CN104967603B - Using account number safety verification method and device - Google Patents
Using account number safety verification method and device Download PDFInfo
- Publication number
- CN104967603B CN104967603B CN201510182725.1A CN201510182725A CN104967603B CN 104967603 B CN104967603 B CN 104967603B CN 201510182725 A CN201510182725 A CN 201510182725A CN 104967603 B CN104967603 B CN 104967603B
- Authority
- CN
- China
- Prior art keywords
- user
- subdata
- matching degree
- data
- behavior data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000012795 verification Methods 0.000 title claims abstract description 16
- 230000003542 behavioural effect Effects 0.000 claims abstract description 59
- 238000003860 storage Methods 0.000 claims abstract description 31
- 230000000694 effects Effects 0.000 claims description 4
- 230000006399 behavior Effects 0.000 description 109
- 230000015654 memory Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 208000031074 Reinjury Diseases 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000014759 maintenance of location Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of application account number safety verification method and devices, belong to internet area.The described method includes: obtaining the first user behavior data, first user behavior data is generated according to login behavior of the active user in current application account;Second user behavioral data is obtained from storage using in the corresponding relationship between account and user behavior data according to the current application account;Obtain the matching degree between first user behavior data and the second user behavioral data;Based on the matching degree acquired, the identity of the active user is verified.Described device includes: the first acquisition module, the second acquisition module, third acquisition module and authentication module.The present invention can accurately verify the identity of active user, and then avoid the loss of the virtual objects of the current application account, and avoid the leakage and property loss of the chat message between the current application account owner and other users.
Description
Technical field
The present invention relates to internet area, in particular to a kind of application account number safety verification method and device.
Background technique
With the fast development of internet, there are more and more network applications, for example, the game of heroic alliance, dark
Light game etc..When user uses network application, the application account of first logging in network application is needed.This is logged in using account
Later, which can carry out the behaviors such as game currency transaction, game article transaction, can also be chatted with other users
It.Once and the application account of the user is stolen, will lead to the virtual article loss such as game currency, the game article of user, goes back
It will lead to chat message leakage and the property loss etc. between user and other users, therefore, need a kind of application account peace
The method verified entirely, to verify current log in using whether the user of account is this using the account owner.
Summary of the invention
In order to solve problems in the prior art, the embodiment of the invention provides a kind of application account number safety verification method and dresses
It sets.The technical solution is as follows:
On the one hand, a kind of application account number safety verification method is provided, which comprises
The first user behavior data is obtained, first user behavior data is according to active user in current application account
Login behavior generate;
According to the current application account, from storage using in the corresponding relationship between account and user behavior data,
Obtain second user behavioral data;
Obtain the matching degree between first user behavior data and the second user behavioral data;
Based on the matching degree acquired, the identity of the active user is verified.
On the other hand, a kind of application account number safety verifying device is provided, described device includes:
First obtains module, and for obtaining the first user behavior data, first user behavior data is used according to current
Login behavior of the family in current application account generates;
Second obtains module, is used for according to the current application account, from the application account and user behavior data of storage
Between corresponding relationship in, obtain second user behavioral data;
Third obtains module, for obtaining between first user behavior data and the second user behavioral data
Matching degree;
Authentication module, for being verified to the identity of the active user based on the matching degree acquired.
In embodiments of the present invention, the first user behavior data is obtained, and according to current application account, from the application of storage
In corresponding relationship between account and user behavior data, second user behavioral data is obtained.Due to second user behavioral data
For the corresponding data of the current application account owner, so, obtain the first user behavior data and second user behavioral data it
Between matching degree, and the matching degree based on acquisition can accurately verify the identity of active user, and then determine the current application
Whether account is stolen, and avoids the loss of the virtual objects of the current application account, and avoids the current application account owner
The leakage and property loss of chat message between other users.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is a kind of application account number safety verification method flow chart provided in an embodiment of the present invention;
Fig. 2 is provided in an embodiment of the present invention another using account number safety verification method flow chart;
Fig. 3 (a) is a kind of first user behavior data list schematic diagram provided in an embodiment of the present invention;
Fig. 3 (b) is a kind of second user behavioral data list schematic diagram provided in an embodiment of the present invention;
Fig. 4 is that a kind of first user behavior data provided in an embodiment of the present invention shows compared with second user behavioral data
It is intended to;
Fig. 5 is a kind of application account number safety verifying apparatus structure schematic diagram provided in an embodiment of the present invention;
Fig. 6 is provided in an embodiment of the present invention another using account number safety verifying apparatus structure schematic diagram.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to embodiment party of the present invention
Formula is described in further detail.
Fig. 1 is a kind of application account number safety verification method flow chart provided in an embodiment of the present invention.Referring to Fig. 1, this method
Include:
Step 101: obtaining the first user behavior data, the first user behavior data is according to active user in current application account
Login behavior in number generates, which is the current application account for carrying out safety verification.
Step 102: according to the current application account, from storage using the corresponding pass between account and user behavior data
In system, second user behavioral data is obtained.
Step 103: obtaining the matching degree between the first user behavior data and second user behavioral data.
Step 104: based on the matching degree acquired, the identity of the active user being verified.
In embodiments of the present invention, the first user behavior data is obtained, and according to current application account, from the application of storage
In corresponding relationship between account and user behavior data, second user behavioral data is obtained.Due to second user behavioral data
For the corresponding data of the current application account owner, so, obtain the first user behavior data and second user behavioral data it
Between matching degree, and the matching degree based on acquisition can accurately verify the identity of active user, and then determine the current application
Whether account is stolen, and avoids the loss of the virtual objects of the current application account, and avoids the current application account owner
The leakage and property loss of chat message between other users.
Optionally, the first user behavior data is obtained, comprising:
Obtain the receiving time for receiving the logging request of the current application account;
According to the receiving time, login time is determined;
According to the address information that the logging request carries, determines and log in place;
Obtain operation behavior of the active user in network application.
Optionally, the matching degree between the first user behavior data and second user behavioral data is obtained, comprising:
Based on the attribute of the first subdatas multiple in the first user behavior data, the first subdata of same attribute will be belonged to
It is divided into one group, obtains the first subdata of multiple groups;
Based on the attribute of the second subdatas multiple in second user behavioral data, the second subdata of same attribute will be belonged to
It is divided into one group, obtains the second subdata of multiple groups;
The second son of packet count, the first subdata of multiple groups and multiple groups of packet count, the second subdata based on the first subdata
Data obtain the matching degree between the first user behavior data and second user behavioral data.
Optionally, the packet count of packet count, multiple second subdatas based on multiple first subdatas, the first subnumber of multiple groups
According to the second subdata of multiple groups, obtain the matching degree between the first user behavior data and second user behavioral data, comprising:
For every group of second subdata in the second subdata of multiple groups, the second subdata and the first subnumber of multiple groups are obtained respectively
Matching degree between;
The maximum value in matching degree that will acquire is determined as the corresponding matching degree of the second subdata;
The packet count of packet count, multiple second subdatas based on multiple first subdatas and every group of second subdata are corresponding
Matching degree, obtain the matching degree between the first user behavior data and second user behavioral data.
Optionally, based on the matching degree acquired, current user identity is verified, comprising:
If the matching degree acquired is greater than or equal to matching degree threshold value, it is determined that the authentication of the active user is logical
It crosses;
If the matching degree acquired is less than the matching degree threshold value, it is determined that the authentication of the active user is obstructed
It crosses.
Optionally it is determined that after the authentication of the active user passes through, further includes:
According to the first user behavior data, second user behavioral data is updated.
All the above alternatives, can form alternative embodiment of the invention according to any combination, and the present invention is real
It applies example and this is no longer repeated one by one.
Fig. 2 is a kind of application account number safety verification method flow chart provided in an embodiment of the present invention.Referring to fig. 2, this method
Include:
Step 201: obtaining the first user behavior data, the first user behavior data is according to active user in current application account
Login behavior in number generates, which is the current application account for carrying out safety verification.
In embodiments of the present invention, it may include more that triggering application server, which obtains the condition of the first user behavior data,
Kind, for example, when application server receives the logging request of the current application account, application server can be triggered and obtain the
One user behavior data.For another example, after the logging request of the current application account logins successfully, if application server is examined
The operation behavior that active user carries out in the network application is measured to be related to equipping the sensitive operations such as transaction, moneytary operations, and
When carrying out the transaction numerical value of sensitive operation more than or equal to specified numerical value, application server can be triggered and obtain the first user behavior
Data.Wherein, specified numerical value can be that application account includes the 90% of numerical value, 95% etc. before deserving.For another example, application server
When the entry address that can also detect the current application account is the malice address in the malice entry address library of storage, triggering
Application server obtains the first user behavior data.Certainly, application server can also periodically obtain the first user behavior
Data.The trigger condition that the embodiment of the present invention no longer obtains the first user behavior data to triggering application server is arranged one by one
Out.
For the logging request of the current application account for logging in the current application account, which is that this is current
It is registered to obtain in the application server using the account owner, therefore, when terminal receives log-in instruction, which can
To send logging request to application server, the current application account and address information can be carried in the logging request, at this point,
Current application account is the application account currently logged in the terminal, and is the current application account for carrying out safety verification.
Wherein, the first user behavior data may include login time, end time, using duration, login place
With operation behavior etc. of the active user in the network application, the embodiment of the present invention is not specifically limited in this embodiment.Also, first
User behavior data is that the login behavior in account is applied to generate in this prior according to active user, specifically: application server
The receiving time for receiving the logging request of the current application account is obtained, according to the receiving time, determines login time, and according to
The address information that the logging request carries determines and logs in place;And obtain operation row of the active user in network application
For.For example, operation behavior of the user in the network application may include into copy, trip for heroic alliance's game
Play upgrading, equipment transaction, moneytary operations and social chat etc. can also include that the user plays the preference of the game, DPS
The user identifier and be somebody's turn to do that (Damage Per Second, second injury) way of output, DPS output data and user often chats
The user identifier etc. that user often trades.The DPS way of output is that user is to be exported with mouse, or exported with keyboard, when
It when being exported with keyboard, is exported with which key.DPS output data is the attack size of second injury.
Application server determines that the operation of login time can be with are as follows: application server determines that this connects according to the receiving time
Time interval where between time receiving, and obtained time interval is determined as login time.Alternatively, directly by the receiving time,
It is determined as login time.In addition, the address information that application server is carried according to the logging request, determines the operation for logging in place
It can be with are as follows: the address information that application server is carried according to the logging request from the address information of storage and logs between place
Corresponding relationship in, obtain corresponding login place.Furthermore in embodiments of the present invention, when log in place granularity of division compared with
When big, for example, logging in place is divided into city, at this point, in order to save the memory space of application server, the available login
The address field where the address information carried is requested, pair according to the address field, between the address field and login place of storage
In should being related to, corresponding login place is obtained.
Address information can be IP (Internet Protocol, Internet protocol) address, it is, of course, also possible to be it
His address, for example, MAC (Media Access Control, media access control) address, the embodiment of the present invention do not do this
It is specific to limit.
Based on above-mentioned example, if the network application is the game of heroic alliance, asked when application server receives login
When asking, it is 12:20 which, which obtains and receive the receiving time of the logging request, with obtaining the IP of logging request carrying
Location is 114.80.166.240, and is that equipment transaction and currency are handed over by operation behavior of the detection active user in the game
Easily, therefore, can be from multiple time intervals of storage, the time interval where obtaining the receiving time is 12:00~13:
00, and determine that login time determines corresponding login place according to the address IP 114.80.166.240 for 12:00~13:00
For Shanghai, and determine that operation behavior of the active user in the network application is equipment transaction and moneytary operations.Accordingly, it is determined that the
One user behavior data includes login time, logs in place and operation behavior, and login time is 12:00~13:00, logs in ground
Point is Shanghai, and operation behavior is equipment transaction and moneytary operations, can be constituted based on the first user behavior data such as Fig. 3 (a) institute
The list shown.
Step 202: according to the current application account, from storage using the corresponding pass between account and user behavior data
In system, second user behavioral data is obtained.
Specifically, application server is according to the current application account, from the application account and user behavior data of storage it
Between corresponding relationship in, the user behavior data that obtains corresponding user behavior data, and will acquire is determined as second user row
For data.
For example, the current application account is 1245333, application server can be according to the current application account
1245333, from the corresponding relationship as shown in table 1 below using between account and user behavior data, the user behavior of acquisition
Data are as follows: login time be 20:00~23:00, logins place be Shenzhen (Mon-Fri) and Guangzhou (Saturday and Sunday),
Operation behavior is into copy, game upgrading, living skill and social chat, and the user behavior data that will acquire is determined as the
Two user behavior datas, and then the list as shown in Fig. 3 (b) can be constituted based on second user behavioral data.
Table 1
Step 203: the attribute based on the first subdatas multiple in the first user behavior data will belong to the of same attribute
One subdata is divided into one group, obtains the first subdata of multiple groups.
Since the first user behavior data may include multiple first subdatas, and the attribute of each first subdata is not
Together, so, application server can be drawn the first subdata for belonging to same attribute based on the attribute of multiple first subdata
It is divided into one group, obtains the first subdata of multiple groups.Further, when including again multiple data in some first subdata, application
The data for belonging to same attribute can be divided into one group based on the attribute of multiple data by server.For example, first user's row
It to include login time in data, logging in place and operation behavior, and again include equipment transaction and moneytary operations in operation behavior
Two data, equipment transaction is different with the attribute of moneytary operations, and therefore, the first user behavior data includes 4 group of first subdata,
Respectively 12:00~13:00, Shanghai, equipment transaction and moneytary operations.
Step 204: the attribute based on the second subdatas multiple in second user behavioral data will belong to the of same attribute
Two subdatas are divided into one group, obtain the second subdata of multiple groups.
Since second user behavioral data also may include multiple second subdatas, and the attribute of each second subdata can
Can be different, so, application server can will belong to the second subdata of same attribute based on the attribute of multiple second subdatas
It is divided into one group, obtains the second subdata of multiple groups.Further, it when including again multiple data in some second subdata, answers
The data for belonging to same attribute can be divided into one group based on the attribute of multiple data with server.For example, second user
Include login time in behavioral data, log in place and operation behavior, logging in place includes Shenzhen (Mon-Fri) and Guangzhou
(Saturday and Sunday), but Shenzhen (Mon-Fri) and Guangzhou (Saturday and Sunday) belong to same attribute, can be divided into one
Group, and operation behavior includes into copy, game upgrading, living skill and social chat, into copy, game upgrading, life
Technical ability and social chat belong to different attributes, need to be respectively divided into one group, and therefore, second user behavioral data includes 6 groups
Second subdata, respectively 20:00~23:00, Shenzhen (Mon-Fri) Guangzhou (Saturday and Sunday), into copy, game
Upgrading, living skill and social chat, in this way, can based on shown in Fig. 4, by every group of first subdata and every group of second subdata
It is compared, and then the matching between the first user behavior data and second user behavioral data is calculated based on following steps
Degree.
Step 205: the packet count of packet count, the second subdata based on the first subdata, the first subdata of multiple groups and more
The second subdata of group, obtains the matching degree between the first user behavior data and second user behavioral data.
Specifically, for every group of second subdata in the second subdata of multiple groups, application server obtain respectively this second
Matching degree between the first subdata of subdata and multiple groups;The maximum value in matching degree that will acquire is determined as second subnumber
According to corresponding matching degree;Packet count of the application server based on the first subdata, the packet count of the second subdata and every group second
The corresponding matching degree of subdata obtains the matching degree between the first user behavior data and second user behavioral data.
Wherein, packet count, the packet count of second subdata and every group second son of the application server based on the first subdata
The corresponding matching degree of data calculates between the first user behavior data and second user behavioral data according to following formula
With degree;
Wherein, in above-mentioned formula, S (A, B) is between the first user behavior data B and second user behavioral data A
Matching degree, | A | it is the packet count of the second subdata, | B | it is the packet count of the first subdata, S (Ai,Bj) it is the second subdata Ai
With the first subdata BjBetween matching degree,For the second subdata AiCorresponding matching degree.
Above-mentioned formula is unrelated with data structure, the sequence of data attribute, guarantee calculate matching degree be all it is identical, because
This, can neatly calculate matching degree by above-mentioned formula.
For example, the packet count of the first subdata is 4, and 4 group of first subdata is respectively 12:00~13:00, Shanghai, dress
Standby transaction and moneytary operations, the packet count of the second subdata is 6, and 6 group of second subdata is respectively 20:00~23:00, Shenzhen
(Mon-Fri) Guangzhou (Saturday and Sunday) is chatted into copy, game upgrading, living skill and social activity, if, the second son
The matching degree of data 20:00~23:00 is 0.2, second subdata group Shenzhen (Mon-Fri) Guangzhou (Saturday and Sunday)
Matching degree is 0.1, and the matching degree that the second subdata enters copy is 0.24, and the matching degree of the second subdata game upgrading is
0.12, the matching degree of the second subdata living skill is 0.11, and the matching degree of the second subdata social activity chat is 0.21.At this point,
Packet count 4 of the application server based on the first subdata, the packet count 6 of the second subdata and every group the second subdata corresponding
The matching degree between the first user behavior data and second user behavioral data is calculated according to above-mentioned formula with degree are as follows:
Step 206: based on the matching degree acquired, the identity of the active user being verified.
Specifically, the matching degree that application server will acquire is compared with matching degree threshold value, if acquired
Matching degree be greater than or equal to matching degree threshold value, it is determined that the authentication of the active user passes through;If acquired
It is less than matching degree threshold value with degree, it is determined that the authentication of the active user does not pass through.
Further, above-mentioned steps 201 are mentioned, and the condition that triggering application server obtains the first user behavior data can be with
Including a variety of, so that method based on the embodiment of the present invention, determines that the authentication of active user is obstructed out-of-date, takes
Safety precautions also may include a variety of.For example, when application server receives the logging request of the current application account,
If application server obtains the first user behavior data, and the method provided through the embodiment of the present invention, to active user's
Authentication is obstructed out-of-date, can refuse the login of the current application account, that is to say, determines that the current application account logs in and loses
It loses, alternatively, active user couple can be made when safety problem is arranged to the current application account in the current application account owner
The safety problem of the current application account carries out response, so that it is determined that whether the current application account logins successfully.And works as and deserve
After preceding application account logins successfully, if application server detects the operation row that active user carries out in the network application
To be related to equipping the sensitive operations such as transaction, moneytary operations, and the transaction numerical value for carrying out sensitive operation is greater than or equal to specified number
When value, triggering application server obtains the first user behavior data, and obstructed out-of-date to the authentication of active user, can incite somebody to action
The current application account is verified by modes such as short message verification code, instant messaging identifying codes, alternatively, working as the current application account
When safety problem is arranged to the current application account in number owner, active user can be made to ask the safety of the current application account
Topic carries out response, so that it is determined that whether the sensitive operation of the current application account successfully completes.The embodiment of the present invention does not do this
It is specific to limit.
Wherein, matching degree threshold value is set in advance, and the embodiment of the present invention does not do specific limit to the size of matching degree threshold value
It is fixed.In addition, can determine that the identity of the active user is when application server determines that the authentication of the active user passes through
The current application account owner, the safety of the current application account are higher;When application server determines the body of the active user
Part verifying is obstructed out-of-date, can determine that the identity of the active user is steal-number person, the safety of the current application account is lower.
Further, after application server determines that the authentication of the active user passes through, further includes: used according to first
Family behavioral data is updated second user behavioral data;And it will be using the corresponding pass between account and user behavior data
In system, the corresponding user behavior data of current application account replaces with updated second user behavioral data.
First user behavior data mentioned above is that the login behavior in account is applied to produce in this prior according to active user
Raw, therefore, application server is according to the first user behavior data, can basis when being updated to second user behavioral data
This login behavior of the active user carries out more the data that each login behavior stored before current time generates
Newly, and to updated data it handles.For example, being into this data of copy, when this is detected for operation behavior
When using entering copy, setting copy data is 1, and when this is detected using copy is not entered, setting copy data is 0,
This copy data being arranged is stored, being averaged before calculating this and including this multiple copy data being arranged
Value determines that copy result is 0, and determine that application does not enter copy, when calculating when the average value of calculating is less than default value
When average value is greater than or equal to default value, determine that copy result is 1, and determine that application enters copy, if, this logs in row
Detected in using enter copy, and current time before store each login behavior generate copy data be 1,0,0,
1,1,1, therefore, in addition this logs in the copy data 1 that behavior generates, the average value for calculating multiple copy data is 0.71,
And 0.71 is greater than default value 0.5, accordingly, it is determined that the operation behavior in updated second user behavioral data is to enter pair
This.And for logging in place, it when the address information carried based on the logging request, determines after logging in place, based on determining
Log in place, increase corresponding logins place quantity, calculate it is each log in place quantity log in place total quantity in shared by
Ratio is determined as the login place of the current application account owner above or equal to the login place of proportion threshold value, storage
In second user behavioral data in the updated.For example, carrying address information based on the logging request, determining login place is
Guangzhou, the corresponding login place quantity in Guangzhou are 8, and logging in place total quantity is 10, and the corresponding login place quantity in Guangzhou is increased
Adding 1, obtains 9, then Guangzhou ratio shared in all login places is 0.9, if, logging in place further includes Beijing, and
Ratio of the Beijing where in all login places is 0.1, proportion threshold value 0.88, at this point, determining updated second user
Login place in behavioral data is Guangzhou.
In embodiments of the present invention, the first user behavior data is obtained, and according to working as where the first user behavior data
It is preceding to apply account, from storage using in the corresponding relationship between account and user behavior data, obtain second user behavior number
According to.Since second user behavioral data is the corresponding data of the current application account owner, so, calculate the first user behavior number
According to the matching degree between second user behavioral data, and the matching degree based on calculating can accurately verify the body of active user
Part, and then determine whether the current application account is stolen, the loss of the virtual objects of the current application account is avoided, and avoid
The leakage and property loss of chat message between the current application account owner and other users.
The embodiment of the invention provides a kind of application account number safeties to verify apparatus structure schematic diagram by Fig. 5.Referring to Fig. 5, the dress
It sets and includes:
First obtains module 501, and for obtaining the first user behavior data, the first user behavior data is according to active user
Login behavior in current application account generates, which is the current application account for carrying out safety verification;
Second obtains module 502, is used for according to the current application account, from the application account and user behavior data of storage
Between corresponding relationship in, obtain second user behavioral data;
Third obtains module 503, for obtaining the matching between the first user behavior data and second user behavioral data
Degree;
Authentication module 504, for being verified to the identity of the active user based on the matching degree acquired.
Optionally, the first acquisition module 501 includes:
First acquisition unit, for obtaining the receiving time for receiving the logging request of the current application account;
First determination unit, for determining login time according to the receiving time;
Second determination unit, the address information for being carried according to the logging request determine and log in place;
Second acquisition unit, for obtaining operation behavior of the active user in network application.
Optionally, third acquisition module 503 includes:
First division unit will belong to same for the attribute based on the first subdatas multiple in the first user behavior data
First subdata of one attribute is divided into one group, obtains the first subdata of multiple groups;
Second division unit will belong to same for the attribute based on the second subdatas multiple in second user behavioral data
Second subdata of one attribute is divided into one group, obtains the second subdata of multiple groups;
Acquiring unit, packet count, the first subdata of multiple groups for packet count, the second subdata based on the first subdata
With the second subdata of multiple groups, the matching degree between the first user behavior data and second user behavioral data is obtained.
Optionally, acquiring unit includes:
First obtains subelement, for obtaining the group respectively for every group of second subdata in the second subdata of multiple groups
Matching degree between the first subdata of second subdata and multiple groups;
Determine subelement, the maximum value in matching degree for will acquire is determined as corresponding of second subdata of group
With degree;
Second obtains subelement, the packet count for packet count, multiple second subdatas based on multiple first subdatas
Matching degree corresponding with every group of second subdata obtains the matching between the first user behavior data and second user behavioral data
Degree.
Optionally, authentication module 504 includes:
Third determination unit, if the matching degree for acquiring is greater than or equal to matching degree threshold value, it is determined that deserve
The authentication of preceding user passes through;
4th determination unit, if the matching degree for acquiring is less than the matching degree threshold value, it is determined that this is current
The authentication of user does not pass through.
Optionally, authentication module 504 further include:
Updating unit, for being updated to second user behavioral data according to the first user behavior data.
In embodiments of the present invention, the first user behavior data is obtained, and according to working as where the first user behavior data
It is preceding to apply account, from storage using in the corresponding relationship between account and user behavior data, obtain second user behavior number
According to.Since second user behavioral data is the corresponding data of the current application account owner, so, obtain the first user behavior number
According to the matching degree between second user behavioral data, and the matching degree based on acquisition can accurately verify the body of active user
Part, and then determine whether the current application account is stolen, the loss of the virtual objects of the current application account is avoided, and avoid
The leakage and property loss of chat message between the current application account owner and other users.
It should be understood that application account number safety verifying device provided by the above embodiment is verified in application account number safety
When, only the example of the division of the above functional modules, in practical application, it can according to need and divide above-mentioned function
With being completed by different functional modules, i.e., the internal structure of device is divided into different functional modules, to complete above description
All or part of function.In addition, application account number safety verifying device provided by the above embodiment is tested with using account number safety
Card embodiment of the method belongs to same design, and specific implementation process is detailed in embodiment of the method, and which is not described herein again.
Referring to FIG. 6, it illustrates application account number safety provided by one embodiment of the present invention verifying apparatus structure signals
Figure, the device can be application server, and the application server 600 is including central processing unit (CPU) 601 including at random
Access the system storage 604 of memory (RAM) 602 and read-only memory (ROM) 603, and connection 604 He of system storage
The system bus 605 of central processing unit 601.The application server 600 further include help computer in each device it
Between transmit information basic input/output (I/O system) 606, and be used for storage program area 613, application program 610
With the mass-memory unit 607 of other program modules 615.
The basic input/output 606 includes display 608 for showing information and inputs letter for user
The input equipment 609 of such as mouse, keyboard etc of breath.Wherein the display 608 and input equipment 609 are all by being connected to
The input and output controller 610 of system bus 605 is connected to central processing unit 601.The basic input/output 606
Can also include input and output controller 610 with for receive and handle from keyboard, mouse or electronic touch pen etc. it is multiple its
The input of his equipment.Similarly, input and output controller 610 also provides output to display screen, printer or other kinds of defeated
Equipment out.
The mass-memory unit 607 is by being connected to the bulk memory controller (not shown) of system bus 605
It is connected to central processing unit 601.The mass-memory unit 607 and its associated computer-readable medium are application clothes
Business device 600 provides non-volatile memories.That is, the mass-memory unit 607 may include such as hard disk or CD-
The computer-readable medium (not shown) of ROM drive etc.
Without loss of generality, the computer-readable medium may include computer storage media and communication media.Computer
Storage medium includes information such as computer readable instructions, data structure, program module or other data for storage
The volatile and non-volatile of any method or technique realization, removable and irremovable medium.Computer storage medium includes
RAM, ROM, EPROM, EEPROM, flash memory or other solid-state storages its technologies, CD-ROM, DVD or other optical storages, tape
Box, tape, disk storage or other magnetic storage devices.Certainly, skilled person will appreciate that the computer storage medium
It is not limited to above-mentioned several.Above-mentioned system storage 604 and mass-memory unit 607 may be collectively referred to as memory.
According to various embodiments of the present invention, the application server 600 can also be connected by networks such as internets
The remote computer operation being connected on network.Namely application server 600 can be by being connected on the system bus 605
Network Interface Unit 611 is connected to network 612, in other words, Network Interface Unit 611 can be used also to be connected to other types
Network or remote computer system (not shown).
The memory further includes that one or more than one program, the one or more programs are stored in
In memory, the one or more programs include to test for carrying out application account number safety provided in an embodiment of the present invention
The instruction of card method.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, it is all in spirit of the invention and
Within principle, any modification, equivalent replacement, improvement and so on be should all be included in the protection scope of the present invention.
Claims (8)
1. a kind of application account number safety verification method, which is characterized in that the described method includes:
Be related to the sensitive operation of transaction when detecting active user in online game application, and carries out sensitive operation
When numerical value of trading is greater than or equal to specified numerical value, the first user behavior data is obtained;
Wherein, first user behavior data is generated according to login behavior of the active user in current application account, described
First user behavior data includes the login time of the current application account, logs in place and the active user in the net
Operation behavior in network game application, the operation behavior include into copy, game upgrading, equipment transaction, moneytary operations and
Social activity chat;
It is obtained according to the current application account from storage using in the corresponding relationship between account and user behavior data
Second user behavioral data;
Based on the attribute of multiple first subdatas in first user behavior data, the first subdata of same attribute will be belonged to
It is divided into one group, obtains the first subdata of multiple groups;
Based on the attribute of multiple second subdatas in the second user behavioral data, the second subdata of same attribute will be belonged to
It is divided into one group, obtains the second subdata of multiple groups;
For every group of second subdata in second subdata of multiple groups, second subdata and the multiple groups are obtained respectively
Matching degree between first subdata;
The maximum value in matching degree that will acquire is determined as the corresponding matching degree of second subdata;
The packet count of packet count, the multiple second subdata based on the multiple first subdata and every group second son
The corresponding matching degree of data obtains the matching degree between first user behavior data and the second user behavioral data;
Based on the matching degree acquired, the identity of the active user is verified.
2. the method as described in claim 1, which is characterized in that the first user behavior data of the acquisition, comprising:
Obtain the receiving time for receiving the logging request of the current application account;
According to the receiving time, the login time is determined;
According to the address information that the logging request carries, the login place is determined;
Obtain operation behavior of the active user in online game application.
3. the method as described in claim 1, which is characterized in that it is described based on the matching degree acquired, to the current use
The identity at family is verified, comprising:
If the matching degree acquired is greater than or equal to matching degree threshold value, it is determined that the authentication of the active user is logical
It crosses;
If the matching degree acquired is less than the matching degree threshold value, it is determined that the authentication of the active user is obstructed
It crosses.
4. method as claimed in claim 3, which is characterized in that the authentication of the determination active user passes through it
Afterwards, further includes:
According to first user behavior data, the second user behavioral data is updated.
5. a kind of application account number safety verifies device, which is characterized in that described device includes:
First obtains module, detects that active user carries out being related to the sensitive behaviour of transaction in online game application for working as
When the transaction numerical value made, and carry out sensitive operation is greater than or equal to specified numerical value, the first user behavior data is obtained;
Wherein, first user behavior data is generated according to login behavior of the active user in current application account, described
First user behavior data includes the login time of the current application account, logs in place and the active user in the net
Operation behavior in network game application, the operation behavior include into copy, game upgrading, equipment transaction, moneytary operations and
Social activity chat;
Second obtains module, is used for according to the current application account, between the application account and user behavior data of storage
Corresponding relationship in, obtain second user behavioral data;
Third obtains module, for the attribute based on multiple first subdatas in first user behavior data, will belong to same
First subdata of one attribute is divided into one group, obtains the first subdata of multiple groups;Based on more in the second user behavioral data
The second subdata for belonging to same attribute is divided into one group, obtains the second subdata of multiple groups by the attribute of a second subdata;It is right
Every group of second subdata in second subdata of multiple groups obtains the first son of second subdata and the multiple groups respectively
Matching degree between data;The maximum value in matching degree that will acquire is determined as the corresponding matching degree of second subdata;Base
In the packet count of the multiple first subdata, the packet count of the multiple second subdata and every group of second subdata pair
The matching degree answered obtains the matching degree between first user behavior data and the second user behavioral data;
Authentication module, for being verified to the identity of the active user based on the matching degree acquired.
6. device as claimed in claim 5, which is characterized in that described first, which obtains module, includes:
First acquisition unit, for obtaining the receiving time for receiving the logging request of the current application account;
First determination unit, for determining the login time according to the receiving time;
Second determination unit, the address information for being carried according to the logging request, determines the login place;
Second acquisition unit, for obtaining operation behavior of the active user in online game application.
7. device as claimed in claim 5, which is characterized in that the authentication module includes:
Third determination unit, if the matching degree for acquiring is greater than or equal to matching degree threshold value, it is determined that described current
The authentication of user passes through;
4th determination unit, if the matching degree for acquiring is less than the matching degree threshold value, it is determined that the current use
The authentication at family does not pass through.
8. device as claimed in claim 7, which is characterized in that the authentication module further include:
Updating unit, for being updated to the second user behavioral data according to first user behavior data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510182725.1A CN104967603B (en) | 2015-04-17 | 2015-04-17 | Using account number safety verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510182725.1A CN104967603B (en) | 2015-04-17 | 2015-04-17 | Using account number safety verification method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104967603A CN104967603A (en) | 2015-10-07 |
| CN104967603B true CN104967603B (en) | 2019-06-11 |
Family
ID=54221546
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510182725.1A Active CN104967603B (en) | 2015-04-17 | 2015-04-17 | Using account number safety verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104967603B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106708869B (en) * | 2015-11-16 | 2020-04-28 | 阿里巴巴集团控股有限公司 | A method and device for group data processing |
| CN106875183B (en) * | 2016-06-28 | 2020-07-28 | 阿里巴巴集团控股有限公司 | Method and device for determining state of bank account number, ID number, and information to be checked |
| CN108009168B (en) * | 2016-10-31 | 2020-12-01 | 腾讯科技(深圳)有限公司 | User account identification method and device |
| CN108540431A (en) * | 2017-03-03 | 2018-09-14 | 阿里巴巴集团控股有限公司 | The recognition methods of account type, device and system |
| CN107257325A (en) * | 2017-05-09 | 2017-10-17 | 北京潘达互娱科技有限公司 | User profile guard method and device |
| CN121262264B (en) * | 2025-12-05 | 2026-03-27 | 西昌学院 | Remote control system and method for equipment based on computer network applications |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7272728B2 (en) * | 2004-06-14 | 2007-09-18 | Iovation, Inc. | Network security and fraud detection system and method |
| CN103581108B (en) * | 2012-07-19 | 2017-05-03 | 阿里巴巴集团控股有限公司 | Login authentication method, login authentication client, login authentication server and login authentication system |
| US9558347B2 (en) * | 2013-08-27 | 2017-01-31 | Globalfoundries Inc. | Detecting anomalous user behavior using generative models of user actions |
| CN104518876B (en) * | 2013-09-29 | 2019-01-04 | 腾讯科技(深圳)有限公司 | Service login method and device |
| CN104268378B (en) * | 2014-09-12 | 2017-02-15 | 北京邮电大学 | Visual abnormal behavior monitoring method based on mobile user mass data |
-
2015
- 2015-04-17 CN CN201510182725.1A patent/CN104967603B/en active Active
Non-Patent Citations (1)
| Title |
|---|
| 面向电子商务的用户异常行为检测研究;姬炳帅等;《信息网络安全》;20140910;P80-85 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104967603A (en) | 2015-10-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104967603B (en) | Using account number safety verification method and device | |
| CN104301286B (en) | User log-in authentication method and device | |
| CN104917749B (en) | account registration method and device | |
| CN104836781B (en) | Distinguish the method and device for accessing user identity | |
| US8589694B2 (en) | System, method, and apparatus for graduated difficulty of human response tests | |
| US8370389B1 (en) | Techniques for authenticating users of massive multiplayer online role playing games using adaptive authentication | |
| CN109698809B (en) | A method and device for identifying abnormal account login | |
| CN100395766C (en) | Method and system for time limiting online game users | |
| US9667613B1 (en) | Detecting mobile device emulation | |
| CN110311891B (en) | Account management method and device, computer equipment and storage medium | |
| CN110830445B (en) | Method and device for identifying abnormal access object | |
| CN108810831A (en) | Method for pushing, electronic device and the readable storage medium storing program for executing of short message verification code | |
| WO2021036014A1 (en) | Federated learning credit management method, apparatus and device, and readable storage medium | |
| US9754209B1 (en) | Managing knowledge-based authentication systems | |
| CN107347054B (en) | An authentication method and device | |
| CN106778260A (en) | Attack detection method and device | |
| CN111680167B (en) | Service request response method and server | |
| CN109669718A (en) | System permission configuration method, device, equipment and storage medium | |
| CN105022939B (en) | Information Authentication method and device | |
| CN112491625A (en) | Operation and maintenance alarming method, device and equipment based on instant communication platform | |
| CN110166344A (en) | A kind of identity recognition methods, device and relevant device | |
| CN110414271A (en) | A kind of private data guard method, device and computer readable storage medium | |
| CN109547427A (en) | Black list user's recognition methods, device, computer equipment and storage medium | |
| CN109547426A (en) | Service response method and server | |
| CN107248995A (en) | Account verification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |