Data processing method and device, electronic equipment and storage medium

Abstract

This application provides a data processing method, apparatus, electronic device, computer program product, and computer-readable storage medium. The method includes: acquiring login data of a target account in a target application on a login device; acquiring application installation data on the login device; performing feature extraction processing on at least one of the login data and application installation data to obtain login behavior features of the target account, and determining the account type of the target account based on the login behavior features; performing feature extraction processing on the application installation data to obtain device features of the login device, and determining the user type of the login device based on the device features; in response to the target account being an abnormal account and the user type of the login device being a minor, determining that the target account is a rented account belonging to a minor; and implementing a minor restriction policy for the target application. This application improves the efficiency of implementing minor restriction policies.

Description

Technical Field

[0001] This application relates to artificial intelligence technology, and more particularly to a data processing method, apparatus, electronic device, and storage medium. Background Technology

[0002] Artificial intelligence (AI) is the theory, methods, technology, and application systems that use digital computers or machines controlled by digital computers to simulate, extend, and expand human intelligence, perceive the environment, acquire knowledge, and use that knowledge to achieve optimal results. In other words, AI is a comprehensive technology within computer science that attempts to understand the essence of intelligence and produce a new kind of intelligent machine that can react in a way similar to human intelligence. AI studies the design principles and implementation methods of various intelligent machines, enabling them to possess the functions of perception, reasoning, and decision-making.

[0003] Currently, various applications have relevant anti-addiction measures for minors, such as real-name authentication for game applications and daily playtime limits for accounts used by minors. However, there are currently several ways to bypass the anti-addiction measures set up by the game side. One of the more common methods is to rent other people's (adults') accounts to play games. In this case, it is difficult to determine the actual user of the account, which affects the implementation of anti-addiction measures for minors.

[0004] Currently, there is no good way to accurately implement policies targeting minors using relevant technologies. Summary of the Invention

[0005] This application provides a data processing method, apparatus, electronic device, computer-readable storage medium, and computer program product that can improve the efficiency of implementing policies restricting minors.

[0006] The technical solution of this application embodiment is implemented as follows:

[0007] This application provides a data processing method, the method comprising:

[0008] Retrieve login data of the target account in the target application on the logged-in device;

[0009] Obtain application installation data from the login device, wherein the application installation data includes: feature data of applications already installed on the login device;

[0010] At least one of the login data and the application installation data is subjected to feature extraction processing to obtain the login behavior features of the target account, and the account type of the target account is determined based on the login behavior features;

[0011] The application installation data is processed by feature extraction to obtain the device characteristics of the logged-in device, and the user type of the logged-in device is determined based on the device characteristics.

[0012] In response to the fact that the target account is an abnormal account and the user type of the login device is a minor, it is determined that the target account is a rented account of a minor.

[0013] Implement a minor restriction policy for the target application.

[0014] This application provides a data processing apparatus, including:

[0015] The data acquisition module is configured to acquire login data of the target account in the target application on the login device;

[0016] The data acquisition module is further configured to acquire application installation data in the login device, wherein the application installation data includes: feature data of applications already installed in the login device;

[0017] The type recognition module is configured to perform feature extraction processing on at least one of the login data and the application installation data to obtain the login behavior features of the target account, and determine the account type of the target account based on the login behavior features;

[0018] The type identification module is further configured to perform feature extraction processing on the application installation data to obtain the device characteristics of the login device, and determine the user type of the login device based on the device characteristics;

[0019] The strategy execution module is configured to determine that the target account is a rented account of a minor in response to the fact that the account type of the target account is an abnormal account and the user type of the login device is a minor.

[0020] The policy execution module is also configured to execute a minor restriction policy for the target application.

[0021] This application provides an electronic device, the electronic device comprising:

[0022] Memory is used to store executable instructions for a computer;

[0023] The processor, when executing computer-executable instructions stored in the memory, implements the data processing method provided in the embodiments of this application.

[0024] This application provides a computer-readable storage medium storing computer-executable instructions for implementing the data processing method provided in this application when executed by a processor.

[0025] This application provides a computer program product, including a computer program or computer executable instructions, which, when executed by a processor, implement the data processing method provided in this application.

[0026] The embodiments of this application have the following beneficial effects:

[0027] By acquiring account login data and application installation data of the devices the accounts log into, the system analyzes account characteristics based on login data to determine account type, and analyzes device characteristics based on application installation data to determine the type of user of the device. This improves the accuracy of identifying the user of the device, implements restriction policies on applications logged into by minors' accounts, saves energy consumption of electronic devices, and enhances account security. Attached Figure Description

[0028] Figure 1 This is a schematic diagram illustrating the application mode of the data processing method provided in the embodiments of this application;

[0029] Figure 2 This is a schematic diagram of the structure of the electronic device provided in the embodiments of this application;

[0030] Figures 3A to 3H This is a flowchart illustrating the data processing method provided in an embodiment of this application;

[0031] Figure 4 This is a flowchart illustrating the data processing method provided in an embodiment of this application;

[0032] Figure 5 This is an optional flowchart illustrating the data processing method provided in an embodiment of this application;

[0033] Figure 6 This is a schematic diagram of address transitions provided in an embodiment of this application;

[0034] Figure 7 This is an optional flowchart illustrating the data processing method provided in the embodiments of this application. Detailed Implementation

[0035] To make the objectives, technical solutions, and advantages of this application clearer, the application will be further described in detail below with reference to the accompanying drawings. The described embodiments should not be regarded as limitations on this application. All other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.

[0036] In the following description, references are made to “some embodiments,” which describe a subset of all possible embodiments. However, it is understood that “some embodiments” may be the same subset or different subsets of all possible embodiments and may be combined with each other without conflict.

[0037] In the following description, the terms "first, second, third" are used merely to distinguish similar objects and do not represent a specific ordering of objects. It is understood that "first, second, third" may be interchanged in a specific order or sequence where permitted, so that the embodiments of this application described herein can be implemented in an order other than that illustrated or described herein.

[0038] It should be noted that in the embodiments of this application, user information, user feedback data and other related data are involved. When the embodiments of this application are applied to specific products or technologies, user permission or consent is required, and the collection, use and processing of related data must comply with the relevant laws, regulations and standards of the relevant countries and regions.

[0039] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of this application only and is not intended to limit this application.

[0040] Before providing a further detailed description of the embodiments of this application, the nouns and terms involved in the embodiments of this application will be explained, and the nouns and terms involved in the embodiments of this application shall be interpreted as follows.

[0041] 1) Convolutional Neural Networks (CNNs) are a class of deep feedforward neural networks (FNNs) that incorporate convolutional computations and are one of the representative algorithms of deep learning. CNNs possess representation learning capabilities, enabling shift-invariant classification of input images based on their hierarchical structure. The artificial neurons in a CNN can respond to a portion of the surrounding units within their coverage area. A CNN consists of one or more convolutional layers and a fully connected layer at the top (corresponding to a classic neural network), and also includes associated weights and pooling layers.

[0042] 2) Extreme Gradient Boosting (XGBoost) model, which applies Gradient Boosting Decision Tree (GBDT), can be used for both classification and regression problems.

[0043] 3) Anti-addiction system, officially known as the online game anti-addiction system, aims to address the current situation of minors' addiction to online games or entertainment applications. In game servers equipped with this system, users whose identities have been verified as minors through real-name authentication, those with incomplete real-name information, and those who fail verification are all included in the online game anti-addiction system. For example, if a minor player's playtime exceeds the set game time limit, the application will implement corresponding restriction policies, including but not limited to halving virtual experience points and automatic account logout. If a user who has not undergone real-name authentication reaches the set game time limit, relevant restriction policies will be implemented in the application.

[0044] This application provides a data processing method, a data processing apparatus, an electronic device, a computer-readable storage medium, and a computer program product, which can improve the efficiency of implementing policies restricting minors.

[0045] The following describes exemplary applications of the electronic devices provided in the embodiments of this application. These electronic devices can be implemented as various types of user terminals, such as laptops, tablets, desktop computers, set-top boxes, mobile devices (e.g., mobile phones, portable music players, personal digital assistants, dedicated messaging devices, portable gaming devices), in-vehicle terminals, virtual reality (VR) devices, and augmented reality (AR) devices, or as servers. Exemplary applications when the device is implemented as a terminal device or a server will be described below.

[0046] refer to Figure 1 , Figure 1 This is a schematic diagram illustrating the application mode of the data processing method provided in the embodiments of this application; for example, Figure 1 The system involves server 200, network 300, and terminal device 400. Terminal device 400 is connected to server 200 through network 300, which can be a wide area network (WAN), a local area network (LAN), or a combination of both.

[0047] In some embodiments, the terminal device 400 has a variety of different applications installed, the target application is a game application, the server 200 can be the server of the game platform, the minor is a minor player, and the target account can be a game account.

[0048] For example, when a user logs into a game application using a game account through a terminal device 400 that has not enabled the minor protection mode, the terminal device 400 sends the login data of the game account on the terminal device 400 and the application installation data of the terminal device 400 to the server 200. The server obtains other login data associated with the game account (login device, login address, login time, etc.) and determines whether the game account is an abnormal account based on the login data of the terminal device 400. Based on the application installation data of the terminal device 400, the server determines the user type of the terminal device 400. When the user type is a minor and the game account is an abnormal account, the server sends an instruction containing a minor restriction policy to the terminal device 400, and the application of the terminal device 400 executes the minor restriction policy.

[0049] In some embodiments, the terminal device 400 can independently execute the data processing method provided in the embodiments of this application. The terminal device 400 receives login data of the game account on other login devices fed back by the server 200. The terminal device 400 determines the type of the game account and the type of the terminal device 400 based on the application installation data and login data. In response to the game account being an abnormal account and the user type of the terminal device 400 being a minor, the terminal device 400 executes a minor restriction policy for the target application.

[0050] In some embodiments, the data processing method of this application can also be applied to the following scenarios: account security scenarios, where some users earn income by providing account rental services to other users, and the rented accounts are often logged in by multiple users, affecting account security. By calling the data processing method of this application, the rental accounts of minors can be located, improving account security.

[0051] This application embodiment can be implemented using blockchain technology. Devices or accounts used by minors, obtained through this application embodiment, can be uploaded to the blockchain for storage as identification results. The reliability of the identification results is ensured through a consensus algorithm. Blockchain is a novel application model of computer technologies such as distributed data storage, peer-to-peer transmission, consensus mechanisms, and encryption algorithms. Essentially, a blockchain is a decentralized database, a chain of data blocks linked using cryptographic methods. Each data block contains information about a batch of network transactions, used to verify the validity of the information (anti-counterfeiting) and generate the next block. A blockchain can include a blockchain underlying platform, a platform product service layer, and an application service layer.

[0052] This application embodiment can be implemented using database technology. A database, simply put, can be viewed as an electronic filing cabinet storing electronic files, where users can perform operations such as adding, querying, updating, and deleting data. A "database" is a collection of data stored together in a certain way, capable of being shared by multiple users, having minimal redundancy, and being independent of application programs.

[0053] A Database Management System (DBMS) is a computer software system designed to manage databases, generally possessing basic functions such as storage, retrieval, security, and backup. DBMSs can be classified according to the database model they support, such as relational or XML (Extensible Markup Language); or according to the type of computer they support, such as server clusters or mobile devices; or according to the query language used, such as Structured Query Language (SQL) or XQuery; or according to performance priorities, such as maximum scale or maximum operating speed; or other classification methods. Regardless of the classification method used, some DBMSs can cross categories, for example, simultaneously supporting multiple query languages.

[0054] This application embodiment can also be implemented using cloud technology. Cloud technology is a general term for network technology, information technology, integration technology, management platform technology, and application technology based on cloud computing business models. It can form a resource pool, available on demand, offering flexibility and convenience. Cloud computing technology will become a crucial support. Backend services of technical network systems require substantial computing and storage resources, such as video websites, image websites, and many portal websites. With the rapid development and application of the internet industry, and driven by demands for search services, social networks, mobile commerce, and open collaboration, every item may eventually possess its own hash-coded identification mark, requiring transmission to a backend system for logical processing. Data at different levels will be processed separately, and various industry data will require robust system support, which can only be achieved through cloud computing.

[0055] In some embodiments, the server can be a standalone physical server, a server cluster or distributed system composed of multiple physical servers, or a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN, and big data and artificial intelligence platforms. Electronic devices can be smartphones, tablets, laptops, desktop computers, smart speakers, smartwatches, etc., but are not limited to these. Terminal devices and servers can be directly or indirectly connected via wired or wireless communication, which is not limited in this embodiment of the invention.

[0056] See Figure 2 , Figure 2 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. The electronic device may be a server. Figure 2 The server 200 shown includes at least one processor 410, memory 450, and at least one network interface 420. The various components of server 200 are coupled together via a bus system 440. It is understood that the bus system 440 is used to implement communication between these components. In addition to a data bus, the bus system 440 also includes a power bus, a control bus, and a status signal bus. However, for clarity, ... Figure 2 The general labeled all buses as Bus System 440.

[0057] The processor 410 can be an integrated circuit chip with signal processing capabilities, such as a general-purpose processor, a digital signal processor (DSP), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or any conventional processor, etc.

[0058] The memory 450 may be removable, non-removable, or a combination thereof. Exemplary hardware devices include solid-state storage, hard disk drives, optical disk drives, etc. The memory 450 may optionally include one or more storage devices physically located away from the processor 410.

[0059] The memory 450 may include volatile memory or non-volatile memory, or both. The non-volatile memory may be read-only memory (ROM), and the volatile memory may be random access memory (RAM). The memory 450 described in this application embodiment is intended to include any suitable type of memory.

[0060] In some embodiments, memory 450 is capable of storing data to support various operations, examples of which include programs, modules, and data structures or subsets or supersets thereof, as illustrated below.

[0061] Operating system 451 includes system programs for handling various basic system services and performing hardware-related tasks, such as the framework layer, core library layer, driver layer, etc., for implementing various basic business functions and handling hardware-based tasks;

[0062] The network communication module 452 is used to reach other electronic devices via one or more (wired or wireless) network interfaces 420, exemplary network interfaces 420 including: Bluetooth, WiFi, and Universal Serial Bus (USB), etc.

[0063] In some embodiments, the apparatus provided in this application can be implemented in software. Figure 2 A data processing device 455 stored in memory 450 is shown. This device can be software in the form of programs and plug-ins, and includes the following software modules: a data acquisition module 4551, a type recognition module 4552, and a policy execution module 4553. These modules are logically linked and can therefore be arbitrarily combined or further separated according to their implemented functions. The functions of each module will be described below.

[0064] In some embodiments, the terminal or server can implement the data processing method provided in this application by running a computer program. For example, the computer program can be a native program or software module in an operating system; it can be a native application (APP), that is, a program that needs to be installed in the operating system to run, such as a game APP or a video APP; it can also be a mini-program, that is, a program that only needs to be downloaded to the browser environment to run; or it can be a mini-program that can be embedded in any APP. In short, the above-mentioned computer program can be any form of application, module or plugin.

[0065] The data processing method provided in this application will be described in conjunction with exemplary applications and implementations of the terminal provided in the embodiments of this application. As mentioned above, the electronic device implementing the data processing method of the embodiments of this application can be a terminal, a server, or a combination of both. Therefore, the executing entity of each step will not be described again below.

[0066] See Figure 3A , Figure 3A This is a flowchart illustrating the data processing method provided in the embodiments of this application, which will be combined with... Figure 3A The steps shown are explained.

[0067] In step 301, the login data of the target account in the target application on the login device is obtained.

[0068] For example, the target application can be a game application or an entertainment application. To prevent minors from becoming addicted to games or entertainment, these types of applications typically have a real-name authentication mechanism to determine the type of user using the account. In some cases, if a user is not real-name authenticated, the user type can be determined using the data processing method provided in this application embodiment. The login data of the target account on the login device includes: the login data of the target account on the current login device and the login data of the target account on other login devices. Each segment of login data corresponds to one login behavior of the target account, and the field types of each segment of login data include: login device identifier, login time, and login address.

[0069] In step 302, the application installation data in the logged-in device is obtained.

[0070] For example, application installation data includes: characteristic data of applications installed on the logged-in device. Application characteristic data includes application installation time, type, and identifier. Application installation data can be obtained through the application's Uniform Resource Locator (URL).

[0071] In some embodiments, after step 301, login data with missing fields in each login data segment is deleted; after step 302, application installation data with missing fields in each application installation data segment is deleted. During data acquisition, data may be incomplete. Deleting data with missing fields can improve the accuracy of type identification and save computational resources.

[0072] In step 303, feature extraction processing is performed on at least one of the login data and the application installation data to obtain the login behavior features of the target account.

[0073] For example, login data can directly reflect the login behavior of the target account, and login behavior features can be extracted based on the login data; the application installation data of the login device logged in by the target account can indirectly reflect login behavior-related data, which can be used to extract login behavior features.

[0074] In some embodiments, reference Figure 3B , Figure 3B This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3A Step 303 in the process can be achieved through Figure 3B The steps 3031 or 3032 are implemented as follows, and are explained in detail below.

[0075] In step 3031, feature extraction processing is performed on the data of each field type of the login data to obtain the sub-features corresponding to each field type, and each sub-feature is combined into the login behavior features of the target account.

[0076] For example, the field types for login data include: login time, login device, and login address for the target account. Sub-feature types include: time feature, address feature, and device feature;

[0077] In some embodiments, reference Figure 3C , Figure 3C This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3B Step 3031 can be achieved through Figure 3C Steps 30311 to 30314 are implemented, and the details are explained below.

[0078] In step 30311, the login duration of each login of the target account is determined based on the login time of the target account, and the login duration of each login is combined into a time feature in sequence form.

[0079] For example, the login duration is the difference between the logout time and the login time for each login. Based on the order of each login, the login duration of each login is combined into a time feature in sequence form.

[0080] In step 30312, the login addresses of each login of the current device are combined into a sequence of address features.

[0081] For example, based on the order in which each login occurs, the login addresses of each login are combined into a sequence of address features.

[0082] In step 30313, the login devices of each login of the current device are combined into a sequence of login features.

[0083] For example, steps 30313 and 30312 are similar, combining login devices according to the order of each login to obtain login characteristics.

[0084] In step 30314, the address features, login features, and time features are combined into login behavior features of the target account.

[0085] For example, login behavior characteristics can be characterized as a matrix of sequences comprising three dimensions.

[0086] In this embodiment, login behavior features are extracted from multiple dimensions, which improves the accuracy of login behavior features, enhances the accuracy of determining account types, and improves the execution efficiency of anti-addiction strategies.

[0087] Continue to refer to Figure 3B In step 3032, the login device associated with the target account is determined based on the login data, and the login behavior characteristics of the target account are extracted from the application installation data of the login device associated with the target account.

[0088] In some embodiments, the field types of login data include: login time of the target account, login device identifier, and login address; login behavior characteristics include: number of login devices, number of login addresses, and type of installed applications on the login device; step 3032 can be implemented in the following ways: based on the login data, count the number of login devices and the number of login addresses of the target account; extract the type of each installed application from the application installation data.

[0089] In this embodiment, login behavior features are extracted from application installation data, which improves the comprehensiveness of feature extraction and saves computing resources.

[0090] Continue to refer to Figure 3A In step 304, the account type of the target account is determined based on the login behavior characteristics.

[0091] For example, if there are two ways to determine login behavior characteristics, then there are correspondingly two ways to determine account type, as explained below.

[0092] In some embodiments, reference Figure 3D , Figure 3D This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3B After step 3031, step 304 can be performed via... Figure 3D Steps 3041 to 3043 are implemented, and the details are explained below.

[0093] In step 3041, the jump indicators of the target account are determined based on login behavior characteristics.

[0094] Here, the jump metric is used to characterize the frequency of changes in the login time, login device, and login address of a target account. A jump refers to a change, and each change can be recorded as a jump.

[0095] In some embodiments, reference Figure 3E , Figure 3E This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3D Step 3041 in the process can be achieved through Figure 3E Steps 30411 to 30414 are implemented, and the details are explained below.

[0096] In step 30411, the jump frequency corresponding to the address feature is determined based on the difference between adjacent login addresses in the address feature.

[0097] For example, a jump is counted as one instance of two login attempts where the login addresses are different. For instance, if the address sequence is [address 1, address 2, address 3, address 3, address 3], and the address jumps twice in five login attempts, then the jump frequency is 2.

[0098] In step 30412, the jump frequency corresponding to the login feature is determined based on the differences between adjacent login devices in the login feature.

[0099] For example, a jump is defined as two consecutive login actions with different login devices. For instance, if the sequence of login characteristics is [device 1, device 3, device 2, device 1, device 3], then there are 4 device jumps in 5 login attempts, which is a jump frequency of 4.

[0100] In step 30413, each login duration in the time feature is compared with the login duration threshold, and the jump frequency corresponding to the time feature is determined based on the comparison result.

[0101] For example, the jump frequency corresponding to the time feature is the number of login durations less than the login duration threshold. The login duration threshold can be determined based on the application scenario. For example, if 3 out of 5 login attempts have a login duration less than the login duration threshold, then the jump frequency corresponding to the time feature is 3.

[0102] In step 30414, the jump frequency of each dimension of the login behavior features is weighted and calculated to obtain the jump index of the target account.

[0103] For example, the weight value corresponding to the jump frequency of each dimension can be determined according to the application scenario and the type of the target application. The jump metric can be represented by the following formula: Jump metric = Jump frequency corresponding to time feature * Q1 + Jump frequency corresponding to address feature * Q2 + Jump frequency corresponding to login feature * Q3, where Q1, Q2, and Q3 are the weights.

[0104] Continue to refer to Figure 3D In step 3042, in response to the jump indicator being greater than the jump indicator threshold, the target account is determined to be an abnormal account.

[0105] For example, if the jump indicator is greater than the jump indicator threshold, it means that the target account changes its address or device more frequently than normal accounts, and the login behavior of the target account is abnormal. In this case, the target account is an abnormal account.

[0106] In step 3043, in response to the jump indicator being less than the jump indicator threshold, the target account is determined to be a normal account.

[0107] For example, if the jump indicator is less than the jump indicator threshold, it means that the frequency of the target account changing the address or device is less than that of the abnormal account, then the target account is an abnormal account.

[0108] In this embodiment, the type of account is determined by the change in login behavior, which improves the accuracy of determining the account type and the efficiency of implementing anti-addiction strategies.

[0109] In some embodiments, reference Figure 3F , Figure 3F This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3B After step 3032, step 304 can be performed via... Figure 3F Steps 3044 to 3045 are implemented, and the details are explained below.

[0110] In step 3044, when the login behavior characteristics meet the abnormal account conditions, the target account is determined to be an abnormal account.

[0111] For example, abnormal account conditions include at least one of the following: the type of application installed on at least one login device of the target account is an abnormal application (e.g., an application for renting accounts); the number of login addresses or login devices of the target account exceeds a quantity threshold.

[0112] In step 3045, when the login behavior characteristics do not meet the abnormal account conditions, the target account type is determined to be a normal account.

[0113] In this embodiment, the type of the target account is determined by the association between the login device and the target account, which improves the efficiency of determining the account type, saves computing resources, and enhances the security of the account.

[0114] Continue to refer to Figure 3A In step 305, feature extraction processing is performed on the application installation data to obtain the device features of the login device, and the user type of the login device is determined based on the device features.

[0115] For example, user types are differentiated based on age, including adults and minors. Application installation data can determine the types of applications installed on a device, and these application types can characterize a user's interests and preferences; the distribution of application types installed on devices differs among different user types.

[0116] In some embodiments, reference Figure 3G , Figure 3G This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3A Step 305 in the process can be achieved through Figure 3G Steps 3051 to 3054 are implemented, and the details are explained below.

[0117] In step 3051, feature extraction processing is performed on the feature data of the installed application to obtain the device features of the logged-in device.

[0118] For example, device characteristics can be eigenvalues ​​determined by the Target Group Index (TGI) of the installed application. The TGI reflects the strength or weakness of a target group within a specific research scope (such as geographic region, demographic area, media audience, or product consumer). In this embodiment, the TGI is an index indicating the strength of underage users (target group) of the application relative to product consumers (overall).

[0119] In some embodiments, the feature data includes: application installation time, application identifier, and application type (e.g., game, educational, video). Reference Figure 3H , Figure 3H This is a flowchart illustrating the data processing method provided in an embodiment of this application; Figure 3G Step 3051 in the process can be achieved through Figure 3H Steps 30511 to 30514 are implemented, and the details are explained below.

[0120] In step 30511, the target group index for each installed application is obtained.

[0121] For example, the target audience index = [the percentage of minors using the app / the percentage of product consumers using the app] * standard number 100. The target audience index can be obtained in advance from the database corresponding to the app.

[0122] In step 30512, each installed application is grouped to obtain multiple application groups.

[0123] In some embodiments, each installed application can be grouped in any of the following ways:

[0124] Method 1: Group applications based on their type to obtain multiple application groups, where applications in each group are of the same type. For example, group educational applications into one group and payment applications into another group.

[0125] Method 2: Sort the target group index of each installed application in descending order to obtain a descending sorted list. Obtain multiple preset index intervals. Group each installed application based on these preset index intervals to obtain multiple application groups. The installed applications in each application group belong to the same preset index interval. For example, if the descending sorted list is [160, 120, 111, ..., 60], and the preset index intervals are [60, 110) and [110, 160], then the applications whose target group index belongs to [60, 110) are assigned to the first application group, and the applications whose target group index belongs to [110, 160] are assigned to the second application group.

[0126] In step 30513, the following processing is performed for each application group: the average of the target group index of each installed application is used as the target group index of the application group.

[0127] For example, continuing with the above example, for the first application group, the average value A1 of the target group index is obtained as the target group index for the first group. For the second application group, the average value A2 of the target group index is obtained as the target group index for the second group.

[0128] In step 30514, the target group indexes of each application group are combined into a target group index sequence, and the target group index sequence is used as a device feature.

[0129] For example, the target group indices of each group are combined to obtain the target group index sequence [A1, A2] as a device feature.

[0130] Continue to refer to Figure 3G In step 3052, the extreme gradient boosting model is invoked based on the device characteristics to perform type prediction processing and obtain the type probability of the logged-in device.

[0131] For example, the Extreme Gradient Boosting (XGBoost) model can be used for classification. The XGBoost model outputs the probability that the user type of the logged-in device is a minor.

[0132] In some embodiments, before step 3052, the extreme gradient boosting model is obtained by: obtaining a training sample set, wherein the training sample set includes: application installation data of sample login devices, the type of sample login devices, and the user type of the sample login devices including: minors and adults; labeling the application installation data of the sample login devices to obtain labeled application installation data, wherein the label of the login devices of minors is probability 1, and the label of the login devices of adults is probability 0; and training the initialized extreme gradient boosting model based on the labeled application installation data to obtain the trained extreme gradient boosting model.

[0133] In step 3053, in response to the type probability being greater than or equal to the probability threshold, it is determined that the user type of the logged-in device is a minor.

[0134] For example, the probability threshold can be determined based on the application scenario. When the type probability is greater than the probability threshold, indicating that the probability of the user type logging into the device is a minor is greater than the probability threshold, the user type can be identified as a minor. This can then be combined with other data to determine whether the user currently using the target account is a minor.

[0135] In step 3054, in response to the type probability being less than the probability threshold, it is determined that the user type of the logged-in device is an adult.

[0136] For example, if the probability of a user logging into the device is less than a probability threshold, indicating that the user is an adult, the user can be identified as an adult. When the user is identified as an adult, a real-name authentication reminder can be sent to the device to prompt the user to complete real-name authentication, thus improving account security.

[0137] In some embodiments, before step 306, usage time data of installed applications on the logged-in device is obtained; feature extraction processing is performed on the usage time data to obtain usage time features; the similarity between the usage time features and sample time features is obtained, wherein the sample time features are usage time features of logged-in devices with user type minor, and the similarity can be calculated by calculating the cosine similarity between features; in response to the similarity being greater than or equal to a similarity threshold, the user type of the logged-in device is determined to be a minor; in response to the similarity being less than the similarity threshold, the user type of the logged-in device is determined to be an adult.

[0138] For example, there are differences in the distribution of time periods when minors and adults use devices. Sample time characteristics of minors can be obtained, and the user type of the device can be determined based on the similarity between the sample time characteristics and the actual usage time characteristics of the logged-in device, thus saving computing resources.

[0139] Continue to refer to Figure 3A In step 306, in response to the fact that the target account's account type is an abnormal account and the user type of the login device is a minor, it is determined that the target account is a rented account of a minor.

[0140] For example, a minor's rented account could be one that the minor rents from another user or one that the minor borrows from an adult. Restriction policies can be implemented on the applications that the rented account is currently logged into.

[0141] In some embodiments, before step 307, an interactive verification interface is displayed in the target application, wherein the types of interactive verification include: fingerprint verification, voiceprint verification, face recognition, and verification code verification; in response to an interactive operation on the interactive verification interface, the verification result corresponding to the interactive operation is displayed; in response to a verification failure result, the process proceeds to step 307.

[0142] For example, interactive verification can be used to determine whether the user currently using the account is an authenticated user, thereby improving account security and the accuracy of enforcing policies restricting minors.

[0143] In step 307, a minor restriction policy is implemented for the target application.

[0144] For example, minor restriction strategies are strategies used to address minors' addiction to online games or entertainment applications. By interfering with the use of these applications, they aim to prevent minors from becoming addicted for extended periods.

[0145] In some embodiments, step 307 can be implemented as follows: in response to the target application meeting the restriction conditions, perform the operation of forcibly disconnecting the target account from the target application and stopping the target application from running; wherein the restriction conditions include at least one of the following: 1. The login time of the target account in the target application reaches a time threshold; for example: it is pre-defined that minors can play games for 2 hours on weekdays. On weekdays, when the minor's account plays games for 2 hours, it is forcibly disconnected. 2. The current time does not belong to the time period for minors to use the target application. For example: a time period for minors to play is pre-defined, and if the current time period does not belong to that time period, the login request of the minor's account is rejected, or the account that is playing the game is forcibly disconnected.

[0146] In some embodiments, reference Figure 4 ,exist Figure 3A After step 306, proceed to steps 401 through 405.

[0147] In step 401, other login devices that the target account has logged into are identified based on the login data.

[0148] For example, the login data includes every login device that the target account has logged into, and devices other than the current device in the login data are retrieved as other devices.

[0149] In step 402, the user type of other login devices is marked as a minor.

[0150] For example, if the target account is confirmed to be a rental account belonging to a minor, then the type of device that the target account previously logged into is minor.

[0151] In step 403, the account login records of the current login device are obtained.

[0152] For example, the account login records of the currently logged-in device can be extracted from the target application's logs. The account login records include the identifier of the logged-in account and the login time.

[0153] In step 404, extract accounts other than the target account from the account login records and mark the other accounts as abnormal accounts.

[0154] For example, if the target account is confirmed to be a rental account belonging to a minor, accounts associated with the target account through the login device can be marked as abnormal accounts.

[0155] In step 405, the data of each marked abnormal account, other accounts, and each other logged-in device is stored in the database.

[0156] For example, data in the database can be used to identify underage accounts, saving computational resources required to enforce restriction policies on a large number of accounts and devices simultaneously, or as training data for training extreme gradient boosting models to identify device types.

[0157] In this embodiment, by acquiring account login data and application installation data of the device the account is logged into, the characteristics of the account are analyzed based on the login data to determine the account type, and the characteristics of the device are analyzed based on the application installation data to determine the type of object using the device. This improves the accuracy of determining the object using the device, implements restriction policies for applications logged into by minors' accounts, saves the energy consumption of electronic devices, and improves account security.

[0158] The following will describe an exemplary application of the data processing method of this application in a practical application scenario.

[0159] Currently, in response to the issue of minors' addiction to games, all types of applications have real-name authentication mechanisms and adopt relevant anti-addiction strategies. For example, if the target account is a minor's game account, the daily game time of the target account is limited. However, there are currently many ways to bypass the anti-addiction strategies set by the game side. One of the more common methods is to rent other people's (adults') accounts to play games.

[0160] Existing anti-addiction strategies for minors primarily rely on real-name authentication. When a minor logs into a game, they complete real-name authentication by filling in their identity information and undergoing facial verification. The system then identifies the account as a minor's account; subsequently, the account's game time and duration are restricted by the system. However, account coverage is low. From the perspective of accounts used by minors, only a portion of accounts are real-name authenticated by minors. The majority of accounts are rented or used from other adults (including relatives and friends), thus evading anti-addiction strategies and allowing them to play games at any time and for any duration.

[0161] This application's embodiments combine the login behavior and characteristics of game accounts with the device characteristics of the login devices. It can detect game accounts that are not verified by minors but are actually used by minors, and associate these accounts with the corresponding devices used by minors. Anti-addiction strategies are implemented at both the account and device levels (detecting whether the account and device are used by a minor). The results of the anti-addiction strategy confirm the use of accounts and devices by minors. Based on the results of the anti-addiction strategy, more minors can use these accounts and devices, thus cyclically applying the anti-addiction strategy. This can significantly improve the coverage of accounts used by minors.

[0162] refer to Figure 5 , Figure 5 This is an optional flowchart illustrating the data processing method provided in this application embodiment, with the server as the execution entity. The following is combined with... Figure 5 The steps will be explained.

[0163] In step 501, the login data of the game account is obtained.

[0164] For example, a login data entry includes the following fields: account, game name, login time, and login device identifier (id). The login device identifier can be an International Mobile Equipment Identity (IMEI), commonly known as a mobile phone serial number or "IMEI"; or an Open Anonymous Device Identifier (OAID), which is a non-permanent device identifier. Using OAID can provide personalized advertising to users while protecting their personal data privacy and security.

[0165] For example, the data format of login data can be represented as shown in Table (1) below:

[0166] Login device ID account Game Name Login time 86xxx 123xx xxxx 2022-10-01 12:12:12 86xxx 123xx xxxx 2022-10-02 12:12:12

[0167] Table (1) Game Account Login Data

[0168] In step 502, the device's application installation data is obtained.

[0169] For example, each application software data segment includes the following fields: application software name, application package name, application software associated device, and software installation time. The application software's Uniform Resource Locator (URL) can be used to install the application software via an emulator, dynamically capturing application installation data during the installation process.

[0170] For example, the data format of the application can be characterized as shown in Table (1) below:

[0171] Application Software Name Package Name Installed device ID Installation time Application A com.xxx.xxa 86xxx 2022-06-01 Application B com.xxx.xxb 86xxx 2022-06-02

[0172] Table (2) Application Installation Data

[0173] For example, the execution of steps 502 and 501 can be synchronous. Step 503 is executed after both steps 502 and 503.

[0174] In step 503, the acquired data is filtered.

[0175] For example, due to various reasons, the data may contain many records with incomplete information. For instance, in game account login data, the login time field might be empty, or the device identifier field might be unavailable. This part of the data can be discarded, i.e., filtered, and subsequent processing can be performed based on the filtered data.

[0176] Steps 504 and 505 are executed after step 503. Steps 504 and 505 can be executed synchronously or sequentially.

[0177] In step 504, abnormal account identification processing is performed based on login data to obtain the account type.

[0178] For example, account types include normal accounts and abnormal accounts. Abnormal accounts are accounts with abnormal login behavior. For example, rental accounts are abnormal accounts. Abnormal login behavior of rental accounts includes: logging in on multiple devices and frequently changing login devices (the frequency of changing login devices exceeds the threshold).

[0179] For example, the system obtains the target account's usage trajectory data (login device ID, login address, and active time for each device or address), identifies jump characteristics based on the usage trajectory data, and then uses these jump characteristics to identify whether the account is abnormal. Regarding account login behavior, abnormal accounts are characterized by: associating with multiple devices within a short period (e.g., one or two weeks) and being active (login) in different locations; this login characteristic is called a jump characteristic. Normal user accounts, on the other hand, log in from relatively fixed devices and locations. (Reference) Figure 6 , Figure 6 This is a schematic diagram of the address jump provided in the embodiment of this application; the login address of the game account from time T-(n+2) to time Tn is address n, and the address does not jump; the login address at time T-2 is address 3; at time T-1, the login address jumps to address 2; at time T0, the login address jumps to address 1.

[0180] To better understand the difference between normal and abnormal accounts, please refer to the following table (3).

[0181] account Login device ID Login address Last login time Login days normal account 123xx 86xxxx Province A 2022-11-15 120 123xx 86xxxy Province A 2022-11-10 20 Abnormal Account 345xx 86xxxa Province B 2022-11-15 4 345xx 86xxxb Province C 2022-11-10 3 345xx 86xxxc D Province 2022-11-01 6 345xx 86xxxd Province E 2022-10-28 5 345xx 86xxxe F Province 2022-10-16 7

[0182] Table (3) Statistics on account logins to games

[0183] In Table (3), normal accounts are associated with few devices, have long active periods, and have fixed addresses; while abnormal accounts are associated with many devices, mostly have short stay periods, and their addresses change frequently.

[0184] For example, based on the above characteristics of abnormal accounts, we can obtain the login device and address change frequency of the target account, and predict the type of the target account based on the change frequency. The change frequency is also the frequency of changes, and each change can be recorded as one change.

[0185] The jump characteristics of a target account can be obtained as follows: Statistically analyze the login devices, login addresses, and login times of the account within a preset time period (e.g., one month). Obtain the most frequent login address, earliest and latest login time using the account and device identifier as keys, and calculate the login duration for each login. Obtain the frequency of the target account changing login devices within the preset time period as the jump frequency at the login device dimension; obtain the frequency of the target account changing login addresses within the preset time period as the jump frequency at the login address dimension; obtain the number of times the target account's login duration is less than a preset duration as the jump frequency at the time dimension. Sum the jump frequencies of each dimension using a weighted average to obtain the feature value of the target account's jump characteristics. When the feature value of the jump characteristics falls within the feature value range corresponding to an abnormal account, the target account is determined to be an abnormal account.

[0186] In some embodiments, the feature value range corresponding to an abnormal account can be divided into different intervals corresponding to different abnormal levels based on the size of the feature value. The degree of abnormality of the abnormal account is positively correlated with the feature value, and the higher the corresponding feature value, the higher the confidence level.

[0187] In some embodiments, the login behavior of a target account can be characterized by the features of the login devices it has logged into. If the login devices of the target account meet abnormal conditions, the target account is designated as an abnormal account. Abnormal conditions include any one of the following:

[0188] 1. An abnormal application is installed on the logged-in device.

[0189] Abnormal applications, such as account rental applications, are more likely to be installed on devices that have rented accounts. Devices using these applications have a higher target group index (TGI), which reflects the strength or weakness of a target group within a specific research scope (such as geographic region, demographic area, media audience, or product consumer). Abnormal applications can be identified by: obtaining a pre-built abnormal application database, comparing the programs installed on the login device with those in the database, and identifying applications with the same identifier as abnormal applications.

[0190] 2. The number of addresses or devices used to log in to the target account exceeds the threshold. Rented accounts are usually shared by multiple users, so the number of devices or addresses used to log in to the rented account is higher than that of a normal account.

[0191] In step 505, device identification processing is performed based on the application installation data to obtain the device type.

[0192] For example, the distribution of application types used by different user types differs. For instance, minors tend to use applications in the categories of games, animation, videos, and education, while adults prefer office, instant messaging, financial, and news applications. The type of user logging into a device can be determined by the types of applications installed on the device, thus identifying whether the user is a minor.

[0193] In some embodiments, the type of logged-in device can be predicted by invoking an extreme gradient boosting model. (See reference) Figure 7 , Figure 7 This is an optional flowchart illustrating the data processing method provided in the embodiments of this application. Figure 5 The device identification process in step 505 can be achieved through... Figure 7 The extreme gradient boosting model obtained from steps 701 to 704 is implemented.

[0194] In step 701, the application installation data of the sample device is obtained.

[0195] For example, a sample of devices belonging to minors and adults was collected, and their software installation lists were extracted, including application installation data. The user types of the sample devices were pre-labeled, for example, the user type labels for the sample devices were adults and minors.

[0196] In step 702, the target group index for each application of each sample device is obtained.

[0197] For example, we calculate the target group index (index) of an application, which is an index of the strength of the application's underage users (target group) compared to the product consumers (overall). The calculation formula is as follows: Target Group Index = [Percentage of underage users of the application / Percentage of product consumers using the application] * Standard Number 100.

[0198] In step 703, the application programs of the sample devices are grouped, and the device characteristics of the sample devices are determined based on the target group index of each group.

[0199] For example, device characteristics are determined based on each group, which is called bucketing. Bucketing involves isolating different blocks and processing the same block uniformly. Bucketing strategies can be performed in the following ways: Method 1: Bucketing based on application categories, such as games, videos, education, finance, etc.; Method 2: Bucketing based on the target group index of the application. For example, the target group index is sorted in descending order, multiple consecutive preset intervals are set, each preset interval represents a level, and the descending sorted applications are divided into different groups based on the preset intervals. Each group corresponds to a different interval, and the target group index of applications within each group belongs to the same interval.

[0200] For each bucket, the average (or maximum) value of the target group index for each group is obtained as the target group index for this bucket. The application installation list of the sample device is converted into the target group index of the bucket. The target group indices of each bucket are combined into a sequence according to the pre-set bucket arrangement order. For example, they are arranged according to [games, videos, education, etc.] to obtain the device characteristics of a sample device, [160, 87, 130, etc.].

[0201] In step 704, the initialized extreme gradient boosting model is trained based on the device characteristics of the sample device to obtain the trained extreme gradient boosting model.

[0202] For example, the probability of sample devices labeled as having a minor user type is marked as 1, and the probability of sample devices labeled as having an adult user type is marked as 0. Based on the device characteristics of the labeled sample devices, the initial extreme gradient boosting model is trained to obtain the trained extreme gradient boosting model.

[0203] After step 704, step 705 is executed, in which the trained extreme gradient boosting model is invoked to perform device identification processing based on the application installation data of the device to be detected.

[0204] For example, the extreme gradient boosting model outputs a predicted probability. When the predicted probability is greater than a threshold, the user type is determined to be a minor; when the predicted probability is less than the threshold, the user type is determined to be an adult.

[0205] Continue to refer to Figure 5 After steps 504 and 505 are completed, step 506 is executed.

[0206] In step 506, an anti-addiction policy is implemented for the application.

[0207] For example, if the account is a rented account, its login behavior will be characterized by frequently switching devices to log in to the game. The device characteristics of the login devices can be characterized through the feature data of the installed applications. When an account exhibits abnormal login behavior, and the user type of the account is determined to be a minor based on the device characteristics, then the target account belongs to a minor who rents (or borrows) an account from their parent to play the game. Anti-addiction verification can be implemented for the login of the target account and the device it logs into, thereby limiting the excessive gaming behavior of minors, saving device energy consumption, regulating the behavior of underage users, and improving account security.

[0208] For example, if the target account is an abnormal account and the user type is a minor, interactive verification can be used to determine whether the user currently using the target account is a minor. Verification methods include, but are not limited to, SMS verification code verification, facial recognition, fingerprint verification, and voiceprint verification. If verification fails, the user currently using the game account is a minor.

[0209] In some embodiments, when a minor logs into the application using an account, the account is forced offline and the application is automatically closed when the application usage time reaches the anti-addiction time limit; or, if the current time is not within the time when a minor can log in, the account is prohibited from logging in.

[0210] In step 507, based on the current account and the current device, other devices and accounts belonging to minors are obtained.

[0211] For example, based on the results of the anti-addiction strategy, other minors' accounts and devices can be identified. For instance, other minors' accounts and devices associated with the target account can be obtained, and the anti-addiction strategy can be used repeatedly. After step 507, if other devices and accounts belonging to minors are obtained, step 506 can be executed for the applications on these devices.

[0212] This application's embodiments, starting from the perspective of the possibility of accounts being rented, and combining the login behavior characteristics of accounts, can be used to identify accounts used or rented by minors (or by relatives and friends). Compared with obtaining minors' accounts from real-name information, it can discover more accounts used by minors, thereby improving the detection capability of adults using accounts.

[0213] The following description continues to illustrate the exemplary structure of the data processing apparatus 455 provided in the embodiments of this application as a software module. In some embodiments, such as Figure 2 As shown, the software modules stored in the data processing device 455 of the memory 450 may include: a data acquisition module configured to acquire login data of a target account in a target application on a login device; the data acquisition module is further configured to acquire application installation data in the login device, wherein the application installation data includes: feature data of applications installed on the login device; a type identification module configured to perform feature extraction processing on at least one of the login data and the application installation data to obtain login behavior features of the target account, and determine the account type of the target account based on the login behavior features; the type identification module is further configured to perform feature extraction processing on the application installation data to obtain device features of the login device, and determine the user type of the login device based on the device features; a policy execution module configured to determine that the target account is a rented account of a minor in response to the target account's account type being an abnormal account and the login device's user type being a minor; the policy execution module is further configured to execute a minor restriction policy for the target application.

[0214] In some embodiments, the field types of the login data include: login time, login device, and login address of the target account; the type recognition module 4552 is further configured to perform at least one of the following processes: perform feature extraction processing on the data of each field type of the login data to obtain sub-features corresponding to each field type, and combine each sub-feature into login behavior features of the target account; determine the login device associated with the target account based on the login data, and extract the login behavior features of the target account from the application installation data of the login device associated with the target account.

[0215] In some embodiments, the types of sub-features include: time features, address features, and login features; the type recognition module 4552 is further configured to determine the login duration of each login of the target account based on the login time of the target account, combine the login duration of each login into a time feature in sequence form; combine the login address of each login of the current device into an address feature in sequence form; combine the login device of each login of the current device into a login feature in sequence form; and combine the address feature, login feature, and time feature into the login behavior feature of the target account.

[0216] In some embodiments, the type identification module 4552 is further configured to determine the jump index of the target account based on login behavior characteristics, wherein the jump index is used to characterize the frequency of changes in the login time, login device, and login address of the target account; in response to the jump index being greater than the jump index threshold, the type of the target account is determined to be an abnormal account; in response to the jump index being less than the jump index threshold, the type of the target account is determined to be a normal account.

[0217] In some embodiments, the type identification module 4552 is further configured to: determine the jump frequency corresponding to the address feature based on the difference between adjacent login addresses in the address feature, wherein different adjacent login addresses are counted as one jump; determine the jump frequency corresponding to the login feature based on the difference between adjacent login devices in the login feature, wherein different adjacent login devices are counted as one jump; compare each login duration in the time feature with a login duration threshold, and determine the jump frequency corresponding to the time feature based on the comparison result, wherein the jump frequency corresponding to the time feature is the number of login durations less than the login duration threshold; and perform weighted calculation processing on the jump frequency of the sub-features of each dimension in the login behavior feature to obtain the jump index of the target account.

[0218] In some embodiments, the field types of login data include: login time of the target account, login device identifier, and login address; login behavior characteristics include: number of login devices, number of login addresses, and type of installed applications on the login device; the type identification module 4552 is also configured to count the number of login devices and the number of login addresses of the target account based on the login data; and extract the type of each installed application from the application installation data.

[0219] In some embodiments, the type identification module 4552 is further configured to determine the type of the target account as an abnormal account when the login behavior characteristics meet the account abnormality conditions; and to determine the type of the target account as a normal account when the login behavior characteristics do not meet the account abnormality conditions; wherein, the account abnormality conditions include at least one of the following: the type of the installed application of at least one login device of the target account is an abnormal application; or the number of login addresses or login devices of the target account is greater than a quantity threshold.

[0220] In some embodiments, the type recognition module 4552 is further configured to perform feature extraction processing on the feature data of the installed application to obtain the device features of the logged-in device; call the extreme gradient boosting model based on the device features to perform type prediction processing to obtain the type probability of the logged-in device; determine that the user type of the logged-in device is a minor in response to the type probability being greater than or equal to the probability threshold; and determine that the user type of the logged-in device is an adult in response to the type probability being less than the probability threshold.

[0221] In some embodiments, the feature data includes: application installation time, application identifier, and application type; the type identification module 4552 is further configured to obtain a target group index for each installed application; group each installed application to obtain multiple application groups; and perform the following processing for each application group: take the average of the target group index of each installed application as the target group index of the application group; combine the target group indices of each application group into a target group index sequence, and use the target group index sequence as a device feature.

[0222] In some embodiments, the type identification module 4552 is further configured to group each installed application in any of the following ways: grouping each installed application based on its type to obtain multiple application groups, wherein the applications in each application group are of the same type; sorting the target group index of each installed application in descending order to obtain a descending sorted list; obtaining multiple preset index intervals; and grouping each installed application based on the multiple preset index intervals to obtain multiple application groups, wherein the installed applications in each application group belong to the same preset index interval.

[0223] In some embodiments, the type recognition module 4552 is further configured to: obtain a training sample set before calling the extreme gradient boosting model based on device features to perform type prediction processing and obtain the type probability of the logged-in device; wherein the training sample set includes: application installation data of the sample logged-in device, the type of the sample logged-in device, and the user type of the sample logged-in device includes: minor and adult; label the application installation data of the sample logged-in device to obtain labeled application installation data, wherein the label of the login device of the minor is probability 1 and the label of the login device of the adult is probability 0; and train the initialized extreme gradient boosting model based on the labeled application installation data to obtain the trained extreme gradient boosting model.

[0224] In some embodiments, the field types of login data include: login time, login device identifier, and login address for each login of the target account; the field types of the feature data of installed applications include: installation time, application identifier, and application type for each application installed on the login device; the data acquisition module 4551 is further configured to delete login data with missing fields in each segment of login data after acquiring the application installation data in the login device; and to delete application installation data with missing fields in each segment of application installation data.

[0225] In some embodiments, the type recognition module 4552 is further configured to: obtain usage time data of installed applications on the login device before determining that the target account is a rented account of a minor in response to the account type of the target account being an abnormal account and the user type of the login device being a minor; perform feature extraction processing on the usage time data to obtain usage time features; obtain the similarity between the usage time features and sample time features, wherein the sample time features are usage time features of the login device with a user type of minor; determine that the user type of the login device is a minor in response to the similarity being greater than or equal to a similarity threshold; and determine that the user type of the login device is an adult in response to the similarity being less than a similarity threshold.

[0226] In some embodiments, the policy execution module 4553 is further configured to display an interactive verification interface in the target application before executing a minor restriction policy on the target application, wherein the types of interactive verification include: fingerprint verification, voiceprint verification, face recognition, and verification code verification; in response to an interactive operation on the interactive verification interface, display the verification result corresponding to the interactive operation; and in response to a verification failure, proceed to the processing of executing a minor restriction policy on the target application.

[0227] In some embodiments, the policy enforcement module 4553 is further configured to, in response to the target application meeting the restriction conditions, perform an operation to forcibly disconnect the target account from the target application and stop running the target application; wherein the restriction conditions include at least one of the following: the login duration based on the target account to the target application reaches a duration threshold; the current time does not belong to the time period for minors to use the target application.

[0228] In some embodiments, the policy execution module 4553 is further configured to, in response to the target account being an abnormal account and the login device being a minor, and after determining that the target account is a rented account belonging to a minor, determine other login devices that the target account has logged into based on the login data; mark the user type of the other login devices as minors; obtain the account login records of the current login device; extract other accounts from the account login records besides the target account, mark the other accounts as abnormal accounts; and store the marked abnormal account data, other accounts, and other login devices in the database.

[0229] This application provides a computer program product, which includes a computer program or computer-executable instructions stored in a computer-readable storage medium. The processor of an electronic device reads the computer-executable instructions from the computer-readable storage medium and executes the computer-executable instructions, causing the electronic device to perform the data processing method described in this application.

[0230] This application provides a computer-readable storage medium storing computer-executable instructions or a computer program. When the computer-executable instructions or the computer program are executed by a processor, the processor will execute the data processing method provided in this application, for example... Figure 3A The data processing method is shown.

[0231] In some embodiments, the computer-readable storage medium may be a memory such as FRAM, ROM, PROM, EPROM, EEPROM, flash memory, magnetic surface memory, optical disk, or CD-ROM; or it may be a variety of devices including one or any combination of the above-mentioned memories.

[0232] In some embodiments, computer-executable instructions may take the form of programs, software, software modules, scripts, or code, written in any form of programming language (including compiled or interpreted languages, or declarative or procedural languages), and may be deployed in any form, including as stand-alone programs or as modules, components, subroutines, or other units suitable for use in a computing environment.

[0233] As an example, computer-executable instructions may, but do not necessarily, correspond to files in a file system. They may be stored as part of a file that holds other programs or data, for example, in one or more scripts in a HyperText Markup Language (HTML) document, in a single file dedicated to the program in question, or in multiple co-located files (e.g., files that store one or more modules, subroutines, or code sections).

[0234] As an example, executable instructions can be deployed to execute on a single electronic device, or on multiple electronic devices located at one location, or on multiple electronic devices distributed across multiple locations and interconnected via a communication network.

[0235] In summary, this application embodiment improves the accuracy of identifying the user by obtaining account login data and application installation data of the device the account is logged into, analyzes the characteristics of the account based on the login data to determine the account type, and analyzes the characteristics of the device based on the application installation data to determine the type of user of the device. It also implements restriction policies for applications logged into by minors' accounts, saves the energy consumption of electronic devices, and improves account security.

[0236] The above description is merely an embodiment of this application and is not intended to limit the scope of protection of this application. Any modifications, equivalent substitutions, and improvements made within the spirit and scope of this application are included within the scope of protection of this application.

Claims

1. A data processing method, characterized by, The method includes: Retrieve login data of the target account in the target application on the logged-in device; Obtain application installation data from the login device, wherein the application installation data includes: feature data of applications installed on the login device, the feature data including the application's installation time, application identifier, and application type; At least one of the login data and the application installation data is subjected to feature extraction processing to obtain the login behavior features of the target account, and the account type of the target account is determined based on the login behavior features; Obtain the target group index for each installed application; group each installed application into multiple application groups; perform the following processing for each application group: take the average of the target group indices of each installed application as the target group index of the application group; combine the target group indices of each application group into a target group index sequence, use the target group index sequence as a device feature, and determine the user type of the logged-in device based on the device feature; In response to the fact that the target account is an abnormal account and the user type of the login device is a minor, it is determined that the target account is a rented account of a minor. Implement a minor restriction policy for the target application.

2. The method according to claim 1, characterized in that, The login data includes the following field types: login time, login device, and login address of the target account; The step of performing feature extraction processing on at least one of the login data and the application installation data to obtain the login behavior features of the target account includes: Perform at least one of the following processes: Feature extraction processing is performed on the data of each field type in the login data to obtain sub-features corresponding to each field type, and each sub-feature is combined into the login behavior features of the target account; Based on the login data, the login device associated with the target account is determined, and the login behavior characteristics of the target account are extracted from the application installation data of the login device associated with the target account.

3. The method of claim 2, wherein, The types of the sub-features include: time features, address features, and login features; The step of performing feature extraction processing on the data of each field type of the login data to obtain sub-features corresponding to each field type, and combining each sub-feature into the login behavior features of the target account, includes: Based on the login time of the target account, determine the login duration of each login of the target account, and combine the login duration of each login into a time feature in sequence form; The login addresses of the target account for each login are combined into a sequence of address features; The login devices used by the target account each time it logs in are combined into a sequence of login features; The address feature, the login feature, and the time feature are combined to form the login behavior feature of the target account.

4. The method of claim 3, wherein, Determining the account type of the target account based on the login behavior characteristics includes: Based on the login behavior characteristics, the jump index of the target account is determined, wherein the jump index is used to characterize the frequency of changes in the login time, login device, and login address of the target account; In response to the jump indicator being greater than the jump indicator threshold, the target account is determined to be an abnormal account. If the jump indicator is less than the jump indicator threshold, the target account is determined to be a normal account.

5. The method of claim 4, wherein, The step of determining the jump indicator of the target account based on the login behavior characteristics includes: Based on the differences between adjacent login addresses in the address features, the hopping frequency corresponding to the address features is determined, wherein different adjacent login addresses are counted as one hopping; Based on the differences between adjacent login devices in the login features, the jump frequency corresponding to the login features is determined, wherein different adjacent login devices are counted as one jump; Each login duration in the time feature is compared with a login duration threshold, and the jump frequency corresponding to the time feature is determined based on the comparison result. The jump frequency corresponding to the time feature is the number of login durations that are less than the login duration threshold. The jump frequency of each sub-feature in the login behavior feature is weighted and calculated to obtain the jump index of the target account.

6. The method according to claim 2, characterized in that, The login data field types include: the login time of the target account, the login device identifier, and the login address; the login behavior characteristics include: the number of login devices, the number of login addresses, and the type of applications installed on the login devices; Extracting login behavior features of the target account from the application installation data of the login device associated with the target account includes: Based on the login data, the number of devices and addresses that logged into the target account are counted. Extract the type of each installed application from the application installation data.

7. The method of claim 6, wherein, Determining the account type of the target account based on the login behavior characteristics includes: When the login behavior characteristics meet the abnormal account conditions, the target account is determined to be an abnormal account. When the login behavior characteristics do not meet the abnormal account conditions, the target account is determined to be a normal account. The abnormal account conditions include at least one of the following: the type of application installed on at least one login device of the target account is an abnormal application; the number of login addresses or login devices of the target account is greater than a number threshold.

8. The method of claim 1, wherein, Determining the user type of the login device based on the device characteristics includes: Based on the device characteristics, an extreme gradient boosting model is invoked to perform type prediction processing to obtain the type probability of the logged-in device; In response to the probability of the type being greater than or equal to a probability threshold, it is determined that the user type of the login device is a minor. In response to the probability of the type being less than a probability threshold, it is determined that the user type of the login device is an adult.

9. The method of claim 8, wherein, The process of grouping each of the installed applications to obtain multiple application groups includes: Each of the installed applications can be grouped using any of the following methods: The applications are grouped based on their type to obtain multiple application groups, wherein the applications in each application group are of the same type. The target group index of each installed application is sorted in descending order to obtain a descending sorted list. Multiple preset index intervals are obtained. Each installed application is grouped based on the multiple preset index intervals to obtain multiple application groups. The installed applications in each application group belong to the same preset index interval.

10. The method of claim 8, wherein, Before invoking the extreme gradient boosting model based on the device features to perform type prediction processing and obtain the type probability of the logged-in device, the method further includes: Obtain a training sample set, wherein the training sample set includes: application installation data of sample login devices and the type of sample login devices, and the user type of the sample login devices includes: minors and adults; The application installation data of the sample login devices is labeled to obtain labeled application installation data, wherein the label of login devices of minors is probability 1 and the label of login devices of adults is probability 0. Based on the labeled application installation data, the initialized extreme gradient boosting model is trained to obtain the trained extreme gradient boosting model.

11. The method according to claim 1, characterized in that, The login data includes the following field types: login time, login device identifier, and login address for each login of the target account; After obtaining the application installation data in the logged-in device, the method further includes: Delete login data with missing fields in each segment of the login data; Delete application installation data with missing fields in each segment of the application installation data.

12. The method of claim 1, wherein, Before determining that the target account is a rented account belonging to a minor in response to the account type of the target account being an abnormal account and the user type of the login device being a minor, the method further includes: Obtain usage time data of installed applications on the logged-in device; The usage time data is subjected to feature extraction processing to obtain usage time features; Obtain the similarity between the usage time feature and the sample time feature, wherein the sample time feature is the usage time feature of the login device of the user type being a minor; In response to the similarity being greater than or equal to a similarity threshold, it is determined that the user type of the logged-in device is a minor; In response to the similarity being less than the similarity threshold, it is determined that the user type of the logged-in device is an adult.

13. The method of claim 1, wherein, Before implementing the underage restriction policy for the target application, the method further includes: An interactive verification interface is displayed in the target application, wherein the types of interactive verification include: fingerprint verification, voiceprint verification, face recognition, and verification code verification. In response to an interactive operation on the interactive verification interface, the verification result corresponding to the interactive operation is displayed; In response to the verification result being a verification failure, the process proceeds to execute the underage restriction policy for the target application.

14. The method of claim 1, wherein, The implementation of the underage restriction policy for the target application includes: In response to the target application meeting the restriction conditions, the operation of forcibly disconnecting the target account from the target application is performed, and the target application is stopped from running; The limiting conditions include at least one of the following: the login duration based on the target account to the target application reaches a duration threshold; the current time does not belong to the time period for minors to use the target application.

15. The method of claim 1, wherein, After determining that the target account is a rented account belonging to a minor in response to the account type of the target account being an abnormal account and the user type of the login device being a minor, the method further includes: Based on the login data, other login devices that the target account has logged into can be identified; The user type of the other login devices is marked as a minor; Retrieve the account login records of the currently logged-in device; Extract accounts other than the target account from the account login records and mark the other accounts as abnormal accounts; Each marked abnormal account and each other logged-in device are stored in the database.

16. A data processing apparatus, characterized by The device includes: The data acquisition module is configured to acquire login data of the target account in the target application on the login device; The data acquisition module is further configured to acquire application installation data in the login device, wherein the application installation data includes: feature data of applications installed in the login device, the feature data including the application's installation time, application identifier, and application type; The type recognition module is configured to perform feature extraction processing on at least one of the login data and the application installation data to obtain the login behavior features of the target account, and determine the account type of the target account based on the login behavior features; The type identification module is further configured to obtain the target group index for each installed application; group each installed application to obtain multiple application groups; and perform the following processing for each application group: take the average value of the target group index of each installed application as the target group index of the application group; combine the target group indices of each application group into a target group index sequence, use the target group index sequence as a device feature, and determine the user type of the login device based on the device feature. The strategy execution module is configured to determine that the target account is a rented account of a minor in response to the fact that the account type of the target account is an abnormal account and the user type of the login device is a minor. The policy execution module is also configured to execute a minor restriction policy for the target application.

17. The apparatus of claim 16, wherein, The login data includes the following field types: login time, login device, and login address of the target account; The type identification module is further configured to perform at least one of the following processes: perform feature extraction processing on the data of each field type of the login data to obtain sub-features corresponding to each field type, and combine each sub-feature into login behavior features of the target account; determine the login device associated with the target account based on the login data, and extract the login behavior features of the target account from the application installation data of the login device associated with the target account.

18. The apparatus according to claim 17, characterized in that, The types of the sub-features include: time features, address features, and login features; The type identification module is further configured to determine the login duration of each login of the target account based on the login time of the target account, combine the login duration of each login into a time feature in sequence form; combine the login address of each login of the target account into an address feature in sequence form; combine the login device of each login of the target account into a login feature in sequence form; and combine the address feature, the login feature, and the time feature into the login behavior feature of the target account.

19. The apparatus according to claim 18, characterized in that, The type identification module is further configured to determine the jump index of the target account based on the login behavior characteristics, wherein the jump index is used to characterize the frequency of changes in the login time, login device, and login address of the target account; in response to the jump index being greater than the jump index threshold, the type of the target account is determined to be an abnormal account; in response to the jump index being less than the jump index threshold, the type of the target account is determined to be a normal account.

20. The apparatus according to claim 19, characterized in that, The type identification module is further configured to: determine the jump frequency corresponding to the address feature based on the difference between adjacent login addresses in the address feature, wherein different adjacent login addresses are counted as one jump; determine the jump frequency corresponding to the login feature based on the difference between adjacent login devices in the login feature, wherein different adjacent login devices are counted as one jump; compare each login duration in the time feature with a login duration threshold, and determine the jump frequency corresponding to the time feature based on the comparison result, wherein the jump frequency corresponding to the time feature is the number of login durations less than the login duration threshold; and perform weighted calculation processing on the jump frequency of the sub-features of each dimension in the login behavior feature to obtain the jump index of the target account.

21. The apparatus of claim 17, wherein, The login data field types include: the login time of the target account, the login device identifier, and the login address; the login behavior characteristics include: the number of login devices, the number of login addresses, and the type of applications installed on the login devices; The type identification module is further configured to count the number of login devices and login addresses of the target account based on the login data; and to extract the type of each installed application from the application installation data.

22. The apparatus according to claim 21, characterized in that, The type identification module is further configured to determine the type of the target account as an abnormal account when the login behavior characteristics meet the account abnormality conditions; and to determine the type of the target account as a normal account when the login behavior characteristics do not meet the account abnormality conditions; wherein the account abnormality conditions include at least one of the following: the type of the application installed on at least one login device of the target account is an abnormal application; or the number of login addresses or login devices of the target account is greater than a number threshold.

23. The apparatus according to claim 16, characterized in that, The type recognition module is further configured to call an extreme gradient boosting model based on the device features to perform type prediction processing and obtain the type probability of the login device; in response to the type probability being greater than or equal to a probability threshold, determine that the user type of the login device is a minor; in response to the type probability being less than the probability threshold, determine that the user type of the login device is an adult.

24. The apparatus according to claim 23, characterized in that, The type recognition module is further configured to: obtain a training sample set before calling the extreme gradient boosting model based on the device features to perform type prediction processing and obtain the type probability of the login device; wherein the training sample set includes: application installation data of the sample login devices and the type of the sample login devices; the user type of the sample login devices includes: minors and adults; label the application installation data of the sample login devices to obtain labeled application installation data, wherein the label of the login devices of minors is probability 1 and the label of the login devices of adults is probability 0; and train the initialized extreme gradient boosting model based on the labeled application installation data to obtain the trained extreme gradient boosting model.

25. The apparatus of claim 16, wherein, The login data includes the following field types: login time, login device identifier, and login address for each login session of the target account; The data acquisition module is further configured to, after acquiring the application installation data in the login device, delete login data with missing fields in each segment of login data; and delete application installation data with missing fields in each segment of application installation data.

26. The apparatus according to claim 16, characterized in that, The type identification module is further configured to: obtain usage time data of installed applications on the login device before determining that the target account is a rented account of a minor in response to the account type of the target account being an abnormal account and the user type of the login device being a minor; perform feature extraction processing on the usage time data to obtain usage time features; obtain the similarity between the usage time features and sample time features, wherein the sample time features are usage time features of login devices with user type minors; determine that the user type of the login device is a minor in response to the similarity being greater than or equal to a similarity threshold; and determine that the user type of the login device is an adult in response to the similarity being less than the similarity threshold.

27. The apparatus according to claim 16, characterized in that, The policy execution module is further configured to display an interactive verification interface in the target application before executing the underage restriction policy on the target application, wherein the types of interactive verification include: fingerprint verification, voiceprint verification, face recognition, and verification code verification; in response to an interactive operation on the interactive verification interface, display the verification result corresponding to the interactive operation; and in response to the verification result being a verification failure, proceed to execute the processing of executing the underage restriction policy on the target application.

28. The apparatus according to claim 16, characterized in that, The policy execution module is further configured to, in response to the target application meeting the restriction conditions, perform an operation to forcibly disconnect the target account from the target application and stop running the target application; wherein the restriction conditions include at least one of the following: the login time of the target account in the target application reaches a time threshold; the current time does not belong to the time period for minors to use the target application.

29. The apparatus according to claim 16, characterized in that, The policy execution module is further configured to, after determining that the target account is a rented account of a minor in response to the account type of the target account being an abnormal account and the user type of the login device being a minor, determine other login devices that the target account has logged into based on the login data; The user type of the other login devices is marked as a minor; the account login records of the current login devices are obtained; other accounts besides the target account are extracted from the account login records, and the other accounts are marked as abnormal accounts; each marked abnormal account and each other login device are stored in the database.

30. An electronic device, comprising: The electronic device includes: Memory is used to store executable instructions for a computer; A processor, when executing computer-executable instructions or computer programs stored in the memory, implements the data processing method according to any one of claims 1 to 15.

31. A computer-readable storage medium storing computer-executable instructions or a computer program, wherein the computer-executable instructions or the computer program comprise the steps of: When the computer-executable instructions or computer program are executed by a processor, they implement the method described in any one of claims 1 to 15.

32. A computer program product comprising computer-executable instructions or a computer program, characterized in that, The computer executable instructions or computer program, when executed by the processor, implement the method of any one of claims 1 to 15.

Images