CN114867025A - Method and device for preventing short message bombing - Google Patents
Method and device for preventing short message bombing Download PDFInfo
- Publication number
- CN114867025A CN114867025A CN202210528381.5A CN202210528381A CN114867025A CN 114867025 A CN114867025 A CN 114867025A CN 202210528381 A CN202210528381 A CN 202210528381A CN 114867025 A CN114867025 A CN 114867025A
- Authority
- CN
- China
- Prior art keywords
- short message
- sending
- message receiving
- time period
- bombing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The text relates to the technical field of communication, and provides a method and a device for preventing short messages from bombing, wherein the method comprises the following steps: identifying a short message verification code sending request to obtain a target service scene and a target short message receiver/sender; acquiring short message receiving/sending statistics matched with a target service scene and a target short message receiving/sending party in each time period; acquiring a short message receiving/sending threshold matched with a target service scene and each time period; and judging whether the short message receiving/sending statistic in one time period exceeds a corresponding short message receiving/sending threshold value, and if so, refusing to respond to the short message verification code sending request. The method can limit the number of short message receiving parties and the number of verification code sending requests of short message sending parties according to actual requirements, so that not only can a single short message receiving party be prevented from being bombed by short messages, but also the problem of sending harassing short messages by using short message sending parties with different short message sending directions can be solved.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a method and an apparatus for preventing short messages from bombing.
Background
With the mobile phone becoming an indispensable communication tool in people's life, more and more places needing mobile phone verification, such as registration, login, shopping and the like, need to issue verification codes to the mobile phone, and "short message bombing" is to integrate short message verification code interfaces of massive websites, and a browser is not needed to open a short message sending page, directly request a short message verification code URL, and circularly send verification code requests of registration, password finding and the like to a specified mobile phone number, so as to achieve the purpose of harassment. It is common that a user is reported malicious by a merchant due to bad comments of the merchant in online shopping, and the merchant continuously sends verification short messages to the mobile phone number of the user by using a short message bombing platform (more than 100 short messages can be sent to the same mobile phone number within 1 minute).
The short message verification code function provided by the website or APP is very easy to be collected and utilized by lawbreakers, and is packaged into a short message bomber for spamming, so that the short message bomber becomes a weapon which disturbs mobile phone users, not only seriously threatens the network and the real safety order, but also causes property loss to the website or APP operator after being utilized by the short message bomber for a long time because the short message verification code is a charging service. In addition, personal peace is invaded in the form of harassing short messages, which not only can cause negative influence on the reputation of the website, but also can face certain legal risks.
At present, the means of preventing the enterprise from bombing the short messages mainly comprise identifying man-machines and preventing malicious program calling by using picture verification codes, sliding verification codes, logic verification codes, character clicking and the like. However, the above method requires manual operation by a user, and has high operation difficulty, which easily causes an error in inputting the verification code, and poor user experience. And with the rapid development of artificial intelligence, machine learning and image recognition technologies, picture verification codes, sliding verification codes, logic verification codes and the like face bypassing risks.
Therefore, how to effectively avoid the website or the APP short message verification code interface from being utilized by malicious programs and failing to be a short message bombing weapon on the premise of no perception of the user becomes a problem to be solved urgently at present.
Disclosure of Invention
The method for preventing the short message bombing in the prior art is poor in user experience, and can limit the mode that a user initiates a request for acquiring the verification code to be easily bypassed along with the rapid development of human function intelligence, machine learning and the like, so that the short message malicious attack cannot be accurately prevented. In addition, the method for preventing the short message bombing in the prior art cannot solve the problem that the short message verification interface is used by the short message bomber to respectively send a small amount of harassing short messages to a large number of different short message receivers, so that a lot of harassment short messages are accumulated to cause resource waste of the website or the APP short messages, and the website or the APP operator still faces property loss and reputation risks.
In order to solve the above technical problem, an aspect of the present disclosure provides a method for preventing bombing of a short message, including:
identifying a short message verification code sending request to obtain a target service scene and target short message receiver/sender information;
acquiring short message receiving/sending statistical values matched with a target service scene and a target short message receiving/sending party in each time period from a short message receiving/sending statistical module, wherein the short message receiving/sending statistical module is used for calculating the short message receiving/sending statistical values;
acquiring a short message receiving/sending threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information, wherein the short message anti-bombing control threshold configuration information stores the corresponding relation among the service scene, the time period information and the short message receiving/sending threshold;
and judging whether the short message receiving/sending statistic in one time period exceeds a corresponding short message receiving/sending threshold value, and if so, refusing to respond to the short message verification code sending request.
As a further embodiment herein, the short message receiving/sending threshold of the short message anti-bombing control threshold configuration information includes: a short message threshold field and a threshold type field.
As a further embodiment herein, the method further comprises: and adjusting the time period in real time according to the distribution rule of the short message verification code sending request.
In a further embodiment of the present disclosure, the short message receiving/sending threshold corresponding to each time period in each service scenario in the short message anti-bombing control threshold configuration information is determined according to a page access amount/a user access amount.
In a further embodiment of the present disclosure, if there is a short message receiver statistic in a time period exceeding a corresponding short message receiving threshold, it is determined that the target short message receiver is abnormal;
and judging whether the number of all abnormal target short message receiving parties in the latest preset time period is smaller than a preset value, if so, refusing to respond to the short message verification code sending request, and if not, sending abnormal prompt information.
In a further embodiment of this document, after identifying the short message verification code sending request and obtaining the target short message receiving/sending information party, the method further includes:
inquiring a target short message sending party from the blacklist, if the inquiry is successful, refusing to respond to the short message verification code sending request, and if the inquiry is failed, executing the step of obtaining the statistical value of the short message receiving party/sending party;
and the blacklist stores sender information with short message bombing behavior.
In another aspect, a system for preventing bombing of short messages is provided, including:
the short message receiving statistical module is used for calculating short message receiving statistical values of each short message receiving party in each time period in each service scene in real time;
the short message sending statistical module is used for calculating short message sending statistical values of each short message sending party in each time period in each service scene in real time;
the short message anti-bombing control rule module is used for storing short message anti-bombing control threshold configuration information, wherein the short message anti-bombing control threshold configuration information stores corresponding relations among service scenes, time period information and short message receiving/sending thresholds;
the anti-bombing verification module of the short message receiver/sender is used for identifying the short message identifying code sending request to obtain a target service scene and target short message receiver/sender information; acquiring short message receiving/sending statistical values in each time period matched with a target service scene and a target short message receiving/sending party from a short message receiving statistical module and a short message sending statistical module; acquiring a short message receiving/sending threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information; and judging whether the short message receiving/sending statistic in one time period exceeds a corresponding short message receiving/sending threshold value, and if so, refusing to respond to the short message verification code sending request.
In yet another aspect of this document, there is also provided a computer apparatus comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the foregoing embodiments when executing the computer program.
In a further aspect of this document, there is also provided a computer storage medium having a computer program stored thereon, the computer program, when executed by a processor of a computer device, performing the method according to any of the preceding embodiments.
In yet another aspect, a computer program product is provided, which comprises a computer program, which when executed by a processor implements the method of any of the preceding embodiments.
According to the method and the device for preventing the short message bombing, the short message receiving/sending statistical data in a target service scene and a plurality of time periods are added into a strategy for preventing the short message bombing, and the short message receiving/sending threshold value is configured for each time period of each service scene, so that the number of short messages received by short message receivers and the number of verification code sending requests of short message senders can be limited according to actual requirements, a single short message receiver can be prevented from being bombed by the short messages, the problem that a short message bomber sends harassing short messages to different short message receivers by using a short message verification code interface of the short message sender can be solved, and a website or an APP operator can be protected from property loss.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 illustrates a block diagram of a system for preventing short message bombing in accordance with embodiments herein;
fig. 2 shows a first flowchart of a method for preventing short message bombing according to an embodiment of the present disclosure;
FIG. 3 illustrates a second flowchart of a method of preventing short message bombing in accordance with embodiments herein;
fig. 4 shows a third flowchart of a method for preventing short message bombing according to the embodiment of the present disclosure;
FIG. 5 is a block diagram of a device for preventing short message bombing in an embodiment of the present disclosure;
FIG. 6 is a block diagram of a computer device according to an embodiment of the present disclosure.
Description of the symbols of the drawings:
110. a client;
120. a server side;
130. a target short message receiver;
510. a short message receiving statistical module;
520. a short message sending statistical module;
530. a short message anti-bombing control rule module;
541. the short message receiver anti-bombing verification module;
542. the anti-bombing checking module of the short message sender;
543. a short message sending module;
602. a computer device;
604. a processor;
606. a memory;
608. a drive mechanism;
610. an input/output module;
612. an input device;
614. an output device;
616. a presentation device;
618. a graphical user interface;
620. a network interface;
622. a communication link;
624. a communication bus.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments herein without making any creative effort, shall fall within the scope of protection.
It should be noted that the terms "first," "second," and the like in the description and claims herein and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments herein described are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, apparatus, article, or device that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or device.
The present specification provides method steps as described in the examples or flowcharts, but may include more or fewer steps based on routine or non-inventive labor. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. When an actual system or apparatus product executes, it can execute sequentially or in parallel according to the method shown in the embodiment or the figures.
It should be noted that the method and apparatus for preventing short message from bombing can be used in the financial field, and can also be used in any field except the financial field.
It should be noted that the information (including but not limited to the information of the short message recipient, the information of the short message sender, etc.) referred to in the present application is information and data that are authorized by the user or fully authorized by each party.
The inventor discovers that the prior art has the following defects by analyzing the prior short message bombing prevention:
1. the modes of preventing 'message bombing' such as picture verification codes, sliding verification codes, logic verification codes, character clicking and the like require manual operation of a user, have high operation difficulty, easily cause input errors of the verification codes and have poor user experience.
2. With the rapid development of artificial intelligence, machine learning and image recognition technologies, picture verification codes, sliding verification codes, logic verification codes and the like face bypassing risks.
3. In the prior art, risk control is only performed on a short message receiver, and only a single mobile phone user can be guaranteed not to suffer from short message disturbance to a certain extent, but the problem that a short message verification code interface is utilized by a short message bomber to respectively send a small amount of disturbing short messages to a large number of different mobile phone users, so that resource waste of websites or APP short messages is caused in a large number, and the website or APP operator still faces property loss and reputation risk.
4. The prior art uses unified control rules and cannot customize the risk threshold according to actual business scenarios (registration, login, shopping, etc.).
In order to solve the above technical problems of the prior art, there is provided a system for preventing short message bombing, specifically, as shown in fig. 1, including: client terminal 110 and server terminal 120.
The client 110 is a terminal device for a user to surf the internet, and the user can initiate a short message verification code sending request in service scenes such as registration, login, shopping and the like through the client.
The server 120 is disposed at the service scene response server side, and configured to execute the following processing procedures after receiving the short message authentication code sending request: identifying a short message verification code sending request to obtain a target service scene and a target short message receiver/sender; acquiring short message receiving/sending statistical values matched with a target service scene and a target short message receiving/sending party in each time period from a short message receiving/sending statistical module, wherein the short message receiving/sending statistical module is used for calculating the short message receiving/sending statistical values; acquiring a short message receiving/sending threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information, wherein the short message anti-bombing control threshold configuration information stores the corresponding relation among the service scene, the time period information and the short message receiving/sending threshold; and judging whether the short message receiving/sending statistics in one time period exceed the corresponding short message receiving/sending threshold, if so, refusing to respond to the short message verification code sending request, and if not, sending the short message verification code to the target short message receiver 130.
The target short message receiver is a terminal device for receiving the verification code short message, such as a mobile phone number, a mailbox and the like, and different mobile phone numbers and mailboxes represent different receivers.
The target short message sender is equipment for triggering verification code acquisition request sending operation, normally is a computer or mobile equipment used by a user, and can be distinguished through equipment serial numbers, IP addresses and the like.
The short message receiving statistic in the time period refers to the statistic of the received short messages of the short message receiving party in the time period, and the short message sending statistic in the time period refers to the statistic of the request verification codes which have been sent by the short message sending party in the time period. In the specific implementation, the time period of the short message receiving statistics and the time period of the short message sending statistics may be set according to the actual situation, and the two may be the same or different, and this document does not limit this.
In the embodiment, by adding the short message receiving/sending statistical data in the target service scene and a plurality of time periods into the strategy for preventing the short message bombing and configuring the short message receiving/sending threshold value for each time period of each service scene, the number of the short messages received by the short message receiver/short message sender can be limited from a plurality of time period granularities according to actual requirements, so that not only can a single short message receiver be prevented from being bombed by the short messages, but also the behavior that a short message bomber sends harassing short messages to different short message receivers by using a short message verification code interface of the short message sender can be solved, and a website or an APP operator is protected from property loss.
In an embodiment of this document, a method for preventing short message bombing applied to a service scene response server is further provided, where configuration information of a short message bombing prevention control threshold needs to be predetermined before implementation of the embodiment, that is, a short message receiving threshold and a short message sending threshold are set in each time period in each service scene.
Specifically, as shown in fig. 2, the method for preventing short messages from bombing includes:
In detail, the configuration information of the short message anti-bombing control threshold can customize a risk threshold by a user according to actual application scenes (registration, login, shopping and the like), support real-time adjustment and different time periods, and can meet the short message transaction risk control in different service scenes and light and vigorous service seasons.
In step 201, the short message verification code sending request includes: a service scene, a short message receiver and a short message sender. The service scenes such as registration, login and shopping can be divided according to the purpose of obtaining the verification code by the user. The short message receiver and the short message sender refer to the foregoing description, and are not described in detail here. The "/" used herein is a reference to a parallel symbol and is used to indicate that the content on both sides of the symbol is the reference to the parallel content.
In the step 202, the short message receiving/sending statistical module is, for example, two statistical programs, wherein one statistical program is responsible for the statistical values of the short message receiving amount of each service scene and the short message receiving party in each time period, and the other statistical program is responsible for the statistical values of the short message request sending amount of each service scene and the short message sending party in each time period. The time periods of the two statistical programs may be the same or different, and may be set by the operator according to the actual requirements, for example, 1 minute, 1 hour, 1 day, and the like.
During implementation, the statistical information of the short message receiving/sending statistical module is stored in a key/value form, for example, the statistical information is stored in a Redis database, the Redis database supports various data types including string, list, set, zset and hash, supports rich operations of push/pop, add/remove, intersection, union, difference and the like, can meet storage requirements in different scenes, and is suitable for websites or APPs which need to support mass data storage and high concurrent requests.
For example, the statistics values of different service scenarios and different short message sending parties counted by the short message sending statistics module in different time periods are stored by adopting the following data format:
key/value=transcode:id:period/count。
the meanings of the terms are as follows:
a transcoding: the transaction code, different service scenarios are used for different control, for example, the registration transaction can be set as "register" and the login transaction can be set as "login".
id: and limiting items, wherein the short message sending flow id is a sender (equipment IP or mobile equipment serial number), such as 192.168. XXX.XXX.
period: the time periods can respectively limit the short message sending frequency and times from three different time periods of 1m (minute), 1h (hour) and 1d (hour).
count: counting value, and accumulating the times of the short message verification codes sent in different time periods id.
For example, the information counted by the short message sending statistical module is as follows:
register:192.168.XXX.XXX:1m/1;
register:192.168.XXX.XXX:1h/3;
register:192.168.XXX.XXX:1d/5。
the meaning of the above information is: 192.168.xxx.xxx, by registering transactions (registers), 1 short message has been sent in 1 minute, 3 short messages in 1 hour, and 5 short messages in 1 day, approaching normal user operating frequency.
Correspondingly, the statistical values of different service scenes and different short message receivers counted by the short message receiving statistical module in different time periods are stored by adopting the following data formats:
key/value=transcode:id:period/count
description of the meanings of the terms:
a transcoding: the transaction code is used by different service scenes in a distinguishing and controlling mode, the registration transaction can be set as a register, and the login transaction can be set as a logic.
id: and limiting items, wherein the short message receiving flow id is a mobile phone number of a receiving party, such as 188XXXX 2048.
period: the time periods can respectively limit the short message receiving frequency and the short message receiving frequency from three different time periods of 1m (minute), 1h (hour) and 1d (day).
The count is as follows: counting value, and accumulating the times of the short message verification codes sent in different time periods.
The starting moment of each time period is determined herein by: when a user verification code request is received for the first time, according to the configured wind control rule (namely short message anti-bombing control threshold configuration information), the accumulated counts of different time periods are started at the same time, and the expiration time of the count period is set according to the time period. Subsequent requests for the verification code include adding the accumulated count to the existing count period, and restarting a new count period and setting the count expiration time if some count periods have expired (every second and every minute).
For example, the information counted by the short message receiving statistical module is as follows:
register:188XXXX2048:1m/1;
register:188XXXX2048:1h/3;
register:188XXXX2048:1d/5。
meaning: through the registration transaction (register) of a website or APP, 3 short messages are sent to a mobile phone number 188 XXXXX 2048 within 1 minute, 5 short messages are sent to the mobile phone number 188 XXXXXXX 2048 within 1 hour, and 8 short messages are sent to the mobile phone number 188 XXXXX 2048 within 1 day, so that the operation frequency of a normal user is approximate.
The configuration information of the short message anti-bombing control threshold in step 203 may be stored in a key-value form. In implementation, in order to distinguish whether the short message threshold is a receiving threshold or a sending threshold, the short message threshold can be distinguished by setting a short message threshold field and a threshold type field, wherein the short message threshold field records the specific short message threshold, and the threshold type field records the receiving or sending.
Specifically, the short message anti-bombing control threshold is stored according to the following data format:
key/value=type:transcode:period/limit。
the meanings of the terms are as follows:
type: the threshold type, for example, the reception threshold is "receive" and the transmission threshold is "send".
A transcoding: the transaction code, the different service scenarios are used with different controls, for example, the registration transaction may be set to "register" and the login transaction may be set to "login".
period: the time periods can respectively limit the sending frequency and the sending times of the short messages from three different time periods of 1m (minute), 1h (hour) and 1d (day), and when the method is implemented, other periods can be used for representing, and the measuring units of each time period can be s (second).
limit: a threshold limit, an upper limit on the number of times allowed within a particular time period.
For example, the following information is included in the short message anti-bombing control threshold configuration information:
receive:register:1m/1;
receive:register:1h/5;
receive:register:1d/10。
the meaning of the above information is: the short message verification code sent to the appointed mobile phone number through the registration transaction (register) needs to satisfy the following conditions: the number of short messages sent to the mobile phone number within 1 minute must not exceed 1, the number of short messages sent to the mobile phone number within 1 hour must not exceed 5, and the number of short messages sent to the mobile phone number within 1 day must not exceed 10.
For another example, the following information is included in the short message anti-bombing control threshold configuration information:
send:register:1m/10;
send:register:1h/50;
send:register:1d/100。
the meaning of the above information is: the specific sender (or device) needs to satisfy the following requirements for the short message verification code sent by the register transaction (register): the number of short messages allowed to be sent by the equipment in 1 minute cannot exceed 10, the number of short messages allowed to be sent by the equipment in 1 hour cannot exceed 50, and the number of short messages allowed to be sent by the equipment in 1 day cannot exceed 100.
In the embodiment, by adding the short message receiving/sending statistical data in the target service scene and a plurality of time periods into the strategy for preventing the short message bombing and configuring the short message receiving/sending threshold value for each time period of each service scene, the number of the short messages received by the short message receiver/short message sender can be limited from a plurality of time period granularities according to actual requirements, so that not only can a single short message receiver be prevented from being bombed by the short messages, but also the behavior that a short message bomber sends harassing short messages to different short message receivers by using a short message verification code interface of the short message sender can be solved, and a website or an APP operator is protected from property loss.
In an embodiment of the present invention, the time period in the short message anti-bombing control threshold configuration information may be configured manually, and may be adjusted automatically on the basis of analyzing the distribution rule of the short message verification code sending request, specifically, for example, a certain time period of a day, a month, a year, and the like, during a period of time (for example, a large promotion event is held) when the short message verification code is sent intensively, the time period is set to be shorter during the period of time, and if the distribution rule is more dispersed, the time period is set to be longer.
In the embodiment of the present invention, the short message receiving/sending threshold corresponding to each time period in each service scenario in the short message anti-bombing control threshold configuration information is determined according to the page access amount/the user access amount, so that not only is normal transaction not affected, but also abnormal behaviors can be identified and intercepted. The page described herein is a short message authentication request sending page. The page access amount refers to the page browsing amount or the click amount of the website, each time the user accesses or clicks the website, the multiple accesses of the user to the same page, the multiple clicks of the same button and the accumulated access amount are recorded. The user access amount refers to a mobile phone or a computer client end accessing a website, the number of visitors can be distinguished according to an IP address and a hardware device number, and the user repeatedly accesses within a period of time to calculate the same access amount. And the page access amount/the user access amount obtains the average times of using the short message verification function by a single user. In specific implementation, the short message receiving/sending threshold value can be set according to the average times of using the short message verification function by a single user. And adjusting the size of the threshold at any time according to the increase and decrease conditions of the traffic at the later stage.
In an embodiment of the present invention, in order to avoid the occurrence of abnormal condition of the verification code received by the short message receiver due to network failure, website or APP, as shown in fig. 3, the determination result in the step 204 is that, if the statistics of the short message receiver existing within a time period exceeds the corresponding short message receiving threshold, it is determined that the target short message receiver is abnormal.
The method for preventing the short message from bombing further comprises the following steps: step 205, determining whether the number of all abnormal target short message receivers in the latest preset time period is less than a preset value, if so, refusing to respond to the short message verification code sending request, and if not, sending abnormal prompt information.
In an embodiment of this document, in order to improve the efficiency of requesting the verification code, as shown in fig. 4, after the step 201, the method further includes:
step 201', inquiring a target short message sending party from a blacklist, if the inquiry is successful, refusing to respond to a short message verification code sending request, and if the inquiry is failed, executing step 202, wherein sender information with short message bombing behaviors is stored in the blacklist. The blacklist may be determined based on a sender of historical short message attack behavior.
Based on the same inventive concept, a device for preventing short message bombing is also provided, as described in the following embodiments. Because the principle of the device for preventing short message from bombing is similar to that of the method for preventing short message from bombing, the implementation of the device for preventing short message from bombing can be referred to the method for preventing short message from bombing, and repeated details are not repeated.
Specifically, as shown in fig. 5, the device for preventing short messages from bombing includes:
a short message receiving statistic module 510, configured to calculate a short message receiving statistic in each time period of each short message receiver in each service scenario in real time;
a short message sending statistical module 520, configured to calculate short message sending statistical values in each time period of each short message sender in each service scenario in real time;
a short message anti-bombing control rule module 530, configured to store short message anti-bombing control threshold configuration information, where the first short message anti-bombing control threshold configuration information stores a corresponding relationship between a service scene, time period information, and a short message receiving/sending threshold;
the anti-bombing verification module for the short message receiver/sender comprises the following steps: a short message receiver anti-bombing verification module 541, a short message sender anti-bombing verification module 542 and a short message sending module 543.
The short message receiver anti-bombing verification module 541 is used for identifying a short message verification code sending request to obtain a target service scene and target short message receiver information; acquiring short message receiving statistical values matched with a target service scene and a target short message receiving party in each time period from a short message receiving statistical module; acquiring a short message receiving threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information; and judging whether the short message receiving statistic in one time period exceeds the corresponding short message receiving threshold value, and sending the judgment result to the short message sending module 543.
The short message sender anti-bombing verification module 542 identifies a short message verification code sending request to obtain a target service scene and target short message sender information; acquiring short message sending statistical values matched with a target service scene and a target short message sending party in each time period from a short message sending statistical module; acquiring a short message sending threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information; and judging whether the short message sending statistic in one time period exceeds the corresponding short message sending threshold value, and sending the judgment result to the short message sending module 543.
The short message sending module 543 determines whether to generate a verification code according to the results of the short message receiver anti-bombing verification module 541 and the short message sender anti-bombing verification module 542, specifically, if one of the results of the determination is yes, the short message sending request is refused to be responded, if not, the short message verification code is sent to the target short message receiver, and the short message sending behavior and the short message receiving behavior are recorded according to a convention format (for example, key/value: id: period/count).
The method and the device for preventing short message bombing provided by the text are used for reducing property loss, reputation risk and law risk brought to the website or APP by short message bombing on the basis of guaranteeing user experience, and specifically, the text can realize the following technical effects:
(1) under the premise that the user does not sense, the website or APP short message verification code interface is prevented from being utilized by malicious programs and reduced into short message bombing weapons, and user experience is effectively improved on the basis of ensuring safety.
(2) Meanwhile, the short message sending party and the short message receiving party are controlled, so that a single mobile phone user can be prevented from being bombed by the short messages, the behavior that a short message bomber sends harassing short messages to different mobile phone users by using a short message verification code interface can be solved, and a website or an APP operator is protected from property loss.
(3) The risk threshold can be customized according to actual service scenes (registration, login, shopping and the like), real-time adjustment is supported, different time periods are supported, and short message transaction risk control in different service scenes and light and vigorous service seasons can be met.
In an embodiment herein, a computer device is also provided, as shown in fig. 6, the computer device 602 may include one or more processors 604, such as one or more Central Processing Units (CPUs), each of which may implement one or more hardware threads. The computer device 602 may also include any memory 606 for storing any kind of information, such as code, settings, data, etc. For example, and without limitation, memory 606 may include any one or combination of the following: any type of RAM, any type of ROM, flash memory devices, hard disks, optical disks, etc. More generally, any memory may use any technology to store information. Further, any memory may provide volatile or non-volatile retention of information. Further, any memory may represent fixed or removable components of computer device 602. In one case, when the processor 604 executes the associated instructions, which are stored in any memory or combination of memories, the computer device 602 may perform any of the operations of the associated instructions. The computer device 602 also includes one or more drive mechanisms 608, such as a hard disk drive mechanism, an optical disk drive mechanism, or the like, for interacting with any of the memories.
The computer device 602 may also include an input/output module 610(I/O) for receiving various inputs (via input device 612) and for providing various outputs (via output device 614)). One particular output mechanism may include a presentation device 616 and an associated graphical user interface 618 (GUI). In other embodiments, input/output module 610(I/O), input device 612, and output device 614 may also be excluded, as just one computer device in a network. Computer device 602 may also include one or more network interfaces 620 for exchanging data with other devices via one or more communication links 622. One or more communication buses 624 couple the above-described components together.
Corresponding to the methods in fig. 2 to 4, the embodiments herein also provide a computer-readable storage medium having stored thereon a computer program, which, when executed by a processor, performs the steps of the above-described method.
Embodiments herein also provide computer readable instructions, wherein when executed by a processor, a program thereof causes the processor to perform the method as shown in fig. 2-4.
It should be understood that, in various embodiments herein, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments herein.
It should also be understood that, in the embodiments herein, the term "and/or" is only one kind of association relation describing an associated object, meaning that three kinds of relations may exist. For example, a and/or B, may represent: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided herein, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purposes of the embodiments herein.
In addition, functional units in the embodiments herein may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions in the present disclosure may substantially or partially contribute to the prior art, or all or part of the technical solutions may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to perform all or part of the steps of the methods described in the embodiments herein. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The principles and embodiments of this document are explained herein using specific examples, which are presented only to aid in understanding the methods and their core concepts; meanwhile, for the general technical personnel in the field, according to the idea of this document, there may be changes in the concrete implementation and the application scope, in summary, this description should not be understood as the limitation of this document.
Claims (10)
1. A method for preventing short message bombing is characterized in that the method for preventing short messages bombing comprises the following steps:
identifying a short message verification code sending request to obtain a target service scene and a target short message receiver/sender;
acquiring short message receiving/sending statistical values matched with a target service scene and a target short message receiving/sending party in each time period from a short message receiving/sending statistical module, wherein the short message receiving/sending statistical module is used for calculating the short message receiving/sending statistical values;
acquiring a short message receiving/sending threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information, wherein the short message anti-bombing control threshold configuration information stores the corresponding relation among the service scene, the time period information and the short message receiving/sending threshold;
and judging whether the short message receiving/sending statistic in one time period exceeds a corresponding short message receiving/sending threshold value, and if so, refusing to respond to the short message verification code sending request.
2. The method of claim 1, wherein the short message reception/transmission threshold of the short message anti-bombing control threshold configuration information comprises: a short message threshold field and a threshold type field.
3. The method of claim 1, wherein the method further comprises:
and adjusting the time period in real time according to the distribution rule of the short message verification code sending request.
4. The method of claim 1, wherein the short message receiving/sending threshold corresponding to each time period in each service scenario in the short message anti-bombing control threshold configuration information is determined according to page access amount/user access amount.
5. The method of claim 1, wherein if there is a statistic of the short message recipients in a time period exceeding a corresponding short message receiving threshold, it is determined that the target short message recipient is abnormal;
and judging whether the number of all abnormal target short message receiving parties in the latest preset time period is smaller than a preset value, if so, refusing to respond to the short message verification code sending request, and if not, sending abnormal prompt information.
6. The method as claimed in claim 1, wherein after identifying the short message authentication code transmission request to obtain the target short message transmitting/receiving information party, further comprising:
inquiring a target short message sending party from the blacklist, if the inquiry is successful, refusing to respond to the short message verification code sending request, and if the inquiry is failed, executing the step of obtaining the statistical value of the short message receiving party/sending party;
and the blacklist stores sender information with short message bombing behavior.
7. A device for preventing short message bombing is characterized by comprising:
the short message receiving statistical module is used for calculating short message receiving statistical values of each short message receiving party in each time period in each service scene in real time;
the short message sending statistical module is used for calculating short message sending statistical values of each short message sending party in each time period in each service scene in real time;
the short message anti-bombing control rule module is used for storing short message anti-bombing control threshold configuration information, wherein the short message anti-bombing control threshold configuration information stores corresponding relations among service scenes, time period information and short message receiving/sending thresholds;
the anti-bombing verification module of the short message receiver/sender is used for identifying the short message identifying code sending request to obtain a target service scene and target short message receiver/sender information; acquiring short message receiving/sending statistical values in each time period matched with a target service scene and a target short message receiving/sending party from a short message receiving statistical module and a short message sending statistical module; acquiring a short message receiving/sending threshold matched with a target service scene and each time period from short message anti-bombing control threshold configuration information; and judging whether the short message receiving/sending statistic in one time period exceeds a corresponding short message receiving/sending threshold value, and if so, refusing to respond to the short message verification code sending request.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 6 when executing the computer program.
9. A computer storage medium on which a computer program is stored, characterized in that the computer program, when being executed by a processor of a computer device, executes instructions of a method according to any one of claims 1 to 6.
10. A computer program product, characterized in that the computer program product comprises a computer program which, when being executed by a processor, carries out the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210528381.5A CN114867025A (en) | 2022-05-16 | 2022-05-16 | Method and device for preventing short message bombing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210528381.5A CN114867025A (en) | 2022-05-16 | 2022-05-16 | Method and device for preventing short message bombing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114867025A true CN114867025A (en) | 2022-08-05 |
Family
ID=82637827
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210528381.5A Pending CN114867025A (en) | 2022-05-16 | 2022-05-16 | Method and device for preventing short message bombing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114867025A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115623485A (en) * | 2022-12-20 | 2023-01-17 | 杭州孝道科技有限公司 | Short message bombing detection method, system, server and storage medium |
| CN117651277A (en) * | 2024-01-30 | 2024-03-05 | 北京国舜科技股份有限公司 | Short message bomb protection method and device based on safety component |
-
2022
- 2022-05-16 CN CN202210528381.5A patent/CN114867025A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115623485A (en) * | 2022-12-20 | 2023-01-17 | 杭州孝道科技有限公司 | Short message bombing detection method, system, server and storage medium |
| CN117651277A (en) * | 2024-01-30 | 2024-03-05 | 北京国舜科技股份有限公司 | Short message bomb protection method and device based on safety component |
| CN117651277B (en) * | 2024-01-30 | 2024-05-03 | 北京国舜科技股份有限公司 | Short message bomb protection method and device based on safety component |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10936733B2 (en) | Reducing inappropriate online behavior using analysis of email account usage data to select a level of network service | |
| CN110798472B (en) | Data leakage detection method and device | |
| US8732472B2 (en) | System and method for verification of digital certificates | |
| AU2008207926B2 (en) | Correlation and analysis of entity attributes | |
| CN109495377B (en) | Instant E-mail embedded URL credit confirming equipment, system and method | |
| EP2115689B1 (en) | Multi-dimensional reputation scoring | |
| CN109688105B (en) | Threat alarm information generation method and system | |
| RU2510982C2 (en) | User evaluation system and method for message filtering | |
| US9654480B2 (en) | Systems and methods for profiling client devices | |
| EP3451634B1 (en) | System and method for cloud-based analytics | |
| WO2018022702A1 (en) | Method and system for identifying and addressing potential account takeover activity in a financial system | |
| US8181245B2 (en) | Proxy-based malware scan | |
| CN114867025A (en) | Method and device for preventing short message bombing | |
| AU2008207924B2 (en) | Web reputation scoring | |
| CN105721461A (en) | System and method using dedicated computer security services | |
| CN111490981B (en) | Access management method and device, bastion machine and readable storage medium | |
| CN108123933B (en) | Information leakage automatic monitoring method and system based on internet big data | |
| CN112672357B (en) | Method and device for processing user account in service system and computer equipment | |
| US20190102536A1 (en) | Rate-limiting api calls for an account in a customer-relationship-management system based on predicted abusive behavior | |
| US9092599B1 (en) | Managing knowledge-based authentication systems | |
| CN102404741A (en) | Method and device for detecting abnormal online of mobile terminal | |
| JP2009515426A (en) | High reliability communication network | |
| US10749850B2 (en) | Method for checking a parameter indicating a confidence level associated with a user account of an online service | |
| CN110351267B (en) | Method and device for determining social media account number stolen | |
| CN107317790B (en) | Network behavior monitoring method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |