CN114297735A - Data processing method and related device - Google Patents
Data processing method and related device Download PDFInfo
- Publication number
- CN114297735A CN114297735A CN202111632720.6A CN202111632720A CN114297735A CN 114297735 A CN114297735 A CN 114297735A CN 202111632720 A CN202111632720 A CN 202111632720A CN 114297735 A CN114297735 A CN 114297735A
- Authority
- CN
- China
- Prior art keywords
- target
- target device
- data
- fingerprint
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Collating Specific Patterns (AREA)
Abstract
The application provides a data processing method and a related device, firstly, target device data of a target device is obtained, wherein the target device data is used for indicating hardware information and/or software information of the target device; then, judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device; and finally, when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database. The method can be combined with a large amount of equipment software and hardware information to improve the complexity of equipment fingerprints, improve the risk identification capability and improve the safety of the user in using the application program.
Description
Technical Field
The present application relates to the field of internet technologies, and in particular, to a data processing method and a related apparatus.
Background
With the development of the technology, many applications need to identify user Equipment to perform corresponding data processing, and in the existing technology, device identification is generally performed by collecting unique identifiers such as a Media Access Control Address (MAC), an International Mobile Equipment Identity number (IMEI), and the like, but the unique identifiers can be forged by a simulator, and the risk cannot be avoided by single-feature device identification, which affects the security of the user using the applications.
Disclosure of Invention
In view of this, the present application provides a data processing method and a related apparatus, which can use multiple information of a device as a device fingerprint, thereby greatly improving the risk identification capability and improving the security of a user using an application program.
In a first aspect, an embodiment of the present application provides a data processing method, where the method includes:
acquiring target device data of a target device, wherein the target device data is used for indicating hardware information and/or software information of the target device;
judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device;
when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database.
In a second aspect, an embodiment of the present application provides a data processing apparatus, where the apparatus includes:
the data acquisition unit is used for acquiring target device data of a target device, wherein the target device data is used for indicating hardware information and/or software information of the target device;
the fingerprint judging unit is used for judging whether a first device fingerprint matched with the target device data exists in a preset database, the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device;
and the fingerprint generating unit is used for generating a target device fingerprint according to the target device data when the first device fingerprint matched with the target device data does not exist in the preset database, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database.
In a third aspect, an embodiment of the present application provides a server, including a processor, a memory, a communication interface, and one or more programs, where the one or more programs are stored in the memory and configured to be executed by the processor, and the program includes instructions for executing the steps in the first aspect of the embodiment of the present application.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program for electronic data exchange, where the computer program enables a computer to perform some or all of the steps described in the first aspect of the embodiment of the present application.
In a fifth aspect, embodiments of the present application provide a computer program product, where the computer program product includes a non-transitory computer-readable storage medium storing a computer program, where the computer program is operable to cause a computer to perform some or all of the steps as described in the first aspect of the embodiments of the present application. The computer program product may be a software installation package.
It can be seen that, with the above data processing method and related apparatus, first, target device data of a target device is obtained, where the target device data is used to indicate hardware information and/or software information of the target device; then, judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device; and finally, when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database. The method can be combined with a large amount of equipment software and hardware information to improve the complexity of equipment fingerprints, improve the risk identification capability and improve the safety of the user in using the application program.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a system architecture diagram of a data processing method according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a data processing method according to an embodiment of the present application;
fig. 3 is a schematic flow chart of another data processing method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a server according to an embodiment of the present application;
fig. 5 is a block diagram illustrating functional units of a data processing apparatus according to an embodiment of the present disclosure;
fig. 6 is a block diagram illustrating functional units of another data processing apparatus according to an embodiment of the present disclosure.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," and the like in the description and claims of the present application and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
It should be understood that the term "and/or" herein is merely one type of association relationship that describes an associated object, meaning that three relationships may exist, e.g., a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" in this document indicates that the former and latter related objects are in an "or" relationship. The "plurality" appearing in the embodiments of the present application means two or more.
The term "connect" in the embodiments of the present application refers to various connection manners, such as direct connection or indirect connection, to implement communication between devices, which is not limited in this embodiment of the present application.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The background and related terms of the present application are described below.
The background art is related to:
the device fingerprint represents a device feature or a unique device identifier for uniquely identifying the device, and is generated according to software and hardware information of the device in the embodiment of the application.
The existing device identification generally collects the unique identifier of the device to identify the device, such as an MAC, an IMEI in an android system, an advertisement identifier IDFA in an IOS system, and the like, but now a user can limit an application program to obtain the unique identifier, part of the unique identifier can also change along with the resetting of a mobile phone system, and some black industry chains can also forge information to carry out risk operation by modifying the unique identifier of the device through a simulator.
In order to solve the above problem, embodiments of the present application provide a data processing method and a related apparatus, which can combine a large amount of device software and hardware information to improve the complexity of device fingerprints, improve risk identification capability, and improve the security of a user using an application program, and when the software and hardware information of the same device slightly changes, the matched device fingerprints can still be identified, and it is not necessary to set multiple device fingerprints for the same device repeatedly, so as to improve data processing efficiency.
The system architecture of the data processing method in the embodiment of the present application is described below with reference to fig. 1, where fig. 1 is a system architecture diagram of a data processing method provided in the embodiment of the present application, and the system architecture 100 includes a target device 110 and a server 120.
The target device 110 may include a smart Phone (e.g., an Android Phone, an iOS Phone, a Windows Phone, etc.), a tablet computer, a palm computer, a notebook computer, a video matrix, a monitoring platform, a Mobile Internet device (MID, Mobile Internet Devices), or a wearable device, which are merely examples, but not exhaustive, and include but are not limited to the foregoing Devices, and the disclosure is not limited thereto.
The target device 110 may be connected to the server 120 through a client logged in to a target application, and the server 120 may obtain software and hardware information of the target device 110 through the client of the target application and generate a target device fingerprint of the target device.
Specifically, the server 120 may be equipped with an identification model and a preset database, where the identification model is a trained neural network model and is used to determine whether software and hardware information from the target device 110 matches any device fingerprint in the preset database, and the preset database stores registered device fingerprints and information of devices corresponding to each device fingerprint, and when an output result of the identification model is a match, the device fingerprint may not be added to the preset database, but information of devices corresponding to the matched device fingerprint in the preset data needs to be updated; when the output result of the identification model is not matched, a corresponding device fingerprint can be generated, and the newly generated device fingerprint and the software and hardware information of the device are stored in the preset database.
Further, the server 120 may further carry a risk decision engine, configured to perform risk assessment on the device corresponding to the device fingerprint, so as to execute a corresponding risk management policy, such as accepting a target instruction of the target device or rejecting the target instruction of the target device, which is not described herein again.
Through the system architecture, the data processing method can be realized, the complexity of the device fingerprint can be improved by combining a large amount of device software and hardware information, the risk identification capability is improved, and the safety of the user using the application program is improved.
A data processing method in the embodiment of the present application is described below with reference to fig. 2, where fig. 2 is a schematic flow chart of the data processing method provided in the embodiment of the present application, and specifically includes the following steps:
Wherein the target device data is used to indicate hardware information and/or software information of the target device.
The target hardware data and/or the target software data of the target device can be acquired through a target application, the target application represents an application program logged in by the target device, the target hardware data comprises at least one of target device identification information, target device model information and target device processor information, and the target software data comprises at least one of target device storage information, target device system information, target device application information and target device network information.
Specifically, the target device identification information may include a Media Access Control Address (MAC), a Universal Unique Identifier (UUID), an International Mobile Equipment Identifier (IMEI) (the target device is a device of an android system), a vector Identifier (Identifier For a vector, IDFV) (the target device is a device of an IOS system), an advertisement Identifier (Identifier For an accessing identification) (the target device is a device of an IOS system), and the like, which are not specifically limited herein;
the target device model information may include information such as a motherboard signal and a device model; the processor information of the target device may include the number of processors, the type of processors, and the like; the target device storage information may include hard disk information and memory information, the hard disk information may include information such as a total amount of a hard disk, a size of a free space of the hard disk, a size of a used space of the hard disk, and the memory information may include information such as a total amount of a memory, a size of a free space of the memory, a size of a used space of the memory, and the like; the target device system information may include system version information and the like; the target device application information may include information such as the number, type, name, etc. of application programs installed on the target device; the target device network information may include WiFi information connected to the target device, and is not specifically limited herein.
It can be understood that, when the target device logs in the target application, the right to acquire the target device data may be applied, and after the user permits, the target device data may be acquired, otherwise, the relevant target device data may not be acquired, and when the target device logs out of the target application, the step of acquiring the target device data of the target device is generally not performed.
Therefore, by acquiring the target device data of the target device, more reliable data support can be provided for the subsequent generation of the device fingerprint, and the security of the device fingerprint is improved.
The first device fingerprint and first device data have a mapping relation, and the first device fingerprint is used for indicating the first device. It can be understood that the preset database stores device fingerprints of a plurality of devices and corresponding device information, the first device fingerprint is any one of the device fingerprints, and the first device information is device information corresponding to the first device fingerprint.
Wherein it may be detected whether there is first device identification information matching the target device identification information, first device model information matching the target device model information, first device processor information matching the target device processor information, first device storage information corresponding to the target device storage information, first device system information corresponding to the target device system information, first device application information corresponding to the target device application information, and first device network information corresponding to the target device network information in the preset database to obtain an identification matching state, a model matching state, a processor matching state, a storage matching state, a system matching state, an application matching state, and a network matching state, and then, according to a preset identification weight, a preset model weight, a preset processor storage information, a first device storage information corresponding to the target device storage information, a first device system information corresponding to the target device system information, a second device storage information corresponding to the target device system information, a second device information corresponding to the target device storage information, and a second device information corresponding to the target device system information, and a network information corresponding to the preset database, and a second device matching state corresponding to the preset information, and a second device matching state, and a network matching state, and a second device matching state, respectively, and a display state, a display device display state, a display device, a display state, a display, the matching confidence of the target device data and the first device fingerprint is determined according to a preset storage weight, a preset system weight, a preset application weight, a preset network weight, the identification matching state, the model matching state, the processor matching state, the storage matching state, the system matching state, the application matching state and the network matching state.
Wherein, when the matching confidence is higher than or equal to a preset confidence threshold, it is determined that the first device fingerprint matching the target device data exists in the preset database.
And when the matching confidence is lower than the preset confidence threshold and the identification matching state is matching, determining that the first device fingerprint matched with the target device data does not exist in the preset database.
Specifically, an identification matching state, a model matching state, a processor matching state, a storage matching state, a system matching state, an application matching state, and a network matching state may be determined by the recognition model, when any one of target device identification information, target device model information, target device processor information, target device storage information, target device system information, target device application information, and target device network information is not present in the target device data, the corresponding matching state is null, and the preset identification weight, the preset model weight, the preset processor weight, the preset storage weight, the preset system weight, the preset application weight and the preset network weight can be determined according to big data, for example, if the target equipment is really identified and only corresponds to unique target equipment, the preset identification weight can be set to be 1; if there are 300 different models in 1000 ten thousand devices from the model dimension, the probability is 1/300, and the preset model weight is 0.003. By analogy, a preset identification weight, a preset model weight, a preset processor weight, a preset storage weight, a preset system weight, a preset application weight, and a preset network weight may be determined, which is not described herein again. Finally, a matching confidence of the target device data and the first device fingerprint may be calculated in conjunction with a bayesian algorithm.
The bayesian algorithm is explained below:
for example, if the target device data includes IMEI, model, BSSID, it is known that there is a sample table one
Watch 1
| IMEI | Model type | BSSID | Whether the devices are similar |
| Matching | Matching | Matching | Similarity of |
| Matching | Matching | Mismatch | Similarity of |
| Matching | Mismatch | Matching | Are not similar |
| Matching | Mismatch | Mismatch | Are not similar |
| Mismatch | Matching | Matching | Are not similar |
| Mismatch | Matching | Mismatch | Are not similar |
| Mismatch | Mismatch | Mismatch | Are not similar |
| Mismatch | Mismatch | Matching | Are not similar |
According to the example in table one, it can be known that P (device similarity) 2/8 1/4, it is to be noted that the real data are calculated by referring to a weight algorithm, and the example here does not consider the weight;
if the model mismatch is satisfied, the number of the similar samples of the device is 0, and P (model mismatch | device similarity) is 0/2 is 0;
if BSSID mismatch is satisfied, the number of samples with similar devices is 1, and P (BSSID mismatch | devices similar) is 1/2;
assuming now that the target device data includes an IMEI, model, BSSID, and that the IMEI does not match, the model does not match, the BSSID does not match, it can be determined whether there is a first device fingerprint matching the target device data by the following formula:
p (Equipment affinity | IMEI mismatch, model mismatch, BSSID mismatch)
P (IMEI mismatch, model mismatch, BSSID mismatch | equipment similarity) × P (equipment similarity)/P (IMEI mismatch, model mismatch, BSSID mismatch)
P (IMEI mismatch | equipment similar) × P (model mismatch | equipment similar) × P (BSSID mismatch | equipment similar) × P (equipment similar)/P (IMEI mismatch) × P (model mismatch) × P (BSSID mismatch)
=0*0*1/2*1/4/1/2*1/2*1/2
=0
And similarly calculating:
p (equipment dissimilarity | IMEI mismatch, model mismatch, BSSID mismatch) ═ 4/3
P (device dissimilarity | IMEI mismatch, model mismatch, BSSID mismatch) > P (device dissimilarity | IMEI mismatch, model mismatch, BSSID mismatch) indicates that the probability of device dissimilarity under this condition is higher, i.e. there is no first device fingerprint matching the target device data. The probability of representing the target device as a new device is high and a target device fingerprint may be generated for it.
In one possible embodiment, if the target device identification information matches the first device identification information, but the final result does not match, this indicates that the device information has a higher probability of being forged. And determining that the target equipment is abnormal equipment, and executing a preset abnormal equipment management strategy. The abnormal device management policy may include marking, denying access, re-verifying, and the like, and is not specifically limited herein.
Therefore, whether the first device fingerprint matched with the target device data exists in the preset database or not is judged, multiple device fingerprints can be prevented from being generated on the same device, and the data processing efficiency is improved.
The target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database.
The target device fingerprint may be a character string generated according to the target device data, and is not specifically limited herein.
It can be seen that, with the above data processing method, first, target device data of a target device is obtained, where the target device data is used to indicate hardware information and/or software information of the target device; then, judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device; and finally, when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database. The method can be combined with a large amount of equipment software and hardware information to improve the complexity of equipment fingerprints, improve the risk identification capability and improve the safety of the user in using the application program.
Next, another data processing method in the embodiment of the present application is described with reference to fig. 3, where fig. 3 is a schematic flow chart of another data processing method provided in the embodiment of the present application, and specifically includes the following steps:
The target device can detect whether the target device stores the target device fingerprint through the target application if the target device logs in the target application once and generates the target device fingerprint, but the target device fingerprint stored in the target device fingerprint disappears after any piece of software and hardware information in the target device fingerprint is changed, if the target device fingerprint is stored, the target device fingerprint is generated once, and if the target device fingerprint is detected to be stored, the target device fingerprint is a new device or an old device for updating the software and hardware information.
Wherein, when it is detected that the target device does not store the target device fingerprint, step 306 is executed; when it is not detected that the target device stores the target device fingerprint, step 302 is performed.
When a first device fingerprint matched with the target device data exists in a preset database, executing step 304; when the first device fingerprint matching the target device data does not exist in the preset database, step 305 is executed.
When the first device fingerprint matched with the target device data exists in the preset database, the current target device is the first device, and a new target device fingerprint does not need to be generated. Step 306 is performed after updating the first device data to the target device data.
The target instruction may be a transaction instruction or other instruction requiring verification.
Historical operation data corresponding to the target device fingerprint, such as historical transaction times, historical position information, historical payment information, historical IP information, historical service information and the like, can be called from a preset database.
Therefore, the accuracy of subsequent risk assessment can be improved by acquiring the data of multiple types.
The judgment can be performed according to a preset rule, or can be performed through a trained risk assessment model, which is not specifically limited herein.
The preset risk device management policy may include resending verification information to the target device, rejecting a target instruction of the user device, and the like, which is not specifically limited herein.
It can be seen that, with the above data processing method and related apparatus, first, target device data of a target device is obtained, where the target device data is used to indicate hardware information and/or software information of the target device; then, judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device; and finally, when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database. The complexity that can combine a large amount of equipment software and hardware information to improve equipment fingerprint promotes risk identification ability, improves the security that the user used application to when the software and hardware information of same equipment changed slightly, still can discern its equipment fingerprint that matches, need not to set up a plurality of equipment fingerprints to same equipment many times repeatedly, promotes data processing efficiency.
The parts of the above steps which are not described in detail refer to the description of all or part of the steps of the method in fig. 2, and are not described again here.
Referring to fig. 4, a server in the embodiment of the present application is described below, fig. 4 is a schematic structural diagram of a server provided in the embodiment of the present application, and as shown in fig. 4, the server 400 includes a processor 401, a communication interface 402, and a memory 403, which are connected to each other, where the server 400 may further include a bus 404, and the processor 401, the communication interface 402, and the memory 403 may be connected to each other through the bus 404, and the bus 404 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus, or the like. The bus 404 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 4, but this does not indicate only one bus or one type of bus. The memory 403 is used for storing a computer program, which includes program instructions, and the processor is configured to call the program instructions to execute all or part of the method described in fig. 2 and 3.
The above description has introduced the solution of the embodiment of the present application mainly from the perspective of the method-side implementation process. It is understood that the server includes hardware structures and/or software modules for performing the respective functions in order to implement the above-described functions. Those of skill in the art will readily appreciate that the present application is capable of hardware or a combination of hardware and computer software implementing the various illustrative elements and algorithm steps described in connection with the embodiments provided herein. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, the server may be divided into the functional units according to the above method example, for example, each functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit. It should be noted that the division of the unit in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
In the case of dividing each functional module according to each function, a data processing apparatus in the embodiment of the present application is described in detail below with reference to fig. 5, where fig. 5 is a block diagram of functional units of a data processing apparatus provided in the embodiment of the present application, and the data processing apparatus 500 includes:
a data obtaining unit 510, configured to obtain target device data of a target device, where the target device data is used to indicate hardware information and/or software information of the target device;
a fingerprint determining unit 520, configured to determine whether a first device fingerprint matching the target device data exists in a preset database, where the first device fingerprint and the first device data have a mapping relationship, and the first device fingerprint is used to indicate the first device;
a fingerprint generating unit 530, configured to generate a target device fingerprint according to the target device data when the first device fingerprint matching the target device data does not exist in the preset database, where the target device fingerprint and the target device data have a mapping relationship, and the target device fingerprint and the target device data are stored in the preset database.
It can be seen that, with the above data processing method and related apparatus, first, target device data of a target device is obtained, where the target device data is used to indicate hardware information and/or software information of the target device; then, judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device; and finally, when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database. The method can be combined with a large amount of equipment software and hardware information to improve the complexity of equipment fingerprints, improve the risk identification capability and improve the safety of the user in using the application program.
In the case of using an integrated unit, the following describes in detail another data processing apparatus 600 in the embodiment of the present application with reference to fig. 6, where the data processing apparatus 600 includes a processing unit 601 and a communication unit 602, where the processing unit 601 is configured to perform any step in the above method embodiments, and when performing data transmission such as sending, the communication unit 602 is optionally invoked to complete the corresponding operation.
The data processing apparatus 600 may further comprise a storage unit 603 for storing program codes and data. The processing unit 601 may be a processor, the communication unit 602 may be a wireless communication module, and the storage unit 603 may be a memory.
The processing unit 601 is specifically configured to:
acquiring target device data of a target device, wherein the target device data is used for indicating hardware information and/or software information of the target device;
judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device;
when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database.
It can be seen that, with the above data processing method and related apparatus, first, target device data of a target device is obtained, where the target device data is used to indicate hardware information and/or software information of the target device; then, judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device; and finally, when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database. The method can be combined with a large amount of equipment software and hardware information to improve the complexity of equipment fingerprints, improve the risk identification capability and improve the safety of the user in using the application program.
Embodiments of the present application also provide a computer storage medium, wherein the computer storage medium stores a computer program for electronic data exchange, and the computer program enables a computer to execute part or all of the steps of any one of the methods as described in the above method embodiments.
Embodiments of the present application also provide a computer program product comprising a non-transitory computer readable storage medium storing a computer program operable to cause a computer to perform some or all of the steps of any of the methods as described in the above method embodiments. The computer program product may be a software installation package, the computer comprising a server.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present application is not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus may be implemented in other manners. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, the above-described division of the units is only one type of division of logical functions, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of some interfaces, devices or units, and may be an electric or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit may be stored in a computer readable memory if it is implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the present application may be substantially implemented or a part of or all or part of the technical solution contributing to the prior art may be embodied in the form of a software product stored in a memory, and including several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the above-mentioned method of the embodiments of the present application. And the aforementioned memory comprises: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable memory, which may include: flash Memory disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
The foregoing detailed description of the embodiments of the present application has been presented to illustrate the principles and implementations of the present application, and the above description of the embodiments is only provided to help understand the method and the core concept of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (10)
1. A method of data processing, the method comprising:
acquiring target device data of a target device, wherein the target device data is used for indicating hardware information and/or software information of the target device;
judging whether a first device fingerprint matched with the target device data exists in a preset database or not, wherein the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device;
when the first device fingerprint matched with the target device data does not exist in the preset database, generating a target device fingerprint according to the target device data, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database.
2. The method of claim 1, wherein after determining whether the first device fingerprint matching the target feature data exists in the predetermined database, the method further comprises:
when the first device fingerprint matched with the target characteristic data exists in the preset database, determining that the first device fingerprint is the target device fingerprint, and updating the first device data to the target device data.
3. The method of claim 1 or 2, wherein the obtaining target device data of the target device comprises:
acquiring target hardware data and/or target software data of the target equipment through target application, wherein the target application represents an application program logged in by the target equipment, the target hardware data comprises at least one of target equipment identification information, target equipment model information and target equipment processor information, and the target software data comprises at least one of target equipment storage information, target equipment system information, target equipment application information and target equipment network information.
4. The method of claim 3, wherein the determining whether the first device fingerprint matching the target device data exists in the preset database comprises:
detecting whether first equipment identification information matched with the target equipment identification information, first equipment model information matched with the target equipment model information, first equipment processor information matched with the target equipment processor information, first equipment storage information corresponding to the target equipment storage information, first equipment system information corresponding to the target equipment system information, first equipment application information corresponding to the target equipment application information and first equipment network information corresponding to the target equipment network information exist in the preset database, so as to obtain an identification matching state, a model matching state, a processor matching state, a storage matching state, a system matching state, an application matching state and a network matching state;
determining a matching confidence of the target device data and the first device fingerprint according to a preset identification weight, a preset model weight, a preset processor weight, a preset storage weight, a preset system weight, a preset application weight, a preset network weight, the identification matching state, the model matching state, the processor matching state, the storage matching state, the system matching state, the application matching state and the network matching state;
when the matching confidence is higher than or equal to a preset confidence threshold, determining that the first device fingerprint matched with the target device data exists in the preset database;
and when the matching confidence is lower than the preset confidence threshold and the identification matching state is matching, determining that the first device fingerprint matched with the target device data does not exist in the preset database.
5. The method of claim 4, further comprising:
and when the matching confidence is lower than the preset confidence threshold and the identification matching state is not matched, determining that the target equipment is abnormal equipment, and executing a preset abnormal equipment management strategy.
6. The method of claim 1, wherein prior to obtaining target device data for a target device, the method further comprises:
detecting, by the target application, whether the target device stores the target device fingerprint;
upon detecting that the target device does not store the target device fingerprint, performing claim 1.
7. The method of any of claims 1-6, wherein after detecting that the target device has the target device fingerprint stored therein, or after generating a target device fingerprint from the target device data, the method further comprises:
when a target instruction from the target equipment is received through the target application, acquiring the fingerprint of the target equipment;
acquiring historical operation data corresponding to the target equipment fingerprint and the target equipment data;
determining a risk coefficient of the target equipment according to the historical operation data and the target equipment data;
and executing a preset risk equipment management strategy when the risk coefficient is higher than a preset risk threshold value.
8. A data processing apparatus, characterized in that the apparatus comprises:
the data acquisition unit is used for acquiring target device data of a target device, wherein the target device data is used for indicating hardware information and/or software information of the target device;
the fingerprint judging unit is used for judging whether a first device fingerprint matched with the target device data exists in a preset database, the first device fingerprint and the first device data have a mapping relation, and the first device fingerprint is used for indicating the first device;
and the fingerprint generating unit is used for generating a target device fingerprint according to the target device data when the first device fingerprint matched with the target device data does not exist in the preset database, wherein the target device fingerprint and the target device data have a mapping relation, and the target device fingerprint and the target device data are stored in the preset database.
9. A server, comprising a processor, memory, and one or more programs stored in the memory and configured to be executed by the application processor, the programs including instructions for performing the steps in the method of any of claims 1-7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program comprising program instructions that, when executed by a processor, cause the processor to carry out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111632720.6A CN114297735A (en) | 2021-12-28 | 2021-12-28 | Data processing method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111632720.6A CN114297735A (en) | 2021-12-28 | 2021-12-28 | Data processing method and related device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114297735A true CN114297735A (en) | 2022-04-08 |
Family
ID=80971636
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111632720.6A Pending CN114297735A (en) | 2021-12-28 | 2021-12-28 | Data processing method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114297735A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114860351A (en) * | 2022-07-08 | 2022-08-05 | 浙江口碑网络技术有限公司 | Abnormity identification method and device, storage medium and computer equipment |
| CN116016241A (en) * | 2022-12-27 | 2023-04-25 | 安天科技集团股份有限公司 | Equipment fingerprint information identification method and device, storage medium and electronic equipment |
-
2021
- 2021-12-28 CN CN202111632720.6A patent/CN114297735A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114860351A (en) * | 2022-07-08 | 2022-08-05 | 浙江口碑网络技术有限公司 | Abnormity identification method and device, storage medium and computer equipment |
| CN116016241A (en) * | 2022-12-27 | 2023-04-25 | 安天科技集团股份有限公司 | Equipment fingerprint information identification method and device, storage medium and electronic equipment |
| CN116016241B (en) * | 2022-12-27 | 2024-05-31 | 安天科技集团股份有限公司 | Equipment fingerprint information identification method and device, storage medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109522304B (en) | Abnormal object identification method and device and storage medium | |
| CN112837069B (en) | Block chain and big data based secure payment method and cloud platform system | |
| CN109327439B (en) | Risk identification method and device for service request data, storage medium and equipment | |
| CN109508903B (en) | Risk assessment method, risk assessment device, computer equipment and storage medium | |
| CN109831459B (en) | Method, device, storage medium and terminal equipment for secure access | |
| CN110348471B (en) | Abnormal object identification method, device, medium and electronic equipment | |
| CN111641588A (en) | Webpage analog input detection method and device, computer equipment and storage medium | |
| CN113157854B (en) | API sensitive data leakage detection method and system | |
| CN115840964A (en) | Data processing method and device, electronic equipment and computer storage medium | |
| CN114297735A (en) | Data processing method and related device | |
| CN111339531A (en) | Malicious code detection method and device, storage medium and electronic equipment | |
| CN111371581A (en) | Method, device, equipment and medium for detecting business abnormity of Internet of things card | |
| CN116707859A (en) | Feature rule extraction method and device, and network intrusion detection method and device | |
| CN116055165A (en) | Malicious traffic data detection method and system | |
| CN110992155A (en) | Bidding and enclosing processing method and related product | |
| CN113918949A (en) | Recognition method of fraud APP based on multi-mode fusion | |
| CN112532645A (en) | Internet of things equipment operation data monitoring method and system and electronic equipment | |
| CN104021324A (en) | Method and device for writing safety verification | |
| CN113065748A (en) | Business risk assessment method, device, equipment and storage medium | |
| CN115809466B (en) | Security requirement generation method and device based on STRIDE model, electronic equipment and medium | |
| CN105162799A (en) | Method for checking whether client is legal mobile terminal or not and server | |
| CN115643044A (en) | Data processing method, device, server and storage medium | |
| CN113242257A (en) | Unauthorized vulnerability detection method, device, equipment and storage medium | |
| CN110533297B (en) | Method and device for identifying abnormal equipment | |
| CN113946703A (en) | Picture omission processing method and related device thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230619 Address after: 1301, Office Building T2, Qianhai China Resources Financial Center, No. 55 Guiwan Fourth Road, Nanshan Street, Qianhai Shenzhen-Hong Kong Cooperation Zone, Shenzhen, Guangdong Province, 518052 Applicant after: Shenzhen Hefei Technology Co.,Ltd. Address before: 518052 2501, office building T2, Qianhai China Resources Financial Center, 55 guiwan 4th Road, Nanshan street, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen City, Guangdong Province Applicant before: Shenzhen Huantai Digital Technology Co.,Ltd. |