CN116228391A - Risk identification method and device, storage medium and electronic equipment - Google Patents
Risk identification method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN116228391A CN116228391A CN202211696378.0A CN202211696378A CN116228391A CN 116228391 A CN116228391 A CN 116228391A CN 202211696378 A CN202211696378 A CN 202211696378A CN 116228391 A CN116228391 A CN 116228391A
- Authority
- CN
- China
- Prior art keywords
- user
- relationship
- risk
- sample
- relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2468—Fuzzy queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/35—Clustering; Classification
- G06F16/353—Clustering; Classification into predefined classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/36—Creation of semantic tools, e.g. ontology or thesauri
- G06F16/367—Ontology
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
- G06F16/9535—Search customisation based on user profiles and personalisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Mathematical Physics (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Fuzzy Systems (AREA)
- Computational Linguistics (AREA)
- General Business, Economics & Management (AREA)
- Probability & Statistics with Applications (AREA)
- Life Sciences & Earth Sciences (AREA)
- Automation & Control Theory (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Animal Behavior & Ethology (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Computation (AREA)
- Medical Informatics (AREA)
- Computing Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Control Or Security For Electrophotography (AREA)
Abstract
The specification discloses a risk identification method, a risk identification device, a storage medium and electronic equipment, wherein the risk identification method comprises the following steps: obtaining user relationship graph data and determining at least one black seed user, determining at least one reference user associated with each black seed user from the user relationship graph data, wherein the reference user and the black seed user have at least one degree of reference user relationship side, and performing at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a risk identification method, a risk identification device, a storage medium, and an electronic device.
Background
With the rapid development of computer technology, more and more scenes are involved in risk control, which means that various measures and methods are taken to eliminate or reduce the possibility of occurrence of risk behaviors or reduce the loss caused by occurrence of risk behaviors. In daily transactions such as financial transactions, online shopping transactions, etc., a lot of transaction payment behaviors, online credit behaviors, data guarantee behaviors, etc., in order to reduce the risk of users in daily transactions, and to make risk control and risk response in advance, risk identification on users is often involved.
Disclosure of Invention
The specification provides a risk identification method, a risk identification device, a storage medium and electronic equipment, wherein the technical scheme is as follows:
in a first aspect, the present specification provides a risk identification method, the method comprising:
acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users;
determining at least one reference user associated with each of the black seed users from the user relationship graph data, the reference user having at least one reference user relationship edge with the black seed user,
and carrying out at least one-degree risk conduction prediction on the reference user by adopting a risk conduction model based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
In a second aspect, the present specification provides a risk identification apparatus, the apparatus comprising:
the user acquisition module is used for acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users in pairs;
A data determining module, configured to determine at least one reference user associated with each black seed user from the user relationship graph data, where the reference user has at least one degree of reference user relationship edge with the black seed user,
and the risk detection module is used for predicting the risk conduction of the reference user at least once by adopting a risk conduction model based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
In a third aspect, the present description provides a computer storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the above-described method steps.
In a fourth aspect, the present description provides an electronic device, which may include: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the above-mentioned method steps.
The technical scheme provided by some embodiments of the present specification has the following beneficial effects:
in one or more embodiments of the present disclosure, an electronic device may determine whether a reference user is a risk behavioural user by obtaining user relationship profile data and determining at least one black seed user, determining at least one reference user associated with each black seed user from the user relationship profile data, the reference user having at least one degree of reference user relationship side with the black seed user, and performing at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side. The method can avoid excessively depending on past historical behavior characteristics or data of the user, can adapt to the transaction application scene of 'cold start' of a new user, can predict and identify more risk behavior users by adopting reference relationship edges among users to perform risk identification through black seed users, and improves identification accuracy.
Drawings
In order to more clearly illustrate the technical solutions of the present specification or the prior art, the following description will briefly introduce the drawings that are required to be used in the embodiments or the prior art descriptions, it is obvious that the drawings in the following description are only some embodiments of the present specification, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic view of a risk identification system provided herein;
FIG. 2 is a schematic flow chart of a risk identification method provided in the present specification;
FIG. 3 is a schematic representation of one user profile data provided herein;
FIG. 4 is a flow chart of a user relationship map determination process provided herein;
FIG. 5 is a flow chart of a reference user relationship edge determination process provided herein;
FIG. 6 is a schematic illustration of a relational conduction mining provided herein;
FIG. 7 is a schematic flow chart of a risk identification method provided in the present specification;
FIG. 8 is a schematic view of a risk identification scenario provided in the present specification;
FIG. 9 is a schematic flow chart of a risk conduction model training process provided in the present specification;
FIG. 10 is a schematic illustration of one type of determination sample provided herein;
FIG. 11 is a schematic diagram of a risk identification device provided in the present specification;
FIG. 12 is a schematic diagram of a data determination module provided herein;
FIG. 13 is a schematic diagram of a risk detection module provided in the present specification;
fig. 14 is a schematic structural view of an electronic device provided in the present specification;
FIG. 15 is a schematic diagram of the architecture of the operating system and user space provided herein;
FIG. 16 is an architecture diagram of the android operating system of FIG. 15;
FIG. 17 is an architecture diagram of the IOS operating system of FIG. 15.
Detailed Description
The following description of the embodiments of the present invention will be made apparent from, and elucidated with reference to, the drawings of the present specification, in which embodiments described are only some, but not all, embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present disclosure.
In the description of the present specification, it should be understood that the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. In the description of the present specification, it should be noted that, unless expressly specified and limited otherwise, "comprise" and "have" and any variations thereof are intended to cover non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus. The specific meaning of the terms in this specification will be understood by those of ordinary skill in the art in the light of the specific circumstances. In addition, in the description of the present specification, unless otherwise indicated, "a plurality" means two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship.
In related technology, in daily transactions involving financial transactions, online shopping transactions and the like, whether risk behaviors such as cash register behaviors and fraud behaviors under the financial transactions occur in the future or not is predicted for a user, most of the events are based on static features (or basic attribute features) and behavior features of the user, and then learning of a classification model is performed through cash register labels defined by expert experience. In practice, however, there are at least one of the following situations: 1. the method has the advantages that all risk behavior modes are difficult to define by depending on expert experience, 2, the two classification learning of risk behavior users depend on historical behavior data, for some users who do not have risk behaviors, the historical behavior data are less, accurate prediction is difficult, and 3, the situations of fitting, inaccurate recognition and the like are caused due to the fact that the number of part of label samples is less; based on this, it can be seen that there is a great limitation in the risk identification method in the related art.
The present specification is described in detail below with reference to specific examples.
Please refer to fig. 1, which is a schematic diagram of a risk identification system provided in the present specification. As shown in fig. 1, the risk identification system may include at least a client cluster and a service platform 100.
The client cluster may include at least one client, as shown in fig. 1, specifically including a client 1 corresponding to a user 1, a client 2 corresponding to a user 2, …, and a client n corresponding to a user n, where n is an integer greater than 0.
Each client in the client cluster may be a communication-enabled electronic device including, but not limited to: wearable devices, handheld devices, personal computers, tablet computers, vehicle-mounted devices, smart phones, computing devices, or other processing devices connected to a wireless modem, etc. Electronic devices in different networks may be called different names, for example: a user equipment, an access terminal, a subscriber unit, a subscriber station, a mobile station, a remote terminal, a mobile device, a user terminal, a wireless communication device, a user agent or user equipment, a cellular telephone, a cordless telephone, a personal digital assistant (personal digital assistant, PDA), an electronic device in a 5G network or future evolution network, and the like.
The service platform 100 may be a separate server device, such as: rack-mounted, blade, tower-type or cabinet-type server equipment or hardware equipment with stronger computing capacity such as workstations, mainframe computers and the like is adopted; the server cluster may also be a server cluster formed by a plurality of servers, and each server in the server cluster may be formed in a symmetrical manner, wherein each server is functionally equivalent and functionally equivalent in a transaction link, and each server may independently provide services to the outside, and the independent provision of services may be understood as no assistance of another server is needed.
In one or more embodiments of the present disclosure, the service platform 100 may establish a communication connection with at least one client in the client cluster, and complete interaction of data in the risk identification process based on the communication connection, for example, the service platform 100 may obtain user fact data of a user from the client, and further construct user relationship graph data based on the user fact data of a plurality of users; as another example, the service platform 100 may implement risk identification for the reference user by using a risk conduction model based on the risk identification method of the present specification; as another example, service platform 100 may deploy a risk conduction model to at least one client, perform risk identification methods of one or more embodiments of the present description by the client, and so forth;
it should be noted that, the service platform 100 establishes a communication connection with at least one client in the client cluster through a network for interactive communication, where the network may be a wireless network, or may be a wired network, where the wireless network includes, but is not limited to, a cellular network, a wireless local area network, an infrared network, or a bluetooth network, and the wired network includes, but is not limited to, an ethernet network, a universal serial bus (universal serial bus, USB), or a controller area network. In one or more embodiments of the specification, techniques and/or formats including HyperText Mark-up Language (HTML), extensible markup Language (Extensible Markup Language, XML), and the like are used to represent data exchanged over a network (e.g., target compression packages). All or some of the links may also be encrypted using conventional encryption techniques such as secure socket layer (Secure Socket Layer, SSL), transport layer security (Transport Layer Security, TLS), virtual private network (Virtual Private Network, VPN), internet protocol security (Internet Protocol Security, IPsec), and the like. In other embodiments, custom and/or dedicated data communication techniques may also be used in place of or in addition to the data communication techniques described above.
The risk identification system embodiments provided in the present disclosure and the risk identification methods in one or more embodiments belong to the same concept, and an execution subject corresponding to the risk identification methods related to one or more embodiments in the present disclosure may be the service platform 100 described above; the execution subject corresponding to the risk identification method in one or more embodiments of the present disclosure may also be an electronic device corresponding to a client, and specifically determined based on an actual application environment. The implementation process of the risk identification system embodiment may be described in detail in the following method embodiment, which is not described herein.
Based on the schematic view of the scenario shown in fig. 1, a detailed description of a risk identification method provided in one or more embodiments of the present disclosure is provided below.
Referring to fig. 2, a flow diagram of a risk identification method, which may be implemented in a computer program and may be executed on a von neumann system-based risk identification device, is provided for one or more embodiments of the present disclosure. The computer program may be integrated in the application or may run as a stand-alone tool class application. The risk identification means may be a service platform.
Specifically, the risk identification method comprises the following steps:
S102: acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users;
schematically, as shown in fig. 3, fig. 3 shows a schematic diagram of user graph data, where the user graph data is composed of a plurality of users and user relationship edges connecting the users, specifically, each user may correspond to one user node in the user relationship graph, as shown in fig. 3, user node a, user node B, user node D, and user node e.
The user relationship edge is used for representing one-degree or multi-degree relationship data characteristics between two users;
the corresponding relation data features of the user relation edges are derived from user (original) fact data, the user (original) fact data is different from static features (or basic attribute features) and behavior features of users with single user dimensions, and the user (original) fact data can be used for representing the relation features between two users;
In some embodiments, the relationship data features corresponding to the user relationship edges include, but are not limited to, a fit of one or more of transaction data dimension features, transfer data dimension features, device data dimension features, network connection data dimension features (e.g., wifi network connection dimensions), friend relationship data dimension features, contact information data dimension features, strength relationship data dimension features, and the like;
illustratively, each relationship data feature dimension corresponds to one or more degrees of relationship data, such as transfer data dimension features, the one-degree relationship of the relationship data features includes transfer amount features, number of strokes features.
It should be noted that, the corresponding one-degree or multi-degree relationship data in each relationship data feature dimension is set based on the actual application situation, and the category of the corresponding one-degree or multi-degree relationship data in the relationship data feature dimension is not limited here.
The black seed users are users which are determined to belong to black seed category labels by the user relationship graph data, and other users except the black seed users do not have explicit category labels in the user relationship graph data. The black seed user may be understood as a user who has confirmed the existence or transmission of the target risk behavior, and the user who determines the existence of the target risk behavior may be understood as a black seed user.
Alternatively, a known risk behavior user (such as a risk behavior merchant) may be used as a black seed user, and in practical application, the number of black seed users is usually small, and a black seed user decision rule may be formulated, and a merchant with a high score is used as a black seed. The rules used by the black seed user decision rule may include, but are not limited to, for example, abnormal funds flow, abnormal merchant promotions, abnormal products, abnormal user ratings, etc., and illustratively, the risk behavioural user may be a cash-out data transfer behavioural user (also referred to as cash-out transacting behavioural user in practice) defined in some data transfer scenarios, a fraudulent behavioural user, etc.
In one or more embodiments of the present disclosure, the electronic device may preset a relationship graph configuration rule, generate user relationship graph data in real time or periodically based on the relationship graph configuration rule, or perform data update (e.g. update user nodes, update user relationship edges) on the basis of historical user graph data to obtain user relationship graph data, and store the user relationship graph data, so that in an actual transaction application stage, the stored user relationship graph data may be obtained.
Alternatively, the relationship graph configuration rule may set the data type of the user (original) fact data to be incorporated as required in connection with the transaction scenario under the actual application, and then update or generate the user relationship edge connecting the two users based on the user (original) fact data.
S104: determining at least one reference user associated with each of the black seed users from the user relationship graph data, the reference user having at least one reference user relationship edge with the black seed user,
the reference user may be understood as a user who has one or more reference user relationship edges with the black seed user in the user relationship picture data.
Illustratively, the user relationship of the association with the black seed user is measured by referring to the user relationship side available relationship conductivity;
for example, the black seed user and the associated user have a first-degree reference user relationship side, and the black seed user and the associated user are connected only through the reference user relationship side, so that other associated users are not involved in the middle, and the reference user is the associated user of the first-degree conduction of the black seed user;
for example, the black seed user and the associated user have i degrees (i is an integer greater than 1) of reference user relationship edges, and at the moment, the black seed user and the associated user are connected through i reference user relationship edges, i-1 other associated users are involved between the black seed user and the associated user, and the reference user is the associated user with the black seed user i degree conduction;
It can be understood that black seed users on the same relation conducting chain exist reference users connected through one-degree/multi-degree reference user relation edges, the relation conducting chain takes the black seed users as reference nodes, and users not on the relation conducting chain are not reference users of the black seed users.
It will be appreciated that whether the reference user is a risk behavioural user is not currently known, and that the reference user is not normally risk behavioural, and that the risk behavioural user may be predicted by the risk recognition method in one or more embodiments of the present description.
In one or more embodiments of the present disclosure, a black seed user node corresponding to each black seed user may be determined from the user relationship graph data, and then path mining may be performed along a relationship edge with the black seed user node as a reference, where the path mining may determine one or more reference users associated with the black seed user node, and a first-degree reference user relationship edge directly connected between the reference users and the black seed user or a plurality of reference user relationship edges connected through one or more other user nodes. Based on this, in the case where the black seed users are plural in the foregoing manner, it is possible to determine at least one reference user associated with each of the black seed users, and determine at least one degree of reference user relationship edges where the reference user exists with the black seed users.
S106: and carrying out at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
The risk conduction prediction can be understood as a risk conduction prediction process based on reference user relationship edges. The at least one degree of risk conduction prediction is related to the degree of risk conduction of the reference user relationship side;
illustratively, if the reference user relationship edge is a first-degree risk conduction relationship edge of a certain black seed user, carrying out first-degree risk conduction prediction on the reference user connected with the reference user based on the reference user relationship edge, wherein the reference user can be called as a first-degree risk conduction user associated with the certain black seed user;
illustratively, if the reference user relationship side is an "i" (i is an integer greater than 1) degree risk conduction relationship side of a certain black seed user, performing i (i is an integer greater than 1) degree risk conduction prediction on the reference users connected with the reference user relationship side based on the reference user relationship side;
in a possible implementation manner, a preset quantization processing mode may be adopted to perform risk conduction quantization processing on the reference user based on the reference user relationship side, so as to obtain a quantization score, and whether the reference user is a risk behavior user is determined based on the quantization score.
Optionally, the quantization processing mode may be that a pre-trained risk conduction model is adopted to conduct risk conduction quantization processing on the reference user relationship side, a quantization score is output, and whether the reference user is a risk behavior user is determined based on the quantization score.
The risk conduction model is a pre-established and trained machine learning model, and the machine learning model can be obtained by fitting one or more machine learning models in network models such as a neural network, a decision tree network, a classifier network, a Bayesian network, a support vector machine network and the like.
Optionally, the reference user relationship edge is usually characterized in the form of reference user relationship features in the actual application stage, and may exist in the form of feature representation forms such as reference user relationship feature vectors, reference user relationship matrices, and the like, that is, reference user relationship feature vectors and reference user relationship matrices of corresponding feature dimensions are extracted in advance.
It can be understood that in one or more embodiments of the present disclosure, risk assessment is not performed by classifying based on user behavior characteristics of each user node, and classification learning of risk behavior users such as cash register behavior depends on characteristics of historical behavior and data of the users, so that for some users such as new merchants and buyers who do not have risk behavior such as cash register transaction behavior, the historical behavior data is less, accurate prediction is difficult to perform before risk behavior occurs, based on this, risk recognition is performed by adopting reference relationship edges between users based on black seed users in an improved risk recognition manner, more risk behavior users can be predicted and recognized, and recognition accuracy is higher,
In one or more embodiments of the present disclosure, an electronic device may determine whether a reference user is a risk behavioural user by obtaining user relationship profile data and determining at least one black seed user, determining at least one reference user associated with each black seed user from the user relationship profile data, the reference user having at least one degree of reference user relationship side with the black seed user, and performing at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side. The method can avoid excessively depending on past historical behavior characteristics or data of the user, can adapt to the transaction application scene of 'cold start' of a new user, can predict and identify more risk behavior users by adopting reference relationship edges among users to perform risk identification through black seed users, and improves identification accuracy.
Illustratively, in one or more embodiments of the present description, FIG. 4 is a flow diagram of an exemplary user relationship map determination process. Optionally, based on the one or more embodiments, before the acquiring the user relationship graph data, the method may further include the following:
s1002: according to user fact data of a plurality of users, determining user relation vectors between every two users;
S1004: and determining a user relationship side between every two users based on the user relationship vector, and determining user relationship map data based on the user relationship side and the plurality of users.
In one or more embodiments of the present description, by acquiring user fact data of a plurality of users, a multi-degree relationship between two users is mined based on the user fact data of the plurality of users to thereby determine a user relationship edge, thereby constructing (multi-degree) relationship picture data between users.
Specifically, user fact data of a plurality of users are obtained, the user fact data of the plurality of users can be derived from real user data in an actual transaction scene (such as a vanishing transaction scene, an online shopping transaction scene and the like), and according to the user fact data of the plurality of users, extraction of relationship data characteristics among the users is performed to determine multi-degree relationship data between two users.
In some embodiments, the relationship data features include, but are not limited to, a fit of one or more of transaction data dimension features, transfer data dimension features, device data dimension features, network connection data dimension features (e.g., wifi network connection dimensions), friend relationship data dimension features, contact data dimension features, strength relationship data dimension features, and the like;
Illustratively, each relationship data feature dimension corresponds to one or more degrees of relationship data, such as transfer data dimension features, the one-degree relationship of the relationship data features includes transfer amount features, number of strokes features.
It should be noted that, the corresponding one-degree or multi-degree relationship data in each relationship data feature dimension is set based on the actual application situation, and the category of the corresponding one-degree or multi-degree relationship data in the relationship data feature dimension is not limited here.
In a possible implementation manner, the determining a user relationship edge between the users based on the user relationship vector, and determining user relationship graph data based on the user relationship edge and the plurality of users may be: determining multi-degree relation data between each user based on the user relation vector, and determining user relation edges between every two users based on the multi-degree relation data;
and carrying out connection processing on the plurality of users through each user relation edge to obtain user relation graph data.
Illustratively, for example, a user relationship vector between two users may be constructed based on user fact data of any 7 dimensions of transaction data dimension features, transfer data dimension features, device data dimension features, network connection data dimension features (such as wifi network connection dimension), friend relationship data dimension features, contact information data dimension features, and strength relationship data dimension, where the user relationship vector may be expressed as follows:
The user relationship vector may be noted as r= [ a ] 1 ,a 2 ,a 3 ,…,a m ,b 1 ,b 2 ,b 3 ,…,b n ,…,g t ]Wherein a, b, …, g represent the dimension to which the association relationship belongs, and m, n, …, t represent the number of relationships under the dimension.
The set of user relationship vectors can form multi-degree relationship data among all merchants, user relationship edges can be constructed based on the multi-degree relationship data, and then relationship graph data of users can be formed together, and the multi-degree relationship data can be expressed as R 1 ,R 2 ,R 3 ,…,R n ] T (n represents the total number of relationship sides formed by the user). The user relationship graph data can be constructed through the multi-degree relationship data and the user nodes corresponding to the plurality of users, the user relationship graph data not only can describe the direct relationship between the users, such as transaction or friend relationship, but also can describe the indirect relationship between the users, such as the number of common friends, the transaction amount of a common transaction object and other multi-degree relationship, and the user relationship graph data in the form is greatly beneficial to mining and describing the relatively hidden relationship between the users so as to facilitate the subsequent risk identification.
Illustratively, in one or more embodiments of the present description, FIG. 5 shows a flow diagram of an exemplary reference user relationship edge determination process. Optionally, based on the one or more embodiments, the determining, from the user relationship graph data, at least one reference user associated with each black seed user, where the reference user has at least one reference user relationship side with the black seed user includes the following schemes:
S1012: determining at least one relation conducting chain corresponding to each black seed user by taking each black seed user as a reference node;
s1014: and determining at least one reference user on the relation conducting chain, wherein the black seed user and the reference user are connected through at least one degree of reference user relation edge.
The relation conducting chain is a chain type acyclic characteristic structure formed by black seed user nodes, a plurality of reference user nodes and reference user relation edges connecting every two nodes, and the reference nodes of the relation conducting chain are reference nodes corresponding to black seed users.
In one or more embodiments of the present disclosure, the conducting path chain may be disassembled for the user relationship graph data by using each black seed user as a reference node, so that a plurality of relationship conducting chains corresponding to the black seed relationship conducting paths may be obtained, that is, a plurality of relationship conducting chains may be obtained, and it may be understood that a plurality of characteristic path nodes corresponding to one black seed relationship conducting path are relationship conducting nodes, and relationship edges connected by two relationship conducting nodes are referred to user relationship edges.
Alternatively, the relationship conductive chain may be a directed acyclic feature, i.e. pointing from a black seed user as a reference node along a reference user relationship edge to the next reference user node.
Schematically, as shown in fig. 6, fig. 6 shows a schematic diagram of relational conduction mining, where reference nodes corresponding to black seed users included in user profile data in fig. 5 are at least relational conduction chains formed by disassembling user profile data of user node a through a conduction path chain, for example, a relational conduction chain formed by user node a-user node B-user node E-user node Y corresponding to black seed users, a relational conduction chain formed by user node a-user node C-user node D-user node Y corresponding to black seed users, and a relational conduction chain formed by user node a-user node C-user node D-user node E-user node Y corresponding to black seed users.
It can be appreciated that the relation conducting chain containing the implicit user relation can be deeply mined from the user map data in the manner, and an anti-risk recognition mechanism can be effectively resisted, so that the accuracy of subsequent risk recognition is facilitated.
Referring to fig. 7, fig. 7 is a schematic flow chart of another embodiment of a risk identification method according to one or more embodiments of the present disclosure. Specific:
s202: acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users;
S204: determining at least one reference user associated with each black seed user from the user relationship graph data, wherein the reference user and the black seed user have at least one reference user relationship edge;
reference may be made specifically to the explanation of one or more other steps of one or more embodiments of the present disclosure, which are not repeated here.
S206: performing at least one degree of risk conduction prediction on the at least one reference user by adopting a risk conduction model based on the reference user relationship edge, and determining a relationship edge conduction type of the reference user relationship edge;
in one or more embodiments of the present description, the risk conduction model may be a machine learning network based risk conduction model; illustratively, the risk conduction model may be configured by dense interconnection of simple nonlinear analog processing elements of each of a number of nodes, for example, a system model that mimics biological neurons. The risk conduction model is formed by connecting the input of at least one node with the output of each node, similar to the synaptic connection of a real neuron. Each neuron expresses a specific output function, i.e. an excitation function, and the connection between every two neurons contains a connection strength, i.e. a weighting value acting on the signal passing through the connection.
Alternatively, the risk conduction model may be implemented based on fitting of one or more of a convolutional neural network (Convolutional Neural Network, CNN) model, a deep neural network (Deep Neural Network, DNN) model, a recurrent neural network (Recurrent Neural Networks, RNN), a model, an embedded (embedding) model, a gradient-lifting decision tree (Gradient Boosting Decision Tree, GBDT) model, a logistic regression (Logistic Regression, LR) model, and the like machine learning model.
Illustratively, the risk conduction model takes a reference user relationship side as a model input, performs risk conduction quantification processing based on the reference user relationship side through the risk conduction model, and outputs a risk conduction score (also referred to as a quantification score).
In a possible implementation manner, the performing, based on the reference user relationship edge, at least one degree of risk conduction prediction on the at least one reference user by using a risk conduction model to determine a relationship edge conduction type of the reference user relationship edge may be:
the electronic equipment inputs the reference user relationship sides into a risk conduction model, and respectively outputs risk conduction scores aiming at the at least one reference user relationship side;
The electronic device may determine a risk conduction sub-threshold corresponding to the reference user relationship edge, and determine a relationship edge conduction type of the reference user relationship edge based on the risk conduction sub-threshold and the risk conduction score.
It can be understood that, based on the relationship conduction prediction performed by the black seed user, the reference user relationship corresponds to different risk conduction degrees, for example, the black seed user and the associated user have i degrees (i is an integer greater than 1) reference user relationship edges, at this time, the black seed user and the associated user are connected through i reference user relationship edges, i-1 other associated users are involved between the black seed user and the associated user, and the reference user is the associated user with the black seed user i degree conduction;
based on the above, reference thresholds corresponding to different relation conductivities can be set for the user relation edges, relation edge conductivity types of the reference user relation edges are measured based on the different reference thresholds, and generally, the higher the relation conductivities are, the less potential risks implied by the reference user relation are easily identified by the model, so that the reference thresholds need to be set for the user relation edges based on the corresponding relation conductivities.
Optionally, a threshold mapping relation for at least one relation conductivity corresponding to the user relation edge and a reference threshold corresponding to the relation conductivity may be established, and in an actual application stage, risk conductivity sub-threshold of the risk conductivity pair is obtained by determining risk conductivity of the reference user relation edge and then based on the threshold mapping relation.
Further, the determining the risk conduction sub-threshold corresponding to the reference user relationship edge may be: the electronic equipment obtains the number of the user relationship edges between the reference user and the black seed user, determines risk relationship conductivity based on the number of the user relationship edges, and obtains a risk conductivity sub-threshold corresponding to the risk relationship conductivity.
The number of user relationship edges can be understood as the number of user relationship edges through which the black seed user is connected with the reference user, and the value of the number of user relationship edges corresponds to the value of the conductivity of the relationship.
Further, after determining the risk conduction score and the risk conduction score threshold, comparing the risk conduction score and the risk conduction score threshold, and if the risk conduction score is greater than the risk conduction score threshold, determining that the reference user relationship side is of a risk conductivity type; and if the risk conduction score is smaller than or equal to the risk conduction score threshold value, determining that the reference user relationship side is of a risk-free conductivity type.
Schematically, as shown in fig. 8, fig. 8 is a schematic view of a risk identification scenario related to the present specification, and a risk conduction model is used to perform risk conduction prediction processing on a relationship between a first degree of reference user relationship and a plurality of degrees of reference user relationship to be predicted, so as to obtain a risk conduction score, which is as follows:
a) Primary conduction prediction
The side relation of the risk conduction score corresponding to the risk conduction model exceeding the set threshold is the risk conductivity type, and the right node user with the risk conductivity type and connected with the reference user relation side can be determined to be the risk behavior user. If in the intermediate data transfer cash registering mode, the reference user relationship edges corresponding to the black seeds s1 and the merchants s2 indicate that 5 common data transfer receiving users and 4 common Wi-Fi quantity are available for transferring the total data quantity of 10 ten thousand transfer receiving users, and the risk conduction model is adopted to obtain the corresponding risk conduction score of 0.9 which is larger than the set threshold, then the merchants s2 are risk behavior users controlled by the intermediate party. Furthermore, the risk level and risk conductance score of the user have a tendency to be positively correlated.
b) Multi-degree conduction prediction
The abnormal behavior user set D can be obtained through at least one degree of conduction prediction before, and the abnormal behavior user set D can comprise the risk behavior users.
For the abnormal behavior user set D obtained by at least one degree of conduction prediction, when the current ith degree of conduction prediction is: further predicting the abnormal behavior user set D, predicting risk conduction scores based on the reference user relationship edges of the users by adopting a risk conduction model, simultaneously acquiring corresponding risk conduction sub-thresholds in the ith degree of conduction prediction, determining the reference user relationship edges with the risk conduction scores exceeding the risk conduction sub-thresholds (in general) as risk conductivity types, and predicting the right-end user connected with the reference user relationship edges with the risk conductivity types as risk behavior merchants.
In one or more embodiments of the present disclosure, a risk conduction model is obtained by learning the side relationship between black seed users, and the side relationship between black seeds and other users is divided into two categories with risk conductivity and without risk conductivity by using the risk conduction model, so that the side relationship and the feature with risk conductivity are quantified from the feature relationship dimension, that is, the possibility of defining what type of side relationship and feature has high risk conductivity is quantified.
S208: and determining whether the reference user corresponding to the reference user relationship side is a risk behavior user or not based on the relationship side conduction type.
Illustratively, if the relationship edge conduction type is a risky conduction type, determining that the reference user connected with the reference user relationship edge is a risky behavior user;
illustratively, if the relationship edge conduction type is a risk-free conduction type, determining that the reference user connected by the reference user relationship edge is a normal behavior user.
In one or more embodiments of the present disclosure, an electronic device may determine whether a reference user is a risk behavioural user by obtaining user relationship profile data and determining at least one black seed user, determining at least one reference user associated with each black seed user from the user relationship profile data, the reference user having at least one degree of reference user relationship side with the black seed user, and performing at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side. The method can avoid excessively depending on past historical behavior characteristics or data of the user, can adapt to the transaction application scene of 'cold start' of a new user, can predict and identify more risk behavior users by adopting reference relationship edges among users to perform risk identification through black seed users, and improves identification accuracy.
Illustratively, in one or more embodiments of the present description, FIG. 9 shows a flow diagram of an exemplary risk conduction model training process. Optionally, based on the one or more embodiments, the risk identification method further includes the following scheme:
s2002: acquiring user relation graph sample data and determining at least one black seed sample user, wherein the user relation graph sample data comprises a plurality of sample users and sample user relation edges connected with the sample users in pairs;
the user relationship graph sample data may be understood as user relationship graph samples used in the model training stage.
The user relationship graph sample data is similar to the graph characteristic structure of the user relationship graph data.
The sample user relationship edge is used for representing one-degree or multi-degree relationship data characteristics between two sample users in a model training stage;
in some embodiments, mining and definition of black seed users may be performed first based on actual transaction scenarios, e.g., in the case of a risk-of-cashing transaction scenario, black seed users are defined as head users in high risk segments in the transaction scenario of interest. The corresponding cashing transaction scene is a merchant with higher cashing rate of data in a cashing action of a certain type (such as cashing participated by an intermediary), wherein the overdue proportion of the cashing transaction corresponding to a buyer is high, namely a black merchant, and the black merchant can be used as a black seed user.
S2004: determining at least one type of sample relationship edge from the sample user relationship edges based on the user relationship graph sample data and the black seed sample user;
the black seed sample user is the black seed user involved in the model training phase.
Further, the determining, based on the user relationship graph sample data and the black seed sample user, at least one type of sample relationship edge from the sample user relationship edges may be:
acquiring corresponding first sample relation edges between two black seed sample users in the user relation graph sample data, and taking the first sample relation edges as positive sample relation edges;
acquiring a second sample relation edge between the black seed sample user and the non-black seed sample user in the user relation map sample data, and taking the second sample relation edge as a negative sample relation edge;
and taking a third sample relation edge except the first sample relation edge and the second sample relation table in all the sample user relation edges as sample data to be predicted.
Schematically, as shown in fig. 10, fig. 10 is a schematic diagram for determining a sample, in fig. 10, an edge relationship between a black seed sample user and a black seed sample user is a first sample relationship edge, where the first sample relationship edge is defined as a positive sample relationship edge, and the positive sample relationship edge is a relationship with risk conduction (black seed-black seed);
Illustratively, the side relationship between the black seed sample user and the non-black seed sample user, namely, the second sample relationship side, may be a white seed sample user, the white seed sample user may be defined based on the user behavior in the actual transaction scenario, for example, in the cash register transaction scenario, the white seed sample user may be a sample user having a certain data borrowing transaction behavior but no cash register transaction behavior, and the side relationship between the black seed user and the white seed sample user, namely, the second sample relationship side, is defined as a negative sample relationship side;
illustratively, the other types of edge relations are samples to be predicted (black seeds-merchants to be predicted), namely, third sample relation edges except the first sample relation edge and the second sample relation table in all the sample user relation edges are used as sample data to be predicted;
for example, the edge relationship between a black seed user and a user to be predicted may be defined as a one-degree conduction sample relationship edge, and for example, the edge relationship between a user to be predicted and a user to be predicted may be defined as a multi-degree conduction sample relationship edge. The one-degree conductive sample relationship edge and the multi-degree conductive sample relationship edge may be regarded as sample data to be predicted.
It can be appreciated that, by adopting the method, in consideration of the fact that the number of the black seed samples is less based on the user dimension definition directly in the initial stage of transaction operation, the black seed samples are not suitable to be used as a type of sample labels in model training, the risk identification method of one or more embodiments of the present disclosure is adopted to convert the second classification link of the user into the relationship edge type concerned between users, and the structure of the edge relationship of the black seed can utilize the relationship feature type data such as the media use trace, social contact and the like, so that the risk prediction effect can be better for the user without risk behavior; and constructing the edge relation among the black seeds so that the number of positive samples is expanded rapidly, namely the number of N maximum edge relations among the N black seeds is N, which can greatly solve the problem of insufficient model supervision signals in the model training stage and can enable the model to obtain better training effect.
S2006: and model training is carried out on the initial risk conduction model by adopting various sample relation edges, so as to obtain a trained risk conduction model.
Schematically, the various sample relationship sides are input into an initial risk conduction model for training, the initial risk conduction model can extract the relationship characteristics of the sample relationship sides, and the relationship characteristics are detected and identified, so that risks are effectively identified. And in the training process, carrying out model error adjustment on the initial risk conduction model by combining with a sample label of a sample relation edge until model training conditions are met, and obtaining a risk conduction model after training after the training is finished, wherein the risk conduction model has the capabilities of extracting relation conduction characteristics, summarizing relation conduction risk knowledge, carrying out risk conduction recognition and learning and memorizing characteristics in the risk recognition process, and information or knowledge learned by the model is stored on a connection matrix between every two unit nodes.
Illustratively, the sample label of the sample relationship edge may be understood as a positive sample label of the positive sample relationship edge and a negative sample label of the negative sample relationship edge;
in one or more embodiments of the present disclosure, an optimization integration process may be performed on the risk conduction model, the input of the processed risk conduction model may be user relationship graph data and black seed users are marked, the step of determining, based on the risk conduction model, at least one reference user associated with each black seed user and at least one reference user relationship side where the reference user exists with the black seed user from the user relationship graph data, and performing, based on the reference user relationship side, at least one risk conduction prediction on the reference user using the risk conduction model to determine whether the reference user is a risk behavior user, thereby outputting the risk behavior user.
It can be appreciated that, with the risk identification method according to one or more embodiments of the present disclosure, from black seeds, a risk conduction model is obtained by learning the edge relations between black seeds, and the edge relations between black seeds and other users are classified into two types with risk conduction and without risk conduction by the risk conduction model, so that the possibility of what type of edge relations and features have risk conduction is quantified from the data level.
In some embodiments, the risk conduction model obtained through supervised learning can conduct input data rapidly to obtain users with similar risks, so that the traditional method that the users depend on past historical behavior characteristics is avoided, the phenomenon of cold start of many new users can be solved, the risk early warning capability is improved after the risk behaviors of the users are predicted and identified.
The risk identification device provided in this specification will be described in detail with reference to fig. 11. The risk recognition apparatus shown in fig. 11 is used to perform the method of the embodiment shown in fig. 1 to 10 of the present specification, and for convenience of explanation, only the part related to the present specification is shown, and specific technical details are not disclosed, please refer to the embodiment shown in fig. 1 to 10 of the present specification.
Referring to fig. 11, a schematic structural diagram of the risk identification device of the present specification is shown. The risk identification means 1 may be implemented as all or part of the user terminal by software, hardware or a combination of both. According to some embodiments, the risk identification device 1 comprises a risk identification module 11, a risk identification module 12 and a risk identification module 13, in particular for:
The user acquisition module 11 is configured to acquire user relationship graph data and determine at least one black seed user, where the user relationship graph data includes a plurality of users and user relationship edges connecting every two users;
a data determining module 12, configured to determine, from the user relationship graph data, at least one reference user associated with each black seed user, where the reference user has at least one reference user relationship edge with the black seed user;
and the risk detection module 13 is used for predicting the risk conduction of the reference user at least once by adopting a risk conduction model based on the relationship of the reference user so as to determine whether the reference user is a risk behavior user.
Optionally, the device 1 is further configured to:
according to user fact data of a plurality of users, determining user relation vectors between every two users;
and determining a user relationship side between every two users based on the user relationship vector, and determining user relationship map data based on the user relationship side and the plurality of users.
Optionally, the device 1 is further configured to:
determining multi-degree relation data between each user based on the user relation vector, and determining user relation edges between every two users based on the multi-degree relation data;
And carrying out connection processing on the plurality of users through each user relation edge to obtain user relation graph data.
Optionally, as shown in fig. 12, the data determining module 12 includes:
a conduction determining unit 121, configured to determine at least one relational conduction chain corresponding to each black seed user by using the black seed user as a reference node;
a user determining unit 122, configured to determine at least one reference user on the relational conductive chain, where the black seed user and the reference user are connected by at least one reference user relationship edge.
Optionally, as shown in fig. 13, the risk detection module 13 is configured to:
a conduction prediction unit 131, configured to perform at least one degree of risk conduction prediction on the at least one reference user by using a risk conduction model based on the reference user relationship edge, and determine a relationship edge conduction type of the reference user relationship edge;
the risk determining unit 132 is configured to determine whether the reference user corresponding to the reference user relationship edge is a risk behavioural user based on the relationship edge conductivity type.
Optionally, the conduction prediction unit 131 is configured to:
inputting each reference user relationship side into a risk conduction model, and respectively outputting risk conduction points aiming at the at least one reference user relationship side;
And determining a risk conduction sub-threshold corresponding to the reference user relationship side, and determining the relationship side conduction type of the reference user relationship side based on the risk conduction sub-threshold and the risk conduction sub-threshold.
Optionally, the conduction prediction unit 131 is configured to: acquiring the number of user relationship edges between the reference user and the black seed user, and determining risk relationship conductivity based on the number of user relationship edges;
and acquiring a risk conduction sub-threshold corresponding to the risk relation conductivity.
Optionally, the conduction prediction unit 131 is configured to: if the risk conduction score is greater than the risk conduction score threshold, determining that the reference user relationship edge is of a risk conductivity type;
and if the risk conduction score is smaller than or equal to the risk conduction score threshold value, determining that the reference user relationship side is of a risk-free conductivity type.
Optionally, the risk determining unit 132 is configured to:
if the relation edge conduction type is a risky conduction type, determining that the reference user connected with the reference user relation edge is a risky behavior user;
and if the relation edge conduction type is the risk-free conduction type, determining that the reference user connected with the reference user relation edge is a normal behavior user.
Optionally, the device 1 is further configured to:
acquiring user relation graph sample data and determining at least one black seed sample user, wherein the user relation graph sample data comprises a plurality of sample users and sample user relation edges connected with the sample users in pairs;
determining at least one type of sample relationship edge from the sample user relationship edges based on the user relationship graph sample data and the black seed sample user;
and model training is carried out on the initial risk conduction model by adopting various sample relation edges, so as to obtain a trained risk conduction model.
Optionally, the device 1 is further configured to:
acquiring corresponding first sample relation edges between two black seed sample users in the user relation graph sample data, and taking the first sample relation edges as positive sample relation edges;
acquiring a second sample relation edge between the black seed sample user and the non-black seed sample user in the user relation map sample data, and taking the second sample relation edge as a negative sample relation edge;
and taking a third sample relation edge except the first sample relation edge and the second sample relation table in all the sample user relation edges as sample data to be predicted.
It should be noted that, in the risk recognition apparatus provided in the foregoing embodiment, only the division of the foregoing functional modules is used as an example when the risk recognition method is executed, and in practical application, the foregoing functional allocation may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to complete all or part of the functions described above. In addition, the risk identification device and the risk identification method provided in the foregoing embodiments belong to the same concept, which embody the detailed implementation process in the method embodiment, and are not described herein again.
The foregoing description is provided for the purpose of illustration only and does not represent the advantages or disadvantages of the embodiments.
In one or more embodiments of the present disclosure, an electronic device may determine whether a reference user is a risk behavioural user by obtaining user relationship profile data and determining at least one black seed user, determining at least one reference user associated with each black seed user from the user relationship profile data, the reference user having at least one degree of reference user relationship side with the black seed user, and performing at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side. The method can avoid excessively depending on past historical behavior characteristics or data of the user, can adapt to the transaction application scene of 'cold start' of a new user, can predict and identify more risk behavior users by adopting reference relationship edges among users to perform risk identification through black seed users, and improves identification accuracy.
The present disclosure further provides a computer storage medium, where the computer storage medium may store a plurality of instructions, where the instructions are adapted to be loaded by a processor and execute the risk identification method according to the embodiment shown in fig. 1 to 10, and the specific execution process may refer to the specific description of the embodiment shown in fig. 1 to 10, which is not repeated herein.
The present disclosure further provides a computer program product, where at least one instruction is stored, where the at least one instruction is loaded by the processor and executed by the processor to perform the risk identification method according to the embodiment shown in fig. 1 to 10, and the specific execution process may refer to the specific description of the embodiment shown in fig. 1 to 10, which is not repeated herein.
Referring to fig. 14, a block diagram of an electronic device according to an exemplary embodiment of the present disclosure is shown. The electronic device in this specification may include one or more of the following: processor 110, memory 120, input device 130, output device 140, and bus 150. The processor 110, the memory 120, the input device 130, and the output device 140 may be connected by a bus 150.
The memory 120 may include a random access memory (random Access Memory, RAM) or a read-only memory (ROM). Optionally, the memory 120 includes a non-transitory computer readable medium (non-transitory computer-readable storage medium). Memory 120 may be used to store instructions, programs, code, sets of codes, or sets of instructions. The memory 120 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, which may be an Android (Android) system, including an Android system-based deep development system, an IOS system developed by apple corporation, including an IOS system-based deep development system, or other systems, instructions for implementing at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing various method embodiments described below, and the like. The storage data area may also store data created by the electronic device in use, such as phonebooks, audiovisual data, chat log data, and the like.
Referring to FIG. 15, the memory 120 may be divided into an operating system space in which the operating system is running and a user space in which native and third party applications are running. In order to ensure that different third party application programs can achieve better operation effects, the operating system allocates corresponding system resources for the different third party application programs. However, the requirements of different application scenarios in the same third party application program on system resources are different, for example, under the local resource loading scenario, the third party application program has higher requirement on the disk reading speed; in the animation rendering scene, the third party application program has higher requirements on the GPU performance. The operating system and the third party application program are mutually independent, and the operating system often cannot timely sense the current application scene of the third party application program, so that the operating system cannot perform targeted system resource adaptation according to the specific application scene of the third party application program.
In order to enable the operating system to distinguish specific application scenes of the third-party application program, data communication between the third-party application program and the operating system needs to be communicated, so that the operating system can acquire current scene information of the third-party application program at any time, and targeted system resource adaptation is performed based on the current scene.
Taking an operating system as an Android system as an example, as shown in fig. 16, a program and data stored in the memory 120 may be stored in the memory 120 with a Linux kernel layer 320, a system runtime library layer 340, an application framework layer 360 and an application layer 380, where the Linux kernel layer 320, the system runtime library layer 340 and the application framework layer 360 belong to an operating system space, and the application layer 380 belongs to a user space. The Linux kernel layer 320 provides the underlying drivers for various hardware of the electronic device, such as display drivers, audio drivers, camera drivers, bluetooth drivers, wi-Fi drivers, power management, and the like. The system runtime layer 340 provides the main feature support for the Android system through some C/c++ libraries. For example, the SQLite library provides support for databases, the OpenGL/ES library provides support for 3D graphics, the Webkit library provides support for browser kernels, and the like. Also provided in the system runtime library layer 340 is a An Zhuoyun runtime library (Android run) which provides mainly some core libraries that can allow developers to write Android applications using the Java language. The application framework layer 360 provides various APIs that may be used in building applications, which developers can also build their own applications by using, for example, campaign management, window management, view management, notification management, content provider, package management, call management, resource management, location management. At least one application program is running in the application layer 380, and these application programs may be native application programs of the operating system, such as a contact program, a short message program, a clock program, a camera application, etc.; and may also be a third party application developed by a third party developer, such as a game-like application, instant messaging program, photo beautification program, etc.
Taking an operating system as an IOS system as an example, the program and data stored in the memory 120 are as shown in fig. 17, the IOS system includes: core operating system layer 420 (Core OS layer), core service layer 440 (Core Services layer), media layer 460 (Media layer), and touchable layer 480 (Cocoa Touch Layer). The core operating system layer 420 includes an operating system kernel, drivers, and underlying program frameworks that provide more hardware-like functionality for use by the program frameworks at the core services layer 440. The core services layer 440 provides system services and/or program frameworks required by the application, such as a Foundation (Foundation) framework, an account framework, an advertisement framework, a data storage framework, a network connection framework, a geographic location framework, a sports framework, and the like. The media layer 460 provides an interface for applications related to audiovisual aspects, such as a graphics-image related interface, an audio technology related interface, a video technology related interface, an audio video transmission technology wireless play (AirPlay) interface, and so forth. The touchable layer 480 provides various commonly used interface-related frameworks for application development, with the touchable layer 480 being responsible for user touch interactions on the electronic device. Such as a local notification service, a remote push service, an advertisement framework, a game tool framework, a message User Interface (UI) framework, a User Interface UIKit framework, a map framework, and so forth.
Among the frameworks illustrated in fig. 17, frameworks related to most applications include, but are not limited to: the infrastructure in core services layer 440 and the UIKit framework in touchable layer 480. The infrastructure provides many basic object classes and data types, providing the most basic system services for all applications, independent of the UI. While the class provided by the UIKit framework is a basic UI class library for creating touch-based user interfaces, iOS applications can provide UIs based on the UIKit framework, so it provides the infrastructure for applications to build user interfaces, draw, process and user interaction events, respond to gestures, and so on.
The manner and principle of implementing data communication between the third party application program and the operating system in the IOS system may refer to the Android system, and this description is not repeated here.
The input device 130 is configured to receive input instructions or data, and the input device 130 includes, but is not limited to, a keyboard, a mouse, a camera, a microphone, or a touch device. The output device 140 is used to output instructions or data, and the output device 140 includes, but is not limited to, a display device, a speaker, and the like. In one example, the input device 130 and the output device 140 may be combined, and the input device 130 and the output device 140 are a touch display screen for receiving a touch operation thereon or thereabout by a user using a finger, a touch pen, or any other suitable object, and displaying a user interface of each application program. Touch display screens are typically provided on the front panel of an electronic device. The touch display screen may be designed as a full screen, a curved screen, or a contoured screen. The touch display screen can also be designed to be a combination of a full screen and a curved screen, and a combination of a special-shaped screen and a curved screen is not limited in this specification.
In addition, those skilled in the art will appreciate that the configuration of the electronic device shown in the above-described figures does not constitute a limitation of the electronic device, and the electronic device may include more or less components than illustrated, or may combine certain components, or may have a different arrangement of components. For example, the electronic device further includes components such as a radio frequency circuit, an input unit, a sensor, an audio circuit, a wireless fidelity (wireless fidelity, wiFi) module, a power supply, and a bluetooth module, which are not described herein.
In this specification, the execution subject of each step may be the electronic device described above. Optionally, the execution subject of each step is an operating system of the electronic device. The operating system may be an android system, an IOS system, or other operating systems, which is not limited in this specification.
The electronic device of the present specification may further have a display device mounted thereon, and the display device may be various devices capable of realizing a display function, for example: cathode ray tube displays (cathode ray tubedisplay, CR), light-emitting diode displays (light-emitting diode display, LED), electronic ink screens, liquid crystal displays (liquid crystal display, LCD), plasma display panels (plasma display panel, PDP), and the like. A user may utilize a display device on electronic device 101 to view displayed text, images, video, etc. The electronic device may be a smart phone, a tablet computer, a gaming device, an AR (Augmented Reality ) device, an automobile, a data storage device, an audio playing device, a video playing device, a notebook, a desktop computing device, a wearable device such as an electronic watch, electronic glasses, an electronic helmet, an electronic bracelet, an electronic necklace, an electronic article of clothing, etc.
In the electronic device shown in fig. 14, the processor 110 may be configured to call an application program stored in the memory 120, and specifically perform the following operations:
acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users;
determining at least one reference user associated with each black seed user from the user relationship graph data, wherein the reference user and the black seed user have at least one reference user relationship edge;
and carrying out at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
In one embodiment, the processor 110 further performs the following steps prior to performing the acquiring the user relationship profile data:
according to user fact data of a plurality of users, determining user relation vectors between every two users;
and determining a user relationship side between every two users based on the user relationship vector, and determining user relationship map data based on the user relationship side and the plurality of users.
In one embodiment, the processor 110, when executing the determining a user relationship edge between two users based on the user relationship vector, determines user relationship graph data based on the user relationship edge and the plurality of users, performs the following steps:
determining multi-degree relation data between each user based on the user relation vector, and determining user relation edges between every two users based on the multi-degree relation data;
and carrying out connection processing on the plurality of users through each user relation edge to obtain user relation graph data.
In one embodiment, the processor 110, in performing the determining, from the user relationship graph data, at least one reference user associated with each of the black seed users, the reference user having at least one degree of reference user relationship side with the black seed users, performs the steps of:
determining at least one relation conducting chain corresponding to each black seed user by taking each black seed user as a reference node;
and determining at least one reference user on the relation conducting chain, wherein the black seed user and the reference user are connected through at least one degree of reference user relation edge.
In one embodiment, the processor 110, when executing the at least one risk conduction prediction for the at least one reference user based on the reference user relationship edge, determines whether the reference user is a risk behaving user, performs the steps of:
performing at least one degree of risk conduction prediction on the at least one reference user by adopting a risk conduction model based on the reference user relationship edge, and determining a relationship edge conduction type of the reference user relationship edge;
and determining whether the reference user corresponding to the reference user relationship side is a risk behavior user or not based on the relationship side conduction type.
In one embodiment, the processor 110, when executing the at least one risk conduction prediction on the at least one reference user using a risk conduction model based on the reference user relationship edge to determine a relationship edge conduction type of the reference user relationship edge, performs the steps of:
inputting each reference user relationship side into a risk conduction model, and respectively outputting risk conduction points aiming at the at least one reference user relationship side;
and determining a risk conduction sub-threshold corresponding to the reference user relationship side, and determining the relationship side conduction type of the reference user relationship side based on the risk conduction sub-threshold and the risk conduction sub-threshold.
In one embodiment, the processor 110, when executing the determining the risk conductance sub-threshold corresponding to the reference user relationship edge, executes the following steps:
acquiring the number of user relationship edges between the reference user and the black seed user, and determining risk relationship conductivity based on the number of user relationship edges;
and acquiring a risk conduction sub-threshold corresponding to the risk relation conductivity.
In one embodiment, the processor 110, in performing the determining the relationship side conductivity type of the reference user relationship side based on the risk conductivity sub-threshold and the risk conductivity sub-value, performs the steps of:
if the risk conduction score is greater than the risk conduction score threshold, determining that the reference user relationship edge is of a risk conductivity type;
and if the risk conduction score is smaller than or equal to the risk conduction score threshold value, determining that the reference user relationship side is of a risk-free conductivity type.
In one embodiment, the processor 110, when executing the determining, based on the relationship edge conductivity type, whether the reference user corresponding to the reference user relationship edge is a risk behavioural user, executes the following steps:
if the relation edge conduction type is a risky conduction type, determining that the reference user connected with the reference user relation edge is a risky behavior user;
And if the relation edge conduction type is the risk-free conduction type, determining that the reference user connected with the reference user relation edge is a normal behavior user.
In one embodiment, the processor 110, when executing the risk identification method, further performs the steps of:
acquiring user relation graph sample data and determining at least one black seed sample user, wherein the user relation graph sample data comprises a plurality of sample users and sample user relation edges connected with the sample users in pairs;
determining at least one type of sample relationship edge from the sample user relationship edges based on the user relationship graph sample data and the black seed sample user;
and model training is carried out on the initial risk conduction model by adopting various sample relation edges, so as to obtain a trained risk conduction model.
In one embodiment, the processor 110, in executing the determining at least one type of sample relationship edge from the sample user relationship edges based on the user relationship graph sample data and the black seed sample user, performs the steps of:
acquiring corresponding first sample relation edges between two black seed sample users in the user relation graph sample data, and taking the first sample relation edges as positive sample relation edges;
Acquiring a second sample relation edge between the black seed sample user and the non-black seed sample user in the user relation map sample data, and taking the second sample relation edge as a negative sample relation edge;
and taking a third sample relation edge except the first sample relation edge and the second sample relation table in all the sample user relation edges as sample data to be predicted.
In one or more embodiments of the present disclosure, an electronic device may determine whether a reference user is a risk behavioural user by obtaining user relationship profile data and determining at least one black seed user, determining at least one reference user associated with each black seed user from the user relationship profile data, the reference user having at least one degree of reference user relationship side with the black seed user, and performing at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side. The method can avoid excessively depending on past historical behavior characteristics or data of the user, can adapt to the transaction application scene of 'cold start' of a new user, can predict and identify more risk behavior users by adopting reference relationship edges among users to perform risk identification through black seed users, and improves identification accuracy.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory, a random access memory, or the like.
It should be noted that, information (including but not limited to user equipment information, user personal information, etc.), data (including but not limited to data for analysis, stored data, presented data, etc.), and signals according to the embodiments of the present disclosure are all authorized by the user or are fully authorized by the parties, and the collection, use, and processing of relevant data is required to comply with relevant laws and regulations and standards of relevant countries and regions. For example, user relationship graph data, user fact data, user relationship graph sample data, and the like referred to in this specification are all acquired with sufficient authorization.
The foregoing disclosure is only illustrative of the preferred embodiments of the present invention and is not to be construed as limiting the scope of the claims, which follow the meaning of the claims of the present invention.
Claims (15)
1. A risk identification method, the method comprising:
acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users;
determining at least one reference user associated with each black seed user from the user relationship graph data, wherein the reference user and the black seed user have at least one reference user relationship edge;
and carrying out at least one degree of risk conduction prediction on the at least one reference user based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
2. The method of claim 1, further comprising, prior to the obtaining the user relationship graph data:
according to user fact data of a plurality of users, determining user relation vectors between every two users;
and determining a user relationship side between every two users based on the user relationship vector, and determining user relationship map data based on the user relationship side and the plurality of users.
3. The method of claim 2, the determining a user relationship edge between the users based on the user relationship vector, determining user relationship graph data based on the user relationship edge and the plurality of users, comprising:
Determining multi-degree relation data between each user based on the user relation vector, and determining user relation edges between every two users based on the multi-degree relation data;
and carrying out connection processing on the plurality of users through each user relation edge to obtain user relation graph data.
4. The method of claim 1, the determining from the user relationship graph data at least one reference user associated with each of the black seed users, the reference user having at least one degree of reference user relationship edge with the black seed users, comprising:
determining at least one relation conducting chain corresponding to each black seed user by taking each black seed user as a reference node;
and determining at least one reference user on the relation conducting chain, wherein the black seed user and the reference user are connected through at least one degree of reference user relation edge.
5. The method of claim 1, the predicting the at least one reference user for at least one degree of risk conduction based on the reference user relationship edge to determine whether the reference user is a risk behavioural user, comprising:
performing at least one degree of risk conduction prediction on the at least one reference user by adopting a risk conduction model based on the reference user relationship edge, and determining a relationship edge conduction type of the reference user relationship edge;
And determining whether the reference user corresponding to the reference user relationship side is a risk behavior user or not based on the relationship side conduction type.
6. The method of claim 5, the employing a risk conduction model based on the reference user relationship edge to conduct at least one degree of risk prediction on the at least one reference user to determine a relationship edge conduction type for the reference user relationship edge, comprising:
inputting each reference user relationship side into a risk conduction model, and respectively outputting risk conduction points aiming at the at least one reference user relationship side;
and determining a risk conduction sub-threshold corresponding to the reference user relationship side, and determining the relationship side conduction type of the reference user relationship side based on the risk conduction sub-threshold and the risk conduction sub-threshold.
7. The method of claim 6, the determining the risk conductance sub-threshold corresponding to the reference user relationship edge comprising:
acquiring the number of user relationship edges between the reference user and the black seed user, and determining risk relationship conductivity based on the number of user relationship edges;
and acquiring a risk conduction sub-threshold corresponding to the risk relation conductivity.
8. The method of claim 6, the determining a relationship edge conductivity type of the reference user relationship edge based on the risk conductivity sub-threshold and the risk conductivity sub-value, comprising:
If the risk conduction score is greater than the risk conduction score threshold, determining that the reference user relationship edge is of a risk conductivity type;
and if the risk conduction score is smaller than or equal to the risk conduction score threshold value, determining that the reference user relationship side is of a risk-free conductivity type.
9. The method of claim 5, the determining whether the reference user corresponding to the reference user relationship edge is a risk behavioural user based on the relationship edge conductivity type, comprising:
if the relation edge conduction type is a risky conduction type, determining that the reference user connected with the reference user relation edge is a risky behavior user;
and if the relation edge conduction type is the risk-free conduction type, determining that the reference user connected with the reference user relation edge is a normal behavior user.
10. The method of claim 1, the method further comprising:
acquiring user relation graph sample data and determining at least one black seed sample user, wherein the user relation graph sample data comprises a plurality of sample users and sample user relation edges connected with the sample users in pairs;
determining at least one type of sample relationship edge from the sample user relationship edges based on the user relationship graph sample data and the black seed sample user;
And model training is carried out on the initial risk conduction model by adopting various sample relation edges, so as to obtain a trained risk conduction model.
11. The method of claim 10, the determining at least one type of sample relationship edge from the sample user relationship edges based on the user relationship graph sample data and the black seed sample user, comprising:
acquiring corresponding first sample relation edges between two black seed sample users in the user relation graph sample data, and taking the first sample relation edges as positive sample relation edges;
acquiring a second sample relation edge between the black seed sample user and the non-black seed sample user in the user relation map sample data, and taking the second sample relation edge as a negative sample relation edge;
and taking a third sample relation edge except the first sample relation edge and the second sample relation table in all the sample user relation edges as sample data to be predicted.
12. A risk identification device, the device comprising:
the user acquisition module is used for acquiring user relationship graph data and determining at least one black seed user, wherein the user relationship graph data comprises a plurality of users and user relationship edges connected with the users in pairs;
The data determining module is used for determining at least one reference user associated with each black seed user from the user relationship graph data, and the reference user and the black seed user have at least one degree of reference user relationship edges;
and the risk detection module is used for predicting the risk conduction of the reference user at least once by adopting a risk conduction model based on the reference user relationship side so as to determine whether the reference user is a risk behavior user.
13. A computer storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the method steps of any one of claims 1 to 11.
14. A computer program product storing at least one instruction for loading by the processor and performing the method steps of any one of claims 1 to 11.
15. An electronic device, comprising: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the method steps of any of claims 1-11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211696378.0A CN116228391A (en) | 2022-12-28 | 2022-12-28 | Risk identification method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211696378.0A CN116228391A (en) | 2022-12-28 | 2022-12-28 | Risk identification method and device, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116228391A true CN116228391A (en) | 2023-06-06 |
Family
ID=86584970
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211696378.0A Pending CN116228391A (en) | 2022-12-28 | 2022-12-28 | Risk identification method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116228391A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116777606A (en) * | 2023-07-05 | 2023-09-19 | 无锡锡商银行股份有限公司 | Intelligent anti-fraud system and method for bank credit based on relation graph |
-
2022
- 2022-12-28 CN CN202211696378.0A patent/CN116228391A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116777606A (en) * | 2023-07-05 | 2023-09-19 | 无锡锡商银行股份有限公司 | Intelligent anti-fraud system and method for bank credit based on relation graph |
| CN116777606B (en) * | 2023-07-05 | 2024-01-23 | 无锡锡商银行股份有限公司 | Intelligent anti-fraud system and method for bank credit based on relation graph |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112580952A (en) | User behavior risk prediction method and device, electronic equipment and storage medium | |
| CN112837099B (en) | Potential loss user identification method and device, storage medium and electronic equipment | |
| WO2024099457A1 (en) | Information recommendation method and apparatus, and storage medium and electronic device | |
| CN112070310A (en) | Loss user prediction method and device based on artificial intelligence and electronic equipment | |
| CN115049068A (en) | Model processing method and device, storage medium and electronic equipment | |
| CN116228391A (en) | Risk identification method and device, storage medium and electronic equipment | |
| CN116798129A (en) | Living body detection method and device, storage medium and electronic equipment | |
| CN116129534A (en) | Image living body detection method and device, storage medium and electronic equipment | |
| CN115858556A (en) | Data processing method and device, storage medium and electronic equipment | |
| CN114240339A (en) | Background investigation method and device, storage medium and electronic equipment | |
| CN111770510B (en) | Network experience state determining method and device, storage medium and electronic equipment | |
| CN115329320A (en) | Risk application identification method and device, storage medium and electronic equipment | |
| CN117725219A (en) | Enterprise entity relationship prediction method and device, storage medium and electronic equipment | |
| CN116522996A (en) | Training method of recommendation model, recommendation method and related device | |
| CN116246014B (en) | Image generation method and device, storage medium and electronic equipment | |
| CN116168451A (en) | Image living body detection method and device, storage medium and electronic equipment | |
| CN117688484A (en) | Data anomaly detection method and device, storage medium and electronic equipment | |
| CN116229585A (en) | Image living body detection method and device, storage medium and electronic equipment | |
| CN117972513A (en) | Data classification model training method, data classification method, device and storage medium | |
| CN116881465A (en) | Enterprise relation graph generation method and device, storage medium and electronic equipment | |
| CN116934395A (en) | Feature processing method and device, storage medium and electronic equipment | |
| CN117217379A (en) | Cross-scene prediction model training method, prediction method, device and storage medium | |
| CN116934490A (en) | Information processing method and device, storage medium and electronic equipment | |
| CN116343350A (en) | Living body detection method and device, storage medium and electronic equipment | |
| CN116302235A (en) | Popup window processing method and device, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |