CN109409502A - Generation method, device, equipment and the storage medium of anti-fraud model - Google Patents
Generation method, device, equipment and the storage medium of anti-fraud model Download PDFInfo
- Publication number
- CN109409502A CN109409502A CN201811127135.9A CN201811127135A CN109409502A CN 109409502 A CN109409502 A CN 109409502A CN 201811127135 A CN201811127135 A CN 201811127135A CN 109409502 A CN109409502 A CN 109409502A
- Authority
- CN
- China
- Prior art keywords
- information
- fraud
- model
- branch information
- branch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 239000000284 extract Substances 0.000 claims description 19
- 230000015654 memory Effects 0.000 claims description 14
- 238000013527 convolutional neural network Methods 0.000 claims description 10
- 238000012549 training Methods 0.000 claims description 10
- 230000006399 behavior Effects 0.000 claims description 9
- 230000000694 effects Effects 0.000 claims description 9
- 238000000605 extraction Methods 0.000 claims description 7
- 241000209202 Bromus secalinus Species 0.000 claims description 4
- 238000013499 data model Methods 0.000 claims description 3
- 238000012217 deletion Methods 0.000 claims description 3
- 230000037430 deletion Effects 0.000 claims description 3
- 238000010276 construction Methods 0.000 abstract description 5
- 238000010801 machine learning Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 6
- 238000012360 testing method Methods 0.000 description 6
- 230000008901 benefit Effects 0.000 description 5
- 230000008859 change Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000008676 import Effects 0.000 description 2
- 238000012804 iterative process Methods 0.000 description 2
- 230000000717 retained effect Effects 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- General Physics & Mathematics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Computational Linguistics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Marketing (AREA)
- Economics (AREA)
- Health & Medical Sciences (AREA)
- Development Economics (AREA)
- Artificial Intelligence (AREA)
- Biomedical Technology (AREA)
- Biophysics (AREA)
- Technology Law (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Generation method, device, equipment and the storage medium of the invention discloses a kind of anti-fraud model based on machine learning, the described method includes: obtaining the default sample information for cheating regular stream information and customer transaction, sample information is put into default cheat and is analyzed to obtain hit branch information and similar branch information in regular stream information;Hit branch information and similar branch information are finely divided and generate intended branch information;The fraud characteristic information in intended branch information is extracted, and default anti-fraud model is trained, generates that target is counter to cheat model.The present invention is by obtaining the hit branch information and similar branch information cheated in regular stream information, and as fraud characteristic information, fraud characteristic information is trained default anti-fraud model, to be extracted in advance to the validity feature information in fraud regular flow, anti- fraud model is trained by effective characteristic information, to reduce model construction time and cost.
Description
Technical field
The present invention relates to technical field of data processing, more particularly to a kind of generation method, device, the equipment of anti-fraud model
And storage medium.
Background technique
Following procedure is usually required for the anti-modeling for cheating rule under normal circumstances, firstly, to the transaction data of user
It is pre-processed, there is serious unbalanced situation for transaction data, it is also necessary to lack sampling is carried out, in addition, in order to realize pair
The processing of transaction data also needs the data format that transaction data is converted to model supports, and the feature that transaction data extracts is gathered
Be combined into vector, transaction data be divided by training set and test set by vector, by training set construct anti-fraud model and
It is predicted by test set, this modeling process is more complicated, needs to take a substantial amount of time and cost of labor.
Summary of the invention
It is a primary object of the present invention to propose generation method, device, equipment and the storage medium of a kind of anti-fraud model,
It is intended to reduce model construction time and cost.
To achieve the above object, the present invention provides a kind of generation method of anti-fraud model, the life of the anti-fraud model
At method the following steps are included:
Obtain the default sample information for cheating regular stream information and customer transaction, wherein the default fraud regular flow
It include the branch information of multiple judgement frauds in information;
The sample information is put into the regular stream information of the default fraud and is analyzed, obtains institute based on the analysis results
State the hit branch information and similar branch information in branch information;
The hit branch information and similar branch information are finely divided according to the logical relation of the preset keyword,
Branch information after subdivision is combined and generates intended branch information;
The fraud characteristic information in the intended branch information is extracted, according to the fraud characteristic information to pre-
If anti-fraud model is trained, generate that target is counter cheats model.
Preferably, the acquisition is default cheats regular stream information, sentences in the regular stream information of default fraud including multiple
Before the branch information of disconnected fraud, the method also includes:
The fraud data information for obtaining history fraudulent user, using the fraud data information as described in decision rule generation
It is default to cheat regular stream information.
Preferably, the described sample information of customer transaction is put into the regular stream information of the default fraud is analyzed,
The hit branch information and similar branch information in the branch information are obtained based on the analysis results, are specifically included:
The sample information of customer transaction is put into the regular stream information of the default fraud and is analyzed, based on the analysis results
The hit branch information in the branch information is obtained, the anti-fraud Rule Information in the hit branch information is extracted, will wrap
Reach the miss branch information of preset threshold as the similar branch information containing the anti-fraud Rule Information.
Preferably, described to close the hit branch information and similar branch information according to the logic of the preset keyword
System is finely divided, and the branch information after subdivision is combined before generating intended branch information, the method also includes:
Judge whether the branch information and similar branch information contain preset keyword, is containing the preset keyword
When, the branch information and similar branch information are finely divided by execution according to preset condition, and the branch information after subdivision is raw
At intended branch information.
Preferably, the fraud characteristic information extracted in the intended branch information, according to fraud feature
Information is trained default anti-fraud model, generates that target is counter to cheat model, specifically includes:
The fraud characteristic information in the intended branch information is extracted, according to the fraud characteristic information to institute
It states default anti-fraud model to be trained to obtain predictive behavior information, judges that the predictive behavior information and the fraud are believed
The distance between breath adjusts the default anti-fraud model according to the distance, and default anti-fraud model adjusted is raw
Model is cheated at the target is counter.
Preferably, the fraud characteristic information extracted in the intended branch information, according to the fraud
Characteristic information is trained default anti-fraud model, after generating that target is counter and cheating model, the method also includes:
It is verified by cheating data model of cheating counter to the target, extracts in the intended branch information similar point
The hit-count of branch information deletes the similar branch information when the hit-count is not up to preset quantity threshold value
It removes, update is iterated according to the model of cheating counter to the target of the branch information after deletion.
Preferably, the fraud characteristic information extracted in the intended branch information, according to the fraud
Characteristic information is trained default anti-fraud model, before generating that target is counter and cheating model, the method also includes:
The trading activity data for obtaining historical user, extract the fraud data in the trading activity data, take advantage of described
The fraud model data that swindleness data generate default dimension is put into convolutional neural networks and is trained, generated according to training result described in
Default anti-fraud model.
In addition, to achieve the above object, the present invention also proposes a kind of generating means of anti-fraud model, the anti-fraud mould
The generating means of type include:
Module is obtained, includes multiple in the regular stream information of default fraud for obtaining the regular stream information of default fraud
Judge the branch information of fraud;
Analysis module is divided for the sample information of customer transaction to be put into the regular stream information of the default fraud
Analysis, obtains the hit branch information and similar branch information in the branch information based on the analysis results;
Segment module, for by the hit branch information and similar branch information according to the logic of the preset keyword
Relationship is finely divided, and the branch information after subdivision is combined and generates intended branch information;
Generation module is gone for extracting the fraud characteristic information in the intended branch information according to the fraud
It is characterized information to be trained default anti-fraud model, generates that target is counter to cheat model.
In addition, to achieve the above object, the present invention also proposes a kind of equipment, the equipment include: memory, processor and
The generation program of anti-fraud model that is stored on the memory and can run on the processor, the anti-fraud model
Generation program the step of being arranged for carrying out the generation method of fraud model as described above anti-.
In addition, to achieve the above object, the present invention also proposes a kind of storage medium, counter take advantage of is stored on the storage medium
The generation program of model is cheated, the generation program of the anti-fraud model realizes anti-fraud as described above when being executed by processor
The step of generation method of model.
The generation method of anti-fraud model proposed by the present invention, by obtaining the hit branch letter cheated in regular stream information
Breath and similar branch information extract the fraud characteristic information of hit branch information and similar branch information, by fraud
Characteristic information is trained default anti-fraud model, to mention in advance to the validity feature information in fraud regular flow
It takes, anti-fraud model is trained by effective characteristic information, to reduce model construction time and cost.
Detailed description of the invention
Fig. 1 is the device structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to;
Fig. 2 is the flow diagram of the generation method first embodiment of the anti-fraud model of the present invention;
Fig. 3 is the flow diagram of the generation method second embodiment of the anti-fraud model of the present invention;
Fig. 4 is the flow diagram of the generation method 3rd embodiment of the anti-fraud model of the present invention;
Fig. 5 is the functional block diagram of the generating means first embodiment of the anti-fraud model of the present invention.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Referring to Fig.1, Fig. 1 is the device structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to.
As shown in Figure 1, the equipment may include: processor 1001, such as CPU, communication bus 1002, user interface
1003, network interface 1004, memory 1005.Wherein, communication bus 1002 is for realizing the connection communication between these components.
User interface 1003 may include display screen (Display), input unit such as key, and optional user interface 1003 can also wrap
Include standard wireline interface and wireless interface.Network interface 1004 optionally may include standard wireline interface and wireless interface
(such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable memory (non-volatile
), such as magnetic disk storage memory.Memory 1005 optionally can also be the storage dress independently of aforementioned processor 1001
It sets.
It will be understood by those skilled in the art that device structure shown in Fig. 1 does not constitute the restriction to equipment, can wrap
It includes than illustrating more or fewer components, perhaps combines certain components or different component layouts.
As shown in Figure 1, as may include operating system, network communication mould in a kind of memory 1005 of storage medium
The generation program of block, Subscriber Interface Module SIM and anti-fraud model.
In equipment shown in Fig. 1, network interface 1004 is mainly used for connecting outer net, carries out data with other network equipments
Communication;User interface 1003 is mainly used for connecting user terminal, carries out data communication with terminal;Present device passes through processor
The generation program of the anti-fraud model stored in 1001 calling memories 1005, and execute anti-fraud provided in an embodiment of the present invention
The implementation method of the generation of model.
Based on above-mentioned hardware configuration, the generation method embodiment of the anti-fraud model of the present invention is proposed.
Referring to the flow diagram for the generation method first embodiment that Fig. 2, Fig. 2 are the anti-fraud model of the present invention.
In the first embodiment, it is described it is anti-fraud model generation method the following steps are included:
Step S10 obtains the default sample information for cheating regular stream information and customer transaction, wherein described preset is taken advantage of
Cheating includes multiple branch informations for judging frauds in regular stream information.
It should be noted that the default rule stream information of cheating is the regular stream information that the judgement originally formulated is cheated,
For example including nodal information, routing information, conditional information and branch information, wherein the conditional information can be the overdue time,
The user of overdue time within a certain period of time can be judged whether user has fraud according to the length of overdue time, such as
It will be overdue client more than the user of default payback period, and be the overdue time more than time payback period, be more than in the overdue time
Bimestrial user determines the user with fraud, may also include the branch information with multiple conditional informations, described point
It is information, such as overdue time among the above etc. with multiple judgement frauds in branch information, may also include others and sentence
Fixed condition, the present embodiment to this with no restriction.
The sample information is put into the regular stream information of the default fraud and analyzes, tied according to analysis by step S20
Fruit obtains hit branch information and similar branch information in the branch information.
It should be noted that the sample information of the customer transaction is the transaction data for recording customer transaction behavior, such as
User A obtains the credit information that amount is 10000 in the B time, and is equipped with payback period and refund number, can be by customer transaction
Sample information import in the executing subject equipment of the present embodiment, from for obtain customer transaction sample information.
In the concrete realization, the analysis conditions in default fraud regular flow of the sample information are tracked, example
Such as obtain the case where sample information is by that branch in default fraud regular flow, thus obtain hit branch information and
The branch information of miss, to extract effective branch information in the default fraud regular flow.
It is understood that can be also extraction in the branch information of miss and hit point when obtaining hit branch information
The similar branch information of branch information protects the hit branch information to similar branch information as similar branch information
It stays, convenient for being trained to anti-fraud model, miss branch information is deleted, to improve system treatment effeciency, is kept away
Exempt from excessive redundancy and invalid conditional information is determined.
In the concrete realization, hit branch information is obtained, obtained by the hit branch information and hits branch information
Conditional information reaches the branch information of threshold value, and as similar branch information, the hit branch information is believed to similar branch
Breath is retained, and is trained to anti-fraud model, and the judgement correctness of anti-fraud model is improved.
Step S30, by branch information and the similar branch information of hitting according to the logical relation of the preset keyword
It is finely divided, the branch information after subdivision is combined and generates intended branch information.
It should be noted that the preset keyword can for by the branch information in "and" or "or" logical relation,
It is divided into two branch informations arranged side by side, to realize the refinement to branch information, increases the characteristic information of training pattern.
In the concrete realization, include such as in the hit branch information the overdue time it is whether more than 2 months and personal
Username information and work unit's information can be split and organize symphysis by username information or work unit's information in information
At a plurality of branch information, to more refine branch information, the hit rate of branch information is improved, so that system treatment effeciency is improved,
In the present embodiment, the intended branch information is will hit branch information and similar branch information refines, and will refine
Branch information afterwards generates new branch information, and new branch information is carried out to reconfigure the generation intended branch information,
To more effectively extract decision condition feature effective in hit branch information and similar branch information.
Step S40 extracts the fraud characteristic information in the intended branch information, according to the fraud feature
Information is trained default anti-fraud model, generates that target is counter to cheat model.
It should be noted that the default anti-fraud model is the original anti-fraud rudimentary model pre-established, mainly
It is established based on convolutional neural networks model or supporting vector machine model, can also be established by other basic models, this
Embodiment with no restriction, in the present embodiment, is illustrated this by taking convolutional neural networks model as an example.
In the present embodiment, the intended branch information of generation is iterated the default anti-fraud model, specific
In iterative process, the hit information of similar branch information also can be traced, in the anti-fraud model after test data to be put into iteration
It is trained, obtains the similar branch information to the number of iterations of anti-fraud model, with the increase or change of test data
Change, judges that the number of iterations of similar branch information is more than still miss after preset threshold, then it will the similar branch information progress
It deletes, so that the similar branch information is determined as invalid characteristic information, improves the efficiency of anti-fraud model iteration.
The present embodiment through the above scheme, hit branch information and the similar branch in regular stream information is cheated by acquisition
Information extracts the fraud characteristic information of hit branch information and similar branch information, by fraud characteristic information to pre-
If anti-fraud model is trained, to be extracted in advance to the validity feature information in fraud regular flow, by effective
Characteristic information is trained anti-fraud model, to improve the iteration efficiency of anti-fraud model, reduce the model construction time and
Cost.
Further, as shown in figure 3, proposing that the generation method second of the anti-fraud model of the present invention is real based on first embodiment
Example is applied, in the present embodiment, before the step S10, the method also includes:
Step S101 obtains the fraud data information of history fraudulent user, advises the fraud data information as judgement
Then generate the regular stream information of the default fraud.
It should be noted that the fraud data information of the history fraudulent user, the duplication of name including user, the i.e. life of user
Name is consistent but address is inconsistent or the name of user is inconsistent but address is consistent, may also include the overdue time of user,
These can be characterized into the fraud data information with fraud as the decision rule for determining fraud, advised by determining
The regular stream information of the default fraud is then generated, thus more effective by the default fraud cheated in regular stream information first
Extraction have fraud characteristic information.
In the concrete realization, the logic cheated between conditional information and conditional information in the fraud data information is extracted
Relationship, using it is described fraud conditional information and conditional information between logical relation as in regular flow nodal information and branch
The logical relation of interior joint information generates the regular stream information of the default fraud.
Further, the step S20, specifically includes:
The sample information of customer transaction is put into the regular stream information of the default fraud and analyzes by step S201, root
The hit branch information in the branch information is obtained according to analysis result, extracts the anti-fraud rule in the hit branch information
Information believes the miss branch information for reaching preset threshold comprising the anti-fraud Rule Information as the similar branch
Breath.
It should be noted that it is 50% that the preset threshold, which can be similarity, it can also be other index informations, the present embodiment
With no restriction to this.
In the concrete realization, the hit branch information in the branch information is obtained, is extracted in the hit branch information
Anti- fraud conditional information, such as overdue number of days be 2 months, further include other conditions information, will be looked into miss branch information
Whether have the overdue number of days and other conditions information consistent conditional information, and count the number of consistent conditional information if looking for
Amount, the quantity accounts for the 50% of entire conditional information, then the branch information is determined as condition of similarity information, thus to branch
The processing that information is more refined extracts the condition for validity information in regular stream information to the maximum extent.
Scheme provided in this embodiment obtains similar branch information according to hit branch information, thus to branch information into
The processing that row more refines extracts the condition for validity information in regular stream information to the maximum extent, realizes to data processing
It is intelligent.
Further, as shown in figure 4, proposing the life of the anti-fraud model of the present invention based on the first embodiment or the second embodiment
At method 3rd embodiment, in the present embodiment, it is illustrated based on first embodiment, before the step S30, the method
Further include:
Step S301, judges whether the branch information and similar branch information contain preset keyword, containing described
When preset keyword, the branch information and similar branch information are finely divided by execution according to preset condition, after subdivision
Branch information generates intended branch information.
It should be noted that the preset keyword is that "AND" or "or" etc. can indicate that the logic in branch information is closed
System, when in the branch information comprising the preset keyword, then it represents that the branch information can be finely divided, and will subdivision
Branch information afterwards generates intended branch information, to realize the analysis more refined to branch information.
Further, the step S40, specifically includes:
Step S401 extracts the fraud characteristic information in the intended branch information, special according to the fraud
Reference breath is trained to obtain predictive behavior information to the default anti-fraud model, judge the predictive behavior information with it is described
The distance between fraud information adjusts the default anti-fraud model according to the distance, and will be adjusted default anti-
The fraud model generation target is counter to cheat model.
In the concrete realization, it first by the fraud characteristic information in the extraction intended branch information, such as mentions
Fraud characteristic information (Ai, Bi) is taken, since known (Ai, Bi) is fraud characteristic information, (Ai, Bi) is put into described
It is trained in default anti-fraud model, obtains output result C, BI is compared with C, such as find out distance D=Bi-C, from
And the difference between reality output and input data is obtained, the matrix W of the default anti-fraud model is adjusted by distance D, and
By being repeated the above process to each sample, until error is no more than prescribed limit, to more be met the mesh of business demand
The anti-fraud model of mark.
Further, after the step S40, the method also includes:
Step S402 is verified by cheating data model of cheating counter to the target, extracts the intended branch letter
The hit-count of similar branch information in breath, when the hit-count is not up to preset quantity threshold value, by the similar branch
Information is deleted, and is iterated update according to the model of cheating counter to the target of the branch information after deletion.
It should be noted that the preset quantity threshold value can be 5 times, it can be also other parameters index, the present embodiment is to this
With no restriction, in the present embodiment, it is illustrated for 5 times, default anti-fraud model is added after subdivision, and change
In generation, with iterations going on, fraud data, might have increase or variation, and the similar branch information may be hit, if phase
The number of iterations like branch information is more than still not order after certain 5 times, then can delete the similar branch information.
Further, before the step S40, the method also includes:
Step S403 obtains the trading activity data of historical user, extracts the fraud data in the trading activity data,
The fraud model data that the fraud data generate default dimension is put into convolutional neural networks to be trained, according to training result
Generate the default anti-fraud model.
It should be noted that in the present embodiment, the default anti-fraud model is to be established based on convolutional neural networks
Default anti-fraud model, by the trading activity data of historical user, the name of the duplication of name for example including user, i.e. user is consistent
But address is inconsistent or the name of user is inconsistent but address is consistent, may also include the overdue time of user, extract institute
The fraud data in trading activity data are stated, by the fraud data, default dimension is generated according to overdue time or user information
The fraud model data of degree, wherein the default dimension is various dimensions, such as from time dimension or user information dimension, and
The fraud model data of generation is put into convolutional neural networks to be trained, the default anti-fraud mould is generated according to training result
Type, to realize the foundation of anti-fraud model.
The trading activity data of historical user are generated the fraud model data of default dimension by scheme provided in this embodiment
It is put into convolutional neural networks to be trained, to realize the foundation of anti-fraud model.
The present invention further provides a kind of generating means of anti-fraud model.
Referring to the functional block diagram for the generating means first embodiment that Fig. 5, Fig. 5 are the anti-fraud model of the present invention.
In the anti-generating means first embodiment for cheating model of the present invention, which includes:
Module 10 is obtained, for obtaining the default sample information for cheating regular stream information and customer transaction, wherein described
Default cheat includes multiple branch informations for judging frauds in regular stream information.
It should be noted that the default rule stream information of cheating is the regular stream information that the judgement originally formulated is cheated,
For example including nodal information, routing information, conditional information and branch information, wherein the conditional information can be the overdue time,
The user of overdue time within a certain period of time can be judged whether user has fraud according to the length of overdue time, such as
It will be overdue client more than the user of default payback period, and be the overdue time more than time payback period, be more than in the overdue time
Bimestrial user determines the user with fraud, may also include the branch information with multiple conditional informations, described point
It is information, such as overdue time among the above etc. with multiple judgement frauds in branch information, may also include others and sentence
Fixed condition, the present embodiment to this with no restriction.
Analysis module 20 is analyzed, root for the sample information to be put into the regular stream information of the default fraud
Hit branch information and similar branch information in the branch information are obtained according to analysis result.
It should be noted that the sample information of the customer transaction is the transaction data for recording customer transaction behavior, such as
User A obtains the credit information that amount is 10000 in the B time, and is equipped with payback period and refund number, can be by customer transaction
Sample information import in the executing subject equipment of the present embodiment, from for obtain customer transaction sample information.
In the concrete realization, the analysis conditions in default fraud regular flow of the sample information are tracked, example
Such as obtain the case where sample information is by that branch in default fraud regular flow, thus obtain hit branch information and
The branch information of miss, to extract effective branch information in the default fraud regular flow.
It is understood that can be also extraction in the branch information of miss and hit point when obtaining hit branch information
The similar branch information of branch information protects the hit branch information to similar branch information as similar branch information
It stays, convenient for being trained to anti-fraud model, miss branch information is deleted, to improve system treatment effeciency, is kept away
Exempt from excessive redundancy and invalid conditional information is determined.
In the concrete realization, hit branch information is obtained, obtained by the hit branch information and hits branch information
Conditional information reaches the branch information of threshold value, and as similar branch information, the hit branch information is believed to similar branch
Breath is retained, and is trained to anti-fraud model, and the judgement correctness of anti-fraud model is improved.
Module 30 is segmented, for by hit branch information and similar branch information the patrolling according to the preset keyword
The relationship of collecting is finely divided, and the branch information after subdivision is combined and generates intended branch information.
It should be noted that the preset keyword can for by the branch information in "and" or "or" logical relation,
It is divided into two branch informations arranged side by side, to realize the refinement to branch information, increases the characteristic information of training pattern.
In the concrete realization, include such as in the hit branch information the overdue time it is whether more than 2 months and personal
Username information and work unit's information can be split and organize symphysis by username information or work unit's information in information
At a plurality of branch information, to more refine branch information, the hit rate of branch information is improved, so that system treatment effeciency is improved,
In the present embodiment, the intended branch information is will hit branch information and similar branch information refines, and will refine
Branch information afterwards generates new branch information, and new branch information is carried out to reconfigure the generation intended branch information,
To more effectively extract decision condition feature effective in hit branch information and similar branch information.
Generation module 40, for extracting the fraud characteristic information in the intended branch information, according to the fraud
Behavior characteristic information is trained default anti-fraud model, generates that target is counter to cheat model.
It should be noted that the default anti-fraud model is the original anti-fraud rudimentary model pre-established, mainly
It is established based on convolutional neural networks model or supporting vector machine model, can also be established by other basic models, this
Embodiment with no restriction, in the present embodiment, is illustrated this by taking convolutional neural networks model as an example.
In the present embodiment, the intended branch information of generation is iterated the default anti-fraud model, specific
In iterative process, the hit information of similar branch information also can be traced, in the anti-fraud model after test data to be put into iteration
It is trained, obtains the similar branch information to the number of iterations of anti-fraud model, with the increase or change of test data
Change, judges that the number of iterations of similar branch information is more than still miss after preset threshold, then it will the similar branch information progress
It deletes, so that the similar branch information is determined as invalid characteristic information, improves the efficiency of anti-fraud model iteration.
The present embodiment through the above scheme, hit branch information and the similar branch in regular stream information is cheated by acquisition
Information extracts the fraud characteristic information of hit branch information and similar branch information, by fraud characteristic information to pre-
If anti-fraud model is trained, to be extracted in advance to the validity feature information in fraud regular flow, by effective
Characteristic information is trained anti-fraud model, to improve the iteration efficiency of anti-fraud model, reduce the model construction time and
Cost.
In addition, to achieve the above object, the present invention also proposes a kind of equipment, the equipment include: memory, processor and
The generation program of anti-fraud model that is stored on the memory and can run on the processor, the anti-fraud model
Generation program the step of being arranged for carrying out the generation method of anti-fraud model as described above.
In addition, the embodiment of the present invention also proposes a kind of storage medium, anti-fraud model is stored on the storage medium
Program is generated, the generation program of the anti-fraud model is executed by processor the generation method of anti-fraud model as described above
The step of.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the device that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or device.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in one as described above
In computer readable storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that an intelligent terminal (can
To be mobile phone, computer, terminal device, air conditioner or the network equipment etc.) execute side described in each embodiment of the present invention
Method.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of anti-generation method of fraud model, which is characterized in that the generation method of the anti-fraud model includes:
Obtain the default sample information for cheating regular stream information and customer transaction, wherein the regular stream information of default fraud
In include it is multiple judgement frauds branch informations;
The sample information is put into the regular stream information of the default fraud and is analyzed, obtains described point based on the analysis results
Hit branch information and similar branch information in branch information;
The hit branch information and similar branch information are finely divided according to the logical relation of the preset keyword, it will be thin
Branch information after point, which is combined, generates intended branch information;
The fraud characteristic information in the intended branch information is extracted, according to the fraud characteristic information to default anti-
Fraud model is trained, and generates that target is counter cheats model.
2. the generation method of anti-fraud model as described in claim 1, which is characterized in that described to obtain default fraud regular flow
Information, it is described it is default cheat include in regular stream information multiple judgement frauds branch informations before, the method is also wrapped
It includes:
The fraud data information for obtaining history fraudulent user generates described default using the fraud data information as decision rule
Cheat regular stream information.
3. the generation method of anti-fraud model as described in claim 1, which is characterized in that the sample by customer transaction is believed
Breath is put into the regular stream information of the default fraud and is analyzed, and obtains the hit point in the branch information based on the analysis results
Branch information and similar branch information, specifically include:
The sample information of customer transaction is put into the regular stream information of the default fraud and is analyzed, is obtained based on the analysis results
Hit branch information in the branch information extracts the anti-fraud Rule Information in the hit branch information, will include institute
It states anti-fraud Rule Information and reaches the miss branch information of preset threshold as the similar branch information.
4. the generation method of anti-fraud model as claimed any one in claims 1 to 3, which is characterized in that it is described will be described
Hit branch information and similar branch information are finely divided according to the logical relation of the preset keyword, by the branch after subdivision
Information is combined before generating intended branch information, the method also includes:
Judge whether the branch information and similar branch information contain preset keyword, when containing the preset keyword,
The branch information and similar branch information are finely divided by execution according to preset condition, and the branch information after subdivision is generated mesh
Mark branch information.
5. the generation method of anti-fraud model as claimed any one in claims 1 to 3, which is characterized in that the extraction institute
The fraud characteristic information in intended branch information is stated, default anti-fraud model is instructed according to fraud characteristic information
Practice, generate that target is counter cheats model, specifically includes:
The fraud characteristic information in the intended branch information is extracted, according to the fraud characteristic information to described pre-
If anti-fraud model is trained to obtain predictive behavior information, judge the predictive behavior information and the fraud information it
Between distance, the default anti-fraud model is adjusted according to the distance, and will default anti-fraud model generation institute adjusted
State that target is counter to cheat model.
6. the generation method of anti-fraud model as claimed any one in claims 1 to 3, which is characterized in that the extraction institute
State the fraud characteristic information in intended branch information, according to the fraud characteristic information to default anti-fraud model into
Row training, generate target is counter cheat model after, the method also includes:
It is verified by cheating data model of cheating counter to the target, extracts similar branch's letter in the intended branch information
The hit-count of breath is deleted the similar branch information, root when the hit-count is not up to preset quantity threshold value
Update is iterated according to the model of cheating counter to the target of the branch information after deletion.
7. the generation method of anti-fraud model as claimed any one in claims 1 to 3, which is characterized in that the extraction institute
State the fraud characteristic information in intended branch information, according to the fraud characteristic information to default anti-fraud model into
Row training, generate target is counter cheat model before, the method also includes:
The trading activity data for obtaining historical user, extract the fraud data in the trading activity data, by the fraud number
Convolutional neural networks are put into according to the fraud model data for generating default dimension to be trained, and are generated according to training result described default
Anti- fraud model.
8. a kind of anti-generating means of fraud model, which is characterized in that the generating means of the anti-fraud model include:
Module is obtained, includes multiple judgements in the regular stream information of default fraud for obtaining the regular stream information of default fraud
The branch information of fraud;
Analysis module is analyzed, root for the sample information of customer transaction to be put into the regular stream information of the default fraud
Hit branch information and similar branch information in the branch information are obtained according to analysis result;
Segment module, for by the hit branch information and similar branch information according to the logical relation of the preset keyword
It is finely divided, the branch information after subdivision is combined and generates intended branch information;
Generation module, it is special according to the fraud for extracting the fraud characteristic information in the intended branch information
Reference breath is trained default anti-fraud model, generates that target is counter to cheat model.
9. a kind of equipment, which is characterized in that the equipment includes: memory, processor and is stored on the memory and can
The generation program of the anti-fraud model run on the processor, it is described it is anti-fraud model generation program be arranged for carrying out as
Described in any one of claims 1 to 7 the step of the generation method of anti-fraud model.
10. a kind of storage medium, which is characterized in that the generation program of anti-fraud model is stored on the storage medium, it is described
The generation program of anti-fraud model realizes the anti-fraud model as described in any one of claims 1 to 7 when being executed by processor
Generation method the step of.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811127135.9A CN109409502A (en) | 2018-09-26 | 2018-09-26 | Generation method, device, equipment and the storage medium of anti-fraud model |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811127135.9A CN109409502A (en) | 2018-09-26 | 2018-09-26 | Generation method, device, equipment and the storage medium of anti-fraud model |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109409502A true CN109409502A (en) | 2019-03-01 |
Family
ID=65465393
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811127135.9A Pending CN109409502A (en) | 2018-09-26 | 2018-09-26 | Generation method, device, equipment and the storage medium of anti-fraud model |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109409502A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378699A (en) * | 2019-07-25 | 2019-10-25 | 中国工商银行股份有限公司 | A kind of anti-fraud method, apparatus and system of transaction |
| CN111383096A (en) * | 2020-03-23 | 2020-07-07 | 中国建设银行股份有限公司 | Fraud detection and model training method and device thereof, electronic equipment and storage medium |
| CN111738747A (en) * | 2020-06-24 | 2020-10-02 | 中诚信征信有限公司 | Method and device for anti-fraud decision |
| CN113793132A (en) * | 2021-09-24 | 2021-12-14 | 上海通联金融服务有限公司 | Automatic approval method, system and terminal based on machine learning |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120101930A1 (en) * | 2010-10-21 | 2012-04-26 | Caiwei Li | Software and Methods for Risk and Fraud Mitigation |
| CN102567788A (en) * | 2010-12-28 | 2012-07-11 | 中国移动通信集团重庆有限公司 | Real-time identification system and real-time identification method for fraudulent practice in communication services |
| CN107103008A (en) * | 2016-02-23 | 2017-08-29 | 阿里巴巴集团控股有限公司 | Object identifying method and device |
| WO2017143932A1 (en) * | 2016-02-26 | 2017-08-31 | 中国银联股份有限公司 | Fraudulent transaction detection method based on sample clustering |
| CN107644098A (en) * | 2017-09-29 | 2018-01-30 | 马上消费金融股份有限公司 | A kind of fraud recognition methods, device, equipment and storage medium |
| CN107679862A (en) * | 2017-09-08 | 2018-02-09 | 中国银联股份有限公司 | A kind of characteristic value of fraudulent trading model determines method and device |
| CN107679046A (en) * | 2016-08-01 | 2018-02-09 | 上海前隆信息科技有限公司 | A kind of detection method and device of fraudulent user |
| CN107785058A (en) * | 2017-07-24 | 2018-03-09 | 平安科技(深圳)有限公司 | Anti- fraud recognition methods, storage medium and the server for carrying safety brain |
| CN108305166A (en) * | 2018-04-04 | 2018-07-20 | 淮阴师范学院 | A kind of negative dealing fraud method towards financial field |
| CN108337652A (en) * | 2017-01-20 | 2018-07-27 | 中国移动通信集团河南有限公司 | A kind of method and device of detection flows fraud |
-
2018
- 2018-09-26 CN CN201811127135.9A patent/CN109409502A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120101930A1 (en) * | 2010-10-21 | 2012-04-26 | Caiwei Li | Software and Methods for Risk and Fraud Mitigation |
| CN102567788A (en) * | 2010-12-28 | 2012-07-11 | 中国移动通信集团重庆有限公司 | Real-time identification system and real-time identification method for fraudulent practice in communication services |
| CN107103008A (en) * | 2016-02-23 | 2017-08-29 | 阿里巴巴集团控股有限公司 | Object identifying method and device |
| WO2017143932A1 (en) * | 2016-02-26 | 2017-08-31 | 中国银联股份有限公司 | Fraudulent transaction detection method based on sample clustering |
| CN107679046A (en) * | 2016-08-01 | 2018-02-09 | 上海前隆信息科技有限公司 | A kind of detection method and device of fraudulent user |
| CN108337652A (en) * | 2017-01-20 | 2018-07-27 | 中国移动通信集团河南有限公司 | A kind of method and device of detection flows fraud |
| CN107785058A (en) * | 2017-07-24 | 2018-03-09 | 平安科技(深圳)有限公司 | Anti- fraud recognition methods, storage medium and the server for carrying safety brain |
| CN107679862A (en) * | 2017-09-08 | 2018-02-09 | 中国银联股份有限公司 | A kind of characteristic value of fraudulent trading model determines method and device |
| CN107644098A (en) * | 2017-09-29 | 2018-01-30 | 马上消费金融股份有限公司 | A kind of fraud recognition methods, device, equipment and storage medium |
| CN108305166A (en) * | 2018-04-04 | 2018-07-20 | 淮阴师范学院 | A kind of negative dealing fraud method towards financial field |
Non-Patent Citations (2)
| Title |
|---|
| 杨颖;赵守香;: "互联网环境下信用卡反欺诈系统研究", 电脑知识与技术, no. 01, 5 January 2018 (2018-01-05), pages 56 - 58 * |
| 肖红姗: "面向风险决策问题的集成学习模型与算法研究", 中国博士学位论文全文数据库 经济与管理科学辑, vol. 2018, no. 6, 15 June 2018 (2018-06-15), pages 145 - 15 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378699A (en) * | 2019-07-25 | 2019-10-25 | 中国工商银行股份有限公司 | A kind of anti-fraud method, apparatus and system of transaction |
| CN111383096A (en) * | 2020-03-23 | 2020-07-07 | 中国建设银行股份有限公司 | Fraud detection and model training method and device thereof, electronic equipment and storage medium |
| CN111738747A (en) * | 2020-06-24 | 2020-10-02 | 中诚信征信有限公司 | Method and device for anti-fraud decision |
| CN113793132A (en) * | 2021-09-24 | 2021-12-14 | 上海通联金融服务有限公司 | Automatic approval method, system and terminal based on machine learning |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109409502A (en) | Generation method, device, equipment and the storage medium of anti-fraud model | |
| CN109034660B (en) | Method and related device for determining risk control strategy based on prediction model | |
| CN109670940A (en) | Credit Risk Assessment Model generation method and relevant device based on machine learning | |
| US11978246B2 (en) | Method, system, and computer program product for implementing reinforcement learning | |
| CN107169796A (en) | A kind of analysis method of user behavior data, system and computer-readable recording medium | |
| CN111311136A (en) | Wind control decision method, computer equipment and storage medium | |
| CN109345130A (en) | Method, apparatus, computer equipment and the storage medium of Market Site Selection | |
| CN108960505A (en) | Quantitative estimation method, device, system and the storage medium of personal finance credit | |
| CN108629379A (en) | A kind of individual's reference appraisal procedure and system | |
| CN106803039B (en) | A kind of homologous determination method and device of malicious file | |
| CN106603327B (en) | Behavioral data analysis method and device | |
| CN110442712A (en) | Determination method, apparatus, server and the text of risk try system | |
| CN109461043A (en) | Product method for pushing, device, computer equipment and storage medium | |
| CN105894028A (en) | User identification method and device | |
| CN110349013A (en) | Risk control method and device | |
| CN104021226B (en) | Prefetch the update method and device of rule | |
| CN110276677A (en) | Refund prediction technique, device, equipment and storage medium based on big data platform | |
| CN109670933A (en) | Identify method, user equipment, storage medium and the device of user role | |
| CN109460784A (en) | Access behavioural characteristic method for establishing model, equipment, storage medium and device | |
| CN110675252A (en) | Risk assessment method and device, electronic equipment and storage medium | |
| US20220253307A1 (en) | Miniprogram classification method, apparatus, and device, and computer-readable storage medium | |
| CN113538070A (en) | User life value cycle detection method and device and computer equipment | |
| CN109670934A (en) | Personal identification method, equipment, storage medium and device based on user behavior | |
| CN114757637A (en) | Credit approval method, credit approval device, credit approval equipment and credit approval storage medium based on decision engine | |
| CN110457312A (en) | Acquisition method, device, equipment and the readable storage medium storing program for executing of diversiform data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40002561 Country of ref document: HK |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |