CN109600361A - Identifying code anti-attack method and device based on hash algorithm - Google Patents

Identifying code anti-attack method and device based on hash algorithm Download PDF

Info

Publication number
CN109600361A
CN109600361A CN201811418992.4A CN201811418992A CN109600361A CN 109600361 A CN109600361 A CN 109600361A CN 201811418992 A CN201811418992 A CN 201811418992A CN 109600361 A CN109600361 A CN 109600361A
Authority
CN
China
Prior art keywords
user
target
target user
solicited message
identifying code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811418992.4A
Other languages
Chinese (zh)
Other versions
CN109600361B (en
Inventor
雷炳盛
陈国庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Summit Network Technology Co Ltd
Original Assignee
Wuhan Summit Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Summit Network Technology Co Ltd filed Critical Wuhan Summit Network Technology Co Ltd
Priority to CN201811418992.4A priority Critical patent/CN109600361B/en
Publication of CN109600361A publication Critical patent/CN109600361A/en
Application granted granted Critical
Publication of CN109600361B publication Critical patent/CN109600361B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The embodiment of the present invention provides a kind of identifying code anti-attack method and device based on hash algorithm, which comprises in a preset proving period, obtains the checking solicited message of target user;If judging, the classification for knowing the target user to be closed user, abandons the checking solicited message of the target user.Identifying code anti-attack method and device provided in an embodiment of the present invention based on hash algorithm, it is analyzed based on track data of the hash algorithm to user, so that it is determined that the classification of user, identifying code is attacked so as to effectively prevent the malicious user from passing through a large amount of normal trace data, improves the reliability and safety of identifying code.

Description

Identifying code anti-attack method and device based on hash algorithm
Technical field
The present embodiments relate to field of information security technology more particularly to a kind of identifying code based on hash algorithm to prevent attacking Hit method and device.
Background technique
With the rapid development of network, WWW becomes the carrier of bulk information, how to efficiently extract and use these Information becomes a huge challenge.To solve the above-mentioned problems, orientation crawl related web page resource focused crawler meet the tendency of and It is raw.But the web crawlers of malice will seriously be damaged by the interests of attacker, resulted even in and paralysed by attacker.
In the prior art, slidable puzzle identifying code is generallyd use to identify being that people is executing login or access operation, still Computer program (crawler) or robot are executing, to improve safety, prevent by malicious attack.Specifically, it is stepping on Display one includes the picture in sliding block and shadow region in record interface, and as slidable puzzle identifying code, sliding block is from original picture A part of picture plucked out according to preset shape, shadow region are to add the region that shade is formed, shadow region in the part plucked out Shape and the shape of sliding block fit like a glove, interfered in picture validation code generating process using picture background, the position in shadow region Set random, the technologies such as picture inverse increase identification difficulty.In verification process, user is needed to identify the operation instruction in interface Information, and sliding block is slided into shadow region, it is overlapped sliding block and shadow region as far as possible, sliding block when system identification goes out user's release slider Position and shadow region position within the scope of tolerance, could pass through verifying, complete register.
But sliding behavior is easier to obtain, and one section of track can be slided with true operation, under this section of track record Come, cracker can successfully complete behavior by resetting these track datas in batches with a certain amount of track record of true glide Verifying, even changes track data on a small quantity or plus noise to expand track data sample improves the success of attack Rate causes the reliability of slidable puzzle identifying code and safety low, larger by attack cost.
Summary of the invention
A kind of overcome the above problem the purpose of the embodiment of the present invention is that providing or at least be partially solved the above problem Identifying code anti-attack method and device based on hash algorithm.
In order to solve the above-mentioned technical problem, on the one hand, the embodiment of the present invention provides a kind of identifying code based on hash algorithm Anti-attack method, comprising:
In a preset proving period, the checking solicited message of target user is obtained;
If judging, the classification for knowing the target user to be closed user, abandons the checking request of the target user Information.
On the other hand, the embodiment of the present invention provides a kind of identifying code attack protection device based on hash algorithm, comprising:
Module is obtained, for obtaining the checking solicited message of target user in a preset proving period;
Authentication module, if for judging that the classification for knowing the target user to be closed user, abandons the target The checking solicited message of user.
In another aspect, the embodiment of the present invention provides a kind of electronic equipment, comprising:
Memory and processor, the processor and the memory complete mutual communication by bus;It is described to deposit Reservoir is stored with the program instruction that can be executed by the processor, and it is above-mentioned that the processor calls described program instruction to be able to carry out Method.
Another aspect, the embodiment of the present invention provide a kind of non-transient computer readable storage medium, are stored thereon with calculating Machine program realizes above-mentioned method when the computer program is executed by processor.
Identifying code anti-attack method and device provided in an embodiment of the present invention based on hash algorithm is based on hash algorithm pair The track data of user is analyzed, so that it is determined that the classification of user, a large amount of so as to effectively prevent malicious user from passing through Normal trace data attack identifying code, improve the reliability and safety of identifying code.
Detailed description of the invention
Fig. 1 is the identifying code anti-attack method schematic diagram provided in an embodiment of the present invention based on hash algorithm;
Fig. 2 is the distribution histogram of the characteristic value of track data provided in an embodiment of the present invention;
Fig. 3 is the identifying code attack protection schematic device provided in an embodiment of the present invention based on hash algorithm;
Fig. 4 is the structural schematic diagram of electronic equipment provided in an embodiment of the present invention.
Specific embodiment
In order to keep the purposes, technical schemes and advantages of the embodiment of the present invention clearer, implement below in conjunction with the present invention Attached drawing in example, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment It is a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiment of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Fig. 1 is the identifying code anti-attack method schematic diagram provided in an embodiment of the present invention based on hash algorithm, such as Fig. 1 institute Show, the embodiment of the present invention provides a kind of identifying code anti-attack method based on hash algorithm, and executing subject is to be calculated based on Hash The identifying code attack protection device (hereinafter referred to as " attack protection device ") of method, this method comprises:
Step S101, in a preset proving period, the checking solicited message of target user is obtained;
If step S102, judging, the classification for knowing the target user to be closed user, abandons the target user Checking solicited message.
Specifically, with slidable puzzle identifying code, sliding block is to scheme from original picture according to a part that preset shape plucks out Piece, shadow region are to add the region that shade is formed in the part plucked out, and the shape in shadow region and the shape of sliding block fit like a glove, It is interfered in picture validation code generating process using picture background, the position in shadow region is random, and the technologies such as picture inverse increase Identify difficulty.In verification process, user is needed to identify the operation instruction information in interface, and sliding block is slided into shadow region, It is overlapped sliding block and shadow region as far as possible, the position of the position and shadow region of sliding block is being allowed when system identification goes out user's release slider Error range in, could pass through verifying, complete register.
In a preset proving period, firstly, the checking solicited message of target user is obtained, in checking solicited message The ID of user can be carried, the track data of user's input can also be carried, in order to identify user's according to the ID of user Identity judges whether the user is malicious attack user according to the track data of the accumulative input of same user.Preset verifying week The length of phase, can according to the actual situation depending on, for example, being set as 4 days.
If knowing that the classification of target user is to be closed user by judgement, then directly abandoning the verifying of target user Solicited message prevents to play the role of closing the target user by target user's malicious attack.
If knowing that the classification of target user is normal users, then from the checking solicited message of target user by judgement In parse track data, track data is verified.
For example, obtaining the checking solicited message of user A, if the classification of the user is the user closed, directly will The checking solicited message of the user A received abandons, and prevents by user's A malicious attack.
Identifying code anti-attack method provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
On the basis of the above embodiments, further, further includes:
The ID of the target user is parsed from the checking solicited message of the target user;
If the ID of the target user is present in target database, the classification of the target user is to be closed use Family;
If the ID of the target user is not present in the target database, the classification of the target user is positive common Family.
Specifically, it after the checking solicited message for obtaining target user, needs to know the type of the target user Not.The specific method is as follows:
Firstly, parsing the ID of the target user from the checking solicited message of the target user.
Then, the User ID stored in the ID of the target user and target database is matched, if target user ID be present in target database, then the classification of target user be closed user.
If the ID of target user is not present in target database, the classification of the target user is normal users.
For example, obtaining the checking solicited message of user A, the ID that user A is parsed from the checking solicited message of user A is 123456。
Then, the User ID stored in the ID123456 of the user A and target database is matched, if ID123456 is present in target database, then the classification of user A is to be closed user.If be not present in target database ID123456, then the classification of user A is normal users.
Identifying code anti-attack method provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
On the basis of the above various embodiments, further, several User ID, institute are stored in the target database Stating the User ID stored in target database is add manually and/or automatic addition.
Specifically, several User ID are previously stored in target database, the user stored in the target database ID can be added by manually mode, can also be added by way of detecting automatically.
For example, with 4 days for a proving period, if the ID of user A is added to target data by manually form Library, then when receiving the checking solicited message of user A for the first time, the checking solicited message of user A will be dropped.
If the ID of user A is added to target database by automatic form, the use before receiving several times When the checking solicited message of family A, the checking solicited message of user A will be not dropped, but not recorded, be used for analyzing Whether family A is malicious user, if identifying that the user A is malicious user, in the checking request for receiving user A next time When information, the checking solicited message of user A will be dropped.
Identifying code anti-attack method provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
On the basis of the above various embodiments, further, the step of User ID is added in Xiang Suoshu target database automatically It is rapid as follows:
In a preset proving period, the checking solicited message of the first user is obtained;
If judging to know the classification of the target user as normal users, from the checking solicited message of first user In parse the first track data;
Calculate the cryptographic Hash of first track data;
If the cryptographic Hash that checking solicited message of continuous first preset quantity time based on first user is calculated is equal It is identical, then the ID of first user is added in the target database.
Specifically, if the ID of user is added to target database by automatic form, if before receiving When doing the checking solicited message of secondary user, the checking solicited message of user will be not dropped, but not recorded, be used for Analyze whether user is malicious user, if identifying that the user is malicious user, in the verifying for receiving user next time When solicited message, the checking solicited message of user will be dropped.
Judge whether user is that the specific method is as follows for malicious user according to the trace information of user:
Firstly, obtaining the checking solicited message of the first user.The ID of first user is extracted from checking solicited message.
The User ID stored in the ID of first user and target database is matched, if in target database not There are the ID of the first user, then the classification of first user is normal users, then from the checking solicited message of first user Parse the first track data.
According to preset hash algorithm, the cryptographic Hash of the first track data is calculated, and records the cryptographic Hash.
If the cryptographic Hash that checking solicited message of continuous first preset quantity time based on first user is calculated is homogeneous Together, then the ID of the first user is added in the target database.In practical applications, the first preset quantity can be according to reality Depending on the situation of border.
For example, after the checking solicited message for obtaining user B for the first time, believing from checking request with 4 days for a proving period The ID of user B is extracted in breath, for example, ID is 654321.
Then, the User ID stored in the ID654321 of the user B and target database is matched, at this point, target In database and not stored ID654321, identify that the classification of the user B is normal users, then believe from the checking request of the user B The first track data is parsed in breath.
According to preset hash algorithm, the cryptographic Hash of the first track data is calculated, and records the cryptographic Hash.
If the cryptographic Hash that the checking solicited message twice in succession based on the user B is calculated is all the same, by the user B ID654321 be added in target database.
After the checking solicited message for receiving user B for the third time, the checking solicited message of user B will be dropped.To Avoid the malicious attack of user B.
Identifying code anti-attack method provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
On the basis of the above various embodiments, further, the cryptographic Hash for calculating first track data, specifically Include:
Using preset Feature Selection Model, the second preset quantity characteristic value in first track data is extracted;
According to the preset feature cut-off of each characteristic value, the encoded radio of each characteristic value is obtained;
The encoded radio of all characteristic values is combined according to the number order of characteristic value, obtains first track data Cryptographic Hash.
Specifically, calculating the cryptographic Hash of track data, the specific method is as follows:
Firstly, extracting the second preset quantity characteristic value in the first track data using preset Feature Selection Model. The occurrence of second preset quantity can according to the actual situation depending on.
Then, according to the preset feature cut-off of each characteristic value, the encoded radio of each characteristic value is obtained.Each feature The quantity of the feature cut-off of value can also according to the actual situation depending on.The quantity of characteristic value and the quantity of feature cut-off are more, Requirement to computing capability is higher.
Finally, the encoded radio of all characteristic values is combined according to the number order of characteristic value, the first track number is obtained According to cryptographic Hash.
For example, preset Feature Selection Model extracts 16 from the track data A that the checking solicited message of user B parses A characteristic value is numbered from 1-16.
The cut-off for the characteristic value that number is 1 is 5,10 and 15, this three cut-offs by number be 1 characteristic value value Range is divided into four sections, this four sections be respectively [- ∞, 5], [5,10], [10,15] and [15 ,+∞], for this four It is 00,01,10 and 11 that the encoded radio in a section, which respectively corresponds,.
If the characteristic value that number is 1 is 8, it can determine that characteristic value that the number is 1 is corresponding and be encoded to 01.
In the same manner, the encoded radio of 16 characteristic values is obtained, then, according to the number order of characteristic value, will be compiled Value combinations get up, and the cryptographic Hash of track data A can be obtained.
Identifying code anti-attack method provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
On the basis of the above various embodiments, further, the feature cut-off is the spy according to several positive samples The distribution histogram of value indicative obtains.
Specifically, the positive sample of a large amount of track data, such as 1,000,000 are acquired.Utilize preset feature extraction mould Type extracts 16 characteristic values from each positive sample respectively.
And it is directed to each characteristic value, draw the distribution histogram of characteristic value.
Fig. 2 is the distribution histogram of the characteristic value of track data provided in an embodiment of the present invention, as shown in Fig. 2, number is 1 The envelope of distribution histogram of characteristic value meet normal distribution, according to sample point equiprobability, (theoretically drop point site is distribution It is uniform) the mode cutting characteristic value that falls in each minizone, the cut-off that the characteristic value that number is 1 can be obtained is 5,10 With 15, that is, the value range that number is 1 characteristic value is divided into four sections by this three cut-offs, this four section difference For [- ∞, 5], [5,10], [10,15] and [15 ,+∞], the probability that the characteristic value that number is 1 falls into each section is 0.25.
Identifying code anti-attack method provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
Fig. 3 is the identifying code attack protection schematic device provided in an embodiment of the present invention based on hash algorithm, such as Fig. 3 institute Show, the embodiment of the present invention provides a kind of identifying code attack protection device based on hash algorithm, for executing any of the above-described embodiment Described in method, specifically include and obtain module 301 and authentication module 302, in which:
It obtains module 301 to be used in a preset proving period, obtains the checking solicited message of target user;Verifying If module 302 is for judging that the classification for knowing the target user to be closed user, abandons the verifying of the target user Solicited message.
Specifically, with slidable puzzle identifying code, sliding block is to scheme from original picture according to a part that preset shape plucks out Piece, shadow region are to add the region that shade is formed in the part plucked out, and the shape in shadow region and the shape of sliding block fit like a glove, It is interfered in picture validation code generating process using picture background, the position in shadow region is random, and the technologies such as picture inverse increase Identify difficulty.In verification process, user is needed to identify the operation instruction information in interface, and sliding block is slided into shadow region, It is overlapped sliding block and shadow region as far as possible, the position of the position and shadow region of sliding block is being allowed when system identification goes out user's release slider Error range in, could pass through verifying, complete register.
In a preset proving period, firstly, obtaining the checking request letter of target user by obtaining module 301 Breath can carry the ID of user in checking solicited message, can also carry the track data of user's input, in order to according to The identity of the ID identification user at family judges whether the user is that malicious attack is used according to the track data of the accumulative input of same user Family.The length of preset proving period, can according to the actual situation depending on, for example, being set as 4 days.
If knowing that the classification of target user is to be closed user by judging by authentication module 302, then directly abandoning The checking solicited message of target user prevents to play the role of closing the target user by target user's malicious attack.
If knowing that the classification of target user is normal users, then from the checking solicited message of target user by judgement In parse track data, track data is verified.
For example, obtaining the checking solicited message of user A, if the classification of the user is the user closed, directly will The checking solicited message of the user A received abandons, and prevents by user's A malicious attack.
The embodiment of the present invention provides a kind of identifying code attack protection device based on hash algorithm, for executing any of the above-described reality Method described in example is applied, the device provided through this embodiment executes the specific step of above-mentioned a certain method as described in the examples Suddenly identical as above-mentioned corresponding embodiment, details are not described herein again.
Identifying code attack protection device provided in an embodiment of the present invention based on hash algorithm, based on hash algorithm to user's Track data is analyzed, so that it is determined that the classification of user, a large amount of normal so as to effectively prevent malicious user from passing through Track data attacks identifying code, improves the reliability and safety of identifying code.
Fig. 4 is the structural schematic diagram of electronic equipment provided in an embodiment of the present invention, as shown in figure 4, the equipment includes: place Manage device 401, memory 402 and bus 403;
Wherein, processor 401 and memory 402 complete mutual communication by the bus 403;
Processor 401 is used to call the program instruction in memory 402, to execute provided by above-mentioned each method embodiment Method, for example,
In a preset proving period, the checking solicited message of target user is obtained;
If judging, the classification for knowing the target user to be closed user, abandons the checking request of the target user Information.
The embodiment of the present invention provides a kind of computer program product, and the computer program product is non-transient including being stored in Computer program on computer readable storage medium, the computer program include program instruction, when described program instructs quilt When computer executes, computer is able to carry out method provided by above-mentioned each method embodiment, for example,
In a preset proving period, the checking solicited message of target user is obtained;
If judging, the classification for knowing the target user to be closed user, abandons the checking request of the target user Information.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage Medium storing computer instruction, the computer instruction make the computer execute side provided by above-mentioned each method embodiment Method, for example,
In a preset proving period, the checking solicited message of target user is obtained;
If judging, the classification for knowing the target user to be closed user, abandons the checking request of the target user Information.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above method embodiment can pass through The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer readable storage medium, the program When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes: ROM, RAM, magnetic disk or light The various media that can store program code such as disk.
The embodiments such as device and equipment described above are only schematical, wherein described be used as separate part description Unit may or may not be physically separated, component shown as a unit may or may not be Physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to the actual needs Some or all of the modules therein is selected to achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying In the case where creative labor, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features; And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and Range.

Claims (9)

1. a kind of identifying code anti-attack method based on hash algorithm characterized by comprising
In a preset proving period, the checking solicited message of target user is obtained;
If judging, the classification for knowing the target user to be closed user, abandons the checking request letter of the target user Breath.
2. the method according to claim 1, wherein further include:
The ID of the target user is parsed from the checking solicited message of the target user;
If the ID of the target user is present in target database, the classification of the target user is to be closed user;
If the ID of the target user is not present in the target database, the classification of the target user is normal users.
3. according to the method described in claim 2, it is characterized in that, be stored with several User ID in the target database, The User ID stored in the target database is add manually and/or automatic addition.
4. according to the method described in claim 3, it is characterized in that, adding the step of User ID automatically into the target database It is rapid as follows:
In a preset proving period, the checking solicited message of the first user is obtained;
If judging to know, the classification of the target user as normal users, is solved from the checking solicited message of first user The first track data is precipitated;
Calculate the cryptographic Hash of first track data;
If the cryptographic Hash that checking solicited message of continuous first preset quantity time based on first user is calculated is all the same, Then the ID of first user is added in the target database.
5. according to the method described in claim 4, it is characterized in that, the cryptographic Hash for calculating first track data, tool Body includes:
Using preset Feature Selection Model, the second preset quantity characteristic value in first track data is extracted;
According to the preset feature cut-off of each characteristic value, the encoded radio of each characteristic value is obtained;
The encoded radio of all characteristic values is combined according to the number order of characteristic value, obtains the Kazakhstan of first track data Uncommon value.
6. according to the method described in claim 5, it is characterized in that, the feature cut-off is the spy according to several positive samples The distribution histogram of value indicative obtains.
7. a kind of identifying code attack protection device based on hash algorithm characterized by comprising
Module is obtained, for obtaining the checking solicited message of target user in a preset proving period;
Authentication module, if for judging that the classification for knowing the target user to be closed user, abandons the target user Checking solicited message.
8. a kind of electronic equipment characterized by comprising
Memory and processor, the processor and the memory complete mutual communication by bus;The memory It is stored with the program instruction that can be executed by the processor, the processor calls described program instruction to be able to carry out right such as and wants Seek 1 to 6 any method.
9. a kind of non-transient computer readable storage medium, is stored thereon with computer program, which is characterized in that when the calculating When machine program is executed by processor, the method as described in claim 1 to 6 is any is realized.
CN201811418992.4A 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium Active CN109600361B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811418992.4A CN109600361B (en) 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811418992.4A CN109600361B (en) 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium

Publications (2)

Publication Number Publication Date
CN109600361A true CN109600361A (en) 2019-04-09
CN109600361B CN109600361B (en) 2021-05-04

Family

ID=65959637

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811418992.4A Active CN109600361B (en) 2018-11-26 2018-11-26 Hash algorithm-based verification code anti-attack method and device, electronic equipment and non-transitory computer readable storage medium

Country Status (1)

Country Link
CN (1) CN109600361B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110795706A (en) * 2019-10-22 2020-02-14 武汉极意网络科技有限公司 Hash-based verification method, equipment, storage medium and device
CN113782213A (en) * 2021-08-25 2021-12-10 东软集团股份有限公司 Patient track storage method and device based on block chain, storage medium and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106470204A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 User identification method based on request behavior characteristicss, device, equipment and system
CN107679374A (en) * 2017-08-23 2018-02-09 北京三快在线科技有限公司 A kind of man-machine recognition methods and device based on sliding trace, electronic equipment
GB2555384A (en) * 2016-10-21 2018-05-02 F Secure Corp Preventing phishing attacks
CN108229130A (en) * 2018-01-30 2018-06-29 ***股份有限公司 A kind of verification method and device
CN108287989A (en) * 2018-01-18 2018-07-17 北京科技大学 A kind of man-machine recognition methods of sliding identifying code based on track

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106470204A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 User identification method based on request behavior characteristicss, device, equipment and system
GB2555384A (en) * 2016-10-21 2018-05-02 F Secure Corp Preventing phishing attacks
CN107679374A (en) * 2017-08-23 2018-02-09 北京三快在线科技有限公司 A kind of man-machine recognition methods and device based on sliding trace, electronic equipment
CN108287989A (en) * 2018-01-18 2018-07-17 北京科技大学 A kind of man-machine recognition methods of sliding identifying code based on track
CN108229130A (en) * 2018-01-30 2018-06-29 ***股份有限公司 A kind of verification method and device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110795706A (en) * 2019-10-22 2020-02-14 武汉极意网络科技有限公司 Hash-based verification method, equipment, storage medium and device
CN113782213A (en) * 2021-08-25 2021-12-10 东软集团股份有限公司 Patient track storage method and device based on block chain, storage medium and electronic equipment
CN113782213B (en) * 2021-08-25 2023-11-07 东软集团股份有限公司 Patient track storage method and device based on blockchain, storage medium and electronic equipment

Also Published As

Publication number Publication date
CN109600361B (en) 2021-05-04

Similar Documents

Publication Publication Date Title
JP6609047B2 (en) Method and device for application information risk management
RU2635275C1 (en) System and method of identifying user's suspicious activity in user's interaction with various banking services
CN109271780A (en) Method, system and the computer-readable medium of machine learning malware detection model
CN110442712B (en) Risk determination method, risk determination device, server and text examination system
CN106326737B (en) System and method for detecting the harmful file that can be executed on virtual stack machine
CN103593609B (en) Trustworthy behavior recognition method and device
CN108521405B (en) Risk control method and device and storage medium
US10373135B2 (en) System and method for performing secure online banking transactions
EP3750275B1 (en) Method and apparatus for identity authentication, server and computer readable medium
CN104021467A (en) Method and device for protecting payment security of mobile terminal and mobile terminal
CN104836781A (en) Method distinguishing identities of access users, and device
CN109684072A (en) The system and method for being used to detect the computing resource of malicious file based on machine learning model management
CN109413047B (en) Behavior simulation judgment method, behavior simulation judgment system, server and storage medium
CN111683084A (en) Intelligent contract intrusion detection method and device, terminal equipment and storage medium
CN108234454B (en) Identity authentication method, server and client device
CN109600361A (en) Identifying code anti-attack method and device based on hash algorithm
CN104486306A (en) Method for identity authentication based on finger vein recognition and cloud service
Das et al. Smartphone fingerprinting via motion sensors: Analyzing feasibility at large-scale and studying real usage patterns
Abi Din et al. Boxer: Preventing fraud by scanning credit cards
CN105138894B (en) A kind of identifying code safety defense method, system and device
CN113364766A (en) APT attack detection method and device
CN112910905A (en) Security verification method and device
CN113420276B (en) Risk determination method and device based on verification code, electronic equipment and storage medium
KR101748116B1 (en) Smishing blocking appatatus on cloud mobile environments
Dalpini Cybercrime Protection in E-Commerce During the COVID-19 Pandemic

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant