技术领域technical field
本申请涉及互联网技术领域,具体涉及一种识别账号的方法及系统。The present application relates to the technical field of the Internet, in particular to a method and system for identifying an account.
背景技术Background technique
盗用帐号是黑客使用在第一应用客户端上获取的第一应用账号和密码,在当前想要破解的第二应用客户端上,尝试第一应用账号和密码。一个账号对应一个密码,它们是相辅相成的,为了尝试成功,盗用帐号行为一般需要有一定数量的第一应用账号被提供。所以在第一应用客户端上获取的第一应用账号和密码是以数据库的形式存在的,扫号软件导入数据库后,在第二应用客户端上自动进行匹配。例如:黑客想要破解支付宝的账号,首先在人人网里获取大量的账号以及对应的密码,然后通过扫号软件在支付宝客户端对人人网账号以及对应的密码进行盗用帐号,在盗号的过程中,人人网账号和密码明文显示,在扫号软件的“过滤登录状态”栏显示“支付宝登录成功”,则表示当前扫过的该人人网账号通过了验证,是正确的支付宝账号和密码,则当前的人人网账号已被黑客破解,现在需要将破解的账号识别出为被盗用的账号。Misappropriating an account means that a hacker uses the first application account and password obtained on the first application client to try the first application account and password on the second application client that is currently intended to be cracked. An account corresponds to a password, and they are complementary to each other. In order to succeed in the attempt, account theft generally requires a certain number of first application accounts to be provided. Therefore, the first application account number and password acquired on the first application client exist in the form of a database, and after being imported into the database by the number scanning software, they are automatically matched on the second application client. For example, if a hacker wants to crack the Alipay account, he first obtains a large number of accounts and corresponding passwords from Renren.com, and then uses the scanning software to steal the accounts and corresponding passwords on the Alipay client. During the process, the Renren account number and password are displayed in clear text, and the "Alipay login successful" is displayed in the "Filter Login Status" column of the scanning software, which means that the currently scanned Renren account has passed the verification and is the correct Alipay account and password, the current Renren account has been cracked by hackers, and now it is necessary to identify the cracked account as a stolen account.
盗用的帐号在交易时被识别的方式下,识别盗用的帐号集中在交易付款环节,在与盗用帐号者攻防愈加激烈的今天,在单一交易环节识别和管控压力越来越大。另外,在盗用帐号者使用被盗用的账号做交易之前,账号在非交易环节会表现出异常行为,这些异常行为如果能加以分析和挖掘,可以在盗用的帐号在交易发生之前找到已经被盗用的账号,做风险提前识别和防控。当前,互联网安全形势严峻,某些外界互联网公司由于数据库被攻破或者信息泄露,导致大量账号的用户名和密码被黑客掌握,由于用户习惯在不同的互联网网站使用相同的密码和用户名(账号),盗用帐号者会拿着这些账号到具有经济效益的支付宝客户端尝试账号和密码,进行盗号。In the way that stolen accounts are identified during transactions, the identification of stolen accounts is concentrated in the transaction and payment link. Today, the attack and defense against account theft are becoming more intense, and the pressure to identify and control in a single transaction link is increasing. In addition, before the hacker uses the stolen account to make transactions, the account will show abnormal behavior in non-transactional links. If these abnormal behaviors can be analyzed and excavated, the stolen account can be found before the transaction occurs. account, to identify and prevent risks in advance. At present, the Internet security situation is severe. Some external Internet companies have hacked databases or leaked information, resulting in the user names and passwords of a large number of accounts being mastered by hackers. Because users are used to using the same passwords and user names (accounts) on different Internet sites, Those who steal the account will take these accounts to the Alipay client with economic benefits to try the account number and password to steal the account.
现有技术中,首先识别出异常的支付宝客户端,识别异常的支付宝的方法是:分别统计在支付宝客户端上账号的登录的频次,将登录高频的支付宝客户端划分为异常客户端,在该异常的支付宝客户端登录过的支付宝账号都列入为被盗用的账号。但是这种方法容易把公共场所所使用的支付宝客户端和营销作弊的支付宝客户端也纳入异常客户端。例如:在公共场所网吧的电脑上的支付宝客户端,每天都会有很多人在该支付宝客户端上进行登录和操作,但该支付宝客户端不属于黑客的支付宝客户端。例如:淘宝店铺的商家为了提高销量,注册了多个支付宝账号,用这多个支付宝账号在同一个支付宝客户端进行登录,但这多个支付宝账号只属于营销作弊的账号,而不属于被盗用的账号,所以该支付宝客户端不属于黑客的支付宝客户端。In the prior art, the abnormal Alipay client is firstly identified, and the method for identifying the abnormal Alipay is: respectively counting the login frequency of the account on the Alipay client, dividing the Alipay client with high login frequency into abnormal clients, and The Alipay accounts logged in by the abnormal Alipay client are all listed as stolen accounts. However, this method easily includes the Alipay client used in public places and the Alipay client used for marketing cheating into abnormal clients. For example: the Alipay client on the computer in the Internet cafe in a public place, many people log in and operate on the Alipay client every day, but the Alipay client is not the Alipay client of the hacker. For example: in order to increase sales, merchants of Taobao stores have registered multiple Alipay accounts, and use these multiple Alipay accounts to log in on the same Alipay client, but these multiple Alipay accounts are only accounts for marketing cheating, not stolen accounts. account, so the Alipay client does not belong to the hacker's Alipay client.
综上,在识别被盗用的账号过程中,如何将在公共场所使用的支付宝客户端登录过的第一应用账号和营销作弊的第一应用账号排除在外,得到更准确的被盗用的账号,成为迫切需要本领域技术人员解决的技术问题。To sum up, in the process of identifying stolen accounts, how to exclude the first application accounts logged in from the Alipay client used in public places and the first application accounts for marketing cheating, so as to obtain more accurate stolen accounts, become There is an urgent need for technical problems to be solved by those skilled in the art.
发明内容Contents of the invention
本申请的目的是提供一种识别账号的方法及系统,能够将在公共场所所使用的客户端登录过的账号和营销作弊的账号排除在外,得到更准确的被盗用的账号。The purpose of this application is to provide a method and system for identifying accounts, which can exclude accounts that have been logged in from clients used in public places and accounts for marketing fraud, and obtain more accurate stolen accounts.
为实现上述目的,本申请一方面提供了一种识别账号的方法,所述方法包括:To achieve the above purpose, the present application provides, on the one hand, a method for identifying an account, the method comprising:
识别在第二应用客户端上有多个第一应用账号进行登录;Identifying multiple first application accounts for login on the second application client;
记录在所述第二应用客户端上登录成功的第一应用账号,以及在所述第二应用客户端上进行操作成功的第一应用账号;Recording the first application account successfully logged in on the second application client, and the first application account successfully operating on the second application client;
根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数;According to the first application account with successful login and the first application account with successful operation, obtain a first number hacking identification parameter;
根据所述登录成功的第一应用账号,获取第二盗号判别参数;According to the first application account that has successfully logged in, obtain a second identity theft identification parameter;
根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。According to the first stolen number discrimination parameter and the second stolen number discrimination parameter, as well as the preset first threshold and second threshold, the stolen account among the first application accounts successfully logged in is identified.
本申请另一方面提供了一种识别账号的系统,所述系统包括:Another aspect of the present application provides a system for identifying an account, the system comprising:
第一识别模块,用于识别在第二应用客户端上有多个第一应用账号进行登录;The first identification module is used to identify multiple first application accounts for logging in on the second application client;
记录模块,用于记录在所述第二应用客户端上登录成功的第一应用账号,以及在所述第二应用客户端上进行操作成功的第一应用账号;A recording module, configured to record the first application account that has successfully logged in on the second application client, and the first application account that has successfully operated on the second application client;
第一获取模块,用于根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数;The first acquiring module is configured to acquire a first identity theft discrimination parameter according to the first application account with successful login and the first application account with successful operation;
第二获取模块,用于根据所述登录成功的第一应用账号,获取第二盗号判别参数;The second obtaining module is used to obtain the second identity theft identification parameter according to the first application account that has successfully logged in;
第二识别模块,用于根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。The second identification module is configured to identify the stolen account among the first application accounts that have successfully logged in according to the first stolen number identification parameter and the second stolen number identification parameter, as well as the preset first threshold and second threshold.
本申请提供一种识别账号的方法及系统,根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数,根据所述登录成功的第一应用账号,获取第二盗号判别参数,再根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。将在公共场所所使用的客户端登录过的账号和营销作弊的账号排除在外,得到更准确的被盗用的账号。The present application provides a method and system for identifying an account. According to the first application account that has successfully logged in and the first application account that has successfully Obtaining a second account theft identification parameter, and then identifying a stolen account among the first application accounts successfully logged in according to the first account theft identification parameter and the second account theft identification parameter, as well as the preset first threshold and second threshold. Exclude accounts that have been logged in from clients used in public places and accounts that have cheated in marketing, and obtain more accurate stolen accounts.
当然,实施本申请的任一产品并不一定需要同时达到以上所述的所有优点。Of course, implementing any product of the present application does not necessarily need to achieve all the above-mentioned advantages at the same time.
附图说明Description of drawings
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application or the prior art, the following will briefly introduce the accompanying drawings required in the embodiments. Obviously, the accompanying drawings in the following description are only some of the present application. Embodiments, for those of ordinary skill in the art, other drawings can also be obtained based on these drawings without any creative effort.
图1为本申请实施例提供的一种识别账号的方法流程图;FIG. 1 is a flowchart of a method for identifying an account provided by an embodiment of the present application;
图2为本申请实施例提供的一种识别账号的系统示意图。FIG. 2 is a schematic diagram of a system for identifying an account provided by an embodiment of the present application.
具体实施方式detailed description
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员所获得的所有其他实施例,都属于本申请保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments in this application belong to the protection scope of this application.
在本申请实施例中,为了使得第一应用账号在电子商务平台操作之前,更准确的识别第一应用账号是否为被盗用的账号。由于黑客的第二应用客户端额外有个扫号软件对大量的第一应用账号进行扫号登录后,再盗用扫号登录成功的第一应用账号。但是公共场所所使用的支付宝客户端也有大量的第一应用账号进行登录,不同点在于黑客的第二应用客户端,在对第一应用账号操作之前,只对大量的第一应用账号进行登录,不进行操作,因此,针对上述特点,本申请从登录第二应用客户端成功的第一应用账号上,获取第一盗号判别参数,该第一盗号判别参数是在第二应用客户端上登录的账号数与操作的账号数之比。又由于商家为了提高销量营销作弊,会用相同的个人注册特征信息注册多个第一应用账号,当商家同时登录这多个第一应用账号时,会引起第一盗号判别参数的异常,于是又引入了第二盗号判别参数,从相同的个人注册特征信息对应的所述登录第二应用客户端成功的第一应用账号上,获取第二盗号判别参数。最后,根据所述第一阈值和所述第二阈值,识别所述登录成功的第一应用账号中被盗用的账号。因此,识别出的被盗用的账号,可以将在公共场所所使用的支付宝客户端登录过的第一应用账号和营销作弊的第一应用账号排除在外,得到更准确的被盗用的账号。下面对具体的实现方式进行详细地介绍。In the embodiment of the present application, in order to make the first application account more accurately identify whether the first application account is a stolen account before the first application account is operated on the e-commerce platform. Because the second application client of the hacker additionally has an account scanning software to scan and log in a large number of first application accounts, and then steal the first application accounts that have been successfully scanned and logged in. However, the Alipay client used in public places also has a large number of first application accounts to log in. The difference is that the hacker’s second application client only logs in a large number of first application accounts before operating on the first application account. No operation, therefore, in view of the above characteristics, this application obtains the first account number identification parameter from the first application account that successfully logs in the second application client, and the first account identification parameter is registered on the second application client The ratio of the number of accounts to the number of accounts operated. In order to increase sales and marketing cheating, merchants will use the same personal registration feature information to register multiple first application accounts. When merchants log in to these multiple first application accounts at the same time, it will cause anomalies in the identification parameters of the first hacking number, so again A second identity theft identification parameter is introduced, and the second identity theft identification parameter is obtained from the first application account that successfully logs in to the second application client corresponding to the same personal registration characteristic information. Finally, according to the first threshold and the second threshold, the stolen account among the successfully logged-in first application accounts is identified. Therefore, the identified stolen account can exclude the first application account logged in by the Alipay client used in a public place and the first application account of marketing cheating, so as to obtain a more accurate stolen account. The specific implementation manner will be introduced in detail below.
实施例一Embodiment one
参见图1,本申请实施例提供了一种识别账号的方法可以包括以下步骤:Referring to Figure 1, the embodiment of the present application provides a method for identifying an account which may include the following steps:
S101:识别在第二应用客户端上有多个第一应用账号进行登录。S101: Identify multiple first application accounts for logging in on the second application client.
在本例中,第一应用账号可以为:电子邮件系统登录账号,即时通讯工具登录账号或者社交网络服务站登录账号,例如:人人网的登录账号。第二应用客户端是用于进行交易支付的系统的前端客户端,例如支付宝客户端,此时支付宝系统识别支付宝前端客户端上有多个人人网的登录账号进行登录。In this example, the first application account may be: an email system login account, an instant messaging tool login account or a social network service station login account, for example, a login account of Renren.com. The second application client is the front-end client of the system for transaction payment, such as the Alipay client. At this time, the Alipay system recognizes that there are multiple Renren login accounts on the Alipay front-end client to log in.
例如:第二应用客户端对应的后台系统,识别在第二应用客户端上有成批量地第一应用账号进行登录。这些第一应用账号可能是黑客在人人网盗取第一应用账号,将所述第一应用账号在支付宝客户端上进行登录。盗取人人网账号具体为:在人人网盗取的第一应用账号,以及与第一应用账号对应的密码。黑客为了取得经济利益,要使用盗取的第一应用账号和密码,在支付宝客户端上进行盗用帐号,一般会盗取一定数量的第一应用账号的信息。然后在支付宝客户端上安装一个扫号软件,将从人人网中盗取的200个第一应用账号和对应的密码,通过扫号软件在序列号为CN1007的支付宝客户端上,对第一应用账号以扫号的形式进行登录。这里的200个第一应用账号和对应的密码,是人人网的账号和对应的密码。一个支付宝客户端对应于一个序列号。For example: the background system corresponding to the second application client identifies that there are batches of first application accounts for login on the second application client. These first application accounts may be hackers stealing the first application accounts on RenRen and logging in the first application accounts on the Alipay client. Stealing the Renren.com account specifically includes: the first application account stolen on Renren.com, and the password corresponding to the first application account. In order to obtain economic benefits, the hacker will use the stolen No. 1 app account number and password to embezzle the account on the Alipay client, usually stealing a certain amount of No. 1 app account information. Then install a number-scanning software on the Alipay client, and use the software to scan the 200 No. 1 application accounts and corresponding passwords stolen from Renren.com on the Alipay client with the serial number CN1007. The application account is logged in by scanning the number. The 200 first application accounts and corresponding passwords here are the accounts and corresponding passwords of Renren.com. One Alipay client corresponds to one serial number.
S102:记录在所述第二应用客户端上登录成功的第一应用账号,以及在所述第二应用客户端上进行操作成功的第一应用账号。S102: Record the first application account that has successfully logged in on the second application client, and the first application account that has successfully operated on the second application client.
第一应用账号在第二应用客户端上进行登录,有3种情况:登录不成功、登录成功但没操作或没操作成功和登录成功且操作成功。本步骤先记录在所述第二应用客户端上登录成功的第一应用账号,记录具体为记录成功登录的第一应用账号个数,再记录在所述第二应用客户端上进行操作成功的第一应用账号,记录具体为记录成功操作的第一应用账号个数。The first application account logs in on the second application client, and there are three situations: unsuccessful login, successful login but no operation or no successful operation, and successful login and successful operation. This step first records the first application accounts that have successfully logged in on the second application client, specifically recording the number of first application accounts that have successfully logged in, and then recording the successful operations on the second application client The first application account, the record is specifically the number of first application accounts that record successful operations.
步骤S102具体包括以下步骤:Step S102 specifically includes the following steps:
S201:记录在所述第二应用客户端上登录成功的第一应用账号的个数。S201: Record the number of first application accounts successfully logged in on the second application client.
例如:在序列号为CN1007的支付宝客户端上,在2014.2.2这一整天,200个第一应用账号在该支付宝客户端登录过,获取在扫号软件中显示“支付宝登录成功”的第一应用账号,记录登录成功的第一应用账号数只有100个。For example: on the Alipay client with the serial number CN1007, during the whole day of February 2, 2014, 200 No. 1 app accounts logged in the Alipay client, and the number one displayed in the account scanning software as "Alipay login successful" was obtained. For one application account, there are only 100 first application accounts that record successful login.
S202:记录在所述第二应用客户端上进行操作成功的第一应用账号的个数。S202: Record the number of first application accounts that are successfully operated on the second application client.
在第二应用客户端上登录成功的第一应用账号中,再记录在第二应用客户端上操作成功的第一应用账号的个数。第一应用账号在第二应用客户端上进行操作具体为:第一应用账号在第二应用客户端上进行交易、转账。第一应用账号在第二应用客户端上登录,但不一定进行操作,因此,只记录第一应用账号在第二应用客户端上进行操作成功的第一应用账号的个数。本步骤主要是为了识别该第二应用客户端是在公共场所所使用的支付宝客户端还是黑客在其第三方平台上使用的客户端。Among the first application accounts successfully logged in on the second application client, record the number of the first application accounts successfully operated on the second application client. The operation performed by the first application account on the second application client is specifically: the first application account performs transactions and transfers on the second application client. The first application account logs in on the second application client, but does not necessarily operate. Therefore, only the number of first application accounts whose first application account successfully operates on the second application client is recorded. This step is mainly to identify whether the second application client is the Alipay client used in public places or the client used by hackers on their third-party platforms.
例如:在序列号为CN1007的支付宝客户端上,登录成功的第一应用账号数有100个,其中进行操作交易成功的账号数有2个。很容易联想到,这100个第一应用账号很有可能不是本人登录的,相当于这100个账号只有2个第一应用账号在该支付宝客户端进行了操作,剩余的第一应用账号在支付宝客户端只进行了登录。可以看出,记录的第一应用账号在第二应用客户端上进行操作成功的第一应用账号的个数会明显少。因为黑客会利用扫号软件对第一应用账号进行扫号,扫号的目的是检查第一应用账号是否能登录成功,相当于登录成功的第一应用账号在支付宝客户端只进行了登录,不进行交易,因为做交易会消耗时间成本。可以识别出序列号为CN1007的支付宝客户端可能为黑客的客户端。For example: on the Alipay client with the serial number CN1007, there are 100 first application accounts that have successfully logged in, and 2 accounts have successfully performed operations and transactions. It is easy to think that these 100 first app accounts are probably not logged in by me, which means that only 2 of the 100 accounts have been operated on the Alipay client, and the remaining first app accounts are in Alipay. The client is only logged in. It can be seen that the number of recorded first application accounts whose first application accounts successfully operate on the second application client is obviously less. Because the hacker will use the scanning software to scan the number of the first app account. The purpose of scanning the number is to check whether the first app account can log in successfully. Make a transaction, because doing a transaction consumes time costs. It can be identified that the Alipay client with the serial number CN1007 may be a hacker's client.
例如:在序列号为CN1002的支付宝客户端上,在2014.2.2这一整天,该支付宝客户端的登录成功的第一应用账号数有100个,其中操作成功的账号数有50个,则可以识别出序列号为CN1002的支付宝客户端可能为公共场所所使用的支付宝客户端。For example: on the Alipay client with the serial number CN1002, in the whole day of 2014.2.2, there are 100 first app accounts that have successfully logged in on the Alipay client, and 50 of them have successfully operated. The identified Alipay client whose serial number is CN1002 may be the Alipay client used in public places.
S103:根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数。S103: According to the first application account whose login is successful and the first application account whose operation is successful, obtain a first number hacking identification parameter.
在本例中,是由第二应用客户端对应的后台系统或者第二应用客户端自身从登录的第一应用账号上获取第一盗号判别参数,在本申请中执行主体除了第二应用对应的后台系统,第二应用客户端本身之外,还可以是具有执行本申请方法所描述的步骤的插件或者组件。In this example, the background system corresponding to the second application client or the second application client itself obtains the first identity theft identification parameter from the logged-in first application account. The background system, in addition to the second application client itself, may also have a plug-in or component that executes the steps described in the method of the present application.
在本步骤中,根据记录的所述登录成功的第一应用账号的个数与所述操作成功的第一应用账号的个数,将所述登录成功的第一应用账号的个数与所述操作成功的第一应用账号的个数进行比值,得到所述第一盗号判别参数。In this step, according to the recorded number of first application accounts that have successfully logged in and the number of first application accounts that have successfully operated, the number of first application accounts that have successfully logged in and the number of first application accounts that have successfully The number of successfully operated first application accounts is compared to obtain the first hacking identification parameter.
第二应用客户端如果有大量第一应用帐号登录成功过,说明有两种情况,一种是该第二应用客户端是在公共场所所使用的支付宝客户端,另一种是该第二应用客户端是黑客使用的客户端。If the second application client has a large number of first application accounts that have successfully logged in, there are two situations. One is that the second application client is an Alipay client used in public places, and the other is that the second application client The client is the one used by hackers.
如果第二应用客户端是在公共场所所使用的支付宝客户端,这些大量的第一应用帐号都为这些第一应用帐号的本人登录的,从普遍的角度,一般要对第一应用账号进行操作时,才会登录第一应用账号,因此,在支付宝客户端登录的第一应用账号的登录与操作的比例比较小趋近于1。If the second application client is the Alipay client used in public places, these large numbers of first application accounts are all logged in by the first application accounts. From a general point of view, it is generally necessary to operate on the first application account. Only when the first application account is logged in, the ratio of login and operation of the first application account logged in on the Alipay client is relatively small and tends to be 1.
如果第二应用客户端是黑客使用的客户端,由于黑客通过扫号软件对第一应用账号以扫号的形式在支付宝客户端进行登录,即对这些大量的第一应用账号只进行登录不进行操作,或者操作的第一应用帐号数相对登录的第一应用帐号数为少数,则在支付宝客户端登录的第一应用账号登录与操作的比例会比较大,即黑客的支付宝客户端区别于正常的客户端,则这些第一应用账号可能为被盗用的账号。因此,通过本步骤得到的第一盗号判别参数,可以区分该第二应用客户端是在公共场所所使用的支付宝客户端,还是黑客使用的客户端。If the second application client is a client used by a hacker, since the hacker scans the first application account to log in the Alipay client in the form of scanning the number through the number scanning software, that is, only logins are not performed for these large numbers of first application accounts. operation, or the number of first app accounts for operations is relatively small compared to the number of first app accounts logged in, then the ratio of login and operation of the first app account logged in on the Alipay client will be relatively large, that is, the Alipay client of the hacker is different from the normal one. client, these first application accounts may be stolen accounts. Therefore, through the first identity theft identification parameter obtained in this step, it is possible to distinguish whether the second application client is an Alipay client used in a public place or a client used by a hacker.
例如:在序列号为CN1002的支付宝客户端,登录成功的第一应用账号的第一盗号判别参数为:登录成功的第一应用账号的个数100与操作成功的第一应用账号的个数50之比2;在序列号为CN1007的支付宝客户端,登录成功的第一应用账号的第一盗号判别参数为:登录成功的第一应用账号的个数100与操作成功的第一应用账号的个数2之比50,虽然他们登录成功的第一应用账号数都为100个,但可以很容易的断定,序列号为CN1007的支付宝客户端是黑客使用的客户端,序列号为CN1002的支付宝客户端很有可能是在公共场所所使用的支付宝客户端,即非黑客使用的客户端。For example: on the Alipay client with the serial number CN1002, the first hacking identification parameters of the first application account that has successfully logged in are: the number of first application accounts that have successfully logged in is 100 and the number of first application accounts that have successfully operated is 50 Ratio 2; on the Alipay client with the serial number CN1007, the first stealing identification parameter of the successfully logged-in first application account is: the number of successfully logged-in first application accounts 100 and the number of successfully operated first application accounts The ratio of 2 to 50, although the number of the first application accounts they successfully logged in is 100, it can be easily concluded that the Alipay client with the serial number CN1007 is the client used by hackers, and the Alipay client with the serial number CN1002 The client is likely to be the Alipay client used in public places, that is, the client not used by hackers.
在本步骤之后还包括:将所述第一盗号判别参数标记在所述登录成功的第一应用账号上。After this step, the method further includes: marking the first account number theft identification parameter on the first application account with successful login.
例如:在序列号为CN1002的支付宝客户端上,有100个账号登录成功,且该支付宝客户端获取的第一盗号判别参数为2,将2分别标记在该序列号为CN1002的支付宝客户端登录成功的100个账号上。For example: on the Alipay client with the serial number CN1002, 100 accounts have successfully logged in, and the first stolen account identification parameter obtained by the Alipay client is 2, mark 2 on the Alipay client login with the serial number CN1002 Successfully on 100 accounts.
例如:在序列号为CN1007的支付宝客户端上,有100个账号登录成功,且该支付宝客户端获取的第一盗号判别参数为50,将50分别标记在该序列号为CN1007的支付宝客户端登录成功的100个账号上。For example: on the Alipay client with the serial number CN1007, 100 accounts have successfully logged in, and the first stolen number identification parameter obtained by the Alipay client is 50, mark 50 on the Alipay client login with the serial number CN1007 Successfully on 100 accounts.
在本步骤中,通过第一盗号判别参数可以初步地识别第一应用账号,是在公共场所所使用的支付宝客户端登录过的账号还是在黑客使用的客户端登录过的账号,从而识别该第一应用账号是否为被盗用的账号。In this step, the first application account can be preliminarily identified by the first account number identification parameter, whether it is an account logged in on the Alipay client used in a public place or an account logged in on a client used by a hacker, thereby identifying the first application account. Whether the application account is a stolen account.
例如:对比在序列号为CN1002的支付宝客户端,登录成功的第一应用账号的第一盗号判别参数为2;与在序列号为CN1007的支付宝客户端,登录成功的第一应用账号的第一盗号判别参数为50,可以很容易的识别出,在序列号为CN1007的支付宝客户端登录成功的第一应用账号可能是被盗用的账号;在序列号为CN1002的支付宝客户端登录成功的第一应用账号不是被盗用过的账号。因此,通过获取的第一盗号判别参数,可以识别第一应用账号是否为被盗用的账号。For example: compared with the Alipay client whose serial number is CN1002, the first stolen number discrimination parameter of the first application account that has successfully logged in is 2; The identification parameter of account theft is 50, which can be easily identified. The first app account that successfully logs in to the Alipay client with the serial number CN1007 may be a stolen account; the first app account that successfully logs in to the Alipay client with the serial number CN1002 The application account is not a compromised account. Therefore, it can be identified whether the first application account is a stolen account based on the acquired first stolen account identification parameter.
S104:根据所述登录成功的第一应用账号,获取第二盗号判别参数。S104: According to the first application account that has successfully logged in, acquire a second number hacking identification parameter.
在本例中,是由第二应用客户端对应的后台系统或者第二应用客户端自身从登录的第一应用账号上获取第二盗号判别参数,在本申请中执行主体除了第二应用对应的后台系统,第二应用客户端本身之外,还可以是具有执行本申请方法所描述的步骤的插件或者组件。In this example, the background system corresponding to the second application client or the second application client itself obtains the second identity theft identification parameter from the logged-in first application account. The background system, in addition to the second application client itself, may also have a plug-in or component that executes the steps described in the method of the present application.
其中,商家为了营销作弊,在步骤S301-S303执行之前包括:用同一个个人注册特征信息注册多个第一应用账号。本申请是为了将营销作弊的支付宝客户端排除在外,通过步骤S301-S303识别更准确的被盗用的账号。Wherein, in order to cheat in marketing, the merchant includes: registering multiple first application accounts with the same personal registration feature information before executing steps S301-S303. The purpose of this application is to exclude the Alipay client with marketing cheating, and to identify more accurate stolen account numbers through steps S301-S303.
步骤104具体包括以下步骤:Step 104 specifically includes the following steps:
S301:从所述登录成功的第一应用账号的个人信息库中,查找所述登录成功的第一应用账号对应的个人注册特征信息;S301: From the personal information database of the successfully logged-in first application account, search for personal registration feature information corresponding to the successfully logged-in first application account;
第一应用账号的个人信息库,包括第一应用账号、密码、用户名和身份证号,第一应用账号对应的个人注册特征信息,可以是密码或身份证号。The personal information database of the first application account includes the first application account, password, user name and ID number, and the personal registration characteristic information corresponding to the first application account may be a password or an ID number.
例如:在第二应用客户端的序列号为CN1007的支付宝客户端上,从登录成功的100个第一应用账号的支付宝账号的个人信息库中,查找所述登录成功的支付宝账号对应的身份证号。For example: on the Alipay client with the serial number of the second application client being CN1007, from the personal information database of the Alipay accounts of the 100 first application accounts that have successfully logged in, search for the ID numbers corresponding to the Alipay accounts that have successfully logged in .
S302:统计相同的所述个人注册特征信息对应的所述登录成功的第一应用账号的个数;S302: Count the number of the first application accounts that have successfully logged in and correspond to the same personal registration feature information;
由于同一个个人注册特征信息可以对应多个第一应用账号,所以统计登录成功的多个第一应用账号的个数。例如:一个身份证号可以同时注册多个第一应用账号,以及一个密码可以同时对应多个第一应用账号,这多个第一应用账号可能属于同一个人的。在淘宝网中,很多商家为了提高销量,用一个身份证号同时注册多个支付宝账号进行营销作弊。当商家在支付宝客户端同时登录这多个支付宝账号,但没有进行操作交易或进行少量的操作交易时,该支付宝客户端的第一盗号判别参数就较大,但这多个账号不属于被盗用的账号。所以统计相同的所述个人注册特征信息对应的所述登录成功的第一应用账号的个数。Since the same personal registration feature information may correspond to multiple first application accounts, the number of multiple first application accounts that successfully log in is counted. For example: one ID number can register multiple first application accounts at the same time, and one password can correspond to multiple first application accounts at the same time, and these multiple first application accounts may belong to the same person. On Taobao.com, in order to increase sales, many merchants use one ID number to simultaneously register multiple Alipay accounts for marketing cheating. When merchants log in to these multiple Alipay accounts on the Alipay client at the same time, but do not conduct any or a small amount of operational transactions, the Alipay client’s first identity theft identification parameter is relatively large, but these multiple accounts are not stolen account. Therefore, the number of the first application account whose login is successful corresponding to the same personal registration feature information is counted.
例如:统计相同的身份证号对应的登录成功的支付宝账号的个数,将属于同一身份证号的第一应用账号排除在被盗用的账号外。因此,通过本步骤,可以将营销作弊的第一应用账号排除在外,得到更准确的被盗用的账号。For example: Count the number of Alipay accounts that have successfully logged in corresponding to the same ID number, and exclude the first application account belonging to the same ID number from the stolen accounts. Therefore, through this step, the first application account for marketing fraud can be excluded, and a more accurate stolen account can be obtained.
例如:在序列号为CN1007的支付宝客户端上,统计具有相同的身份证号a的登录成功的支付宝账号的个数为5个,具有相同的身份证号b的登录成功的支付宝账号的个数为16个。For example: on the Alipay client with the serial number CN1007, count the number of successfully logged in Alipay accounts with the same ID number a as 5, and the number of successfully logged in Alipay accounts with the same ID number b for 16.
S303:根据所述相同的所述个人注册特征信息对应的所述登录成功的第一应用账号的个数得到所述第二盗号判别参数。S303: Obtain the second identity theft identification parameter according to the number of the first application accounts that have successfully logged in corresponding to the same personal registration feature information.
例如:身份证号为a的登录成功的5个支付宝账号的第二盗号判别参数均为5;身份证号为b的登录成功的16个支付宝账号的第二盗号判别参数均为16。For example: the second identity theft discrimination parameters of 5 Alipay accounts whose ID number is a successfully logged in are all 5;
在本步骤之后还包括:将所述第二盗号判别参数标记在所述相同的所述个人注册特征信息对应的所述登录成功的第一应用账号上。After this step, the method further includes: marking the second identity theft identification parameter on the first application account with successful login corresponding to the same personal registration feature information.
例如:将第二盗号判别参数为5分别标记在身份证号为a的登录成功的5个支付宝账号上;将第二盗号判别参数为16分别标记在身份证号为b的登录成功的16个支付宝账号上。For example: mark the second ID number identification parameter as 5 on the 5 Alipay accounts whose ID number is a and successfully log in respectively; mark the second ID number identification parameter as 16 on the 16 Alipay accounts whose ID number is b and successfully log in respectively Alipay account.
从相同的个人注册特征信息对应的所述登录第二应用客户端成功的第一应用账号上,获取第二盗号判别参数。通过第二盗号判别参数可以初步地识别登录成功的第一应用账号,是营销作弊的账号还是在黑客的客户端登录过的账号,从而识别该第一应用账号是否为被盗用的账号。From the first application account that successfully logs in to the second application client corresponding to the same personal registration feature information, the second account theft discrimination parameter is obtained. Through the second identity theft identification parameter, it can be preliminarily identified whether the first application account that has successfully logged in is an account for marketing cheating or an account that has been logged in at the hacker's client, thereby identifying whether the first application account is a stolen account.
例如:从相同的身份证号a对应的所述登录支付宝客户端成功的第一应用账号上,获取第二盗号判别参数5。从相同的身份证号b对应的所述登录支付宝客户端成功的第一应用账号上,获取第二盗号判别参数16。通过标记在第一应用账号上的第二盗号判别参数,可以识别登录成功的第一应用账号,是营销作弊的账号,还是在黑客客户端登录过的被盗用的账号。For example: from the first application account that successfully logs in to the Alipay client corresponding to the same ID number a, the second identity theft identification parameter 5 is obtained. From the first application account that has successfully logged in to the Alipay client corresponding to the same ID number b, the second identity theft identification parameter 16 is obtained. Through the second identity theft identification parameter marked on the first application account, it can be identified whether the successfully logged-in first application account is an account for marketing cheating or a stolen account that has been logged in at the hacker client.
S105:根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。S105: According to the first stolen number identification parameter and the second stolen number identification parameter, as well as the preset first threshold and second threshold, identify the stolen account among the first application accounts successfully logged in.
第一阈值是为第一盗号判别参数预设的值M,第二阈值是为第二盗号判别参数预设的值N。第一阈值和第二阈值可以根据实际情况设定。根据所述第一盗号判别参数,所述第二盗号判别参数,预设的第一阈值和第二阈值,识别所述登录第二应用客户端成功的第一应用账号中被盗用的账号。The first threshold is a preset value M for the first stolen number identification parameter, and the second threshold is a preset value N for the second stolen number identification parameter. The first threshold and the second threshold can be set according to actual conditions. According to the first account theft identification parameter, the second account theft identification parameter, and the preset first threshold and second threshold, identify the stolen account among the first application accounts successfully logged in to the second application client.
识别第一盗号判别参数>M且第二盗号判别参数<N的第一应用账号,为被盗用的账号。如果第一应用账号的第一盗号判别参数小于等于M,说明第一盗号判别参数正常,即使在第二应用客户端上登录第一应用账号的个数多,但在第二应用客户端上操作第一应用账号的个数也多,与登录第一应用账号的个数成正比,则识别出该第二应用客户端不是黑客的客户端,从而将公共场所所使用的支付宝客户端排除在外,识别出该第一应用账号不是被盗用的账号。如果第一应用账号的第二盗号判别参数大于等于N,说明与该第一应用账号具有相同的个人注册特征信息的账号个数很多,识别出该第一应用账号很有可能是营销作弊的账号,不是被盗用的账号。只有当第一盗号判别参数>M且第二盗号判别参数<N的第一应用账号,识别为被盗用的账号,可以将在公共场所所使用的支付宝客户端登录过的第一应用账号和营销作弊的账号排除在外,得到更准确的被盗用的账号。Identifying the first application account with the first identification parameter for hacking>M and the second identification parameter for hacking<N is a stolen account. If the first identity theft identification parameter of the first application account is less than or equal to M, it means that the first identity theft identification parameter is normal. The number of first application accounts is also large, which is proportional to the number of login first application accounts, then it is recognized that the second application client is not a hacker's client, thereby excluding the Alipay client used in public places, It is identified that the first application account is not a stolen account. If the second stealing identification parameter of the first application account is greater than or equal to N, it means that there are many accounts with the same personal registration feature information as the first application account, and it is likely that the first application account is identified as an account for marketing fraud , not a compromised account. Only when the first application account with the first identification parameter for hacking > M and the second identification parameter for hacking < N is identified as a stolen account, the first application account and marketing Cheating accounts are excluded to get a more accurate compromised account.
例如:预设第一阈值M为5,预设第二阈值N为6,在序列号为CN1007的支付宝客户端上,登录成功的100个账号的第一盗号判别参数为50>M;其中,有5个第一应用账号的第二盗号判别参数为5<N,则识别该5个第一应用账号为被盗用的账号。其中,有16个第一应用账号的第二盗号判别参数为16>N,则识别这16个第一应用账号不为被盗用的账号,很有可能这16个第一应用账号为营销作弊的账号。在序列号为CN1002的支付宝客户端上,登录成功的100个第一应用账号的第一盗号判别参数为2<M,则识别这100个第一应用账号不为被盗用的账号,很有可能这100个第一应用账号是在公共场所所使用的支付宝客户端登录过的账号。For example: the preset first threshold M is 5, and the preset second threshold N is 6. On the Alipay client whose serial number is CN1007, the first hacking identification parameter of 100 accounts successfully logged in is 50>M; wherein, If there are 5 first application accounts whose second account theft discrimination parameter is 5<N, then the 5 first application accounts are identified as stolen accounts. Among them, there are 16 first application accounts whose second stealing identification parameter is 16>N, then it is recognized that these 16 first application accounts are not stolen accounts, and it is very likely that these 16 first application accounts are fraudulent in marketing. account. On the Alipay client with the serial number CN1002, if the first stolen number identification parameter of the 100 first application accounts successfully logged in is 2<M, then it is possible to identify that these 100 first application accounts are not stolen accounts. These 100 No. 1 application accounts are accounts that have been logged into the Alipay client used in public places.
因此,本申请提供的识别账号的方法,根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数,根据所述登录成功的第一应用账号,获取第二盗号判别参数,再根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。将在公共场所所使用的客户端登录过的账号和营销作弊的账号排除在外,得到更准确的被盗用的账号。Therefore, the method for identifying an account provided by this application obtains a first identity theft identification parameter based on the first application account that has successfully logged in and the first application account that has successfully operated, and based on the first application account that has successfully logged in, Acquiring the second account theft discrimination parameter, and then identifying the stolen account among the successfully logged-in first application accounts according to the first account theft identification parameter and the second account theft identification parameter, as well as the preset first threshold value and the second threshold value. Exclude accounts that have been logged in from clients used in public places and accounts that have cheated in marketing, and obtain more accurate stolen accounts.
实施例二Embodiment two
本申请实施例提供了另一种识别账号的方法可以包括以下内容:The embodiment of this application provides another method for identifying an account, which may include the following:
黑客在人人网盗取了人人网账号,以及每个人人网账号对应的密码。现在黑客为了取得经济利益,要使用盗取的人人网账号,在支付宝客户端上进行一一登录,最终获取在支付宝客户端上登录成功的人人网账号,在支付宝客户端上登录成功的人人网账号就是被盗的支付宝账号。The hacker stole the Renren account and the password corresponding to each Renren account. In order to obtain economic benefits, hackers now use the stolen Renren account to log in on the Alipay client one by one, and finally obtain the Renren account that has been successfully logged in on the Alipay client, and the successful login on the Alipay client. The Renren account is the stolen Alipay account.
下面描述如何识别这些被盗的支付宝账号。The following describes how to identify these stolen Alipay account numbers.
一个支付宝客户端对应于一个序列号,便于追踪到支付宝客户端。支付宝客户端CN1007对应的后台系统,识别到支付宝客户端突然在短时间内有200个账号进行登录,这200个账号登录的结果有3种情况:登录不成功、登录成功但没交易或没交易成功、登录成功且交易成功。支付宝客户端对应的后台系统记录在1天内登录成功的账号个数100个,记录交易成功的账号个数2个,然后得出一个第一盗号判别参数100/2=50,并把第一盗号判别参数50标记在登录成功的100个账号上。An Alipay client corresponds to a serial number, which is easy to trace to the Alipay client. The background system corresponding to the Alipay client CN1007 recognized that the Alipay client suddenly had 200 accounts logged in within a short period of time. The results of these 200 account logins have three situations: login unsuccessful, login successful but no transaction or no transaction Succeeded, Login Succeeded, and Transaction Succeeded. The background system corresponding to the Alipay client records 100 accounts that have successfully logged in within 1 day, records the number of accounts that have successfully traded 2, and then obtains a first hacking number identification parameter 100/2=50, and puts the first hacking number The discrimination parameter 50 is marked on the 100 accounts that have successfully logged in.
在这里,第一盗号判别参数值为50是一个很异常的值,意味着支付宝客户端CN1007登录太频繁,交易少。但不排除该客户端可能是营销作弊的情况,这里的营销作弊是一个客户持有多个账号,将这多个账号进行登录但不交易。因此识别被盗的支付宝账号需要排除营销作弊的情况,下面详细描述如何将营销作弊的账号排除在外。Here, the value of the first hacking identification parameter value of 50 is a very abnormal value, which means that Alipay client CN1007 logs in too frequently and has few transactions. However, it is not ruled out that the client may be cheating in marketing. The marketing cheating here is that a customer holds multiple accounts and logs in these multiple accounts but does not trade. Therefore, to identify stolen Alipay accounts, it is necessary to exclude marketing cheating. The following describes in detail how to exclude marketing cheating accounts.
由于在支付宝客户端上注册支付宝账号时,是用身份证号注册的,所以支付宝客户端对应的后台系统从登录成功的100个账号的个人信息库中,查找到这100个账号对应的身份证号a、身份证号b、身份证号c、身份证号d,统计在这100个账号中,具有相同的身份证号a对应的账号个数为5个,具有相同的身份证号b对应的账号个数为16个,以此类推。根据具有相同的身份证号a对应的账号个数为5个,获取第二盗号判别参数为5,将第二盗号判别参数5标记在身份证号为a的5个账号上;同理,根据具有相同的身份证号b对应的账号个数为16个,获取第二盗号判别参数为16,将第二盗号判别参数16标记在身份证号为b的16个账号上。Since the Alipay account is registered with the ID number when registering on the Alipay client, the background system corresponding to the Alipay client finds the ID cards corresponding to the 100 accounts from the personal information database of the 100 accounts that have successfully logged in. No. a, ID number b, ID number c, and ID number d. Among the 100 accounts, there are 5 accounts corresponding to the same ID number a, and 5 accounts corresponding to the same ID number b. The number of accounts is 16, and so on. According to the number of accounts corresponding to the same ID number a is 5, the second stolen number discrimination parameter is 5, and the second stolen number discrimination parameter 5 is marked on the 5 accounts whose ID number is a; in the same way, according to The number of accounts corresponding to the same ID number b is 16, and the second stolen number identification parameter is obtained as 16, and the second stolen number identification parameter 16 is marked on the 16 accounts with the ID number b.
预设标记在账号上的第一盗号判别参数的阈值为5,预设标记在账号上的第二盗号判别参数的阈值为6,当标记在账号上的第一盗号判别参数>5且第二盗号判别参数<6的账号,为被盗用的账号。The preset threshold value of the first number hacking identification parameter marked on the account is 5, and the threshold value of the second number identification parameter marked on the account is 6. When the first number identification parameter marked on the account>5 and the second Accounts whose number identification parameter is less than 6 are stolen accounts.
在序列号为CN1007的支付宝客户端上,登录成功的100个账号的第一盗号判别参数50>5(第一盗号判别参数的阈值);其中,有5个账号的第二盗号判别参数为5<6(第二盗号判别参数的阈值),则识别这5个账号为被盗用的账号。其中,有16个账号的第二盗号判别参数为16>6,则识别这16个账号不为被盗用的账号,即很有可能这16个账号为营销作弊的账号,这样就把营销作弊的账号排除在外了。On the Alipay client whose serial number is CN1007, the first stolen number discrimination parameter of 100 accounts successfully logged in is 50>5 (threshold value of the first stolen number discrimination parameter); among them, the second stolen number discrimination parameter of 5 accounts is 5 <6 (threshold value of the second stolen number identification parameter), then identify these 5 accounts as stolen accounts. Among them, there are 16 accounts whose second identity theft identification parameter is 16>6, and these 16 accounts are not identified as stolen accounts, that is, it is very likely that these 16 accounts are accounts of marketing cheating, so that the marketing cheating Accounts are excluded.
同理,在序列号为CN1002的支付宝客户端上,登录成功的100个账号中,有50个账号交易过,则这100个账号的第一盗号判别参数为2<5,则识别这100个账号不为被盗用的账号,即很有可能这100个账号是在公共客户端(公共场所使用的支付宝客户端)登录过的,这样就把在公共客户端登录过的账号排除在外了。In the same way, on the Alipay client with the serial number CN1002, among the 100 accounts that have successfully logged in, 50 accounts have been traded, and the first hacking identification parameter of these 100 accounts is 2<5, and these 100 accounts are identified. The account number is not a stolen account, that is, it is very likely that these 100 accounts have been logged in on the public client (Alipay client used in public places), so the accounts logged in on the public client are excluded.
因此,通过本申请实施例二提供的识别账号的方法,能够将在公共场所所使用的客户端登录过的账号和营销作弊的账号排除在外,得到更准确的被盗用的账号。Therefore, through the method for identifying accounts provided in Embodiment 2 of the present application, accounts used in public places that have been logged in at the client and accounts used for marketing fraud can be excluded, and more accurate stolen accounts can be obtained.
实施例三Embodiment three
与本申请实施例一提供的一种识别账号的方法相对应,本申请实施例还提供了一种识别账号的系统,参见图2,该系统具体包括:第一识别模块201、记录模块202、第一获取模块203、第二获取模块204和第二识别模块205。Corresponding to the method for identifying an account number provided in Embodiment 1 of the present application, the embodiment of the present application also provides a system for identifying an account number, see FIG. 2 , the system specifically includes: a first identification module 201, a recording module 202, The first acquiring module 203 , the second acquiring module 204 and the second identifying module 205 .
第一识别模块201,用于识别在第二应用客户端上有多个第一应用账号进行登录;The first identification module 201 is configured to identify multiple first application accounts for logging in on the second application client;
记录模块202,用于记录在所述第二应用客户端上登录成功的第一应用账号,以及在所述第二应用客户端上进行操作成功的第一应用账号;A recording module 202, configured to record the first application account that has successfully logged in on the second application client, and the first application account that has successfully operated on the second application client;
第一获取模块203,用于根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数;The first acquiring module 203 is configured to acquire a first identity theft discrimination parameter according to the first application account with successful login and the first application account with successful operation;
第二获取模块204,用于根据所述登录成功的第一应用账号,获取第二盗号判别参数;The second acquiring module 204 is configured to acquire a second identity theft identification parameter according to the first application account successfully logged in;
第二识别模块205,用于根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。The second identifying module 205 is configured to identify stolen accounts among the first application accounts that have successfully logged in according to the first stolen number identification parameter and the second stolen number identification parameter, as well as preset first thresholds and second thresholds.
所述第一获取模块203还可以包括:The first acquisition module 203 may also include:
根据记录的所述登录成功的第一应用账号的个数与所述操作成功的第一应用账号的个数,将所述登录成功的第一应用账号的个数与所述操作成功的第一应用账号的个数进行比值,得到所述第一盗号判别参数。According to the recorded number of the first application accounts with successful logins and the number of first application accounts with successful operations, the number of first application accounts with successful logins and the number of first application accounts with successful operations The number of application accounts is compared to obtain the first number hacking identification parameter.
所述系统还可以包括:The system may also include:
将所述第一盗号判别参数标记在所述登录成功的第一应用账号上。Marking the first stolen account identification parameter on the first application account that has successfully logged in.
所述第二获取模块204还可以包括:The second obtaining module 204 may also include:
从所述登录成功的第一应用账号的个人信息库中,查找所述登录成功的第一应用账号对应的个人注册特征信息;From the personal information database of the successfully logged-in first application account, search for the personal registration feature information corresponding to the successfully logged-in first application account;
统计相同的所述个人注册特征信息对应的所述登录成功的第一应用账号的个数;Counting the number of the first application accounts that have successfully logged in corresponding to the same personal registration feature information;
根据所述相同的所述个人注册特征信息对应的所述登录成功的第一应用账号的个数得到所述第二盗号判别参数。The second hacking identification parameter is obtained according to the number of the first application accounts that have successfully logged in corresponding to the same personal registration feature information.
所述系统还可以包括:The system may also include:
将所述第二盗号判别参数标记在所述相同的所述个人注册特征信息对应的所述登录成功的第一应用账号上。Marking the second stolen number identification parameter on the first application account that successfully logs in corresponding to the same personal registration feature information.
因此,通过本申请提供的识别账号的方法及系统,根据所述登录成功的第一应用账号和所述操作成功的第一应用账号,获取第一盗号判别参数,根据所述登录成功的第一应用账号,获取第二盗号判别参数,再根据第一盗号判别参数和第二盗号判别参数,以及预设的第一阈值和第二阈值,识别所述登录成功的第一应用账号中被盗的账号。将在公共场所所使用的客户端登录过的账号和营销作弊的账号排除在外,得到更准确的被盗用的账号。Therefore, through the method and system for identifying accounts provided by this application, the first account number identification parameter is obtained according to the first application account with successful login and the first application account with successful operation, and according to the first application account with successful login The account is used to obtain the second account number theft identification parameter, and then according to the first account number identification parameter and the second account number identification parameter, as well as the preset first threshold value and the second threshold value, to identify the stolen number of the first application account that has successfully logged in. account. Exclude accounts that have been logged in from clients used in public places and accounts that have cheated in marketing, and obtain more accurate stolen accounts.
专业人员应该还可以进一步意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。Professionals should further realize that the units and algorithm steps described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, computer software, or a combination of the two. In order to clearly illustrate the relationship between hardware and software Interchangeability. In the above description, the composition and steps of each example have been generally described according to their functions. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present application.
结合本文中所公开的实施例描述的方法或算法的步骤可以用硬件、处理器执行的软件模块,或者二者的结合来实施。软件模块可以置于随机存储器(RAM)、内存、只读存储器(ROM)、电可编程ROM、电可擦除可编程ROM、寄存器、硬盘、可移动磁盘、CD-ROM、或技术领域内所公知的任意其它形式的存储介质中。The steps of the methods or algorithms described in connection with the embodiments disclosed herein may be implemented by hardware, software modules executed by a processor, or a combination of both. Software modules can be placed in random access memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or any other Any other known storage medium.
以上所述的具体实施方式,对本申请的目的、技术方案和有益效果进行了进一步详细说明,所应理解的是,以上所述仅为本申请的具体实施方式而已,并不用于限定本申请的保护范围,凡在本申请的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。The specific implementation manners described above have further described the purpose, technical solutions and beneficial effects of the application in detail. It should be understood that the above descriptions are only specific implementation modes of the application and are not intended to limit the scope of the application. Scope of protection: All modifications, equivalent replacements, improvements, etc. made within the spirit and principles of this application shall be included within the scope of protection of this application.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410410491.7ACN105357169B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account number |
| CN201810651173.8ACN108881235B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account |
| HK16107228.1AHK1219358B (en) | 2016-06-22 | Method for identifying account and system thereof |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410410491.7ACN105357169B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account number |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810651173.8ADivisionCN108881235B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account |
| Publication Number | Publication Date |
|---|---|
| CN105357169Atrue CN105357169A (en) | 2016-02-24 |
| CN105357169B CN105357169B (en) | 2018-06-05 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410410491.7AActiveCN105357169B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account number |
| CN201810651173.8AActiveCN108881235B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810651173.8AActiveCN108881235B (en) | 2014-08-20 | 2014-08-20 | Method and system for identifying account |
| Country | Link |
|---|---|
| CN (2) | CN105357169B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106027520A (en)* | 2016-05-19 | 2016-10-12 | 微梦创科网络科技(中国)有限公司 | Method and device for detecting and processing stealing of website accounts |
| CN108429718A (en)* | 2017-02-13 | 2018-08-21 | 腾讯科技(深圳)有限公司 | Account recognition methods and device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102325062A (en)* | 2011-09-20 | 2012-01-18 | 北京神州绿盟信息安全科技股份有限公司 | Abnormal login detecting method and device |
| CN102378171A (en)* | 2010-08-16 | 2012-03-14 | 中国移动通信集团公司 | Automatic authentication method and system thereof, Portal server, and RADIUS server |
| CN102629308A (en)* | 2012-03-09 | 2012-08-08 | 奇智软件(北京)有限公司 | A method and device for preventing login information from being stolen |
| CN102769582A (en)* | 2012-08-02 | 2012-11-07 | 深圳中兴网信科技有限公司 | Logical server, instant messaging system and instant messaging method |
| US20130326607A1 (en)* | 2012-06-05 | 2013-12-05 | Alibaba Group Holding Limited | Method, Apparatus and System of Controlling Remote Login |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8272033B2 (en)* | 2006-12-21 | 2012-09-18 | International Business Machines Corporation | User authentication for detecting and controlling fraudulent login behavior |
| US8600872B1 (en)* | 2007-07-27 | 2013-12-03 | Wells Fargo Bank, N.A. | System and method for detecting account compromises |
| US20120109821A1 (en)* | 2010-10-29 | 2012-05-03 | Jesse Barbour | System, method and computer program product for real-time online transaction risk and fraud analytics and management |
| CN102833247A (en)* | 2012-08-24 | 2012-12-19 | 上海心动企业发展有限公司 | Method for anti-sweeping ciphers in user login system and device thereof |
| CN103780592B (en)* | 2012-10-24 | 2017-04-26 | 阿里巴巴集团控股有限公司 | Method and apparatus for determining being stolen of user account |
| CN103488947A (en)* | 2013-10-11 | 2014-01-01 | 北京金山网络科技有限公司 | Method and device for identifying instant messaging client-side account number stealing Trojan horse program |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378171A (en)* | 2010-08-16 | 2012-03-14 | 中国移动通信集团公司 | Automatic authentication method and system thereof, Portal server, and RADIUS server |
| CN102325062A (en)* | 2011-09-20 | 2012-01-18 | 北京神州绿盟信息安全科技股份有限公司 | Abnormal login detecting method and device |
| CN102629308A (en)* | 2012-03-09 | 2012-08-08 | 奇智软件(北京)有限公司 | A method and device for preventing login information from being stolen |
| US20130326607A1 (en)* | 2012-06-05 | 2013-12-05 | Alibaba Group Holding Limited | Method, Apparatus and System of Controlling Remote Login |
| CN102769582A (en)* | 2012-08-02 | 2012-11-07 | 深圳中兴网信科技有限公司 | Logical server, instant messaging system and instant messaging method |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106027520A (en)* | 2016-05-19 | 2016-10-12 | 微梦创科网络科技(中国)有限公司 | Method and device for detecting and processing stealing of website accounts |
| CN106027520B (en)* | 2016-05-19 | 2019-02-26 | 微梦创科网络科技(中国)有限公司 | A method and device for detecting and processing stolen website accounts |
| CN108429718A (en)* | 2017-02-13 | 2018-08-21 | 腾讯科技(深圳)有限公司 | Account recognition methods and device |
| CN108429718B (en)* | 2017-02-13 | 2020-08-11 | 腾讯科技(深圳)有限公司 | Account identification method and device |
| Publication number | Publication date |
|---|---|
| CN105357169B (en) | 2018-06-05 |
| CN108881235A (en) | 2018-11-23 |
| CN108881235B (en) | 2020-12-11 |
| HK1219358A1 (en) | 2017-03-31 |
| Publication | Publication Date | Title |
|---|---|---|
| US9235695B2 (en) | Alias-based social media identity verification | |
| Clarke | Transparent user authentication: biometrics, RFID and behavioural profiling | |
| US10325088B2 (en) | Method and system for information authentication | |
| CN105791255B (en) | Computer risk identification method and system based on account clustering | |
| US9852276B2 (en) | System and methods for validating and managing user identities | |
| US20150006399A1 (en) | Social Media Based Identity Verification | |
| US20160112437A1 (en) | Apparatus and Method for Authenticating a User via Multiple User Devices | |
| US10270808B1 (en) | Auto-generated synthetic identities for simulating population dynamics to detect fraudulent activity | |
| US20170214679A1 (en) | User-enabled, two-factor authentication service | |
| EP2043328A2 (en) | Methods and apparatus for detecting fraud with time based computer tags | |
| CN106453205B (en) | identity verification method and device | |
| US9092599B1 (en) | Managing knowledge-based authentication systems | |
| US8327420B2 (en) | Authentication system and method | |
| US20160239832A1 (en) | Payment system | |
| CN111597538A (en) | Verification code generation method and system | |
| CN107196972A (en) | An authentication method and system, terminal and server | |
| US20200374287A1 (en) | Mutual identity verification | |
| CN103716316B (en) | A kind of authenticating user identification system | |
| CN105357169B (en) | Method and system for identifying account number | |
| Rikzan et al. | A study of phishing attack towards online banking | |
| Holthouse et al. | The 23andMe Data Breach: Analyzing Credential Stuffing Attacks, Security Vulnerabilities, and Mitigation Strategies | |
| CN106060791B (en) | Method and system for sending and obtaining short message verification code | |
| Ayodele et al. | Anti-phishing prevention measure for email systems | |
| CN102821106A (en) | Electronic document non-repudiation method | |
| Abedin et al. | Cyber security in banking sector |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code | Ref country code:HK Ref legal event code:DE Ref document number:1219358 Country of ref document:HK | |
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20200925 Address after:Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Patentee after:Innovative advanced technology Co.,Ltd. Address before:Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Patentee before:Advanced innovation technology Co.,Ltd. Effective date of registration:20200925 Address after:Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Patentee after:Advanced innovation technology Co.,Ltd. Address before:A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before:Alibaba Group Holding Ltd. |