CN106533893A - Message processing method and system - Google Patents

Message processing method and system Download PDF

Info

Publication number
CN106533893A
CN106533893A CN201510570515.XA CN201510570515A CN106533893A CN 106533893 A CN106533893 A CN 106533893A CN 201510570515 A CN201510570515 A CN 201510570515A CN 106533893 A CN106533893 A CN 106533893A
Authority
CN
China
Prior art keywords
target message
propagation
message
server
relation chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510570515.XA
Other languages
Chinese (zh)
Other versions
CN106533893B (en
Inventor
高岳
颜国平
吴刚
湛长兰
曾凡
周帆
周一帆
阮华
姜瑾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201510570515.XA priority Critical patent/CN106533893B/en
Publication of CN106533893A publication Critical patent/CN106533893A/en
Application granted granted Critical
Publication of CN106533893B publication Critical patent/CN106533893B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the invention provides a message processing method and system, wherein the method may include the following steps: when a front-end server spreads a target message, whether the target message is a malicious message is identified, and if the target message is a malicious message, the front-end server reports the target message to an analysis server; the analysis server tracks the spreading attribute of the target message, generates a spreading relation chain of the target message according to the spreading attribute of the target message, and sends the spreading relation chain of the target message to a strategy server; and the strategy server generates a safety strategy directing at the spreading relation chain of the target message, and sends the safety strategy to the front-end server, and the front-end server executes safe operation on the spreading relation chain of the target message according to the safety strategy. The message processing method provided by the invention can effectively improve message processing efficiency, and improves safety of message spreading.

Description

A kind of message treatment method and system
Technical field
The present invention relates to Internet technical field, and in particular to internet message propagates security technique field, More particularly to a kind of message treatment method and system.
Background technology
Social platform includes such as instant messaging, SNS (Social Networking Services, social net Network is serviced) etc. social network sites or social class application, be mainly to aid between user setting up the company of social networks Connect, realize the communication exchange between user.However, enriching constantly with social platform function, a large amount of to dislike Meaning message is full of social platform, for example:Ad promotions, rumour message, fake and inferior commodities sell message etc. Propagate the normal interaction having a strong impact between user in social platform Deng, these malicious messages, and exist it is right User's right constitutes the potential safety hazards such as fraud infringement, therefore, these malicious messages are carried out with strike and is processed to carry Rise social platform safety very necessary.At present, user is depended on regard to the processing procedure of malicious messages Report, specially:User has found to be reported to server during malicious messages, and provides corresponding evidence, The malicious messages reported to user by the auditor of server side are audited, and propagate the malice to performing The malicious user of message carries out corresponding security strategy process (include title, intercept malicious messages etc.).It is existing Scheme is manually carried out to place's reason of malicious messages, and deals with objects the single propagation use for malicious messages Family is carried out, less efficient, when especially reporting data in the face of magnanimity, spent human cost and time cost It is difficult to estimate.
The content of the invention
The embodiment of the present invention provides a kind of message treatment method and system, can carry out in message communication process The automatic identification of malicious messages, and the propagation relation chain of malicious messages is followed the trail of, peace is performed based on relation chain is propagated Full strategy, can effectively lift Message Processing efficiency, lift the safety that message is propagated.
Embodiment of the present invention first aspect provides a kind of message treatment method, it may include:
Front-end server recognizes whether the target message is malicious messages, if institute in communication target message Target message is stated for malicious messages, the front-end server reports the target message to Analysis server;
The Analysis server follows the trail of the propagation property of the target message, according to the propagation of the target message Attribute generates the propagation relation chain of the target message, and by the propagation relation chain of the target message send to Strategic server;
The strategic server generates security strategy for the propagation relation chain of the target message, and will be described Security strategy is sent to the front-end server, by the front-end server according to the security strategy to described The propagation relation chain of target message performs safety operation.
Further, in communication target message, the front-end server recognizes whether the target message is evil Meaning message, including:
The message that front-end server receiving terminal sends propagates request, and the message propagates request includes sender ID, recipient's ID and target message;
Whether the front-end server includes malice content of multimedia, malice text in recognizing the target message At least one in content, hidden identification, the multimedia include image and/or audio frequency and video;
If so, the front-end server confirms that the target message is malicious messages.
Further, the Analysis server follows the trail of the propagation property of the target message, including:
Sender's ID is defined as hidden identification by the Analysis server;
The Analysis server is hidden encryption to the target message, is the target message addition The hidden identification;
Target message with the hidden identification is returned to the front-end server by the Analysis server, So that the front-end server propagates the target message with the hidden identification to recipient user;
The Analysis server is tracked to the propagation property of the target message according to the hidden identification.
Further, the Analysis server follows the trail of the propagation property of the target message, including:
The Analysis server sends trace instruction to the front-end server, and the trace instruction is used to indicate The front-end server propagates the target message to recipient user, and feeds back the propagation of the target message Attribute;
The Analysis server receives the propagation property of the target message of the front-end server feedback.
Further, the Analysis server generates the target message according to the propagation property of the target message Propagation relation chain, including:
The Analysis server parses the target message and obtains at least one the characteristic information;
The Analysis server extracts the propagation time of the propagation property record of the target message, sender and uses Family identifies and recipient's ID;
The Analysis server is according at least one the characteristic information of the target message, propagation time, transmission Person's ID and recipient's ID carry out clustering processing, obtain the propagation relation chain of the target message, The propagation relation chain of the target message is by propagating at least one ID of the target message according to propagation The sequencing composition of time.
Further, the strategic server generates security strategy for the propagation relation chain of the target message, Including:
The strategic server monitors propagation degree of the propagation relation chain of the target message to malicious messages, institute Stating propagation degree includes:Modification degree in frequencies of propagation and/or communication process to malicious messages;
The strategic server arranges security strategy according to the propagation degree, and the security strategy includes:To institute The ID stated in the propagation relation chain of target message carries out title process, intercepts or shields the target and disappear The malicious messages propagated by the propagation relation chain of breath, or to the use in the propagation relation chain of the target message Family identifies corresponding terminal output and reminds.
Embodiment of the present invention second aspect provides a kind of message handling system, it may include front-end server, analysis Server and strategic server;
The front-end server, in communication target message, recognizing whether the target message is malice Message, if the target message is malicious messages, reports the target message to Analysis server;
The Analysis server, for following the trail of the propagation property of the target message, according to the target message Propagation property generate the propagation relation chain of the target message, and by the propagation relation chain of the target message Send to strategic server;
The strategic server, generates security strategy for the propagation relation chain for the target message, and The security strategy is sent to the front-end server, by the front-end server according to the security strategy Safety operation is performed to the propagation relation chain of the target message.
Further, the front-end server includes:
Recognition unit, in communication target message, recognizing whether the target message is malicious messages;
Reporting unit, if being malicious messages for the target message, reports the target to Analysis server Message;
Performance element, the biography for the security strategy that sends according to the strategic server to the target message Broadcast relation chain and perform safety operation.
Further, the recognition unit includes:
Request reception unit, propagates request for the message that receiving terminal sends, and the message propagates request bag Include sender's ID, recipient's ID and target message;
Malice recognition unit, for whether recognizing in the target message comprising malice content of multimedia, malice At least one in content of text, hidden identification, the multimedia include image and/or audio frequency and video;
Malice confirmation unit, for if so, confirming that the target message is malicious messages.
Further, the Analysis server includes:
Tracing unit, for following the trail of the propagation property of the target message;
Relation chain signal generating unit, for generating the target message according to the propagation property of the target message Propagate relation chain;
Transmitting element, for the propagation relation chain of the target message is sent to strategic server.
Further, the tracing unit includes:
Hidden identification determining unit, for sender's ID is defined as hidden identification;
Cryptographic processing unit, for being hidden encryption to the target message, is the target message Add the hidden identification;
Message returning unit, for the target message with the hidden identification is returned to the front end services Device, so that the front-end server propagates the target message with the hidden identification to recipient user;
Propagation property tracing unit, for being entered to the propagation property of the target message according to the hidden identification Row is followed the trail of;
Or, the tracing unit includes:
Command unit, for sending trace instruction to the front-end server, the trace instruction is used to indicate The front-end server propagates the target message to recipient user, and feeds back the propagation of the target message Attribute;
Propagation property receiving unit, for receiving the propagation of the target message of the front-end server feedback Attribute.
Further, the relation chain signal generating unit includes:
Message parsing unit, obtains at least one the characteristic information for parsing the target message;
Record extraction unit, for extracting the propagation time of the propagation property record of the target message, sending Person's ID and recipient's ID;
Clustering processing unit, at least one the characteristic information according to the target message, the propagation time, Sender's ID and recipient's ID carry out clustering processing, and the propagation for obtaining the target message is closed Tethers, the propagation relation chain of the target message are pressed by least one ID for propagating the target message Constitute according to the sequencing in propagation time.
Further, the strategic server includes:
Strategy generating unit, generates security strategy for the propagation relation chain for the target message;
Tactful transmitting element, for the security strategy is sent to the front-end server.
Further, the strategy generating unit includes:
Monitoring means are propagated, for monitoring the propagation degree of the propagation relation chain to malicious messages of the target message, The propagation degree includes:Modification degree in frequencies of propagation and/or communication process to malicious messages;
Strategy setting unit, for arranging security strategy according to the propagation degree, the security strategy includes: Title process is carried out to the ID in the propagation relation chain of the target message, the mesh is intercepted or shield The malicious messages propagated by mark transmission of news relation chain, or in the propagation relation chain of the target message The output of ID corresponding terminal remind.
Implement the embodiment of the present invention, have the advantages that:
In the embodiment of the present invention, malice knowledge is carried out to target message in communication target message by front-end server Not, and recognizing when target message is malicious messages Analysis server is reported to, is passed through by Analysis server The propagation property of target message is followed the trail of so as to generate propagation relation chain, by strategic server for target message Propagate relation chain to generate security strategy and perform, whole process is realized by each server interaction, it is to avoid artificial to join Consume with the human resourcess for being brought;Meanwhile, security strategy is performed based on relation chain is propagated, effectively lifted Malice hitting dynamics, lifts Message Processing efficiency, lifts the safety that message is propagated.
Description of the drawings
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to implementing Example or accompanying drawing to be used needed for description of the prior art are briefly described, it should be apparent that, describe below In accompanying drawing be only some embodiments of the present invention, for those of ordinary skill in the art, do not paying On the premise of going out creative work, can be with according to these other accompanying drawings of accompanying drawings acquisition.
Fig. 1 is a kind of structural representation of message handling system provided in an embodiment of the present invention;
Fig. 2 is the structural representation of another kind of message handling system provided in an embodiment of the present invention;
Fig. 3 is a kind of flow chart of message treatment method provided in an embodiment of the present invention;
Structural representations of Fig. 4 a for the embodiment of the recognition unit in the front-end server shown in Fig. 2;
Structural representations of Fig. 4 b for one embodiment of the tracing unit in the Analysis server shown in Fig. 2;
Structural representations of Fig. 4 c for another embodiment of the tracing unit in the Analysis server shown in Fig. 2;
Structural representations of Fig. 4 d for the embodiment of the relation chain signal generating unit in the Analysis server shown in Fig. 2;
Structural representations of Fig. 4 e for the embodiment of the strategy generating unit in the strategic server shown in Fig. 2;
Fig. 5 is the flow chart of another kind of message treatment method provided in an embodiment of the present invention;
Fig. 6 is a schematic diagram of concealed encrypted process provided in an embodiment of the present invention;
Fig. 7 is another schematic diagram of concealed encrypted process provided in an embodiment of the present invention;
Fig. 8 is the schematic diagram of message communication process provided in an embodiment of the present invention;
Fig. 9 is the flow chart of another message treatment method provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearly Chu, it is fully described by, it is clear that described embodiment is only a part of embodiment of the invention, rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creation Property work under the premise of the every other embodiment that obtained, belong to the scope of protection of the invention.
Fig. 1-Fig. 2 is referred to, is a kind of structural representation of message handling system provided in an embodiment of the present invention; The system 1 may include:Front-end server 10, Analysis server 20 and strategic server 30.Front end services Device 10, Analysis server 20 and strategic server 30 between any two can be by connection sides such as optical fiber, cables Formula is connected with each other.Wherein, front-end server 10 may include:Recognition unit 101, reporting unit 102 and hold Row unit 103.Analysis server 20 may include:Tracing unit 201, relation chain signal generating unit 202 and send out Send unit 203.Strategic server 30 may include:Strategy generating unit 301 and tactful transmitting element 302.
Front-end server 10 can be set up with least one terminal and be communicated to connect, and terminal herein may include but not limit In:PC (Personal Computer, personal computer), PAD (panel computer), smart mobile phone, intelligence Wearable device etc..Front-end server 10 using wired modes such as optical fiber, cables, or can be adopted With such as Wifi (Wireless-Fidelity, Wireless Fidelity), GPRS (General Packet Radio Service, General packet radio service) etc. wireless mode and at least one terminal suggestion communication connection.Front-end server 10 The various requests of the user of responsible processing terminal side, and the user for end side provides corresponding service, can wrap Include but be not limited to:Receive come that the such as good friend chat request of self terminal, message forward request, message propagates please Interaction request is sought etc., the request for responding terminal performs the transmission service of chat content, message content etc.;Or Person, receives and carrys out the application operating requests such as application registration, the historical record inquiry of self terminal, respond terminal Request and perform registration service, inquiry service etc. service.Message herein may include but be not limited to:I.e. When communication information, SNS message etc..The embodiment of the present invention is mainly used in front-end server 10 and is processing eventually The interaction request of the user of side and during communication target message, with Analysis server 20 and strategic server 30 Interact performed Message Processing flow process, it is intended to follows the trail of the propagation relation chain of malicious messages, and closes to propagating Tethers performs security strategy, to ensure the safety of message communication process.
Fig. 3 is referred to, is a kind of flow chart of message treatment method provided in an embodiment of the present invention.Fig. 3 is detailed Illustrate front-end server 10, Analysis server 20 and strategy clothes in the message handling system 1 shown in Fig. 1-Fig. 2 The Message Processing flow process for interacting and performing between business device 30, it is specific as follows:
Step S101-S102 is betided in front-end server 10, specially:Recognition unit 101 in response to The interaction request of terminal and during communication target message, for example:In response to end side user A chat request to Good friend B sends chat messages, or, the request of sharing in response to end side user A divides to user C transmissions Message etc. is enjoyed, now the chat messages to be propagated of front-end server 10 or is shared message and is target message, Recognition unit 101 need in communication process recognize the target message whether be malicious messages, wherein, malice Message may include but be not limited to advertisement information, rumour, fake and inferior commodities and promote message etc., malicious messages Malice content of multimedia and/or malice content of text are generally configured with, for example:Comprising commodity picture or promotional price, Or include rumor transmission audio frequency and video or content of text etc..If recognition unit 101 confirms the target message For malicious messages, then the target message is transferred to into reporting unit 102, from reporting unit 102 to Analysis Service Device 20 reports the target message.
Step S103-S105 is betided in Analysis server 20, specially:Tracing unit 201 is being received After the target message that reporting unit 102 in front-end server 10 is reported, the biography of the target message is followed the trail of Broadcast attribute.It should be noted that often propagating a target message can obtain a propagation property, herein Propagation property may include target message content, propagation time, sender's ID and recipient's ID; For example, the propagation property of certain target message M includes the content of target message M, XX XX days 10:00, Sender's ID is A, and recipient's ID is B, then show:Target message M is in XX XX mornings day 10:00 sends to user B from user A.Relation chain signal generating unit 202 is by analyzing the mesh Mark transmission of news attribute can generate the propagation relation chain of the target message, herein, the propagation of target message Relation chain refers to by sequencing group of at least one ID according to the propagation time for propagating the target message Into;For example:If tracking two propagation propertys of target message M, one of propagation property is above-mentioned example Son, another propagation property include the content of target message M, XX XX days 10:25, sender user B is designated, recipient's ID is C;So, the propagation relation chain of target message M can record and be A->B->C.The propagation relation chain of the target message for being generated is transferred to send single by relation chain signal generating unit 202 Unit 203, is sent the propagation relation chain of the target message to strategic server 30 by transmitting element 203.
Step S106-S107 is betided in strategic server 30, specially:Strategy generating unit 301 is connecing After receiving the propagation relation chain of the target message that the transmitting element 203 in Analysis server 20 sends, can be directed to The propagation relation chain of the target message generates security strategy.The security strategy may include:To the target ID in transmission of news relation chain carries out title process, intercepts or shield the biography of the target message The malicious messages propagated by relation chain are broadcast, or to the ID in the propagation relation chain of the target message Corresponding terminal output is reminded.Further, the security strategy is transferred to strategy by strategy generating unit 301 Transmitting element 302, is sent the security strategy to the front-end server 10 by tactful transmitting element 302.
Step S108 is betided in front-end server 10, specially:Performance element 103 is strategically serviced Propagation relation chain of the security strategy that tactful transmitting element 302 in device 30 sends to the target message Perform safety operation.Safety operation herein is guided by operation of security strategy, specifically, if security strategy For:Title process is carried out to the ID in the propagation relation chain of the target message;So performance element 103 instructions according to security strategy to the propagation relation chain of target message in all or part of user mark Knowledge carries out title process.If security strategy is:The propagation relation chain for intercepting or shielding the target message is passed The malicious messages broadcast;So recognition unit 101 once recognizes arbitrary use in the propagation relation chain of target message When the message that the request of family mark is propagated is malicious messages, performance element 103 is directly intercepted or the screen request The message of propagation, is no longer transmitted again to the message that the request is propagated.If security strategy is:To the mesh The corresponding terminal output of ID in mark transmission of news relation chain is reminded;So performance element 103 will The corresponding terminal output of all or part of ID in the propagation relation chain of target message is reminded, to carry The message propagated by the user of awake end side belongs to malicious messages, has violated system regulation.
Fig. 4 is referred to, is the detailed construction schematic diagram of each server in the message handling system shown in Fig. 1-Fig. 2; As shown in fig. 4 a, in front-end server 10, recognition unit 101 may particularly include:Request reception unit 1001, Malice recognition unit 1002 and malice confirmation unit 1003.
In Analysis server 20, tracing unit 201 there may be two kinds of feasible embodiments, and one of which is feasible Embodiment as shown in Figure 4 b, tracing unit 201 may include:Hidden identification determining unit 2001, encryption Processing unit 2002, message returning unit 2003 and propagation property tracing unit 2004.It is another kind of feasible As illustrated in fig. 4 c, tracing unit 201 may include embodiment:Command unit 2011 and propagation property receive single Unit 2012.As shown in figure 4d, in Analysis server 20, relation chain signal generating unit 202 may include:Message solution Analysis unit 2211, record extraction unit 2212 and clustering processing unit 2213.
As shown in fig 4e, in strategic server 30, tactful signal generating unit 301 may include:Propagate monitoring means 3001 and strategy setting unit 3002.
Fig. 5 is referred to, is the flow chart of another kind of message treatment method provided in an embodiment of the present invention;Fig. 5 is detailed Front-end server 10, Analysis server 20 and policy service in the thin message handling system 1 illustrated shown in Fig. 4 The Message Processing flow process for interacting and performing between each unit included respectively by device 30.
Step S201-S204 is betided in front-end server 10, specially:
In step S201, the message that 1001 receiving terminal of request reception unit sends propagates request, described to disappear Breath propagates request includes sender's ID, recipient's ID and target message.Herein, the use Family mark may include but be not limited to:Instant communication number, SNS numbers, e-mail (Electronic Mail, electricity Sub- mail) number, phone number, the device id of terminal etc..The target message can be instant Communication information, SNS message, e-mail etc..The message is propagated request and be may include but be not limited to:IMU The chat request of letter or SNS communications, message share request etc., for example:End side user A requests with it is good Friendly B carries out SNS chats, then request reception unit 1001 can receiving terminal send chat request, its The middle chat messages propagated to user B are target message;Or, end side user A is asked to user C Carry out sharing for instant communication message, then request reception unit 1001 can receiving terminal send share request Etc., wherein the message of sharing propagated to user C is target message.
In step S202, whether malice recognition unit 1002 includes many matchmakers of malice in recognizing the target message At least one in internal appearance, malice content of text, hidden identification, the multimedia include image and/or sound Video.Wherein, malicious messages may include but be not limited to advertisement information, rumour, fake and inferior commodities promote disappear Breath etc., malicious messages are generally configured with malice content of multimedia and/or malice content of text, for example:Comprising business Product picture or promotional price, or include rumor transmission audio frequency and video or content of text etc.;So in practical application, Whether malice recognition unit 1002 can be judged in target message comprising fraud, trick using image recognition technology Etc. the malicious image of property, or, judge in target message, whether include violence using text recognition technique, Advertisement, price, distribution etc. malice content of text, or, judge that target disappears using audio frequency and video technology of identification Whether comprising the audio-video frequency content of the property such as cheating, inveigle, starting a rumour in breath.Further, hidden identification refers to use In the tracking that malicious messages are carried out with propagation property, the labelling of informed source is can show that.So malice is recognized Whether unit 1002 can be judged in target message comprising hiding mark by decryption processing is hidden to target message Know, so as to confirm whether the target message is malicious messages.
In step S203, if malice recognition unit 1002 recognizes target message comprising in malice multimedia At least one in appearance, malice content of text, hidden identification, then malice confirmation unit 1003 then confirms institute Target message is stated for malicious messages.
In step S204, target message is transferred to reporting unit 102 by malice confirmation unit 1003, by reporting Unit 102 reports the target message to Analysis server 20.
Step S205-S212 is betided in Analysis server 20, specially:
In step S205, in order to be tracked to the propagation property of target message, hidden identification determines single Sender's ID can be defined as hidden identification by unit 2001.Herein, hidden identification refers to for right Malicious messages carry out the tracking of propagation property, can show that the labelling of informed source.
In step S206, cryptographic processing unit 2002 can be hidden encryption to the target message, Add the hidden identification for the target message.It should be noted that hidden identification is transparent for user, That is user cannot be directly viewable the hidden identification in target message, need using hiding decryption means The hidden identification can be seen.Hidden identification can be added any to target message by cryptographic processing unit 2002 Position, for example:Picture and text are included in certain target message, then hidden identification can be added into picture, Or add into text;As a example by adding into picture, it is assumed that the picture is a JPG pictures, then please Referring to Fig. 6, it is a schematic diagram of concealed encrypted process provided in an embodiment of the present invention;Shadow part in Fig. 6 It is divided into added hidden identification.Please also refer to Fig. 7, it is concealed encrypted process provided in an embodiment of the present invention Another schematic diagram;Artwork piece shown in Fig. 7 is formed after the concealed encrypted process shown in Fig. 6 is carried out newly The presentation effect of picture, artwork piece and new picture is just the same, but can be seen newly by hiding decryption means Hidden identification in picture.
In step S207, the target message with the hidden identification can be returned by message returning unit 2003 To the front-end server 10, the front-end server 10 is propagated with the hidden identification to recipient user Target message.
In step S208, as target message carries hidden identification, then propagation property tracing unit 2004 The propagation property of the target message is tracked according to the hidden identification.Propagation property herein can Including:May include propagation time, sender's ID and recipient's ID.
Step S205-S208 describes the process of the propagation property for following the trail of target message, by for target message Addition hidden identification, and the propagation category of target message can be obtained by the hidden identification followed the trail of in target message Property.
In step S209, message parsing unit 2211 parses the target message and obtains at least one message spy Levy.Please also refer to Fig. 8, it is the schematic diagram of message communication process provided in an embodiment of the present invention;Such as Fig. 8 institutes Show, target message experiences the biography from upstream user (sender user) to downstream user (recipient user) Process is broadcast, target message may be changed in the process, be described as follows with specific example:Certain target disappears The content of breath is for " weekend send welfare, does not completely newly tear XXX facial films, weekend welfare valency 109 open, and includes Fig. 7 Shown figure ", tracking three propagation propertys includes:1. sender's ID A, recipient user's mark Know B, XX XX days 10:11, target message is for " weekend send welfare, does not completely newly tear XXX facial films open, week Last welfare valency RMB (RMB) 109, and comprising the figure shown in Fig. 7 ".2. sender's ID B, Recipient's ID C, XX XX days 14:21, target message is " completely newly not tear XXX facial films open, week Last welfare valency RMB 109, and comprising the figure shown in Fig. 7 ".3. sender's ID C, recipient are used Family identifies D, XX XX days 17:05, target message is " completely newly not tear XXX facial films, weekend welfare valency open RMB 109, and comprising the figure shown in Fig. 7 ".Thus example understands that target message is repaiied at user B Change.In order to the propagation relation chain for accurately obtaining target message, the most important condition is to determine that above three is passed Broadcast whether attribute belongs to same target message, that is, it needs to be determined that user A, user B, user C are propagated Whether be same target message, can be determined by the characteristic information herein, if that is, between three The characteristic information unanimously then can be identified as same target message;Different target messages are otherwise.Message is parsed Unit 2211 can parse the every target message propagated respectively and obtain at least one the characteristic information, above-mentioned example In son, each target message can obtain the characteristic information and include:XXX facial films, weekend welfare, RMB109, Figure shown in Fig. 7.
In step S210, the biography that extraction unit 2212 extracts the propagation property record of the target message is recorded Between sowing time, sender's ID and recipient's ID.
In step S211, clustering processing unit 2213 according at least one the characteristic information of the target message, Propagation time, sender's ID and recipient's ID carry out clustering processing, obtain the target and disappear The propagation relation chain of breath, the propagation relation chain of the target message is by propagating at least one of the target message ID is constituted according to the sequencing in propagation time.
Clustering processing unit 2213 mainly needs to carry out clustering processing at least one the characteristic information of target message, Its object is to confirm whether propagated target message is same target message.According to exemplified by step S209 Son, as the message that user A, user B, user C are propagated includes identical the characteristic information, thus gathers Class process can be analyzed to identify this three message for same target message, and three for tracking propagation property is belonged to Same target message.Further, propagation property of the clustering processing unit 2213 according to the target message, according to Propagation time sequencing and sender's ID and recipient's ID can obtain the target message Propagation relation chain is A->B->C.
Step S209-S211 describes the process of the propagation relation chain for determining target message, each with reference to what is propagated The characteristic information of individual target message, and follow the trail of the propagation property of the target message for obtaining, cluster analyses Obtain the propagation relation chain of target message.
In step S212, the propagation relation chain of the target message for being generated is transmitted by clustering processing unit 2213 To transmitting element 203, the propagation relation chain of the target message is sent to policy service by transmitting element 203 Device 30.
Step S213-S215 is betided in strategic server 30, specially:
In step S213, propagate monitoring means 3001 and the propagation relation chain of the target message is monitored to malice Transmission of news degree, the propagation degree include:Modification in frequencies of propagation and/or communication process to malicious messages Degree.Wherein, frequencies of propagation refers to the quantity that malicious messages are propagated in preset time period, Ke Yiwei:Pass daily How many malicious messages are broadcast, or propagates weekly how many malicious messages, etc.;Frequencies of propagation is higher to show mesh Mark transmission of news relation chain is more serious to the propagation property of malicious messages, needs the propagation to target message to close Tethers performs more severe security strategy.Modification to malicious messages may include:It is new for malicious messages addition It is interior perhaps delete malicious messages existing content;The modification degree of malicious messages can be wrapped according to weight sequence Include:Existing content that is unmodified, deleting malicious messages, add new content for malicious messages.Malice is disappeared The modification degree of breath is heavier, shows that the propagation relation chain of target message is more serious to the propagation property of malicious messages, The propagation relation chain to target message is needed to perform more severe security strategy.
In step S210, strategy setting unit 3002 arranges security strategy, the peace according to the propagation degree Full strategy includes:Title process is carried out to the ID in the propagation relation chain of the target message, is intercepted Or the malicious messages propagated by the propagation relation chain of the target message are shielded, or to the target message Propagate the corresponding terminal output of the ID in relation chain to remind.In implementing, strategy setting unit 3002 Corresponding relation propagation degree and security strategy between is set according to actual needs can, for example:Divide and pass Degree of broadcasting rank, a propagation degree rank correspond to a kind of security strategy;So, will monitor in step S209 Propagation degree is sorted out to appropriate level, and to arrange which be corresponding security strategy.In addition, strategy setting unit 3002 Can be combined with actual examination & verification needs to arrange security strategy, for example:Strategy setting unit 3002 will can be monitored Propagation degree extremely is exported, then auditor can check the propagation degree of output, and manually arrange safety Strategy.
Step S216 is betided in front-end server 10, specially:Performance element 103 is strategically serviced Propagation relation chain of the security strategy that tactful transmitting element 302 in device 30 sends to the target message Perform safety operation.Safety operation herein is guided by operation of security strategy, specifically, if security strategy For:Title process is carried out to the ID in the propagation relation chain of the target message;So performance element 103 instructions according to security strategy to the propagation relation chain of target message in all or part of user mark Knowledge carries out title process.If security strategy is:The propagation relation chain for intercepting or shielding the target message is passed The malicious messages broadcast;So recognition unit 101 once recognizes arbitrary use in the propagation relation chain of target message When the message that the request of family mark is propagated is malicious messages, performance element 103 is directly intercepted or the screen request The message of propagation, is no longer transmitted again to the message that the request is propagated.If security strategy is:To the mesh The corresponding terminal output of ID in mark transmission of news relation chain is reminded;So performance element 103 will The corresponding terminal output of all or part of ID in the propagation relation chain of target message is reminded, to carry The message propagated by the user of awake end side belongs to malicious messages, has violated system regulation.
Fig. 9 is referred to, is the flow chart of another message treatment method provided in an embodiment of the present invention;Fig. 9 is detailed Front-end server 10, Analysis server 20 and policy service in the thin message handling system 1 illustrated shown in Fig. 4 The Message Processing flow process for interacting and performing between each unit included respectively by device 30.
Step S301-S304 is betided in front-end server, specifically can be found in the step shown in Fig. 5 S201-S204, will not be described here.
Step S305-S310 is betided in Analysis server, specially:
In step S305, command unit 2011 sends trace instruction to the front-end server 10, described to chase after Track is instructed for indicating that the front-end server 10 propagates the target message to recipient user, and feeds back institute State the propagation property of target message.As front-end server 10 carries the function of being propagated to target message, Therefore, the present embodiment can store the target by front-end server 10 after propagating to target message Transmission of news attribute.
In step S306, propagation property receiving unit 2012 receives the described of the feedback of the front-end server 10 The propagation property of target message.The propagation property of the target message of storage is fed back to propagation by front-end server 10 Attribute reception unit 2012.
Step S305-S306 describes the process of the propagation property for following the trail of target message, using front-end server The communication function of 10 pairs of message, is stored the propagation property of target message and is carried out feedback by front-end server 10 and obtained .
Step S307-S310 can be found in step S209-S211 shown in Fig. 5, will not be described here.
Step S311 is betided in front-end server 10, specifically can be found in step S216 shown in Fig. 5, This does not repeat.
By the description of above-described embodiment, in the embodiment of the present invention, by front-end server in communication target message When carry out malice identification to target message, and recognize target message for malicious messages when report to analysis clothes Business device, by Analysis server by following the trail of the propagation property of target message so as to generate propagation relation chain, by plan Slightly server generates security strategy and performs for the propagation relation chain of target message, and whole process is by each service Device interaction is realized, it is to avoid artificial to participate in brought human resourcess' consumption;Meanwhile, held based on relation chain is propagated Row security strategy, effectively improves malice hitting dynamics, lifts Message Processing efficiency, lifts message and propagates Safety.
One of ordinary skill in the art will appreciate that all or part of flow process in realizing above-described embodiment method, Computer program be can be by instruct the hardware of correlation to complete, described program can be stored in a calculating In machine read/write memory medium, the program is upon execution, it may include such as the flow process of the embodiment of above-mentioned each method. Wherein, described storage medium can for magnetic disc, CD, read-only memory (Read-Only Memory, ) or random access memory (Random Access Memory, RAM) etc. ROM.
Above disclosed is only present pre-ferred embodiments, can not limit certainly the present invention's with this Interest field, therefore the equivalent variations made according to the claims in the present invention, still belong to the scope covered by the present invention.

Claims (14)

1. a kind of message treatment method, it is characterised in that include:
Front-end server recognizes whether the target message is malicious messages, if institute in communication target message Target message is stated for malicious messages, the front-end server reports the target message to Analysis server;
The Analysis server follows the trail of the propagation property of the target message, according to the propagation of the target message Attribute generates the propagation relation chain of the target message, and by the propagation relation chain of the target message send to Strategic server;
The strategic server generates security strategy for the propagation relation chain of the target message, and will be described Security strategy is sent to the front-end server, by the front-end server according to the security strategy to described The propagation relation chain of target message performs safety operation.
2. the method for claim 1, it is characterised in that the front-end server disappears in communication target During breath, recognize whether the target message is malicious messages, including:
The message that front-end server receiving terminal sends propagates request, and the message propagates request includes sender ID, recipient's ID and target message;
Whether the front-end server includes malice content of multimedia, malice text in recognizing the target message At least one in content, hidden identification, the multimedia include image and/or audio frequency and video;
If so, the front-end server confirms that the target message is malicious messages.
3. method as claimed in claim 2, it is characterised in that the Analysis server follows the trail of the target Transmission of news attribute, including:
Sender's ID is defined as hidden identification by the Analysis server;
The Analysis server is hidden encryption to the target message, is the target message addition The hidden identification;
Target message with the hidden identification is returned to the front-end server by the Analysis server, So that the front-end server propagates the target message with the hidden identification to recipient user;
The Analysis server is tracked to the propagation property of the target message according to the hidden identification.
4. method as claimed in claim 2, it is characterised in that the Analysis server follows the trail of the target Transmission of news attribute, including:
The Analysis server sends trace instruction to the front-end server, and the trace instruction is used to indicate The front-end server propagates the target message to recipient user, and feeds back the propagation of the target message Attribute;
The Analysis server receives the propagation property of the target message of the front-end server feedback.
5. the method as described in claim 3 or 4, it is characterised in that the Analysis server is according to described The propagation property of target message generates the propagation relation chain of the target message, including:
The Analysis server parses the target message and obtains at least one the characteristic information;
The Analysis server extracts the propagation time of the propagation property record of the target message, sender and uses Family identifies and recipient's ID;
The Analysis server is according at least one the characteristic information of the target message, propagation time, transmission Person's ID and recipient's ID carry out clustering processing, obtain the propagation relation chain of the target message, The propagation relation chain of the target message is by propagating at least one ID of the target message according to propagation The sequencing composition of time.
6. method as claimed in claim 5, it is characterised in that the strategic server is directed to the target Transmission of news relation chain generates security strategy, including:
The strategic server monitors propagation degree of the propagation relation chain of the target message to malicious messages, institute Stating propagation degree includes:Modification degree in frequencies of propagation and/or communication process to malicious messages;
The strategic server arranges security strategy according to the propagation degree, and the security strategy includes:To institute The ID stated in the propagation relation chain of target message carries out title process, intercepts or shields the target and disappear The malicious messages propagated by the propagation relation chain of breath, or to the use in the propagation relation chain of the target message Family identifies corresponding terminal output and reminds.
7. a kind of message handling system, it is characterised in that including front-end server, Analysis server and strategy Server;
The front-end server, in communication target message, recognizing whether the target message is malice Message, if the target message is malicious messages, reports the target message to Analysis server;
The Analysis server, for following the trail of the propagation property of the target message, according to the target message Propagation property generate the propagation relation chain of the target message, and by the propagation relation chain of the target message Send to strategic server;
The strategic server, generates security strategy for the propagation relation chain for the target message, and The security strategy is sent to the front-end server, by the front-end server according to the security strategy Safety operation is performed to the propagation relation chain of the target message.
8. system as claimed in claim 7, it is characterised in that the front-end server includes:
Recognition unit, in communication target message, recognizing whether the target message is malicious messages;
Reporting unit, if being malicious messages for the target message, reports the target to Analysis server Message;
Performance element, the biography for the security strategy that sends according to the strategic server to the target message Broadcast relation chain and perform safety operation.
9. system as claimed in claim 8, it is characterised in that the recognition unit includes:
Request reception unit, propagates request for the message that receiving terminal sends, and the message propagates request bag Include sender's ID, recipient's ID and target message;
Malice recognition unit, for whether recognizing in the target message comprising malice content of multimedia, malice At least one in content of text, hidden identification, the multimedia include image and/or audio frequency and video;
Malice confirmation unit, for if so, confirming that the target message is malicious messages.
10. system as claimed in claim 9, it is characterised in that the Analysis server includes:
Tracing unit, for following the trail of the propagation property of the target message;
Relation chain signal generating unit, for generating the target message according to the propagation property of the target message Propagate relation chain;
Transmitting element, for the propagation relation chain of the target message is sent to strategic server.
11. systems as claimed in claim 10, it is characterised in that the tracing unit includes:
Hidden identification determining unit, for sender's ID is defined as hidden identification;
Cryptographic processing unit, for being hidden encryption to the target message, is the target message Add the hidden identification;
Message returning unit, for the target message with the hidden identification is returned to the front end services Device, so that the front-end server propagates the target message with the hidden identification to recipient user;
Propagation property tracing unit, for being entered to the propagation property of the target message according to the hidden identification Row is followed the trail of;
Or, the tracing unit includes:
Command unit, for sending trace instruction to the front-end server, the trace instruction is used to indicate The front-end server propagates the target message to recipient user, and feeds back the propagation of the target message Attribute;
Propagation property receiving unit, for receiving the propagation of the target message of the front-end server feedback Attribute.
12. systems as described in claim 10 or 11, it is characterised in that the relation chain signal generating unit Including:
Message parsing unit, obtains at least one the characteristic information for parsing the target message;
Record extraction unit, for extracting the propagation time of the propagation property record of the target message, sending Person's ID and recipient's ID;
Clustering processing unit, at least one the characteristic information according to the target message, the propagation time, Sender's ID and recipient's ID carry out clustering processing, and the propagation for obtaining the target message is closed Tethers, the propagation relation chain of the target message are pressed by least one ID for propagating the target message Constitute according to the sequencing in propagation time.
13. systems as claimed in claim 12, it is characterised in that the strategic server includes:
Strategy generating unit, generates security strategy for the propagation relation chain for the target message;
Tactful transmitting element, for the security strategy is sent to the front-end server.
14. systems as claimed in claim 13, it is characterised in that the strategy generating unit includes:
Monitoring means are propagated, for monitoring the propagation degree of the propagation relation chain to malicious messages of the target message, The propagation degree includes:Modification degree in frequencies of propagation and/or communication process to malicious messages;
Strategy setting unit, for arranging security strategy according to the propagation degree, the security strategy includes: Title process is carried out to the ID in the propagation relation chain of the target message, the mesh is intercepted or shield The malicious messages propagated by mark transmission of news relation chain, or in the propagation relation chain of the target message The output of ID corresponding terminal remind.
CN201510570515.XA 2015-09-09 2015-09-09 Message processing method and system Active CN106533893B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510570515.XA CN106533893B (en) 2015-09-09 2015-09-09 Message processing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510570515.XA CN106533893B (en) 2015-09-09 2015-09-09 Message processing method and system

Publications (2)

Publication Number Publication Date
CN106533893A true CN106533893A (en) 2017-03-22
CN106533893B CN106533893B (en) 2020-11-27

Family

ID=58346894

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510570515.XA Active CN106533893B (en) 2015-09-09 2015-09-09 Message processing method and system

Country Status (1)

Country Link
CN (1) CN106533893B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107819750A (en) * 2017-10-27 2018-03-20 北京趣拿软件科技有限公司 Processing method, device, storage medium, processor and the system of request message
CN108737252A (en) * 2018-05-17 2018-11-02 立旃(上海)科技有限公司 Information-pushing method based on block chain and device
CN109104456A (en) * 2018-06-07 2018-12-28 北京本邦科技股份有限公司 A kind of user tracking based on browser fingerprint and propagating statistics analysis method
CN110705364A (en) * 2019-09-06 2020-01-17 武汉美格科技股份有限公司 Malicious advertisement eliminating method and system
CN111339438A (en) * 2020-02-17 2020-06-26 中国平安人寿保险股份有限公司 Friend relation data processing method, server, terminal device and storage medium
CN111447137A (en) * 2020-02-29 2020-07-24 中国平安人寿保险股份有限公司 Browsing condition data analysis method and device, server and storage medium
CN111447081A (en) * 2020-02-29 2020-07-24 中国平安人寿保险股份有限公司 Data chain generation method, device, server and storage medium
CN111800354A (en) * 2019-04-08 2020-10-20 中移(苏州)软件技术有限公司 Message processing method and device, message processing equipment and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801854A (en) * 2004-12-21 2006-07-12 朗迅科技公司 Detection of unwanted messages (spam)
CN101039463A (en) * 2007-04-30 2007-09-19 中兴通讯股份有限公司 System for counting short message transmission based on point-to-point short message and counting method
CN101106748A (en) * 2006-07-11 2008-01-16 华为技术有限公司 A content filtering system, device and method for mobile network
US20080250107A1 (en) * 2007-04-03 2008-10-09 Michael Holzer Instant message archive viewing
CN102387126A (en) * 2010-09-01 2012-03-21 腾讯科技(深圳)有限公司 Method, server, client and system for converging single microblog message
CN103136255A (en) * 2011-11-30 2013-06-05 腾讯科技(深圳)有限公司 Method and device for information management
CN103927398A (en) * 2014-05-07 2014-07-16 中国人民解放军信息工程大学 Microblog hype group discovering method based on maximum frequent item set mining
CN104092598A (en) * 2014-07-03 2014-10-08 厦门欣欣信息有限公司 Message propagation path extraction method and system
CN104182457A (en) * 2014-07-14 2014-12-03 上海交通大学 Poisson-process-model-based method for predicting event popularity in social network
CN104239539A (en) * 2013-09-22 2014-12-24 中科嘉速(北京)并行软件有限公司 Microblog information filtering method based on multi-information fusion

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801854A (en) * 2004-12-21 2006-07-12 朗迅科技公司 Detection of unwanted messages (spam)
CN101106748A (en) * 2006-07-11 2008-01-16 华为技术有限公司 A content filtering system, device and method for mobile network
US20080250107A1 (en) * 2007-04-03 2008-10-09 Michael Holzer Instant message archive viewing
CN101039463A (en) * 2007-04-30 2007-09-19 中兴通讯股份有限公司 System for counting short message transmission based on point-to-point short message and counting method
CN102387126A (en) * 2010-09-01 2012-03-21 腾讯科技(深圳)有限公司 Method, server, client and system for converging single microblog message
CN103136255A (en) * 2011-11-30 2013-06-05 腾讯科技(深圳)有限公司 Method and device for information management
CN104239539A (en) * 2013-09-22 2014-12-24 中科嘉速(北京)并行软件有限公司 Microblog information filtering method based on multi-information fusion
CN103927398A (en) * 2014-05-07 2014-07-16 中国人民解放军信息工程大学 Microblog hype group discovering method based on maximum frequent item set mining
CN104092598A (en) * 2014-07-03 2014-10-08 厦门欣欣信息有限公司 Message propagation path extraction method and system
CN104182457A (en) * 2014-07-14 2014-12-03 上海交通大学 Poisson-process-model-based method for predicting event popularity in social network

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107819750A (en) * 2017-10-27 2018-03-20 北京趣拿软件科技有限公司 Processing method, device, storage medium, processor and the system of request message
CN108737252A (en) * 2018-05-17 2018-11-02 立旃(上海)科技有限公司 Information-pushing method based on block chain and device
CN108737252B (en) * 2018-05-17 2021-02-26 立旃(上海)科技有限公司 Information pushing method and device based on block chain
CN109104456A (en) * 2018-06-07 2018-12-28 北京本邦科技股份有限公司 A kind of user tracking based on browser fingerprint and propagating statistics analysis method
CN111800354A (en) * 2019-04-08 2020-10-20 中移(苏州)软件技术有限公司 Message processing method and device, message processing equipment and storage medium
CN111800354B (en) * 2019-04-08 2022-06-14 中移(苏州)软件技术有限公司 Message processing method and device, message processing equipment and storage medium
CN110705364A (en) * 2019-09-06 2020-01-17 武汉美格科技股份有限公司 Malicious advertisement eliminating method and system
CN110705364B (en) * 2019-09-06 2021-04-30 武汉美格科技股份有限公司 Malicious advertisement eliminating method and system
CN111339438A (en) * 2020-02-17 2020-06-26 中国平安人寿保险股份有限公司 Friend relation data processing method, server, terminal device and storage medium
CN111447137A (en) * 2020-02-29 2020-07-24 中国平安人寿保险股份有限公司 Browsing condition data analysis method and device, server and storage medium
CN111447081A (en) * 2020-02-29 2020-07-24 中国平安人寿保险股份有限公司 Data chain generation method, device, server and storage medium
CN111447081B (en) * 2020-02-29 2023-07-25 中国平安人寿保险股份有限公司 Data link generation method, device, server and storage medium

Also Published As

Publication number Publication date
CN106533893B (en) 2020-11-27

Similar Documents

Publication Publication Date Title
CN106533893A (en) Message processing method and system
Ferrara The history of digital spam
Sahoo et al. Hybrid approach for detection of malicious profiles in twitter
Rawat et al. Applications of social network analysis to managing the investigation of suspicious activities in social media platforms
CN105681309B (en) A kind of information processing method, first terminal, second terminal and server
Huang et al. Quit playing games with my heart: Understanding online dating scams
Choo et al. Future directions in technology-enabled crime: 2007-09
CN105787755A (en) Information processing method, server and first terminal
Kröger et al. Is my phone listening in? On the feasibility and detectability of mobile eavesdropping
JP2019503533A (en) Information processing method, server, and computer storage medium
Akazue et al. Empirical evidence of phishing menace among undergraduate smartphone users in selected universities in Nigeria
CN108270773A (en) A kind of processing system for being used to implement electronics red packet granting
CN106097019A (en) Virtual objects packet transmission method, device and system
CN110322209A (en) Comment information processing method, device, system and storage medium
Gupta et al. Under the shadow of sunshine: Characterizing spam campaigns abusing phone numbers across online social networks
Alzghoul et al. Fraud in Online Classified Ads: Strategies, Risks, and Detection Methods: A Survey
CN104765738B (en) The method and system that the counter of user-generated content is controlled
Jeong et al. The social relation key: A new paradigm for security
Clarke The prospects for consumer-oriented social media
Yue et al. Social media users send promotional links to strangers: legitimate promotion or security vulnerability?
CN108512745A (en) Information dissemination method and system, server and computer readable storage medium
Sonowal et al. Communication channels
Johnson The information superhighway: A worst-case scenario
Bardi et al. Social honeypot for humans: luring people through self-managed Instagram pages
Andrade et al. Machine learning and bots detection on twitter

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant