[go: up one dir, main page]

CN111831991A - Input operation detection method, device, computing equipment and medium - Google Patents

Input operation detection method, device, computing equipment and medium Download PDF

Info

Publication number
CN111831991A
CN111831991A CN202010727397.XA CN202010727397A CN111831991A CN 111831991 A CN111831991 A CN 111831991A CN 202010727397 A CN202010727397 A CN 202010727397A CN 111831991 A CN111831991 A CN 111831991A
Authority
CN
China
Prior art keywords
data
input
processing
characteristic
input operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010727397.XA
Other languages
Chinese (zh)
Inventor
张向东
施佳子
于海燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202010727397.XA priority Critical patent/CN111831991A/en
Publication of CN111831991A publication Critical patent/CN111831991A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • G06N20/10Machine learning using kernel methods, e.g. support vector machines [SVM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Artificial Intelligence (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Molecular Biology (AREA)
  • Computational Linguistics (AREA)
  • Biophysics (AREA)
  • Biomedical Technology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Social Psychology (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The present disclosure provides an input operation detection method, including: acquiring operation data, wherein the operation data comprises data generated by executing input operation on a login interface of an application program through at least one input device; processing the operation data to obtain data characteristics; processing the feature data by using the trained recognition model to obtain a recognition result, wherein the recognition result represents whether the input operation is a person or not; and allowing the application program to be logged in when the identification result represents that the input operation is a manual operation. The present disclosure also provides an input operation detection apparatus, a computing device, and a medium.

Description

Input operation detection method, device, computing equipment and medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to an input operation detection method, an input operation detection apparatus, a computing device, and a computer-readable storage medium.
Background
With the continuous development of the internet, a large number of attack methods for library collision and violent password cracking by using machine scripts and behaviors such as participation in marketing activities, malicious coupon picking, red packet robbing, lottery drawing and the like by using script tools are derived. With the continuous evolution of fraud approaches, traditional human-machine authentication techniques have met with significant challenges. Conventional captcha techniques include numeric or chinese captcha, graphical captcha, voice captcha, picture captcha, and the like. In addition, the traditional verification code technology requires a user to manually input the verification code, so that the current operation of the user is interrupted, and the user experience is not good.
In carrying out the presently disclosed concept, the inventors have found that there are at least the following problems in the related art.
The traditional verification code technology needs the user to manually input verification, interrupts the current operation of the user and has poor user experience.
Disclosure of Invention
In view of the above, the present disclosure provides an optimized input operation detection method, an input operation detection apparatus, a computing device, and a computer-readable storage medium.
One aspect of the present disclosure provides an input operation detection method, including: the method comprises the steps of obtaining operation data, wherein the operation data comprise data generated by executing input operation on a login interface of an application program through at least one input device, processing the operation data to obtain data characteristics, processing the characteristic data through a trained recognition model to obtain a recognition result, the recognition result represents whether the input operation is a human operation or not, and when the recognition result represents that the input operation is the human operation, the application program is allowed to be logged in.
According to an embodiment of the present disclosure, the acquiring operation data includes: the method comprises the steps of obtaining first operation data, wherein the first operation data comprise data generated by executing input operation on a login interface of an application program through a first input device, and obtaining second operation data, wherein the second operation data comprise data generated by executing input operation on the login interface of the application program through a second input device. The processing the operation data to obtain the data characteristics comprises: and processing the first operation data to obtain a first data characteristic, and processing the second operation data to obtain a second data characteristic.
According to an embodiment of the present disclosure, the trained recognition model includes a first recognition submodel and a second recognition submodel; the processing the feature data with the trained recognition model to obtain a recognition result comprises: and inputting the first characteristic data into the first identification submodel to obtain first output data, inputting the second characteristic data into the second identification submodel to obtain second output data, and determining the first output data and the second output data as the identification result.
According to an embodiment of the present disclosure, the allowing to log in the application program when the recognition result indicates that the input operation is a human operation includes: and when at least one of the first output data and the second output data represents that the input operation is a human operation, allowing the application program to be logged in.
According to an embodiment of the present disclosure, the processing the feature data by using the trained recognition model to obtain a recognition result includes: and processing the first characteristic data and the second characteristic data to obtain overall characteristic data, and inputting the overall characteristic data into the trained recognition model to obtain a recognition result.
According to an embodiment of the present disclosure, before processing the operation data to obtain the data feature, the method further includes: and determining whether the input operation is a person operation or not based on the operation data to obtain a preliminary identification result. Wherein the processing the operational data to obtain data characteristics comprises: and processing the operation data to obtain data characteristics under the condition that the preliminary identification result represents that the input operation is manual operation.
According to an embodiment of the present disclosure, the first input device includes a mouse, and the second input device includes a keyboard.
According to an embodiment of the present disclosure, the first operation data includes position information of M input points that are input on the login interface through the first input device, where M is an integer greater than 1; the processing the first operation data to obtain a first data characteristic comprises: determining a movement speed feature of performing an input through the first input device based on the position information of the M input points, wherein the movement speed feature comprises at least one of: mean moving speed, standard deviation moving speed, kurtosis moving speed and divergence moving speed.
According to an embodiment of the present disclosure, the second operation data includes click data executed by N keys of the keyboard, where N is an integer greater than 1; the processing the second operation data to obtain a second data characteristic comprises: determining a click speed characteristic of performing an input through the keyboard based on click data performed on the N keys, wherein the click speed characteristic comprises at least one of: average click speed, standard deviation click speed, kurtosis click speed and divergence click speed.
According to an embodiment of the present disclosure, the method further includes: and sending verification information when the identification result represents that the input operation is machine operation.
According to an embodiment of the present disclosure, the method further includes: and receiving a feedback result aiming at the verification information, and allowing the application program to log in under the condition that the feedback result represents that the verification is passed.
According to an embodiment of the present disclosure, the trained recognition model includes at least one of: a single-class support vector machine model, an isolated forest model and a variational self-coder model.
Another aspect of the present disclosure provides an input operation detection apparatus including: the device comprises an acquisition module, a first processing module, a second processing module and a login module. The acquisition module acquires operation data, wherein the operation data comprises data generated by executing input operation on a login interface of an application program through at least one input device. And the first processing module is used for processing the operation data to obtain data characteristics. And the second processing module is used for processing the characteristic data by utilizing the trained recognition model to obtain a recognition result, and the recognition result represents whether the input operation is a person operation or not. And the login module allows the application program to be logged in when the identification result indicates that the input operation is a manual operation.
According to an embodiment of the present disclosure, the acquiring operation data includes: the method comprises the steps of obtaining first operation data, wherein the first operation data comprise data generated by executing input operation on a login interface of an application program through a first input device, and obtaining second operation data, wherein the second operation data comprise data generated by executing input operation on the login interface of the application program through a second input device. The processing the operation data to obtain the data characteristics comprises: and processing the first operation data to obtain a first data characteristic, and processing the second operation data to obtain a second data characteristic.
According to an embodiment of the present disclosure, the trained recognition model includes a first recognition submodel and a second recognition submodel; the processing the feature data with the trained recognition model to obtain a recognition result comprises: and inputting the first characteristic data into the first identification submodel to obtain first output data, inputting the second characteristic data into the second identification submodel to obtain second output data, and determining the first output data and the second output data as the identification result.
According to an embodiment of the present disclosure, the allowing to log in the application program when the recognition result indicates that the input operation is a human operation includes: and when at least one of the first output data and the second output data represents that the input operation is a human operation, allowing the application program to be logged in.
According to an embodiment of the present disclosure, the processing the feature data by using the trained recognition model to obtain a recognition result includes: and processing the first characteristic data and the second characteristic data to obtain overall characteristic data, and inputting the overall characteristic data into the trained recognition model to obtain a recognition result.
According to an embodiment of the present disclosure, before processing the operation data to obtain the data feature, the apparatus further includes: and the determining module is used for determining whether the input operation is a person operation or not based on the operation data so as to obtain a preliminary identification result. Wherein the processing the operational data to obtain data characteristics comprises: and processing the operation data to obtain data characteristics under the condition that the preliminary identification result represents that the input operation is manual operation.
According to an embodiment of the present disclosure, the first operation data includes position information of M input points that are input on the login interface through the first input device, where M is an integer greater than 1; the processing the first operation data to obtain a first data characteristic comprises: determining a movement speed feature of performing an input through the first input device based on the position information of the M input points, wherein the movement speed feature comprises at least one of: mean moving speed, standard deviation moving speed, kurtosis moving speed and divergence moving speed.
According to an embodiment of the present disclosure, the second operation data includes click data executed by N keys of the keyboard, where N is an integer greater than 1; the processing the second operation data to obtain a second data characteristic comprises: determining a click speed characteristic of performing an input through the keyboard based on click data performed on the N keys, wherein the click speed characteristic comprises at least one of: average click speed, standard deviation click speed, kurtosis click speed and divergence click speed.
According to the embodiment of the present disclosure, the apparatus further includes: and the sending module is used for sending verification information when the identification result represents that the input operation is machine operation.
According to the embodiment of the present disclosure, the apparatus further includes: a receiving module and an additional login module. And the receiving module is used for receiving a feedback result aiming at the verification information. And the additional login module allows the application program to be logged in under the condition that the feedback result representation passes the verification.
According to an embodiment of the present disclosure, the trained recognition model includes at least one of: a single-class support vector machine model, an isolated forest model and a variational self-coder model.
Another aspect of the present disclosure provides a computing device comprising: one or more processors; memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method as described above.
Another aspect of the disclosure provides a non-transitory readable storage medium storing computer-executable instructions for implementing the method as described above when executed.
Another aspect of the disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiment of the disclosure, by using the input operation detection method as described above, the technical problems that the traditional verification code technology in the related art requires a user to manually input a verification code, the current operation of the user is interrupted, and the user experience is poor can be at least partially solved. Therefore, the technical effects of simplifying the operation of the user in the login process and improving the processing efficiency of the verification can be achieved.
Drawings
For a more complete understanding of the present disclosure and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
fig. 1 schematically shows a system architecture of an input operation detection method and an input operation detection apparatus according to an embodiment of the present disclosure;
FIG. 2 schematically illustrates a flow diagram of an input operation detection method according to an embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow diagram of an input operation detection method according to another embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow diagram of an input operation detection method according to yet another embodiment of the present disclosure;
fig. 5 schematically shows a block diagram of an input operation detection apparatus according to an embodiment of the present disclosure; and
FIG. 6 schematically illustrates a block diagram of a computer system for implementing input operation detection according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Some block diagrams and/or flow diagrams are shown in the figures. It will be understood that some blocks of the block diagrams and/or flowchart illustrations, or combinations thereof, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable control apparatus to produce a machine, such that the instructions, which execute via the processor, create means for implementing the functions/acts specified in the block diagrams and/or flowchart block or blocks.
Accordingly, the techniques of this disclosure may be implemented in hardware and/or software (including firmware, microcode, etc.). In addition, the techniques of this disclosure may take the form of a computer program product on a computer-readable storage medium having instructions stored thereon for use by or in connection with an instruction execution system. In the context of this disclosure, a computer-readable storage medium may be any medium that can contain, store, communicate, propagate, or transport the instructions. For example, a computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Specific examples of the computer-readable storage medium include: magnetic storage devices, such as magnetic tape or Hard Disk Drives (HDDs); optical storage devices, such as compact disks (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and/or wired/wireless communication links.
An embodiment of the present disclosure provides an input operation detection method, including: the method comprises the steps of obtaining operation data, wherein the operation data comprise data generated by executing input operation on a login interface of an application program through at least one input device, processing the operation data to obtain data characteristics, processing the characteristic data through a trained recognition model to obtain a recognition result, wherein the recognition result represents whether the input operation is manual operation or not, and when the recognition result represents that the input operation is manual operation, the application program is allowed to be logged in.
Fig. 1 schematically shows a system architecture of an input operation detection method and an input operation detection apparatus according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, the system architecture 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104 and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have installed thereon various communication client applications, such as shopping-like applications, web browser applications, search-like applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 105 may be a server providing various services, such as a background management server (for example only) providing support for websites browsed by users using the terminal devices 101, 102, 103. The background management server may analyze and perform other processing on the received data such as the user request, and feed back a processing result (e.g., a webpage, information, or data obtained or generated according to the user request) to the terminal device.
It should be noted that the input operation detection method provided by the embodiment of the present disclosure may be generally executed by the server 105. Accordingly, the input operation detection apparatus provided by the embodiments of the present disclosure may be generally disposed in the server 105. The input operation detection method provided by the embodiment of the present disclosure may also be executed by a server or a server cluster that is different from the server 105 and is capable of communicating with the terminal devices 101, 102, 103 and/or the server 105. Accordingly, the input operation detection device provided by the embodiment of the present disclosure may also be disposed in a server or a server cluster different from the server 105 and capable of communicating with the terminal devices 101, 102, 103 and/or the server 105.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
An input operation detection method according to an exemplary embodiment of the present disclosure is described below with reference to fig. 2 to 4 in conjunction with the system architecture of fig. 1. It should be noted that the above-described system architecture is shown merely for the purpose of facilitating understanding of the spirit and principles of the present disclosure, and embodiments of the present disclosure are not limited in any way in this respect.
According to the embodiment of the disclosure, when a user logs in an application program, in order to avoid a loss of a user account caused by logging in the application program through machine operation, whether the login is allowed is generally determined by verifying whether a login operator logs in for the user, and the verification manner may include but is not limited to a slider verification manner, a jigsaw verification manner, a picture verification manner, and the like. If the verification result is machine operation, the login is not allowed, and if the verification result is manual operation, the login is allowed. When the login is manually operated, the user is authenticated in the authentication mode, so that the current operation of the user is interrupted, and the user experience is poor. Therefore, by the method of the embodiment of the disclosure, the current login person can be identified as operation or machine operation, and the current operation of the user does not need to be interrupted, so that the use experience of the user is improved.
The human operation according to the embodiment of the present disclosure is, for example, a real human operation. Corresponding to the human operation, for example, a machine operation may be an operation generated by simulating human behavior by means of a simulator, a script, or the like.
Fig. 2 schematically shows a flow chart of an input operation detection method according to an embodiment of the present disclosure.
As shown in fig. 2, the input operation detection method of the embodiment of the present disclosure may include, for example, operations S210 to S240.
In operation S210, operation data is acquired, wherein the operation data includes data generated by performing an input operation on a login interface of an application through at least one input device.
In the embodiments of the present disclosure, the input device includes, for example, a mouse, a keyboard, a touch pen, a touch pad, and other touch devices.
For example, when input is made by a mouse, the operation data includes, for example, movement data generated when a cursor is moved on the login interface. When input through the keyboard, the operation data is, for example, click data generated by clicking a key on the keyboard, and the click data includes, for example, the time of each click. The operational data may include mouse data and keyboard data.
In operation S220, the operation data is processed to obtain data characteristics.
In operation S230, the feature data is processed by using the trained recognition model to obtain a recognition result, and the recognition result represents whether the input operation is a human operation.
According to embodiments of the present disclosure, the trained recognition model may include at least one of: a One Class Support Vector Machine (OCSVM) model, an isolated Forest (Isolation Forest) model, and a Variational Auto Encoder (VAE) model.
Next, in operation S240, when the recognition result indicates that the input operation is a human operation, the login of the application program is permitted.
According to the embodiment of the disclosure, when the recognition result obtained by processing the feature data by using the trained recognition model is that the current login operation is a manual operation, the application program is allowed to be logged in.
It can be understood that the embodiment of the disclosure processes the data characteristics of the input operation by utilizing the recognition model to realize automatic recognition of whether the current login operation is a human operation. When the identification result represents that the current operation is manual operation, the user is allowed to log in the application program without interrupting the current operation of the user in a sliding block verification mode, a jigsaw verification mode, an image verification mode and the like, so that the use experience of the user is improved. In addition, the disclosed embodiments utilize the recognition model to process the data characteristics of the input operation to achieve automatic recognition that the current login operation is imperceptible to the user, i.e., the user can achieve a successful login of the application without interrupting the current operation.
Fig. 3 schematically shows a flow chart of an input operation detection method according to an embodiment of the present disclosure.
As shown in fig. 3, the input operation detection method of the embodiment of the present disclosure may include, for example, operations S210 to S240 and operations S310 to S330. Operations S210 to S240 are, for example, the same as or similar to the operations described in fig. 2, and are not described again here.
In operation S310, authentication information is transmitted when the recognition result represents that the input operation is a machine operation.
That is, the verification information may be further sent when the current login operation is characterized as a machine operation based on the recognition result obtained by processing the data characteristics of the input operation through the trained recognition model. The authentication information includes, for example, but not limited to, authentication information transmitted by a slider authentication method, a puzzle authentication method, a picture authentication method, and the like.
In operation S320, a feedback result for the authentication information is received.
Next, in operation S330, in case that the feedback result characterization is verified, the login of the application program is allowed.
Although the current login operation obtained through recognition by the trained recognition model is a machine operation, in order to avoid a recognition error of the trained recognition model, the embodiments of the present disclosure may further verify the current operation through a slider verification manner, a puzzle verification manner, a picture verification manner, and the like. If the current operation person can be further determined to be the operation through the verification, the application program can be allowed to be logged in at this time.
According to the embodiment of the disclosure, the imperceptible input operation detection is to make a judgment whether the operation is a real person (user) or not imperceptibly to the user in the login page operation process, and if the operation is identified as the real person (user), normal use and current use habits of the user are not affected. If the script is identified as script automatic operation (machine operation), enhanced verification modes such as slider verification and the like are popped for management and control and interception, so that the use experience of a normal user is not influenced while risk management and control are improved. The input operation detection is carried out in the login scene, so that the behaviors of using a machine script to carry out library collision, brute force password cracking attack, using a script tool to participate in activities such as malicious coupon picking, red packet robbing and lottery drawing can be resisted.
According to the embodiment of the disclosure, before processing the operation data to obtain the data characteristics, whether the input operation is a human operation or not can be determined based on the operation data to obtain a preliminary identification result.
Then, in the case that the preliminary identification result represents that the input operation is a human operation, the operation data can be further processed to obtain the data characteristics.
In one example, the operation data may include first operation data and second operation data, the first operation data may be data generated by performing an input operation through a mouse, and the second operation data may be data generated by performing an input operation through a keyboard.
According to an embodiment of the present disclosure, determining whether the input operation is a human operation based on the operation data includes: and under the condition that the first operation data meets a first preset condition and the second operation data meets a second preset condition, determining that the input operation is machine operation.
Wherein the first operation data satisfying the first preset condition may include: when the first operation data represent that the input operation is executed on the login interface through the mouse, the number of the input points of the collected cursor on the login interface is less than or equal to the preset number. The input points are, for example, coordinate points of the collected cursor on the login interface, and the preset number may be set according to an actual application, for example, the preset number may be 3, 5, and so on, because when the user performs an input operation, the number of input points of the cursor on the login interface is large, and if the user performs a machine operation, the number of input points is small. Or, the first operation data satisfying the first preset condition may further include: the moving speed of the cursor on the login interface is a constant speed, because the moving speed of the cursor on the login interface is changed when the user performs an input operation, and the moving speed can be a constant speed if the user performs a machine operation.
Wherein the second operation data meeting a second preset condition includes: the second operation data is null data, that is, the login operation has no data related to the keyboard.
Conversely, in a case where the first operation data does not satisfy the first preset condition or the second operation data does not satisfy the second preset condition, it may be determined that the input operation is a human operation.
According to an embodiment of the present disclosure, obtaining the operation data may include: first operation data is acquired and second operation data is acquired. The first operation data comprises data generated by executing input operation on the login interface of the application program through the first input device, and the second operation data comprises data generated by executing input operation on the login interface of the application program through the second input device. In one example, the first input device may be a mouse and the second input device may be a keyboard.
According to an embodiment of the present disclosure, processing the operation data to obtain the data characteristics includes: the first operation data is processed to obtain a first data characteristic, and the second operation data is processed to obtain a second data characteristic.
The manner of extracting the first data feature and the second data feature will be described below. For example, the first data feature is extracted from the first operation data by feature engineering, and the second data feature is extracted from the second operation data by feature engineering.
According to an embodiment of the present disclosure, the first operation data includes position information of M input points, where M is an integer greater than 1, input is performed on the login interface through the first input device.
Processing the first operational data to obtain a first data characteristic comprises: determining a movement speed feature of performing an input through the first input device based on the position information of the M input points, wherein the movement speed feature includes at least one of: mean moving speed, standard deviation moving speed, kurtosis moving speed and divergence moving speed.
For example, the plurality of input points may include input point 1, input point 2, input point 3, and so on. Collecting coordinate information of an input point on the login interface at intervals of t, for example, the collected coordinate information of the input point 1, the input point 2 and the input point 3 on the login interface are respectively (x)1,y1)、(x2,y2)、(x3,y3). For example, for an input point 2, the projection size of the moving speed of the input point 2 along the horizontal axis direction is vx_2=(x3-x1) /2t, projection of moving speed in the direction of longitudinal axis of magnitude vy_2=(y3-y1) A total moving speed v of 2tx=((vx_2)2+(vy_2)2)1/2. Then, the average moving speed, standard deviation moving speed, kurtosis moving speed, and divergence moving speed of the input point 2 along the horizontal axis are calculated, the average moving speed, standard deviation moving speed, kurtosis moving speed, and divergence moving speed of the input point 2 along the vertical axis are calculated, and the average moving speed, standard deviation moving speed, kurtosis moving speed, and divergence moving speed of the overall moving speed of the input point 2 are calculated. Similarly, the moving speed characteristic of each input point can be calculated. Then, a feature vector is constructed based on the moving speed features of the plurality of input points, and the feature vector is the first data feature.
According to an embodiment of the present disclosure, the second operation data includes click data performed by pressing N keys of the keyboard, where N is an integer greater than 1. Wherein,
processing the second operation data to obtain a second data characteristic comprises: determining a click speed characteristic of performing an input through the keyboard based on click data performed on the N keys, wherein the click speed characteristic includes at least one of: average click speed, standard deviation click speed, kurtosis click speed and divergence click speed.
For example, taking the example of clicking a key, for the clicking operation of the key, the clicking speed is characterized by the time difference between the time stamp of the key being pressed and the time stamp of the key being released. Then, the average value, the standard deviation, the kurtosis and the divergence of the click speed of the key are calculated based on the click speed. Similarly, the click rate characteristic for each key may be calculated. And then, constructing a feature vector based on the clicking speed features of the plurality of keys, wherein the feature vector is the second data feature.
According to the embodiment of the present disclosure, in addition to using the characteristics of the mean, the standard deviation, the skewness, the divergence, and the like of the velocity, more data may be used, for example, higher order data may be used to construct the data characteristics. Higher order data includes, for example, fifth order moments of speed, sixth order moments, and the like.
Next, a process of processing the first data feature and the second data feature using the trained recognition model will be described.
In one embodiment, the trained recognition model may include a first recognition submodel and a second recognition submodel.
Wherein processing the first feature data and the second feature data using the trained recognition model to obtain a recognition result comprises: and inputting the first characteristic data into a first recognition submodel to obtain first output data, inputting the second characteristic data into a second recognition submodel to obtain second output data, and then determining the first output data and the second output data as recognition results.
Wherein the first recognition submodel includes at least one of: a single-class support vector machine model, an isolated forest model and a variational self-coder model. The first recognizer model is trained based on historical operating data of the first input device, for example. The first output data resulting from inputting the first feature data into the first recognition submodel is for example a first probability characterizing the input operation as a manual operation.
Wherein the second identifier model comprises at least one of: a single-class support vector machine model, an isolated forest model and a variational self-coder model. The second recognizer model is trained based on historical operational data of the second input device, for example. The second output data obtained by inputting the second feature data into the second recognition submodel is, for example, a second probability that the input operation is an artificial operation.
According to the embodiment of the disclosure, when the identification result represents that the input operation is a human operation, the allowing of logging in the application program comprises: and allowing the application program to be logged in when at least one of the first output data and the second output data represents that the input operation is a human operation.
For example, when the first probability represents that the input operation is a human operation or the second probability represents that the input operation is a user probability, the input operation is finally determined to be the human operation and the login of the application program is allowed.
For example, when the first probability characterizes the input operation as a machine operation and the second probability characterizes the input operation as a machine operation, the input operation is finally determined to be a machine operation, and then the verification information continues to be sent for further verification.
In another embodiment, the trained recognition model is one recognition model. The processing the feature data by using the trained recognition model to obtain the recognition result in operation S230 includes: and processing the first characteristic data and the second characteristic data to obtain overall characteristic data, and then inputting the overall characteristic data into the trained recognition model to obtain a recognition result.
According to the embodiment of the present disclosure, the first characteristic data and the second characteristic data are associated and combined to obtain the overall characteristic data, for example. The associating and combining the first characteristic data and the second characteristic data may be, for example, stitching the first characteristic data and the second characteristic data. And then, inputting the overall characteristic data into the trained recognition model to obtain an overall probability for representing that the input operation is an artificial operation. Based on the overall probability, it may be determined whether the input operation is a human operation or a machine operation.
Fig. 4 schematically shows a flowchart of an input operation detection method according to still another embodiment of the present disclosure.
As shown in fig. 4, the input operation detection method of the embodiment of the present disclosure includes operations S410 to S450, for example.
In operation S410, operation data is acquired. For example, operational data of the mouse and operational data of the keyboard are acquired. And determining whether the input operation is a human operation or not based on the operation data to obtain a preliminary identification result. Operation S420 is performed when the preliminary recognition result indicates that the input operation is a human operation, and operation S440 is performed when the preliminary recognition result indicates that the input operation is a machine operation.
In operation S420, data features are extracted. For example, when the preliminary identification result represents that the input operation is a human operation, the data characteristics of the operation data are extracted, so as to further identify whether the input operation is a human operation or not based on the data characteristics.
In operation S430, the data features are processed using the recognition model. For example, data features are input into the recognition model, and the output data of the recognition model can characterize the input operation as an operation or a machine operation.
In operation S440, when the preliminary recognition result is a machine operation or the recognition result output by the recognition model is a machine operation, it is determined that the final recognition result is a machine operation.
Next, in operation S450, when the output data of the recognition model represents that the input operation is a human operation, it is determined that the final recognition result is a human operation.
Fig. 5 schematically shows a block diagram of an input operation detection apparatus according to an embodiment of the present disclosure.
As shown in fig. 5, the input operation detection apparatus 500 may include, for example, an acquisition module 510, a first processing module 520, a second processing module 530, and a login module 540.
The obtaining module 510 may be configured to obtain operation data, where the operation data includes data generated by performing an input operation on a login interface of an application program through at least one input device. According to the embodiment of the present disclosure, the obtaining module 510 may perform, for example, the operation S210 described above with reference to fig. 2, which is not described herein again.
The first processing module 520 may be used to process the operational data to derive data characteristics. According to the embodiment of the present disclosure, the first processing module 520 may, for example, perform operation S220 described above with reference to fig. 2, which is not described herein again.
The second processing module 530 may be configured to process the feature data and the feature data using the trained recognition model to obtain a recognition result, where the recognition result represents whether the input operation is a human operation. According to the embodiment of the present disclosure, the second processing module 530 may, for example, perform operation S230 described above with reference to fig. 2, which is not described herein again.
The login module 540 may be configured to allow the login of the application when the recognition result indicates that the input operation is a human operation. According to the embodiment of the present disclosure, the login module 540 may, for example, perform the operation S240 described above with reference to fig. 2, which is not described herein again.
According to an embodiment of the present disclosure, obtaining operational data includes: the method comprises the steps of obtaining first operation data, wherein the first operation data comprise data generated by input operation executed on a login interface of an application program through a first input device, and obtaining second operation data, and the second operation data comprise data generated by input operation executed on the login interface of the application program through a second input device. Processing the operational data to obtain data characteristics includes: the first operation data is processed to obtain a first data characteristic, and the second operation data is processed to obtain a second data characteristic.
According to an embodiment of the present disclosure, the trained recognition model comprises a first recognition submodel and a second recognition submodel. Processing the feature data using the trained recognition model to obtain a recognition result comprises: and inputting the first characteristic data into the first recognition submodel to obtain first output data, inputting the second characteristic data into the second recognition submodel to obtain second output data, and determining the first output data and the second output data as recognition results.
According to the embodiment of the disclosure, when the identification result represents that the input operation is a human operation, the allowing of logging in the application program comprises: and allowing the application program to be logged in when at least one of the first output data and the second output data represents that the input operation is a human operation.
According to an embodiment of the present disclosure, processing the feature data with the trained recognition model to obtain a recognition result includes: and processing the first characteristic data and the second characteristic data to obtain overall characteristic data, and inputting the overall characteristic data into the trained recognition model to obtain a recognition result.
According to an embodiment of the present disclosure, before processing the operation data to obtain the data feature, the apparatus 500 may further include: and the determining module is used for determining whether the input operation is a manual operation or not based on the operation data so as to obtain a preliminary identification result. Wherein processing the operational data to obtain the data characteristics comprises: and processing the operation data to obtain data characteristics under the condition that the preliminary identification result represents that the input operation is manual operation.
According to an embodiment of the present disclosure, the first input device includes a mouse and the second input device includes a keyboard.
According to the embodiment of the present disclosure, the first operation data includes position information of M input points that are input on the login interface by the first input device, where M is an integer greater than 1; processing the first operational data to obtain a first data characteristic comprises: determining a movement speed feature of performing an input through the first input device based on the position information of the M input points, wherein the movement speed feature includes at least one of: mean moving speed, standard deviation moving speed, kurtosis moving speed and divergence moving speed.
According to an embodiment of the present disclosure, the second operation data includes click data performed by pressing N keys of the keyboard, where N is an integer greater than 1; processing the second operation data to obtain a second data characteristic comprises: determining a click speed characteristic of performing an input through the keyboard based on click data performed on the N keys, wherein the click speed characteristic includes at least one of: average click speed, standard deviation click speed, kurtosis click speed and divergence click speed.
According to an embodiment of the present disclosure, the apparatus 500 may further include: and the sending module is used for sending the verification information when the identification result represents that the input operation is machine operation.
According to an embodiment of the present disclosure, the apparatus 500 may further include: a receiving module and an additional login module. And the receiving module receives a feedback result aiming at the verification information. And the additional login module allows the application program to be logged in under the condition that the feedback result representation passes the verification.
According to an embodiment of the present disclosure, the trained recognition model includes at least one of: a single-class support vector machine model, an isolated forest model and a variational self-coder model.
The present disclosure also provides a computing device that may include: one or more processors and a memory device. The storage device may be used to store one or more programs. Wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the methods illustrated in fig. 2-4.
Another aspect of the disclosure provides a non-transitory readable storage medium storing computer-executable instructions that, when executed, implement the method illustrated in fig. 2-4.
Another aspect of the disclosure provides a computer program comprising computer executable instructions which when executed are for implementing the method illustrated in figures 2 to 4.
Any number of modules, sub-modules, units, sub-units, or at least part of the functionality of any number thereof according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units, and sub-units according to the embodiments of the present disclosure may be implemented by being split into a plurality of modules. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in any other reasonable manner of hardware or firmware by integrating or packaging a circuit, or in any one of or a suitable combination of software, hardware, and firmware implementations. Alternatively, one or more of the modules, sub-modules, units, sub-units according to embodiments of the disclosure may be at least partially implemented as a computer program module, which when executed may perform the corresponding functions.
For example, any number of the obtaining module 510, the first processing module 520, the second processing module 530, and the logging module 540 may be combined and implemented in one module, or any one of the modules may be split into a plurality of modules. Alternatively, at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of the other modules and implemented in one module. According to an embodiment of the present disclosure, at least one of the obtaining module 510, the first processing module 520, the second processing module 530, and the logging module 540 may be implemented at least partially as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or may be implemented by any one of three implementations of software, hardware, and firmware, or any suitable combination of any of these. Alternatively, at least one of the obtaining module 510, the first processing module 520, the second processing module 530 and the logging module 540 may be at least partially implemented as a computer program module, which when executed may perform a corresponding function.
FIG. 6 schematically illustrates a block diagram of a computer system for implementing input operation detection according to an embodiment of the present disclosure. The computer system illustrated in FIG. 6 is only one example and should not impose any limitations on the scope of use or functionality of embodiments of the disclosure.
As shown in fig. 6, computer system 600 includes a processor 601, a computer-readable storage medium 602. The system 600 may perform a method according to an embodiment of the present disclosure.
In particular, processor 601 may include, for example, a general purpose microprocessor, an instruction set processor and/or related chip set and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), and/or the like. The processor 601 may also include onboard memory for caching purposes. The processor 601 may be a single processing unit or a plurality of processing units for performing the different actions of the method flows according to embodiments of the present disclosure.
Computer-readable storage medium 602 may be, for example, any medium that can contain, store, communicate, propagate, or transport the instructions. For example, a readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Specific examples of the readable storage medium include: magnetic storage devices, such as magnetic tape or Hard Disk Drives (HDDs); optical storage devices, such as compact disks (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and/or wired/wireless communication links.
The computer-readable storage medium 602 may comprise a computer program 603, which computer program 603 may comprise code/computer-executable instructions that, when executed by the processor 601, cause the processor 601 to perform a method according to an embodiment of the disclosure or any variant thereof.
The computer program 603 may be configured with computer program code, for example comprising computer program modules. For example, in an example embodiment, code in computer program 603 may include one or more program modules, including 603A, modules 603B, … …, for example. It should be noted that the division and number of the modules are not fixed, and those skilled in the art may use suitable program modules or program module combinations according to actual situations, and when the program modules are executed by the processor 601, the processor 601 may execute the method according to the embodiment of the present disclosure or any variation thereof.
According to an embodiment of the present disclosure, at least one of the obtaining module 510, the first processing module 520, the second processing module 530, and the logging module 540 may be implemented as a computer program module described with reference to fig. 6, which, when executed by the processor 601, may implement the respective operations described above.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method.
According to embodiments of the present disclosure, a computer-readable storage medium may be a computer-readable signal medium or a computer-readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable storage medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, optical fiber cable, radio frequency signals, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
While the disclosure has been shown and described with reference to certain exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the disclosure as defined by the appended claims and their equivalents. Accordingly, the scope of the present disclosure should not be limited to the above-described embodiments, but should be defined not only by the appended claims, but also by equivalents thereof.

Claims (15)

1. An input operation detection method comprising:
acquiring operation data, wherein the operation data comprises data generated by executing input operation on a login interface of an application program through at least one input device;
processing the operation data to obtain data characteristics;
processing the feature data with a trained recognition model to obtain a recognition result, the recognition result representing whether the input operation is a human operation; and
and when the identification result represents that the input operation is a manual operation, allowing the application program to be logged in.
2. The method of claim 1, wherein:
the acquiring operation data comprises:
acquiring first operation data, wherein the first operation data comprises data generated by executing input operation on a login interface of an application program through first input equipment; and
acquiring second operation data, wherein the second operation data comprises data generated by executing input operation on a login interface of an application program through second input equipment;
the processing the operation data to obtain the data characteristics comprises:
processing the first operation data to obtain a first data characteristic; and
and processing the second operation data to obtain a second data characteristic.
3. The method of claim 2, wherein the trained recognition model comprises a first recognition submodel and a second recognition submodel; the processing the feature data with the trained recognition model to obtain a recognition result comprises:
inputting the first characteristic data into the first identification submodel to obtain first output data;
inputting the second characteristic data into the second recognition submodel to obtain second output data; and
and determining the first output data and the second output data as the identification result.
4. The method of claim 3, wherein allowing login to the application when the recognition result characterizes the input operation as a human operation comprises:
and when at least one of the first output data and the second output data represents that the input operation is a human operation, allowing the application program to be logged in.
5. The method of claim 2, wherein the processing the feature data with the trained recognition model to obtain recognition results comprises:
processing the first characteristic data and the second characteristic data to obtain overall characteristic data; and
and inputting the overall characteristic data into the trained recognition model to obtain a recognition result.
6. The method of claim 1, wherein:
before processing the operational data to obtain data characteristics, the method further comprises: determining whether the input operation is a person operation to obtain a preliminary identification result based on the operation data;
wherein the processing the operational data to obtain data characteristics comprises: and processing the operation data to obtain data characteristics under the condition that the preliminary identification result represents that the input operation is manual operation.
7. The method of claim 2, wherein the first input device comprises a mouse and the second input device comprises a keyboard.
8. The method of claim 7, wherein the first operation data includes position information of M input points where input is performed on the login interface through the first input device, M being an integer greater than 1; the processing the first operation data to obtain a first data characteristic comprises:
determining a movement speed characteristic of performing an input through the first input device based on the position information of the M input points,
wherein the movement speed characteristic comprises at least one of: mean moving speed, standard deviation moving speed, kurtosis moving speed and divergence moving speed.
9. The method of claim 7, wherein the second operation data includes click data by performing on N keys of the keyboard, N being an integer greater than 1; the processing the second operation data to obtain a second data characteristic comprises:
determining a click speed characteristic of performing an input through the keyboard based on the click data performed on the N keys,
wherein the click speed characteristics include at least one of: average click speed, standard deviation click speed, kurtosis click speed and divergence click speed.
10. The method of claim 1, further comprising:
and sending verification information when the identification result represents that the input operation is machine operation.
11. The method of claim 10, further comprising:
receiving a feedback result aiming at the verification information; and
and allowing the application program to log in under the condition that the feedback result is characterized by passing the verification.
12. The method of any of claims 1 to 11, wherein the trained recognition model comprises at least one of:
a single-class support vector machine model, an isolated forest model and a variational self-coder model.
13. An input operation detection apparatus comprising:
the acquisition module is used for acquiring operation data, wherein the operation data comprises data generated by executing input operation on a login interface of an application program through at least one input device;
the first processing module is used for processing the operation data to obtain data characteristics;
a second processing module, for processing the feature data by using the trained recognition model to obtain a recognition result, wherein the recognition result represents whether the input operation is a human operation; and
and the login module allows the application program to be logged in when the identification result indicates that the input operation is a manual operation.
14. A computing device, comprising:
one or more processors;
a storage device for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-12.
15. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method of any one of claims 1 to 12.
CN202010727397.XA 2020-07-24 2020-07-24 Input operation detection method, device, computing equipment and medium Pending CN111831991A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010727397.XA CN111831991A (en) 2020-07-24 2020-07-24 Input operation detection method, device, computing equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010727397.XA CN111831991A (en) 2020-07-24 2020-07-24 Input operation detection method, device, computing equipment and medium

Publications (1)

Publication Number Publication Date
CN111831991A true CN111831991A (en) 2020-10-27

Family

ID=72926290

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010727397.XA Pending CN111831991A (en) 2020-07-24 2020-07-24 Input operation detection method, device, computing equipment and medium

Country Status (1)

Country Link
CN (1) CN111831991A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179281A (en) * 2021-05-26 2021-07-27 中国银行股份有限公司 Method, device, equipment and storage medium for determining database collision attack
CN113723988A (en) * 2021-08-06 2021-11-30 银盛通信有限公司 Lottery code lottery drawing method, computer equipment and storage medium thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106549920A (en) * 2015-09-21 2017-03-29 华为终端(东莞)有限公司 Log-on message input method, log-on message store method and relevant apparatus
WO2019153604A1 (en) * 2018-02-06 2019-08-15 平安科技(深圳)有限公司 Device and method for creating human/machine identification model, and computer readable storage medium
CN110808995A (en) * 2019-11-08 2020-02-18 中国工商银行股份有限公司 Safety protection method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106549920A (en) * 2015-09-21 2017-03-29 华为终端(东莞)有限公司 Log-on message input method, log-on message store method and relevant apparatus
WO2019153604A1 (en) * 2018-02-06 2019-08-15 平安科技(深圳)有限公司 Device and method for creating human/machine identification model, and computer readable storage medium
CN110808995A (en) * 2019-11-08 2020-02-18 中国工商银行股份有限公司 Safety protection method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179281A (en) * 2021-05-26 2021-07-27 中国银行股份有限公司 Method, device, equipment and storage medium for determining database collision attack
CN113723988A (en) * 2021-08-06 2021-11-30 银盛通信有限公司 Lottery code lottery drawing method, computer equipment and storage medium thereof

Similar Documents

Publication Publication Date Title
US10055611B2 (en) Secure remote application shares
CN106453209B (en) Identity verification method and device
CN111931678A (en) Video information processing method and device, electronic equipment and storage medium
JP2019513246A (en) Training method of random forest model, electronic device and storage medium
WO2017197826A1 (en) Relationship-based image feature matching method, device, and system
CN105471811A (en) Privacy space processing method and privacy space processing device
CN107211030A (en) Use the method and system for anti-phishing of intelligent image
CN112989186A (en) Information recommendation model training method and device, electronic equipment and storage medium
CN114139135B (en) Equipment login management method, device and storage medium
CN109729303A (en) Conference providing device and method for changing connection terminal in the device
CN111831991A (en) Input operation detection method, device, computing equipment and medium
US11303672B2 (en) Detecting replay attacks using action windows
US20200050744A1 (en) Authetication using features extracted based on cursor locations
CN113938697B (en) Virtual speaking method and device in live broadcasting room and computer equipment
CN107483208A (en) Method and device for generating and verifying verification code pictures
CN112016077B (en) Page information acquisition method and device based on sliding track simulation and electronic equipment
CN107346197B (en) Information display method and device
CN114061593B (en) Navigation method and related device based on building information model
KR102670518B1 (en) Method and apparatus for providing captcha system
CN111191143A (en) Application recommendation method and device
CN110543754A (en) memory, verification code implementation method, device and equipment
JP2014074966A (en) Task processing method, program and system
CN109104759B (en) Interaction method of electronic equipment, electronic equipment and computer readable medium
CN113806723A (en) Double-factor authentication method and device
CN114511947A (en) Fingerprint entry method, smart door lock, mobile terminal and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20201027

RJ01 Rejection of invention patent application after publication