CN110213281A - Safety protecting method and device - Google Patents
Safety protecting method and device Download PDFInfo
- Publication number
- CN110213281A CN110213281A CN201910498942.XA CN201910498942A CN110213281A CN 110213281 A CN110213281 A CN 110213281A CN 201910498942 A CN201910498942 A CN 201910498942A CN 110213281 A CN110213281 A CN 110213281A
- Authority
- CN
- China
- Prior art keywords
- client
- information
- risk
- user
- risk class
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention provides a kind of safety protecting method and device, it is related to internet security field, this method carries out risk class division by the use information to client, and corresponding security protection scheme is pushed according to the result of grade classification, due to the difference of the use information of client, the corresponding user of client is divided into different grades, different security protection schemes is pushed to the user of the client of different grades, pass through the difficulty of verifying to increase to forge verification information or forge user information, and then enhances the safety of Internet service.
Description
Technical field
This application involves internet security fields, in particular to a kind of safety protecting method and device.
Background technique
It is also higher and higher to the safety requirements of internet with the development of Internet service, in the prior art, to client
And the method that user is verified is to complete to verify by the verification informations such as user information and picture, text, short message.
But the prior art is used, improper user can be obtained normal by forging verification information or user information
The permission of user causes the safety of Internet service low.
Summary of the invention
The purpose of the application is, provides a kind of safety protecting method and device, improper in the prior art for solving
User can obtain the permission of normal users by forging verification information or user information, lead to the safety of Internet service
The low problem of property.
To achieve the above object, technical solution used by the embodiment of the present application is as follows:
In a first aspect, the embodiment of the present application provides a kind of safety protecting method, this method comprises:
Obtain the use information of client, wherein use information includes: the end message of client, environmental information, operation
Information and network path information;
Risk class division is carried out according to user of each single item information in use information to client;
The corresponding security protection scheme of risk class is pushed to the user of client according to risk class.
Optionally, the step of risk class division being carried out according to user of the use information to client, comprising:
The corresponding assessment result of user for obtaining client according to use information;
If the corresponding risk class of the user of client is divided into calm by assessment result less than the first default risk threshold value
Dangerous rank;
If assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, by client
The corresponding risk class of user is divided into low-risk rank;
If assessment result is more than or equal to the second default risk threshold value, the corresponding risk class of the user of client is divided into
High risk rank.
Optionally, the step of user for client being obtained according to use information corresponding assessment result, comprising:
End message, the environmental information, the historical information of operation information and network path information of client are obtained respectively;
According to historical information respectively to the end message of the client of use information, environmental information, operation information and network
Path information scores;
According to preset algorithm, the scoring of the end message of client, the scoring of environmental information, the scoring of operation information and net
The corresponding score value of client assessment result is calculated in the scoring of network path information.
Optionally, the step of the corresponding security protection scheme of risk class is pushed to the user of client according to risk class
Suddenly, comprising:
When risk class is devoid of risk rank, corresponding response message directly is pushed to the user of client;
When risk class is low-risk rank, to client push identifying code protectiving scheme, wherein identifying code protection side
Case includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message verification code and language
At least one of sound identifying code;
When risk class is high risk rank, to client push protectiving scheme, wherein client push protectiving scheme
It include: to intercept use information and/or honey jar safety approach.
Optionally, before the use information step for obtaining client, further includes:
Obtain service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to
Security protection scheme.
Second aspect, the embodiment of the present application provide a kind of safety device, which includes: to obtain module, divide mould
Block and pushing module;
Obtain module, for obtaining the use information of client, wherein use information include: client end message,
Environmental information, operation information and network path information;
Division module is drawn for carrying out risk class according to user of each single item information in use information to client
Point;
Pushing module, for pushing the corresponding security protection side of risk class to the user of client according to risk class
Case.
Optionally, division module, specifically for the corresponding assessment result of user for obtaining client according to use information;If
Assessment result is divided into devoid of risk rank less than the first default risk threshold value, by the corresponding risk class of the user of client;If
Assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, and the user of client is corresponding
Risk class is divided into low-risk rank;If assessment result is more than or equal to the second default risk threshold value, by the user couple of client
The risk class answered is divided into high risk rank.
Optionally, division module is also used to obtain end message, environmental information, operation information and the net of client respectively
The historical information of network path information;According to historical information respectively to the end message of the client of use information, environmental information, behaviour
Make information and network path information scores;It is commented according to preset algorithm, the scoring of the end message of client, environmental information
Divide, the corresponding score value of client assessment result is calculated in the scoring of operation information and the scoring of network path information.
Optionally, pushing module is specifically used for directly pushing away to the user of client when risk class is devoid of risk rank
Send corresponding response message;When risk class is low-risk rank, to client push identifying code protectiving scheme, wherein test
Card code protectiving scheme includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message
At least one of identifying code and speech identifying code;When risk class is high risk rank, to client push protectiving scheme,
In, client push protectiving scheme includes: to intercept use information and/or honey jar safety approach.
Optionally, which further includes acquisition request module;Acquisition request module, for obtaining service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to
Security protection scheme.
The third aspect, the embodiment of the present application provide a kind of electronic equipment, and the computer including being stored with computer program can
Storage medium and processor are read, when computer program is read out by the processor and runs, realizes method described in above-mentioned first aspect.
Fourth aspect, the embodiment of the present application provide a kind of computer readable storage medium, on computer readable storage medium
It is stored with computer program, when computer program is read out by the processor and runs, realizes method described in above-mentioned first aspect.
The beneficial effect of the application is: the method for the embodiment of the present application carries out risk etc. by the use information to client
Grade divides, and pushes corresponding security protection scheme according to the result of grade classification, due to the difference of the use information of client,
The corresponding user of client is divided into different grades, it is anti-to push different safety to the user of the client of different grades
Shield scheme forges verification information or forges user information by the difficulty of verifying, and then enhances internet industry to increase
The safety of business.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Fig. 1 is a kind of security protection system schematic diagram that one embodiment of the application provides;
Fig. 2 is a kind of flow diagram for safety protecting method that one embodiment of the application provides;
Fig. 3 is the flow diagram for another safety protecting method that one embodiment of the application provides;
Fig. 4 is a kind of module diagram for safety device that one embodiment of the application provides;
Fig. 5 is the module diagram for another safety device that one embodiment of the application provides;
Fig. 6 is the functional block diagram of a kind of electronic equipment provided by the disclosure.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application
In attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is
Some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is implemented
The component of example can be arranged and be designed with a variety of different configurations.
Therefore, the detailed description of the embodiments herein provided in the accompanying drawings is not intended to limit below claimed
Scope of the present application, but be merely representative of the selected embodiment of the application.Based on the embodiment in the application, this field is common
Technical staff's every other embodiment obtained without creative efforts belongs to the model of the application protection
It encloses.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.
In the description of the present application, it should be noted that the orientation or position of the instructions such as term " on ", "lower", "inner", "outside"
Set relationship be based on the orientation or positional relationship shown in the drawings or this application product using when the orientation or position usually put
Relationship is set, description the application is merely for convenience of and simplifies description, rather than the device or element of indication or suggestion meaning are necessary
It with specific orientation, is constructed and operated in a specific orientation, therefore should not be understood as the limitation to the application.In addition, term
" first ", " second ", " third " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
Fig. 1 is a kind of security protection system schematic diagram that one embodiment of the application provides, as shown in Figure 1, the system includes:
Server 10 and terminal 20, server 10 can communicate to connect between multiple terminals 20, which can answer for internet
It with software, may be mounted in terminal, which can carry out business information with server 10 and interact, wherein the business information
It may include: solicited message or data processing of information, such as: the client is used to the solicited message of user being sent to service
Device, user can carry out human-computer interaction by client pair and the server, and the server is for receiving client transmission
Solicited message, and the solicited message is handled, is pushed to the corresponding response message of solicited message after processing terminate
Client in terminal, the terminal is for installing client;Wherein, server 10 can be server group, be also possible to single
Server, terminal 20 can be hand-held set, smart phone or laptop, be not limited thereto.
Fig. 2 is a kind of flow diagram for safety protecting method that one embodiment of the application provides, as shown in Fig. 2, the party
Method is applied to above system, this method comprises:
S101, the use information for obtaining client.
Specifically, server obtains should when the client of user at the terminal logs in or carries out other operations
The use information of client, the use information may include: end message, environmental information, operation information and the network of client
Path information.
Wherein, the terminal device information of client may include: the hardware version etc. of terminal models, terminal iidentification and terminal
Information;The environmental information of client may include: the hardware configuration of terminal and the network environment of terminal, wherein the hardware configuration
It is used to indicate whether the terminal can be used for installing and executing the client, which may include: wireless network environment
And cable network environment;The operation information of client may include: client operation instruction, the operating time of client and client
The operation service etc. at end;Network path information may include: used network, channel and base station etc. during service interaction
Information.
S102, risk class division is carried out according to user of each single item information in use information to client.
Server carries out risk class division according to the user of the use information of client to client, in general, can be with
It is scored according to user of the client use information to client, wind is then carried out according to user of the appraisal result to client
Dangerous grade classification, specific marking mode are set according to actual needs, and this is not restricted, and specific risk class divides
Mode is selected according to the actual situation, is not limited thereto;In addition, divide risk class may include: high risk rank,
Risk rank and low-risk rank, also may include: prime risk rank, second level risk class and tertiary risk rank,
This is not construed as limiting.
In practical applications, use information acquired in server includes the end message of client, environmental information, operation
Information and network path information individually can use letter according to one of when carrying out risk class division to client
Breath divides the consumer's risk grade of client, can also carry out comprehensive descision according to all use informations of acquisition, divide visitor
The consumer's risk grade at family end, the present embodiment are not especially limited this.
S103, the corresponding security protection scheme of risk class is pushed to the user of client according to risk class.
Specifically, different risk class is corresponding with different security protection schemes, it will according to the risk class of client
The corresponding security protection scheme of risk class is pushed;For example, if the risk class of user is divided into high risk grade
Not, risk rank and low-risk rank, the corresponding security protection scheme of high risk rank are that refusal is responded to client push
Information, the corresponding security protection scheme of risk rank are to client push verification information, if the user of the client passes through
Verifying, then for server to client push response message, low-risk rank corresponding security protection scheme is directly to client
End push response message, the response message be server receive client solicited message, and according to the solicited message at
Reason, by obtained processing result, information is sent to client in response;Specifically, the corresponding security protection scheme of risk class
It is set, is not limited thereto according to actual needs.
From the above mentioned, the method for the embodiment of the present application carries out risk class division by the use information to client, and
Corresponding security protection scheme is pushed according to the result of grade classification, due to the difference of the use information of client, by client
Corresponding user is divided into different grades, and different security protection schemes is pushed to the user of the client of different grades,
Pass through the difficulty of verifying to increase to forge verification information or forge user information, and then enhances the safety of Internet service
Property.
Optionally, the step of risk class division being carried out according to user of the use information to client, comprising:
The corresponding assessment result of user for obtaining client according to use information;
If the corresponding risk class of the user of client is divided into calm by assessment result less than the first default risk threshold value
Dangerous rank;
If assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, by client
The corresponding risk class of user is divided into low-risk rank;
If assessment result is more than or equal to the second default risk threshold value, the corresponding risk class of the user of client is divided into
High risk rank.
Specifically, setting one the first preset threshold and second preset threshold, wherein the second preset threshold is greater than the
One preset threshold, the corresponding assessment result of user for obtaining client according to use information, the assessment result can be score value,
It can be grade, be not limited thereto, for clear explanation, it is score value that this, which sentences assessment result, and risk class is divided into: high risk
Rank, low-risk rank and devoid of risk rank are illustrated, by the score value of obtained assessment result and the first default risk threshold value
It is compared, if the score value of assessment result draws the corresponding risk class of the user of client less than the first default risk threshold value
It is divided into devoid of risk rank;If the score value of the assessment result is not less than the first default risk threshold value, by the score value of the assessment result
It is compared with the second preset threshold, if the score value of assessment result, less than the second default risk threshold value, and it is pre- to be more than or equal to first
If risk threshold value, the corresponding risk class of the user of client is divided into low-risk rank;If the score value of assessment result is greater than
Equal to the second default risk threshold value, the corresponding risk class of the user of client is divided into high risk rank.
For example, second preset threshold is 85, and risk class is divided into if the first preset threshold is 60: high risk rank,
Low-risk rank and devoid of risk rank judge the assessment knot of client if the score value for obtaining the assessment result of client is 75 points
The size relation of fruit and the first preset threshold, 75 are greater than 60, then by the score value of the assessment result of client and the second preset threshold
It is compared, 75 less than 85, since 75 are greater than 60, and less than 85, then the corresponding risk class of the user of the client is low wind
Dangerous rank pushes the corresponding security protection scheme of low-risk rank to the user of client.
Fig. 3 is the flow diagram for another safety protecting method that one embodiment of the application provides, as shown in figure 3, can
The step of selection of land, the user that client is obtained according to use information corresponding assessment result, comprising:
The history letter of S201, the respectively end message of acquisition client, environmental information, operation information and network path information
Breath.
When user sends solicited message by user end to server, server receives the solicited message, and obtains
Take end message, the environmental information, the historical information of operation information and network path information of the client.
S202, according to historical information respectively to the end message of the client of use information, environmental information, operation information and
Network path information scores.
It is scored according to historical information client, the method for scoring is set according to the actual situation, in order to more clear
The process for illustrating scoring of Chu, at this for example, if criminal manipulation of client remembers 10 in end message in historical information
Point, 10 points of note, violation operation of client in operation information the case where one subsidiary risk network environment of client in environmental information
20 points of note, client connects a pseudo-base station and remembers 40 points in network path information, if in historical information client have it is illegal three times
Operation, connected a pseudo-base station, then remembered 30 points, 0 point of environmental information note, operation information note 0 point and net to end message respectively
Network path information remembers 40 points.
S203, it is commented according to preset algorithm, the scoring of the end message of client, the scoring of environmental information, operation information
Point the corresponding score value of client assessment result is calculated with the scoring of network path information.
According to end message, environmental information, operation information and net in the above-mentioned related client use information respectively obtained
The scoring of network path information carries out accumulation calculating and obtains the corresponding score value of client use information, to obtain client assessment
As a result corresponding score value is 70 points, then according to the corresponding score value of client assessment result, carries out risk to the user of client
Grade classification.
Optionally, the step of the corresponding security protection scheme of risk class is pushed to the user of client according to risk class
Suddenly, comprising:
When risk class is devoid of risk rank, corresponding response message directly is pushed to the user of client;
When risk class is low-risk rank, to client push identifying code protectiving scheme, wherein identifying code protection side
Case includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message verification code and language
At least one of sound identifying code;
When risk class is high risk rank, to client push protectiving scheme, wherein client push protectiving scheme
It include: to intercept use information and/or honey jar safety approach.
Specifically, the default corresponding security protection scheme of devoid of risk rank is to require no verifying directly to the use of client
Family pushes corresponding response message, and the corresponding security protection scheme of low-risk rank is to client push identifying code protection side
Case, the corresponding security protection scheme of high risk rank are to intercept use information and/or honey jar safety;Wherein, identifying code protection side
Case includes: text identifying code, picture validation code, clicks identifying code, sliding identifying code, question and answer identifying code, short message verification code and language
At least one of sound identifying code;Security protection scheme refers to for interception service information intercepts the business information of client,
The client traffic information is not handled;Honey jar be safely honey jar host to the business information of the client at
Reason, is sent to the client for the response message after processing, while honey jar host receives the business information of the client
Collection.
It should be noted that honey jar is substantially the technology that a kind of couple of attacker is cheated, by arranging some conducts
Host, network service or the information of bait lure that attacker implements to attack to them into, so as to catch to attack
Obtain and analyze, understand attacker used in tool and method, thus it is speculated that attack intension and motivation, can allow defender clearly
The security threat that they are faced is solved, and enhances the security protection ability of real system by technology and management means.
Optionally, before the use information step for obtaining client, further includes:
Obtain service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to
Security protection scheme.
Specifically, obtaining the service request of client before the use information for obtaining client, passing through the industry of client
Business request, obtains the use information of client, correspondingly, server is when receiving service request, according to risk class to client
The user at end pushes the corresponding security protection scheme of risk class.
Safety protecting method provided in this embodiment, this method carry out risk class by the use information to client and draw
Point, and pushing corresponding security protection scheme according to the result of grade classification will be objective due to the difference of the use information of client
The corresponding user in family end is divided into different grades, pushes different security protection sides to the user of the client of different grades
Case forges verification information or forges user information by the difficulty of verifying, and then enhances Internet service to increase
Safety.
Fig. 4 is a kind of module diagram for safety device that one embodiment of the application provides, as shown in figure 4, this Shen
Please embodiment a kind of safety device is provided, which includes: to obtain module 301, division module 302 and pushing module 303;
Module 301 is obtained, for obtaining the use information of client, wherein use information includes: the terminal letter of client
Breath, environmental information, operation information and network path information;
Division module 302, for carrying out risk class according to user of each single item information in use information to client
It divides;
Pushing module 303, for pushing the corresponding security protection of risk class to the user of client according to risk class
Scheme.
Optionally, division module 302 are tied specifically for the corresponding assessment of user for obtaining client according to use information
Fruit;If assessment result is divided into devoid of risk grade less than the first default risk threshold value, by the corresponding risk class of the user of client
Not;If assessment result is more than or equal to the first default risk threshold value, and less than the second default risk threshold value, by the user couple of client
The risk class answered is divided into low-risk rank;If assessment result is more than or equal to the second default risk threshold value, by the use of client
The corresponding risk class in family is divided into high risk rank.
Optionally, division module 302, be also used to obtain respectively the end message of client, environmental information, operation information and
The historical information of network path information;According to historical information respectively to the end message of the client of use information, environmental information,
Operation information and network path information score;According to preset algorithm, the scoring of the end message of client, environmental information
The corresponding score value of client is calculated in scoring, the scoring of operation information and the scoring of network path information.
Optionally, pushing module 303 are specifically used for when risk class is devoid of risk rank, directly to the use of client
Family pushes corresponding response message;When risk class is low-risk rank, to client push identifying code protectiving scheme,
In, identifying code protectiving scheme include: text identifying code, picture validation code, click identifying code, sliding identifying code, question and answer identifying code,
At least one of short message verification code and speech identifying code;When risk class is high risk rank, to client push protection side
Case, wherein client push protectiving scheme includes: to intercept use information and/or honey jar safety approach.
Fig. 5 is the module diagram for another safety device that one embodiment of the application provides, as shown in figure 5, can
Selection of land, above-mentioned apparatus further include acquisition request module 304;The acquisition request module 304, for obtaining service request;
Correspondingly, pushing risk class when receiving service request to the user of client according to risk class and corresponding to
Security protection scheme.
Safety device provided in this embodiment, the device of the embodiment of the present application by the use information to client into
Row risk class divides, and pushes corresponding security protection scheme according to the result of grade classification, since the use of client is believed
The corresponding user of client is divided into different grades by the difference of breath, is pushed not to the user of the client of different grades
Same security protection scheme passes through the difficulty verified, and then enhancing to increase to forge verification information or forge user information
The safety of Internet service.
Fig. 6 is the functional block diagram of a kind of electronic equipment provided by the disclosure, as shown in fig. 6, the electronic equipment
It may include the computer readable storage medium 401 and processor 402 for being stored with computer program, processor 402 can call
The computer program that computer readable storage medium 401 stores.It, can when the computer program is read and run by processor 402
To realize above method embodiment.Specific implementation is similar with technical effect, and which is not described herein again.
The embodiment of the present application also provides a kind of storage medium, and computer program, computer program are stored on storage medium
The step of method in such as preceding method embodiment is executed when being run by processor.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field
For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair
Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.
Claims (10)
1. a kind of safety protecting method, which is characterized in that the described method includes:
Obtain the use information of client, wherein the use information includes: the end message of client, environmental information, operation
Information and network path information;
Risk class division is carried out according to user of each single item information in the use information to the client;
The corresponding security protection scheme of the risk class is pushed to the user of the client according to the risk class.
2. safety protecting method according to claim 1, which is characterized in that it is described according to the use information to the visitor
The user at family end carries out the step of risk class division, comprising:
The corresponding assessment result of user for obtaining the client according to the use information;
If the corresponding risk class of the user of the client is divided by the assessment result less than the first default risk threshold value
Devoid of risk rank;
If the assessment result is more than or equal to the described first default risk threshold value, and less than the second default risk threshold value, will be described
The corresponding risk class of the user of client is divided into low-risk rank;
If the assessment result is more than or equal to the described second default risk threshold value, by corresponding risk of the user of the client etc.
Grade is divided into high risk rank.
3. safety protecting method according to claim 2, which is characterized in that obtain the client according to the use information
The step of user at end corresponding assessment result, comprising:
End message, the environmental information, the historical information of operation information and network path information of the client are obtained respectively;
According to historical information respectively to end message, environmental information, operation information and the network of the client of the use information
Path information scores;
It is logical according to preset algorithm, the scoring of the end message of client, the scoring of environmental information, the scoring of operation information and network
The corresponding score value of the client assessment result is calculated in the scoring of road information.
4. safety protecting method according to claim 3, which is characterized in that it is described according to the risk class to the visitor
The user at family end pushes the step of risk class corresponding security protection scheme, comprising:
When the risk class is devoid of risk rank, corresponding response message directly is pushed to the user of the client;
When the risk class is low-risk rank, Xiang Suoshu client push identifying code protectiving scheme, wherein the verifying
Code protectiving scheme includes: text identifying code, picture validation code, click identifying code, sliding identifying code, question and answer identifying code, short message are tested
Demonstrate,prove at least one of code and speech identifying code;
When the risk class is high risk rank, Xiang Suoshu client push protectiving scheme, wherein the protectiving scheme packet
It includes: intercepting the use information and/or honey jar safety.
5. safety protecting method according to claim 1, which is characterized in that obtain client use information step it
Before, further includes:
Obtain service request;
Correspondingly, pushing the risk to the user of the client according to the risk class when receiving service request
The corresponding security protection scheme of grade.
6. a kind of safety device, which is characterized in that described device includes: to obtain module, division module and pushing module;
The acquisition module, for obtaining the use information of client, wherein the use information includes: the terminal of client
Information, environmental information, operation information and network path information;
The division module, for carrying out risk according to user of each single item information in the use information to the client
Grade classification;
The pushing module, it is corresponding for pushing the risk class to the user of the client according to the risk class
Security protection scheme.
7. safety device according to claim 6, which is characterized in that the division module is specifically used for according to institute
It states use information and obtains the corresponding assessment result of user of the client;If the assessment result is less than the first default risk threshold
Value, is divided into devoid of risk rank for the corresponding risk class of the user of the client;If the assessment result is more than or equal to institute
The first default risk threshold value is stated, and less than the second default risk threshold value, the corresponding risk class of the user of the client is drawn
It is divided into low-risk rank;If the assessment result is more than or equal to the described second default risk threshold value, by the user of the client
Corresponding risk class is divided into high risk rank.
8. safety device according to claim 7, which is characterized in that the division module is also used to obtain respectively
The end message of the client, environmental information, the historical information of operation information and network path information;According to historical information point
End message, environmental information, operation information and the network path information of the other client to the use information score;Root
According to preset algorithm, the scoring of the end message of client, the scoring of environmental information, the scoring of operation information and network path information
Scoring the corresponding score value of the client assessment result is calculated.
9. safety device according to claim 8, which is characterized in that the pushing module is specifically used for when described
When risk class is devoid of risk rank, corresponding response message directly is pushed to the user of the client;When described risk etc.
When grade is low-risk rank, Xiang Suoshu client push identifying code protectiving scheme, wherein the identifying code protectiving scheme includes:
Text identifying code, picture validation code click identifying code, sliding identifying code, question and answer identifying code, short message verification code and speech identifying code
At least one of;When the risk class is high risk rank, Xiang Suoshu client push protectiving scheme, wherein the visitor
Family end push protectiving scheme includes: to intercept the use information and/or honey jar safety approach.
10. safety device according to claim 9, which is characterized in that described device further includes acquisition request module;
The acquisition request module, for obtaining service request;
Correspondingly, pushing the risk to the user of the client according to the risk class when receiving service request
The corresponding security protection scheme of grade.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910498942.XA CN110213281A (en) | 2019-06-10 | 2019-06-10 | Safety protecting method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910498942.XA CN110213281A (en) | 2019-06-10 | 2019-06-10 | Safety protecting method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110213281A true CN110213281A (en) | 2019-09-06 |
Family
ID=67791778
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910498942.XA Pending CN110213281A (en) | 2019-06-10 | 2019-06-10 | Safety protecting method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110213281A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112217131A (en) * | 2020-09-09 | 2021-01-12 | 北京国电通网络技术有限公司 | Power transmission line inspection method, device, equipment and storage medium |
CN113643042A (en) * | 2021-08-20 | 2021-11-12 | 武汉极意网络科技有限公司 | Safety verification system based on online business safety |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104753868A (en) * | 2013-12-30 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Safety verification method, service server and safety verification system |
CN106682906A (en) * | 2015-11-10 | 2017-05-17 | 阿里巴巴集团控股有限公司 | Risk identification and business processing method and device |
CN108092970A (en) * | 2017-12-13 | 2018-05-29 | 腾讯科技(深圳)有限公司 | A kind of wireless network maintaining method and its equipment, storage medium, terminal |
CN109831459A (en) * | 2019-03-22 | 2019-05-31 | 百度在线网络技术(北京)有限公司 | Method, apparatus, storage medium and the terminal device of secure access |
-
2019
- 2019-06-10 CN CN201910498942.XA patent/CN110213281A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104753868A (en) * | 2013-12-30 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Safety verification method, service server and safety verification system |
CN106682906A (en) * | 2015-11-10 | 2017-05-17 | 阿里巴巴集团控股有限公司 | Risk identification and business processing method and device |
CN108092970A (en) * | 2017-12-13 | 2018-05-29 | 腾讯科技(深圳)有限公司 | A kind of wireless network maintaining method and its equipment, storage medium, terminal |
CN109831459A (en) * | 2019-03-22 | 2019-05-31 | 百度在线网络技术(北京)有限公司 | Method, apparatus, storage medium and the terminal device of secure access |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112217131A (en) * | 2020-09-09 | 2021-01-12 | 北京国电通网络技术有限公司 | Power transmission line inspection method, device, equipment and storage medium |
CN113643042A (en) * | 2021-08-20 | 2021-11-12 | 武汉极意网络科技有限公司 | Safety verification system based on online business safety |
CN113643042B (en) * | 2021-08-20 | 2024-04-05 | 武汉极意网络科技有限公司 | Security verification system based on online business security |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11310261B2 (en) | Assessing security risks of users in a computing network | |
EP3930286A1 (en) | Prompting users to annotate simulated phishing emails in cybersecurity training | |
CN107566358B (en) | Risk early warning prompting method, device, medium and equipment | |
JP6609047B2 (en) | Method and device for application information risk management | |
CN111401416B (en) | Abnormal website identification method and device and abnormal countermeasure identification method | |
US20210390181A1 (en) | Generating Simulated Spear Phishing Messages and Customized Cybersecurity Training Modules Using Machine Learning | |
CN109345417B (en) | Online assessment method and terminal equipment for business personnel based on identity authentication | |
US11637870B2 (en) | User responses to cyber security threats | |
CN105246058B (en) | The verification method and short message server of short message | |
CN104424277A (en) | Processing method and device for report information | |
CN107634947A (en) | Limitation malice logs in or the method and apparatus of registration | |
US12038984B2 (en) | Using a machine learning system to process a corpus of documents associated with a user to determine a user-specific and/or process-specific consequence index | |
CN110097289A (en) | Risk monitoring and control method, apparatus, equipment and computer readable storage medium | |
CN111724069A (en) | Method, apparatus, device and storage medium for processing data | |
CN110213281A (en) | Safety protecting method and device | |
CN107944293B (en) | Fictitious assets guard method, system, equipment and storage medium | |
US20220321598A1 (en) | Method of processing security information, device and storage medium | |
CN113326375A (en) | Public opinion processing method, device, electronic equipment and storage medium | |
CN106713362A (en) | Method for realizing security investigation of WiFi network access | |
CN108804501A (en) | A kind of method and device of detection effective information | |
CN109688096A (en) | Recognition methods, device, equipment and the computer readable storage medium of IP address | |
CN110460593B (en) | Network address identification method, device and medium for mobile traffic gateway | |
CN115426299B (en) | Method and device for identifying characteristic-free data, computer equipment and storage medium | |
CN108449518A (en) | Insurance contract pays a return visit method and apparatus | |
CN111767575A (en) | Data anti-crawling method, device, equipment and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20190925 Address after: 100085, 0308/0310, room 3, 26 Information Road, Haidian District, Beijing Applicant after: BEIJING DINGXIANG TECHNOLOGY Co.,Ltd. Address before: 215000 Room A1, Room 315, Room No. 268 Dengyun Road, Yushan Town, Kunshan City, Suzhou City, Jiangsu Province Applicant before: Kunshan Top Image Data Technology Co.,Ltd. |
|
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190906 |