CN109558480A - For the counter method of crime of laundering behavior - Google Patents
For the counter method of crime of laundering behavior Download PDFInfo
- Publication number
- CN109558480A CN109558480A CN201811450151.1A CN201811450151A CN109558480A CN 109558480 A CN109558480 A CN 109558480A CN 201811450151 A CN201811450151 A CN 201811450151A CN 109558480 A CN109558480 A CN 109558480A
- Authority
- CN
- China
- Prior art keywords
- user
- analysis module
- sensitive word
- data
- flow analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 13
- 238000004900 laundering Methods 0.000 title claims abstract description 10
- 208000001613 Gambling Diseases 0.000 claims abstract description 26
- 238000005206 flow analysis Methods 0.000 claims abstract description 22
- 238000004458 analytical method Methods 0.000 claims abstract description 21
- 239000000284 extract Substances 0.000 claims abstract description 7
- 241001269238 Data Species 0.000 claims abstract description 4
- 230000000694 effects Effects 0.000 claims abstract description 4
- 230000005540 biological transmission Effects 0.000 claims abstract 2
- 238000012544 monitoring process Methods 0.000 claims description 20
- 238000007405 data analysis Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000035945 sensitivity Effects 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000006185 dispersion Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000003064 k means clustering Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/279—Recognition of textual entities
- G06F40/284—Lexical analysis, e.g. tokenisation or collocates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/01—Social networking
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Health & Medical Sciences (AREA)
- Marketing (AREA)
- Economics (AREA)
- Computing Systems (AREA)
- Human Resources & Organizations (AREA)
- Finance (AREA)
- Primary Health Care (AREA)
- Tourism & Hospitality (AREA)
- Artificial Intelligence (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computational Linguistics (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
For the counter method of crime of laundering behavior, using following steps, S1: foundation has retrieval sensitive word information database, includes the various gambling rules of gambling personnel and discourse system in the retrieval sensitive word information database;S2: being provided with sensitive word rules for grasping in flow analysis module, flow analysis module is filtered analysis to network traffic data in real time, determines user information by sensitive word;S3: if repeatedly there is sensitive word in the record for passing through a User ID, which is added in black list database, the corresponding data logging of the User ID is established;S4: crawler module crawls all activity datas of the User ID on network, the data transmission crawled is filtered into flow analysis module, flow analysis module extracts the contextual information with sensitive word, and the contextual information with sensitive word is written in the corresponding data logging of the User ID.It is analyzed by the sensitive keys word to User ID, it may be possible to which the corresponding behavior of User ID is analyzed.
Description
Technical field
The present invention relates to data analysis fields, and in particular to for the counter method of crime of laundering behavior.
Background technique
There is the trend of networking in tradition gambling in recent years, and some illegal cliques use spelling this amusement function of luck red packet
Can, " the gambling size " of tradition gambling, " pressure number " etc. are moved to inside chat group, such as gamblers transfer accounts to " banker " before this
Bet, guesses random red packet mantissa or the size of " banker " then to gamble.
Although being legally about the detection rule for judging to whether there is gambling crime between Internet user at present
Escape and check and above-mentioned detection rule, the establishment officer of network gambling often using reduce group's number, frequent changes account,
Group number, dispersion small amount transfers etc. modes break up the mode of gambling, are checked with evading, and it is above-mentioned evade behavior also to
The monitoring band of network gambling is come difficult.
Therefore, in order to purify Internet environment, Blocking Networks gambling channel needs to supervise the gambling on internet
Control, it is especially desirable to above-mentioned network gambling can be monitored out and evade behavior.
Summary of the invention
In view of the deficiencies of the prior art, the present invention proposes the counter method for being directed to crime of laundering behavior, specific technical solutions
It is as follows:
For the counter method of crime of laundering behavior, it is characterised in that:
Using following steps,
S1: foundation has retrieval sensitive word information database, includes gambling personnel in the retrieval sensitive word information database
Various gambling rules and discourse system;
S2: sensitive word rules for grasping is provided in flow analysis module, flow analysis module is in real time to network traffic data
It is filtered analysis, user information is determined by sensitive word;
S3: if repeatedly there is sensitive word in the record for passing through a User ID, which is added to blacklist
In database, the corresponding data logging of the User ID is established;
S4: crawler module crawls all activity datas of the User ID on network, and the data crawled are passed
It is sent in flow analysis module and is filtered, flow analysis module extracts the contextual information with sensitive word, will have sensitivity
The contextual information of word is written in the corresponding data logging of the User ID;
S5: being provided with members list, extracts the intersection record with the User ID, by its interacted with User ID with this
He is put into members list by member id;
S6: being provided with frequency threshold c, and crawler module successively traverses data flow of the member id on network in members list
Amount, data traffic is sent in flow analysis module and is filtered analysis, if in the member id sensitive keys word frequency
Greater than frequency threshold c, then the member id is added in key monitoring data list;
S7: similarity analysis module is for member's behavior in key monitoring data list, after being grouped, establishes different
The blacklist relation data map of group, member's behavior can be the size of the gambling amount of money or the frequency for number of gambling;
S8: monitoring module is analyzed for the member of each group on network, group relation map is established, by the group
Relation map is successively compared from different groups of blacklist relation data map, if there is overlapping, then the group is added
Into key monitoring list;
S9: flow analysis module is filtered analysis for the group data in key monitoring list.
Further: in the S7, the data analysis module similarity analysis method is calculated using k-means clustering
Method.
Further: in the S7, the data analysis module similarity analysis method is calculated using Minkowskwi distance
Method.
The invention has the benefit that first, it is analyzed by the sensitive keys word to User ID, it may be possible to User ID
Corresponding behavior is analyzed.
Second, by the interaction of member id corresponding with the User ID, monitoring can be associated to the gambling, one
Net is beaten to the greatest extent.
Third is provided with the monitoring module of emphasis, can carry out to the member id in key monitoring data list sensitive
It scouts, group and key monitoring data list is compared, emphasis is carried out to the data for the group for having gambling gathering of people
Data traffic analysis.
Detailed description of the invention
Fig. 1 is work flow diagram of the invention.
Specific embodiment
The preferred embodiments of the present invention will be described in detail with reference to the accompanying drawing, so that advantages and features of the invention energy
It is easier to be readily appreciated by one skilled in the art, so as to make a clearer definition of the protection scope of the present invention.
As shown in Figure 1:
For the counter method of crime of laundering behavior,
Using following steps,
S1: foundation has retrieval sensitive word information database, includes gambling personnel in the retrieval sensitive word information database
Various gambling rules and discourse system;
S2: sensitive word rules for grasping is provided in flow analysis module, flow analysis module is in real time to network traffic data
It is filtered analysis, user information is determined by sensitive word;
S3: if repeatedly there is sensitive word in the record for passing through a User ID, which is added to blacklist
In database, the corresponding data logging of the User ID is established;
S4: crawler module crawls all activity datas of the User ID on network, and the data crawled are passed
It is sent in flow analysis module and is filtered, flow analysis module extracts the contextual information with sensitive word, will have sensitivity
The contextual information of word is written in the corresponding data logging of the User ID;
S5: being provided with members list, extracts the intersection record with the User ID, by its interacted with User ID with this
He is put into members list by member id;
S6: being provided with frequency threshold c, and crawler module successively traverses data flow of the member id on network in members list
Amount, data traffic is sent in flow analysis module and is filtered analysis, if in the member id sensitive keys word frequency
Greater than frequency threshold c, then the member id is added in key monitoring data list;
S7: similarity analysis module is for member's behavior in key monitoring data list, after being grouped, establishes different
The blacklist relation data map of group, member's behavior can be the size of the gambling amount of money or the frequency for number of gambling;
S8: monitoring module is analyzed for the member of each group on network, group relation map is established, by the group
Relation map is successively compared from different groups of blacklist relation data map, if there is overlapping, then the group is added
Into key monitoring list;
S9: flow analysis module is filtered analysis for the group data in key monitoring list.
In S7, data analysis module similarity analysis method uses k-means cluster algorithm or use
Minkowskwi distance algorithm.
Claims (3)
1. being directed to the counter method of crime of laundering behavior, it is characterised in that:
Using following steps,
S1: foundation has retrieval sensitive word information database, includes that gambling personnel are various in the retrieval sensitive word information database
Gambling rule and discourse system;
S2: being provided with sensitive word rules for grasping in flow analysis module, flow analysis module in real time carries out network traffic data
Filter analysis determines user information by sensitive word;
S3: if repeatedly there is sensitive word in the record for passing through a User ID, which is added to blacklist data
In library, the corresponding data logging of the User ID is established;
S4: crawler module crawls all activity datas of the User ID on network, and the data transmission crawled is arrived
It is filtered in flow analysis module, flow analysis module extracts the contextual information with sensitive word, will be with sensitive word
Contextual information is written in the corresponding data logging of the User ID;
S5: being provided with members list, extracts the intersection record with the User ID, by interacted with this with User ID other at
Member ID is put into members list;
S6: being provided with frequency threshold c, and crawler module successively traverses data traffic of the member id on network in members list,
Data traffic is sent in flow analysis module and is filtered analysis, if the frequency of sensitive keys word is greater than in the member id
The member id is then added in key monitoring data list by frequency threshold c;
S7: similarity analysis module after being grouped, establishes different groups for member's behavior in key monitoring data list
Blacklist relation data map, member's behavior can be the size of the gambling amount of money or the frequency for number of gambling;
S8: monitoring module is analyzed for the member of each group on network, group relation map is established, by the group relation
Map is successively compared from different groups of blacklist relation data map, if there is overlapping, then the group is added to weight
In point monitoring list;
S9: flow analysis module is filtered analysis for the group data in key monitoring list.
2. being directed to the counter method of crime of laundering behavior according to claim 1, it is characterised in that: in the S7, the number
K-means cluster algorithm is used according to analysis module similarity analysis method.
3. being directed to the counter method of crime of laundering behavior according to claim 1, it is characterised in that: in the S7, the number
Minkowskwi distance algorithm is used according to analysis module similarity analysis method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811450151.1A CN109558480A (en) | 2018-11-30 | 2018-11-30 | For the counter method of crime of laundering behavior |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811450151.1A CN109558480A (en) | 2018-11-30 | 2018-11-30 | For the counter method of crime of laundering behavior |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109558480A true CN109558480A (en) | 2019-04-02 |
Family
ID=65868130
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811450151.1A Pending CN109558480A (en) | 2018-11-30 | 2018-11-30 | For the counter method of crime of laundering behavior |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109558480A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110516156A (en) * | 2019-08-29 | 2019-11-29 | 深信服科技股份有限公司 | A kind of network behavior monitoring device, method, equipment and storage medium |
| CN112333160A (en) * | 2020-10-23 | 2021-02-05 | 浪潮(北京)电子信息产业有限公司 | Block chain transaction information processing method and system, electronic device and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2010182287A (en) * | 2008-07-17 | 2010-08-19 | Steven C Kays | Intelligent adaptive design |
| CN101989292A (en) * | 2009-07-31 | 2011-03-23 | 李超 | Sensitive information analysis system and method |
| CN107918633A (en) * | 2017-03-23 | 2018-04-17 | 广州思涵信息科技有限公司 | Sensitive public sentiment content identification method and early warning system based on semantic analysis technology |
| CN108153760A (en) * | 2016-12-05 | 2018-06-12 | 中国移动通信有限公司研究院 | Network gambling monitoring method and device |
| CN108737491A (en) * | 2018-03-23 | 2018-11-02 | 腾讯科技(深圳)有限公司 | Information-pushing method and device and storage medium, electronic device |
-
2018
- 2018-11-30 CN CN201811450151.1A patent/CN109558480A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2010182287A (en) * | 2008-07-17 | 2010-08-19 | Steven C Kays | Intelligent adaptive design |
| CN101989292A (en) * | 2009-07-31 | 2011-03-23 | 李超 | Sensitive information analysis system and method |
| CN108153760A (en) * | 2016-12-05 | 2018-06-12 | 中国移动通信有限公司研究院 | Network gambling monitoring method and device |
| CN107918633A (en) * | 2017-03-23 | 2018-04-17 | 广州思涵信息科技有限公司 | Sensitive public sentiment content identification method and early warning system based on semantic analysis technology |
| CN108737491A (en) * | 2018-03-23 | 2018-11-02 | 腾讯科技(深圳)有限公司 | Information-pushing method and device and storage medium, electronic device |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110516156A (en) * | 2019-08-29 | 2019-11-29 | 深信服科技股份有限公司 | A kind of network behavior monitoring device, method, equipment and storage medium |
| CN112333160A (en) * | 2020-10-23 | 2021-02-05 | 浪潮(北京)电子信息产业有限公司 | Block chain transaction information processing method and system, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110233849B (en) | Method and system for analyzing network security situation | |
| Fan et al. | Using artificial anomalies to detect unknown and known network intrusions | |
| CN109446817A (en) | A kind of detection of big data and auditing system | |
| CN104915600B (en) | A kind of Android application securitys methods of risk assessment and device | |
| CN109558480A (en) | For the counter method of crime of laundering behavior | |
| Yu et al. | Anomaly intrusion detection based upon data mining techniques and fuzzy logic | |
| CN108418835A (en) | A kind of Port Scan Attacks detection method and device based on Netflow daily record datas | |
| CN110162968A (en) | A kind of Network Intrusion Detection System based on machine learning | |
| Fisher | Security, identity, and British counterterrorism policy | |
| CN107623691A (en) | A kind of ddos attack detecting system and method based on reverse transmittance nerve network algorithm | |
| Zhao et al. | Fuzzy integrated rough set theory situation feature extraction of network security | |
| Liang | An improved intrusion detection based on neural network and fuzzy algorithm | |
| Muneer et al. | Cyber Security event detection using machine learning technique | |
| Petersen | Data mining for network intrusion detection: A comparison of data mining algorithms and an analysis of relevant features for detecting cyber-attacks | |
| Mejova et al. | Authority without care: moral values behind the mask mandate response | |
| Kavitha et al. | Emerging intuitionistic fuzzy classifiers for intrusion detection system | |
| CN110458570B (en) | Risk transaction management and configuration method and system thereof | |
| CN107066881A (en) | Intrusion detection method based on Kohonen neutral nets | |
| Jadhav et al. | Hybrid-Ids: an approach for intrusion detection system with hybrid feature extraction technique using supervised machine learning | |
| Kenny | Law and the art of defining religion | |
| Liao et al. | Research on network intrusion detection method based on deep learning algorithm | |
| Amro et al. | Application of fuzzy logic in computer security and forensics | |
| Parfenov et al. | Research of multiclass fuzzy classification of traffic for attacks identification in the networks | |
| CN109194622A (en) | A kind of encryption flow analysis feature selection approach based on feature efficiency | |
| Xu | Research on network intrusion detection method based on machine learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190402 |
|
| WD01 | Invention patent application deemed withdrawn after publication |