[go: up one dir, main page]

CN105812378A - Access request processing method and device - Google Patents

Access request processing method and device Download PDF

Info

Publication number
CN105812378A
CN105812378A CN201610252307.XA CN201610252307A CN105812378A CN 105812378 A CN105812378 A CN 105812378A CN 201610252307 A CN201610252307 A CN 201610252307A CN 105812378 A CN105812378 A CN 105812378A
Authority
CN
China
Prior art keywords
access request
probability
eigenvalue
user terminal
preset duration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610252307.XA
Other languages
Chinese (zh)
Inventor
金帅
李伟
马鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xiaomi Mobile Software Co Ltd
Original Assignee
Beijing Xiaomi Mobile Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiaomi Mobile Software Co Ltd filed Critical Beijing Xiaomi Mobile Software Co Ltd
Priority to CN201610252307.XA priority Critical patent/CN105812378A/en
Publication of CN105812378A publication Critical patent/CN105812378A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

本公开是关于一种访问请求处理方法及装置,属于网络技术领域。所述方法包括:在接收到用户终端发起的一个访问请求后,统计所述用户终端在第一预设时长内提交访问请求的次数;根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,所述可能性特征值用于表征所述访问请求为恶意请求的概率;根据所述访问请求的可能性特征值,对所述访问请求进行处理。本公开实现了基于用户提交次数对访问请求进行是否为恶意用户发起的判定及是否进行响应处理的目的,可在不影响用户体验的前提下,有效防止恶意用户的自动化程序提交。

The disclosure relates to an access request processing method and device, and belongs to the field of network technology. The method includes: after receiving an access request initiated by a user terminal, counting the number of times the user terminal submits an access request within a first preset time period; The number of access requests determines the possibility feature value of the access request, and the possibility feature value is used to characterize the probability that the access request is a malicious request; according to the possibility feature value of the access request, the access request The request is processed. The disclosure realizes the purpose of judging whether an access request is initiated by a malicious user and performing response processing based on the number of user submissions, and can effectively prevent malicious users from submitting automated programs without affecting user experience.

Description

访问请求处理方法及装置Access request processing method and device

技术领域technical field

本公开涉及网络技术领域,特别涉及一种访问请求处理方法及装置。The present disclosure relates to the field of network technology, in particular to a method and device for processing an access request.

背景技术Background technique

在互联网技术不断发展的今天,网络中充斥着大量的安全隐患,比如时下一些恶意用户为了盗取用户的个人隐私信息,经常通过自动化程序进行数据提交的方式来不断向网站发送访问请求,例如通过不断重复提交数据试图破解他人的网站登录密码;对于支持货到付款的电商网站,在没有购物意图的情况下不断地重复下货到付款的订单等。为了防止上述安全隐患对用户的财产安全或人身安全造成不良影响,各种大中型网站在处理访问请求时,均引入了信息安全技术。Today, with the continuous development of Internet technology, the network is full of a large number of security risks. For example, in order to steal the user's personal privacy information, some malicious users often send access requests to the website through automated procedures for data submission, such as through Repeatedly submitting data in an attempt to crack other people's website login passwords; for e-commerce websites that support cash on delivery, repeatedly placing cash on delivery orders without shopping intentions, etc. In order to prevent the above-mentioned hidden dangers from causing adverse effects on users' property safety or personal safety, various large and medium-sized websites have introduced information security technology when processing access requests.

相关技术中,在处理用户的访问请求时,为了避免程序化地自动向网站提交访问请求,时下各种大中型网站均设置了验证码。仅在用户输入正确地验证码后,才能向网站提交访问请求。比如,铁道部的12306售票网站便是采取了基于验证码的提交方式。In related technologies, when processing a user's access request, in order to avoid programmatically and automatically submitting the access request to the website, various large and medium-sized websites are provided with verification codes. Only after the user enters the correct verification code can he submit an access request to the website. For example, the 12306 ticketing website of the Ministry of Railways adopts a verification code-based submission method.

发明内容Contents of the invention

为克服相关技术中存在的问题,本公开提供一种访问请求处理方法及装置。In order to overcome the problems existing in related technologies, the present disclosure provides a method and device for processing an access request.

根据本公开实施例的第一方面,提供一种访问请求处理方法,所述方法包括:According to a first aspect of an embodiment of the present disclosure, a method for processing an access request is provided, the method including:

在接收到用户终端发起的一个访问请求后,统计所述用户终端在第一预设时长内提交访问请求的次数;After receiving an access request initiated by the user terminal, counting the number of times the user terminal submits the access request within the first preset duration;

根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,所述可能性特征值用于表征所述访问请求为恶意请求的概率;Determine the possibility characteristic value of the access request according to the number of times the user terminal submits the access request within the first preset time period, and the possibility characteristic value is used to represent the probability that the access request is a malicious request;

根据所述访问请求的可能性特征值,对所述访问请求进行处理。The access request is processed according to the possibility feature value of the access request.

在另一个实施例中,所述接收到访问请求后,所述方法还包括:In another embodiment, after receiving the access request, the method further includes:

在日志中记录提交所述访问请求的用户的标识信息;Record the identification information of the user who submitted the access request in the log;

所述统计所述用户终端在第一预设时长内提交访问请求的次数,包括:The counting the number of access requests submitted by the user terminal within the first preset time period includes:

统计所述日志记录的与所述标识信息一致且位于所述第一预设时长内的访问请求的个数,将所述个数确定为所述用户终端在所述第一预设时长内提交访问请求的次数。counting the number of access requests recorded in the log that are consistent with the identification information and within the first preset time length, and determining the number as the number submitted by the user terminal within the first preset time length The number of access requests.

在另一个实施例中,所述根据所述访问请求的可能性特征值,对所述访问请求进行处理,包括:In another embodiment, the processing the access request according to the possibility feature value of the access request includes:

若所述可能性特征值的大小未超出预设阈值,则在接收到所述访问请求第二预设时长后对所述访问请求进行处理,并返回请求响应。If the magnitude of the possibility feature value does not exceed the preset threshold, the access request is processed after receiving the access request for a second preset duration, and a request response is returned.

在另一个实施例中,所述根据所述访问请求的可能性特征值,对所述访问请求进行处理,包括:In another embodiment, the processing the access request according to the possibility feature value of the access request includes:

若所述可能性特征值的大小超出所述预设阈值,则丢弃所述访问请求。If the magnitude of the possibility characteristic value exceeds the preset threshold, the access request is discarded.

在另一个实施例中,所述根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值之前,所述方法还包括:In another embodiment, before determining the possibility feature value of the access request according to the number of times the user terminal submits the access request within the first preset time period, the method further includes:

设置提交次数与可能性特征值大小之间的对应关系;Set the correspondence between the number of submissions and the size of the possibility feature value;

所述根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,包括:The determining the possibility feature value of the access request according to the number of times the user terminal submits the access request within the first preset time period includes:

根据所述提交次数在所述对应关系中进行查找,将与所述提交次数匹配的数值大小确定为所述访问请求的可能性特征值。A search is performed in the corresponding relationship according to the number of submissions, and a value matching the number of submissions is determined as the possibility feature value of the access request.

根据本公开实施例的第二方面,提供一种访问请求处理装置,所述装置包括:According to a second aspect of an embodiment of the present disclosure, an access request processing device is provided, the device comprising:

统计模块,被配置为在接收到用户终端发起的一个访问请求后,统计所述用户终端在第一预设时长内提交访问请求的次数;The statistical module is configured to, after receiving an access request initiated by the user terminal, count the number of times the user terminal submits the access request within the first preset duration;

确定模块,被配置为根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,所述可能性特征值用于表征所述访问请求为恶意请求的概率;A determination module, configured to determine the possibility feature value of the access request according to the number of times the user terminal submits the access request within the first preset time period, and the possibility feature value is used to characterize the access request The probability of being a malicious request;

处理模块,被配置为根据所述访问请求的可能性特征值,对所述访问请求进行处理。The processing module is configured to process the access request according to the possibility characteristic value of the access request.

在另一个实施例中,所述装置还包括:In another embodiment, the device also includes:

记录模块,被配置为在日志中记录提交所述访问请求的用户的标识信息;a recording module configured to record the identification information of the user who submitted the access request in a log;

所述统计模块,被配置为统计所述日志记录的与所述标识信息一致且位于所述第一预设时长内的访问请求的个数,将所述个数确定为所述用户终端在所述第一预设时长内提交访问请求的次数。The statistical module is configured to count the number of access requests recorded in the log that are consistent with the identification information and within the first preset time length, and determine the number as the number of access requests recorded by the user terminal in the The number of times the access request is submitted within the first preset time period.

在另一个实施例中,所述处理模块,被配置为若所述可能性特征值的大小未超出预设阈值,则在接收到所述访问请求第二预设时长后对所述访问请求进行处理,并返回请求响应。In another embodiment, the processing module is configured to, if the magnitude of the possibility characteristic value does not exceed a preset threshold, perform an operation on the access request after receiving the access request for a second preset duration. Process, and return a request response.

在另一个实施例中,所述处理模块,被配置为若所述可能性特征值的大小超出所述预设阈值,则丢弃所述访问请求。In another embodiment, the processing module is configured to discard the access request if the magnitude of the possibility characteristic value exceeds the preset threshold.

在另一个实施例中,所述装置还包括:In another embodiment, the device also includes:

设置模块,被配置为设置提交次数与可能性特征值大小之间的对应关系;A setting module configured to set the corresponding relationship between the number of submissions and the magnitude of the possibility feature value;

所述确定模块,被配置为根据所述提交次数在所述对应关系中进行查找,将与所述提交次数匹配的数值大小确定为所述访问请求的可能性特征值。The determination module is configured to search in the corresponding relationship according to the number of submissions, and determine a numerical value matching the number of submissions as the possibility feature value of the access request.

根据本公开实施例的第三方面,提供一种访问请求处理装置,包括:According to a third aspect of the embodiments of the present disclosure, an access request processing device is provided, including:

处理器;processor;

用于存储处理器可执行指令的存储器;memory for storing processor-executable instructions;

其中,所述处理器被配置为:在接收到用户终端发起的一个访问请求后,统计所述用户终端在第一预设时长内提交访问请求的次数;根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,所述可能性特征值用于表征所述访问请求为恶意请求的概率;根据所述访问请求的可能性特征值,对所述访问请求进行处理。Wherein, the processor is configured to: after receiving an access request initiated by the user terminal, count the number of times the user terminal submits the access request within a first preset time length; The number of times an access request is submitted within a preset period of time determines the possibility characteristic value of the access request, and the possibility characteristic value is used to characterize the probability that the access request is a malicious request; according to the possibility characteristic value of the access request , to process the access request.

本公开的实施例提供的技术方案可以包括以下有益效果:The technical solutions provided by the embodiments of the present disclosure may include the following beneficial effects:

对于用户每一次提交的访问请求均会通过日志进行记录,并基于用户的标识信息统计具有相同用户属性的访问请求在一定时长内的提交次数,之后根据该提交次数判断本次的访问请求为恶意请求的概率,最终基于这个概率将该访问请求进行处理,因此实现了基于用户提交次数对访问请求进行是否为恶意用户发起的判定及是否进行响应处理的目的,可在不影响用户体验的前提下,有效防止恶意用户的自动化程序提交。Each access request submitted by the user will be recorded in the log, and based on the user's identification information, the number of submissions of the access request with the same user attribute within a certain period of time will be counted, and then the access request will be judged as malicious based on the number of submissions The probability of the request, and finally process the access request based on this probability, so the purpose of judging whether the access request is initiated by a malicious user based on the number of user submissions and whether to respond to it is realized, without affecting the user experience. , effectively preventing malicious users from submitting automated programs.

应当理解的是,以上的一般描述和后文的细节描述仅是示例性和解释性的,并不能限制本公开。It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the present disclosure.

附图说明Description of drawings

此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本发明的实施例,并与说明书一起用于解释本发明的原理。The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description serve to explain the principles of the invention.

图1是根据一示例性实施例示出的一种访问请求处理方法的流程图。Fig. 1 is a flowchart showing a method for processing an access request according to an exemplary embodiment.

图2是根据一示例性实施例示出的一种访问请求处理方法的流程图。Fig. 2 is a flowchart showing a method for processing an access request according to an exemplary embodiment.

图3是根据一示例性实施例示出的一种访问请求处理装置的框图。Fig. 3 is a block diagram of an access request processing device according to an exemplary embodiment.

图4是根据一示例性实施例示出的一种访问请求处理装置的框图。Fig. 4 is a block diagram of an access request processing apparatus according to an exemplary embodiment.

图5是根据一示例性实施例示出的一种访问请求处理装置的框图。Fig. 5 is a block diagram of an access request processing apparatus according to an exemplary embodiment.

图6是根据一示例性实施例示出的一种访问请求处理装置的框图。Fig. 6 is a block diagram of an access request processing apparatus according to an exemplary embodiment.

具体实施方式detailed description

这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本发明相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本发明的一些方面相一致的装置和方法的例子。Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatuses and methods consistent with aspects of the invention as recited in the appended claims.

图1是根据一示例性实施例示出的一种访问请求处理方法的流程图,如图1所示,该方法用于服务器中,包括以下步骤。Fig. 1 is a flowchart of a method for processing an access request according to an exemplary embodiment. As shown in Fig. 1, the method is used in a server and includes the following steps.

在步骤101中,在接收到用户终端发起的一个访问请求后,统计用户终端在第一预设时长内提交访问请求的次数。In step 101, after receiving an access request initiated by the user terminal, the number of times the user terminal submits the access request within a first preset time period is counted.

在步骤102中,根据用户终端在第一预设时长内提交访问请求的次数,确定访问请求的可能性特征值。In step 102, the possibility feature value of the access request is determined according to the number of times the user terminal submits the access request within the first preset time period.

其中,可能性特征值用于表征访问请求为恶意请求的概率;Among them, the possibility feature value is used to represent the probability that the access request is a malicious request;

在步骤103中,根据访问请求的可能性特征值,对访问请求进行处理。In step 103, the access request is processed according to the possibility feature value of the access request.

本公开实施例提供的方法,对于用户每一次提交的访问请求均会通过日志进行记录,并基于用户的标识信息统计具有相同用户属性的访问请求在一定时长内的提交次数,之后根据该提交次数判断本次的访问请求为恶意请求的概率,最终基于这个概率将该访问请求进行处理,因此实现了基于用户提交次数对访问请求进行是否为恶意用户发起的判定及是否进行响应处理的目的,可在不影响用户体验的前提下,有效防止恶意用户的自动化程序提交。In the method provided by the embodiment of the present disclosure, each access request submitted by a user will be recorded through a log, and the number of submissions of access requests with the same user attribute within a certain period of time will be counted based on the user's identification information, and then based on the number of submissions Determine the probability that this access request is a malicious request, and finally process the access request based on this probability, so the purpose of judging whether the access request is initiated by a malicious user based on the number of user submissions and whether to respond to it is realized. Effectively prevent malicious users from submitting automated programs without affecting user experience.

在另一个实施例中,所述接收到访问请求后,该方法还包括:In another embodiment, after receiving the access request, the method further includes:

在日志中记录提交所述访问请求的用户的标识信息;Record the identification information of the user who submitted the access request in the log;

所述统计所述用户终端在第一预设时长内提交访问请求的次数,包括:The counting the number of access requests submitted by the user terminal within the first preset time period includes:

统计所述日志记录的与所述标识信息一致且位于所述第一预设时长内的访问请求的个数,将所述个数确定为所述用户终端在所述第一预设时长内提交访问请求的次数。counting the number of access requests recorded in the log that are consistent with the identification information and within the first preset time length, and determining the number as the number submitted by the user terminal within the first preset time length The number of access requests.

在另一个实施例中,所述根据所述访问请求的可能性特征值,对所述访问请求进行处理,包括:In another embodiment, the processing the access request according to the possibility feature value of the access request includes:

若所述可能性特征值的大小未超出预设阈值,则在接收到所述访问请求第二预设时长后对所述访问请求进行处理,并返回请求响应。If the magnitude of the possibility feature value does not exceed the preset threshold, the access request is processed after receiving the access request for a second preset duration, and a request response is returned.

在另一个实施例中,所述根据所述访问请求的可能性特征值,对所述访问请求进行处理,包括:In another embodiment, the processing the access request according to the possibility feature value of the access request includes:

若所述可能性特征值的大小超出所述预设阈值,则丢弃所述访问请求。If the magnitude of the possibility characteristic value exceeds the preset threshold, the access request is discarded.

在另一个实施例中,所述根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值之前,该方法还包括:In another embodiment, before determining the possibility feature value of the access request according to the number of times the user terminal submits the access request within the first preset time period, the method further includes:

设置提交次数与可能性特征值大小之间的对应关系;Set the correspondence between the number of submissions and the size of the possibility feature value;

所述根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,包括:The determining the possibility feature value of the access request according to the number of times the user terminal submits the access request within the first preset time period includes:

根据所述提交次数在所述对应关系中进行查找,将与所述提交次数匹配的数值大小确定为所述访问请求的可能性特征值。A search is performed in the corresponding relationship according to the number of submissions, and a value matching the number of submissions is determined as the possibility feature value of the access request.

上述所有可选技术方案,可以采用任意结合形成本公开的可选实施例,在此不再一一赘述。All the above optional technical solutions may be combined in any way to form optional embodiments of the present disclosure, which will not be repeated here.

图2是根据一示例性实施例示出的一种访问请求处理方法的流程图,如图2所示,该方法用于服务器中,包括以下步骤。Fig. 2 is a flow chart showing a method for processing an access request according to an exemplary embodiment. As shown in Fig. 2, the method is used in a server and includes the following steps.

在步骤201中,设置提交次数与可能性特征值大小之间的对应关系。In step 201, the corresponding relationship between the number of submissions and the magnitude of the possibility feature value is set.

在本公开实施例中,为了防止恶意用户通过自动化程序进行数据提交,从而盗取用户的个人隐私信息等现象的发生,提出了根据用户在一定时长内的提交次数为访问请求设置恶意指数的方式,以便于服务器根据该恶意指数对提交的访问请求进行处理。其中,提交次数可为同一用户在30秒内或1分钟内等时长内向服务器发送访问请求的次数,本公开实施例对此不进行具体限定。其中,可能性特征值用来描述访问请求为恶意请求的概率,也即恶意指数。以可能性特征值为0至100之间的分数为例,则提交次数与可能性特征值大小之间的对应关系可如下表1所示:In the embodiment of the present disclosure, in order to prevent malicious users from submitting data through automated programs, thereby stealing users' personal privacy information, etc., a method of setting a malicious index for access requests according to the number of submissions by users within a certain period of time is proposed. , so that the server can process the submitted access request according to the malicious index. The number of submissions may be the number of times the same user sends access requests to the server within 30 seconds or 1 minute, which is not specifically limited in this embodiment of the present disclosure. Wherein, the possibility feature value is used to describe the probability that the access request is a malicious request, that is, the malicious index. Taking the score with the possibility characteristic value between 0 and 100 as an example, the corresponding relationship between the number of submissions and the possibility characteristic value can be shown in Table 1 below:

表1Table 1

提交次数/分钟Commits/min 恶意指数malicious index 大于30次More than 30 times 100分100 points 20~3020~30 90分90 marks 20~1020~10 80分80 points ……... ……... 小于5次less than 5 times 0分0 marks

当然,除了以0至100之间的分数对可能性特征值进行表征的形式外,还可以一星到五星的形式、0至100%之间的百分比形式对可能性特征值进行表征,本公开实施例对此不进行具体限定。在设置好上述对应关系后,将上述对应关系存储在内存或闪存等存储介质中,以便后续过程在接收到用户发起的访问请求后使用。Of course, in addition to the form of characterizing the possibility feature value with a score between 0 and 100, the possibility feature value can also be characterized in the form of one star to five stars, and in the form of a percentage between 0 and 100%. The embodiment does not specifically limit this. After the above corresponding relationship is set, the above corresponding relationship is stored in a storage medium such as memory or flash memory, so that the subsequent process can be used after receiving the access request initiated by the user.

在步骤202中,在接收到用户终端发起的一个访问请求后,在日志中记录提交该访问请求的用户的标识信息,并统计该用户终端在第一预设时长内提交访问请求的次数。In step 202, after receiving an access request initiated by the user terminal, record the identification information of the user submitting the access request in the log, and count the number of times the user terminal submits the access request within the first preset time period.

对于用户终端的每一次数据提交,服务器在日志中均会对该访问请求的用户相关信息进行记录。其中,用户的标识信息可为用户终端的IP(InternetProtocol,网络协议)地址、用户ID、用户的电话号码或用户邮箱等,本公开实施例对此不进行具体限定。For each data submission by the user terminal, the server will record the user-related information of the access request in the log. Wherein, the identification information of the user may be an IP (Internet Protocol, Internet Protocol) address of the user terminal, a user ID, a phone number of the user, or a mailbox of the user, etc., which are not specifically limited in the embodiments of the present disclosure.

在本公开实施例中,在对本次的访问请求进行记录后,服务器还会对日志进行实时统计,以统计出该用户终端在第一预设时长内提交访问请求的次数。其中,第一预设时长可为30秒或1分钟等,本公开实施例对此不进行具体限定,可保持与表1中的设置一致或者可根据业务类型的不同进行调整。在统计该用户终端在第一预设时长内提交访问请求的次数时,可采取下述方式实现:In the embodiment of the present disclosure, after recording the current access request, the server also performs real-time statistics on the log, so as to count the number of times the user terminal submits the access request within the first preset time period. Wherein, the first preset duration may be 30 seconds or 1 minute, etc., which is not specifically limited in the embodiment of the present disclosure, and may be consistent with the setting in Table 1 or may be adjusted according to different service types. When counting the number of times the user terminal submits access requests within the first preset time period, the following methods can be adopted:

统计该日志记录的与本次接收到的访问请求的标识信息一致且位于第一预设时长内的访问请求的个数,将该个数确定为该用户终端在第一预设时长内提交访问请求的次数。当然,该用户终端在第一预设时长内提交访问请求的次数包括本次接收到的访问请求。也即,从日志中实时拉取数据用来统计使用相同IP地址、相同用户ID、相同电话号码或相同用户邮箱的用户在第一预设时长内提交访问请求的次数。其中,提交的访问请求既可为因为提交失败而反复提交的同一访问请求,也可为不同的访问请求,本公开实施例对此不进行具体限定。Count the number of access requests recorded in the log that are consistent with the identification information of the access request received this time and within the first preset time length, and determine the number as the number of access requests submitted by the user terminal within the first preset time length. number of requests. Of course, the number of times the user terminal submits access requests within the first preset time period includes the access requests received this time. That is, real-time data is pulled from the log to count the number of access requests submitted by users using the same IP address, the same user ID, the same phone number or the same user mailbox within the first preset time period. Wherein, the submitted access request may be the same access request repeatedly submitted due to submission failure, or may be a different access request, which is not specifically limited in this embodiment of the present disclosure.

在步骤203中,根据用户终端在第一预设时长内提交访问请求的次数和上述对应关系,确定该访问请求的可能性特征值。In step 203, the possibility feature value of the access request is determined according to the number of times the user terminal submits the access request within the first preset time period and the above-mentioned corresponding relationship.

在得到用户在第一预设时长内提交访问请求的次数后,根据该提交次数在上述表1所示的对应关系中进行查找,便可得到将与该提交次数匹配的数值大小,将其确定为该访问请求的可能性特征值。实现了根据提交次数为本次接收到的访问请求进行恶意程度打分,得到恶意指数的目的。且具有相同用户属性的访问请求在第一预设时长内提交的次数越多,恶意指数越高。After obtaining the number of access requests submitted by the user within the first preset time period, search the corresponding relationship shown in the above table 1 according to the number of submissions, and then obtain the numerical value that will match the number of submissions, and determine it Likelihood characteristic value requested for this access. The purpose of scoring the malicious degree of the received access request according to the number of submissions and obtaining the malicious index is realized. And the more access requests with the same user attribute are submitted within the first preset time period, the higher the malicious index.

在步骤204中,根据该访问请求的可能性特征值,对该访问请求进行处理。In step 204, the access request is processed according to the possibility feature value of the access request.

在本公开实施例中,根据访问请求的可能性特征值的大小不同,也即访问请求的恶意指数的高低,主要采取下述两种方式对该访问请求进行处理:In the embodiment of the present disclosure, according to the different magnitudes of the possibility feature value of the access request, that is, the level of the malicious index of the access request, the following two methods are mainly adopted to process the access request:

第一种方式、若可能性特征值的大小未超出预设阈值,则在接收到该访问请求第二预设时长后对所述访问请求进行处理,并返回请求响应。In the first manner, if the value of the possibility characteristic value does not exceed the preset threshold, the access request is processed after receiving the access request for a second preset duration, and a request response is returned.

其中,预设阈值的形式同可能性特征值的形式相关联。若可能性特征值是以0至100之间的分数进行表征的,那么预设阈值可为50分或60分等;若可能性特征值是以0至100%之间的百分比进行表征的,那么预设阈值可为50%或60%等;若可能性特征值是一星到五星的形式进行表征的,那么预设阈值可为三星等;本公开实施例对预设阈值的形式及大小均不进行具体限定,可根据实际业务进行设置。Wherein, the form of the preset threshold is associated with the form of the possibility feature value. If the possibility feature value is characterized by a score between 0 and 100, then the preset threshold can be 50 points or 60 points; if the possibility feature value is represented by a percentage between 0 and 100%, Then the preset threshold can be 50% or 60% etc.; if the possibility characteristic value is characterized by the form of one star to five stars, then the preset threshold can be three stars, etc.; There are no specific limitations and can be set according to actual business.

针对第一种方式,若该访问请求的可能性特征值的大小未超出预设阈值,则表明该访问请求的恶意程度不高,可能是普通用户由于网络情况不好或者误操作等原因进行的多次提交操作,为了防止对正常用户进行误伤,针对该种情况,服务器还是会对该访问请求进行响应,只不过相对正常访问请求而言,向后延长了对该访问请求的响应时间。其中,第二预设时长可为1分钟或2分钟等等,本公开实施例对此同样不进行具体限定。For the first method, if the possibility feature value of the access request does not exceed the preset threshold, it indicates that the malicious degree of the access request is not high, and it may be made by ordinary users due to poor network conditions or misoperation. For multiple submission operations, in order to prevent accidental injury to normal users, the server will still respond to the access request in this case, but the response time for the access request is extended backwards compared to the normal access request. Wherein, the second preset duration may be 1 minute or 2 minutes, etc., which is not specifically limited in this embodiment of the present disclosure.

第二种方式、若可能性特征值的大小超出预设阈值,则丢弃该访问请求。In the second manner, if the value of the possibility feature exceeds a preset threshold, the access request is discarded.

针对第二种方式,若该访问请求的可能性特征值的大小超出预设阈值,则表明该访问请求的恶意程度很高,很有可能是恶意用户在通过机器进行自动化程序提交,因此服务器拒绝对该访问请求进行响应,直接丢弃该访问请求。For the second method, if the possibility feature value of the access request exceeds the preset threshold, it indicates that the access request is highly malicious, and it is likely that a malicious user is submitting an automated program through a machine, so the server rejects it. Respond to the access request and directly discard the access request.

通过上述两种对访问请求的处理方式,使得服务器可以更智能地屏蔽恶意地程序化提交,同时还不影响正常用户的使用体检。解决了验证码方案带来的所有用户均需输入验证码,同时简单的验证码无法避免通过机器进行程序化提交,复杂的验证码又严重伤害用户体验的缺陷。Through the above two methods of processing access requests, the server can more intelligently block malicious programmatic submissions without affecting normal users' physical examinations. It solves the defect that all users need to enter the verification code brought by the verification code scheme, and at the same time, the simple verification code cannot avoid the programmatic submission through the machine, and the complex verification code seriously damages the user experience.

本公开实施例提供的方法,对于用户每一次提交的访问请求均会通过日志进行记录,并基于用户的标识信息统计具有相同用户属性的访问请求在一定时长内的提交次数,之后根据该提交次数判断本次的访问请求为恶意请求的概率,最终基于这个概率将该访问请求进行处理,因此实现了基于用户提交次数对访问请求进行是否为恶意用户发起的判定及是否进行响应处理的目的,可在不影响用户体验的前提下,有效防止恶意用户的自动化程序提交。In the method provided by the embodiment of the present disclosure, each access request submitted by a user will be recorded through a log, and the number of submissions of access requests with the same user attribute within a certain period of time will be counted based on the user's identification information, and then based on the number of submissions Determine the probability that this access request is a malicious request, and finally process the access request based on this probability, so the purpose of judging whether the access request is initiated by a malicious user based on the number of user submissions and whether to respond to it is realized. Effectively prevent malicious users from submitting automated programs without affecting user experience.

图3是根据一示例性实施例示出的一种访问请求处理装置的框图。参照图3,该装置包括统计模块301,确定模块302和处理模块303。Fig. 3 is a block diagram of an access request processing device according to an exemplary embodiment. Referring to FIG. 3 , the device includes a statistics module 301 , a determination module 302 and a processing module 303 .

统计模块301,被配置为在接收到用户终端发起的一个访问请求后,统计所述用户终端在第一预设时长内提交访问请求的次数;The statistics module 301 is configured to, after receiving an access request initiated by a user terminal, count the number of times the user terminal submits an access request within a first preset time period;

确定模块302,被配置为根据所述用户终端在所述第一预设时长内提交访问请求的次数,确定所述访问请求的可能性特征值,所述可能性特征值用于表征所述访问请求为恶意请求的概率;The determination module 302 is configured to determine the possibility feature value of the access request according to the number of times the user terminal submits the access request within the first preset time period, and the possibility feature value is used to represent the access request The probability that the request is malicious;

处理模块303,被配置为根据所述访问请求的可能性特征值,对所述访问请求进行处理。The processing module 303 is configured to process the access request according to the possibility feature value of the access request.

在另一个实施例中,参见图4,该装置还包括:In another embodiment, referring to Fig. 4, the device further includes:

记录模块304,被配置为在日志中记录提交所述访问请求的用户的标识信息;A recording module 304 configured to record the identification information of the user who submitted the access request in a log;

所述统计模块301,被配置为统计所述日志记录的与所述标识信息一致且位于所述第一预设时长内的访问请求的个数,将所述个数确定为所述用户终端在所述第一预设时长内提交访问请求的次数。The statistical module 301 is configured to count the number of access requests recorded in the log that are consistent with the identification information and within the first preset time length, and determine the number as the number of access requests recorded by the user terminal in The number of times access requests are submitted within the first preset time period.

在另一个实施例中,所述处理模块303,被配置为若所述可能性特征值的大小未超出预设阈值,则在接收到所述访问请求第二预设时长后对所述访问请求进行处理,并返回请求响应。In another embodiment, the processing module 303 is configured to process the access request after receiving the access request for a second preset duration if the value of the possibility characteristic value does not exceed a preset threshold. Process and return a request response.

在另一个实施例中,所述处理模块303,被配置为若所述可能性特征值的大小超出所述预设阈值,则丢弃所述访问请求。In another embodiment, the processing module 303 is configured to discard the access request if the magnitude of the possibility characteristic value exceeds the preset threshold.

在另一个实施例中,参见图5,该装置还包括:In another embodiment, referring to Fig. 5, the device further includes:

设置模块305,被配置为设置提交次数与可能性特征值大小之间的对应关系;The setting module 305 is configured to set the corresponding relationship between the number of submissions and the magnitude of the possibility feature value;

所述确定模块302,被配置为根据所述提交次数在所述对应关系中进行查找,将与所述提交次数匹配的数值大小确定为所述访问请求的可能性特征值。The determination module 302 is configured to search in the corresponding relationship according to the number of submissions, and determine a value matching the number of submissions as the possibility feature value of the access request.

本公开实施例提供的装置,对于用户每一次提交的访问请求均会通过日志进行记录,并基于用户的标识信息统计具有相同用户属性的访问请求在一定时长内的提交次数,之后根据该提交次数判断本次的访问请求为恶意请求的概率,最终基于这个概率将该访问请求进行处理,因此实现了基于用户提交次数对访问请求进行是否为恶意用户发起的判定及是否进行响应处理的目的,可在不影响用户体验的前提下,有效防止恶意用户的自动化程序提交。The device provided by the embodiment of the present disclosure will record each access request submitted by the user through a log, and count the number of submissions of access requests with the same user attributes within a certain period of time based on the user's identification information, and then based on the number of submissions Determine the probability that this access request is a malicious request, and finally process the access request based on this probability, so the purpose of judging whether the access request is initiated by a malicious user based on the number of user submissions and whether to respond to it is realized. Effectively prevent malicious users from submitting automated programs without affecting user experience.

关于上述实施例中的装置,其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述,此处将不做详细阐述说明。Regarding the apparatus in the foregoing embodiments, the specific manner in which each module executes operations has been described in detail in the embodiments related to the method, and will not be described in detail here.

图6是根据一示例性实施例示出的一种访问请求处理装置600的框图。例如,装置600可以被提供为一服务器。参照图6,装置600包括处理组件622,其进一步包括一个或多个处理器,以及由存储器632所代表的存储器资源,用于存储可由处理组件622的执行的指令,例如应用程序。存储器632中存储的应用程序可以包括一个或一个以上的每一个对应于一组指令的模块。此外,处理组件622被配置为执行指令,以执行上述访问请求处理方法。Fig. 6 is a block diagram of an access request processing apparatus 600 according to an exemplary embodiment. For example, the apparatus 600 may be provided as a server. Referring to FIG. 6 , apparatus 600 includes processing component 622 , which further includes one or more processors, and a memory resource represented by memory 632 for storing instructions executable by processing component 622 , such as application programs. The application program stored in memory 632 may include one or more modules each corresponding to a set of instructions. In addition, the processing component 622 is configured to execute instructions to perform the above access request processing method.

装置600还可以包括一个电源组件626被配置为执行装置600的电源管理,一个有线或无线网络接口650被配置为将装置600连接到网络,和一个输入输出(I/O)接口658。装置600可以操作基于存储在存储器632的操作系统,例如WindowsServerTM,MacOSXTM,UnixTM,LinuxTM,FreeBSDTM或类似。Device 600 may also include a power component 626 configured to perform power management of device 600 , a wired or wireless network interface 650 configured to connect device 600 to a network, and an input-output (I/O) interface 658 . The apparatus 600 can operate based on an operating system stored in the memory 632, such as WindowsServer , MacOSX , Unix , Linux , FreeBSD or the like.

本领域技术人员在考虑说明书及实践这里公开的发明后,将容易想到本发明的其它实施方案。本申请旨在涵盖本发明的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本发明的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本发明的真正范围和精神由下面的权利要求指出。Other embodiments of the invention will be readily apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any modification, use or adaptation of the present invention, these modifications, uses or adaptations follow the general principles of the present invention and include common knowledge or conventional technical means in the technical field not disclosed in this disclosure . The specification and examples are to be considered exemplary only, with a true scope and spirit of the invention being indicated by the following claims.

应当理解的是,本发明并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本发明的范围仅由所附的权利要求来限制。It should be understood that the present invention is not limited to the precise constructions which have been described above and shown in the accompanying drawings, and various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims (11)

1. an access request processing method, it is characterised in that described method includes:
After receiving the access request that user terminal is initiated, add up described user terminal in the first preset duration, submit the number of times of access request to;
Submitting the number of times of access request in described first preset duration to according to described user terminal, it is determined that the probability eigenvalue of described access request, described probability eigenvalue is for characterizing the probability that described access request is malicious requests;
Probability eigenvalue according to described access request, processes described access request.
2. method according to claim 1, it is characterised in that described in receive access request after, described method also includes:
In daily record, the identification information of the user of described access request submitted in record;
The described user terminal of described statistics submits the number of times of access request in the first preset duration, including:
Add up the consistent with described identification information of described log recording and be positioned at the number of access request of described first preset duration, described number being defined as described user terminal in described first preset duration, submits the number of times of access request to.
3. method according to claim 1, it is characterised in that the described probability eigenvalue according to described access request, processes described access request, including:
If the size of described probability eigenvalue is without departing from predetermined threshold value, then after receiving described access request the second preset duration, described access request is processed, and return request response.
4. method according to claim 1, it is characterised in that the described probability eigenvalue according to described access request, processes described access request, including:
If the size of described probability eigenvalue exceeds described predetermined threshold value, then abandon described access request.
5. method according to claim 2, it is characterised in that the described number of times submitting access request according to described user terminal in described first preset duration to, it is determined that before the probability eigenvalue of described access request, described method also includes:
The corresponding relation submitted between number of times and probability eigenvalue size is set;
The described number of times submitting access request according to described user terminal in described first preset duration to, it is determined that the probability eigenvalue of described access request, including:
Make a look up in described corresponding relation according to described submission number of times, the numerical values recited mated with described submission number of times is defined as the probability eigenvalue of described access request.
6. an access request processes device, it is characterised in that described device includes:
Statistical module, is configured to, after receiving the access request that user terminal is initiated, add up described user terminal and submit the number of times of access request in the first preset duration to;
Determining module, be configured to submit in described first preset duration according to described user terminal the number of times of access request, it is determined that the probability eigenvalue of described access request, described probability eigenvalue is for characterizing the probability that described access request is malicious requests;
Processing module, is configured to the probability eigenvalue according to described access request, described access request is processed.
7. device according to claim 6, it is characterised in that described device also includes:
Logging modle, is configured in daily record the identification information that the user of described access request submitted in record;
Described statistical module, it is configured to add up the consistent with described identification information of described log recording and is positioned at the number of access request of described first preset duration, described number being defined as described user terminal in described first preset duration, submits the number of times of access request to.
8. device according to claim 6, it is characterized in that, described processing module, if being configured to the size of described probability eigenvalue without departing from predetermined threshold value, then after receiving described access request the second preset duration, described access request is processed, and return request response.
9. device according to claim 6, it is characterised in that described processing module, if the size being configured to described probability eigenvalue exceeds described predetermined threshold value, then abandons described access request.
10. device according to claim 7, it is characterised in that described device also includes:
Module is set, is configured to arrange the corresponding relation submitted between number of times and probability eigenvalue size;
Described determine module, be configured to make a look up in described corresponding relation according to described submission number of times, the numerical values recited mated with described submission number of times is defined as the probability eigenvalue of described access request.
11. an access request processes device, it is characterised in that including:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to: after receiving the access request that user terminal is initiated, adds up described user terminal and submits the number of times of access request in the first preset duration to;Submitting the number of times of access request in described first preset duration to according to described user terminal, it is determined that the probability eigenvalue of described access request, described probability eigenvalue is for characterizing the probability that described access request is malicious requests;Probability eigenvalue according to described access request, processes described access request.
CN201610252307.XA 2016-04-21 2016-04-21 Access request processing method and device Pending CN105812378A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610252307.XA CN105812378A (en) 2016-04-21 2016-04-21 Access request processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610252307.XA CN105812378A (en) 2016-04-21 2016-04-21 Access request processing method and device

Publications (1)

Publication Number Publication Date
CN105812378A true CN105812378A (en) 2016-07-27

Family

ID=56457326

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610252307.XA Pending CN105812378A (en) 2016-04-21 2016-04-21 Access request processing method and device

Country Status (1)

Country Link
CN (1) CN105812378A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106254389A (en) * 2016-09-21 2016-12-21 周奇 Big data safety control method and system
CN106790090A (en) * 2016-12-23 2017-05-31 北京奇虎科技有限公司 Communication means, apparatus and system based on SSL
CN107392616A (en) * 2017-07-19 2017-11-24 上海众人网络安全技术有限公司 A kind of risk determination method and device for payment authentication system
CN109299049A (en) * 2018-10-11 2019-02-01 郑州云海信息技术有限公司 A method and device for processing a file access request
CN109561045A (en) * 2017-09-25 2019-04-02 北京京东尚科信息技术有限公司 Data interception method and device, storage medium and electronic equipment
CN110276209A (en) * 2019-06-28 2019-09-24 维沃移动通信有限公司 A kind of alarm method and mobile terminal
CN110287694A (en) * 2019-06-26 2019-09-27 维沃移动通信有限公司 Application program management method, mobile terminal and storage medium
CN110493163A (en) * 2018-05-14 2019-11-22 优酷网络技术(北京)有限公司 The recognition methods of multimedia resource request and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101207487A (en) * 2006-12-21 2008-06-25 国际商业机器公司 User authentication system and method for detecting and controlling fraudulent login behavior
CN102624677A (en) * 2011-01-27 2012-08-01 阿里巴巴集团控股有限公司 Method and server for monitoring network user behavior
CN103701764A (en) * 2012-09-27 2014-04-02 中国移动通信集团公司 Nomadism limiting method, system and equipment
CN104065657A (en) * 2014-06-26 2014-09-24 北京思特奇信息技术股份有限公司 Method for dynamically controlling user behavior based on IP access and system thereof
US20150295951A1 (en) * 2012-12-24 2015-10-15 Tencent Technology (Shenzhen) Company Limited Method, server, and system for automatically rating reputation of a web site

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101207487A (en) * 2006-12-21 2008-06-25 国际商业机器公司 User authentication system and method for detecting and controlling fraudulent login behavior
CN102624677A (en) * 2011-01-27 2012-08-01 阿里巴巴集团控股有限公司 Method and server for monitoring network user behavior
CN103701764A (en) * 2012-09-27 2014-04-02 中国移动通信集团公司 Nomadism limiting method, system and equipment
US20150295951A1 (en) * 2012-12-24 2015-10-15 Tencent Technology (Shenzhen) Company Limited Method, server, and system for automatically rating reputation of a web site
CN104065657A (en) * 2014-06-26 2014-09-24 北京思特奇信息技术股份有限公司 Method for dynamically controlling user behavior based on IP access and system thereof

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106254389A (en) * 2016-09-21 2016-12-21 周奇 Big data safety control method and system
CN106790090A (en) * 2016-12-23 2017-05-31 北京奇虎科技有限公司 Communication means, apparatus and system based on SSL
CN107392616A (en) * 2017-07-19 2017-11-24 上海众人网络安全技术有限公司 A kind of risk determination method and device for payment authentication system
CN109561045A (en) * 2017-09-25 2019-04-02 北京京东尚科信息技术有限公司 Data interception method and device, storage medium and electronic equipment
CN109561045B (en) * 2017-09-25 2021-12-14 北京京东尚科信息技术有限公司 Data interception method and device, storage medium and electronic device
CN110493163A (en) * 2018-05-14 2019-11-22 优酷网络技术(北京)有限公司 The recognition methods of multimedia resource request and device
CN109299049A (en) * 2018-10-11 2019-02-01 郑州云海信息技术有限公司 A method and device for processing a file access request
CN109299049B (en) * 2018-10-11 2022-03-22 郑州云海信息技术有限公司 Method and device for processing file access request
CN110287694A (en) * 2019-06-26 2019-09-27 维沃移动通信有限公司 Application program management method, mobile terminal and storage medium
CN110287694B (en) * 2019-06-26 2021-08-20 维沃移动通信有限公司 Application management method, mobile terminal and storage medium
CN110276209A (en) * 2019-06-28 2019-09-24 维沃移动通信有限公司 A kind of alarm method and mobile terminal
CN110276209B (en) * 2019-06-28 2022-01-28 维沃移动通信有限公司 Alarm method and mobile terminal

Similar Documents

Publication Publication Date Title
CN105812378A (en) Access request processing method and device
CN110213356B (en) Login processing method based on data processing and related equipment
CN105590055B (en) Method and device for identifying user trusted behavior in network interaction system
US10332116B2 (en) Systems and methods for fraudulent account detection and management
US9491182B2 (en) Methods and systems for secure internet access and services
EP3792798B1 (en) Method, apparatus, and system for managing user accounts in the event of conflicting login names
US20160321745A1 (en) Account binding processing method, apparatus and system
US20150220933A1 (en) Methods and systems for making secure online payments
CN109257321B (en) Secure login method and device
US20150161613A1 (en) Methods and systems for authentications and online transactions
US20150142658A1 (en) Payment binding management method, payment server, client, and system
CN104980402B (en) Method and device for identifying malicious operation
WO2020155508A1 (en) Suspicious user screening method and apparatus, computer device and storage medium
WO2016107415A1 (en) Auxiliary identity authentication method based on user network behavior feature
CN105656867B (en) Monitoring method and device for account theft events
CN107517180B (en) Login method and device
CN105227557A (en) A kind of account number processing method and device
CN108804501A (en) A kind of method and device of detection effective information
US11363020B2 (en) Method, device and storage medium for forwarding messages
WO2018166365A1 (en) Method and device for recording website access log
CN107959680B (en) Password-free registration login method and system
US9716705B2 (en) System and method for verifying user supplied items asserted about the user for searching and/or matching
US11916899B1 (en) Systems and methods for managing online identity authentication risk in a nuanced identity system
CN114549146B (en) A method and device for automatically intercepting abnormal data
CN119720154A (en) Methods, devices, equipment, media and procedures for consistency verification of domestic and foreign customers

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160727