #1 is a user operation according to the human-machine identification model, the touch screen characteristic data #1 and the sensor characteristic data #1, which may include the following steps: the terminal inputs the touch screen characteristic data #1 and the sensor characteristic data #1 into the human-machine identification model to obtain the confidence level #1; by comparing the confidence level #1 and the threshold value #1, it is determined that the touch screen operation #1 is a user operation.
  • the token #1 may be stored in the application program #1 of the terminal.
  • Step 540 the terminal sends the service request #1 of the application program #1.
  • Sending the service request #1 of the application program #1 by the terminal may include: sending the service request #1 of the application program #1 by the terminal to the application server.
  • the application server may provide the terminal with the network resources requested by the service request #1.
  • the terminal when the terminal executes the above step 510 to the above step 540, it may be executed in the TEE.
  • the operations performed by the terminal can be implemented, but not limited to, at the application layer of the terminal, and the operating system of the terminal can be but not limited to one of the following: Android, iOS, or HarmonyOs.
  • the human-machine identification method shown in FIG. 5 above is only for illustration, and does not constitute any limitation to the human-machine identification method provided in the embodiment of the present application.
  • the touch screen data #1 and sensor data #1 in the above step 520 may also be data generated by the machine clicking the application program #1 displayed on the screen of the terminal. Based on this, determining that touch screen operation #1 is a user operation in step 530 may be replaced by determining that touch screen operation #1 is a machine operation.
  • the token #1 used to indicate that the service request of the application program #1 is sent may be replaced by, the token #1 is used to indicate that the service request of the application program #1 is not sent.
  • the terminal does not perform the above step 540 .
  • the above step 530 and the above step 540 can also be replaced by the following steps: the terminal determines that the touch screen operation #1 is a user operation according to the human-machine identification model, the touch screen characteristic data #1 and the sensor characteristic data #1, and performs symmetric encryption on the touch screen result (that is, the touch screen operation #1 is a user operation) to obtain a token #1, and the token #1 is used to indicate that the operator of the service request sent by the application program #1 is a user; the terminal sends the token #1 and the service request #1 of the application program #1 to the server.
  • the server receives the service request #1 and the token #1, and after decrypting the token #1, the server determines that the operator who executes the service request #1 is the user, and then the server can execute the request corresponding
  • the human-machine identification model is deployed on the terminal side, and the terminal can perform human-machine identification on the service request #1 to be sent by the terminal according to the human-machine identification model and the data generated by clicking on the screen of the terminal (that is, touch screen data #1 and sensor data #1).
  • the terminal will send the service request #1.
  • the human-machine recognition model is trained based on user characteristic data and machine characteristic data. There are obvious differences in the changes of user characteristic data and machine characteristic data. This method can improve the accuracy of human-machine recognition. The method does not need the terminal to interact with the server in the process of realizing human-machine identification, and can simplify the process of human-machine identification.
  • sequence numbers of the above-mentioned processes do not mean the order of execution, and the execution order of each process should be determined by its functions and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present application.
  • the human-machine identification method provided by the embodiment of the present application is described in detail above with reference to FIG. 2 to FIG. 5 , and the human-computer identification device provided by the present application will be described in detail below in conjunction with FIG. 6 and FIG. 7 . It should be understood that the descriptions of the device embodiments correspond to the descriptions of the method embodiments. Therefore, for content that is not described in detail, reference may be made to the method embodiments above. For brevity, some content will not be repeated here.
  • the functional modules of the server or terminal can be divided according to the above method example, for example, each functional module can be divided corresponding to each function, or two or more functions can be integrated into one processing module.
  • the above-mentioned integrated modules can be implemented in the form of hardware or in the form of software function modules. It should be noted that the division of modules in the embodiment of the present application is schematic, and is only a logical function division, and there may be other division methods in actual implementation. In the following, description will be made by taking the division of each functional module corresponding to each function as an example.
  • FIG. 6 is a schematic structural diagram of a device 600 for human-machine recognition provided by an embodiment of the present application.
  • the communication device 600 includes a transceiver unit 610 and a processing unit 620,
  • the apparatus 600 may further include a storage unit, which may be used to store instructions and/or data, and the processing unit 620 may read the instructions and/or data in the storage unit, so that the apparatus implements the aforementioned method embodiments.
  • a storage unit which may be used to store instructions and/or data
  • the processing unit 620 may read the instructions and/or data in the storage unit, so that the apparatus implements the aforementioned method embodiments.
  • the device 600 can be used to execute the actions performed by the server or the cloud server in the above method embodiments.
  • the device 600 can be a server or a cloud server, or the device 600 can be a component that can be configured on the server or the cloud server.
  • the transceiver unit 610 is used to perform operations related to the sending and receiving of the server or the cloud server in the above method embodiments
  • the processing unit 620 is used to perform operations related to the processing of the server or the cloud server in the above method embodiments.
  • the apparatus 600 can be used to execute the actions performed by the terminal in the above method embodiments.
  • the apparatus 600 can be a terminal or a component that can be configured in the terminal.
  • the transceiver unit 610 is used to perform operations related to the sending and receiving of the terminal in the above method embodiments
  • the processing unit 620 is used to perform operations related to terminal processing in the above method embodiments.
  • the processing unit 620 in the above embodiments may be implemented by at least one processor or processor-related circuits.
  • the transceiver unit 610 may be implemented by a transceiver or transceiver-related circuits.
  • the storage unit can be realized by at least one memory.
  • FIG. 7 is a schematic diagram of a hardware structure of a human-machine recognition device 700 provided in an embodiment of the present application.
  • the human-computer identification device 700 includes a processor 701 , a memory 702 , an interface 703 and a bus 704 .
  • the interface 703 can be implemented in a wireless or wired manner, specifically, it can be a network card.
  • the aforementioned processor 701 , memory 702 and interface 703 are connected through a bus 704 .
  • the apparatus 700 shown in FIG. 7 may execute the corresponding steps performed by the server or the cloud server in the foregoing method embodiments.
  • the server or the cloud server may execute the corresponding steps performed by the server or the cloud server in the foregoing method embodiments.
  • the interface 703 may specifically include a sender and a receiver for the server or cloud server to implement the above-mentioned sending and receiving.
  • the processor 701 is configured to execute the processing performed by the server or the cloud server in the above embodiments.
  • the memory 702 includes an operating system 7021 and an application program 7022 for storing programs, codes or instructions. When the processor or hardware device executes these programs, codes or instructions, the processing process involving the server or cloud server in the method embodiment can be completed.
  • the memory 702 may include a read-only memory (read-only memory, ROM) and a random access memory (random access memory, RAM).
  • the ROM includes a basic input/output system (basic input/output system, BIOS) or an embedded system
  • the RAM includes an application program and an operating system.
  • the BIOS solidified in the ROM or the bootloader boot system in the embedded system is started, and the human-machine identification device 700 is guided into a normal operating state.
  • the application program and the operating system in the RAM are run, thereby completing the processing process involving the human-machine identification device 700 in the method embodiment.
  • the apparatus 700 shown in FIG. 7 may execute corresponding steps performed by the terminal in the foregoing method embodiments, and for details, refer to relevant descriptions in the foregoing method embodiments.
  • the interface 703 may specifically include a transmitter and a receiver, which are used for the terminal to realize the foregoing transceiving.
  • the processor 701 is configured to execute the processing performed by the terminal in the foregoing embodiments.
  • the memory 702 includes an operating system 7021 and an application program 7022, which are used to store programs, codes or instructions. When the processor or hardware device executes these programs, codes or instructions, the processing process related to the terminal in the method embodiment can be completed.
  • the memory 702 may include a read-only memory (read-only memory, ROM) and a random access memory (random access memory, RAM).
  • the ROM includes a basic input/output system (basic input/output system, BIOS) or an embedded system
  • the RAM includes an application program and an operating system.
  • FIG. 7 only shows a simplified design of the device 700 for human-machine identification.
  • a server or cloud server may contain any number of interfaces, processors or memories.
  • the embodiment of the present application also provides a computer-readable medium, the computer-readable medium stores program codes, and when the computer program codes run on a computer, the computer executes the method performed by the above-mentioned server or cloud server.
  • These computer-readable storages include, but are not limited to, one or more of the following: read-only memory (read-only memory, ROM), programmable ROM (programmable ROM, PROM), erasable PROM (erasable PROM, EPROM), Flash memory, electrical EPROM (electrically EPROM, EEPROM) and hard drive (hard drive).
  • the embodiment of the present application also provides a computer-readable medium, the computer-readable medium stores program codes, and when the computer program codes are run on a computer, the computer is made to execute the above-mentioned method performed by the terminal.
  • These computer-readable storages include, but are not limited to, one or more of the following: read-only memory (read-only memory, ROM), programmable ROM (programmable ROM, PROM), erasable PROM (erasable PROM, EPROM), Flash memory, electrical EPROM (electrically EPROM, EEPROM) and hard drive (hard drive).
  • the embodiment of the present application also provides a chip, which is applied to a server or a cloud server.
  • the chip includes: at least one processor, at least one memory, and an interface circuit.
  • the interface circuit is responsible for information interaction between the chip and the outside world.
  • the at least one memory, the interface circuit, and the at least one processor are interconnected through lines, and instructions are stored in the at least one memory;
  • the chip can be implemented as a central processing unit (CPU), microcontroller (micro controller unit, MCU), microprocessor (micro processing unit, MPU), digital signal processor (digital signal processing, DSP), system on chip (system on chip, SoC), application-specific integrated circuit (application-specific integrated circuit, ASIC) , field programmable gate array (field programmable gate array, FPGA) or programmable logic device (programmable logic device, PLD).
  • An embodiment of the present application also provides a chip, which is applied to a terminal, and the chip includes: at least one processor, at least one memory, and an interface circuit, the interface circuit is responsible for information interaction between the chip and the outside world, the at least one memory, the interface circuit, and the at least one processor are interconnected through lines, and instructions are stored in the at least one memory; the instructions are executed by the at least one processor to perform operations involving the terminal in the methods of the above aspects.
  • the chip can be implemented as a central processing unit (CPU), microcontroller (micro controller unit, MCU), microprocessor (micro processing unit, MPU), digital signal processor (digital signal processing, DSP), system on chip (system on chip, SoC), application-specific integrated circuit (application-specific integrated circuit, ASIC) , field programmable gate array (field programmable gate array, FPGA) or programmable logic device (programmable logic device, PLD).
  • CPU central processing unit
  • MCU microcontroller
  • microprocessor micro processing unit, MPU
  • DSP digital signal processor
  • SoC system on chip
  • ASIC application-specific integrated circuit
  • FPGA field programmable gate array
  • PLD programmable logic device
  • the embodiment of the present application also provides a computer program product, which is applied to a server or a cloud server.
  • the computer program product includes a series of instructions. When the instructions are executed, the operations of the server or the cloud server in the methods of the above aspects are performed.
  • the embodiment of the present application also provides a computer program product, which is applied to a terminal, and the computer program product includes a series of instructions. When the instructions are executed, the operation of the terminal in the method of the above aspects is performed.
  • the embodiment of the present application also provides a human-machine identification system, including: the above-mentioned server or cloud server and a terminal.
  • the disclosed systems, devices and methods may be implemented in other ways.
  • the device embodiments described above are only illustrative.
  • the division of the units is only a logical function division. In actual implementation, there may be other division methods.
  • multiple units or components may be combined or integrated into another system, or some features may be ignored or not implemented.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit.
  • the functions described above are realized in the form of software function units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on such an understanding, the technical solution of the present application can be embodied in the form of a software product in essence or the part that contributes to the prior art or a part of the technical solution.
  • the computer software product is stored in a storage medium and includes several instructions to make a computer device (which can be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the application.
  • the aforementioned storage medium includes: various media that can store program codes such as U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Biology (AREA)
  • Evolutionary Computation (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

一种人机识别的方法和装置。该方法可以应用于服务器,包括:根据人机识别模型和第一特征数据生成令牌,向终端发送令牌,人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,第一特征数据是点击终端的屏幕显示的第一应用程序生成的,令牌指示发送第一应用程序生成的第一业务请求时携带该令牌,用户特征数据和机器特征数据是点击终端的屏幕生成的;接收终端发送的请求,请求包括第一业务请求和令牌;根据第一关联关系和令牌,确定第一业务请求为用户操作,或机器操作,服务器存储第一关联关系,第一关联关系为令牌与生成第一业务请求的操作者间的关联关系。该方法可以提高人机识别的效率和准确率。

Description

人机识别的方法和装置
本申请要求于2022年1月21日提交中国专利局、申请号为202210072382.3、申请名称为“人机识别的方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及计算机技术领域,尤其涉及人机识别的方法和装置。
背景技术
随着互联网的快速发展,越来越多的人选择使用互联网进行日常操作,例如但不限于登录网上银行管理银行账户、在线购物等。而互联网也常常伴随有黑客的活动。黑客们利用网络机器人(Bot),通过工具或程序脚本对应用系统进行自动化攻击。这种攻击可以通过窃取的合法账号,模拟合法用户的行为进行攻击和诈骗,这种攻击特征不明显难以检测和预防,对应用安全产生重大危害。因此,需要对机器的自动化攻击进行防护,以避免对应用安全产生重大危害。
目前业界普遍使用的防护方法是全自动区分计算机和人类的图灵测试(completely automated public turing test to tell computers and humans apart,CAPTCHA),即在用户到达存在敏感数据操作的应用登录界面时,系统会在后台生成一幅图片并在图片上嵌入一个随机字符串,当客户端发送登录请求给服务端时,如果服务端检测到了客户端发送来了正确的图片上的字符串内容,则认为此时的客户端为普通用户在操作而不是网络机器人,因为普遍认为机器是很难快速、动态且准确的识别出图片上的随机字符串的。CAPTCHA技术虽然一定程度上实现了人机识别的目的,但同时也极大的影响了人们操作的流畅性。特别是当用户使用的上网设备为移动终端时,辨别图片上的随机数字并输入是非常繁琐的。CAPTCHA技术虽然可以实现人机识别的目的,但该技术存在识别效率低和准确率不高的问题。
因此,亟需一种人机识别的方法,该方法可以提高人机识别的效率和准确率。
发明内容
本申请提供了一种人机识别的方法和装置,该方法可以提高人机识别的效率和准确率。
第一方面,提供了一种人机识别的方法,包括:服务器根据人机识别模型和第一特征数据生成令牌,并向终端发送该令牌,该人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,该第一特征数据是点击该终端的屏幕显示的第一应用程序生成的数据,该令牌用于指示发送该第一应用程序生成的第一业务请求时携带该令牌,该用户特征数据和该机器特征数据是点击该终端的屏幕生成的数据;该服务器接收该终端发送的请求,该请求包括该第一业务请求和该令牌;该服务器根据第一关联关 系和该令牌,确定该第一业务请求为用户操作,或机器操作,该服务器存储有该第一关联关系,该第一关联关系为该令牌与生成该第一业务请求的操作者之间的关联关系。
其中,该用户特征数据是用户点击该终端的屏幕生成的数据,该机器特征数据是机器点击该终端的屏幕生成的数据。任意一种特征数据可以为以下至少一种:终端的运动传感器数据,或者终端的触屏数据。触屏数据包括以下至少一种:触屏面积、触屏时间戳、触屏时延、触屏压力、或者触屏坐标。触屏时间戳,可以理解为操作者触摸终端的屏幕的时刻。触屏时延,可以理解为操作者从终端的屏幕抬起的时刻减去操作者按压终端的屏幕的时刻。终端的触屏数据可以为终端的屏幕生成的原始数据,或对终端的屏幕生成的原始数据进行特征提取后的特征数据。运动传感器包括以下至少一种:加速度传感器、重力加速度传感器、或者陀螺仪。终端的运动传感器数据可以为终端的运动传感器生成的原始数据,或对终端的运动传感器生成的原始数据进行特征提取后的特征数据。实际应用中,用户特征数据和机器特征数据的变化情况存在明显差异,即用户特征数据变化波动较大,机器特征数据变化波动较小。
第一特征数据是点击该终端的屏幕显示的第一应用程序生成的数据,该第一特征数据可以是服务器从终端获取的数据。也就是说,第一特征数据可以是终端采集获取的,对终端采集获取第一特征数据的实现方式不作具体限定。第一特征数据可以是点击该终端的屏幕显示的第一应用程序生成的原始数据,或对点击该终端的屏幕显示的第一应用程序生成的原始数据进行特征提取后的特征数据,此时第一特征数据可以不泄露用户的隐私信息,即服务器基于该第一特征数据无法恢复出原始数据。对第一特征数据包括的数据量不作具体限定,示例性的,第一特征数据可以是点击终端的第一应用程序的这段时间内生成的数据。
人机识别模型是服务器对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,对模型训练的方法不作具体限定。可选的,该分类器可以是线性分类器。
上述技术方案中,采用了服务器和终端结合的工作模式。服务器侧根据人机识别模型和第一特征数据生成令牌,令牌用于指示发送该第一应用程序生成的第一业务请求时携带该令牌,使得服务器接收到终端发送的请求中同时包括第一业务请求和令牌。这样,服务器接收到请求后,可以根据第一关联关系和令牌可以确定第一业务请求对应的操作为用户操作或机器操作。利用该方法进行人机识别时,避免了现有技术中需要用户进行额外的操作(例如,用户根据系统提供的图片辨别该图片上的随机数字),该方法可以提高人机识别的效率。人机识别模型是根据用户特征数据和机器特征数据训练得到的,用户特征数据和机器特征数据的变化情况存在明显差异,该方法还可以提高人机识别的准确率。
在一种可能的设计中,该服务器根据人机识别模型和第一特征数据生成令牌,包括:该服务器将该第一特征数据输入该人机识别模型,得到第一置信度;该服务器根据第一阈值和该第一置信度,确定生成该第一业务请求的操作者为用户或机器,并生成该令牌。
在另一种可能的设计中,该服务器根据第一阈值和该第一置信度,确定生成该第一业务请求的操作者为用户或机器,并生成该令牌,包括:在根据该第一阈值和该第一置信度确定该第一业务请求的操作者,与根据第二置信度和该第一阈值确定该第一业务请求的操作者相同的情况下,该服务器根据生成该第一业务请求的操作者为该用户或该机器,生成该令牌。
其中,在确定根据该第一阈值和该第一置信度确定该第一业务请求的操作者,与该服务器根据第二置信度和该第一阈值确定该第一业务请求的操作者相同,即终端发送第一特征数据后至服务器接收到第一特征数据的过程中,该第一特征数据未被攻击者攻击,即第一特征数据是可信任的数据。上述根据该第一阈值和该第一置信度确定该第一业务请求的操作者,与根据第二置信度和该第一阈值确定该第一业务请求的操作者相同的执行者可以是服务器。
上述技术方案中,服务器在确定根据该第一阈值和该第一置信度确定第一业务请求的操作者,与该服务器根据第二置信度和该第一阈值确定该第一业务请求的操作者相同的情况下,才会生成令牌,该方法具有较强的抗攻击性,进而可以提高人机识别的准确率。
在另一种可能的设计中,该方法还包括:该服务器利用第一公钥对该人机识别模型的参数进行加密生成第一密文,并向该终端发送该第一密文;该服务器接收该终端发送的第二密文,该第二密文是利用该第一密文和该第一公钥对该第一特征数据进行同态运算得到;该服务器利用第一私钥对该第二密文进行同态解密得到该第二置信度。
在另一种可能的设计中,在该服务器将该第一特征数据输入该人机识别模型,得到第一置信度之前,该方法还包括:该服务器接收该终端发送的第一签名值和该第一特征数据,该第一签名值是利用第一私钥对该第一特征数据进行数字签名得到的;该服务器利用第一公钥对该第一签名值进行验证,确定验证通过。
其中,服务器在利用第一公钥对该第一签名值进行验证,确定验证通过,即终端发送第一特征数据后至服务器接收到第一特征数据的过程中,该第一特征数据未被攻击者攻击,即第一特征数据是可信任的数据。
上述技术方案中,服务器在确定第一特征数据是可信任的数据的情况下,才会将第一特征数据输入人机识别模型得到第一置信度,此后基于第一置信度和第一阈值确定为用户操作或机器操作,并生成对应的令牌,该方法具有较强的抗攻击性,进而可以提高人机识别的准确率。
在另一种可能的设计中,该服务器根据第一阈值和该第一置信度,确定生成该第一业务请求的操作者为用户或机器,包括:在该第一置信度大于等于该第一阈值的情况下,该服务器确定该第一业务请求的操作者为该用户;或者,在该第一置信度小于该第一阈值的情况下,该服务器确定该第一业务请求的操作者为该机器。
上述技术方案中,服务器通过阈值比较的方式确定第一置信度对应的第一业务请求的操作者为用户或机器,实现过程简单,可以提高人机识别的效率。
在另一种可能的设计中,该服务器根据第一关联关系和该令牌,确定该第一业务请求为用户操作,或机器操作,包括:该服务器根据该第一关联关系和该令牌,确定该第一业务请求为该用户操作,生成该第一业务请求的操作者为用户,该第一特征数据是该用户点击该终端的屏幕显示的第一应用程序生成的数据;或者,该服务器根据该第一关联关系和该令牌,确定该第一业务请求为该机器操作,生成该第一业务请求的操作者为机器,该第一特征数据是该机器点击该终端的屏幕显示的第一应用程序生成的数据。
上述技术方案中,服务器根据本地保存的第一关联关系和请求携带的令牌,直接确定该请求携带的第一业务请求为用户操作或机器操作,实现过程不需要用户参与,可以提高人机识别的效率。
在另一种可能的设计中,该第一特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的特征数据,或者点击该第一应用程序时该终端的屏幕生成的特征数据。
上述技术方案中,第一特征数据为点击终端的屏幕生成的数据,即第一特征数据在用户正常使用终端时就可以获取,避免用户进行任何额外的操作,能够实现用户无感知的人机识别,可以提高人机识别的效率。
在另一种可能的设计中,点击该第一应用程序时该终端的运动传感器生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的数据的平均值,或者点击该第一应用程序时该终端的运动传感器生成的数据的标准差;点击该第一应用程序时该终端的屏幕生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的屏幕生成的数据的平均值,或者点击该第一应用程序时该终端的屏幕生成的数据的标准差。上述技术方案中,服务器根据第一特征数据无法恢复原始数据,可以提高用户数据的隐私性。
第二方面,提供了一种人机识别的方法,包括:终端接收服务器发送的令牌,该令牌是根据人机识别模型和第一特征数据生成的,该人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,该第一特征数据是点击该终端的屏幕显示的第一应用程序生成的数据,该令牌用于指示发送该第一应用程序生成的第一业务请求时携带该令牌,该用户特征数据和该机器特征数据是点击该终端的屏幕生成的数据;该终端向该服务器发送请求,该请求包括该第一业务请求和该令牌。
其中,该用户特征数据是用户点击该终端的屏幕生成的数据,该机器特征数据是机器点击该终端的屏幕生成的数据。任意一种特征数据可以为以下至少一种:终端的运动传感器数据,或者终端的触屏数据。触屏数据包括以下至少一种:触屏面积、触屏时间戳、触屏时延、触屏压力、或者触屏坐标。触屏时间戳,可以理解为操作者触摸终端的屏幕的时刻。触屏时延,可以理解为操作者从终端的屏幕抬起的时刻减去操作者按压终端的屏幕的时刻。终端的触屏数据可以为终端的屏幕生成的原始数据,或对终端的屏幕生成的原始数据进行特征提取后的特征数据。运动传感器包括以下至少一种:加速度传感器、重力加速度传感器、或者陀螺仪。终端的运动传感器数据可以为终端的运动传感器生成的原始数据,或对终端的运动传感器生成的原始数据进行特征提取后的特征数据。实际应用中,用户特征数据和机器特征数据的变化情况存在明显差异,即用户特征数据变化波动较大,机器特征数据变化波动较小。
第一特征数据是点击该终端的屏幕显示的第一应用程序生成的数据,该第一特征数据可以是服务器从终端获取的数据。也就是说,第一特征数据可以是终端采集获取的,对终端采集获取第一特征数据的实现方式不作具体限定。第一特征数据可以是点击该终端的屏幕显示的第一应用程序生成的原始数据,或对点击该终端的屏幕显示的第一应用程序生成的原始数据进行特征提取后的特征数据,此时第一特征数据可以不泄露用户的隐私信息,即服务器基于该第一特征数据无法恢复出原始数据。对第一特征数据包括的数据量不作具体限定,示例性的第一特征数据可以是点击终端的第一应用程序的这段时间内生成的数据。
人机识别模型是服务器对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,对模型训练的方法不作具体限定。可选的,该分类器可以是线性分类器。
上述技术方案中,采用了服务器和终端结合的工作模式。终端接收服务器发送的令牌, 该令牌用于指示发送该第一应用程序生成的第一业务请求时携带该令牌,使得终端发送第一业务请求时会携带该令牌。这样,服务器接收到请求后,可以根据第一关联关系和令牌可以确定第一业务请求对应的操作为用户操作或机器操作。利用该方法进行人机识别时,避免了现有技术中需要用户进行额外的操作(例如,用户根据系统提供的图片辨别该图片上的随机数字),该方法可以提高人机识别的效率。人机识别模型是根据用户特征数据和机器特征数据训练得到的,用户特征数据和机器特征数据的变化情况存在明显差异,该方法还可以提高人机识别的准确率。
在一种可能的设计中,该方法还包括:该终端接收该服务器发送的第一密文,该第一密文是利用第一公钥对人机识别模型的参数进行加密得到的;该终端利用该第一密文和该第一公钥对该第一特征数据进行同态运算,得到第二密文;该终端向该服务器发送该第二密文和该第一特征数据。
在另一种可能的设计中,该方法还包括:该终端利用第一私钥对该第一特征数据进行数字签名,得到第一签名值;该终端向该服务器发送该第一签名值和该第一特征数据。
在另一种可能的设计中,该第一特征数据包括以下至少一种:点击该第一应用程序时该终端设备的运动传感器生成的特征数据,或者点击该第一应用程序时该终端设备的屏幕生成的特征数据。
上述技术方案中,第一特征数据为点击终端的屏幕生成的数据,即第一特征数据在用户正常使用终端时就可以获取,避免用户进行任何额外的操作,能够实现用户无感知的人机识别,可以提高人机识别的效率。
在另一种可能的设计中,点击该第一应用程序时该终端的运动传感器生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的数据的平均值,或者点击该第一应用程序时该终端的运动传感器生成的数据的标准差;点击该第一应用程序时该终端的屏幕生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的屏幕生成的数据的平均值,或者点击该第一应用程序时该终端的屏幕生成的数据的标准差。
上述技术方案中,服务器根据第一特征数据无法恢复原始数据,可以提高用户数据的隐私性。
第三方面,提供了一种人机识别的装置,包括:处理单元,用于根据人机识别模型和第一特征数据生成令牌,该人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,该第一特征数据是点击该终端的屏幕显示的第一应用程序生成的数据,该令牌用于指示发送该第一应用程序生成的第一业务请求时携带该令牌,该用户特征数据和该机器特征数据是点击该终端的屏幕生成的数据;收发单元,用于向终端发送该令牌;该收发单元,还用于接收该终端发送的请求,该请求包括该第一业务请求和该令牌;该处理单元,还用于根据第一关联关系和该令牌,确定该第一业务请求为用户操作,或机器操作,该服务器存储有该第一关联关系,该第一关联关系为该令牌与生成该第一业务请求的操作者之间的关联关系。
在一种可能的设计中,该处理单元还用于:将该第一特征数据输入该人机识别模型,得到第一置信度;根据第一阈值和该第一置信度,确定生成该第一业务请求的操作者为用户或机器,并生成该令牌。
在另一种可能的设计中,该处理单元还用于:在根据该第一阈值和该第一置信度确定 该第一业务请求的操作者,与根据第二置信度和该第一阈值确定该第一业务请求的操作者相同的情况下,根据该第一阈值和该第一置信度确定该第一业务请求的操作者,与该服务器根据第二置信度和该第一阈值确定该第一业务请求的操作者相同;根据生成该第一业务请求的操作者为该用户或该机器,生成该令牌。
在另一种可能的设计中,该处理单元,还用于利用第一公钥对该人机识别模型的参数进行加密生成第一密文;该收发单元还用于:向该终端发送该第一密文;接收该终端发送的第二密文,该第二密文是利用该第一密文和该第一公钥对该第一特征数据进行同态运算得到;该处理单元,还用于利用第一私钥对该第二密文进行同态解密得到该第二置信度。
在另一种可能的设计中,该收发单元,还用于接收该终端发送的第一签名值和该第一特征数据,该第一签名值是利用第一私钥对该第一特征数据进行数字签名得到的;该处理单元,还用于利用第一公钥对该第一签名值进行验证,确定验证通过。
在另一种可能的设计中,该处理单元还用于:在该第一置信度大于等于该第一阈值的情况下,确定该第一业务请求的操作者为该用户;或者,在该第一置信度小于该第一阈值的情况下,确定该第一业务请求的操作者为该机器。
在另一种可能的设计中,该处理单元还用于:根据该第一关联关系和该令牌,确定该第一业务请求为该用户操作,生成该第一业务请求的操作者为用户,该第一特征数据是该用户点击该终端的屏幕显示的第一应用程序生成的数据;或者,根据该第一关联关系和该令牌,确定该第一业务请求为该机器操作,生成该第一业务请求的操作者为机器,该第一特征数据是该机器点击该终端的屏幕显示的第一应用程序生成的数据。
在另一种可能的设计中,该第一特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的特征数据,或者点击该第一应用程序时该终端的屏幕生成的特征数据。
在另一种可能的设计中,点击该第一应用程序时该终端的运动传感器生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的数据的平均值,或者点击该第一应用程序时该终端的运动传感器生成的数据的标准差;点击该第一应用程序时该终端的屏幕生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的屏幕生成的数据的平均值,或者点击该第一应用程序时该终端的屏幕生成的数据的标准差。
可以理解的是,上述第三方面中未详细描述的内容可以参见上述第一方面中的相关内容,此处不再详细赘述。
第四方面,提供了一种人机识别的装置,包括:收发单元,用于接收服务器发送的令牌,该令牌是根据人机识别模型和第一特征数据生成的,该人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,该第一特征数据是点击该终端的屏幕显示的第一应用程序生成的数据,该令牌用于指示发送该第一应用程序生成的第一业务请求时携带该令牌,该用户特征数据和该机器特征数据是点击该终端的屏幕生成的数据;该收发单元,还用于向该服务器发送请求,该请求包括该第一业务请求和该令牌。
在一种可能的设计中,该装置还包括处理单元,该收发单元,还用于接收该服务器发送的第一密文,该第一密文是利用第一公钥对人机识别模型的参数进行加密得到的;该处理单元,用于利用该第一密文和该第一公钥对该第一特征数据进行同态运算,得到第二密文;该收发单元,还用于向该服务器发送该第二密文和该第一特征数据。
在另一种可能的设计中,该装置还包括处理单元,该处理单元,用于利用第一私钥对该第一特征数据进行数字签名,得到第一签名值;该收发单元,还用于向该服务器发送该第一签名值和该第一特征数据。
在另一种可能的设计中,该第一特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的特征数据,或者点击该第一应用程序时该终端的屏幕生成的特征数据。
在另一种可能的设计中,点击该第一应用程序时该终端的运动传感器生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的运动传感器生成的数据的平均值,或者点击该第一应用程序时该终端的运动传感器生成的数据的标准差;点击该第一应用程序时该终端的屏幕生成的特征数据包括以下至少一种:点击该第一应用程序时该终端的屏幕生成的数据的平均值,或者点击该第一应用程序时该终端的屏幕生成的数据的标准差。
可以理解的是,上述第四方面中未详细描述的内容可以参见上述第二方面中的相关内容,此处不再详细赘述。
第五方面,提供了一种服务器,所述服务器具有实现上述人机识别的装置的功能。所述功能可以基于硬件实现,也可以基于硬件执行相应的软件实现。所述硬件或软件包括一个或多个与上述功能相对应的模块。
在一个可能的设计中,服务器的结构中包括处理器,所述处理器被配置为支持服务器执行上述方法中相应的功能。
所述服务器还可以包括存储器,所述存储器用于与处理器耦合,其保存服务器必要的程序指令和数据。
在另一个可能的设计中,所述服务器包括:处理器、发送器、接收器、随机存取存储器、只读存储器以及总线。其中,处理器通过总线分别耦接发送器、接收器、随机存取存储器以及只读存储器。其中,当需要运行服务器时,通过固化在只读存储器中的基本输入/输出系统或者嵌入式系统中的bootloader引导系统进行启动,引导服务器进入正常运行状态。在服务器进入正常运行状态后,在随机存取存储器中运行应用程序和操作系统,使得该处理器执行第一方面或第一方面的任意可能的实现方式中的方法。
第六方面,提供了一种终端,所述终端具有实现上述人机识别的装置的功能。所述功能可以基于硬件实现,也可以基于硬件执行相应的软件实现。所述硬件或软件包括一个或多个与上述功能相对应的模块。
在一个可能的设计中,终端的结构中包括处理器,所述处理器被配置为支持终端执行上述方法中相应的功能。
所述终端可以包括存储器,所述存储器用于与处理器耦合,其保存终端必要的程序指令和数据。
在另一个可能的设计中,所述终端包括:处理器、发送器、接收器、随机存取存储器、只读存储器以及总线。其中,处理器通过总线分别耦接发送器、接收器、随机存取存储器以及只读存储器。其中,当需要运行终端时,通过固化在只读存储器中的基本输入/输出系统或者嵌入式系统中的bootloader引导系统进行启动,引导终端进入正常运行状态。在终端进入正常运行状态后,在随机存取存储器中运行应用程序和操作系统,使得该处理器执行第二方面或第二方面的任意可能的实现方式中的方法。
第七方面,提供了一种计算机程序产品,该计算机程序产品包括:计算机程序代码,当该计算机程序代码在计算机上运行时,使得计算机执行上述第一方面或第一方面的任一种可能执行的方法。
第八方面,提供了一种计算机程序产品,该计算机程序产品包括:计算机程序代码,当该计算机程序代码在计算机上运行时,使得计算机执行上述第二方面或第二方面的任一种可能执行的方法。
第九方面,提供了一种计算机可读介质,该计算机可读介质存储有程序代码,当该计算机程序代码在计算机上运行时,使得计算机执行上述第一方面或第一方面的任一种可能执行的方法。这些计算机可读存储包括但不限于如下的一个或者多个:只读存储器(read-only memory,ROM)、可编程ROM(programmable ROM,PROM)、可擦除的PROM(erasable PROM,EPROM)、Flash存储器、电EPROM(electrically EPROM,EEPROM)以及硬盘驱动器(harddrive)。
第十方面,提供了一种计算机可读介质,该计算机可读介质存储有程序代码,当该计算机程序代码在计算机上运行时,使得计算机执行上述第二方面或第二方面的任一种可能执行的方法。这些计算机可读存储包括但不限于如下的一个或者多个:只读存储器(read-only memory,ROM)、可编程ROM(programmable ROM,PROM)、可擦除的PROM(erasable PROM,EPROM)、Flash存储器、电EPROM(electrically EPROM,EEPROM)以及硬盘驱动器(harddrive)。
第十一方面,提供一种芯片,该芯片包括处理器与数据接口,其中,处理器通过该数据接口读取存储器上存储的指令,以执行第一方面或第一方面任意一种可能的实现方式中的方法。在具体实现过程中,该芯片可以以中央处理器(centralprocessingunit,CPU)、微控制器(micro controller unit,MCU)、微处理器(micro processing unit,MPU)、数字信号处理器(digital signal processing,DSP)、片上系统(system on chip,SoC)、专用集成电路(application-specific integrated circuit,ASIC)、现场可编程门阵列(field programmable gate array,FPGA)或可编辑逻辑器件(programmable logic device,PLD)的形式实现。
第十二方面,提供一种芯片,该芯片包括处理器与数据接口,其中,处理器通过该数据接口读取存储器上存储的指令,以执行第二方面或第二方面任意一种可能的实现方式中的方法。在具体实现过程中,该芯片可以以中央处理器(centralprocessingunit,CPU)、微控制器(micro controller unit,MCU)、微处理器(micro processing unit,MPU)、数字信号处理器(digital signal processing,DSP)、片上系统(system on chip,SoC)、专用集成电路(application-specific integrated circuit,ASIC)、现场可编程门阵列(field programmable gate array,FPGA)或可编辑逻辑器件(programmable logic device,PLD)的形式实现。
第十三方面,提供了一种人机识别的系统,该系统包括上述如第三方面或第三方面任意一种可能的实现方式中的人机识别的装置和/或上述如第四方面或第四方面任意一种可能的实现方式中的人机识别的装置。
附图说明
图1是本申请适用的系统架构100的示意性框图。
图2是本申请实施例提供的一种人机识别的方法的示意性流程图。
图3是本申请实施例提供的人机识别的方法的一个具体实施例的示意性流程图。
图4是本申请实施例提供的人机识别的方法的另一个具体实施例的示意性流程图。
图5是本申请实施例提供的一种人机识别的方法的示意性流程图。
图6是本申请实施例提供的一种人机识别的装置600的示意性结构图。
图7是本申请实施例提供的一种人机识别的装置700的硬件结构示意图。
具体实施方式
下面将结合附图,对本申请实施例中的技术方案进行描述。
本申请的实施方式部分使用的术语仅用于对本申请的具体实施例进行解释,而非旨在限定本申请。
本申请中术语“第一”“第二”“第三”等字样用于对作用和功能基本相同的相同项或相似项进行区分,“第一”、“第二”和“第三”之间不具有逻辑或时序上的依赖关系,也不对数量和执行顺序进行限定。
本申请将围绕可包括多个设备、组件、模块等的系统来呈现各个方面、实施例或特征。应当理解和明白的是,各个系统可以包括另外的设备、组件、模块等,并且/或者可以并不包括结合附图讨论的所有设备、组件、模块等。此外,还可以使用这些方案的组合。
另外,在本申请实施例中,“示例的”、“例如”等词用于表示作例子、例证或说明。本申请中被描述为“示例”的任何实施例或设计方案不应被解释为比其它实施例或设计方案更优选或更具优势。确切而言,使用示例的一词旨在以具体方式呈现概念。
本申请实施例描述的网络架构以及业务场景是为了更加清楚的说明本申请实施例的技术方案,并不构成对于本申请实施例提供的技术方案的限定,本领域普通技术人员可知,随着网络架构的演变和新业务场景的出现,本申请实施例提供的技术方案对于类似的技术问题,同样适用。
在本说明书中描述的参考“一个实施例”或“一些实施例”等意味着在本申请的一个或多个实施例中包括结合该实施例描述的特定特征、结构或特点。由此,在本说明书中的不同之处出现的语句“在一个实施例中”、“在一些实施例中”、“在其他一些实施例中”、“在另外一些实施例中”等不是必然都参考相同的实施例,而是意味着“一个或多个但不是所有的实施例”,除非是以其他方式另外特别强调。术语“包括”、“包含”、“具有”及它们的变形都意味着“包括但不限于”,除非是以其他方式另外特别强调。
本申请中,“至少一个”是指一个或者多个,“多个”是指两个或两个以上。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B的情况,其中A,B可以是单数或者复数。字符“/”一般表示前后关联对象是一种“或”的关系。“以下至少一项(个)”或其类似表达,是指的这些项中的任意组合,包括单项(个)或复数项(个)的任意组合。例如,a,b,或c中的至少一项(个),可以表示:a,b,c,a-b,a-c,b-c,或a-b-c,其中a,b,c可以是单个,也可以是多个。
在本申请中,用户可以理解为人。用户触屏操作(简称为用户操作),即用户触摸终端的屏幕的操作。触屏操作,即点击屏幕的操作。
下面,具体介绍本申请实施例的相关技术:
为了更好地理解本申请实施例,首先介绍本申请实施例中涉及到的相关术语。
1,人机识别
人机识别,是指识别一个操作是由人还是机器人(Bot)触发的。
2,机器人(Bot)
机器人又称为机器,Bot通常指能执行业务请求的脚本或者自动化工具。
3,同态加密(homomorphic encryption,HE)
同态加密是一种对称加密算法。同态加密提供了一种对加密数据进行处理的功能,特点是允许数据在加密情况下实现数学或逻辑运算。任何人可以对加密数据进行处理,但是处理过程不会泄露任何原始内容。同时,拥有私钥的用户对处理过的数据进行解密后,得到的正好是处理后的结果。同态加密通常为非对称性加密(又称为不对称加密算法)。非对称性加密通常包括以下三个步骤:
步骤1,生成一对钥匙,即一个公钥(public key)和一个私钥(private key);
步骤2,使用公钥加密原始数据,得到加密数据,公式:公钥(原始数据)=加密数据;
步骤3,使用私钥解密加密数据,得到原始数据,公式:私钥(加密数据)=原始数据。
同态加密允许对加密数据进行处理,得到的解密结果等价于在原始数据下做运算。也就是说,对经过同态加密的数据进行处理得到一个输出,将这一输出进行解密,其结果与用同一方法处理未加密的原始数据得到的输出结果是一样的。同态加密方案的最基本安全性是语义安全性(semantic security)。直观地说,就是密文(ciphertext)不泄露明文(plaintext)中的任意信息。
4,数字签名(digital signature)
数字签名又称为公钥数字签名。数字签名是只有信息的发送者才能产生的别人无法伪造的一段数字串,这段数字串同时也是对信息的发送者发送信息真实性的一个有效证明。它是一种类似写在纸上的普通的物理签名,但是在使用了公钥加密领域的技术来实现的,用于鉴别数字信息的方法。一套数字签名通常定义两种互补的运算,一个用于签名,另一个用于验证。数字签名是非对称密钥加密技术与数字摘要技术的应用。
示例性的,数字签名的实现步骤可以如下:
步骤1,发送原文。即发送方用一个哈希函数从原文文本中生成原文摘要,然后用自己的私人密钥对这个摘要进行加密,这个加密后的摘要将作为原文的数字签名和原文一起发送给接收方。
步骤2,接收原文。即接收方首先用与发送方一样的哈希函数从接收到的原始原文中计算出原文摘要,接着再用发送方的公用密钥来对原文附加的数字签名进行解密。
如果接收方确定这两个摘要相同,那么接收方就能确认该数字签名是发送方的。
5,软件开发工具包(software development kit,SDK)
软件开发工具包是一些被软件工程师用于为特定的软件包、软件框架、硬件平台、操作系统等创建应用软件的开发工具的集合。它可以简单的为某个程序设计语言提供应用程序接口(application programming interface,API)的一些文件,但也可能包括能与某种嵌 入式系统通讯的复杂的硬件。一般的工具包括用于调试和其他用途的实用工具。SDK还经常包括示例代码、支持性的技术注解或者其他的为基本参考资料澄清疑点的支持文档。
6,可信执行环境(trusted execution environment,TEE)
TEE是一个与副操作系统(Rich OS)(例如,安卓(Android))并行的独立运行环境,为Rich OS提供安全保护。TEE包含了一个执行空间来提供比Rich OS更高级别的安全保护,尽管达不到安全元件(secure element,SE)能提供的安全程度,但对大多数应用来说,TEE已经能够满足安全所需。因此,TEE提供了Rich OS无法企及的安全性,同时,与SE相比又有低成本的优势。
7,令牌(token)
令牌,代表执行某些操作的权利的对象。令牌,也可以理解为暗号,在一些数据传输之前,传输数据的设备与接收数据的设备需要先进行暗号的核对,不同的暗号被授权不同的数据操作。
在相关的技术方案中,普遍使用的防护方法是CAPTCHA,基于该方法进行人机识别时存在识别效率低和准确率不高的问题。
有鉴于此,本申请提供了一种人机识别的方法,该方法可以提高人机识别的效率和准确率。进一步,当人机识别模型是利用以下数据进行训练得到的:用户点击终端的屏幕生成的数据的原始数据进行特征处理(例如但不限于,求平均值和/或标准差)得到的数据,机器点击终端的屏幕生成的数据的原始数据进行特征处理(例如但不限于,求平均值和/或标准差)得到的数据,该方法还可以提高人机识别模型的隐私性。当第一特征数据是点击终端的屏幕显示的第一应用程序生成的原始数据进行特征处理(例如但不限于,平均值和/或标准差)得到的数据,该方法还可以提高用户数据的隐私性。
下面,结合图1介绍本申请提供的人机识别的方法适用的系统架构。
图1是本申请适用的系统架构100的示意性框图。如图1所示,系统架构100包括云端服务器和终端。云端服务器包括机器防护服务110和应用服务器120。终端包括应用程序130。示例性的,图1中以终端包括1个应用程序130为例示出。可选的,终端还可以包括更多数目的应用程序。可选的,终端还可以包括除应用程序130以外的模块,云端服务器还可以包括除机器防护服务110和应用服务器120以外的模块。
在系统架构100中,机器防护服务110可以为一个软件服务。机器防护服务110可以与应用程序130相互通信,以实现数据的传输。应用服务器120可以与应用程序130相互通信,以实现数据的传输。机器防护服务110可以与应用服务器120相互通信,以实现关联关系的获取,该关联关系表示令牌与生成业务请求的操作者之间的关联关系,该业务请求可以是应用程序130发送的请求。系统架构100的工作原理如下:应用程序130用于采集终端侧数据,并对采集到的数据进行特征计算。此后,应用程序130将特征计算的结果发送给机器防护服务110。机器防护服务110用于对从应用程序130处获取的特征计算的结果进行处理,得到检测结果(例如,该检测结果表示生成业务请的操作者为用户或机器),根据该检测结果生成令牌,并将该令牌发送给应用程序130。此后,应用程序130会向应用服务器120发送业务请求,且该业务请求携带该检测结果对应的令牌。相应的,应用服务器120接收到该令牌和业务请求后,通过查询该令牌对应的关联关系确定该令牌对应的操作者类型(例如,操作者为用户或机器);以及根据该令牌对应的操作者类型,决定如 何响应应用程序130发送的该业务请求(例如,执行该业务请求或不执行该业务请求)。在一些实现方式中,应用程序130中可以集成机器防护SDK,该机器防护SDK具体用于采集终端侧数据,并对采集到的数据进行特征计算。
系统架构100中的终端可以指客户端、用户设备、接入终端、用户单元、用户站、移动站、移动台、远方站、远程终端、移动设备、用户终端、终端设备、无线通信设备、用户代理或用户装置。终端还可以是手机、平板、智能手表、蜂窝电话、无绳电话、会话启动协议(session initiation protocol,SIP)电话、无线本地环路(wireless local loop,WLL)站、个人数字处理(personal digital assistant,PDA)、具有无线通信功能的手持设备、计算设备或连接到无线调制解调器的其它处理设备、车载设备、可穿戴设备,未来的第五代(5th Generation,5G)网络中的终端设备或者未来演进的公用陆地移动通信网络(public land mobile network,PLMN)中的终端设备等,本申请实施例对此并不限定。
应理解,上述系统架构100仅为示意,并不对本申请提供的人机识别的方法适用的系统架构构成任何限定。例如,上述系统架构100中的终端还可以包括更多数目的应用程序。又如,上述系统架构100中的云端服务器还可以包括其它模块,示例性的,该其它模块可以为存储模块,该存储模块可以用于存储计算机指令。
下面,结合图2介绍本申请实施例提供的一种人机识别的方法。
图2是本申请实施例提供的一种人机识别的方法的示意性流程图。该方法可以但不限于应用于上文图1所示的系统架构100中。如图2所示,该方法包括步骤210至步骤230。下面详细介绍步骤210至步骤230。
步骤210,服务器根据人机识别模型和第一特征数据生成令牌,并向终端发送令牌,人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,第一特征数据是点击终端的屏幕显示的第一应用程序生成的数据,令牌用于指示发送第一应用程序生成的第一业务请求时携带该令牌,用户特征数据和机器特征数据是点击终端的屏幕生成的数据。相应的,终端接收服务器发送的该令牌。
示例性的,上述步骤210中的服务器可以为上述图1所示的云端服务器,终端可以为上述图1所示的终端。
可选的,在上述步骤210之前还可以包括以下步骤:服务器接收终端发送的第一特征数据。也就是说,第一特征数据可以是终端采集获取的。对终端采集获取第一特征数据的实现方式不作具体限定。对第一特征数据包括的数据量不作具体限定,示例性的,第一特征数据可以是点击终端的第一应用程序的这段时间内生成的数据。
人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,即人机识别模型的输出用于确定该人机识别模型的输入对应的操作为用户操作或机器操作。人机识别模型的输出可以为置信度,该置信度的取值范围可以为0至1的任意数值,例如该置信度可以为0,0.12,0.3或1等。对用户特征数据和机器特征数据训练获得人机识别模型的模型训练的方法不作具体限定,例如但不限于利用现有的机器学习方法进行模型训练,以得到该人机识别模型。可选的,该分类器可以是线性分类器。示例性的,当人机识别模型为线性分类器时,该人机识别模型可以通过以下公式表示:
y=wx+b
其中,w和b为该人机识别模型的模型参数。x为人机识别模型的输入,例如,该x可 以为14维向量,且该14维向量对应于上述第一特征数据。y为人机识别模型的输出,该输出可以为一个置信度。w和x可以为n维向量,n为正整数。
第一特征数据包括以下至少一种:点击第一应用程序时终端的运动传感器生成的特征数据,或者点击第一应用程序时终端的屏幕生成的特征数据。可选的,点击第一应用程序时终端的运动传感器生成的特征数据还可以替换为,第一时刻至第二时刻终端的运动传感器生成的特征数据。其中,第一时刻为点击第一应用程序之前的时刻,第二时刻为点击第一应用程序之后的时刻。第一时刻和第二时刻可以根据实际应用情况进行设置。例如,点击第一应用程序的时刻为10:00:00,则第一时刻可以为09:59:59,第二时刻可以为10:00:01。可选的,点击第一应用程序时终端的屏幕生成的特征数据还可以替换为,第一时刻至第二时刻终端的屏幕生成的特征数据。运动传感器包括但不限于以下至少一种:加速度传感器、重力加速度传感器、或陀螺仪。点击第一应用程序时终端的屏幕生成的特征数据包括但不限于以下至少一种:触屏面积的特征数据、触屏时间戳的特征数据、触屏时延的特征数据、触屏压力的特征数据、或触屏坐标的特征数据。触屏时间戳,可以理解为操作者(例如,用户或机器)触摸终端的屏幕的时刻。触屏时延,可以理解为操作者从终端的屏幕抬起的时刻减去操作者按压终端的屏幕的时刻。
在一些可能的实现方式中,点击第一应用程序时终端的运动传感器生成的特征数据包括以下至少一种:点击第一应用程序时终端的运动传感器生成的数据的平均值,或者点击第一应用程序时终端的运动传感器生成的数据的标准差。可选的,点击第一应用程序时终端的运动传感器生成的特征数据还可以包括以下至少一种:点击第一应用程序时终端的运动传感器生成的数据中相邻数据的差值的平均值,或者点击第一应用程序时终端的运动传感器生成的数据中相邻数据的差值的标准差。可以理解的是,本申请实施例提供的点击第一应用程序时终端的运动传感器生成的特征数据包括但不限于上述内容,即只要是对“点击第一应用程序时终端的运动传感器生成的原始数据”进行特征提取后得到的特征数据,都可以称为点击第一应用程序时终端的运动传感器生成的特征数据。例如,上述点击第一应用程序时终端的运动传感器生成的数据的标准差,还可以替换为点击第一应用程序时终端的运动传感器生成的数据的方差。示例性的,点击第一应用程序时终端的运动传感器生成的数据(即,原始数据)包括:X1,X2和X3,则点击第一应用程序时终端的运动传感器生成的数据中相邻数据的差值的平均值可以通过以下公式表示:
Figure PCTCN2022127091-appb-000001
上述公式中,X1为时刻1终端的运动传感器生成的数据,X2为时刻2终端的运动传感器生成的数据,X3为时刻3终端的运动传感器生成的数据。这3个时刻按照时间顺序依次排列为:时刻1,时刻2,时刻3。X1和X2可以称为相邻数据,X2和X3可以称为相邻数据。
在一些可能的实现方式中,点击第一应用程序时终端的屏幕生成的特征数据包括以下至少一种:点击第一应用程序时终端的屏幕生成的数据的平均值,或者点击第一应用程序时终端的屏幕生成的数据的标准差。可选的,点击第一应用程序时终端的屏幕生成的特征数据还可以包括以下至少一种:点击第一应用程序时终端的屏幕生成的数据中相邻数据的差值的平均值,点击第一应用程序时终端的屏幕生成的数据中相邻数据的差值的标准差, 或者点击第一应用程序时终端的屏幕生成的数据中相邻数据的几何距离(例如但不限于,欧式距离或马氏距离等)。可以理解的是,本申请实施例提供的点击第一应用程序时终端的屏幕生成的特征数据包括但不限于上述内容,即只要是对“点击第一应用程序时终端的屏幕生成的原始数据”进行特征提取后得到的特征数据,都可以称为点击第一应用程序时终端的屏幕生成的特征数据。例如,点击第一应用程序时终端的屏幕生成的数据的标准差,还可以替换为点击第一应用程序时终端的屏幕生成的数据的方差。
用户特征数据是用户点击该终端的屏幕生成的数据,机器特征数据是机器点击该终端的屏幕生成的数据。其中,任意一种特征数据可以为以下至少一种:终端的运动传感器数据,或者终端的触屏数据。终端的运动传感器数据可以为终端的运动传感器生成的原始数据,或对终端的运动传感器生成的原始数据进行特征提取后的特征数据。
在本申请实施例中,服务器根据人机识别模型和第一特征数据生成令牌,包括:服务器将第一特征数据输入人机识别模型,得到第一置信度;服务器根据第一阈值和第一置信度,确定生成第一业务请求的操作者为用户或机器,并生成令牌。
可选的,服务器根据第一置信度和第一阈值,确定生成第一业务请求的操作者为用户或机器,包括:在第一置信度大于等于第一阈值的情况下,服务器确定第一业务请求的操作者为用户;或者,在第一置信度小于第一阈值的情况下,服务器确定第一业务请求的操作者为机器。其中,第一阈值的取值范围可以为0至1的任意数值,第一阈值的具体取值可以根据实际需求进行设置,即对第一阈值的取值不作具体限定。例如,第一阈值可以等于0,0.1,0.25或1等。
在一些实现方式中,服务器根据第一阈值和第一置信度,确定生成第一业务请求的操作者为用户或机器,并生成令牌,包括:在根据第一阈值和第一置信度确定第一业务请求的操作者,与根据第二置信度和第一阈值确定第一业务请求的操作者相同的情况下,服务器根据生成第一业务请求的操作者为用户或机器,生成令牌。其中,根据第一阈值和第一置信度确定第一业务请求的操作者,与根据第二置信度和第一阈值确定第一业务请求的操作者相同的执行者可以是服务器。在这种实现方式中,在上述步骤210之前还可以执行以下步骤:服务器利用第一公钥对人机识别模型的参数进行加密生成第一密文,并向终端发送第一密文;服务器接收终端发送的第二密文,第二密文是利用第一密文和第一公钥对第一特征数据进行同态运算得到;服务器利用第一私钥对第二密文进行同态解密得到第二置信度。这种实现方式中,第一私钥和第一公钥为同态运算中利用的公私钥对,对获取该第一私钥和第一公钥的方法不作具体限定,例如可以利用现有的同态运算中获取公私钥对的方法获取该第一私钥和第一公钥。可选的,上述第一密文也可以是提前预设在终端的应用程序中的。示例性的,下文图3示出了这种实现方式的一个具体示例,具体可以参见下文图3所描述的人机识别的方法的流程,此处不再详细赘述。
在另一些实现方式中,在服务器将第一特征数据输入人机识别模型,得到第一置信度之前,还可以执行以下步骤:服务器接收终端发送的第一签名值和第一特征数据,第一签名值是利用第一私钥对第一特征数据进行数字签名得到的;服务器利用第一公钥对第一签名值进行验证,确定验证通过。这种实现方式中,第一私钥和第一公钥为数字签名中利用的公私钥对,对获取该第一私钥和第一公钥的方法不作具体限定,例如可以利用现有的数字签名技术中获取公私钥对的方法获取该第一私钥和第一公钥。示例性的,下文图4示出 了这种实现方式的一个具体示例,具体可以参见下文图4所描述的人机识别的方法的流程,此处不再详细赘述。
令牌用于指示发送第一应用程序的第一业务请求时携带该令牌。也就是说,终端设备接收到令牌后,若终端要发送第一业务请求,此时终端发送第一业务请求时需要携带该令牌。可选的,令牌可以是有生命周期的,对令牌的生命周期的长度不作具体限定。例如,令牌的生命周期的长度可以为60秒(s)。可以理解的是,当令牌超过生命周期时,该令牌可以被第一应用程序释放或删除。
可选的,第一特征数据可以与第一业务请求对应,第一特征数据还可以不与第一业务请求对应。第一业务请求可以理解为,第一应用程序发送的任意一个业务请求。
步骤220,服务器接收终端发送的请求,请求包括第一业务请求和令牌。相应的,终端向服务器发送该请求。
步骤230,服务器根据第一关联关系和令牌,确定第一业务请求为用户操作,或机器操作,服务器存储有第一关联关系,第一关联关系为令牌与生成第一业务请求的操作者之间的关联关系。
可以理解的是,服务器侧存储有第一关联关系,即服务器对令牌识别后可以得知该令牌对应的第一业务请求的操作者为用户或机器。终端侧并未存储有第一关联关系,即终端对令牌识别后并不能得知该令牌的作用,终端对令牌识别后仅知道该令牌用于指示发送第一应用程序的第一业务请求时携带该令牌,基于此,该终端向服务器发送该第一业务请求时会携带该令牌。
在本申请实施例中,服务器根据第一关联关系和令牌,确定第一业务请求为用户操作,或机器操作,包括:服务器根据第一关联关系和令牌,确定第一业务请求为用户操作,生成第一业务请求的操作者为用户,第一特征数据是用户点击终端的屏幕显示的第一应用程序生成的数据;或者,服务器根据第一关联关系和令牌,确定第一业务请求为机器操作,生成第一业务请求的操作者为机器,第一特征数据是机器点击终端的屏幕显示的第一应用程序生成的数据。
可选的,云端服务器还可以执行以下步骤:利用第一特征数据对上述步骤210中的人机识别模型进行更新。
应理解的是,上述图2所示的方法仅为示意并不对本申请提供的人机识别方法构成任何限定。上述图2所示的人机识别方法,提供了采用服务器和终端结合的方式,基于点击终端的屏幕生成的数据进行人机识别的方案。
上述技术方案中,采用了服务器和终端结合的工作模式。服务器侧根据人机识别模型和第一特征数据生成令牌,令牌用于指示发送该第一应用程序的第一业务请求时携带该令牌,使得服务器接收到终端发送的请求中同时包括第一业务请求和令牌。这样,服务器接收到请求后,可以根据第一关联关系和令牌可以确定第一业务请求对应的操作为用户操作或机器操作。利用该方法进行人机识别时,避免了现有技术中需要用户进行额外的操作(例如,用户根据系统提供的图片辨别该图片上的随机数字),该方法可以提高人机识别的效率。人机识别模型是根据用户特征数据和机器特征数据训练得到的,用户特征数据和机器特征数据的变化情况存在明显差异,该方法还可以提高人机识别的准确率。此外,当用户特征数据、机器特征数据和第一特征数据中的任意一个特征数据不涉及用户的隐私信息时, 该方法还可以提高人机识别模型的隐私性和用户数据的隐私信息。
上文结合图2介绍了本申请实施例提供的人机识别的方法。下面,结合图3和图4介绍本申请实施例提供的人机识别的方法的两个具体的实施例。应理解,图3和图4的例子仅仅是为了帮助本领域技术人员理解本申请实施例,而非要将申请实施例限制于所示例的具体数值或具体场景。本领域技术人员根据下面所给出的图3和图4的例子,显然可以进行各种等价的修改或变化,这样的修改和变化也落入本申请实施例的范围内。
图3是本申请实施例提供的人机识别的方法的一个具体实施例的示意性流程图。该方法可以但不限于应用于上文图1所示的系统架构100中。如图3所示,该方法包括步骤310至步骤370。下面详细介绍步骤310至步骤370。
步骤310,云端服务器对用户特征数据和机器特征数据进行训练,得到人机识别模型。
用户特征数据至少包括用户触屏生成的运动传感器数据,用户触屏表示用户点击终端的屏幕。其中,该用户触屏生成的运动传感器数据包括以下至少一种:用户触屏生成的运动传感器的原始数据(简记为用户原始数据1),用户原始数据1的平均值,用户原始数据1的标准差,用户原始数据1中相邻数据的差值的平均值,或用户原始数据1中相邻数据的差值的标准差。原始数据1中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述用户特征数据还可以包括用户触屏的触屏数据。其中,该用户触屏的触屏数据包括以下至少一种:用户触屏生成的触屏数据(简记为用户原始数据2),用户原始数据2的平均值,用户原始数据2的标准差,用户原始数据2中相邻数据的差值的平均值,或用户原始数据2中相邻数据的差值的标准差。原始数据2中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述标准差还可以替换为方差。可选的,上述用户触屏的触屏数据还可以包括:用户点击终端的应用程序时该终端的屏幕生成的数据中相邻数据的几何距离(例如但不限于,欧式距离或马氏距离等)。
机器特征数据至少包括机器触屏生成的运动传感器数据,机器触屏表示机器点击终端的屏幕。可选的,该机器特征数据还可以包括机器触屏的触屏数据。其中,该机器触屏生成的运动传感器数据包括以下至少一种:机器触屏生成的运动传感器的原始数据(简记为机器原始数据1),机器原始数据1的平均值,机器原始数据1的标准差,机器原始数据1中相邻数据的差值的平均值,或机器原始数据1中相邻数据的差值的标准差。原始数据1中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述机器特征数据还可以包括机器触屏的触屏数据。其中,该机器触屏的触屏数据包括以下至少一种:机器触屏生成的触屏数据(简记为机器原始数据2),机器原始数据2的平均值,机器原始数据2的标准差,机器原始数据2中相邻数据的差值的平均值,或机器原始数据2中相邻数据的差值的标准差。原始数据2中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述标准差还可以替换为方差。可选的,上述机器触屏的触屏数据还可以包括:机器点击终端的应用程序时该终端的屏幕生成的数据中相邻数据的几何距离(例如但不限于,欧式距离或马氏距离等)。
上述运动传感器数据包括以下至少一种:加速度传感器,重力加速度传感器,或陀螺仪。上述触屏数据包括以下至少一种:触屏面积,触屏时延戳,触屏时延,触屏压力,或触屏坐标。触屏时间戳,可以理解为操作者触摸终端的屏幕的时刻。触屏时延,可以理解为操作者从终端的屏幕抬起的时刻减去操作者按压终端的屏幕的时刻。在本申请实施例中, 人机识别模型的输入和输出可以满足线性关系。在一种可能的设计中,该人机识别模型可以是一个线性模型,该线性模型可以表示为以下公式:
y=wx+b
其中,w和b为该人机识别模型的模型参数。x为人机识别模型的输入,例如,该x可以为14维向量,且该14维向量可以对应上述用户原始数据1的平均值。又如,该x可以为10维向量,且该10维向量可以对应上述用户原始数据2的标准差。y为人机识别模型的输出,该输出可以为一个置信度。w和x可以为n维向量,n为正整数。
以上述步骤310得到的人机识别模型为y=wx+b,该线性模型的输出为置信度为例,介绍根据该人机识别模型如何确定该输入x对应的操作是机器操作或机器操作。在一种可能的设计中,云端服务器可以通过比较置信度与阈值的大小,确定该置信度对应的输入是用户操作或机器操作。对阈值的选取不作具体限定,例如阈值可以但不限于为0,0.1,0.5或1等。示例性的,假设阈值等于0,如果置信度大于0为机器操作,否则为用户操作。x为y=wx+b的输入,y=wx+b的输入为y,且y=0.5。基于此,云端服务器通过比较阈值和y,可以确定该x对应的操作为机器操作。
可选的,在上述步骤310之前云端服务器还可以执行以下操作:从终端获取上述用户特征数据和上述机器特征数据。可以理解的是,终端采集用户特征数据和机器特征数据时,不需要申请任何系统权限,即终端能够安全合规地采集这些数据。
在本申请实施例中,为便于描述,下文中均以人机识别模型是根据以下数据进行训练得到的为例进行介绍:用户原始数据1的平均值,用户原始数据2的平均值,机器原始数据1的平均值,以及机器原始数据2的平均值。
步骤320,云端服务器利用公钥#1对人机识别模型的模型参数进行加密得到密文#1,并将密文#1发送给终端,公钥#1为同态加密算法所用的密钥。
公钥#1为同态加密算法所用的密钥,即该公钥#1是利用同态加密算法计算得到的密钥。可选的,利用该同态加密算法还可以得到私钥#1,私钥#1和公钥#1为一对公私钥对。
可选的,在上述步骤320之前云端服务器还可以执行以下操作:利用同态加密算法生成公私钥对,该公私钥对包括私钥#1和公钥#1。对云端服务器利用同态加密算法生成公私钥对的方法不作具体限定,例如可以利用现有的同态加密算法获取该公私钥对。
以上述步骤310中获得的人机识别模型为y=wx+b为例,则该人机识别模型的模型参数包括w。可选的,该模型参数还可以包括b。为便于描述,下文中均以人机识别模型的模型参数包括w为例进行介绍,此时密文#1可以表示为E(w),即E(w)为利用公钥#1对w加密后的结果。
步骤330,响应于触屏操作#1,终端获取触屏数据#1和传感器数据#1。
对上述触屏操作#1不作具体限定。例如,该触屏操作#1可以是用户触屏操作。又如,该触屏操作#1可以是机器触屏操作。再如,该触屏操作#1可以包括用户触屏操作和机器触屏操作。触屏数据#1可以包括一段时间内终端采集的触屏数据。传感器数据#1可以包括一段时间内终端采集的传感器数据。对该一段时间的长度不作具体限定。例如,该一段时间可以为5秒,10秒,或20秒。在本申请实施例中,用户可以理解为人。触屏操作,可以理解为点击终端的屏幕的操作。用户触屏操作(可简称为用户操作),即用户触摸终端的屏幕的操作。
示例性的,响应于触屏操作#1(即,用户触屏操作),终端获取触屏数据#1和传感器数据#1,可以包括以下步骤:终端的应用(application,App)程序启动时,进行SDK的初始化,然后监控应用的活动(activity)生命周期,当检测到触屏操作#1时,该SDK开始采集触屏数据和传感器数据采集,从而获取触屏数据#1和传感器数据#1。又如,响应于触屏操作#1(即,用户触屏操作),终端获取触屏数据#1和传感器数据#1,可以包括以下步骤:终端的App启动时,进行SDK的初始化,然后监控应用的活动(activity)生命周期,同时该SDK开始采集终端的传感器数据;当检测到触屏操作#1时,该SDK开始采集触屏数据,从而获取触屏数据#1。这种实现方式中,终端可以根据触屏事件时间戳对SDK采集到的终端的传感器进行过滤,得到传感器数据#1。在本申请实施例中,为便于描述,下文中均以触屏操作#1为用户触屏终端的应用程序#1的操作为例进行介绍,即触屏数据#1和传感器数据#1可以理解为是用户点击终端的屏幕显示的应用程序#1生成的数据。该触屏数据#1可以包括用户触屏生成的触屏数据的原始数据的平均值,该触屏数据的原始数据可以但不限于包括:触屏面积,触屏时延戳,触屏时延,触屏压力和触屏坐标。该传感器数据#1可以包括用户触屏生成的运动传感器的原始数据的平均值,该运动传感器的原始数据包括用户触屏期间该运动传感器的x轴、y轴和z轴的输出值。
上述步骤330中,响应于触屏操作#1,终端获取触屏数据#1和传感器数据#1。也就是说,触屏数据#1和传感器数据#1中的任意一个集合包括的数据是用户正常触摸(点击)终端的屏幕显示的应用程序#1时就可以获取,不需要用户进行任何额外的操作,能够实现用户无感知的人机识别。
步骤340,终端利用密文#1对触屏特征数据#1和传感器特征数据#1进行同态运算得到密文#2,并将密文#2发送给云端服务器。
触屏特征数据#1是对触屏数据#1中的数据进行处理得到的。具体的,在本申请实施例中,触屏特征数据#1可以包括:对触屏数据#1中的触屏面积求平均值得到的数据,对触屏数据#1中的触屏时延求平均值得到的数据,以及对触屏数据#1中的触屏压力求平均值得到的数据。
传感器特征数据#1是对传感器数据#1中的数据进行处理得到的。具体的,在本申请实施例中,传感器特征数据#1可以包括:对传感器数据#1中x轴的数据求平均值得到的数据,对传感器数据#1中y轴的数据求平均值得到的数据,以及对传感器数据#1中z轴的数据求平均值得到的数据。
在本申请实施例中,y=wx+b模型的输入x为触屏特征数据#1和传感器特征数据#1构成的多维向量。终端利用密文#1对触屏特征数据#1和传感器特征数据#1进行同态运算得到密文#2,该密文#2可以表示为:f(x)=E(w)×x+E(b),E(w)表示密文#1,f(x)表示密文#2,即f(x)为人机识别模型中y的密文。
应理解的是,上述同态加密的过程中,终端传到云端服务器的是最终计算出来的f(x),在云端服务器解密后得到y,仅根据这一个数据及云端服务器已知的参数w和b是无法恢复出终端的明文特征的,更无法恢复出具体的传感器数据,原因如下:
(1)已知y,w,b,想要恢复出终端的明文特征,等价于根据方程y=wx+b,求解x,例如w,x均可以为14维向量,展开为y=w 1×x 1+w 2×x 2+......+w 14×x 14+b,该方程为多元一次方程,<x 1,x 2,......,x 14>有无穷多组解,因此云端服务器无法根据终端上传 的f(x)恢复出终端的明文特征。
(2)假设云端服务器可以恢复出明文特征x i,那么根据x i也无法恢复计算该特征所使用的传感器数据。比如x i是加速度计x轴数据的均值特征,假设x i是由m(m为正整数)组数据得到,则
Figure PCTCN2022127091-appb-000002
该方程同样为多元一次方程,不具备唯一解,因此即便云端服务器能够恢复出明文特征,也无法计算出对应的传感器数据,从而无法得到设备对应用户的生物特征。
因此,在本申请的方案中,终端运动传感器数据无法在云端服务器被恢复,即用户没有隐私数据传到云端服务器,以保证用户数据的隐私性。
可选的,上述步骤340还可以包括以下步骤:将触屏特征数据#1和传感器特征数据#1发送给云端服务器。这种实现方式中,云端服务器侧还可以利用该触屏特征数据#1和传感器特征数据#1对上述步骤310中获得的人机识别模型进行重新训练,以优化该人机识别模型。
步骤350,云端服务器根据人机识别置信度#1和阈值#1确定触屏操作#1为用户操作,生成令牌#1,并将令牌#1发送给终端,人机识别置信度#1是利用私钥#1对密文#2进行解密得到的。相应的,终端接收到云端服务器发送的令牌#1。
令牌#1用于指示发送应用程序#1生成的业务请求#1时携带令牌#1。业务请求#1可以理解为应用程序#1生成的任意一个业务请求。可选的,在一些实现方式中,业务请求#1可以为触屏特征数据#1和传感器特征数据#1对应的业务请求。可选的,在另一些实现方式中,业务请求#1可以不是触屏特征数据#1和传感器特征数据#1对应的业务请求。
上述步骤350中,云端服务器确定触屏操作#1为用户操作后,生成对应的令牌#1。此后,云端服务器侧存储有关联关系#1,关联关系#1表示令牌#1与终端的应用程序#1生成业务请求#1的操作者为用户操作之间的关联关系。对云端服务器根据触屏操作#1为用户操作,生成对应的令牌#1的方法不作具体限定。在本申请实施例中,云端服务器识别该令牌#1后,根据关联关系#1可以确定该令牌#1用于指示的触屏操作#1为用户操作。可以理解的是,在本申请实施例中,终端侧(例如但不限于是终端侧的应用程序#1)可以存储有令牌#1,但该终端识别该一个令牌#1后,该终端仅可以得知发送应用程序#1的业务请求#1时需要携带该令牌#1,但该终端不知道与该一个令牌#1的作用。也就是说,终端获取该令牌#1后,对该令牌#1进行处理并不能得到以下结果:业务请求#1对应的触屏操作#1为用户操作。换句话说,终端中没有存储关联关系#1。可选的,令牌#1可以是有生命周期的,对令牌#1的生命周期的长度不作具体限定。例如,令牌#1的生命周期的长度可以为30秒(s)。可以理解的是,当令牌#1超过生命周期时,该令牌#1可以被应用程序#1释放或删除。
私钥#1为同态加密算法所用的密钥,私钥#1和公钥#1为一对密钥对。人机识别置信度#1的取值范围可以为0至1的任意数值。阈值#1的大小可以是根据实际应用场景确定的,对该阈值#1的大小不作具体限定。为便于描述,在本申请实施例中,假设:阈值#1等于0;人机识别置信度(即,人机识别模型的输出结果)大于等于阈值#1,该人机识别置信度对应的人机识别模型的输入对应的操作为用户操作。
上述步骤350中,云端服务器利用私钥#1对密文#2进行解密得到人机识别置信度#1, 包括:云端服务器利用私钥#1对密文#2(即,f(x)=E(w)×x+E(b))进行解密,可以得到人机识别模型y的值为人机识别置信度#1,该人机识别置信度#1等于0.2;云端服务器通过比较人机识别置信度#1和阈值#1,确定触屏操作#1为用户操作。
可选的,如果上述步骤340中终端将触屏特征数据#1和传感器特征数据#1发送给云端服务器,则在上述步骤350之后云端服务器还可以执行以下步骤:利用触屏特征数据#1和传感器特征数据#1对上述步骤310获得的人机识别模型进行更新。
步骤360,在令牌#1的生命周期内,终端向云端服务器发送请求#1,请求#1包括业务请求#1和令牌#1,业务请求#1为终端得应用程序#1发送的业务请求。
其中,终端接收到了云端服务器发送的令牌#1,且令牌#1用于指示发送应用程序#1的业务请求#1时携带令牌#1,令牌#1。基于此,终端发送业务请求#1时会携带令牌#1,即终端可以通过发送请求#1将业务请求#1和令牌#1发送给云端服务器。
步骤370,云端服务器根据令牌#1确定业务请求#1为用户执行的操作,并执行业务请求#1对应的请求。
云端服务器根据令牌#1确定业务请求#1为用户执行的操作,可以包括以下步骤:云端服务器根据本地存储的关联关系#1和请求#1,可以确定该业务请求#1为用户执行的操作令牌#1。
可以理解的是,上述方法中终端执行的操作可以但不限于在终端的应用层实现,该终端的操作系统可以但不限于为以下一种:安卓(Android),iOS,或鸿蒙(HarmonyOs)。
应理解,上述图3所描述的方法仅为示意,并不对本申请实施例提供的人机识别的方法构成任何限定。上述图3所描述的方法均以触屏操作#1为用户操作为例进行介绍,可选的,触屏操作#1还可以替换为机器操作,这种实现方式中,关联关系#1表示令牌#1与机器操作之间的关联关系,上步骤350中的“云端服务器根据人机识别置信度#1和阈值#1确定触屏操作#1为用户操作”可以替换为“云端服务器根据人机识别置信度#1和阈值#1确定触屏操作#1为机器操作”,以及上述步骤370可以替换为以下步骤:云端服务器根据令牌#1确定该业务请求#1为机器执行的操作,不执行业务请求#1对应的请求。
本申请实施例提供的人机识别的方法,使用了云端服务器和终端结合的工作模式。具体包括:终端发送给云端服务器的数据是从少量运动传感器数据和触屏数据提取出来的数据特征(例如,平均值和/或标准差等),云端服务器无法根据这些数据特征恢复出原始传感器数据,即终端发送给云端服务器的这些数据无法关联到具体用户和具体设备,不包含用户隐私信息;人机识别使用的人机识别模型部署在云端服务器中,人机识别在云端服务器中完成,云端服务器返回的令牌#1在终端无法解析,攻击者无法通过分析令牌#1获取人机识别结果,进而推测出模型的工作逻辑,因此,人机识别模型的机密性也能得到保护。此外,人机识别模型是根据用户特征数据和机器特征数据训练得到的,用户特征数据和机器特征数据的变化情况存在明显差异(用户特征数据变化波动较大,机器特征数据变化波动较小),该方法还可以提高人机识别的准确率。综上,本申请实施例提供的人机识别的方法,在实现机器自动化攻击防护的同时保证了用户隐私和人机识别模型的机密性,还可以提高人机识别的准确率。
图4是本申请实施例提供的人机识别的方法的另一个具体实施例的示意性流程图。该方法可以但不限于应用于上文图1所示的系统架构100中。如图4所示,该方法包括步骤 410至步骤470。下面详细介绍步骤410至步骤470。
步骤410,云端服务器对用户特征数据和机器特征数据进行训练,得到人机识别模型。
用户特征数据至少包括用户触屏生成的运动传感器数据,用户触屏表示用户点击终端的屏幕。其中,该用户触屏生成的运动传感器数据包括以下至少一种:用户触屏生成的运动传感器的原始数据(简记为用户原始数据1),用户原始数据1的平均值,用户原始数据1的标准差,用户原始数据1中相邻数据的差值的平均值,或用户原始数据1中相邻数据的差值的标准差。原始数据1中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述用户特征数据还可以包括用户触屏的触屏数据。其中,该用户触屏的触屏数据包括以下至少一种:用户触屏生成的触屏数据(简记为用户原始数据2),用户原始数据2的平均值,用户原始数据2的标准差,用户原始数据2中相邻数据的差值的平均值,或用户原始数据2中相邻数据的差值的标准差。原始数据2中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述标准差还可以替换为方差。可选的,上述用户触屏的触屏数据还可以包括:用户点击终端的应用程序时该终端的屏幕生成的数据中相邻数据的几何距离(例如但不限于,欧式距离或马氏距离等)。
机器特征数据至少包括机器触屏生成的运动传感器数据,机器触屏表示机器点击终端的屏幕。可选的,该机器特征数据还可以包括机器触屏的触屏数据。其中,该机器触屏生成的运动传感器数据包括以下至少一种:机器触屏生成的运动传感器的原始数据(简记为机器原始数据1),机器原始数据1的平均值,机器原始数据1的标准差,机器原始数据1中相邻数据的差值的平均值,或机器原始数据1中相邻数据的差值的标准差。原始数据1中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述机器特征数据还可以包括机器触屏的触屏数据。其中,该机器触屏的触屏数据包括以下至少一种:机器触屏生成的触屏数据(简记为机器原始数据2),机器原始数据2的平均值,机器原始数据2的标准差,机器原始数据2中相邻数据的差值的平均值,或机器原始数据2中相邻数据的差值的标准差。原始数据2中相邻数据,可以理解为,相邻时刻采集到的运动传感器数据。可选的,上述标准差还可以替换为方差。可选的,上述机器触屏的触屏数据还可以包括:机器点击终端的应用程序时该终端的屏幕生成的数据中相邻数据的几何距离(例如但不限于,欧式距离或马氏距离等)。
上述运动传感器数据包括以下至少一种:加速度传感器,重力加速度传感器,或陀螺仪。上述触屏数据包括以下至少一种:触屏面积,触屏时延戳,触屏时延,触屏压力,或触屏坐标(可以计算欧式距离)。触屏时间戳,可以理解为操作者触摸终端的屏幕的时刻。触屏时延,可以理解为操作者从终端的屏幕抬起的时刻减去操作者按压终端的屏幕的时刻。
在本申请实施例中,人机识别模型的输入和输出可以满足线性关系。在一种可能的设计中,该人机识别模型可以是一个线性模型,该线性模型可以表示为以下公式:
y=wx+b
其中,w和b为该人机识别模型的模型参数。x为人机识别模型的输入,例如,该x可以为14维向量,且该14维向量可以对应上述用户原始数据1的平均值。又如,该x可以为10维向量,且该10维向量可以对应上述用户原始数据2的标准差。y为人机识别模型的输出,该输出可以为一个置信度。w和x可以为n维向量,n为正整数。
以上述步骤410得到的人机识别模型为y=wx+b,该线性模型的输出为置信度为例, 介绍根据该人机识别模型如何确定该输入x对应的操作是机器操作或机器操作。在一种可能的设计中,云端服务器可以通过比较置信度与阈值的大小,确定该置信度对应的输入是用户操作或机器操作。阈值的范围为0至1的任意数值,对阈值的选取不作具体限定,例如阈值可以但不限于为以下一种:0,0.1,0.2,或0.5等。示例性的,假设阈值等于0.5,如果置信度小于0.5为用户操作,否则为机器操作。x为y=wx+b的输入,y=wx+b的输入为y,且y=0.63。基于此,云端服务器通过比较阈值和y,可以确定该x对应的操作为机器操作。
可选的,在上述步骤410之前云端服务器还可以执行以下操作:从终端获取上述用户特征数据和上述机器特征数据。
在本申请实施例中,为便于描述,下文中均以人机识别模型是根据以下数据进行训练得到的:用户原始数据1的平均值,用户原始数据1的标准差,机器原始数据1的平均值,以及机器原始数据1的标准差。
步骤420,响应于触屏操作#1,终端获取触屏特征数据#1和传感器特征数据#1。
对上述触屏操作#1不作具体限定。例如,该触屏操作#1可以是用户触屏操作。又如,该触屏操作#1可以是机器触屏操作。再如,该触屏操作#1可以包括用户触屏操作和机器触屏操作。触屏特征数据#1可以包括一段时间内终端采集的触屏数据。传感器特征数据#1可以包括一段时间内终端采集的传感器数据。对该一段时间的长度不作具体限定。例如,该一段时间可以为5秒,10秒,或20秒。在本申请实施例中,用户可以理解为人。触屏操作,可以理解为点击终端的屏幕的操作。用户触屏操作(可简称为用户操作),即用户触摸终端的屏幕的操作。
示例性的,响应于触屏操作#1(即,用户触屏操作),终端获取触屏特征数据#1和传感器特征数据#1,可以包括以下步骤:终端的App启动时,进行SDK的初始化,然后监控应用的活动(activity)生命周期,当检测到触屏操作#1时,该SDK开始采集触屏数据和传感器数据采集,从而获取触屏特征数据#1和传感器特征数据#1。又如,响应于触屏操作#1(即,用户触屏操作),终端获取触屏数据#1和传感器数据#1,可以包括以下步骤:终端的App启动时,进行SDK的初始化,然后监控应用的活动(activity)生命周期,同时该SDK开始采集终端的传感器数据;当检测到触屏操作#1时,该SDK开始采集触屏数据,从而获取触屏数据#1。这种实现方式中,终端可以根据触屏事件时间戳对SDK采集到的终端的传感器进行过滤,得到传感器数据#1。
在本申请实施例中,为便于描述,下文中均以触屏操作#1为机器触屏终端的应用程序#1的操作为例进行介绍,即触屏特征数据#1和传感器特征数据#1可以理解为是机器点击终端的屏幕显示的应用程序#1生成的数据。该触屏特征数据#1可以包括机器触屏生成的触屏数据的原始数据的平均值,该触屏数据的原始数据可以但不限于包括:触屏面积,触屏时延戳,触屏时延,触屏压力和触屏坐标。该传感器特征数据#1可以包括机器触屏生成的运动传感器的原始数据的平均值,该运动传感器的原始数据包括机器触屏期间该运动传感器的x轴、y轴和z轴的输出值。
步骤430,终端利用私钥#1对触屏特征数据#1和传感器特征数据#1进行数字签名,得到签名值#1,并将签名值#1,触屏特征数据#1和传感器特征数据#1发给云端服务器。
其中,终端利用私钥#1对触屏特征数据#1和传感器特征数据#1进行数字签名,得到 签名值#1,可以包括以下步骤:终端对触屏特征数据#1和传感器特征数据#1进行哈希处理,得到哈希值;用私钥#1对哈希值进行加密,得到签名值#1。
在本申请实施例中,终端执行上述步骤420和上述步骤430时可以是在TEE中执行的。
步骤440,云端服务器利用公钥#1对签名值#1进行验证,确定验证通过。
可以理解的是,云端服务器确定验证通过,即签名值#1在由终端发送给云端服务器至云端服务器接收到签名值#1的过程中没有被攻击者攻击(例如,篡改签名值#1的信息)。还可以理解的是,签名值#1通过验证,即与签名值#1一起发送给云端服务器的触屏特征数据#1和传感器特征数据#1中的任意一个集合也没有被攻击者攻击,即云端服务器接收到的触屏特征数据#1和传感器特征数据#1中的任意一个集合都是可信任的数据。
可选的,上述步骤440还可以替换为以下步骤:云端服务器利用公钥#1对签名值#1进行验证,确定验证不通过。即云端服务器接收到的签名值#1是被攻击者攻击后的签名值,这种实现方式中,在步骤440之后不执行下文中的步骤450至步骤470。
步骤450,在签名值#1验证通过的情况下,云端服务器根据触屏特征数据#1和传感器特征数据#1确定触屏操作#1为机器操作,生成令牌#1,并将令牌#1发送给终端。相应的,终端接收到云端服务器发送的令牌#1。
令牌#1用于指示发送应用程序#1的业务请求#1时携带令牌#1。业务请求#1可以理解为应用程序#1生成的任意一个业务请求。可选的,在一些实现方式中,业务请求#1可以为触屏特征数据#1和传感器特征数据#1对应的业务请求。可选的,在另一些实现方式中,业务请求#1可以不是触屏特征数据#1和传感器特征数据#1对应的业务请求。
上述步骤450中,云端服务器确定触屏操作#1为机器操作后,生成对应的令牌#1。此后,云端服务器侧存储有关联关系#1,关联关系#1表示令牌#1与终端的应用程序#1生成业务请求#1的操作者为机器操作之间的关联关系。令牌#1令牌#1对根据触屏操作#1为机器操作,生成对应的令牌#1的方法不作具体限定。在本申请实施例中,云端服务器识别该令牌#1后,根据关联关系#1可以确定该令牌#1用于指示的触屏操作#1为机器操作。令牌#1令牌#1令牌#1可以理解的是,在本申请实施例中,终端侧(例如但不限于应用程序#1)可以存储有令牌#1,但该终端识别该一个令牌#1后,该终端仅可以得知发送业务请求#1时需要携带该令牌#1,但该终端不知道与该一个令牌#1的作用。令牌#1也就是说,令牌#1终端获取该令牌#1后,对该令牌#1进行处理并不能得到以下结果:令牌#1业务请求#1对应的触屏操作#1为机器操作。换句话说,终端中没有存储关联关系#1令牌#1。可选的,令牌#1可以是有生命周期,对令牌#1的生命周期的长度不作具体限定。例如,令牌#1的生命周期的长度可以为30秒(s)。可以理解的是,当令牌#1超过生命周期时,该令牌#1可以被应用程序#1释放或删除。
上述步骤450中,云端服务器根据触屏特征数据#1和传感器特征数据#1确定触屏操作#1为机器操作,可以包括以下步骤:云端服务器根据将触屏特征数据#1和传感器特征数据#1输入至人机识别模型中,得到置信度#1,置信度#1为人机识别模型的输出结果;云端服务器通过比较置信度#1和阈值#1的大小,确定触屏操作#1为机器操作。人机识别置信度#1的取值范围可以为0至1的任意数值。阈值#1的大小可以是根据实际应用场景确定的,对该阈值#1的大小不作具体限定。为便于描述,在本申请实施例中,假设:阈 值#1等于0.2;人机识别置信度(即,人机识别模型的输出结果)大于等于阈值#1,该人机识别置信度对应的人机识别模型的输入对应的操作为机器操作。基于此,置信度#1可以为大于等于阈值#1且不大于1的任意数值,例如,置信度#1可以为0.3或0.69等。
可选的,在上述步骤450之后云端服务器还可以执行以下步骤:利用触屏特征数据#1和传感器特征数据#1对上述步骤410获得的人机识别模型进行更新。
步骤460,在令牌#1的生命周期内,终端向云端服务器发送请求#1,请求#1包括业务请求#1和令牌#1,业务请求#1为终端得应用程序#1发送的业务请求。
其中,终端接收到了云端服务器发送的令牌#1,且令牌#1用于指示发送业务请求#1时携带令牌#1令牌#1,基于此,终端发送业务请求#1时会携带令牌#1,即终端可以通过发送请求#1将业务请求#1和令牌#1发送给云端服务器。
步骤470,云端服务器根据令牌#1确定业务请求#1为机器执行的操作,并忽略业务请求#1对应的请求。
云端服务器根据令牌#1确定业务请求#1为机器执行的操作,可以包括以下步骤:云端服务器根据本地存储的关联关系#1和请求#1,可以确定该业务请求#1为机器执行的操作,令牌#1。
上述方法中终端执行的操作可以但不限于在终端的应用层实现,该终端的操作系统可以但不限于为以下一种:安卓(Android),iOS,或鸿蒙(HarmonyOs)。
应理解,上述图4所描述的方法仅为示意,并不对本申请实施例提供的人机识别的方法构成任何限定。上述图4所描述的方法均以触屏操作#1为机器操作为例进行介绍,可选的,触屏操作#1还可以替换为用户操作,这种实现方式中,关联关系#1表示令牌#1与用户操作之间的关联关系,上步骤450中的“在签名值#1验证通过的情况下,云端服务器根据触屏特征数据#1和传感器特征数据#1确定触屏操作#1为机器操作”可以替换为“在签名值#1验证通过的情况下,云端服务器根据触屏特征数据#1和传感器特征数据#1确定触屏操作#1为用户操作”,以及上述步骤470可以替换为以下步骤:云端服务器根据令牌#1确定该业务请求#1为用户执行的操作,执行业务请求#1对应的请求。
本申请实施例提供的人机识别的方法,使用了云端服务器和终端结合的工作模式。具体包括:终端发送给云端服务器的数据是从少量运动传感器数据和触屏数据提取出来的数据特征(例如,平均值或标准差等),云端服务器无法根据这些数据特征恢复出原始传感器数据,终端设备发送给云端服务器的这些数据无法关联到具体用户和具体设备,不包含用户隐私信息;人机识别使用的人机识别模型部署在云端服务器中,人机识别在云端服务器中完成,云端服务器返回的令牌#1在终端无法解析,攻击者无法通过分析令牌#1获取人机识别结果,进而推测出模型的工作逻辑,因此,人机识别模型的机密性也能得到保护。此外,人机识别模型是根据用户特征数据和机器特征数据训练得到的,用户特征数据和机器特征数据的变化情况存在明显差异,该方法还可以提高人机识别的准确率。与上述图3提供的人机识别的方法相比,该方法通过在TEE中利用数字签名的方法实现对用户数据(即,触屏特征数据#1和传感器特征数据#1)的隐私保护,移除了终端侧的同态加密运算,该方法在计算速度和内存占用等方面可以得到优化。综上,本申请实施例提供的人机识别的方法,在实现机器自动化攻击防护的同时保证了用户隐私和人机识别模型的机密性,还可以提高人机识别的准确率和效率。
需说明的是,上述图3所示的人机识别的方法以同态加密算法为例进行了介绍。上述图4所示的人机识别的方法以数字签名算法为例进行了介绍。上述图3和上述图4所示的人机识别的方法的实施例仅为示意,并不对本申请实施例提供的人机识别的方法构成任何限定。可选的,上述加密算法(即,同态加密算法或数字签名)还可以替换为其他的加密算法,例如其他的加密算法可以但不限于是高级加密标准(advanced encryption standard,AES)算法,利用AES加密的加密流程可以为现有的AES加密流程,本申请实施例对此不作具体限定。
下面,结合图5介绍本申请实施例提供的另一种人机识别的方法。
图5是本申请实施例提供的一种人机识别的方法的示意性流程图。该方法可以应用于终端。如图5所示,该方法包括步骤510至步骤540。下面详细介绍步骤510至步骤540。
步骤510,终端获取人机识别模型。
在一些可能的实现方式中,终端获取人机识别模型,可以包括以下步骤:终端从服务器处获取该人机识别模型,该人机识别模型可以是该服务器对用户特征数据和机器特征数据进行训练得到的。这种实现方式,在上述步骤510之前,终端还可以向服务器发送用户特征数据和机器特征数据。服务器对用户特征数据和机器特征数据进行训练得到的人机识别模型的方法,与上述步骤310和上述步骤410所示的方法的执行流程相同。具体可以参见上文中的相关描述,此处不再详细赘述。可选的,在终端的计算能力可以满足模型训练的要求的情况下,终端获取人机识别模型,还可以包括以下步骤:终端对用户特征数据和机器特征数据进行训练,以获取人机识别模型。对终端根据用户特征数据和机器特征数据进行训练得到人机识别模型的方法不作具体限定,例如但不限于利用现有的机器学习的方法得到该人机识别模型。
步骤520,响应于触屏操作#1,终端获取触屏数据#1和传感器数据#1,触屏数据#1和传感器数据#1为用户点击终端的屏幕显示的应用程序#1生成的数据。
其中,响应于触屏操作#1,终端获取触屏数据#1和传感器数据#1的方法,与上述步骤330和上述步骤420所示的方法的执行流程相同,仅是执行主体不同。具体可以参见上文中的相关描述,此处不再详细赘述。
步骤530,终端根据人机识别模型,触屏特征数据#1和传感器特征数据#1,确定触屏操作#1为用户操作,并生成令牌#1,令牌#1用于指示发送应用程序#1的业务请求。
其中,终端根据人机识别模型,触屏特征数据#1和传感器特征数据#1,确定触屏操作#1为用户操作,可以包括以下步骤:终端将触屏特征数据#1和传感器特征数据#1输入人机识别模型,得到置信度#1;通过比较置信度#1与阈值#1,确定触屏操作#1为用户操作。
可以理解的是,终端执行上述步骤530后,该终端的应用程序#1中可以存储有该令牌#1。
步骤540,终端发送应用程序#1的业务请求#1。
终端发送应用程序#1的业务请求#1,可以包括:终端向应用服务器发送应用程序#1的业务请求#1。相应的,应用服务器接收到该业务请求#1后,可以向该终端提供该业务请求#1请求的网络资源。
可选的,终端执行上述步骤510至上述步骤540时可以是在TEE中执行的。
上述步骤510至上述步骤540中,终端执行的操作可以但不限于在终端的应用层实现,该终端的操作系统可以但不限于为以下一种:安卓(Android),iOS,或鸿蒙(HarmonyOs)。应理解,上述图5所示的人机识别的方法仅为示意,并不对本申请实施例提供的人机识别方法构成任何限定。例如,上述步骤520中的触屏数据#1和传感器数据#1还可以为机器点击终端的屏幕显示的应用程序#1生成的数据。基于此,上述步骤530中的确定触屏操作#1为用户操作可以替换为,确定触屏操作#1为机器操作。令牌#1用于指示发送应用程序#1的业务请求可以替换为,令牌#1用于指示不发送应用程序#1的业务请求。这种实现方式中终端不执行上述步骤540。例如,上述步骤530和上述步骤540还可以替换为以下步骤:终端根据人机识别模型,触屏特征数据#1和传感器特征数据#1,确定触屏操作#1为用户操作,对该触屏结果(即,触屏操作#1为用户操作)进行对称加密得到令牌#1,令牌#1用于指示应用程序#1发送的业务请求的操作者为用户;终端向服务器发送令牌#1和应用程序#1的业务请求#1。相应的,服务器接收到该业务请求#1和令牌#1,服务器对该令牌#1进行解密后,确定执行该业务请求#1的操作者为用户,此后服务器可以执行业务请求#1对应的请求。
上述技术方案中,人机识别模型部署在终端侧,终端可以根据人机识别模型和点击终端的屏幕生成的数据(即,触屏数据#1和传感器数据#1),对终端待发送的业务请求#1进行人机识别,在确定业务请求#1为用户操作的情况下,终端会发送该业务请求#1。人机识别模型是根据用户特征数据和机器特征数据训练得到的,用户特征数据和机器特征数据的变化情况存在明显差异,该方法可以提高人机识别的准确率。该方法实现人机识别的过程中不需要该终端与服务器进行交互,可以简化人机识别的流程。
应理解,在本申请的各种实施例中,上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。
上文结合图2至图5,详细描述了本申请实施例提供的人机识别的方法,下面将结合图6和图7详细描述本申请提供的人机识别的装置。应理解,装置实施例的描述与方法实施例的描述相互对应,因此,未详细描述的内容可以参见上文方法实施例,为了简洁,部分内容不再赘述。
本申请中可以根据上述方法示例对服务器或者终端进行功能模块的划分,例如,可以对应各个功能划分各个功能模块,也可以将两个或两个以上的功能集成在一个处理模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。需要说明的是,本申请实施例中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。下面以采用对应各个功能划分各个功能模块为例进行说明。
图6是本申请实施例提供的一种人机识别的装置600的示意性结构图。如图6所示该通信装置600包括收发单元610和处理单元620,
可选的,该装置600还可以包括存储单元,该存储单元可以用于存储指令和/或数据,处理单元620可以读取存储单元中的指令和/或数据,以使得装置实现前述方法实施例。
在一种可能的设计中,该装置600可以用于执行上文方法实施例中服务器或云端服务器所执行的动作,这时,该装置600可以为服务器或云端服务器,或者该装置600可以为可配置于服务器或云端服务器的部件,收发单元610用于执行上文方法实施例中服务器或 云端服务器的收发相关的操作,处理单元620用于执行上文方法实施例中服务器或云端服务器处理相关的操作。
在另一种可能的设计中,该装置600可以用于执行上文方法实施例中终端所执行的动作,这时,该装置600可以为终端或者可配置于终端的部件,收发单元610用于执行上文方法实施例中终端的收发相关的操作,处理单元620用于执行上文方法实施例中终端处理相关的操作。
应理解,各单元执行上述相应步骤的具体过程在上述方法实施例中已经详细说明,为了简洁,在此不再赘述。
上文实施例中的处理单元620可以由至少一个处理器或处理器相关电路实现。收发单元610可以由收发器或收发器相关电路实现。存储单元可以通过至少一个存储器实现。
图7是本申请实施例提供的一种人机识别的装置700的硬件结构示意图。如图7所示,所述人机识别的装置700包括处理器701、存储器702、接口703和总线704。其中接口703可以通过无线或有线的方式实现,具体来讲可以是网卡。上述处理器701、存储器702和接口703通过总线704连接。
在一些实现方式中,图7所示的装置700可以执行上述方法实施例中服务器或云端服务器执行的相应步骤,具体可以参见上述方法实施例中的相关描述。
所述接口703具体可以包括发送器和接收器,用于服务器或云端服务器实现上述收发。
所述处理器701用于执行上述实施例中由服务器或云端服务器进行的处理。存储器702包括操作系统7021和应用程序7022,用于存储程序、代码或指令,当处理器或硬件设备执行这些程序、代码或指令时可以完成方法实施例中涉及服务器或云端服务器的处理过程。可选的,所述存储器702可以包括只读存储器(read-only memory,ROM)和随机存取存储器(random access memory,RAM)。其中,所述ROM包括基本输入/输出系统(basic input/output system,BIOS)或嵌入式系统;所述RAM包括应用程序和操作系统。当需要运行人机识别的装置700时,通过固化在ROM中的BIOS或者嵌入式系统中的bootloader引导系统进行启动,引导人机识别的装置700进入正常运行状态。在人机识别的装置700进入正常运行状态后,运行在RAM中的应用程序和操作系统,从而,完成方法实施例中涉及人机识别的装置700的处理过程。
在另一些实现方式中,图7所示的装置700可以执行上述方法实施例中终端执行的相应步骤,具体可以参见上述方法实施例中的相关描述。
所述接口703具体可以包括发送器和接收器,用于终端实现上述收发。
所述处理器701用于执行上述实施例中由终端进行的处理。存储器702包括操作系统7021和应用程序7022,用于存储程序、代码或指令,当处理器或硬件设备执行这些程序、代码或指令时可以完成方法实施例中涉及终端的处理过程。可选的,所述存储器702可以包括只读存储器(read-only memory,ROM)和随机存取存储器(random access memory,RAM)。其中,所述ROM包括基本输入/输出系统(basic input/output system,BIOS)或嵌入式系统;所述RAM包括应用程序和操作系统。当需要运行人机识别的装置700时,通过固化在ROM中的BIOS或者嵌入式系统中的bootloader引导系统进行启动,引导人机识别的装置700进入正常运行状态。在人机识别的装置700进入正常运行状态后,运行在RAM中的应用程序和操作系统,从而,完成方法实施例中涉及人机识别的装置700的 处理过程。
可以理解的是,上述图7仅示出了人机识别的装置700的简化设计。在实际应用中,服务器或云端服务器可以包含任意数量的接口,处理器或者存储器。
本申请实施例还提供了一种计算机可读介质,该计算机可读介质存储有程序代码,当该计算机程序代码在计算机上运行时,使得计算机执行上述服务器或云端服务器执行的方法。这些计算机可读存储包括但不限于如下的一个或者多个:只读存储器(read-only memory,ROM)、可编程ROM(programmable ROM,PROM)、可擦除的PROM(erasable PROM,EPROM)、Flash存储器、电EPROM(electrically EPROM,EEPROM)以及硬盘驱动器(harddrive)。
本申请实施例还提供了一种计算机可读介质,该计算机可读介质存储有程序代码,当该计算机程序代码在计算机上运行时,使得计算机执行上述终端执行的方法。这些计算机可读存储包括但不限于如下的一个或者多个:只读存储器(read-only memory,ROM)、可编程ROM(programmable ROM,PROM)、可擦除的PROM(erasable PROM,EPROM)、Flash存储器、电EPROM(electrically EPROM,EEPROM)以及硬盘驱动器(harddrive)。
本申请实施例还提供了一种芯片,应用于服务器或云端服务器中,该芯片包括:至少一个处理器、至少一个存储器和接口电路,所述接口电路负责所述芯片与外界的信息交互,所述至少一个存储器、所述接口电路和所述至少一个处理器通过线路互联,所述至少一个存储器中存储有指令;所述指令被所述至少一个处理器执行,以进行上述各个方面的所述的方法中所述服务器或云端服务器的操作。在具体实现过程中,该芯片可以以中央处理器(centralprocessingunit,CPU)、微控制器(micro controller unit,MCU)、微处理器(micro processing unit,MPU)、数字信号处理器(digital signal processing,DSP)、片上系统(system on chip,SoC)、专用集成电路(application-specific integrated circuit,ASIC)、现场可编程门阵列(field programmable gate array,FPGA)或可编辑逻辑器件(programmable logic device,PLD)的形式实现。
本申请实施例还提供了一种芯片,应用于终端中,该芯片包括:至少一个处理器、至少一个存储器和接口电路,所述接口电路负责所述芯片与外界的信息交互,所述至少一个存储器、所述接口电路和所述至少一个处理器通过线路互联,所述至少一个存储器中存储有指令;所述指令被所述至少一个处理器执行,以进行上述各个方面的所述的方法中涉及终端的操作。在具体实现过程中,该芯片可以以中央处理器(centralprocessingunit,CPU)、微控制器(micro controller unit,MCU)、微处理器(micro processing unit,MPU)、数字信号处理器(digital signal processing,DSP)、片上系统(system on chip,SoC)、专用集成电路(application-specific integrated circuit,ASIC)、现场可编程门阵列(field programmable gate array,FPGA)或可编辑逻辑器件(programmable logic device,PLD)的形式实现。
本申请实施例还提供了一种计算机程序产品,应用于服务器或云端服务器中,所述计算机程序产品包括一系列指令,当所述指令被运行时,以进行上述各个方面的所述的方法中所述服务器或云端服务器的操作。
本申请实施例还提供了一种计算机程序产品,应用于终端中,所述计算机程序产品包括一系列指令,当所述指令被运行时,以进行上述各个方面的所述的方法中所述终端的操 作。
本申请实施例还提供了一种人机识别的系统,包括:上述服务器或云端服务器和终端。
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。
以上所述,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以所述权利要求的保护范围为准。

Claims (30)

  1. 一种人机识别的方法,其特征在于,包括:
    服务器根据人机识别模型和第一特征数据生成令牌,并向终端发送所述令牌,所述人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,所述第一特征数据是点击所述终端的屏幕显示的第一应用程序生成的数据,所述令牌用于指示发送所述第一应用程序生成的第一业务请求时携带所述令牌,所述用户特征数据和所述机器特征数据是点击所述终端的屏幕生成的数据;
    所述服务器接收所述终端发送的请求,所述请求包括所述第一业务请求和所述令牌;
    所述服务器根据第一关联关系和所述令牌,确定所述第一业务请求为用户操作,或机器操作,所述服务器存储有所述第一关联关系,所述第一关联关系为所述令牌与生成所述第一业务请求的操作者之间的关联关系。
  2. 根据权利要求1所述的方法,其特征在于,所述服务器根据人机识别模型和第一特征数据生成令牌,包括:
    所述服务器将所述第一特征数据输入所述人机识别模型,得到第一置信度;
    所述服务器根据第一阈值和所述第一置信度,确定生成所述第一业务请求的操作者为用户或机器,并生成所述令牌。
  3. 根据权利要求2所述的方法,其特征在于,所述服务器根据第一阈值和所述第一置信度,确定生成所述第一业务请求的操作者为用户或机器,并生成所述令牌,包括:
    在根据所述第一阈值和所述第一置信度确定所述第一业务请求的操作者,与根据第二置信度和所述第一阈值确定所述第一业务请求的操作者相同的情况下,所述服务器根据生成所述第一业务请求的操作者为所述用户或所述机器,生成所述令牌。
  4. 根据权利要求3所述的方法,其特征在于,所述方法还包括:
    所述服务器利用第一公钥对所述人机识别模型的参数进行加密生成第一密文,并向所述终端发送所述第一密文;
    所述服务器接收所述终端发送的第二密文,所述第二密文是利用所述第一密文和所述第一公钥对所述第一特征数据进行同态运算得到;
    所述服务器利用第一私钥对所述第二密文进行同态解密得到所述第二置信度。
  5. 根据权利要求2所述的方法,其特征在于,在所述服务器将所述第一特征数据输入所述人机识别模型,得到第一置信度之前,所述方法还包括:
    所述服务器接收所述终端发送的第一签名值和所述第一特征数据,所述第一签名值是利用第一私钥对所述第一特征数据进行数字签名得到的;
    所述服务器利用第一公钥对所述第一签名值进行验证,确定验证通过。
  6. 根据权利要求2至5任一项所述的方法,其特征在于,所述服务器根据第一阈值和所述第一置信度,确定生成所述第一业务请求的操作者为用户或机器,包括:
    在所述第一置信度大于等于所述第一阈值的情况下,所述服务器确定所述第一业务请求的操作者为所述用户;或者,
    在所述第一置信度小于所述第一阈值的情况下,所述服务器确定所述第一业务请求的操作者为所述机器。
  7. 根据权利要求1至6任一项所述的方法,其特征在于,所述服务器根据第一关联关系和所述令牌,确定所述第一业务请求为用户操作,或机器操作,包括:
    所述服务器根据所述第一关联关系和所述令牌,确定所述第一业务请求为所述用户操作,生成所述第一业务请求的操作者为用户,所述第一特征数据是所述用户点击所述终端的屏幕显示的第一应用程序生成的数据;或者,
    所述服务器根据所述第一关联关系和所述令牌,确定所述第一业务请求为所述机器操作,生成所述第一业务请求的操作者为机器,所述第一特征数据是所述机器点击所述终端的屏幕显示的第一应用程序生成的数据。
  8. 根据权利要求1至7任一项所述的方法,其特征在于,所述第一特征数据包括以下至少一种:
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据,或者点击所述第一应用程序时所述终端的屏幕生成的特征数据。
  9. 根据权利要求8所述的方法,其特征在于,
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的运动传感器生成的数据的平均值,或者点击所述第一应用程序时所述终端的运动传感器生成的数据的标准差;
    点击所述第一应用程序时所述终端的屏幕生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的屏幕生成的数据的平均值,或者点击所述第一应用程序时所述终端的屏幕生成的数据的标准差。
  10. 一种人机识别的方法,其特征在于,包括:
    终端接收服务器发送的令牌,所述令牌是根据人机识别模型和第一特征数据生成的,所述人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,所述第一特征数据是点击所述终端的屏幕显示的第一应用程序生成的数据,所述令牌用于指示发送所述第一应用程序的第一业务请求时携带所述令牌,所述用户特征数据和所述机器特征数据是点击所述终端的屏幕生成的数据;
    所述终端向所述服务器发送请求,所述请求包括所述第一业务请求和所述令牌。
  11. 根据权利要求10所述的方法,其特征在于,所述方法还包括:
    所述终端接收所述服务器发送的第一密文,所述第一密文是利用第一公钥对人机识别模型的参数进行加密得到的;
    所述终端利用所述第一密文和所述第一公钥对所述第一特征数据进行同态运算,得到第二密文;
    所述终端向所述服务器发送所述第二密文和所述第一特征数据。
  12. 根据权利要求10所述的方法,其特征在于,所述方法还包括:
    所述终端利用第一私钥对所述第一特征数据进行数字签名,得到第一签名值;
    所述终端向所述服务器发送所述第一签名值和所述第一特征数据。
  13. 根据权利要求10至12任一项所述的方法,其特征在于,所述第一特征数据包括以下至少一种:
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据,或者点击所述第一应用程序时所述终端的屏幕生成的特征数据。
  14. 根据权利要求13所述的方法,其特征在于,
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的运动传感器生成的数据的平均值,或者点击所述第一应用程序时所述终端的运动传感器生成的数据的标准差;
    点击所述第一应用程序时所述终端的屏幕生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的屏幕生成的数据的平均值,或者点击所述第一应用程序时所述终端的屏幕生成的数据的标准差。
  15. 一种人机识别的装置,其特征在于,包括:
    处理单元,用于根据人机识别模型和第一特征数据生成令牌,所述人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,所述第一特征数据是点击所述终端的屏幕显示的第一应用程序生成的数据,所述令牌用于指示发送所述第一应用程序的第一业务请求时携带所述令牌,所述用户特征数据和所述机器特征数据是点击所述终端的屏幕生成的数据;
    收发单元,用于向终端发送所述令牌;
    所述收发单元,还用于接收所述终端发送的请求,所述请求包括所述第一业务请求和所述令牌;
    所述处理单元,还用于根据第一关联关系和所述令牌,确定所述第一业务请求为用户操作,或机器操作,所述服务器存储有所述第一关联关系,所述第一关联关系为所述令牌与生成所述第一业务请求的操作者之间的关联关系。
  16. 根据权利要求15所述的装置,其特征在于,所述处理单元还用于:
    将所述第一特征数据输入所述人机识别模型,得到第一置信度;
    根据第一阈值和所述第一置信度,确定生成所述第一业务请求的操作者为用户或机器,并生成所述令牌。
  17. 根据权利要求16所述的装置,其特征在于,所述处理单元还用于:
    在根据所述第一阈值和所述第一置信度确定所述第一业务请求的操作者,与根据第二置信度和所述第一阈值确定所述第一业务请求的操作者相同的情况下,根据生成所述第一业务请求的操作者为所述用户或所述机器,生成所述令牌。
  18. 根据权利要求17所述的装置,其特征在于,
    所述处理单元,还用于利用第一公钥对所述人机识别模型的参数进行加密生成第一密文;
    所述收发单元还用于:
    向所述终端发送所述第一密文;
    接收所述终端发送的第二密文,所述第二密文是利用所述第一密文和所述第一公钥对所述第一特征数据进行同态运算得到;
    所述处理单元,还用于利用第一私钥对所述第二密文进行同态解密得到所述第二置信度。
  19. 根据权利要求16所述的装置,其特征在于,
    所述收发单元,还用于接收所述终端发送的第一签名值和所述第一特征数据,所述第一签名值是利用第一私钥对所述第一特征数据进行数字签名得到的;
    所述处理单元,还用于利用第一公钥对所述第一签名值进行验证,确定验证通过。
  20. 根据权利要求16至19任一项所述的装置,其特征在于,所述处理单元还用于:
    在所述第一置信度大于等于所述第一阈值的情况下,确定所述第一业务请求的操作者为所述用户;或者,
    在所述第一置信度小于所述第一阈值的情况下,确定所述第一业务请求的操作者为所述机器。
  21. 根据权利要求15至20任一项所述的装置,其特征在于,所述处理单元还用于:
    根据所述第一关联关系和所述令牌,确定所述第一业务请求为所述用户操作,生成所述第一业务请求的操作者为用户,所述第一特征数据是所述用户点击所述终端的屏幕显示的第一应用程序生成的数据;或者,
    根据所述第一关联关系和所述令牌,确定所述第一业务请求为所述机器操作,生成所述第一业务请求的操作者为机器,所述第一特征数据是所述机器点击所述终端的屏幕显示的第一应用程序生成的数据。
  22. 根据权利要求15至21任一项所述装置,其特征在于,所述第一特征数据包括以下至少一种:
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据,或者点击所述第一应用程序时所述终端的屏幕生成的特征数据。
  23. 根据权利要求22所述的装置,其特征在于,
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的运动传感器生成的数据的平均值,或者点击所述第一应用程序时所述终端的运动传感器生成的数据的标准差;
    点击所述第一应用程序时所述终端的屏幕生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的屏幕生成的数据的平均值,或者点击所述第一应用程序时所述终端的屏幕生成的数据的标准差。
  24. 一种人机识别的装置,其特征在于,包括:
    收发单元,用于接收服务器发送的令牌,所述令牌是根据人机识别模型和第一特征数据生成的,所述人机识别模型是对用户特征数据和机器特征数据训练得到的、用户操作和机器操作的分类器,所述第一特征数据是点击所述终端的屏幕显示的第一应用程序生成的数据,所述令牌用于指示发送所述第一应用程序的第一业务请求时携带所述令牌,所述用户特征数据和所述机器特征数据是点击所述终端的屏幕生成的数据;
    所述收发单元,还用于向所述服务器发送请求,所述请求包括所述第一业务请求和所述令牌。
  25. 根据权利要求24所述的装置,其特征在于,所述装置还包括处理单元,
    所述收发单元,还用于接收所述服务器发送的第一密文,所述第一密文是利用第一公钥对人机识别模型的参数进行加密得到的;
    所述处理单元,用于利用所述第一密文和所述第一公钥对所述第一特征数据进行同态运算,得到第二密文;
    所述收发单元,还用于向所述服务器发送所述第二密文和所述第一特征数据。
  26. 根据权利要求24所述的装置,其特征在于,所述装置还包括处理单元,
    所述处理单元,用于利用第一私钥对所述第一特征数据进行数字签名,得到第一签名值;
    所述收发单元,还用于向所述服务器发送所述第一签名值和所述第一特征数据。
  27. 根据权利要求24至26任一项所述的装置,其特征在于,所述第一特征数据包括以下至少一种:
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据,或者点击所述第一应用程序时所述终端的屏幕生成的特征数据。
  28. 根据权利要求27所述的装置,其特征在于,
    点击所述第一应用程序时所述终端的运动传感器生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的运动传感器生成的数据的平均值,或者点击所述第一应用程序时所述终端的运动传感器生成的数据的标准差;
    点击所述第一应用程序时所述终端的屏幕生成的特征数据包括以下至少一种:点击所述第一应用程序时所述终端的屏幕生成的数据的平均值,或者点击所述第一应用程序时所述终端的屏幕生成的数据的标准差。
  29. 一种人机识别装置,其特征在于,包括:处理器,所述处理器用于与存储器耦合,读取并执行所述存储器中的指令和/或程序代码,以执行如权利要求1至9中任一项所述的方法。
  30. 一种人机识别装置,其特征在于,包括:处理器,所述处理器用于与存储器耦合,读取并执行所述存储器中的指令和/或程序代码,以执行如权利要求10至14中任一项所述的方法。
PCT/CN2022/127091 2022-01-21 2022-10-24 人机识别的方法和装置 WO2023138135A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210072382.3 2022-01-21
CN202210072382.3A CN116522312A (zh) 2022-01-21 2022-01-21 人机识别的方法和装置

Publications (1)

Publication Number Publication Date
WO2023138135A1 true WO2023138135A1 (zh) 2023-07-27

Family

ID=87347721

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/127091 WO2023138135A1 (zh) 2022-01-21 2022-10-24 人机识别的方法和装置

Country Status (2)

Country Link
CN (1) CN116522312A (zh)
WO (1) WO2023138135A1 (zh)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101496059A (zh) * 2005-04-19 2009-07-29 微软公司 网络商业交易
US20170083697A1 (en) * 2015-09-18 2017-03-23 Ricoh Company, Ltd. Information processing system, information processing apparatus, and method for processing information
CN113498515A (zh) * 2020-02-06 2021-10-12 谷歌有限责任公司 在内容平台上验证用户交互

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101496059A (zh) * 2005-04-19 2009-07-29 微软公司 网络商业交易
US20170083697A1 (en) * 2015-09-18 2017-03-23 Ricoh Company, Ltd. Information processing system, information processing apparatus, and method for processing information
CN113498515A (zh) * 2020-02-06 2021-10-12 谷歌有限责任公司 在内容平台上验证用户交互

Also Published As

Publication number Publication date
CN116522312A (zh) 2023-08-01

Similar Documents

Publication Publication Date Title
US9807066B2 (en) Secure data transmission and verification with untrusted computing devices
JP5981610B2 (ja) 電子取引用のネットワーク認証方法
US8176324B1 (en) Method and system for a secure virtual keyboard
US10848304B2 (en) Public-private key pair protected password manager
EP3333742B1 (en) System and method for trusted presentation of information on untrusted user devices
US20100328074A1 (en) Human presence detection techniques
KR102429406B1 (ko) 콘텐츠 플랫폼에서 사용자 상호작용 확인
WO2015188424A1 (zh) 一种密钥存储设备及其使用方法
WO2018223797A1 (zh) 数据响应方法、终端设备以及服务器
EP3206329B1 (en) Security check method, device, terminal and server
JP2008269610A (ja) リモートアプリケーションを対象とした機密データの保護
CN113691502A (zh) 通信方法、装置、网关服务器、客户端及存储介质
TWI724684B (zh) 用於執行經過身分驗證的加密操作的方法、系統及裝置
US20110202772A1 (en) Networked computer identity encryption and verification
KR101617318B1 (ko) 데이터 입력 방법 및 장치
CN114363088B (zh) 用于请求数据的方法和装置
CN112987942A (zh) 键盘输入信息的方法、装置、系统、电子设备和存储介质
CN114884714B (zh) 任务处理方法、装置、设备及存储介质
WO2023138135A1 (zh) 人机识别的方法和装置
Gu et al. Toauth: Towards automatic near field authentication for smartphones
CN108460299A (zh) 一种基于非对称算法的键盘加密系统及键盘加密方法
WO2016119438A1 (zh) 一种终端及其加密和解密方法
CN112449143B (zh) 一种安全视频的实现方法及实现系统
WO2023132068A1 (ja) 形式検証装置、形式検証方法およびプログラム
Özkal Increasing Security in Communication Between Iot Devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22921559

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE