Disclosure of Invention
In view of the above, it is necessary to provide an operation risk processing method, an operation risk processing apparatus, a computer device, and a storage medium for solving the technical problem that the efficiency of the current operation risk judgment processing is relatively low.
An operational risk processing method, the method comprising:
acquiring a request item identifier carried in a received operation request;
acquiring a rule statement set configured corresponding to the request item identifier;
selecting a target rule statement according to the priority order of each rule statement in the rule statement set;
carrying out risk judgment on the operation request according to the target rule statement;
and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
In one embodiment, the performing risk judgment on the operation request according to the target rule statement includes:
acquiring parameter values corresponding to rule judgment parameters in the target rule statement;
executing the target rule statement, and judging whether the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement;
and according to the judgment result of the parameter value corresponding to the rule judgment parameter, carrying out risk judgment on the operation request.
In one embodiment, the performing, according to the judgment result of the parameter value corresponding to the rule judgment parameter, the risk judgment on the operation request includes:
when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement;
acquiring the number of rule statements hit by the operation request;
and when the number of the rule statements hit by the operation request is greater than or equal to a preset number threshold, judging that a rule judgment end condition is met, and risking the operation request.
In one embodiment, before the performing risk judgment on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter, the method further includes:
acquiring a current risk score corresponding to the operation request; the current risk score is obtained by adding preset risk scores corresponding to rule sentences hit by the operation request currently;
the step of performing risk judgment on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter comprises the following steps:
when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement;
acquiring a target preset risk score corresponding to the target rule statement hit by the operation request;
adding the current risk score and the target preset risk score to obtain a final risk score corresponding to the operation request;
and when the final risk score is greater than or equal to a preset risk score threshold value, judging that a risk judgment ending condition is met, and the operation request has a risk.
In one embodiment, the method further comprises:
receiving a rule statement combination request carrying a statement identifier of a rule to be combined and an appointed rule statement set identifier;
determining a combination sequence among the rules to be combined according to the priority of the rules to be combined corresponding to the rules to be combined;
combining the rule sentences to be combined according to the corresponding combination sequence;
and storing the combined rule statement into a rule statement set corresponding to the specified rule statement set identification.
An operational risk processing apparatus, the apparatus comprising:
the acquisition module is used for acquiring a request item identifier carried in the received operation request; acquiring a rule statement set configured corresponding to the request item identifier;
the target rule statement selecting module is used for selecting a target rule statement according to the priority order of each rule statement in the rule statement set;
the risk judgment module is used for carrying out risk judgment on the operation request according to the target rule statement; and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
In one embodiment, the risk judgment module is further configured to obtain a parameter value corresponding to a rule judgment parameter in the target rule statement; executing the target rule statement, and judging whether the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement; and according to the judgment result of the parameter value corresponding to the rule judgment parameter, carrying out risk judgment on the operation request.
In one embodiment, the risk determination module includes:
a hit judgment module, configured to judge that the operation request hits the target rule statement when a parameter value corresponding to the rule judgment parameter meets a corresponding preset condition in the target rule statement;
a hit number determining module, configured to obtain the number of rule statements hit by the operation request;
and the ending judgment module is used for judging that a rule judgment ending condition is met and the operation request has a risk when the number of the rule sentences hit by the operation request is greater than or equal to a preset number threshold.
A computer device comprising a memory and a processor, the memory having stored therein computer-readable instructions that, when executed by the processor, cause the processor to perform the steps of:
acquiring a request item identifier carried in a received operation request;
acquiring a rule statement set configured corresponding to the request item identifier;
selecting a target rule statement according to the priority order of each rule statement in the rule statement set;
carrying out risk judgment on the operation request according to the target rule statement;
and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
A storage medium storing computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
acquiring a request item identifier carried in a received operation request;
acquiring a rule statement set configured corresponding to the request item identifier;
selecting a target rule statement according to the priority order of each rule statement in the rule statement set;
carrying out risk judgment on the operation request according to the target rule statement;
and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
According to the operation risk processing method, the operation risk processing device, the computer equipment and the storage medium, the corresponding rule statement sets are configured aiming at different request items in a mode of configuring the rule statements, and risk judgment is sequentially carried out according to the priority of each rule statement in the rule statement sets. Compared with the method that the risk judgment rule is directly and fixedly written in the program code, the method improves the flexibility of operation risk judgment, does not need to add or delete the risk judgment rule in a mode of integrally modifying the code, and therefore improves the efficiency of the whole risk judgment processing.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
FIG. 1 is a diagram of an application environment for a risk of operation processing method in one embodiment. Referring to fig. 1, the application environment includes a terminal 110 and a server 120 connected through a network. The terminal 110 generates an operation request in response to an operation of a user and sends the operation request to the server 120, and after receiving the operation request, the server 120 obtains a request item identifier carried in the operation request and obtains a rule statement set configured corresponding to the request item identifier. The server 120 selects a target rule statement according to the priority order of each rule statement in the rule statement set, performs risk judgment on the operation request according to the target rule statement, and returns to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set when the risk judgment end condition is not met, so as to continue to perform risk judgment until the risk judgment end condition is met.
FIG. 2 is a diagram showing an internal configuration of a computer device according to an embodiment. The computer device may be the server in fig. 1, and the server may be implemented by a stand-alone server or a server cluster composed of a plurality of physical servers. Referring to fig. 2, the computer apparatus includes a processor, a non-volatile storage medium, an internal memory, and a network interface connected through a system bus. The non-volatile storage medium of the computer device stores an operating system, and also stores computer readable instructions, which when executed by the processor, enable the processor to implement an operational risk processing method. The processor is used to provide computing and control capabilities to support the operation of the entire computer device. Computer readable instructions may be stored in an internal memory of the computer device, which when executed by the processor, may cause the processor to perform a method of operational risk processing. The network interface is used for connecting a network for communication.
Those skilled in the art will appreciate that the architecture shown in fig. 2 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
As shown in FIG. 3, in one embodiment, an operational risk processing method is provided. The embodiment is mainly illustrated by applying the method to the computer device in fig. 2. Referring to fig. 3, the operation risk processing method specifically includes the following steps:
s302, obtaining the request item identification carried in the received operation request.
The request items refer to the requested items to be done, and include registration items, login items, statistical items, and the like. For example, the registration transaction refers to a request for registering an account.
Specifically, the user can operate through a terminal interface, and the terminal responds to the operation to generate a corresponding operation request and sends the operation request to the computer equipment. The computer equipment analyzes the received operation request, extracts a request item identification from a preset field position in the analyzed operation request, and the extracted request item identification is used for uniquely identifying the request item.
S304, a rule statement set configured corresponding to the request item identification is obtained.
The rule sentence is a sentence for risk judgment and representing a risk. When executed, the rule statement may be used to perform risk judgment on the operation request, and if the operation request hits the rule statement, the operation request has a risk represented by the rule statement. It will be appreciated that if the operation request hits a rule characterized by a rule statement, then the operation request hits the rule statement.
For example, the rule sentence is "whether the registration time is 2:00 to 5:00 in the early morning", because the registration request of 2:00 to 5:00 in the early morning is somewhat abnormal, the rule sentence represents a certain risk, and if the operation request hits the rule sentence, the operation request is a registration request initiated at 2:00 to 5:00 in the early morning, the risk represented by the rule sentence exists. The rule statement set is a set formed by rule statements together. The set of rule statements includes at least one rule statement.
When there are multiple rule statements in a rule statement set, each rule statement may be a rule statement of the same or different dimensions. The dimension of the rule statement may be a time dimension (e.g., whether the registration time is 2:00 to 5:00 in the morning), a device dimension (e.g., whether the registration request times of the same device exceed 10), an IP (Internet Protocol, Protocol for interconnection between networks) address dimension (e.g., whether the registration request times of the same IP address exceed 20), and a region dimension (e.g., whether the registration request times of the same region exceed 100). Further, multiple dimensions may be included in the same rule statement (e.g., whether the IP address requested to be registered does not match the region requested to be registered, i.e., the rule statement includes both the IP address dimension and the region dimension). It is to be understood that the regular sentences exemplified herein as chinese sentences are only used to illustrate the rules characterized by the regular sentences, and the regular sentences themselves are not limited to this form, and may be computer recognizable grammatical sentences.
Specifically, different rule statement sets are preconfigured in the computer device, and a correspondence between a request transaction identifier and the rule statement sets is preconfigured, wherein one request transaction identifier may uniquely correspond to one rule statement set. The computer device may obtain a rule statement set configured corresponding to the request item identifier according to the correspondence.
S306, selecting a target rule statement according to the priority order of each rule statement in the rule statement set.
The priority of the rule statement is used for representing the priority degree of the rule statement.
Specifically, each rule statement in the rule statement set is pre-configured with a corresponding priority, and the computer device may sequentially select the target rule statement according to the priority order of each rule statement in the obtained rule statement set, wherein the rule statement with the higher priority is selected with higher priority.
In one embodiment, the priority of each rule statement is positively correlated with the risk represented by the rule statement, and the higher the priority is, the greater the represented risk is, whereas the lower the priority is, the smaller the represented risk is.
And S308, performing risk judgment on the operation request according to the target rule statement.
Specifically, the computer device may execute the target rule statement, and determine whether the operation request conforms to a risk determination rule represented by the target rule statement, so as to perform risk determination on the operation request.
And S310, when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue risk judgment until the risk judgment end condition is met.
The risk judgment end condition refers to a condition for stopping the risk judgment of the operation request.
In one embodiment, the risk judgment end condition may be determined by the number of rule statements hit by the operation request, for example, when the number of rule statements hit by the operation request is greater than or equal to a preset number threshold, it is determined that the risk judgment end condition is reached, and when the number of rule statements hit by the operation request is less than the preset number threshold, it is determined that the risk judgment end condition is not reached. The number of rule statements hit by the operation request refers to the number of rule statements hit by the operation request in an accumulated manner.
In another embodiment, the risk judgment end condition may also be determined by a risk score corresponding to the operation request, for example, when the risk score corresponding to the operation request is greater than or equal to a preset number threshold, it is judged that the risk judgment end condition is reached, and when the risk score corresponding to the operation request is less than the preset number threshold, it is judged that the risk judgment end condition is not reached. And the risk score corresponding to the operation request is obtained by adding preset risk scores corresponding to the rule sentences hit by the operation request in an accumulated mode. The preset risk scores corresponding to different rule statements may be the same or different.
In another embodiment, the risk judgment end condition may be reached after all the rule sentences in the rule sentence set are selected and executed, that is, after all the rule sentences in the rule sentence set are selected for risk judgment, it indicates that the risk judgment end condition is reached.
Further, when the risk judgment end condition is not satisfied, the computer device may return to step S306 to reselect a rule sentence of the next priority level as a target rule sentence according to the priority order of each rule sentence, and perform step S308 to continue the risk judgment until the risk judgment end condition is satisfied. Namely, after the condition of finishing risk judgment is met, the selection of the rule statement and the risk judgment processing are stopped.
For example, if 5 rule sentences in the rule sentence set are rule sentences A, B, C, D and E respectively according to priority order, then the rule sentence a is selected as a target rule sentence to perform risk judgment on the operation request, and if the risk judgment according to the rule sentence a is completed and the risk judgment end condition is not reached, then the rule sentence B is selected again according to the priority order as the target rule sentence to perform risk judgment on the operation request again, and if the risk judgment according to the rule sentence B is completed and the risk judgment end condition is reached, then the remaining rule sentences are not selected to perform risk judgment processing.
According to the operation risk processing method, the corresponding rule statement sets are configured aiming at different request items in a mode of configuring the rule statements, and risk judgment is sequentially carried out according to the priority of each rule statement in the rule statement sets. Compared with the method that the risk judgment rule is directly and fixedly written in the program code, the method improves the flexibility of operation risk judgment, does not need to add or delete the risk judgment rule in a mode of integrally modifying the code, and therefore improves the efficiency of the whole risk judgment processing.
In addition, the priority of each rule statement in the rule statement set is sequentially subjected to risk judgment, when the risk judgment end condition is not met, the step of selecting the target rule statement according to the priority sequence of each rule statement in the rule statement set is returned to continue the risk judgment, and when the risk judgment end condition is met, the risk judgment is not required to be continued, so that the risk judgment can be completed without executing all the correspondingly configured rule statements, and the resource waste is avoided.
In one embodiment, step S308 includes: acquiring parameter values corresponding to rule judgment parameters in target rule sentences; executing the target rule statement, and judging whether the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement or not; and carrying out risk judgment on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter.
The rule statement is provided with rule judgment parameters and preset conditions corresponding to the rule judgment parameters. The rule judgment parameters are parameters for rule judgment, and it can be understood that, when the rule judgment is performed, it is necessary to judge whether values of parameters meet the rule, and the parameters belong to the rule judgment parameters. The rule judgment parameter includes at least one of time, region, device, IP address, and the number of times of occurrence of the request event. For example, if the rule represented by the rule statement is "whether the time for requesting registration meets the preset condition", the rule determination parameter is the time for initiating the registration request.
The preset condition may be a preset parameter threshold corresponding to the rule judgment parameter, for example, if the rule represented by the rule statement is "judge whether the time of requesting registration is 2: 00-5: 00 a.m", the rule judgment parameter is the time of initiating the registration request, "2: 00-5: 00 a.m" belongs to the preset parameter threshold, that is, the preset condition, and the preset condition may be a preset relationship that the parameter values of the multiple rule judgment parameters satisfy. For example, the rule represented by the rule statement "whether the IP address requested to be registered is not matched with the region requested to be registered", the rule determination parameters are "the IP address initiating the registration request" and "the region initiating the registration request", and the preset condition is "the two rule determination parameters are not matched".
Specifically, the computer device may parse the target rule statement, extract a rule determination parameter in the target rule statement, and search for a corresponding parameter value according to the rule determination parameter. Further, the computer device may execute the target rule statement, substitute a parameter value corresponding to the rule judgment parameter into the target rule statement, and judge whether the parameter value corresponding to the rule judgment parameter meets a corresponding preset condition in the target rule statement. For example, if the rule represented by the rule statement is "judge whether the time for requesting registration is 2: 00-5: 00 in the morning", the rule judgment parameter is the time for initiating the registration request, the acquired corresponding parameter value is 3:12 in the morning, and the corresponding preset condition "2: 00-5: 00 in the morning" is met.
And the computer equipment judges the risk of the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter. Specifically, when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, it is judged that the operation request hits the target rule statement, which indicates that the operation request has the risk represented by the target rule statement. Then, further, whether the operation request is risky may be determined according to all rule statements hit by the operation request, for example, whether the operation request is risky may be determined according to the number of all rule statements hit by the operation request or preset risk scores corresponding to all rule statements hit by the operation request.
In one embodiment, when the parameter value corresponding to the rule judgment parameter does not meet the corresponding preset condition in the target rule statement, it is judged that the operation request does not hit the target rule statement, which indicates that the operation request does not have the risk represented by the target rule statement, and if there are unselected rule statements in the rule statement set at this time, it can be judged that the risk judgment end condition is not met.
In the embodiment, the risk judgment is performed on the operation request in a mode of executing the rule statement, so that the operation request is more convenient and faster, and the consumed risk judgment operation resources are less.
As shown in fig. 4, in an embodiment, the risk judgment (referred to as a risk judgment step) on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter specifically includes the following steps:
s402, when the parameter value corresponding to the rule judgment parameter accords with the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement.
For example, the operation request is a registration request, the rule represented by the target rule statement is that whether the time for requesting registration is 2: 00-5: 00 in the morning is judged, the rule judgment parameter is the time for initiating the registration request, the acquired corresponding parameter value is 3:12 in the morning, and the corresponding preset condition "2: 00-5: 00 in the morning" is met, and then the registration request is judged to hit the target rule statement.
S404, the number of rule statements hit by the operation request is obtained.
It should be noted that, here, the rule statement hit by the operation request includes the current rule statement and a rule statement that is selected before the current rule statement and hit by the operation request.
Specifically, the computer device may obtain the number of all rule statements hit by the operation request in an accumulated manner, that is, the computer device may perform a number statistics on all rule statements hit by the operation request to obtain a counted number.
For example, if 5 rule statements in the rule statement set are rule statements A, B, C, D and E respectively according to priority ordering, then a and B are sequentially selected according to the priority ordering for risk judgment, it is determined that the operation request hits rule statement a, the operation request does not hit rule statement B, when the rule statement C is selected for risk judgment of the operation request, it is determined that the operation request hits rule statement C, and then the number of rule statements hit by the operation request is obtained as 2 (rule statement a and rule statement C).
S406, when the number of the rule statements hit by the operation request is greater than or equal to the preset number threshold, it is determined that a rule judgment end condition is met, and the operation request has a risk.
Specifically, the computer device may compare the number of rule statements hit by the operation request with a preset number threshold, and when the number of rule statements hit by the operation request is greater than or equal to the preset number threshold, it indicates that the risk represented by the rule statements existing in the operation request is relatively high, and reaches a preset risk degree, it is determined that a rule determination end condition is satisfied, and it is determined that the operation request has a risk.
And when the number of the rule statements hit by the operation request is smaller than a preset number threshold, indicating that the risk represented by the rule statements existing in the operation request does not reach a preset risk degree, and judging that the rule judgment end condition is not met.
In the above embodiment, when the number of rule statements hit by the operation request is greater than or equal to the preset number threshold, it is determined that the rule determination end condition is satisfied, and the operation request has a risk, so that risk determination can be completed without executing all the correspondingly configured rule statements, and resource waste is avoided.
In one embodiment, before performing risk judgment on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter, the method further includes: acquiring a current risk value corresponding to the operation request; and the current risk score is obtained by adding preset risk scores corresponding to the rule sentences hit by the operation request currently.
It should be understood that, here, the rule statement hit by the operation request currently refers to the rule statement that is selected before the current target rule statement and hit by the operation request, and does not include the current target rule statement. The current risk score is also obtained by adding the preset risk scores corresponding to the rule statements which are selected before the current target rule statement and hit by the operation request. The preset risk score corresponding to each rule statement may be the same or different.
Specifically, the computer device prestores a corresponding relationship between the rule statement and the preset risk score, and according to the corresponding relationship, the computer device may obtain the preset risk scores respectively corresponding to the rule statements that are selected before the current target rule statement and hit by the operation request, and add the obtained preset risk scores to obtain the current risk score.
In one embodiment, the priority of each rule statement is positively correlated with the preset risk score corresponding to the rule statement, the higher the priority is, the higher the corresponding preset risk score is, and conversely, the lower the priority is, the lower the corresponding preset risk score is.
In this embodiment, as shown in fig. 5, the risk judgment (referred to as a risk judgment step for short) is performed on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter, and specifically includes the following steps:
s502, when the parameter value corresponding to the rule judgment parameter accords with the corresponding preset condition in the target rule statement, the operation request is judged to hit the target rule statement.
S504, a target preset risk score corresponding to the target rule statement hit by the operation request is obtained.
Specifically, the computer device obtains a preset risk score corresponding to a target rule statement hit by the operation request according to a correspondence between a pre-stored rule statement and the preset risk score, that is, the preset risk score is a target preset risk score.
And S506, adding the current risk score and the target preset risk score to obtain a final risk score corresponding to the operation request.
Specifically, the computer device may add the current risk score corresponding to the operation request and the target preset risk score to obtain a final risk score corresponding to the operation request.
And S508, when the final risk score is larger than or equal to the preset risk score threshold, judging that a risk judgment ending condition is met, and the operation request has a risk.
Specifically, a risk score threshold is preset in the computer device, the computer device may compare a final risk score corresponding to the operation request with the preset risk score threshold, and when the final risk score is greater than or equal to the preset risk score threshold, it indicates that the operation request has more risks and reaches a preset risk degree, it is determined that a risk determination end condition is satisfied, and it is determined that the operation request has a risk.
In one embodiment, when the final risk score is smaller than a preset risk score threshold value, it indicates that the risk represented by the rule statement existing in the operation request does not reach a preset risk degree, and it is determined that the rule judgment end condition is not met. It can be understood that the final risk score corresponding to the operation request is the current risk score when the rule judgment end condition is not satisfied and the target rule statement is selected again for risk judgment.
In the above embodiment, when the final risk score corresponding to the operation request is greater than or equal to the preset risk score threshold, it is determined that the risk judgment end condition is satisfied, and the operation request has a risk, so that the risk judgment can be completed without executing all the rule statements correspondingly configured, and resource waste is avoided.
As shown in fig. 6, in an embodiment, the method further includes a rule and statement combining step, specifically including the following steps:
s602, receiving a rule statement combination request carrying a rule statement mark to be combined and a specified rule statement set mark.
The rule sentences to be combined are the rule sentences to be combined, and the specified rule sentence set refers to a specified rule sentence set in which the combined rule sentences are stored.
Specifically, after receiving the rule and statement combination request, the computer device analyzes the rule and statement combination request, and obtains a rule and statement identifier to be combined and a specified rule and statement set identifier carried by the request.
S604, determining the combination sequence among the rules to be combined according to the priority of the rules to be combined corresponding to the rules to be combined.
Specifically, the computer device may obtain the rules to be combined corresponding to the rules to be combined sentence identifications, obtain the priorities corresponding to the rules to be combined sentences, and determine the combination order among the rules to be combined according to the corresponding priorities. In one embodiment, the computer device may determine the combination order of the rule statements to be combined from front to back according to the order of the corresponding priorities from high to low, that is, the combination position of the rule statement to be combined with higher priority is more front, whereas the combination position of the rule statement to be combined with lower priority is more back.
And S606, combining the rule sentences to be combined according to the corresponding combination sequence.
Specifically, the computer device may directly splice and combine the rule statements to be combined with preset connection characters or character strings according to the corresponding combination sequence, and obtain the combined rule statement as a new independent rule statement.
S608, storing the combined rule statement into a rule statement set corresponding to the specified rule statement set identification.
Further, the computer device may determine a rule statement set corresponding to the acquired rule statement set identifier, and store the rule statement obtained after combination into the determined rule statement set.
In the embodiment, the rule sentences can be automatically combined to generate and store new rule sentences, so that manual writing of combined rule sentences is avoided, and the rule sentence combination efficiency is improved.
As shown in fig. 7, in one embodiment, there is provided an operational risk processing apparatus 700, the apparatus 700 comprising: an obtaining module 702, a target rule statement selecting module 704 and a risk judging module 706, wherein:
an obtaining module 702, configured to obtain a request item identifier carried in the received operation request; and acquiring a rule statement set configured corresponding to the request item identifier.
And a target rule statement selecting module 704, configured to select a target rule statement according to a priority order of each rule statement in the rule statement set.
A risk judgment module 706, configured to perform risk judgment on the operation request according to the target rule statement; and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
In one embodiment, the risk determining module 706 is further configured to obtain a parameter value corresponding to a rule determining parameter in the target rule statement; executing the target rule statement, and judging whether the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement; and according to the judgment result of the parameter value corresponding to the rule judgment parameter, carrying out risk judgment on the operation request.
As shown in fig. 8, in one embodiment, the risk determination module 706 includes:
a hit determining module 706a, configured to determine that the operation request hits the target rule statement when the parameter value corresponding to the rule determining parameter meets a corresponding preset condition in the target rule statement.
And a hit number determining module 706b, configured to obtain the number of rule statements hit by the operation request.
And an ending judgment module 706c, configured to judge that a rule judgment ending condition is met and the operation request has a risk when the number of rule statements hit by the operation request is greater than or equal to a preset number threshold.
In one embodiment, the risk judgment module 706 is further configured to obtain a current risk score corresponding to the operation request; the current risk score is obtained by adding preset risk scores corresponding to rule sentences hit by the operation request currently; when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement; acquiring a target preset risk score corresponding to the target rule statement hit by the operation request; adding the current risk score and the target preset risk score to obtain a final risk score corresponding to the operation request; and when the final risk score is greater than or equal to a preset risk score threshold value, judging that a risk judgment ending condition is met, and the operation request has a risk.
In an embodiment, the obtaining module 702 is further configured to receive a rule and statement combination request carrying a rule and statement identifier to be combined and a specified rule and statement set identifier. In this embodiment, as shown in fig. 9, the apparatus 700 further includes:
a combination order determining module 708, configured to determine a combination order among the rules to be combined according to the priority of the rule to be combined corresponding to the rule to be combined statement identifier.
And the rule statement combining module 710 is configured to combine the rule statements to be combined according to the corresponding combining sequence.
And a combined statement storage module 712, configured to store the combined rule statement into the rule statement set corresponding to the specified rule statement set identifier.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having stored therein computer-readable instructions that, when executed by the processor, cause the processor to perform the steps of:
acquiring a request item identifier carried in a received operation request;
acquiring a rule statement set configured corresponding to the request item identifier;
selecting a target rule statement according to the priority order of each rule statement in the rule statement set;
carrying out risk judgment on the operation request according to the target rule statement;
and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
In one embodiment, the performing risk judgment on the operation request according to the target rule statement includes:
acquiring parameter values corresponding to rule judgment parameters in the target rule statement;
executing the target rule statement, and judging whether the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement;
and according to the judgment result of the parameter value corresponding to the rule judgment parameter, carrying out risk judgment on the operation request.
In an embodiment, the performing, according to the judgment result of the parameter value corresponding to the rule judgment parameter, a risk judgment on the operation request includes:
when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement;
acquiring the number of rule statements hit by the operation request;
and when the number of the rule statements hit by the operation request is greater than or equal to a preset number threshold, judging that a rule judgment end condition is met, and risking the operation request.
In one embodiment, before the risk determination of the operation request is performed according to the determination result of the parameter value corresponding to the rule determination parameter, the computer readable instructions when executed by the processor further cause the processor to perform the following steps:
acquiring a current risk score corresponding to the operation request; the current risk score is obtained by adding preset risk scores corresponding to rule sentences hit by the operation request currently;
the step of performing risk judgment on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter comprises the following steps:
when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement;
acquiring a target preset risk score corresponding to the target rule statement hit by the operation request;
adding the current risk score and the target preset risk score to obtain a final risk score corresponding to the operation request;
and when the final risk score is greater than or equal to a preset risk score threshold value, judging that a risk judgment ending condition is met, and the operation request has a risk.
In one embodiment, the computer readable instructions, when executed by the processor, further cause the processor to perform the steps of:
receiving a rule statement combination request carrying a statement identifier of a rule to be combined and an appointed rule statement set identifier;
determining a combination sequence among the rules to be combined according to the priority of the rules to be combined corresponding to the rules to be combined;
combining the rule sentences to be combined according to the corresponding combination sequence;
and storing the combined rule statement into a rule statement set corresponding to the specified rule statement set identification.
A storage medium storing computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
acquiring a request item identifier carried in a received operation request;
acquiring a rule statement set configured corresponding to the request item identifier;
selecting a target rule statement according to the priority order of each rule statement in the rule statement set;
carrying out risk judgment on the operation request according to the target rule statement;
and when the risk judgment end condition is not met, returning to the step of selecting the target rule statement according to the priority order of each rule statement in the rule statement set so as to continue the risk judgment until the risk judgment end condition is met.
In one embodiment, the performing risk judgment on the operation request according to the target rule statement includes:
acquiring parameter values corresponding to rule judgment parameters in the target rule statement;
executing the target rule statement, and judging whether the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement;
and according to the judgment result of the parameter value corresponding to the rule judgment parameter, carrying out risk judgment on the operation request.
In an embodiment, the performing, according to the judgment result of the parameter value corresponding to the rule judgment parameter, a risk judgment on the operation request includes:
when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement;
acquiring the number of rule statements hit by the operation request;
and when the number of the rule statements hit by the operation request is greater than or equal to a preset number threshold, judging that a rule judgment end condition is met, and risking the operation request.
In one embodiment, before the risk determination of the operation request is performed according to the determination result of the parameter value corresponding to the rule determination parameter, the computer readable instructions when executed by the processor further cause the processor to perform the following steps:
acquiring a current risk score corresponding to the operation request; the current risk score is obtained by adding preset risk scores corresponding to rule sentences hit by the operation request currently;
the step of performing risk judgment on the operation request according to the judgment result of the parameter value corresponding to the rule judgment parameter comprises the following steps:
when the parameter value corresponding to the rule judgment parameter meets the corresponding preset condition in the target rule statement, judging that the operation request hits the target rule statement;
acquiring a target preset risk score corresponding to the target rule statement hit by the operation request;
adding the current risk score and the target preset risk score to obtain a final risk score corresponding to the operation request;
and when the final risk score is greater than or equal to a preset risk score threshold value, judging that a risk judgment ending condition is met, and the operation request has a risk.
In one embodiment, the computer readable instructions, when executed by the processor, further cause the processor to perform the steps of:
receiving a rule statement combination request carrying a statement identifier of a rule to be combined and an appointed rule statement set identifier;
determining a combination sequence among the rules to be combined according to the priority of the rules to be combined corresponding to the rules to be combined;
combining the rule sentences to be combined according to the corresponding combination sequence;
and storing the combined rule statement into a rule statement set corresponding to the specified rule statement set identification.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the computer program is executed. The storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above examples only show some embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.