CN106559394A - Network operation control method and device - Google Patents
Network operation control method and device Download PDFInfo
- Publication number
- CN106559394A CN106559394A CN201510634508.1A CN201510634508A CN106559394A CN 106559394 A CN106559394 A CN 106559394A CN 201510634508 A CN201510634508 A CN 201510634508A CN 106559394 A CN106559394 A CN 106559394A
- Authority
- CN
- China
- Prior art keywords
- biological characteristic
- client
- time
- network operation
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Computer And Data Communications (AREA)
- Telephonic Communication Services (AREA)
- Collating Specific Patterns (AREA)
Abstract
The present invention relates to a kind of network operation control method and device, its method includes:When monitoring that client initiates network operation, the corresponding operation relevant information of the network operation is obtained;Biological characteristic validation operation is issued to client, the biological characteristic that client is returned is obtained;The biological characteristic returned according to client and operation relevant information, are controlled to network operation.The present invention can be according to operation relevant information, and the uniqueness based on biological characteristic, substitute ordinary authentication code to do evil blocking automatic machine, a yard work point cloth not only can be hit manually to operate, and pass through easy Consumer's Experience, the large batch of automation mechanized operation of strike lawless person, effectively prevents automatic machine from breaking through, improves the validity of antagonism.
Description
Technical field
The present invention relates to Internet technical field, more particularly to a kind of network operation control method and device.
Background technology
On the internet, network crime person is currently mainly used automatic machine to complete large-scale crime infringement.
For example the inquiry of automatic machine herd number, automatic machine, automatic machine get preferential etc..
From the point of view of situation at this stage, the mode of the most antagonism automatic machine of industry is usually identifying code,
And hit mode be mostly for IP address, but the ripe development with VPN and distributed artificial beat
The appearance of code, the situation that identifying code is broken just become more and more;And IP has gradually been transformed into one
Plant unlimited resource so that lawless person can be operable to escape strike by a large amount of generation IP,
So as to reduce the validity of antagonism.
The content of the invention
The embodiment of the present invention provides a kind of network operation control method and device, it is intended to effectively prevent automatically
Machine is broken through, and improves the validity of antagonism.
The embodiment of the present invention proposes a kind of network operation control method, including:
When monitoring that client initiates network operation, the related letter of the corresponding operation of the network operation is obtained
Breath, the operation relevant information at least include ID, or also include what the network operation was initiated
Time, positional information and/or type;
Biological characteristic validation operation is issued to the client, the biological characteristic that the client is returned is obtained;
The biological characteristic returned according to the client and the operation relevant information, grasp to the network
It is controlled.
The embodiment of the present invention also proposes a kind of network operation control device, including:
Operation information acquisition module, for when monitoring that client initiates network operation, obtaining the net
Network operates corresponding operation relevant information, user of the operation relevant information at least including the client
Mark, or also include time, positional information and/or type that the network operation is initiated;
Biological characteristic acquisition module, for issuing biological characteristic validation operation to the client, obtains institute
State the biological characteristic of client return;
Operational control module, the biological characteristic and the operation for being returned according to the client are related
Information, is controlled to the network operation.
A kind of network operation control method and device that the embodiment of the present invention is proposed, are monitoring client
When playing network operation, the corresponding operation relevant information of the network operation is obtained;Biology is issued to client
Signature verification is operated, and obtains the biological characteristic that the client is returned;It is special according to the biology that client is returned
Levy and the operation relevant information, network operation is controlled.Wherein, operate the relevant information can be with
Time, positional information and action type initiated including ID, this network operation etc., thus,
Ordinary authentication code can be substituted to block according to relevant information, and the uniqueness based on biological characteristic is operated
Automatic machine is done evil, and not only can hit a yard work point cloth and manually operate, and by easy Consumer's Experience,
The large batch of automation mechanized operation of strike lawless person, effectively prevents automatic machine from breaking through, improves antagonism
Validity.
Description of the drawings
Fig. 1 is the terminal structure schematic diagram of the hardware running environment that embodiment of the present invention scheme is related to;
Fig. 2 is the schematic flow sheet of inventive network method of controlling operation thereof first embodiment;
Fig. 3 is the schematic flow sheet of inventive network method of controlling operation thereof second embodiment;
Fig. 4 is the high-level schematic functional block diagram of inventive network operating control device first embodiment;
Fig. 5 is the high-level schematic functional block diagram of inventive network operating control device second embodiment.
In order that technical scheme is clearer, clear, make further in detail below in conjunction with accompanying drawing
State.
Specific embodiment
It should be appreciated that specific embodiment described herein is not used to limit only to explain the present invention
The fixed present invention.
The primary solutions of the embodiment of the present invention are:When monitoring that client initiates network operation, obtain
Take the corresponding operation relevant information of this network operation;Biological characteristic validation operation is issued to client, is obtained
Take the biological characteristic that the client is returned;The biological characteristic returned according to client and the operation phase
Pass information, is controlled to network operation.Wherein, operate relevant information can include ID, this
Time, positional information and action type that secondary network operation is initiated etc., thus, it is possible to related according to operation
Information, and the uniqueness based on biological characteristic, substitute ordinary authentication code and do evil blocking automatic machine, not only
A yard work point cloth can be hit manually to operate, and by easy Consumer's Experience, lawless person is big for strike
The automation mechanized operation of batch, effectively prevents automatic machine from breaking through, and improves the validity of antagonism.
As shown in figure 1, Fig. 1 is the terminal structure of the hardware running environment that embodiment of the present invention scheme is related to
Schematic diagram.
Embodiment of the present invention terminal can be that PC, or smart mobile phone, panel computer, e-book are read
Read device, MP3 (Moving Picture Experts Group Audio Layer III, dynamic image expert compression
Standard audio aspect 3) player, MP4 (Moving Picture Experts Group Audio Layer IV,
Dynamic image expert's compression standard audio frequency aspect 3) player, pocket computer etc. with display function can
Mobile terminal apparatus.
As shown in figure 1, the terminal can include:Processor 1001, such as CPU, network interface 1004,
User interface 1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is used to realize
Connection communication between these components.User interface 1003 can include that display screen (Display), input are single
First such as keyboard (Keyboard), optional user interface 1003 can also include wireline interface, the nothing of standard
Line interface.Network interface 1004 can optionally include the wireline interface of standard, wave point (such as WI-FI
Interface).Memory 1005 can be high-speed RAM memory, or stable memory
(non-volatile memory), such as magnetic disc store.Memory 1005 optionally can also be independent
In the storage device of aforementioned processor 1001.
Alternatively, mobile terminal can also include that camera, RF (Radio Frequency, radio frequency) are electric
Road, sensor, voicefrequency circuit, WiFi module etc..Wherein, sensor ratio such as optical sensor, motion
Sensor and other sensors.Specifically, optical sensor may include ambient light sensor and be close to sensing
Device, wherein, ambient light sensor can adjust the brightness of display screen according to the light and shade of ambient light, be close to
Sensor can cut out display screen and/or backlight when mobile terminal is moved in one's ear.As motion sensor
One kind, the size of (generally three axles) acceleration in the detectable all directions of Gravity accelerometer,
Size and the direction of gravity is can detect that when static, can be used for the application of identification mobile terminal attitude (such as
Horizontal/vertical screen switching, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer,
Tap) etc.;Certainly, mobile terminal can also configure gyroscope, barometer, hygrometer, thermometer, red
The other sensors such as outside line sensor, will not be described here.
It will be understood by those skilled in the art that the limit of the terminal structure illustrated in Fig. 1 not structure paired terminal
It is fixed, can include than illustrating more or less of part, or combine some parts, or different portions
Part is arranged.
As shown in figure 1, as in a kind of memory 1005 of computer-readable storage medium including operation can be
System, network communication module, Subscriber Interface Module SIM and network operation control application program.
In the terminal shown in Fig. 1, network interface 1004 is mainly used in connecting background server, with backstage
Server enters row data communication;User interface 1003 is mainly used in connecting client (user side), with visitor
Row data communication is entered at family end;And the network that processor 1001 is stored in can be used for calling memory 1005
Operational control application program, and perform following operation:
When monitoring that client initiates network operation, the related letter of the corresponding operation of the network operation is obtained
Breath, ID of the operation relevant information at least including the client, or also include the net
Time, positional information and/or type that network operation is initiated;
Biological characteristic validation operation is issued to the client, the biological characteristic that the client is returned is obtained;
The biological characteristic returned according to the client and the operation relevant information, grasp to the network
It is controlled.
Further, the network operation control that processor 1001 is stored in can calling memory 1005 should
With program, following operation is also performed:
It is described to receive the registration request that client sends before monitoring that client initiates network operation,
And obtain the biological characteristic of client side user;
Identified for user's distributing user according to the registration request, by the ID and the use
The biological characteristic associated storage at family;Or,
The biological characteristic registration request that client sends is received, the biological characteristic registration request includes user
Mark and the biological characteristic of user;
By the biological characteristic associated storage of the ID and the user.
Further, the network operation control that processor 1001 is stored in can calling memory 1005 should
With program, following operation is also performed:
According to the ID, judge that the biological characteristic that the client is returned is not and ID pair
The biological characteristic answered;Or
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation, wherein, the time interval
And the physical distance satisfaction imposes a condition;Or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, wherein, the number of the ID
More than given threshold;
If meeting one or more combination in above-mentioned condition, verify, forbid the network behaviour
Make.
Further, the network operation control that processor 1001 is stored in can calling memory 1005 should
With program, following operation is also performed:
According to the ID, judge that whether biological characteristic that the client returns is and ID
Corresponding biological characteristic;If so, then
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation;If the time interval and institute
State physical distance satisfaction to impose a condition, and/or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, if the number of the ID is more than
Given threshold,
Then verify and do not pass through, forbid the network operation.
Further, the network operation control that processor 1001 is stored in can calling memory 1005 should
With program, following operation is also performed:
Set the time interval and physical distance satisfaction imposes a condition to be less than for the time interval and sets
Determine threshold value, and the physical distance is more than given threshold.
The present embodiment obtains this net by such scheme when monitoring that client initiates network operation
Network operates corresponding operation relevant information;Biological characteristic validation operation is issued to client, the visitor is obtained
The biological characteristic that family end returns;The biological characteristic returned according to client and the operation relevant information,
Network operation is controlled.Wherein, relevant information is operated to include ID, this time network behaviour
Time, positional information and action type that work is initiated etc., thus, it is possible to according to operation relevant information, and
Based on the uniqueness of biological characteristic, substitute ordinary authentication code and do evil blocking automatic machine, not only can hit
Code work point cloth is manually operated, and by easy Consumer's Experience, strike lawless person is large batch of certainly
Dynamicization is operated, and is effectively prevented automatic machine from breaking through, is improve the validity of antagonism.
Based on above-mentioned hardware configuration, the inventive method embodiment is proposed.
As shown in Fig. 2 first embodiment of the invention proposes a kind of network operation control method, including:
Step S101, when monitoring that client initiates network operation, obtains this network operation corresponding
Operation relevant information, ID of the operation relevant information at least including the client;
This embodiment scheme is mainly based upon the uniqueness of biological characteristic, substitutes ordinary authentication code to block certainly
Motivation is done evil, the large batch of automation mechanized operation of strike lawless person, and to prevent automatic machine from breaking through, it is right to improve
Anti- validity.
Terminal obtains the corresponding operation phase of this network operation when monitoring that client initiates network operation
Pass information, ID of the operation relevant information at least including the client, or can also wrap
Include time, positional information and/or type that this network operation is initiated.
The ID of the client, the register account number distributed for user when can be user's registration, or
Can also be information that other can identify specified user, the present embodiment is illustrated with register account number,
Identifying code during registration, when the biological characteristic of collection user is logged in as register account number.Therefore, in registration
In program, can be with associated storage by the biological characteristic of the register account number and the user.Such as can be with one
One correspondence is stored, i.e., a biological characteristic of one account correspondence user;Or, an account correspondence is more
Individual biological characteristic, that is, gather multiple biological characteristics;Or can also be that a biological characteristic has multiple account numbers
Situation.
Thus, the uniqueness based on biological characteristic, substitutes ordinary authentication code and does evil blocking automatic machine, beat
The large batch of automation mechanized operation of lawless person is hit, the validity of antagonism is improved.
In addition, the acquisition of the biological characteristic of ID and user, it is also possible to after client registers, by
Client carries offer by way of biological characteristic registration request, afterwards, by the user's mark for obtaining
Know the biological characteristic associated storage with the user.
Additionally, operation relevant information can also include the client time that this time network operation is initiated, operation
Type and positional information.
Wherein, it is in order to related subsequently through operation to obtain the corresponding operation relevant information of this network operation
The biological characteristic of information and user is controlled to network operation.
Step S102, issues biological characteristic validation operation to the client, obtains the client and returns
Biological characteristic;
In the present embodiment, after monitoring that client initiates network operation, biological spy is issued to client
Verification operation is levied, the biological characteristic that the client is returned is obtained.
Here biological characteristic is included but is not limited only to face, fingerprint, vocal print, iris etc..Due to biology
With uniqueness and the feature that can not be forged, then it is assumed that can replace in the past unlimited with limited latitude
Ip addresses.
When certain network operation of system of users issues checking, terminal system can require which is given birth to
Thing aspect ratio pair, using ID and the relevance of biological characteristic, such that it is able to effectively hit illegal point
The large batch of automation mechanized operation of son, improves the validity of antagonism.
For example, if bad person uses distributed manual verification, the phenomenon detected by system is exactly one
Multiple business of the multiple account numbers of bion correspondence, this is an apparent off-note, based on this
Point just can be effectively intercepted to current operation;If bad person is by illegal record, storage is a large amount of biological
Feature carries out automatic machine breakthrough, then in system side it is found that same bion may be short
There is the physical location change of long range in the time, this point under normal circumstances, and can not possibly be accomplished,
Can equally be hit based on this point.
More specifically, biological characteristic validation operation is issued to client, can such as be scanning user
Facial characteristics, scanning fingerprint etc..
Wherein, the identification to biological characteristics such as facial characteristics, fingerprints can adopt conventional bio-identification skill
Art (Biometric Identification Technology), biological identification technology refer to special using human-body biological
Levying carries out a kind of technology of authentication.
More specifically, biometrics identification technology is exactly by computer and optics, acoustics, biological biography
The high-tech means such as sensor and biostatistics principle is intimately associated, using the intrinsic physiological property of human body and
Behavioural characteristic is carrying out the identification of personal identification.
Biological recognition system is that biological characteristic is sampled, and extracts its unique feature and changes into number
Word code, and further by the feature templates of these code combinations.User with identifying system interact into
During row authentication, identifying system obtain its feature and with data can in feature templates compare, with
Determine whether matching, so as to determining to receive or refusing the user.
In current research with application, living things feature recognition prevailing relationship to computer vision, figure
As processing and pattern-recognition, computer audio, speech processes, multi-sensor technology, virtual reality, meter
Other phases such as calculation machine graphics, visualization technique, CAD, intelligent robot sensory perceptual system
The research of pass.The biological characteristic for having been used for bio-identification has hand, fingerprint, the shape of face, iris, view
Film, pulse, auricle etc..
Step S103, the biological characteristic returned according to the client and the operation relevant information are right
The network operation is controlled.
Specifically, as a kind of embodiment, the operation relevant information includes the user of the client
Mark, the biological characteristic returned according to the client and the operation relevant information, to described
The process that network operation is controlled can include:
According to the ID, judge that whether biological characteristic that the client returns is and ID
Corresponding biological characteristic;Do not pass through if it is not, then verifying, forbid the network operation, wherein network behaviour
Work can such as be:Registration QQ numbers, mailbox, Query Information, the control of authority of certain application, neck
Take preferential, access certain application or website etc., thus, matched by the checking of the biological characteristic of user,
And combine ID, it is possible to achieve the network operation of user is control effectively, so as to effectively prevent
Only automatic machine is broken through, and improves the validity of antagonism.
Used as another embodiment, the operation relevant information can include that the user of the client marks
Time, action type and positional information that knowledge, the network operation are initiated, are returning according to the client
The biological characteristic for returning and the operation relevant information, when being controlled to the network operation, Ke Yikao
Consider one or more combination of following condition, to judge whether to be controlled network operation, that is to say, that
Judgement can be combined to various exceptions, it is also possible to using single exception as Rule of judgment.
Such as, according to ID, judge that the biological characteristic that the client is returned is not and ID
During corresponding biological characteristic;Or
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation, wherein, the time interval
And the physical distance is met when imposing a condition;
Or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same or various action types, wherein, user's mark
When the number of knowledge is more than given threshold;Or,
The time initiated according to the network operation and action type, judge the biological characteristic in pre- timing
The quantity of the interior action type for carrying out is multiple;
One or more combination met in above-mentioned condition can be set, is then verified and is not passed through, be forbidden described
Network operation.
Or adopt following assembled scheme:
According to the ID, judge that whether biological characteristic that the client returns is and ID
Corresponding biological characteristic;If so, then
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation;If the time interval and institute
State physical distance satisfaction to impose a condition, and/or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, if the number of the ID is more than
Given threshold, and/or
The time initiated according to the network operation and action type, judge the biological characteristic in pre- timing
The quantity of the interior action type for carrying out is multiple, then verify and do not pass through, forbid the network operation.
More specifically, as a kind of embodiment, if the operation relevant information includes the client
ID, the time that this time network operation is initiated and positional information, then it is described according to the client
The biological characteristic of return and the operation relevant information, can to the process that the network operation is controlled
To include:
According to the ID, judge whether the biological characteristic that the client is returned is ID pair
The biological characteristic answered;If it is not, the time then initiated according to this network operation and positional information, judge
Initiated between time interval and the two places of operation when last time corresponding with the biological characteristic time of secondary operation
Physical distance, if satisfaction imposes a condition, if the time interval and the physical distance meet setting
Condition, then verify and do not pass through, and forbids the network operation.
Such as, obtaining when time time of operation, with the time interval that the biological characteristic last time initiates operation
And during physical distance, if time interval is less than the aircraft range time of above-mentioned physical distance, judge behaviour
Make the presence of exception, checking does not pass through, and forbids the network operation.
Instantiation is as follows:
Bad person obtains a large amount of biological characteristics using illegal means, and utilizes these feature batch registration account numbers.
Such as, system detectio to biological characteristic A, biological characteristic B, biological characteristic C respectively appear in Shanghai,
Guangxi, Nanjing (bad person escapes strike using VPN), but biological characteristic A, B, C be true owner point
The operation to having account number by oneself was carried out respectively in Shenzhen, Sichuan, Yunnan not before one minute, here system
It finds that an exception:Biological characteristic A, B, C there occurs thousands of kilometers of thing respectively in one minute
Reason displacement, this cannot accomplish under normal circumstances, in order to escape when only bad person usurps biological characteristic
Strike has used the VPN of different provinces and cities.
Therefore, according to actual conditions, it is also possible to the possibility threshold value at setting time interval, if between the time
Every then verifying and not passing through more than given threshold less than given threshold, and the physical distance, forbid described
Network operation.
Or, can also be in the following way:
According to the ID, judge whether the biological characteristic that the client is returned is that ID is closed
The biological characteristic of connection;If so, the time then initiated according to this network operation and positional information, judge to work as
Last time corresponding with the biological characteristic time of secondary operation initiates the time interval and physical distance of operation;
If the time interval and physical distance meet imposing a condition, verify, forbid the network behaviour
Make.
Or, can also be in the following way:
The time initiated according to this network operation and positional information, judge when time time of operation with it is described
The biological characteristic corresponding last time that client is returned initiates the time interval and physical distance of operation;
If the time interval and the physical distance meet imposing a condition, verify, forbid institute
State network operation.
As another embodiment, the operation relevant information include the client ID,
Time and action type that this time network operation is initiated, the biological characteristic returned according to the client
And the operation relevant information, the process that the network operation is controlled can be included:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;If it is not, the time then initiated according to this network operation and action type, obtain
Taking the biological characteristic carries out the number of the corresponding ID of same action type in the given time;
If the number of the ID is more than given threshold, verifies, forbid the network behaviour
Make.
Or, can also be in the following way:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;If so, the time then initiated according to this network operation and action type, obtain
The biological characteristic carries out the number of the corresponding ID of same action type in the given time;
If the number of the ID is more than given threshold, verifies, forbid the network behaviour
Make.
Or, can also be in the following way:
The time initiated according to this network operation and action type, obtain the biology that the client is returned
Feature carries out the number of the corresponding ID of same action type in the given time;
If the number of the ID is more than given threshold, verifies, forbid the network behaviour
Make.
It should be noted that in the time and action type initiated according to network operation, judging network operation
When whether abnormal, it is also possible to be not limited to whether be same action type, can be combined with various action types
Judged.Such as:
In the given time (such as simultaneously), respectively account number B, C, D are carried out using biological characteristic A
Different types of operation, such as logs in QQ using account number B, logs in wechat using account number C, using account
Number D net purchase commodity, and B, C, D account number was never operated by A in history, or, account number B,
Account number C is interrelated with account number D, therefore can be determined that this time operation is not that user operates, can be with
Hit.
Embodiment of the present invention scheme, using biological characteristic, time, account number, action type as checking joint
Latitude, substitutes conventional flat network environment, solves shortcoming of the conventional authentication based on this unlimited resources of IP,
The large batch of automation mechanized operation of bad person is hit by limited biological characteristic;Simultaneously account number is associated with people
Get up, set up strong mapping relations, effectively strike code work point cloth is manually operated.
Also, it should be noted that above-mentioned various embodiments can combine enforcement, such as positional information and behaviour
Judgement, etc. is combined as type, be will not be described here.
The present embodiment obtains this net by such scheme when monitoring that client initiates network operation
Network operates corresponding operation relevant information;Biological characteristic validation operation is issued to client, the visitor is obtained
The biological characteristic that family end returns;The biological characteristic returned according to client and the operation relevant information,
Network operation is controlled.Wherein, relevant information is operated to include ID, this time network behaviour
Time, positional information and action type that work is initiated etc., thus, it is possible to according to operation relevant information, and
Based on the uniqueness of biological characteristic, substitute ordinary authentication code and do evil blocking automatic machine, not only can hit
Code work point cloth is manually operated, and by easy Consumer's Experience, strike lawless person is large batch of certainly
Dynamicization is operated, and is effectively prevented automatic machine from breaking through, is improve the validity of antagonism.
From such scheme, embodiment of the present invention scheme mainly passes through biological characteristic by certain account number
Certain operation and real natural person associate, as biological characteristic can not be copied, therefore can be it
Regard a kind of limited latitude as.
When bad person carries out large-scale automatic machine using limited latitude to be operated, just necessarily occur same
Feature is used multiple times, and this may be employed to hit one of index of black product.If likewise, bad person makes
Distributed manual verification, that is, present code work are used, due to the uniqueness of biological characteristic, code work is in work
The behavior of same bion multi-pass operation difference account number, and this time life of operation necessarily occurs when making
Thing feature is necessarily different from historical record, and this may be employed to hit the two of the index of black product.
It is exemplified below:
Example one:Bad person obtains a large amount of biological characteristics using illegal means, and is noted using these feature batches
Volume account number.Such as, system detectio occurs respectively to biological characteristic A, biological characteristic B, biological characteristic C
In Shanghai, Guangxi, Nanjing (bad person escapes strike using VPN), but biological characteristic A, B, C are true
Real owner carried out the operation to having account number by oneself in Shenzhen, Sichuan, Yunnan respectively before one minute respectively,
Here system is it finds that an exception:Biological characteristic A, B, C there occurs thousands of respectively in one minute
The physical displacement of kilometer, this cannot accomplish under normal circumstances, when only bad person usurps biological characteristic
The VPN of different provinces and cities has been used to escape strike.
Example two:Bad person is carried out to 10000 stolen account numbers by distributed manual verification, that is, code work
Inquiry into balance action, in order to prevent system detectio from asking to generation is a large amount of under identical network environment
And hit.Now system can be found that 1 exception:
Biological characteristic A carries out the operation of same type respectively to account number B, C, D, and B, C, D account
Number always do not operated by A in history, therefore can be determined that this time operation was not that user operates,
Can be hit.
Embodiment of the present invention scheme, using biological characteristic, time, position, account number, action type as testing
Card joint latitude, substitutes conventional flat network environment, and solution conventional authentication is based on IP this unlimited resources
Shortcoming, hits the large batch of automation mechanized operation of bad person by limited biological characteristic;Simultaneously by account number and
People associates, and sets up strong mapping relations, and effectively strike code work point cloth is manually operated.
As shown in figure 3, second embodiment of the invention proposes a kind of network operation control method, based on above-mentioned
Embodiment shown in Fig. 2, in above-mentioned steps S101, before monitoring that client initiates network operation,
Methods described also includes:
Step S90, receives the registration request that client sends, and obtains the biological characteristic of client side user;
Step S100, identifies for user's distributing user according to the registration request, and the user is marked
Know the biological characteristic associated storage with the user;Or, receive the biological characteristic registration that client sends
Request, the biological characteristic registration request include the biological characteristic of ID and user;By the use
Family identifies the biological characteristic associated storage with the user.
Compare above-described embodiment, concrete scheme of the present embodiment also including user's registration flow process.
As it was previously stated, the register account number distributed for user when ID can be user's registration, Huo Zheye
Can be information that other can identify specified user, the present embodiment is illustrated with register account number.
Specifically, user can initiate registration request, client to client according to network operation needs
It is that the user distributes register account number according to the registration request, by the register account number with the user's
Biological characteristic associated storage.A life of the account correspondence user of storage, i.e., can such as be corresponded
Thing feature;Or, an account corresponds to multiple biological characteristics, that is, gather multiple biological characteristics;Or also
It can be situation that a biological characteristic has multiple account numbers.
By purpose of the register account number with the biological characteristic associated storage of the user it is:Record one
The biological characteristic of account number most original, for detecting that later stage account number is produced during other biological individual operations
It is abnormal;Batch operation behavior in terms of strike registration, it is to avoid same biological characteristic registers a large amount of account numbers.
Additionally, as another embodiment, can be, after the client registers, receiving client
The biological characteristic registration request of transmission, the biological characteristic registration request include the life of ID and user
Thing feature, and by the biological characteristic associated storage of the ID and the user.
Here biological characteristic is included but is not limited only to face, fingerprint, vocal print, iris etc..Due to biology
With uniqueness and the feature that can not be forged, then it is assumed that can replace in the past unlimited with limited latitude
Ip addresses.
When certain network operation of system of users issues checking, terminal system can require which is given birth to
Thing aspect ratio pair, using ID and the relevance of biological characteristic, such that it is able to effectively hit illegal point
The large batch of automation mechanized operation of son, improves the validity of antagonism.
For example, if bad person uses distributed manual verification, the phenomenon detected by system is exactly one
Multiple business of the multiple account numbers of bion correspondence, this is an apparent off-note, based on this
Point just can be effectively intercepted to current operation;If bad person is by illegal record, storage is a large amount of biological
Feature carries out automatic machine breakthrough, then in system side it is found that same bion may be short
There is the physical location change of long range in the time, this point under normal circumstances, and can not possibly be accomplished,
Can equally be hit based on this point.
Accordingly, propose inventive network operating control device embodiment.
As shown in figure 4, first embodiment of the invention proposes a kind of network operation control device, including:Behaviour
Make data obtaining module 201, biological characteristic acquisition module 202 and operational control module 203, wherein:
Operation information acquisition module 201, for when monitoring that client initiates network operation, obtaining this time
The corresponding operation relevant information of network operation, use of the operation relevant information at least including the client
Family identifies;
Biological characteristic acquisition module 202, for issuing biological characteristic validation operation to the client, obtains
The biological characteristic that the client is returned;
Operational control module 203, for the biological characteristic that returned according to the client and the operation phase
Pass information, is controlled to the network operation.
Specifically, this embodiment scheme is mainly based upon the uniqueness of biological characteristic, substitutes ordinary authentication code
Do evil to block automatic machine, the large batch of automation mechanized operation of strike lawless person, to prevent automatic machine from breaking through,
Improve the validity of antagonism.
Terminal obtains the corresponding operation phase of this network operation when monitoring that client initiates network operation
Pass information, ID of the operation relevant information at least including the client, or can also wrap
Include time, positional information and/or type that this network operation is initiated.
The ID of the client, the register account number distributed for user when can be user's registration, or
Can also be information that other can identify specified user, the present embodiment is illustrated with register account number,
Identifying code during registration, when the biological characteristic of collection user is logged in as register account number.Therefore, in registration
In program, can be with associated storage by the biological characteristic of the register account number and the user.Such as can be with one
One correspondence is stored, i.e., a biological characteristic of one account correspondence user;Or, an account correspondence is more
Individual biological characteristic, that is, gather multiple biological characteristics;Or can also be that a biological characteristic has multiple account numbers
Situation.
Thus, the uniqueness based on biological characteristic, substitutes ordinary authentication code and does evil blocking automatic machine, beat
The large batch of automation mechanized operation of lawless person is hit, the validity of antagonism is improved.
Additionally, operation relevant information can also include the client time that this time network operation is initiated, operation
Type and positional information.
Wherein, it is in order to related subsequently through operation to obtain the corresponding operation relevant information of this network operation
The biological characteristic of information and user is controlled to network operation.
In the present embodiment, after monitoring that client initiates network operation, biological spy is issued to client
Verification operation is levied, the biological characteristic that the client is returned is obtained.
Here biological characteristic is included but is not limited only to face, fingerprint, vocal print, iris etc..Due to biology
With uniqueness and the feature that can not be forged, then it is assumed that can replace in the past unlimited with limited latitude
Ip addresses.
When certain network operation of system of users issues checking, terminal system can require which is given birth to
Thing aspect ratio pair, using ID and the relevance of biological characteristic, such that it is able to effectively hit illegal point
The large batch of automation mechanized operation of son, improves the validity of antagonism.
For example, if bad person uses distributed manual verification, the phenomenon detected by system is exactly one
Multiple business of the multiple account numbers of bion correspondence, this is an apparent off-note, based on this
Point just can be effectively intercepted to current operation;If bad person is by illegal record, storage is a large amount of biological
Feature carries out automatic machine breakthrough, then in system side it is found that same bion may be short
There is the physical location change of long range in the time, this point under normal circumstances, and can not possibly be accomplished,
Can equally be hit based on this point.
More specifically, biological characteristic validation operation is issued to client, can such as be scanning user
Facial characteristics, scanning fingerprint etc..
Wherein, the identification to biological characteristics such as facial characteristics, fingerprints can adopt conventional bio-identification skill
Art (Biometric Identification Technology), biological identification technology refer to special using human-body biological
Levying carries out a kind of technology of authentication.
More specifically, biometrics identification technology is exactly by computer and optics, acoustics, biological biography
The high-tech means such as sensor and biostatistics principle is intimately associated, using the intrinsic physiological property of human body and
Behavioural characteristic is carrying out the identification of personal identification.
Biological recognition system is that biological characteristic is sampled, and extracts its unique feature and changes into number
Word code, and further by the feature templates of these code combinations.User with identifying system interact into
During row authentication, identifying system obtain its feature and with data can in feature templates compare, with
Determine whether matching, so as to determining to receive or refusing the user.
In current research with application, living things feature recognition prevailing relationship to computer vision, figure
As processing and pattern-recognition, computer audio, speech processes, multi-sensor technology, virtual reality, meter
Other phases such as calculation machine graphics, visualization technique, CAD, intelligent robot sensory perceptual system
The research of pass.The biological characteristic for having been used for bio-identification has hand, fingerprint, the shape of face, iris, view
Film, pulse, auricle etc..
Afterwards, the biological characteristic for being returned according to the client and the operation relevant information, to described
Network operation is controlled.
Specifically, as a kind of embodiment, the operation relevant information includes the user of the client
Mark, the biological characteristic returned according to the client and the operation relevant information, to described
The process that network operation is controlled can include:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;Do not pass through if it is not, then verifying, forbid the network operation, wherein network behaviour
Work can such as be:Registration QQ numbers, mailbox, Query Information, the control of authority of certain application, neck
Take preferential, access certain application or website etc., thus, matched by the checking of the biological characteristic of user,
And combine ID, it is possible to achieve the network operation of user is control effectively, so as to effectively prevent
Only automatic machine is broken through, and improves the validity of antagonism.
Used as another embodiment, the operation relevant information can include that the user of the client marks
Time, action type and positional information that knowledge, the network operation are initiated, are returning according to the client
The biological characteristic for returning and the operation relevant information, when being controlled to the network operation, Ke Yikao
Consider one or more combination of following condition, to judge whether to be controlled network operation, that is to say, that
Judgement can be combined to various exceptions, it is also possible to using single exception as Rule of judgment.
Such as, according to ID, judge that the biological characteristic that the client is returned is not and ID
During corresponding biological characteristic;Or
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation, wherein, the time interval
And the physical distance is met when imposing a condition;
Or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same or various action types, wherein, user's mark
When the number of knowledge is more than given threshold;Or,
The time initiated according to the network operation and action type, judge the biological characteristic in pre- timing
The quantity of the interior action type for carrying out is multiple;
One or more combination met in above-mentioned condition can be set, is then verified and is not passed through, be forbidden described
Network operation.
Or adopt following assembled scheme:
According to the ID, judge that whether biological characteristic that the client returns is and ID
Corresponding biological characteristic;If so, then
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation;If the time interval and institute
State physical distance satisfaction to impose a condition, and/or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, if the number of the ID is more than
Given threshold, and/or
The time initiated according to the network operation and action type, judge the biological characteristic in pre- timing
The quantity of the interior action type for carrying out is multiple, then verify and do not pass through, forbid the network operation.
More specifically,
As a kind of embodiment, if the operation relevant information include the client ID,
Time and positional information that this time network operation is initiated, then the biology according to client return is special
Levy and the operation relevant information, the process that the network operation is controlled can be included:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;If it is not, the time then initiated according to this network operation and positional information, sentence
It is disconnected when time last time corresponding with the biological characteristic time of operation initiate the time interval of operation and two places it
Between physical distance whether meet and impose a condition, if the time interval and the physical distance meet setting
Condition, then verify and do not pass through, and forbids the network operation.
Such as, obtaining when time time of operation, with the time interval that the biological characteristic last time initiates operation
And during physical distance, if time interval is less than the aircraft range time of above-mentioned physical distance, judge behaviour
Make the presence of exception, checking does not pass through, and forbids the network operation.
Instantiation is as follows:
Bad person obtains a large amount of biological characteristics using illegal means, and utilizes these feature batch registration account numbers.
Such as, system detectio to biological characteristic A, biological characteristic B, biological characteristic C respectively appear in Shanghai,
Guangxi, Nanjing (bad person escapes strike using VPN), but biological characteristic A, B, C be true owner point
The operation to having account number by oneself was carried out respectively in Shenzhen, Sichuan, Yunnan not before one minute, here system
It finds that an exception:Biological characteristic A, B, C there occurs thousands of kilometers of thing respectively in one minute
Reason displacement, this cannot accomplish under normal circumstances, in order to escape when only bad person usurps biological characteristic
Strike has used the VPN of different provinces and cities.
Therefore, according to actual conditions, it is also possible to the possibility threshold value at setting time interval, if between the time
Every then verifying and not passing through more than given threshold less than given threshold, and the physical distance, forbid described
Network operation.
Or, can also be in the following way:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;If so, the time then initiated according to this network operation and positional information, judge
When corresponding with biological characteristic last time time of secondary operation initiate the time interval and physics of operation away from
From;If the time interval and the physical distance meet imposing a condition, verify, forbid institute
State network operation.
Or, can also be in the following way:
The time initiated according to this network operation and positional information, judge when time time of operation with it is described
The biological characteristic corresponding last time that client is returned initiates the time interval and physical distance of operation;
If the time interval and the physical distance meet imposing a condition, verify, forbid institute
State network operation.
As another embodiment, the operation relevant information include the client ID,
Time and action type that this time network operation is initiated, the biological characteristic returned according to the client
And the operation relevant information, the process that the network operation is controlled can be included:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;If it is not, the time then initiated according to this network operation and action type, obtain
Taking the biological characteristic carries out the number of the corresponding ID of same action type in the given time;
If the number of the ID is more than given threshold, verifies, forbid the network behaviour
Make.
Or, can also be in the following way:
According to the ID, judge that whether biological characteristic that the client returns is and ID
The biological characteristic of association;If so, the time then initiated according to this network operation and action type, obtain
The biological characteristic carries out the number of the corresponding ID of same action type in the given time;
If the number of the ID is more than given threshold, verifies, forbid the network behaviour
Make.
Or, can also be in the following way:
The time initiated according to this network operation and action type, obtain the biology that the client is returned
Feature carries out the number of the corresponding ID of same action type in the given time;
If the number of the ID is more than given threshold, verifies, forbid the network behaviour
Make.
It should be noted that in the time and action type initiated according to network operation, judging network operation
When whether abnormal, it is also possible to be not limited to whether be same action type, can be combined with various action types
Judged.Such as:
In the given time (such as simultaneously), respectively account number B, C, D are carried out using biological characteristic A
Different types of operation, such as logs in QQ using account number B, logs in wechat using account number C, using account
Number D net purchase commodity, and B, C, D account number was never operated by A in history, or, account number B,
Account number C is interrelated with account number D, therefore can be determined that this time operation is not that user operates, can be with
Hit.
Embodiment of the present invention scheme, using biological characteristic, time, account number, action type as checking joint
Latitude, substitutes conventional flat network environment, solves shortcoming of the conventional authentication based on this unlimited resources of IP,
The large batch of automation mechanized operation of bad person is hit by limited biological characteristic;Simultaneously account number is associated with people
Get up, set up strong mapping relations, effectively strike code work point cloth is manually operated.
Also, it should be noted that above-mentioned various embodiments can combine enforcement, such as positional information and behaviour
Judgement, etc. is combined as type, be will not be described here.
The present embodiment obtains this net by such scheme when monitoring that client initiates network operation
Network operates corresponding operation relevant information;Biological characteristic validation operation is issued to client, the visitor is obtained
The biological characteristic that family end returns;The biological characteristic returned according to client and the operation relevant information,
Network operation is controlled.Wherein, relevant information is operated to include ID, this time network behaviour
Time, positional information and action type that work is initiated etc., thus, it is possible to according to operation relevant information, and
Based on the uniqueness of biological characteristic, substitute ordinary authentication code and do evil blocking automatic machine, not only can hit
Code work point cloth is manually operated, and by easy Consumer's Experience, strike lawless person is large batch of certainly
Dynamicization is operated, and is effectively prevented automatic machine from breaking through, is improve the validity of antagonism.
From such scheme, embodiment of the present invention scheme mainly passes through biological characteristic by certain account number
Certain operation and real natural person associate, as biological characteristic can not be copied, therefore can be it
Regard a kind of limited latitude as.
When bad person carries out large-scale automatic machine using limited latitude to be operated, just necessarily occur same
Feature is used multiple times, and this may be employed to hit one of index of black product.If likewise, bad person makes
Distributed manual verification, that is, present code work are used, due to the uniqueness of biological characteristic, code work is in work
The behavior of same bion multi-pass operation difference account number, and this time life of operation necessarily occurs when making
Thing feature is necessarily different from historical record, and this may be employed to hit the two of the index of black product.
It is exemplified below:
Example one:Bad person obtains a large amount of biological characteristics using illegal means, and is noted using these feature batches
Volume account number.Such as, system detectio occurs respectively to biological characteristic A, biological characteristic B, biological characteristic C
In Shanghai, Guangxi, Nanjing (bad person escapes strike using VPN), but biological characteristic A, B, C are true
Real owner carried out the operation to having account number by oneself in Shenzhen, Sichuan, Yunnan respectively before one minute respectively,
Here system is it finds that an exception:Biological characteristic A, B, C there occurs thousands of respectively in one minute
The physical displacement of kilometer, this cannot accomplish under normal circumstances, when only bad person usurps biological characteristic
The VPN of different provinces and cities has been used to escape strike.
Example two:Bad person is carried out to 10000 stolen account numbers by distributed manual verification, that is, code work
Inquiry into balance action, in order to prevent system detectio from asking to generation is a large amount of under identical network environment
And hit.Now system can be found that 1 exception:
Biological characteristic A carries out the operation of same type respectively to account number B, C, D, and B, C, D account
Number always do not operated by A in history, therefore can be determined that this time operation was not that user operates,
Can be hit.
Embodiment of the present invention scheme, using biological characteristic, time, position, account number, action type as testing
Card joint latitude, substitutes conventional flat network environment, and solution conventional authentication is based on IP this unlimited resources
Shortcoming, hits the large batch of automation mechanized operation of bad person by limited biological characteristic;Simultaneously by account number and
People associates, and sets up strong mapping relations, and effectively strike code work point cloth is manually operated.
As shown in figure 5, second embodiment of the invention proposes a kind of network operation control device, based on above-mentioned
Embodiment shown in Fig. 4, the device also include:
Registering modules 200, for receiving the registration request of client transmission, and obtain client side user
Biological characteristic;According to the registration request be user's distributing user mark, by the ID with
The biological characteristic associated storage of the user;Or, the biological characteristic registration request that client sends is received,
The biological characteristic registration request includes the biological characteristic of ID and user;By the ID
With the biological characteristic associated storage of the user.
Compare above-described embodiment, concrete scheme of the present embodiment also including user's registration flow process.
As it was previously stated, the register account number distributed for user when ID can be user's registration, Huo Zheye
Can be information that other can identify specified user, the present embodiment is illustrated with register account number.
Specifically, user can initiate registration request, client to client according to network operation needs
It is that the user distributes a register account number according to the registration request, by the register account number and the user
Biological characteristic associated storage.One of the account correspondence user of storage, i.e., can such as be corresponded
Biological characteristic;Or, an account corresponds to multiple biological characteristics, that is, gather multiple biological characteristics;Or
Can also be that a biological characteristic has the situation of multiple account numbers.
By purpose of the register account number with the biological characteristic associated storage of the user it is:Record one
The biological characteristic of account number most original, for detecting that later stage account number is produced during other biological individual operations
It is abnormal;Batch operation behavior in terms of strike registration, it is to avoid same biological characteristic registers a large amount of account numbers.
Additionally, as another embodiment, can be, after the client registers, receiving client
The biological characteristic registration request of transmission, the biological characteristic registration request include the life of ID and user
Thing feature, and by the biological characteristic associated storage of the ID and the user.
Here biological characteristic is included but is not limited only to face, fingerprint, vocal print, iris etc..Due to biology
With uniqueness and the feature that can not be forged, then it is assumed that can replace in the past unlimited with limited latitude
Ip addresses.
When certain network operation of system of users issues checking, terminal system can require which is given birth to
Thing aspect ratio pair, using ID and the relevance of biological characteristic, such that it is able to effectively hit illegal point
The large batch of automation mechanized operation of son, improves the validity of antagonism.
For example, if bad person uses distributed manual verification, the phenomenon detected by system is exactly one
Multiple business of the multiple account numbers of bion correspondence, this is an apparent off-note, based on this
Point just can be effectively intercepted to current operation;If bad person is by illegal record, storage is a large amount of biological
Feature carries out automatic machine breakthrough, then in system side it is found that same bion may be short
There is the physical location change of long range in the time, this point under normal circumstances, and can not possibly be accomplished,
Can equally be hit based on this point.
Also, it should be noted that herein, term " including ", "comprising" or its any other change
Body is intended to including for nonexcludability, so that a series of process, method, article including key elements
Or device not only includes those key elements, but also including other key elements being not expressly set out, or
Also include the key element intrinsic for this process, method, article or device.In no more restrictions
In the case of, the key element limited by sentence "including a ...", it is not excluded that in the mistake including the key element
Also there is other identical element in journey, method, article or device.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-mentioned
Embodiment method can add the mode of required general hardware platform to realize by software, naturally it is also possible to logical
Cross hardware, but the former is more preferably embodiment in many cases.It is based on such understanding, of the invention
The part that technical scheme is substantially contributed to prior art in other words can in the form of software product body
Reveal and, the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disc, light
Disk) in, use so that a station terminal equipment including some instructions (can be mobile phone, computer, service
Device, or the network equipment etc.) perform method described in each embodiment of the invention.
The preferred embodiments of the present invention are the foregoing is only, the scope of the claims of the present invention is not thereby limited,
Equivalent structure that every utilization description of the invention and accompanying drawing content are made or flow process conversion, or directly or
Connect and be used in other related technical fields, be included within the scope of the present invention.
Claims (10)
1. a kind of network operation control method, it is characterised in that include:
When monitoring that client initiates network operation, the related letter of the corresponding operation of the network operation is obtained
Breath, the operation relevant information at least include ID, or also include what the network operation was initiated
Time, positional information and/or type;
Biological characteristic validation is issued to the client, the biological characteristic that the client is returned is obtained;
The biological characteristic returned according to the client and the operation relevant information, grasp to the network
It is controlled.
2. method according to claim 1, it is characterised in that described to monitor that client initiates
Before network operation, methods described also includes:
The registration request that client sends is received, and obtains the biological characteristic of client side user;
Identified for user's distributing user according to the registration request, by the ID and the use
The biological characteristic associated storage at family;
Or, receive the biological characteristic registration request that client sends, the biological characteristic registration request bag
Include the biological characteristic of ID and user;
By the biological characteristic associated storage of the ID and the user.
3. method according to claim 1, it is characterised in that described to be returned according to the client
Biological characteristic and the operation relevant information, include the step of be controlled to the network operation:
According to the ID, judge that the biological characteristic that the client is returned is not and ID pair
The biological characteristic answered;Or
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation, wherein, the time interval
And the physical distance satisfaction imposes a condition;Or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, wherein, the number of the ID
More than given threshold;
If meeting one or more combination in above-mentioned condition, verify, forbid the network behaviour
Make.
4. method according to claim 1, it is characterised in that described to be returned according to the client
Biological characteristic and the operation relevant information, include the step of be controlled to the network operation:
According to the ID, judge that whether biological characteristic that the client returns is and ID
Corresponding biological characteristic;If so, then
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation;If the time interval and institute
State physical distance satisfaction to impose a condition, and/or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, if the number of the ID is more than
Given threshold,
Then verify and do not pass through, forbid the network operation.
5. the method according to claim 3 or 4, it is characterised in that the time interval and described
Physical distance satisfaction imposes a condition and is more than less than given threshold, and the physical distance for the time interval
Given threshold.
6. a kind of network operation control device, it is characterised in that include:
Operation information acquisition module, for when monitoring that client initiates network operation, obtaining the net
Network operates corresponding operation relevant information, and the operation relevant information at least includes ID, or goes back
Time, positional information and/or the type initiated including the network operation;
Biological characteristic acquisition module, for issuing biological characteristic validation operation to the client, obtains institute
State the biological characteristic of client return;
Operational control module, the biological characteristic and the operation for being returned according to the client are related
Information, is controlled to the network operation.
7. device according to claim 6, it is characterised in that described device also includes:
Registration relating module, for receiving the registration request of client transmission, and obtains client side user
Biological characteristic;Identified for user's distributing user according to the registration request, by the ID
With the biological characteristic associated storage of the user;Or, the biological characteristic registration for receiving client transmission please
Ask, the biological characteristic registration request includes the biological characteristic of ID and user;By the user
Identify the biological characteristic associated storage with the user.
8. device according to claim 6, it is characterised in that
The operational control module, is additionally operable to according to the ID, judges what the client was returned
Biological characteristic is not biological characteristic corresponding with ID;Or
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation, wherein, the time interval
And the physical distance meets predetermined condition;Or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same or various action types, wherein, user's mark
The number of knowledge is more than given threshold;
If meeting one or more combination in above-mentioned condition, verify, forbid the network behaviour
Make.
9. device according to claim 6, it is characterised in that
The operational control module, is additionally operable to according to the ID, judges what the client was returned
Whether biological characteristic is biological characteristic corresponding with ID;If so, then
According to the network operation initiate time and positional information, judge when time operation time with it is described
Biological characteristic corresponding last time initiates the time interval and physical distance of operation;If the time interval and institute
State physical distance satisfaction to impose a condition, and/or
The time initiated according to the network operation and action type, obtain the biological characteristic in pre- timing
The interior number for carrying out the corresponding ID of same action type, if the number of the ID is more than
Given threshold,
Then verify and do not pass through, forbid the network operation.
10. device according to claim 8 or claim 9, it is characterised in that the time interval and institute
It is that the time interval is less than given threshold to state physical distance satisfaction and impose a condition, and the physical distance is big
In given threshold.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510634508.1A CN106559394B (en) | 2015-09-29 | 2015-09-29 | Network operation control method and device |
| PCT/CN2016/083987 WO2017054482A1 (en) | 2015-09-29 | 2016-05-31 | Method and apparatus for controlling network operation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510634508.1A CN106559394B (en) | 2015-09-29 | 2015-09-29 | Network operation control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106559394A true CN106559394A (en) | 2017-04-05 |
| CN106559394B CN106559394B (en) | 2020-08-11 |
Family
ID=58415909
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510634508.1A Active CN106559394B (en) | 2015-09-29 | 2015-09-29 | Network operation control method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106559394B (en) |
| WO (1) | WO2017054482A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107094146A (en) * | 2017-05-05 | 2017-08-25 | 北京图凌科技有限公司 | A kind of processing method of peration data, terminal and service end |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070209014A1 (en) * | 2006-01-11 | 2007-09-06 | Youssef Youmtoub | Method and apparatus for secure data input |
| CN101272237A (en) * | 2008-04-22 | 2008-09-24 | 北京飞天诚信科技有限公司 | Method and system for automatically generating and filling login information |
| CN103686729A (en) * | 2013-12-05 | 2014-03-26 | 王美金 | Mobile banking authentication method and system for performing self-help registration through identity card |
| CN103856470A (en) * | 2012-12-06 | 2014-06-11 | 腾讯科技(深圳)有限公司 | Distributed denial of service attack detection method and device |
| CN103886238A (en) * | 2014-03-28 | 2014-06-25 | 上海云享科技有限公司 | Account login method and device based on palm prints |
| CN103957506A (en) * | 2014-05-06 | 2014-07-30 | 重庆邮电大学 | Mobile phone antitheft tracking system and method based on IMSI detection and face identification |
| US20140270404A1 (en) * | 2013-03-15 | 2014-09-18 | Eyelock, Inc. | Efficient prevention of fraud |
| CN104518876A (en) * | 2013-09-29 | 2015-04-15 | 腾讯科技(深圳)有限公司 | Service login method and device |
| CN104836781A (en) * | 2014-02-20 | 2015-08-12 | 腾讯科技(北京)有限公司 | Method distinguishing identities of access users, and device |
| CN104901801A (en) * | 2014-03-06 | 2015-09-09 | 腾讯科技(深圳)有限公司 | Method and device for verifying identity |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104618348B (en) * | 2015-01-12 | 2019-10-22 | 中国科学院信息工程研究所 | A kind of method of adversary procedure automation batch illegal act |
-
2015
- 2015-09-29 CN CN201510634508.1A patent/CN106559394B/en active Active
-
2016
- 2016-05-31 WO PCT/CN2016/083987 patent/WO2017054482A1/en active Application Filing
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070209014A1 (en) * | 2006-01-11 | 2007-09-06 | Youssef Youmtoub | Method and apparatus for secure data input |
| CN101272237A (en) * | 2008-04-22 | 2008-09-24 | 北京飞天诚信科技有限公司 | Method and system for automatically generating and filling login information |
| CN103856470A (en) * | 2012-12-06 | 2014-06-11 | 腾讯科技(深圳)有限公司 | Distributed denial of service attack detection method and device |
| US20140270404A1 (en) * | 2013-03-15 | 2014-09-18 | Eyelock, Inc. | Efficient prevention of fraud |
| CN104518876A (en) * | 2013-09-29 | 2015-04-15 | 腾讯科技(深圳)有限公司 | Service login method and device |
| CN103686729A (en) * | 2013-12-05 | 2014-03-26 | 王美金 | Mobile banking authentication method and system for performing self-help registration through identity card |
| CN104836781A (en) * | 2014-02-20 | 2015-08-12 | 腾讯科技(北京)有限公司 | Method distinguishing identities of access users, and device |
| CN104901801A (en) * | 2014-03-06 | 2015-09-09 | 腾讯科技(深圳)有限公司 | Method and device for verifying identity |
| CN103886238A (en) * | 2014-03-28 | 2014-06-25 | 上海云享科技有限公司 | Account login method and device based on palm prints |
| CN103957506A (en) * | 2014-05-06 | 2014-07-30 | 重庆邮电大学 | Mobile phone antitheft tracking system and method based on IMSI detection and face identification |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107094146A (en) * | 2017-05-05 | 2017-08-25 | 北京图凌科技有限公司 | A kind of processing method of peration data, terminal and service end |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106559394B (en) | 2020-08-11 |
| WO2017054482A1 (en) | 2017-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111612168B (en) | Management method and related device for machine learning task | |
| CN107122641B (en) | Intelligent equipment owner identification method and intelligent equipment owner identification device based on use habit | |
| CN103703463B (en) | Contact details are fetched based on image identification search | |
| CN104836781B (en) | Distinguish the method and device for accessing user identity | |
| CN105637522B (en) | Access control is driven using the world of trusted certificate | |
| CN109063977B (en) | Non-inductive transaction risk monitoring method and device | |
| CN109886290A (en) | Detection method, device, computer equipment and the storage medium of user's request | |
| CN107871011A (en) | Image processing method, device, mobile terminal and computer-readable recording medium | |
| CN110472504A (en) | A kind of method and apparatus of recognition of face | |
| CN108629170A (en) | Personal identification method and corresponding device, mobile terminal | |
| CN107370770A (en) | Login method, apparatus and system | |
| CN107911340A (en) | Login validation method, device, equipment and the storage medium of application program | |
| CN109831459A (en) | Method, apparatus, storage medium and the terminal device of secure access | |
| CN108282453A (en) | Internet of things reading device, safe access method and control center equipment | |
| CN110120928A (en) | A kind of identity authentication method, device, server and computer-readable medium | |
| EP4248341A1 (en) | Method and apparatus for user recognition | |
| CN112699354A (en) | User authority management method and terminal equipment | |
| CN110457601A (en) | The recognition methods and device of social account, storage medium and electronic device | |
| CN111814181B (en) | System authority authorization method and device, electronic equipment and storage medium | |
| CN106559394A (en) | Network operation control method and device | |
| CN116959059A (en) | Living body detection method, living body detection device and storage medium | |
| CN116983660A (en) | Image processing method and related device | |
| CN113360908A (en) | Data processing method, violation recognition model training method and related equipment | |
| KR102177392B1 (en) | User authentication system and method based on context data | |
| CN107679460B (en) | Face self-learning method, intelligent terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |