CN114760270A

Movatterモバイル変換

Info

Publication number: CN114760270A
Application number: CN202110516342.9A
Authority: CN
Inventors: 李卫军
Original assignee: Beijing Sanjiang Xinda Information Technology Co ltd
Current assignee: Beijing Ansheng Huaxin Technology Co ltd
Priority date: 2021-05-12
Filing date: 2021-05-12
Publication date: 2022-07-15
Anticipated expiration: 2041-05-12
Also published as: CN114760270B

Abstract

The method generates the user equipment fingerprint according to the IP address obtained by analyzing the URL in the process that a DNS is accessed, and the URL can be analyzed into different IP addresses even if different hardware equipment installed by using a standard mirror image accesses the DNS, and further, because the IP address analyzed by each URL is unchanged before the expiration of a cache, the IP address sequence analyzed by accessing the URLs is also kept unchanged before the expiration of the cache, and the user equipment fingerprint generated by the method can realize accurate user tracking.

Description

Translated fromChinese

一种生成用户设备指纹的方法及装置A method and device for generating user equipment fingerprints

技术领域technical field

本申请属于互联网领域，特别涉及一种生成用户设备指纹的方法及装置。The present application belongs to the field of the Internet, and in particular relates to a method and apparatus for generating a fingerprint of a user equipment.

背景技术Background technique

随着用户设备指纹技术在各个领域的广泛应用，根据用户设备指纹进行跟踪技术已变得非常普及。跟踪技术在跨网站和跨会话(session)中被用来识别用户，其最广泛两个应用领域是个性化的广告和监控，因此，网站和第三方公司是使用此技术最多的实体。With the wide application of the user equipment fingerprint technology in various fields, the tracking technology based on the user equipment fingerprint has become very popular. Tracking technology is used to identify users across websites and sessions, and two of its most widespread application areas are personalized advertising and monitoring, so websites and third-party companies are the entities that use the technology the most.

跟踪技术最常用的方法包括加标签和指纹两种，其中，加标签的跟踪方法是将某些信息存储在用户的设备上，所述设备为软件设备，诸如cookie等，以便后续跟踪，但是，现代浏览器容许用户拒绝加标签，而且所添加的标签只对某个特定应用或者特定浏览器起作用，对相同用户使用相同硬件设备上的其他浏览器和应用则无效，此外，该方法对浏览器的隐私模式也无效。The most common methods of tracking technology include tagging and fingerprinting. Among them, the tagging method of tracking is to store certain information on the user's device, which is a software device, such as a cookie, etc., for subsequent tracking, but, Modern browsers allow users to refuse to add tags, and the added tags only work for a specific application or specific browser, and are invalid for other browsers and applications on the same hardware device by the same user. In addition, this method is not effective for browsing The privacy mode of the device also does not work.

另一种跟踪方法，即，指纹技术是通过勘测用户机器、应用和浏览器的特点(诸如字体)来跟踪用户的方法，但是，由于使用标准镜像安装的不同机器会产生相同的设备指纹，因此对于使用标准镜像安装的不同机器上的不同用户就无法作出准确识别，从而无法实现用户跟踪。Another tracking method, i.e., fingerprinting, is a method of tracking users by surveying the user's machine, application, and browser characteristics (such as fonts), but since different machines installed using a standard image will generate the same device fingerprint, It is impossible to accurately identify different users on different machines installed using a standard image, so that user tracking cannot be achieved.

发明内容SUMMARY OF THE INVENTION

为弥补现有跟踪技术的缺陷(如跟踪装载标准镜像的机器)，本申请提供一种生成用户设备指纹的方法及装置，所述方法根据域名系统(Domain Name System，DNS)在被访问过程中将统一资源定位器(Uniform Resource Locator，URL)解析而得的网际互连协议(Internet Protocol，IP)地址生成用户设备指纹，即使使用标准镜像安装的不同硬件设备在访问DNS过程中也会将URL解析为不同的IP地址，进一步地，由于在缓存过期前每个URL解析出的IP地址不变，因此，访问URLs解析的IP地址序列在缓存过期前也保持不变，使用本申请提供方法生成的用户设备指纹能够实现精准的用户跟踪。In order to make up for the defects of the existing tracking technology (such as tracking a machine loaded with a standard image), the present application provides a method and device for generating user equipment fingerprints. The Internet Protocol (IP) address parsed by the Uniform Resource Locator (URL) is used to generate the fingerprint of the user device. Even if different hardware devices installed using standard mirrors access the DNS, the URL will be It resolves to different IP addresses. Further, since the IP address parsed from each URL remains unchanged before the cache expires, the IP address sequence parsed by the access URLs also remains unchanged before the cache expires, and is generated using the method provided in this application. The user's device fingerprint enables accurate user tracking.

本申请的目的在于提供以下几个方面：The purpose of this application is to provide the following aspects:

第一方面，本申请提供一种生成用户设备指纹的方法，所述方法包括：In a first aspect, the present application provides a method for generating a user equipment fingerprint, the method comprising:

客户端向多个不同预设URL发起依次访问；The client initiates sequential access to multiple different preset URLs;

所述客户端根据对预设URL的访问向存根解析器(Stub Resolver)发送解析请求；The client sends a parsing request to a stub resolver (Stub Resolver) according to the access to the preset URL;

存根解析器根据所述解析请求反馈与所述URL对应的IP地址；The stub parser feeds back the IP address corresponding to the URL according to the parsing request;

所述客户端获取所查找到的IP地址；The client obtains the found IP address;

所述客户端根据所述IP地址生成用户设备指纹。The client generates a user equipment fingerprint according to the IP address.

在一种实例中，所述存根解析器根据所述解析请求反馈与所述URL对应的IP地址可以包括：存根解析器根据所述解析请求在缓存集中查找与该URL对应的IP地址，所述缓存集由操作系统缓存与DNS缓存之间所有缓存设备构成。In an example, the stub parser feeding back the IP address corresponding to the URL according to the parsing request may include: the stub parser looking up the IP address corresponding to the URL in the cache set according to the parsing request, and the The cache set consists of all cache devices between the OS cache and the DNS cache.

可选地，所述存根解析器根据所述解析请求在缓存集中查找与该URL对应的IP地址包括：Optionally, the stub resolver searches for the IP address corresponding to the URL in the cache set according to the resolution request, including:

将缓存集中所有缓存设备按照站点顺序由操作系统缓存至DNS缓存依次排序；Sort all the cache devices in the cache set from the operating system cache to the DNS cache according to the site order;

在缓存集中依次查找与该URL对应的IP地址。Find the IP address corresponding to the URL in the cache set in turn.

在另一种实例中，所述存根解析器根据所述解析请求反馈与所述URL对应的IP地址还可以包括：In another example, the stub parser feeding back the IP address corresponding to the URL according to the parsing request may further include:

DNS系统根据所述解析请求从每个URL对应的多个IP地址中随机解析生成一个IP地址。The DNS system randomly parses and generates an IP address from multiple IP addresses corresponding to each URL according to the resolution request.

在本可实现的方式中，DNS系统根据所述解析请求从每个URL对应的多个IP地址中随机解析生成一个IP地址后，所述方法还可以包括：In this achievable manner, after the DNS system randomly parses and generates an IP address from a plurality of IP addresses corresponding to each URL according to the resolution request, the method may further include:

客户端获取预设URL所带的cookie信息；The client obtains the cookie information carried by the preset URL;

客户端将所述cookie信息被发送至后端服务器；The client sends the cookie information to the backend server;

所述后端服务器在数据库中查找历史cookie信息；The back-end server searches the database for historical cookie information;

如果在数据库中查找到历史cookie信息，则将所述IP地址与历史cookie信息中的IP地址建立联结。If the historical cookie information is found in the database, the IP address is linked with the IP address in the historical cookie information.

在一种可实现的方式中，所述客户端所获取的IP地址均被缓存于所述缓存集中。In an achievable manner, the IP addresses obtained by the client are all cached in the cache set.

可选地，所述客户端根据所述IP地址生成用户设备指纹可以包括：Optionally, the generation of the user equipment fingerprint by the client according to the IP address may include:

所述客户端向所述IP地址对应的API服务器发送HTTP请求；The client sends an HTTP request to the API server corresponding to the IP address;

所述客户端获取由各个所述服务器回复的字符串；The client obtains the strings replied by each of the servers;

所述客户端将所有服务器回复的所有字符串按序排列生成指纹字符串；The client generates fingerprint strings by arranging all strings replied by all servers in sequence;

所述客户端生成所述用户设备指纹，所述用户设备指纹由所述指纹字符串进行哈希处理所得。The client generates the user equipment fingerprint, and the user equipment fingerprint is obtained by hashing the fingerprint string.

进一步中，所述客户端将所有服务器回复的所有字符串按序排列生成指纹字符串可以按照预设顺序进行排列，例如，根据各服务器的编号按照服务器编号的升序或者降序进行排列。Further, the client arranges all the strings replied by all the servers in order to generate the fingerprint strings, which can be arranged in a preset order, for example, in an ascending or descending order of the server numbers according to the numbers of the servers.

第二方面，本申请还提供一种生成用户设备指纹装置，所述装置包括：In a second aspect, the present application further provides a device for generating a fingerprint of a user equipment, the device comprising:

客户端，用于向多个不同预设URL发起依次访问；The client is used to initiate sequential access to multiple different preset URLs;

所述客户端还用于根据对预设URL的访问向存根解析器(Stub Resolver)发送解析请求；The client is also used to send a parsing request to a stub resolver (Stub Resolver) according to the access to the preset URL;

存根解析器，用于根据所述解析请求反馈与所述URL对应的IP地址；a stub parser, configured to feed back the IP address corresponding to the URL according to the parsing request;

所述客户端还用于获取所查找到的IP地址；The client is also used to obtain the found IP address;

所述客户端还用于根据所述IP地址生成用户设备指纹。The client is further configured to generate a user equipment fingerprint according to the IP address.

第三方面，本申请还提供一种生成用户设备指纹的程序，所用程序用于执行时实现上述第一方面所述生成用户设备指纹方法的步骤。In a third aspect, the present application further provides a program for generating a fingerprint of a user equipment, the program being used to implement the steps of the method for generating a fingerprint of a user equipment described in the first aspect above when the program is executed.

第四方面，一种计算机可读存储介质，其上存储有计算机指令，该指令被处理器执行时实现上述第一方面所述生成用户设备指纹方法的步骤。In a fourth aspect, a computer-readable storage medium stores computer instructions thereon, and when the instructions are executed by a processor, implements the steps of the method for generating a user equipment fingerprint described in the first aspect.

第五方面，一种生成用户设备指纹的设备，所述设备包括：至少一个处理器；以及与所述至少一个处理器通信连接的存储器；其中，所述存储器存储有可被所述一个处理器执行的指令，所述指令被所述至少一个处理器执行，以使所述至少一个处理器执行上述第一方面所述生成用户设备指纹方法。In a fifth aspect, a device for generating a fingerprint of a user equipment, the device comprising: at least one processor; and a memory communicatively connected to the at least one processor; wherein the memory stores information that can be used by the one processor The executed instructions are executed by the at least one processor, so that the at least one processor executes the method for generating a user equipment fingerprint according to the first aspect.

与现有技术相比，本申请提供的方法为每个URL配置多个IP地址，访问一个IP地址可随机解析得到其中一个IP地址，通过访问多个不同的URL，得到一组由IP地址形成的特定序列组合，将IP地址序列作为指纹，便可以识别从同一台机器上的任何应用和浏览器发来的请求。由于客户端在一定时间内会在各级缓存中暂时存储DNS对每个URL解析的IP地址，并且，在缓存过期前每个URL解析出的IP地址不变，因此，在缓存过期前缓存的IP地址序列保持不变，从而保证用户设备指纹保持不变，并且，使用缓存的IP地址序列能够提高效率和降低DNS系统负荷。Compared with the prior art, the method provided by the present application configures multiple IP addresses for each URL, and one IP address can be obtained by random analysis by accessing one IP address. A specific combination of sequences, using the IP address sequence as a fingerprint, can identify requests from any application and browser on the same machine. Since the client will temporarily store the IP address parsed by DNS for each URL in caches at all levels within a certain period of time, and the IP address parsed from each URL will remain unchanged before the cache expires, the cached IP address before the cache expires The IP address sequence remains unchanged, thereby ensuring that the user device fingerprint remains unchanged, and using the cached IP address sequence can improve efficiency and reduce the load on the DNS system.

附图说明Description of drawings

图1示出本申请方案使用场景示意图；FIG. 1 shows a schematic diagram of the use scenario of the solution of the present application;

图2示出本申请提供一种生成用户设备指纹方法的流程图。FIG. 2 shows a flowchart of a method for generating a fingerprint of a user equipment provided by the present application.

具体实施方式Detailed ways

这里将详细地对示例性实施例进行说明，其示例表示在附图中。下面的描述涉及附图时，除非另有表示，不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本发明相一致的所有实施方式。相反，它们仅是与如所附权利要求书中所详述的、本发明的一些方面相一致方法的例子。Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. Where the following description refers to the drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the illustrative examples below are not intended to represent all implementations consistent with the present invention. Rather, they are merely examples of methods consistent with some aspects of the invention as recited in the appended claims.

下面通过具体的实施例对本申请提供的生成用户设备指纹的方法及装置进行详细阐述。The method and apparatus for generating a fingerprint of a user equipment provided by the present application will be described in detail below through specific embodiments.

首先，对本方案的使用场景作简要介绍。First, a brief introduction to the usage scenarios of this solution is given.

图1示出本申请方案使用场景示意图，如图1所示，本申请应用于用户跟踪，涉及的硬件设备至少包括用户终端设备、WEB服务器和DNS系统，所述用户终端设备与所述WEB服务器以及所述DNS系统可分别相互通信。Figure 1 shows a schematic diagram of the application scenario of the application. As shown in Figure 1, the application is applied to user tracking, and the involved hardware devices include at least user terminal equipment, a WEB server, and a DNS system. The user terminal equipment and the WEB server And the DNS systems can communicate with each other, respectively.

WEB服务器包括响应值生成服务器和数据接受服务器，其中，所述响应值生成服务器用于生成响应值，并将所生成的响应值返回给用户终端设备，所述数据接受服务器用于接受用户终端设备所发送的用户设备指纹。The WEB server includes a response value generation server and a data acceptance server, wherein the response value generation server is used to generate a response value and return the generated response value to the user terminal equipment, and the data acceptance server is used to accept the user terminal equipment. The sent user device fingerprint.

在本申请中，在所述用户终端设备上安装有具有用户跟踪需求的软件，例如，某APP或者某浏览器等，用于执行本申请方法的程序，即跟踪程序，加载于所述具有用户跟踪需求的软件中，例如，可以加载到客户端浏览器上的Javascript中，在所述软件被启动后，所述跟踪程序随之被触发启动，用来计算用户设备指纹，所述跟踪程序为私有。负责执行计算任务和综合机器指纹，并上报所生成的机器指纹、cookie信息和设备指纹给后台机器指纹跟踪服务器。In the present application, software with user tracking requirements is installed on the user terminal device, such as an APP or a browser, etc., and the program for executing the method of the present application, that is, the tracking program, is loaded on the user terminal device with user tracking requirements. In the software for tracking requirements, for example, it can be loaded into Javascript on the client browser. After the software is started, the tracking program is triggered and started, and is used to calculate the fingerprint of the user equipment. The tracking program is: private. Responsible for performing computing tasks and synthesizing machine fingerprints, and reporting the generated machine fingerprints, cookie information and device fingerprints to the background machine fingerprint tracking server.

进一步地，在所述用户终端设备上还安装有与其操作系统匹配的存根解析器(Stub Resolver)，其用于查询本地缓存中的DNS记录，或者转发由跟踪程序发送的DNS请求给DNS系统。Further, a stub resolver (Stub Resolver) matching its operating system is also installed on the user terminal device, which is used to query the DNS records in the local cache, or forward the DNS request sent by the tracking program to the DNS system.

本申请利用DNS系统的特点来实现识别机器指纹识别，但是DNS系统的设置就不属于本申请的讨论范围。This application utilizes the characteristics of the DNS system to realize the identification of machine fingerprints, but the setting of the DNS system does not belong to the scope of discussion of this application.

在本申请中，所述DNS系统用于解析URL对应的IP地址，所述DNS系统包括递归解析器(DNS Recursive Resolver)、根域名服务器(Root Nameserver)、TLD(.com)Nameserver，和Authoritative(.example.com)Nameserver等。In this application, the DNS system is used to resolve the IP address corresponding to the URL, and the DNS system includes a recursive resolver (DNS Recursive Resolver), a root domain name server (Root Nameserver), a TLD (.com) Nameserver, and Authoritative ( .example.com) Nameserver, etc.

值得注意的是，在本实例中，假设DNS配置有生存周期，并且，在所述生存周期内，解析所得IP地址会被当作结果返回；如果所述生存周期过期，则解析所得IP地址会被从缓存中剔除。It is worth noting that, in this example, it is assumed that the DNS is configured with a lifetime, and within the lifetime, the IP address obtained from parsing will be returned as the result; if the lifetime expires, the IP address obtained from parsing will be returned as a result. is removed from the cache.

特别地，DNS的生存周期取决于设置，可以从几分钟到一个星期不等，通常会选择在5分钟到一个星期的范围内。In particular, the lifetime of DNS depends on the settings and can vary from a few minutes to a week, and is usually chosen to be in the range of 5 minutes to a week.

在本申请中，所述WEB服务器即API服务器，用于服务HTTP请求并回复该API所代表的值，具体详见以下说明。In this application, the WEB server is the API server, which is used to serve HTTP requests and reply to the value represented by the API. For details, please refer to the following description.

后端指纹跟踪服务器模块，用于接受前端上报的数据，关联相关的用户设备指纹等。The back-end fingerprint tracking server module is used to accept the data reported by the front-end and associate related user device fingerprints.

为便于说明本申请的技术方案，在以下实例中做出如下假定：For the convenience of illustrating the technical solutions of the present application, the following assumptions are made in the following examples:

预设URL共有三个，分别为x1.example.com，x2.example.com和x3.example.com。每个URL均与五个API服务器对应，因此，每个URL均可以被解析为其所对应五个API服务器中任意一个的IP地址，并且，每个IP地址提供一个唯一的响应值。There are three preset URLs, namely x1.example.com, x2.example.com and x3.example.com. Each URL corresponds to five API servers, so each URL can be resolved to the IP address of any one of the five API servers it corresponds to, and each IP address provides a unique response value.

例如，x1.example.com对应的第一个IP地址为10.1.1.1，其响应值为1，第二个IP地址为10.1.1.2，其响应值为2，第三个IP地址为10.1.1.3，其响应值为3，第四个IP地址为10.1.1.4，其响应值为4，第五个IP地址为10.1.1.5，其响应值为5；x2.example.com对应五个IP地址与x1.example.com对应的五个IP地址相同，响应值也分别相同；x3.example.com对应五个IP地址与x1.example.com对应的五个IP地址相同，响应值也分别相同。For example, the first IP address corresponding to x1.example.com is 10.1.1.1, its response value is 1, the second IP address is 10.1.1.2, its response value is 2, and the third IP address is 10.1.1.3 , its response value is 3, the fourth IP address is 10.1.1.4, its response value is 4, the fifth IP address is 10.1.1.5, its response value is 5; x2.example.com corresponds to five IP addresses and The five IP addresses corresponding to x1.example.com are the same, and the response values are also the same; the five IP addresses corresponding to x3.example.com are the same as the five IP addresses corresponding to x1.example.com, and the response values are also the same.

由上面的示例可见，如果一个URL对应多个IP地址，解析所得IP地址是这些IP地址中的一个，而选择哪个IP地址取决于DNS的配置，常见的方法有Round robin，如果有很多用户访问相同页面，就可能会出现不同的用户设备生成相同的指纹的情况。As can be seen from the above example, if a URL corresponds to multiple IP addresses, the IP address obtained by parsing is one of these IP addresses, and which IP address is selected depends on the configuration of DNS. The common method is Round robin. If many users visit On the same page, different user devices may generate the same fingerprint.

可以理解的是，指纹组合方式的数量N_指可以用下面的公式来表示：It can be understood that the number N_of fingerprint combinations can be expressed by the following formula:

N_指＝(N_U)^N服N_{refers to} = (N_U )^{N suits}

其中，N_U表示访问URL的数量；N^服表示服务器的数量。Among them, N_U represents the number of access URLs; N^server represents the number of servers.

由此可知，增加访问不同URL的次数，或者增加URL对应的IP地址(API服务器)的数量均可减少机器指纹的冲突。以上示例为例，用户设备指纹的组合方式共有3⁵＝243种。如果预设URL为10个，而每个URL配置10个对应的服务器，那么用户设备指纹的组合方式就会上升到10¹⁰＝100亿个。因此，预设访问的URL越多，指纹冲突的可能性就越低；每个URL对应的IP地址数量越多，指纹冲突的可能性就越低。因此，本申请提供的方案可以通过调整预设访问的URL数量和/或每个URL其对应的服务器数量来达到一个机器指纹冲突和设备开销之间的合理平衡。It can be seen from this that increasing the number of visits to different URLs or increasing the number of IP addresses (API servers) corresponding to the URLs can reduce the conflict of machine fingerprints. Taking the above example as an example, there are 3⁵ =243 combinations of user equipment fingerprints in total. If the preset URL is 10, and each URL is configured with 10 corresponding servers, then the combination of user device fingerprints will rise to 10¹⁰ =10 billion. Therefore, the more URLs that are preset to visit, the lower the possibility of fingerprint conflict; the more the number of IP addresses corresponding to each URL, the lower the possibility of fingerprint conflict. Therefore, the solution provided by the present application can achieve a reasonable balance between a machine fingerprint conflict and device overhead by adjusting the number of URLs to be accessed by default and/or the number of servers corresponding to each URL.

图2示出本申请提供一种生成用户设备指纹方法的流程图，如图2所示，所述方法包括以下步骤S101至步骤S105：FIG. 2 shows a flowchart of a method for generating a user equipment fingerprint provided by the present application. As shown in FIG. 2 , the method includes the following steps S101 to S105:

步骤S101，客户端向多个不同预设URL发起依次访问。Step S101, the client initiates sequential access to multiple different preset URLs.

在用户触发客户端进行相关操作后，例如，启动某APP进行浏览后，所述客户端，在本实例中，加载有跟踪程序的APP同时启动所述跟踪程序，所述跟踪程序被触发后，首先向所有预设的URL有序地发起访问，并且，访问的顺序可以预设。After the user triggers the client to perform related operations, for example, after starting an APP for browsing, the client, in this example, the APP loaded with the tracking program starts the tracking program at the same time, and after the tracking program is triggered, First, initiate visits to all preset URLs in an orderly manner, and the order of visits can be preset.

在本实例中，所述客户端向三个URL依次发起访问，访问顺序依次为x1.example.com，x2.example.com和x3.example.com。In this example, the client initiates access to three URLs in sequence, and the access sequence is x1.example.com, x2.example.com, and x3.example.com.

步骤S102，所述客户端根据对预设URL的访问向存根解析器(Stub Resolver)发送解析请求。Step S102, the client sends a parsing request to a stub resolver (Stub Resolver) according to the access to the preset URL.

在本实例中，向存根解析器所发送的解析请求可以为依次逐个发送，也可以批量发送。In this example, the parsing requests sent to the stub parser may be sent one by one in sequence, or may be sent in batches.

步骤S103，存根解析器根据所述解析请求反馈与所述URL对应的IP地址。Step S103, the stub resolver feeds back the IP address corresponding to the URL according to the resolution request.

在本实例中，存根解析器获得与URL对应的IP地址的途径至少包括以下两种：In this example, the ways for the stub resolver to obtain the IP address corresponding to the URL include at least the following two ways:

一是在各级缓存中查找到相应的IP地址；二是从IP地址的集合中随机选择一个IP地址。One is to find the corresponding IP address in the caches at all levels; the other is to randomly select an IP address from the set of IP addresses.

以下分别说明两种获取IP地址途径的实现方式：The following describes the implementation of the two ways to obtain an IP address:

第一种途径，在各级缓存中查找到相应的IP地址，所述存根解析器根据所述解析请求反馈与所述URL对应的IP地址可以包括：In the first approach, the corresponding IP address is found in caches at all levels, and the IP address corresponding to the URL fed back by the stub resolver according to the parsing request may include:

存根解析器根据所述解析请求在缓存集中查找与该URL对应的IP地址。The stub resolver searches the cache set for the IP address corresponding to the URL according to the resolution request.

在本实例中，所述缓存集由操作系统缓存与DNS缓存之间所有缓存设备构成，例如，操作系统缓存和DNS缓存。In this example, the cache set consists of all cache devices between the operating system cache and the DNS cache, for example, the operating system cache and the DNS cache.

进一步地，所述存根解析器根据所述解析请求在缓存集中查找与该URL对应的IP地址包括：Further, the stub resolver searches for the IP address corresponding to the URL in the cache set according to the resolution request, including:

将缓存集中所有缓存设备按照预设顺序依次排序；Sort all cache devices in the cache set in the preset order;

在缓存集各缓存设备中依次查找与该URL对应的IP地址。Search for the IP address corresponding to the URL in each cache device in the cache set in turn.

在本实例中，各缓存设备的预设顺序可以为In this example, the preset order of each cache device can be

继续以上例为例进行说明，如果页面被刷新或者被重新访问，客户端会再次依次访问x1.example.com，x2.example.com和x3.example.com。客户端会发出解析请求给StubResolver，Stub Resolver逐级查询缓存(包括Stub Resolver的缓存和RecursiveResolver)，发现有对应的IP地址10.1.1.1，该IP地址会作为此次请求的结果返回，客户端便访问该IP地址，得到响应结果value＝1。以此类推，客户端从x2.example.com和x3.example.com得到的响应分别是value＝2和value＝3，因此，用户机器的指纹依然保持123。Continuing the above example as an example, if the page is refreshed or revisited, the client will visit x1.example.com, x2.example.com and x3.example.com in turn again. The client will send a parsing request to the StubResolver, and the Stub Resolver will query the cache (including the Stub Resolver's cache and RecursiveResolver) level by level, and find the corresponding IP address 10.1.1.1, which will be returned as the result of this request, and the client will Access the IP address and get the response result value=1. By analogy, the responses obtained by the client from x2.example.com and x3.example.com are value=2 and value=3, respectively. Therefore, the fingerprint of the user's machine remains 123.

第二种途径，存储于各级缓存设备中的IP地址记录在DNS TTL过期后会被清除，因此，对同一URL需要重新解析，即，从IP地址的集合中随机选择一个IP地址，该种途径所述存根解析器根据所述解析请求反馈与所述URL对应的IP地址可以包括：In the second way, the IP address records stored in the cache devices at all levels will be cleared after the DNS TTL expires. Therefore, the same URL needs to be re-parsed, that is, an IP address is randomly selected from the set of IP addresses. The way that the stub resolver feeds back the IP address corresponding to the URL according to the parsing request may include:

继续以上例为例进行说明，如果客户端访问x1.example.com，客户端会将解析请求发给Stub Resolver，Stub Resolver继续将请求发送到DNS系统，所述DNS系统按配置的规则返回查询结果，所述查询结果包括解析出来的IP地址，即五个IP地址(10.1.1.1，10.1.1.2，10.1.1.3，10.1.1.4，10.1.1.5)中的一个，在本例中，假设解析所得IP地址是10.1.1.1，该IP地址会分别存储在Recursive Resolver和Stub Server的缓存中，以备查询使用。Continuing with the above example, if the client accesses x1.example.com, the client will send the resolution request to the Stub Resolver, and the Stub Resolver will continue to send the request to the DNS system, which returns the query result according to the configured rules , the query result includes the parsed IP address, that is, one of five IP addresses (10.1.1.1, 10.1.1.2, 10.1.1.3, 10.1.1.4, 10.1.1.5). In this example, it is assumed that the The IP address is 10.1.1.1, which will be stored in the caches of Recursive Resolver and Stub Server respectively for query use.

可以理解的是，对同一URL重新解析所得IP地址很可能与前次解析结果不同，这将导致同一客户端产生不同的用户设备指纹，如何把这两个不同的用户设备指纹关联起来呢？本申请采用cookie作为联结两个用户设备指纹的桥梁。It is understandable that the IP address obtained by re-resolving the same URL is likely to be different from the previous resolution result, which will lead to the same client generating different user device fingerprints. How to associate these two different user device fingerprints? This application uses a cookie as a bridge connecting the fingerprints of two user devices.

因此，在所述IP地址被清除后可以根据cookie信息查找到相应的IP地址，可以理解的是，在IP地址未被清除时也可以根据cookie信息查找到相应的IP地址。Therefore, after the IP address is cleared, the corresponding IP address can be found according to the cookie information. It can be understood that the corresponding IP address can also be found according to the cookie information when the IP address is not cleared.

具体地，使用cookie联结两个用户设备指纹的方法可以包括步骤S301到步骤S304：Specifically, the method of using a cookie to link the fingerprints of two user equipments may include steps S301 to S304:

步骤S301，客户端获取预设URL所带的cookie信息；Step S301, the client obtains the cookie information carried by the preset URL;

步骤S302，客户端将所述cookie信息被发送至后端服务器；Step S302, the client sends the cookie information to the back-end server;

步骤S303，所述后端服务器在数据库中查找历史cookie信息，例如，可以为关系数据库；Step S303, the back-end server searches for historical cookie information in a database, for example, a relational database;

步骤S304，如果在数据库中查找到历史cookie信息，则将所述IP地址与历史cookie信息中的IP地址建立联结。Step S304, if the historical cookie information is found in the database, the IP address is linked with the IP address in the historical cookie information.

本申请人发现，使用cookie作为索引查询与该cookie相关的用户设备指纹，再依次查询数据库，若发现用户设备指纹记录，则可将此用户设备指纹记录作为最初用户设备指纹的查询结果，从而将因缓存中由于IP地址过期所造成的本属同一用户设备但是不相同的用户设备指纹关联起来，从而保证了用户设备指纹的唯一性。The applicant has found that the user equipment fingerprint related to the cookie is queried by using the cookie as an index, and then the database is queried in turn. If the user equipment fingerprint record is found, the user equipment fingerprint record can be used as the initial query result of the user equipment fingerprint. The fingerprints of the user equipment that belong to the same user equipment but are not identical due to the expiration of the IP address in the cache are associated, thereby ensuring the uniqueness of the user equipment fingerprints.

为了增加可靠性，降低误差，我们在cookie之外还使用设备指纹，所述设备指纹包括客户端硬件设备的属性和浏览器的属性，例如，机器核数、内存容量和User Agent等，从而保证了当cookie被删除时我们依然有可能将两个机器指纹联系起来。In order to increase reliability and reduce errors, we also use device fingerprints in addition to cookies. The device fingerprints include attributes of client hardware devices and browser attributes, such as the number of machine cores, memory capacity, and User Agent, so as to ensure It is still possible to link two machine fingerprints when the cookie is deleted.

在本实例中，所述客户端每次所获取的IP地址均被缓存于各级缓存中，以便后续查询使用。In this example, the IP addresses acquired by the client each time are cached in caches at all levels for subsequent query use.

步骤S104，所述客户端获取所查找到的IP地址。Step S104, the client obtains the found IP address.

步骤S105，所述客户端根据所述IP地址生成用户设备指纹。Step S105, the client generates a user equipment fingerprint according to the IP address.

可选地，本步骤可以包括：Optionally, this step can include:

所述客户端获取由各个所述API服务器回复的字符串；The client obtains the string replied by each of the API servers;

进一步中，所述客户端将所有服务器回复的所有字符串按序排列生成指纹字符串可以按照预设顺序进行排列。Further, the client arranges all the strings replied by all the servers in order to generate the fingerprint strings, which can be arranged in a preset order.

在本实例中，客户端得到URL对应的IP地址后，便将HTTP请求发送给该IP地址对应的API服务器，API服务器回复字符串，即响应值。In this example, after obtaining the IP address corresponding to the URL, the client sends an HTTP request to the API server corresponding to the IP address, and the API server replies with a string, that is, the response value.

以上述实例为例，客户端得到URL对应的IP地址(10.1.1.1)后，便将HTTP请求发送至IP地址为10.1.1.1的API服务器，所述API服务器收到HTTP请求后，会回复响应值为1。Taking the above example as an example, after the client obtains the IP address (10.1.1.1) corresponding to the URL, it sends an HTTP request to the API server whose IP address is 10.1.1.1. After receiving the HTTP request, the API server will reply with a response The value is 1.

接着客户端会按顺序继续访问x2.example.com和x3.example.com，假设分别得到的IP地址为10.1.1.2和10.1.1.3，相应地，依次访问相应的API，得到响应值分别为value＝2和value＝3。Then the client will continue to access x2.example.com and x3.example.com in sequence, assuming that the obtained IP addresses are 10.1.1.2 and 10.1.1.3 respectively, correspondingly, the corresponding APIs are accessed in turn, and the response values are value respectively =2 and value=3.

客户端据此可算出当前设备的用户设备指纹FP是123，并将此指纹发回给WEB服务器数据接受服务器，所述数据接受服务器接收所述用户设备指纹等信息，但是不向所述用户设备发送响应值。Based on this, the client can calculate that the user equipment fingerprint FP of the current device is 123, and send this fingerprint back to the WEB server data acceptance server, which receives the user equipment fingerprint and other information, but does not send it to the user equipment. Send the response value.

在一种实例中，所述存根解析器还用于根据所述解析请求在缓存集中查找与该URL对应的IP地址，所述缓存集由操作系统缓存与DNS缓存之间所有缓存设备构成。In an example, the stub resolver is further configured to look up the IP address corresponding to the URL in a cache set according to the parsing request, where the cache set is composed of all cache devices between the operating system cache and the DNS cache.

在另一种实例中，所述存根解析器还可以具体用于：In another instance, the stub parser can also be specifically used to:

在本可实现的方式中，In what could have been achieved,

所述客户端还可以用于获取预设URL所带的cookie信息；The client can also be used to obtain the cookie information carried by the preset URL;

所述客户端还可以用于将所述cookie信息被发送至后端服务器；The client can also be used to send the cookie information to a backend server;

所述后端服务器还可以在数据库中查找历史cookie信息；The back-end server can also look up historical cookie information in the database;

可选地，所述客户端还可以用于向所述IP地址对应的API服务器发送HTTP请求；Optionally, the client can also be used to send an HTTP request to the API server corresponding to the IP address;

所述客户端还可以用于获取由各个所述服务器回复的字符串；The client can also be used to obtain character strings replied by each of the servers;

所述客户端还可以用于将所有服务器回复的所有字符串按序排列生成指纹字符串；The client can also be used to generate fingerprint strings by arranging all strings replied by all servers in sequence;

所述客户端还可以用于生成所述用户设备指纹，所述用户设备指纹由所述指纹字符串进行哈希处理所得。The client can also be used to generate the user equipment fingerprint, where the user equipment fingerprint is obtained by hashing the fingerprint string.

第三方面，本申请还提供一种生成用户设备指纹的程序，所用程序用于执行时实现上述第一方面所述生成用户设备指纹方法的步骤。In a third aspect, the present application further provides a program for generating a fingerprint of a user equipment, and the used program is used to implement the steps of the method for generating a fingerprint of a user equipment described in the first aspect above when the program is executed.

第四方面，一种计算机可读存储介质，其上存储有计算机指令，该指令被处理器执行时实现上述第一方面所述生成用户设备指纹方法的步骤。In a fourth aspect, a computer-readable storage medium stores computer instructions thereon, and when the instructions are executed by a processor, implements the steps of the method for generating a fingerprint of a user equipment described in the first aspect.

本提供的方案能够识别同一台机器上的跨应用和浏览器的方法，该方案结合现有DNS系统的工作特点，如果一个URL对应多个IP地址，每次访问该URL会被解析成不同的IP地址，如果访问一组URL便会得到一组被解析出的唯一的IP地址序列，所述方法生成的用户设备指纹能够实现精准的用户跟踪。The solution provided in this paper can identify the method of cross-application and browser on the same machine. This solution combines the working characteristics of the existing DNS system. If a URL corresponds to multiple IP addresses, each access to the URL will be resolved into different URLs. IP addresses, if a set of URLs are accessed, a set of unique IP address sequences that are parsed out will be obtained, and the user equipment fingerprint generated by the method can realize accurate user tracking.

以上结合具体实施方式和范例性实例对本申请进行了详细说明，不过这些说明并不能理解为对本申请的限制。本领域技术人员理解，在不偏离本申请精神和范围的情况下，可以对本申请技术方案及其实施方式进行多种等价替换、修饰或改进，这些均落入本申请的范围内。本申请的保护范围以所附权利要求为准。The present application has been described in detail above with reference to the specific embodiments and exemplary examples, but these descriptions should not be construed as a limitation on the present application. Those skilled in the art understand that, without departing from the spirit and scope of the present application, various equivalent replacements, modifications or improvements can be made to the technical solutions and embodiments of the present application, which all fall within the scope of the present application. The scope of protection of the present application is determined by the appended claims.

Claims

Translated fromChinese

1.一种生成用户设备指纹的方法，其特征在于，所述方法包括：1. A method for generating a user equipment fingerprint, wherein the method comprises:

2.根据权利要求1所述的方法，其特征在于，所述存根解析器根据所述解析请求反馈与所述URL对应的IP地址包括：存根解析器根据所述解析请求在缓存集中查找与该URL对应的IP地址，所述缓存集由操作系统缓存与DNS缓存之间所有缓存设备构成。2. The method according to claim 1, wherein the stub parser feeding back the IP address corresponding to the URL according to the parsing request comprises: the stub parser searching for an IP address corresponding to the URL in a cache set according to the parsing request. The IP address corresponding to the URL, and the cache set is composed of all cache devices between the operating system cache and the DNS cache.

3.根据权利要求1或2所述的方法，其特征在于，所述存根解析器根据所述解析请求在缓存集中查找与该URL对应的IP地址包括：3. The method according to claim 1 or 2, wherein the stub resolver searches for the IP address corresponding to the URL in the cache set according to the parsing request, comprising:

4.根据权利要求1至3任一项所述的方法，其特征在于，所述存根解析器根据所述解析请求反馈与所述URL对应的IP地址还包括：4. The method according to any one of claims 1 to 3, wherein the stub parser feeding back the IP address corresponding to the URL according to the parsing request further comprises:

5.根据权利要求1至4任一项所述的方法，其特征在于，DNS系统根据所述解析请求从每个URL对应的多个IP地址中随机解析生成一个IP地址后，所述方法还包括：5. The method according to any one of claims 1 to 4, wherein after the DNS system randomly parses and generates an IP address from a plurality of IP addresses corresponding to each URL according to the resolution request, the method further include:

6.根据权利要求1至5任一项所述的方法，其特征在于，所述客户端根据所述IP地址生成用户设备指纹包括：6. The method according to any one of claims 1 to 5, wherein the generating, by the client, the fingerprint of the user equipment according to the IP address comprises:

7.一种生成用户设备指纹装置，其特征在于，所述装置包括：7. A device for generating user equipment fingerprints, wherein the device comprises:

8.一种生成用户设备指纹的程序，其特征在于，所用程序用于执行时实现权利要求1至6任一项所述生成用户设备指纹方法的步骤。8 . A program for generating user equipment fingerprints, characterized in that the used program is used to implement the steps of the method for generating user equipment fingerprints according to any one of claims 1 to 6 when executed. 9 .

9.一种计算机可读存储介质，其特征在于，其上存储有计算机指令，该指令被处理器执行时实现权利要求1至6任一项所述生成用户设备指纹方法的步骤。9 . A computer-readable storage medium, wherein computer instructions are stored thereon, and when the instructions are executed by a processor, implement the steps of the method for generating a user equipment fingerprint according to any one of claims 1 to 6 .

10.一种生成用户设备指纹的设备，其特征在于，所述设备包括：至少一个处理器；以及与所述至少一个处理器通信连接的存储器；其中，所述存储器存储有可被所述一个处理器执行的指令，所述指令被所述至少一个处理器执行，以使所述至少一个处理器执行权利要求1至6任一项所述生成用户设备指纹方法。10. A device for generating user equipment fingerprints, characterized in that the device comprises: at least one processor; and a memory communicatively connected to the at least one processor; wherein the memory stores data that can be used by the one Instructions executed by the processor, the instructions being executed by the at least one processor to cause the at least one processor to perform the method for generating a user equipment fingerprint according to any one of claims 1 to 6.