CN113836509B - Information acquisition method, device, electronic equipment and storage medium - Google Patents
Information acquisition method, device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113836509B CN113836509B CN202111118057.8A CN202111118057A CN113836509B CN 113836509 B CN113836509 B CN 113836509B CN 202111118057 A CN202111118057 A CN 202111118057A CN 113836509 B CN113836509 B CN 113836509B
- Authority
- CN
- China
- Prior art keywords
- target object
- verification
- acquiring
- preset event
- responding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 238000012795 verification Methods 0.000 claims abstract description 132
- 230000004044 response Effects 0.000 claims abstract description 18
- 238000001514 detection method Methods 0.000 claims description 13
- 238000010200 validation analysis Methods 0.000 claims 2
- 238000004590 computer program Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 11
- 238000004891 communication Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 8
- 238000012545 processing Methods 0.000 description 7
- 230000008859 change Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 230000036626 alertness Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000004397 blinking Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Collating Specific Patterns (AREA)
Abstract
The disclosure provides an information acquisition method, relates to the technical field of computers, and particularly relates to the technical fields of computer security and network security. The specific implementation scheme is as follows: in response to detecting the occurrence of a preset event, sending out a verification instruction; and responsive to the target object being verified by a verification means associated with the verification indication, collecting a biometric of the target object. The disclosure also provides an information acquisition device, an electronic device and a storage medium.
Description
Technical Field
The present disclosure relates to the field of computer technology, and in particular, to the field of computer security and network security technology. More particularly, the present disclosure provides an information acquisition method, apparatus, electronic device, storage medium, and computer program product.
Background
Computer security events refer to any event that attempts to change the security state of an information system, such as attempts to change access control measures, attempts to change security levels, attempts to change user passwords, and the like. After a computer security event occurs, an object (e.g., an attacker) that initiates the security event may be traced to determine the identity of the object.
Disclosure of Invention
The present disclosure provides an information acquisition method, apparatus, electronic device, storage medium, and computer program product.
According to a first aspect, there is provided an information acquisition method comprising: in response to detecting the occurrence of a preset event, sending out a verification instruction; and responsive to the target object being authenticated by a verification means associated with the verification indication, collecting a biometric of the target object.
According to a second aspect, there is provided an information acquisition device comprising: the verification module is used for responding to the detection of the occurrence of a preset event and sending a verification instruction; and the acquisition module is used for responding to the verification of the target object in a verification mode associated with the verification instruction and acquiring the biological characteristics of the target object.
According to a third aspect, there is provided an electronic device comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a method provided in accordance with the present disclosure.
According to a fourth aspect, there is provided a non-transitory computer readable storage medium storing computer instructions for causing a computer to perform a method provided according to the present disclosure.
According to a fifth aspect, there is provided a computer program product comprising a computer program which, when executed by a processor, implements a method provided according to the present disclosure.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.
Drawings
The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a schematic diagram of an exemplary system architecture to which information gathering methods and apparatus may be applied, according to one embodiment of the present disclosure;
FIG. 2 is a flow chart of a method of information acquisition according to one embodiment of the present disclosure;
FIG. 3 is an exemplary schematic diagram of an information gathering method according to one embodiment of the present disclosure;
FIG. 4 is an exemplary schematic diagram of an information gathering method according to another embodiment of the present disclosure;
FIG. 5 is a block diagram of an information acquisition device according to one embodiment of the present disclosure; and
fig. 6 is a block diagram of an electronic device of an information collection method according to one embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In the related art, an object (such as an attacker) that initiates a security event may be traced based on IP (Internet Protocol) address, characteristics of attack load (Payload), or based on honeypot technology.
For example, when tracing an attacker based on an IP address, the IP address of the attacker may be determined from log information. The identity of the attacker at the time of the security event can then be queried based on the data of the relevant authorities. However, since most IP addresses are dynamically allocated, the accuracy of tracing the source based on the IP addresses is low.
For another example, when tracing an attacker based on the characteristics of the attack load, the identity of the object may be determined according to the characteristics (such as the identity identifier) carried by the attacker when the attacker implements the attack. However, only a few attackers can carry identity marks when carrying out the attack, and the attackers can forge the identity marks, so that the tracing accuracy based on the characteristics of attack loads is low.
For another example, when tracing the attacker based on the honeypot technology, the registration information of the attacker on some websites can be obtained. However, honeypots are individually deployed applications that are easily perceived by attackers.
Fig. 1 is a schematic diagram of an exemplary system architecture to which information collection methods and apparatus may be applied, according to one embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which embodiments of the present disclosure may be applied to assist those skilled in the art in understanding the technical content of the present disclosure, but does not mean that embodiments of the present disclosure may not be used in other devices, systems, environments, or scenarios.
As shown in fig. 1, a system architecture 100 according to this embodiment may include a plurality of terminal devices 101, a network 102, and a server 103. Network 102 is the medium used to provide communication links between terminal device 101 and server 103. Network 102 may include various connection types, such as wired and/or wireless communication links, and the like.
A user may interact with the server 103 via the network 102 using the terminal device 101 to receive or send messages or the like. Terminal device 101 may be a variety of electronic devices including, but not limited to, smartphones, tablets, laptop portable computers, and the like.
The information collection method provided by the embodiments of the present disclosure may be generally performed by the server 103. Accordingly, the information collecting apparatus provided in the embodiments of the present disclosure may be generally disposed in the server 103. The information collection method provided by the embodiments of the present disclosure may also be performed by a server or a server cluster that is different from the server 103 and is capable of communicating with the terminal device 101 and/or the server 103. Accordingly, the information collecting apparatus provided by the embodiments of the present disclosure may also be provided in a server or a server cluster different from the server 103 and capable of communicating with the terminal device 101 and/or the server 103
Fig. 2 is a flow chart of an information collection method according to one embodiment of the present disclosure.
As shown in fig. 2, the method 200 may include operations S210 to S220.
In response to detecting the occurrence of the preset event, a verification instruction is issued in operation S210.
In the disclosed embodiments, the preset event may be a computer security event.
For example, the preset event may be an event caused by the behavior of the target object to implement the change access control measure. For another example, the preset event may be an event caused by the target object implementing an action that changes the password of the other user.
In the embodiment of the disclosure, the verification instruction may be issued when the occurrence of the preset event is detected.
For example, for a link, the target object implements an attack that triggers a preset event. The verification indication may be issued when the target object enforces an attack on the link.
In the embodiment of the disclosure, the verification instruction is sent out in response to the detection of the occurrence of the preset event and the access of the target object to the arbitrary link.
For example, when the target object is implementing an attack that initiates a preset event, the target object may not be verified by the verification means associated with the verification indication because the target object is highly alert. But after the preset event occurs, the alertness of the target object may decrease. Therefore, after the preset event occurs and when the target object accesses any link, a verification instruction can be sent out so that the target object can be verified.
In an embodiment of the present disclosure, a target object identification is generated for a target object in response to a preset event occurrence.
For example, the target object identification may be a browser fingerprint. The browser fingerprint is generated from configuration and setup information that is visible to the web site by the browser. The browser fingerprints may be stable for different browsers of different devices. Thus, the browser fingerprint may be identified as a target object.
In an embodiment of the present disclosure, it is determined whether the target object accesses any links based on the target object identification.
For example, when the target object is identified as a browser fingerprint, a website or program corresponding to the arbitrary link may detect whether it is accessed by an object having the browser fingerprint, and may then determine whether the target object has accessed the arbitrary link.
It should be noted that, the target object identifier may also be generated according to the IP address, account number, etc. of the target object, which is not limited in this disclosure.
In operation S220, in response to the target object being verified by the verification means associated with the verification indication, a biometric characteristic of the target object is acquired.
In the embodiment of the disclosure, the verification modes include a first verification mode and a second verification mode.
For example, the first verification means may include one or more, such as picture verification, problem verification, and the like. The picture verification may be a verification that indicates that the target object selects one or several specific areas on the picture. Question verification may be a verification that indicates that the target object answers a particular question, which in one example may be "e+pi=? ", where e is a natural constant. The first verification means may be verification means in which the biometric feature of the target object cannot be or is difficult to collect.
For example, the first verification method may also be verification code verification. Verification code verification may be a verification manner that instructs a target object to input a verification code (character string) acquired according to some account numbers. Some of the accounts may be MSISDN (Mobile Subscriber International ISDN Number ) or mailbox account numbers, where ISDN (Integrated Service Digital Network) refers to an integrated services digital network. In one example, after verification of the target object selection verification code, the account number of the target object can be reserved, so that more information is provided for accurately identifying the identity of the target object.
For example, the second authentication means may include one or more of face authentication, voiceprint authentication, fingerprint authentication, and the like. The second verification means may be verification means capable of acquiring a biometric feature of the target object.
For example, the verification indication may be associated with a plurality of first verification means and second verification means.
In the embodiment of the disclosure, in response to detecting that the target object is verified in the first verification mode, verification result information is sent out to prompt verification failure.
For example, if it is detected that the target object performs verification by the first verification method, only verification result information indicating that verification fails may be sent after verification of the target object is completed. In one example, the first authentication means may comprise picture authentication. The pictures received by the target object may be complex or unclear when the target object is verified by picture verification. No matter the target object selects any region on the picture, verification failure is prompted. In another example, the first verification means may be verification code verification. After the target object inputs the account, the verification code can be delayed or not sent out so as to induce the target object to select other verification modes. In the two examples, in the process that the target object is verified in the first verification mode, the difficulty of verification success is increased, so that after verification failure is prompted, the vigilance of the target object is not improved, and the target object is induced to be verified in the second verification mode.
In an embodiment of the disclosure, in response to detecting that the target user is authenticated by the second authentication mode, the biometric of the target user is collected.
In embodiments of the present disclosure, a first device may be utilized to collect a biometric of a target user.
For example, the first device may be a device that is used by the target user when accessing any links.
In the embodiment of the present disclosure, accessing the arbitrary link may be accessing a website corresponding to the arbitrary link, or may be accessing a program corresponding to the arbitrary link. The website or program may run on a server, so accessing any link may also be accessing a server.
In embodiments of the present disclosure, at least one face image may be acquired.
For example, in the process that the target object is verified through face verification, the target object may be instructed to make actions such as nodding, lateral head, opening mouth or blinking, so as to collect more face images.
In implementations of the present disclosure, at least one audio information may be collected.
For example, in the process that the target object is verified through voiceprint verification, the target object may be instructed to read preset text so as to collect voiceprint information. For another example, in the process that the target object is verified through voiceprint verification, a voice call can be established with the first device of the target object, and the target object is instructed to read preset characters in the process of the voice call so as to collect voiceprint information, and the MSISDN of the first device can also be collected.
In embodiments of the present disclosure, at least one fingerprint information may be collected.
For example, in the process that the target object is verified through fingerprint verification, fingerprint information of the target object may be acquired by using the first device.
According to the embodiment of the disclosure, after the occurrence of the preset event is detected, the biological characteristics of the target object can be acquired, so that the possibility of tracing to the target object which causes the preset event is improved.
In some embodiments, a second device may be utilized to capture a biometric of the target object.
For example, the first device may be a device that is used by the target user when accessing any links. The second device may be a different device than the first device. In one example, the second device may be a device having a function of scanning a two-dimensional code.
In the embodiment of the disclosure, the verification mode may further include code scanning verification.
For example, scan code verification may be to instruct the target object to scan a two-dimensional code or bar code with the second device to verify with the second device.
In embodiments of the present disclosure, at least one face image may be acquired using a second device.
In embodiments of the present disclosure, at least one audio information may be collected using a second device.
In embodiments of the present disclosure, at least one fingerprint information may be acquired using a second device.
It should be noted that, for example, the embodiment of the operation S220 in fig. 2 may be referred to for the specific implementation of the second device to collect the face image, the audio information, and the fingerprint information, which is not described herein.
In some embodiments, the method 200 described above may be applied to a honeypot system.
For example, in response to detecting the occurrence of a preset event, a jump is made to the honeypot system, issuing a verification indication. In one example, the honeypot system may be a login system of a false backend management system. And when the target user tries to log in by using a common account number (such as an account number and a password are all 'admin'), sending out a verification instruction.
For example, in response to the target object being verified by the verification means associated with the verification indication, a biometric of the target object may be acquired, for example, with reference to the embodiment described in operation S220 in fig. 2.
Fig. 3 is an exemplary schematic diagram of an information collection method according to one embodiment of the present disclosure.
As shown in fig. 3, the information collecting apparatus may detect that the target object 301 performs an attack on the first server 303 by using the first device 302, that is, detects that a preset event occurs. Thereafter, the information collecting apparatus may issue a verification instruction when the target object 301 accesses the second server 304 corresponding to an arbitrary link using the first device 302. The authentication manner associated with the authentication indication may be displayed in a pop-up window. The pop-up window may be located in a page of a website or program that may be running in the second server 304. For another example, the authentication means associated with the authentication indication may be displayed in a separate web page or program page.
Upon verification of the target object 301, the information acquisition apparatus may acquire a biometric of the target object 301 using the first device 302. For example, the information gathering apparatus may gather the biometric features of the target object 301 using a camera, microphone, or fingerprint sensor on the first device 302.
FIG. 4 is a schematic diagram of an information acquisition method according to another embodiment of the present disclosure
As shown in fig. 4, the information collecting apparatus may detect that the target object 301 performs an attack on the first server 303 by using the first device 302, that is, detects that a preset event occurs. Thereafter, the information collecting apparatus may issue a verification instruction when the target object 301 accesses the second server 304 corresponding to an arbitrary link using the first device 302. The target object 301 may be authenticated after scanning the code using the second device 405 according to the authentication indication. For example, after the target object 301 scans the code using the second device 405, the verification manner associated with the verification indication may be displayed in an applet (Mini Program).
Upon verification of the target object 301, the information acquisition apparatus may acquire a biometric of the target object 301 using the second device 405. For example, the information gathering apparatus may gather the biometric of the target object 301 using a camera, microphone, or fingerprint sensor on the second device 405.
It should be noted that the information collecting device may be disposed in the first server 303 and/or the second server 304 to detect whether a preset event occurs. The first server 303 and the second server 304 may communicate to transfer information about the target object 301, such as a target object identification.
It should be noted that, after detecting the occurrence of the preset event, the information collecting device may generate, for the target object, a target object identifier (for example, the aforementioned browser fingerprint). Further, the information collecting apparatus may determine whether or not there is the target object 301 among the objects accessing the second server 304 based on the target object identification, to issue a verification instruction when the target object 301 accesses the second server 304.
It should be noted that the information collecting apparatus may be disposed in a separate server, and the separate server may communicate with the first server 303 and the second server 304.
It should be noted that the information acquisition apparatus may also communicate with the second device 405 to acquire the biological characteristics of the target object 301 by using the second device 405.
Fig. 5 is a block diagram of an information acquisition device according to one embodiment of the present disclosure.
As shown in fig. 5, the apparatus 500 may include a verification module 510 and an acquisition module 520.
The verification module 510 is configured to send a verification instruction in response to detecting that a preset event occurs.
The collection module 520 is configured to collect the biological characteristics of the target object in response to the target object being verified by the verification method associated with the verification instruction.
In some embodiments, the verification module includes: and the verification unit is used for responding to the detection of the occurrence of a preset event and the access of the target object to any link, and sending out the verification instruction.
In some embodiments, the verification module includes: the generating unit is used for responding to the occurrence of a preset event and generating a target object identifier aiming at the target object; and a determining unit configured to determine whether the target object accesses the arbitrary link according to the target object identifier.
In some embodiments, the authentication means includes a first authentication means and a second authentication means. The acquisition module comprises: the sending unit is used for responding to the detection that the target object is verified in the first verification mode, and sending verification result information to prompt verification failure; the first acquisition unit is used for responding to detection that the target user is verified in the second verification mode, and acquiring the biological characteristics of the target user.
In some embodiments, the acquisition module includes at least one of the following elements: the second acquisition unit is used for acquiring at least one face image; the third acquisition unit is used for acquiring at least one piece of audio information; and the fourth acquisition unit is used for acquiring at least one fingerprint information.
In some embodiments, the target object accesses the arbitrary link using a first device, and the acquisition module includes at least one of: a fifth acquisition unit for acquiring at least one face image with the second device; a sixth acquisition unit for acquiring at least one audio information with the second device; and a seventh acquisition unit for acquiring at least one fingerprint information by using the second device.
It should be noted that, in the technical solution of the present disclosure, when the occurrence of the preset event is detected or after the occurrence of the preset event is detected, the method described in fig. 2 may be executed after the permission of the relevant regulatory agency according to the rules of the relevant legal regulations.
It should be noted that, in the technical solution of the present disclosure, the related processes of collecting, storing, using, processing, transmitting, providing, disclosing, etc. of the personal information of the user all conform to the rules of the related laws and regulations, and do not violate the popular regulations.
According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.
Fig. 6 shows a schematic block diagram of an example electronic device 900 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 6, the apparatus 600 includes a computing unit 601 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 602 or a computer program loaded from a storage unit 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data required for the operation of the device 600 may also be stored. The computing unit 601, ROM 602, and RAM 603 are connected to each other by a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Various components in the device 600 are connected to the I/O interface 605, including: an input unit 606 such as a keyboard, mouse, etc.; an output unit 607 such as various types of displays, speakers, and the like; a storage unit 608, such as a magnetic disk, optical disk, or the like; and a communication unit 609 such as a network card, modem, wireless communication transceiver, etc. The communication unit 609 allows the device 600 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
The computing unit 601 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 601 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 601 performs the respective methods and processes described above, such as an information acquisition method. For example, in some embodiments, the information gathering method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 608. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device 600 via the ROM 602 and/or the communication unit 609. When the computer program is loaded into the RAM 603 and executed by the computing unit 601, one or more steps of the information gathering method described above may be performed. Alternatively, in other embodiments, the computing unit 601 may be configured to perform the information gathering method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel or sequentially or in a different order, provided that the desired results of the technical solutions of the present disclosure are achieved, and are not limited herein.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.
Claims (12)
1. An information acquisition method, comprising:
responding to detection of occurrence of a preset event, and sending out a verification instruction, wherein the preset event is a computer security event; and
responsive to the target object being authenticated by the authentication means associated with the authentication indication, collecting a biometric of the target object,
the verification method comprises a first verification method and a second verification method, wherein the first verification method is a verification method which cannot or is difficult to collect the biological characteristics of the target object, and the second verification method is a verification method which can collect the biological characteristics of the target object;
the responding to the target object to verify by a verification mode associated with the verification indication, and the collecting the biological characteristics of the target object comprises:
responding to the detection that the target object is verified in the first verification mode, and sending verification result information prompting verification failure;
and after prompting verification failure, responding to detection that the target object is verified in the second verification mode, and collecting the biological characteristics of the target object.
2. The method of claim 1, wherein the issuing a validation instruction in response to a preset event occurrence comprises:
and responding to the detection of the occurrence of a preset event and the access of the target object to any link, and sending out the verification indication.
3. The method of claim 2, wherein the issuing a validation instruction in response to a preset event occurrence comprises:
generating a target object identifier aiming at the target object in response to the occurrence of a preset event; and
and determining whether the target object accesses the arbitrary link according to the target object identification.
4. The method of claim 1, wherein the acquiring the biometric of the target object in response to the target object being verified by a verification means associated with the verification indication comprises at least one of:
collecting at least one face image;
collecting at least one audio information;
at least one fingerprint information is acquired.
5. The method of claim 2, wherein the target object accesses the arbitrary link using a first device,
the acquiring the biometric of the target object in response to the target object being authenticated by an authentication means associated with the authentication indication comprises at least one of:
acquiring at least one face image with a second device;
collecting at least one audio information with a second device;
at least one fingerprint information is acquired with a second device.
6. An information acquisition device, comprising:
the verification module is used for responding to the detection of the occurrence of a preset event and sending a verification instruction, wherein the preset event is a computer security event; and
an acquisition module for acquiring a biometric of the target object in response to the target object being authenticated by means of an authentication means associated with the authentication indication,
the verification method comprises a first verification method and a second verification method, wherein the first verification method is a verification method which cannot or is difficult to collect the biological characteristics of the target object, and the second verification method is a verification method which can collect the biological characteristics of the target object;
the acquisition module comprises:
the sending unit is used for responding to the detection that the target object is verified in the first verification mode and sending verification result information prompting verification failure;
and the first acquisition unit is used for responding to the detection that the target object is verified in the second verification mode after prompting that the verification is failed, and acquiring the biological characteristics of the target object.
7. The apparatus of claim 6, wherein the verification module comprises:
and the verification unit is used for responding to the detection of the occurrence of a preset event and the access of the target object to any link, and sending out the verification instruction.
8. The apparatus of claim 7, wherein the verification module comprises:
the generating unit is used for responding to the occurrence of a preset event and generating a target object identifier aiming at the target object; and
and the determining unit is used for determining whether the target object accesses the arbitrary link according to the target object identifier.
9. The apparatus of claim 6, wherein the acquisition module comprises at least one of:
the second acquisition unit is used for acquiring at least one face image;
the third acquisition unit is used for acquiring at least one piece of audio information;
and the fourth acquisition unit is used for acquiring at least one fingerprint information.
10. The apparatus of claim 7, wherein the target object accesses the arbitrary link using a first device,
the acquisition module comprises at least one of the following units:
a fifth acquisition unit for acquiring at least one face image with the second device;
a sixth acquisition unit for acquiring at least one audio information with the second device;
and a seventh acquisition unit for acquiring at least one fingerprint information by using the second device.
11. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1 to 5.
12. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111118057.8A CN113836509B (en) | 2021-09-23 | 2021-09-23 | Information acquisition method, device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111118057.8A CN113836509B (en) | 2021-09-23 | 2021-09-23 | Information acquisition method, device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113836509A CN113836509A (en) | 2021-12-24 |
| CN113836509B true CN113836509B (en) | 2024-03-01 |
Family
ID=78969630
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111118057.8A Active CN113836509B (en) | 2021-09-23 | 2021-09-23 | Information acquisition method, device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113836509B (en) |
Citations (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101950367A (en) * | 2010-08-16 | 2011-01-19 | 中国科学院计算技术研究所 | RFID system introducing agent device and two-way authentification method thereof |
| CN102202040A (en) * | 2010-03-26 | 2011-09-28 | 联想(北京)有限公司 | Client authentication method and device |
| CN104680670A (en) * | 2014-07-14 | 2015-06-03 | 康桥 | Re-encryption/encryption technique solution for key control points during bank card operation on ATM (automatic teller machine) |
| CN105007255A (en) * | 2014-04-22 | 2015-10-28 | 腾讯科技(深圳)有限公司 | Verification method, server and system |
| CN105160226A (en) * | 2015-08-27 | 2015-12-16 | 宇龙计算机通信科技(深圳)有限公司 | Method, apparatus and system of user identity verification and smart home |
| CN105229709A (en) * | 2013-03-28 | 2016-01-06 | 荣耀全球解决方案(国际)有限公司 | Security ststem |
| CN106878024A (en) * | 2017-03-08 | 2017-06-20 | 北京科摩仕捷科技有限公司 | A kind of checking code check method and system based on caching |
| CN108460268A (en) * | 2017-02-20 | 2018-08-28 | 阿里巴巴集团控股有限公司 | Verification method and device |
| CN109190343A (en) * | 2018-08-23 | 2019-01-11 | 杭州在信科技有限公司 | A kind of identity verification secure Verification System based on fingerprint recognition |
| CN109324841A (en) * | 2018-10-09 | 2019-02-12 | 郑州云海信息技术有限公司 | A kind of method and device for improving form validation Validform |
| CN109493872A (en) * | 2018-12-13 | 2019-03-19 | 北京三快在线科技有限公司 | Voice messaging verification method and device, electronic equipment, storage medium |
| CN109543377A (en) * | 2018-10-17 | 2019-03-29 | 深圳壹账通智能科技有限公司 | Auth method, device, computer equipment and storage medium |
| CN109815665A (en) * | 2018-12-25 | 2019-05-28 | 深圳供电局有限公司 | Identity identifying method and system, electronic equipment, computer readable storage medium |
| CN110399713A (en) * | 2018-07-27 | 2019-11-01 | 腾讯科技(北京)有限公司 | A kind of method and relevant apparatus of authentification of message |
| CN110502886A (en) * | 2019-08-16 | 2019-11-26 | 广州国音智能科技有限公司 | Multifactor authentication method, apparatus, terminal and computer storage medium |
| CN110930154A (en) * | 2018-09-19 | 2020-03-27 | 珠海格力电器股份有限公司 | Identity verification method and device |
| CN111400697A (en) * | 2020-02-28 | 2020-07-10 | 浪潮电子信息产业股份有限公司 | Identity verification system and identity verification method |
| CN111591844A (en) * | 2020-05-15 | 2020-08-28 | 圣点世纪科技股份有限公司 | Intelligent elevator control system and control method based on finger vein recognition |
| CN111711622A (en) * | 2020-06-09 | 2020-09-25 | 腾讯科技(深圳)有限公司 | Account registration control method and device and computer equipment |
| CN112417391A (en) * | 2020-10-28 | 2021-02-26 | 深圳市橡树黑卡网络科技有限公司 | Information data security processing method, device, equipment and storage medium |
| CN112783174A (en) * | 2020-12-31 | 2021-05-11 | 深圳市普渡科技有限公司 | Robot article distribution method and robot |
| CN113055371A (en) * | 2021-03-09 | 2021-06-29 | 上海明略人工智能(集团)有限公司 | Login authentication method and system for Internet of things TCP (Transmission control protocol) equipment |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6323025B2 (en) * | 2014-01-21 | 2018-05-16 | 富士通株式会社 | Display control program, display control device, and display control system |
| US10025652B2 (en) * | 2015-10-27 | 2018-07-17 | Western Digital Technologies, Inc. | Error location pointers for non volatile memory |
| CN107944339B (en) * | 2017-10-20 | 2020-01-21 | 阿里巴巴集团控股有限公司 | Certificate verification and identity verification method and device |
-
2021
- 2021-09-23 CN CN202111118057.8A patent/CN113836509B/en active Active
Patent Citations (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102202040A (en) * | 2010-03-26 | 2011-09-28 | 联想(北京)有限公司 | Client authentication method and device |
| CN101950367A (en) * | 2010-08-16 | 2011-01-19 | 中国科学院计算技术研究所 | RFID system introducing agent device and two-way authentification method thereof |
| CN105229709A (en) * | 2013-03-28 | 2016-01-06 | 荣耀全球解决方案(国际)有限公司 | Security ststem |
| CN105007255A (en) * | 2014-04-22 | 2015-10-28 | 腾讯科技(深圳)有限公司 | Verification method, server and system |
| CN104680670A (en) * | 2014-07-14 | 2015-06-03 | 康桥 | Re-encryption/encryption technique solution for key control points during bank card operation on ATM (automatic teller machine) |
| CN105160226A (en) * | 2015-08-27 | 2015-12-16 | 宇龙计算机通信科技(深圳)有限公司 | Method, apparatus and system of user identity verification and smart home |
| CN108460268A (en) * | 2017-02-20 | 2018-08-28 | 阿里巴巴集团控股有限公司 | Verification method and device |
| CN106878024A (en) * | 2017-03-08 | 2017-06-20 | 北京科摩仕捷科技有限公司 | A kind of checking code check method and system based on caching |
| CN110399713A (en) * | 2018-07-27 | 2019-11-01 | 腾讯科技(北京)有限公司 | A kind of method and relevant apparatus of authentification of message |
| CN109190343A (en) * | 2018-08-23 | 2019-01-11 | 杭州在信科技有限公司 | A kind of identity verification secure Verification System based on fingerprint recognition |
| CN110930154A (en) * | 2018-09-19 | 2020-03-27 | 珠海格力电器股份有限公司 | Identity verification method and device |
| CN109324841A (en) * | 2018-10-09 | 2019-02-12 | 郑州云海信息技术有限公司 | A kind of method and device for improving form validation Validform |
| CN109543377A (en) * | 2018-10-17 | 2019-03-29 | 深圳壹账通智能科技有限公司 | Auth method, device, computer equipment and storage medium |
| CN109493872A (en) * | 2018-12-13 | 2019-03-19 | 北京三快在线科技有限公司 | Voice messaging verification method and device, electronic equipment, storage medium |
| CN109815665A (en) * | 2018-12-25 | 2019-05-28 | 深圳供电局有限公司 | Identity identifying method and system, electronic equipment, computer readable storage medium |
| CN110502886A (en) * | 2019-08-16 | 2019-11-26 | 广州国音智能科技有限公司 | Multifactor authentication method, apparatus, terminal and computer storage medium |
| CN111400697A (en) * | 2020-02-28 | 2020-07-10 | 浪潮电子信息产业股份有限公司 | Identity verification system and identity verification method |
| CN111591844A (en) * | 2020-05-15 | 2020-08-28 | 圣点世纪科技股份有限公司 | Intelligent elevator control system and control method based on finger vein recognition |
| CN111711622A (en) * | 2020-06-09 | 2020-09-25 | 腾讯科技(深圳)有限公司 | Account registration control method and device and computer equipment |
| CN112417391A (en) * | 2020-10-28 | 2021-02-26 | 深圳市橡树黑卡网络科技有限公司 | Information data security processing method, device, equipment and storage medium |
| CN112783174A (en) * | 2020-12-31 | 2021-05-11 | 深圳市普渡科技有限公司 | Robot article distribution method and robot |
| CN113055371A (en) * | 2021-03-09 | 2021-06-29 | 上海明略人工智能(集团)有限公司 | Login authentication method and system for Internet of things TCP (Transmission control protocol) equipment |
Non-Patent Citations (1)
| Title |
|---|
| 用户身份认证技术在计算机信息安全中的应用;熊俊;;信息安全与技术(第06期);第33-36页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113836509A (en) | 2021-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11159501B2 (en) | Device identification scoring | |
| US8910251B2 (en) | Using social information for authenticating a user session | |
| US20170244755A1 (en) | Login failure sequence for detecting phishing | |
| CN108650260B (en) | Malicious website identification method and device | |
| CN109547426B (en) | Service response method and server | |
| US11012450B2 (en) | Detection device, detection method, detection system, and detection program | |
| CN111104653B (en) | User operation processing method and device, electronic equipment and readable storage medium | |
| CN113836509B (en) | Information acquisition method, device, electronic equipment and storage medium | |
| US10757137B1 (en) | Thwarting an impersonation attack using online decoy text | |
| US10715539B1 (en) | Request header anomaly detection | |
| KR101576993B1 (en) | Method and System for preventing Login ID theft using captcha | |
| US20230121470A1 (en) | Preventing phishing attempts of one-time passwords | |
| CN113839944B (en) | Method, device, electronic equipment and medium for coping with network attack | |
| CN111460422B (en) | Method and device for generating verification code | |
| JP2019074893A (en) | Unauthorized login detection method | |
| US20230281641A1 (en) | Systems and methods for increasing data security in social media online platforms | |
| TWI777915B (en) | Transaction verification systm and method with image recording function | |
| TWI777914B (en) | Transaction verification systm and method with fingerprint recording function | |
| CN110768969B (en) | Test method and device based on network data monitoring and readable storage medium | |
| US20230362153A1 (en) | Multi-platform authentication | |
| CN117494200A (en) | System access method and device, storage medium and electronic equipment | |
| US20210168129A1 (en) | System and method for persistent authentication of a user for issuing virtual tokens | |
| CN115550926A (en) | Electronic evidence obtaining method, system, device, equipment and storage medium | |
| CN111708995A (en) | Service processing method, device and equipment | |
| TW202145102A (en) | Transaction verification systm and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |