CN108615158B - Risk detection method and device, mobile terminal and storage medium - Google Patents
Risk detection method and device, mobile terminal and storage medium Download PDFInfo
- Publication number
- CN108615158B CN108615158B CN201810239614.3A CN201810239614A CN108615158B CN 108615158 B CN108615158 B CN 108615158B CN 201810239614 A CN201810239614 A CN 201810239614A CN 108615158 B CN108615158 B CN 108615158B
- Authority
- CN
- China
- Prior art keywords
- rule
- risk detection
- template
- risk
- setting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 126
- 230000009471 action Effects 0.000 claims abstract description 31
- 238000012544 monitoring process Methods 0.000 claims abstract description 30
- 230000006870 function Effects 0.000 claims description 24
- 238000000034 method Methods 0.000 claims description 20
- 230000003993 interaction Effects 0.000 claims description 6
- 230000000873 masking effect Effects 0.000 claims description 2
- 230000004044 response Effects 0.000 abstract description 4
- 238000012545 processing Methods 0.000 description 7
- 230000004048 modification Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 230000005236 sound signal Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000007599 discharging Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000005484 gravity Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000010897 surface acoustic wave method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/16—Real estate
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/405—Establishing or using transaction specific rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/16—Real estate
- G06Q50/167—Closing
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Economics (AREA)
- Tourism & Hospitality (AREA)
- Finance (AREA)
- Marketing (AREA)
- Development Economics (AREA)
- Computer Security & Cryptography (AREA)
- Primary Health Care (AREA)
- General Health & Medical Sciences (AREA)
- Entrepreneurship & Innovation (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Quality & Reliability (AREA)
- Operations Research (AREA)
- Game Theory and Decision Science (AREA)
- Educational Administration (AREA)
- Technology Law (AREA)
- Telephone Function (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to the field of Internet risks, in particular to a risk detection method, a risk detection device, a mobile terminal and a storage medium. A risk detection method, the risk detection method comprising: selecting a business system, setting a risk detection rule template in the business system, setting rule conditions and rule actions for execution in the risk detection rule template, and setting rule trigger thresholds in the rule conditions; setting a monitor program to monitor all data requests received in a service system; and verifying the data request received in the monitoring service system through a rule trigger threshold in the risk detection rule template, judging whether the data request is in a risk range, and entering an execution program through a rule action for execution. The technical scheme is simple and easy to use, and saves labor and time cost; the detection rule matching response speed is high, and the influence degree on the system is small.
Description
Technical Field
The invention relates to the field of Internet risks, in particular to a risk detection method, a risk detection device, a mobile terminal and a storage medium.
Background
In a real estate transaction business system, risk detection needs to be performed on various business operations, and various risk detection rules need to be correspondingly inserted into business logic. Risk detection rules in real estate transactions are usually implemented by software developers by modifying background codes of a business system; in the use of the risk detection rule, the business rule and the risk detection are often in linear butt joint, and when a professional developer carries out an operation request on the business, the professional developer can visit the risk detection rule; in addition, the system risk detection rules are extremely difficult to split from the business rules.
The prior art risk detection has the following main defects: software developers manually modify background codes, the operation is complicated, the response speed of the system is reduced, and the access and the use of other systems are inconvenient.
Aiming at the defects, the technical scheme provides the risk detection system for rule modification and access in the real estate transaction system, and professional software developers are not required to modify the risk detection system, so that the modification difficulty of the risk detection rules is reduced, the normal service request is not influenced when the risk detection rules are matched, and the normal system response speed is not influenced.
Disclosure of Invention
The invention aims to provide a risk detection method, a risk detection device, a mobile terminal and a storage medium, so as to overcome the defects in the background art. The modification of traditional risk detection rules is limited to the need for professionals; the system access requirement is high, and the access use of other systems is inconvenient; and reducing the response speed of the normal service request of the system during risk detection.
In order to achieve the above purpose, the invention provides the following technical scheme:
a risk detection method comprises the following specific steps: s1: selecting a business system, setting a risk detection rule template in the business system, setting rule conditions and rule actions for execution in the risk detection rule template, and setting rule trigger thresholds in the rule conditions; s2: setting a monitor program to monitor all data requests received in a service system; s3: and verifying the data request received in the monitoring service system through a rule trigger threshold in the risk detection rule template, judging whether the data request is in a risk range, and executing a corresponding countermeasure through a rule action.
In one embodiment, the step S1 includes: s101: selecting a business system, customizing a risk detection rule template for risk detection according to business functions of the business system and other business systems performing data interaction with the business system, and setting rule conditions and rule actions for execution in the rule template; s102: and loading a specific rule engine analysis risk detection rule template by the service system, importing the template when the template is used, and then generating a corresponding risk detection rule, wherein the rule can be updated on line only by modifying and importing the template.
In one embodiment, the step S2 includes: s201: a monitor is set in the system for monitoring all data request contents, S202: and storing the monitored content to a preset position in the monitor.
In one embodiment, the step S3 includes: s301: calling a corresponding risk detection rule according to the monitored data request content, and matching the requested service function with a rule trigger threshold function corresponding to a risk detection rule template; s302: if the content of the data request is within the rule triggering threshold, risks exist, corresponding countermeasures are executed according to the rule action for execution, and an alarm prompt is sent out; s303: if the content of the data request is not within the rule trigger threshold, no risk exists, and the data request is imported into an execution queue of normal business logic.
In one embodiment, the risk detection method further includes setting different risk detection rules for different real estate transaction systems, where any risk detection rule corresponds to a set of identification rules for determining whether the request is an illegal request.
In one embodiment, the rule trigger threshold employs a preset risk operation characteristic list, which contains the operation characteristics of accessing the underlying file and calling non-business data request to system operation.
In one embodiment, the countermeasure includes masking the requestor IP address or locking the operating account number issued by the request.
Based on the same technical concept, the invention also provides a risk detection device, which comprises a setting module, a monitoring module and a checking module.
The setting module is used for selecting a business system, setting a risk detection rule template in the business system, setting rule conditions and rule actions for execution in the risk detection rule template, and setting rule trigger thresholds in the rule conditions; the monitoring module is used for setting a monitoring program and monitoring all data requests received in the service system; the checking module is used for checking the data request received in the monitoring service system through a rule triggering threshold value in the risk detection rule template, judging whether the data request is in a risk range or not, and executing a corresponding countermeasure through a rule action.
Based on the same technical concept, the invention also provides a mobile terminal, which comprises:
a touch-sensitive display; a memory; one or more processors;
the one or more processors are configured for performing the steps of the above-described method.
Based on the same technical concept, the present invention also provides a storage medium storing computer readable instructions, which when executed by one or more processors, cause the one or more processors to perform the steps of the above method.
According to the risk detection method, the risk detection device, the mobile terminal and the storage medium, a business system is selected, a risk detection rule template for risk detection is customized according to business functions of the business system and other business systems performing data interaction with the business system, and rule conditions and rule actions for execution are set in the risk detection rule template; setting a monitoring program in a service system for monitoring all data requests received in the service system; the process of processing the business logic by the business system and the application of the risk detection rule are operated by asynchronous threads, when the monitoring of the request data and the matching process of the risk detection rule template are carried out, the business logic of the system is normally operated, whether the request is in a risk range is judged by matching the data request with the risk detection rule, and a corresponding countermeasure is executed by rule action.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention.
FIG. 1 is a flowchart illustrating an overall implementation of risk detection according to an embodiment of the present invention;
FIG. 2 is a flowchart of setting a risk detection rules template according to an embodiment of the present invention;
FIG. 3 is a flow chart of a setup procedure for a monitor according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating risk detection rule verification according to an embodiment of the present invention;
FIG. 5 is a block diagram of the structural framework of the risk detection device in an embodiment of the present invention;
fig. 6 is a schematic block diagram of an embodiment of a structure of a mobile terminal part according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In one embodiment, as shown in fig. 1, the present invention provides a technical solution:
a risk detection method comprises the following specific steps:
s1: selecting a business system, setting a risk detection rule template in the business system, setting rule conditions and rule actions for execution in the risk detection rule template, and setting rule trigger thresholds in the rule conditions.
The risk detection rule template is a risk detection rule template for risk detection, which is set in a real estate transaction system during risk detection, and is internally provided with rule conditions for limiting risk detection and rule actions for executing, wherein the rule actions are used for specifying risk detection steps, and the risk detection rule template is realized by changing the rule conditions and the rule actions for executing, which are set on the template, when the risk detection rule template needs to be updated. The risk detection means that a risk manager takes various measures and methods to eliminate or reduce the entrance or occurrence of risks when data is requested in the real estate transaction system so as to reduce the loss of data information caused by the occurrence of the risks.
S2: and setting a monitor program to monitor all data requests received in the service system.
The monitoring program is a Trojan horse program implanted in the real estate transaction system and used for backing up all data request contents in the real estate transaction system and uploading the data request contents to a fixed position in the real estate transaction system through network connection or WIFI; the monitoring principle is GSM, and is to encode, encrypt and interleave a voice signal channel on a system channel to form a burst pulse train, and then to transmit the burst pulse train after modulation. At the receiving end of the real estate transaction system, the signals are demodulated, then de-interleaved, channel decoded and voice decoded, and then are restored into voice signals in the real estate transaction system; the GSM system adopts a narrow-band Time Division Multiple Access (TDMA) technology in the transmission process, the bandwidth of each carrier frequency channel of the GSM system is 200KHz, each frame has 8 time slots, theoretically, one radio frequency is allowed to simultaneously carry out 8 groups of interaction, the length of each time slot is 0.577ms, the frame duration is 4.615ms, namely, the time is divided into periodic frames, each frame is divided into a plurality of time slots, then, according to a specific time slot distribution principle, a mobile phone user sends signals to a base station according to the specified time slots in each frame, the base station respectively receives different data request signals in the respectively specified time slots, simultaneously, the base station also sends signals to different real estate transaction systems according to the specified time slots, and each user receives the signals in the specified time slots.
S3: and verifying the data request received in the monitoring service system through a rule trigger threshold in the risk detection rule template, judging whether the data request is in a risk range, and executing a corresponding countermeasure through a rule action.
And verifying the data request in the real estate transaction system, and judging whether the request data is in a risk range or not by comparing and matching the request data with the data template in the real estate transaction system. The corresponding countermeasures comprise shielding an IP address of a requester, an operation account sent by a locking request and the like.
In one embodiment, as shown in fig. 2, the step S1 includes steps S101 to S103:
s101: selecting a business system, customizing a risk detection rule template for risk detection according to business functions of the business system and other business systems with which the business system performs data interaction, and setting rule conditions and rule actions for execution in the risk detection rule template.
And (4) setting a risk detection rule template in a self-defined manner, wherein rule conditions for limiting risk detection and rule actions for executing the specified risk detection steps are set in the template. The rule conditions and the rule actions for execution cooperate together for control of risk monitoring in the real estate transaction system.
A rule trigger threshold is set in the rule condition, and the threshold, also called a critical value, refers to the lowest value or the highest value that an effect can produce. The maximum value and the minimum value of the request data in the risk range are set by the user as rule thresholds for verifying whether the request data is in the risk range, and the template for setting the risk threshold in the house property transaction system background by the user can be updated. When a data request is received, the content of the data request is matched with a rule triggering threshold value to judge whether the data request is in a risk range.
S102: the business system loads a specific rule engine to analyze the risk detection rule template, and when the rule template is used, the corresponding risk detection rule is generated after the template is imported, and the online rule updating can be completed only by modifying and importing the template.
The risk detection rule template is internally provided with a rule name, a trigger condition, a priority and an execution.
For example, when parsing the risk detection rule template, the method of parse () is used to parse or display, as shown in table 1:
TABLE 1
The first parameter is the name of the view file (in this example, the file name is blog template. php), and the second parameter is an associative array that contains the data to replace the template. In the above example, the template will contain two variables: { blog _ title } and { blog _ header }.
There is no need to echo or otherwise process the results returned by the $ this- > parser- > parse () method, which will automatically save to the output class to be sent to the browser. However, if it is desired to return the data rather than store it in the output class, a third parameter may be set to TRUE, as shown in Table 2:
TABLE 2
In one embodiment, as shown in fig. 3, step S2 includes steps S201 to 5202:
s201: setting a monitoring program in the system for monitoring all data request contents;
creating a monitor, firstly selecting an Oracle on a computer, then selecting a 'configuration and value shifting tool', and opening an Oracle Net Manager; then select "listener", click on the "+" icon on the left, and effect creation of the listener. The monitoring program is used for monitoring the received data request and judging whether the monitored data request content is in a risk range.
S202: and storing the monitored content to a preset position in the monitor.
After monitoring the data request content, the listener is connected with a front-end codec through a computer system server, downloads data through a streaming media protocol, and then stores the monitored data request content into a preset position in the listener.
In one embodiment, as shown in fig. 4, step S3 includes steps S301 to S302:
s301: calling a corresponding risk detection rule according to the monitored data request content, and matching the requested service function with a rule trigger threshold function corresponding to a risk detection rule template;
and calling a corresponding risk detection rule, and judging whether the request is in a risk range according to the matching of the service function of the request and a rule trigger threshold corresponding to a risk detection rule template. The rule triggering threshold value can be realized by prefabricating a risk operation characteristic list, wherein known risk operation characteristics are stored in the risk operation characteristic list, and operation characteristics such as bottom-layer file access and operation, calling of system-level operation and other non-business data requests or instruction requests can also be stored in the risk operation characteristic list, so that the security risk caused by the vulnerability of the development code in the business function can be prevented;
s302: if the content of the data request is within the rule triggering threshold, risks exist, corresponding countermeasures are executed according to the rule action for execution, and an alarm prompt is sent out;
and if the risk exists, executing the instruction of the rule action for execution in the risk detection rule template according to the matching result. Such as the IP address of the blocking requester and the operation account number issued by the locking request.
S303: if the content of the data request is not within the rule trigger threshold, no risk exists, and the data request is imported into an execution queue of normal business logic.
And judging whether the request has no risk according to the matching of the service function of the request and a rule trigger threshold corresponding to a risk detection rule template, and directly processing the request through a normal service logic channel.
Based on the same technical concept, the present invention also provides a risk detection apparatus, as shown in fig. 5, including:
the system comprises a setting module, a risk detection rule template and a rule triggering threshold, wherein the setting module is used for selecting a business system, the risk detection rule template is internally provided with rule conditions and rule actions for execution, and the rule conditions are internally provided with rule triggering thresholds;
the monitoring module is used for setting a monitoring program and monitoring all data requests received in the service system;
and the checking module is used for checking the data request received in the monitoring service system through the rule trigger threshold in the risk detection rule template, judging whether the data request is in a risk range or not, and executing a corresponding strategy through a rule action.
Based on the same technical concept, the present invention further provides a mobile terminal for implementing a method for risk detection across mobile applications, as shown in fig. 6, for convenience of description, only a portion related to 20 in the embodiment of the present invention is shown, and please refer to the method portion in the embodiment of the present invention for details that are not disclosed. The terminal may be any terminal device including a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (Point of Sales), a vehicle-mounted computer, etc., taking the mobile terminal as the mobile phone as an example:
fig. 6 is a block diagram illustrating a partial structure of a mobile phone related to a mobile terminal according to an embodiment of the present invention. Referring to fig. 6, the handset includes: baseband processing module 410, memory 420, input unit 430, display unit 440, sensor 450, audio circuit 460, Wireless Fidelity (WiFi) module 470, processor 480, and power supply 490. Those skilled in the art will appreciate that the handset configuration shown in fig. 6 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
The baseband processing module 410 may be used to synthesize a baseband signal to be transmitted or decode a received baseband signal. Specifically, the audio signal is compiled into a baseband code for transmission when being transmitted; upon reception, the received baseband code is interpreted as an audio signal. Meanwhile, it is also responsible for compiling address information, text information (short message text, website and text), and picture information.
The memory 420 may be used to store software programs and modules, and the processor 480 executes various functional applications and data processing of the mobile phone by operating the software programs and modules stored in the memory 420. The memory 420 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 420 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The input unit 430 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the cellular phone. Specifically, the input unit 430 may include a touch panel 431 and other input devices 432. The touch panel 431, also called a touch screen, may collect touch operations of a user on or near the touch panel 431 (e.g., operations of the user on or near the touch panel 431 using any suitable object or accessory such as a finger or a stylus) and drive the corresponding connection device according to a preset program. Alternatively, the touch panel 431 may include two parts of a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 480, and receives and executes commands sent from the processor 480. In addition, the touch panel 431 may be implemented in various types, such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. The input unit 430 may include other input devices 432 in addition to the touch panel 431. In particular, other input devices 432 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 440 may be used to display information input by the user or information provided to the user and various menus of the cellular phone. The Display unit 440 may include a Display panel 441, and optionally, the Display panel 441 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch panel 431 can cover the display panel 441, and when the touch panel 431 detects a touch operation on or near the touch panel 431, the touch operation is transmitted to the processor 480 to determine the type of the touch event, and then the processor 480 provides a corresponding visual output on the display panel 441 according to the type of the touch event. Although in fig. 6, the touch panel 431 and the display panel 441 are two independent components to implement the input and output functions of the mobile phone, in some embodiments, the touch panel 431 and the display panel 441 may be integrated to implement the input and output functions of the mobile phone.
The handset may also include at least one sensor 450, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that adjusts the brightness of the display panel 441 according to the brightness of ambient light, and a proximity sensor that turns off the display panel 441 and/or the backlight when the mobile phone is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the magnitude of acceleration in each direction (generally three axes), detect the magnitude and direction of gravity when stationary, and can be used for applications of recognizing gestures of a mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometers and taps), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the mobile phone, further description is omitted here.
WiFi belongs to a short-distance wireless transmission technology, and the mobile phone can help a user to receive and send emails, browse webpages, access streaming media and the like through the WiFi module 470, and provides wireless broadband internet access for the user. Although fig. 6 shows the WiFi module 470, it is understood that it does not belong to the essential constitution of the handset, and can be omitted entirely as needed within the scope not changing the essence of the invention.
The processor 480 is a control center of the mobile phone, connects various parts of the entire mobile phone by using various interfaces and lines, and performs various functions of the mobile phone and processes data by operating or executing software programs and/or modules stored in the memory 420 and calling data stored in the memory 420, thereby integrally monitoring the mobile phone. Optionally, processor 480 may include one or more processing units; preferably, the processor 480 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated within processor 480.
The handset also includes a power supply 490 (e.g., a battery) for powering the various components, which may preferably be logically connected to the processor 480 via a power management system, so that the power management system may perform functions such as managing charging, discharging, and power consumption.
Although not shown, the mobile phone may further include a camera, a bluetooth module, etc., which are not described herein.
In the embodiment of the present invention, the processor 480 included in the terminal may execute the steps of the risk detection method in the above embodiment.
Based on the same technical concept, the present invention also provides a storage medium storing computer-readable instructions, which when executed by one or more processors, cause the one or more processors to perform the steps of the risk detection method in the above embodiments.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by hardware that is instructed to implement by a program, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above-mentioned embodiments only express some exemplary embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention. Therefore, the protection scope of the present patent should be subject to the appended claims.
Claims (8)
1. A risk detection method, characterized in that the risk detection method comprises:
s1: selecting a business system, setting a risk detection rule template in the business system, setting rule conditions and rule actions for execution in the risk detection rule template, and setting rule trigger thresholds in the rule conditions; the risk detection rule template is realized by changing rule conditions set on the template and rule actions used for execution when the risk detection rule template needs to be updated;
s2: setting a monitor program to monitor all data requests received in a service system; the monitoring principle is GSM, which encodes, encrypts and interleaves a voice signal channel on a system channel to form a burst pulse string, and transmits the burst pulse string after modulation;
s3: verifying a data request received in a monitoring service system through a rule trigger threshold in a risk detection rule template, judging whether the data request is in a risk range, and executing a corresponding countermeasure through a rule action;
the step S1 includes:
s101: selecting a business system, customizing a risk detection rule template for risk detection according to business functions of the business system and other business systems performing data interaction with the business system, and setting rule conditions and rule actions for execution in the rule template;
s102: a specific rule engine is loaded by a business system to analyze a risk detection rule template, a corresponding risk detection rule is generated after the template is imported when the rule template is used, and the online updating rule can be completed only by modifying and importing the template; wherein, when the risk detection rule template is analyzed, a parse () method is used for analyzing or displaying;
the step S2 includes:
s201: setting a monitoring program in the system for monitoring all data request contents;
s202: storing the monitored content to a preset position in a monitor;
the storing the monitored content to a preset position in the monitor comprises: the method comprises the steps of connecting a front-end coder-decoder through a computer system server, downloading data through a streaming media protocol, and then storing monitored data request content into a preset position in a monitor.
2. The risk detection method of claim 1, wherein said step S3 includes:
s301: calling a corresponding risk detection rule according to the monitored data request content, and matching the requested service function with a rule trigger threshold function corresponding to a risk detection rule template;
s302: if the content of the data request is within the rule triggering threshold, risks exist, corresponding countermeasures are executed according to the rule action for execution, and an alarm prompt is sent out;
s303: if the content of the data request is not within the rule triggering threshold value, no risk exists, and the data request is imported into an execution queue of normal business logic.
3. The risk detection method of claim 1, further comprising setting different risk detection rules for different real estate transaction systems, wherein any risk detection rule corresponds to a set of identification rules for determining whether the request is an illegal request.
4. The risk detection method of claim 1, wherein the rule trigger threshold is a preset risk operation characteristic list, and the risk operation characteristic list comprises operation characteristics of accessing an underlying file and calling a non-business class data request for system operation.
5. A risk detection method as claimed in claim 1, wherein said countermeasures include masking of the requestor IP address or the operation account from which the lock request was issued.
6. The risk detection device is characterized by comprising a setting module, a monitoring module and a checking module:
the setting module is used for selecting a business system, setting a risk detection rule template in the business system, setting a rule condition and a rule action for execution in the risk detection rule template, and setting a rule trigger threshold in the rule condition; the risk detection rule template is realized by changing rule conditions set on the template and rule actions used for execution when the risk detection rule template needs to be updated;
the monitoring module is used for setting a monitoring program and monitoring all data requests received in the service system; the monitoring principle is GSM, which encodes, encrypts and interleaves a voice signal channel on a system channel to form a burst pulse string, and transmits the burst pulse string after modulation;
the checking module is used for checking the data request received in the monitoring service system through a rule triggering threshold value in the risk detection rule template, judging whether the data request is in a risk range or not, and executing a corresponding countermeasure through a rule action;
the setting module is further configured to: selecting a business system, customizing a risk detection rule template for risk detection according to business functions of the business system and other business systems performing data interaction with the business system, and setting rule conditions and rule actions for execution in the rule template; a specific rule engine is loaded by a business system to analyze a risk detection rule template, a corresponding risk detection rule is generated after the template is imported when the rule template is used, and the online updating rule can be completed only by modifying and importing the template; when the risk detection rule template is analyzed, a parse () method is used for analyzing or displaying;
the monitoring module is further configured to: setting a monitoring program in the system for monitoring all data request contents; storing the monitored content to a preset position in a monitor;
the monitoring module is further configured to: the method comprises the steps of connecting a front-end coder-decoder through a computer system server, downloading data through a streaming media protocol, and then storing monitored data request content into a preset position in a monitor.
7. A mobile terminal, comprising:
a touch-sensitive display;
a memory;
one or more processors;
the one or more processors are configured to perform the steps of the method of any one of claims 1 to 5.
8. A storage medium storing computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the method of any one of claims 1 to 5.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810239614.3A CN108615158B (en) | 2018-03-22 | 2018-03-22 | Risk detection method and device, mobile terminal and storage medium |
| PCT/CN2018/104729 WO2019179068A1 (en) | 2018-03-22 | 2018-09-08 | Risk detection method and device, and mobile terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810239614.3A CN108615158B (en) | 2018-03-22 | 2018-03-22 | Risk detection method and device, mobile terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108615158A CN108615158A (en) | 2018-10-02 |
| CN108615158B true CN108615158B (en) | 2022-09-30 |
Family
ID=63659313
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810239614.3A Active CN108615158B (en) | 2018-03-22 | 2018-03-22 | Risk detection method and device, mobile terminal and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108615158B (en) |
| WO (1) | WO2019179068A1 (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110515975A (en) * | 2019-07-17 | 2019-11-29 | 阿里巴巴集团控股有限公司 | Risk detecting system, method and device |
| CN112307480B (en) * | 2019-07-24 | 2023-09-05 | 中移互联网有限公司 | Risk analysis method and device for equipment where application software is located |
| CN110995688B (en) * | 2019-11-27 | 2021-11-16 | 深圳申朴信息技术有限公司 | Personal data sharing method and device for internet financial platform and terminal equipment |
| CN112288439A (en) * | 2020-11-23 | 2021-01-29 | 中信银行股份有限公司 | Risk assessment method and device, electronic equipment and readable storage medium |
| CN114913005A (en) * | 2022-06-21 | 2022-08-16 | 中银金融科技有限公司 | Mobile risk data detection method, mobile risk data detection system, electronic device and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107231042A (en) * | 2017-03-31 | 2017-10-03 | 国网山东省电力公司日照供电公司 | Circuit-breaker remote control operation on-site monitoring prior-warning device and its implementation |
| CN107465668A (en) * | 2017-07-17 | 2017-12-12 | 广州慧睿思通信息科技有限公司 | A kind of GSM mobile handset speech monitoring method |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1835014A (en) * | 2006-03-28 | 2006-09-20 | 阿里巴巴公司 | Method and system of monitoring on-line service risk |
| CN104050182A (en) * | 2013-03-13 | 2014-09-17 | Sap股份公司 | Configurable rule for monitoring data of in-memory database |
| CN103927485A (en) * | 2014-04-24 | 2014-07-16 | 东南大学 | Android application program risk assessment method based on dynamic monitoring |
| CN105701708A (en) * | 2014-11-25 | 2016-06-22 | 航天信息股份有限公司 | Risk management method and risk management system |
| CN107645482B (en) * | 2016-07-22 | 2020-08-07 | 创新先进技术有限公司 | Risk control method and device for business operation |
| CN107767021A (en) * | 2017-09-12 | 2018-03-06 | 阿里巴巴集团控股有限公司 | A kind of risk control method and equipment |
-
2018
- 2018-03-22 CN CN201810239614.3A patent/CN108615158B/en active Active
- 2018-09-08 WO PCT/CN2018/104729 patent/WO2019179068A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107231042A (en) * | 2017-03-31 | 2017-10-03 | 国网山东省电力公司日照供电公司 | Circuit-breaker remote control operation on-site monitoring prior-warning device and its implementation |
| CN107465668A (en) * | 2017-07-17 | 2017-12-12 | 广州慧睿思通信息科技有限公司 | A kind of GSM mobile handset speech monitoring method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2019179068A1 (en) | 2019-09-26 |
| CN108615158A (en) | 2018-10-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108615158B (en) | Risk detection method and device, mobile terminal and storage medium | |
| CN107908952B (en) | Method and device for identifying real machine and simulator and terminal | |
| CN107943683B (en) | Test script generation method and device, electronic equipment and storage medium | |
| CN104852885B (en) | Method, device and system for verifying verification code | |
| CN106201491B (en) | Mobile terminal and method and device for controlling remote assistance process of mobile terminal | |
| CN108156508B (en) | Barrage information processing method and device, mobile terminal, server and system | |
| US9329661B2 (en) | Information processing method and electronic device | |
| CN108334272B (en) | Control method and mobile terminal | |
| WO2018049893A1 (en) | Data transmission method and terminal device | |
| WO2015027856A1 (en) | Information feedback method, apparatus, and terminal | |
| CN112540996B (en) | Service data verification method and device, electronic equipment and storage medium | |
| CN111459362A (en) | Information display method, information display device, electronic apparatus, and storage medium | |
| US11520841B2 (en) | Information recommendation method, terminal device, and server | |
| CN110069407B (en) | Function test method and device for application program | |
| CN106708555B (en) | A kind of method and apparatus loading plug-in unit | |
| JP6974620B2 (en) | Notification message processing method and terminal | |
| CN106230919B (en) | File uploading method and device | |
| CN109145598B (en) | Virus detection method and device for script file, terminal and storage medium | |
| CN107341094A (en) | The time-consuming measuring method of startup item and device | |
| CN106709330B (en) | Method and device for recording file execution behaviors | |
| CN108810274A (en) | Using startup method, apparatus, storage medium and the terminal of miscellaneous function | |
| CN107317908B (en) | A kind of user knows method for distinguishing, terminal and storage medium | |
| CN112418835B (en) | Method and related device for testing online banking payment process | |
| US9633227B2 (en) | Method, apparatus, and system of detecting unauthorized data modification | |
| CN108509121B (en) | Display method and device and mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |