摘要
在电子交易中,用户通过PC端的浏览器进行交易。由于钓鱼网站等盗号方式的威胁,传统的账号密码认证方式存在着失效的风险。现有的用户网页浏览行为认证方法主要针对用户的某一方面行为进行认证。若对大量用户仅进行单方面行为的认证,则难以区分特征相似用户,会造成认证失效。基于用户浏览网页的序列行为、超链接使用行为和操作浏览器行为的多因素浏览行为特征,采用机器学习方法构建了一种认证方法。实验结果表明,在一定的误报率情况下,该方法的侦测率达到了90%以上。
In the process of electronic trades,users trade through the PC browser.Due to the threats of phishing sites and other hacking way,there is a failure risk in the traditional account-password-authentication mode.The existing methods of user Web-browsing-authentication mainly aim at authenticating one aspect of the user's behaviors.For a large number of users,if the authentication is done only from the single aspect,it is difficult to distinguish the features among similar users,which will result in authentication invalidation.Based on the sequence behavior of user browsing Web,the behavior of hyperlink usage and browser manipulation,a authentication method synthesizing multi-factors was proposed by using the machine learning method.The experimental results show that this method achieves more than90% detection rate under a certain false positive rate.
出处
《计算机科学》
CSCD
北大核心
2018年第2期181-188,共8页
Computer Science
基金
上海市"科技创新行动计划"高新技术领域项目(16511100900)
国家自然科学基金委重点项目(61332008)资助
关键词
网页浏览
行为认证
多因素
机器学习
Web browsing
Behavior authentication
Multi-factors
Machine learning
