CN109978547B - Risk behavior control method, risk behavior control system, risk behavior control device and storage medium - Google Patents

Risk behavior control method, risk behavior control system, risk behavior control device and storage medium Download PDF

Info

Publication number
CN109978547B
CN109978547B CN201711465448.0A CN201711465448A CN109978547B CN 109978547 B CN109978547 B CN 109978547B CN 201711465448 A CN201711465448 A CN 201711465448A CN 109978547 B CN109978547 B CN 109978547B
Authority
CN
China
Prior art keywords
risk
behavior
risk behavior
defense
behaviors
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711465448.0A
Other languages
Chinese (zh)
Other versions
CN109978547A (en
Inventor
靳小威
许晶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Jingdong Shangke Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN201711465448.0A priority Critical patent/CN109978547B/en
Publication of CN109978547A publication Critical patent/CN109978547A/en
Application granted granted Critical
Publication of CN109978547B publication Critical patent/CN109978547B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing

Abstract

The invention discloses a risk behavior control method, a risk behavior control system, risk behavior control equipment and a storage medium. The risk behavior control method comprises a risk behavior scoring step, wherein the risk behavior scoring step comprises the following steps: s11, collecting behavior data of various risk behaviors of the user; s12, extracting user information and characteristic index items in the behavior data of each risk behavior; and S13, calculating the risk behavior score of each risk behavior according to the characteristic index items by using at least one scoring model. According to the method and the system, the risk behavior score is calculated independently for each risk behavior, so that the risk user of each risk behavior can be accurately identified, defense actions with different risk levels are set aiming at the risk behaviors possibly occurring in a business scene, and then the real-time defense service can flexibly configure the control strategy, so that the risk control strategy is more targeted, and the real-time defense effect on the risk behaviors is improved.

Description

Risk behavior control method, risk behavior control system, risk behavior control device and storage medium
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method, a system, a device, and a storage medium for controlling a risk behavior.
Background
With the development of the internet trading platform, a large number of malicious behaviors aiming at marketing subsidies of the internet trading platform are bred. Most of funds of marketing activities of the internet trading platform are consumed by malicious users without bringing real user traffic, which affects the normal operation of the internet trading platform.
Aiming at the situation, risk identification and control systems are developed by all the internet transaction platforms to identify risk behaviors which may influence the normal operation of the internet transaction platforms, and then corresponding control strategies are adopted for the risk behaviors. Referring to fig. 1, a conventional risk identification and control system mainly includes a comprehensive risk scoring module, a unified control policy module and a defense service module, wherein the comprehensive risk scoring module is configured to perform comprehensive risk scoring on a user according to all risk behaviors (risk behavior 1 and risk behavior 2 … … risk behavior N) of the user, the unified control policy module is configured to configure a fixed risk control policy for the user according to the comprehensive risk scoring, and the defense service module is configured to apply the risk control policy to all service scenarios of an internet transaction platform, so as to maintain normal operation of the internet transaction platform.
Specifically, if a user has risk behaviors of lock inventory, after the user is comprehensively scored according to the lock inventory, a risk control strategy is configured for the user, and the risk control strategy is applied to all scenes (such as a coupon marketing campaign) of an internet transaction platform except the lock inventory, so that even if the user does not have the risk behaviors of batch coupon swiping, the participation of the user in the coupon marketing campaign is limited by the risk configuration strategy.
Therefore, the traditional risk behavior recognition system cannot achieve precise defense aiming at different service scenes of the internet transaction platform, the user experience is seriously influenced, and effective users may be lost.
Disclosure of Invention
The invention aims to overcome the defect that a risk identification system in the prior art cannot accurately defend different service scenes of an internet transaction platform, and provides a risk behavior scoring method, a system, equipment and a storage medium.
The invention solves the technical problems through the following technical scheme:
a risk behavior control method is characterized by comprising a risk behavior scoring step, wherein the risk behavior scoring step comprises the following steps:
s11, collecting behavior data of various risk behaviors of the user;
s12, extracting user information and characteristic index items in the behavior data of each risk behavior;
and S13, calculating the risk behavior score of each risk behavior according to the characteristic index items by using at least one scoring model.
Preferably, step S11 specifically includes: the method comprises the steps of collecting behavior data of a user, screening various risk behaviors from the behavior data, and collecting the behavior data of the risk behaviors.
Preferably, in step S13, the scoring models corresponding to the risk behaviors of different types are different.
Preferably, the risk behavior control method further includes a policy configuration step, where the policy configuration step includes:
s21, configuring at least one risk behavior for the business scene;
s22, dividing at least one risk grade for the risk behaviors, wherein different risk grades correspond to risk behavior scores in different ranges;
s23, configuring at least one defense action for the risk behaviors of each risk level.
Preferably, the risk behavior scoring step further comprises: s14, storing the risk behavior score, the corresponding user information and the risk behavior into a risk behavior score database;
the policy configuration step further comprises: s24, saving the business scenario, the corresponding risk behavior, the risk level and the defense action to a strategy configuration database.
Preferably, the risk behavior control method further comprises a real-time defense step, and the real-time defense step comprises:
s31, collecting behavior data in a service scene in real time, and extracting user information;
s32, acquiring the risk behavior score of the behavior data acquired in real time in the step S31 from the risk behavior score database;
s33, obtaining defense actions corresponding to the real-time collected behavior data from the strategy configuration database according to the risk behavior scores in the step S32;
s34, combining the defense actions in the step S33 and generating a control strategy;
s35, applying the control strategy to the service scenario in step S31.
An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the risk behavior control method of any of the above when executing the computer program.
A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the risk behaviour control method according to any of the preceding claims.
A risk behavior control system, comprising a risk behavior scoring module, the risk behavior scoring module comprising:
the first acquisition unit is used for acquiring behavior data of various risk behaviors of a user;
the extraction unit is used for extracting user information and characteristic index items in the behavior data of each risk behavior;
and the first scoring unit is used for calculating the risk behavior score of each risk behavior according to the characteristic index item by utilizing at least one scoring model.
Preferably, the first collecting unit is specifically configured to: the method comprises the steps of collecting behavior data of a user, screening various risk behaviors from the behavior data, and collecting the behavior data of the risk behaviors.
Preferably, the scoring models for different types of risk behaviors are different.
Preferably, the risk behavior control system further comprises a policy configuration module, the policy configuration module comprising:
the first configuration unit is used for configuring at least one risk behavior for a business scenario;
the risk grade dividing unit is used for dividing at least one risk grade for the risk behaviors, and different risk grades correspond to risk behavior scores in different ranges;
a second configuration unit for configuring at least one defensive action for the risk behavior of each of the risk classes.
Preferably, the risk behavior scoring module further comprises: the first storage unit is used for storing the risk behavior scores, the corresponding user information and the risk behaviors into a risk behavior score database;
the policy configuration module further comprises: and the second storage unit is used for storing the business scene, the corresponding risk behavior, the risk level and the defense action to a policy configuration database.
Preferably, the risk behavior control system further comprises a real-time defense module, the real-time defense module comprising:
the second acquisition unit is used for acquiring behavior data in a service scene in real time and extracting user information;
the second scoring unit is used for acquiring the risk behavior score of the behavior data acquired by the second acquisition unit in real time from the risk behavior score database;
the third configuration unit is used for acquiring defense actions corresponding to the real-time acquired behavior data from the strategy configuration database according to the risk behavior scores of the second scoring unit;
a control policy generation unit configured to combine the defensive actions configured by the third configuration unit and generate a control policy;
and the real-time defense unit is used for applying the control strategy to the service scene applicable to the second acquisition unit.
The positive progress effects of the invention are as follows: according to the method, based on different characteristics of mass behavior data, the mass behavior data are subdivided into multiple risk behaviors, and the risk behavior score is calculated independently for each risk behavior, so that the risk users of each risk behavior can be accurately identified, the risk control strategy is more targeted, and the real-time defense effect on the risk behaviors is improved.
Drawings
Fig. 1 is a schematic structural diagram of a conventional risk identification and control system.
Fig. 2 is a flowchart of a risk behavior control method according to embodiment 1 of the present invention.
Fig. 3 is a schematic diagram of a hardware structure of an electronic device according to embodiment 2 of the present invention.
Fig. 4 is a flowchart of a risk behavior scoring step of the risk behavior control method according to embodiment 4 of the present invention.
Fig. 5 is a flowchart of policy configuration steps of a risk behavior control method according to embodiment 4 of the present invention.
Fig. 6 is a flowchart of real-time defense steps of a risk behavior control method according to embodiment 4 of the present invention.
Fig. 7 is a flowchart of real-time defense steps of a risk behavior control method according to embodiment 7 of the present invention.
Fig. 8 is a schematic structural diagram of a risk behavior control system according to embodiment 10 of the present invention.
Fig. 9 is a schematic structural diagram of a risk behavior control system according to embodiment 11 of the present invention.
Fig. 10 is a schematic structural diagram of a risk behavior control system according to embodiment 12 of the present invention.
Detailed Description
The invention is further illustrated by the following examples, which are not intended to limit the scope of the invention.
Example 1
Fig. 2 shows a flowchart of a risk behavior control method according to this embodiment, where the risk behavior control method includes a risk behavior scoring step, and specifically includes, as shown in fig. 2:
s101, acquiring behavior data of various risk behaviors of a user;
s102, extracting user information and characteristic index items in behavior data of each risk behavior;
and S103, calculating the risk behavior score of each risk behavior according to the characteristic index items by using at least one scoring model.
That is, firstly, massive behavior data (including offline data, quasi-real-time data and real-time data) are collected, the collected behavior data can be screened according to a service scene, a user behavior track and the like, various risk behaviors are screened from the collected behavior data, for example, batch registration, batch login, batch ordering, batch coupon picking, malicious rejection, inventory locking, gift deception, false transaction and the like, and then the behavior data of each risk behavior is collected; aiming at a specific risk behavior, such as lock inventory, extracting user information and characteristic index items in behavior data of the collected lock inventory behavior, wherein the user information and the characteristic index items are respectively used for pointing to a user with the lock inventory behavior and used as parameters for calculating risk behavior scores of the lock inventory behavior; and calculating the risk behavior score (including off-line calculation and real-time calculation) of the lock inventory behavior of each user with the lock inventory behavior according to the characteristic index items extracted from the collected behavior data by using one or a group of score models corresponding to the lock inventory behavior, wherein the score standard can refer to a score range of 0-100, wherein 0 represents no risk, and the score is higher and represents higher risk.
According to the risk behavior control method, based on different characteristics of mass behavior data, the risk behavior control method is subdivided into multiple risk behaviors, and the risk behavior score is calculated for each risk behavior independently, so that the risk users of each risk behavior can be accurately identified, defense for the risk behaviors is more targeted, and defense effect is improved. It can be understood that the more finely divided the risk behaviors, the better the targeted defense effect on the risk behaviors.
Example 2
Fig. 3 shows a hardware structure diagram of the electronic device 4 of the present embodiment, and the electronic device 4 may be represented in the form of a general-purpose computing device, such as a server device. As shown in fig. 3, the electronic device 4 specifically includes:
at least one processor 41, at least one memory 42, and a bus 43 for connecting the various system components (including the processor 41 and the memory 42), wherein:
the bus 43 includes a data bus, an address bus, and a control bus.
The memory 42 includes volatile memory, such as Random Access Memory (RAM)421 and/or cache memory 422, and may further include Read Only Memory (ROM) 423.
Memory 42 also includes a program/utility 425 having a set (at least one) of program modules 424, such program modules 424 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The processor 41 executes various functional applications and data processing, such as the risk behavior control method provided in embodiment 1 of the present invention, by running the computer program stored in the memory 42.
The electronic device 4 further may communicate with one or more external devices 44 (e.g., a keyboard, a pointing device, etc.). Such communication may be through an input/output (I/O) interface 45. Also, the electronic device 4 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via the network adapter 46. The network adapter 46 communicates with other modules of the electronic device 4 via the bus 43. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with electronic device 4, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID (disk array) systems, tape drives, and data backup storage systems, etc.
It should be noted that although in the above detailed description several units/modules or sub-units/modules of the electronic device are mentioned, such a division is merely exemplary and not mandatory. Indeed, the features and functionality of two or more of the units/modules described above may be embodied in one unit/module, according to embodiments of the application. Conversely, the features and functions of one unit/module described above may be further divided into embodiments by a plurality of units/modules.
Example 3
The present embodiment provides a computer-readable storage medium on which a computer program is stored, which when executed by a processor implements the risk behavior control method provided in embodiment 1.
Example 4
The risk behavior control method of this embodiment is a further improvement of embodiment 1, and includes a risk behavior scoring step, a policy configuration step, and a real-time defense step, where the risk behavior scoring step and the policy configuration step are not consecutive and may be performed either sequentially or in parallel, specifically, fig. 4 shows a flowchart of the risk behavior scoring step of this embodiment, fig. 5 shows a flowchart of the policy configuration step of this embodiment, and fig. 6 shows a flowchart of the real-time defense step of this embodiment.
As shown in fig. 4, compared with embodiment 1, the risk behavior scoring step of this embodiment further includes: and S104, storing the risk behavior score, the corresponding user information and the risk behavior into a risk behavior score database, so that subsequent operations can quickly acquire related risk behavior score data.
As shown in fig. 5, the policy configuration step specifically includes:
s201, configuring at least one risk behavior for a business scene;
s202, dividing at least one risk level for the risk behaviors, wherein different risk levels correspond to risk behavior scores in different ranges;
s203, configuring at least one defense action for the risk behaviors of each risk level;
s204, storing the business scene, the corresponding risk behavior, the risk level and the defense action to a strategy configuration database.
The internet transaction platform comprises a plurality of service scenes, such as registration, login, order placing, second killing, first-aid purchase and the like, and firstly analyzes one or more possible risk behaviors in the scene aiming at the service scene, for example, if the risk behavior X needs to be considered in the service scene, the risk behavior X is configured for the service scene; at least one risk level is assigned to the risky behavior X, the different risk levels corresponding to different ranges of risk behavior scores, e.g., a risk behavior score range of [1,25) corresponds to a first risk level, a risk behavior score range of [25,50) corresponds to a second risk level, a risk behavior score range of [50,75) corresponds to a third risk level, and a risk behavior score range of [75,100] corresponds to a fourth risk level; respectively configuring one or more defense actions for the risk behaviors X of the first risk level to the fourth risk level, for example, configuring a first defense action for the risk behavior X of the first risk level, configuring a second defense action and a third defense action for the risk behavior X of the second risk level, configuring a fourth defense action for the risk behavior X of the third risk level, and configuring a fifth defense action and a sixth defense action for the risk behavior X of the fourth risk level; and then, the service scene, the corresponding risk behavior, the risk behavior grade and the defense action are stored in a strategy configuration database, so that the subsequent operation can quickly acquire the relevant strategy configuration data. Therefore, even if the business scene is newly set, the risk behaviors can be configured for the business scene according to experience, and defense actions can be configured for the risk behaviors in the business scene more flexibly.
As shown in fig. 6, the real-time defense step specifically includes:
s301, collecting behavior data in the service scene A in real time, and extracting user information;
s302, acquiring risk behavior scores of behavior data collected in real time from a risk behavior score database;
s303, acquiring defense actions corresponding to the behavior data acquired in real time from the strategy configuration database according to the risk behavior scores;
s304, combining defense actions and generating a control strategy;
s305, applying the control strategy to the service scene A.
When providing real-time defense service in a service scene A, firstly, acquiring behavior data in the service scene A in real time and extracting user information; acquiring the risk behavior score of the behavior data in the service scene A from a risk behavior score database; then, defensive actions corresponding to the behavior data acquired in real time, such as a first defensive action, a second defensive action and a third defensive action, are acquired from the strategy configuration database according to the risk behavior score; combining the first, second and third prevention actions, including de-duplicating configuration data of the first, second and third prevention actions to simplify intermediate data, rearranging the combination, etc., to generate a control strategy; and finally, applying the control strategy to the service scene A to perform targeted real-time defense on the dangerous behaviors in the service scene A.
In the risk behavior control method of this embodiment, on the basis that the risk behavior scoring step scores the risk behaviors individually, defense actions of different risk levels are set for the risk behaviors that may occur in each scene through the policy configuration step, and the control policy of the risk behaviors is flexibly configured, so that when real-time defense is performed in a specific service scene, behavior data in the service scene can be analyzed in time, and defense actions are configured for the real-time defense step to use and defend the risk behaviors in real time.
Example 5
This embodiment provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the program, the risk behavior control method provided in embodiment 4 is implemented.
Example 6
The present embodiment provides a computer-readable storage medium on which a computer program is stored, which when executed by a processor implements the steps of the risk behaviour control method provided in embodiment 4.
Example 7
The risk behavior control method in this embodiment is a further improvement on embodiment 4, and more specifically, the real-time defense step in this embodiment is a further refinement of embodiment 4, and fig. 7 shows a flowchart of the real-time defense step.
As shown in fig. 7, step S302 of the real-time defense step specifically includes:
s3021, judging whether the risk behavior scoring database in the step S104 includes the user information;
if yes, go to step 3022; if not, returning to the step S301;
s3022, judging whether the risk behavior corresponding to the user information in the risk behavior scoring database is the same as the risk behavior configured for the service scenario A in the step S201;
if yes, go to step S3023; if not, returning to the step S301;
and S3023, calling a risk behavior score corresponding to the user information and the risk behavior from the risk behavior score database.
Step S303 of the real-time defense step specifically includes: s3031, the policy configuration database of step S204 retrieves a defense action corresponding to the user information and the risk behavior.
Specifically judging whether a user in the service scene A has risk behaviors configured for the service scene A in the strategy configuration step, if so, applying a control strategy to the user in the service scene A to perform real-time defense; and if not, continuing to monitor the behavior data in the service scene A.
Certainly, the data in the risk behavior scoring database and the policy configuration database in this embodiment may be synchronously updated to a cache redis (an open source, support network, log-type, key-value database that may be based on an internal memory or may be persistent, written in ANSI C language), so as to ensure fast response of the data in the risk behavior control method.
The risk behavior control method of this embodiment is a further improvement of embodiment 4, and by invoking and judging the data stored in the database and/or the cache in each step, the processing speed of the data is increased, so that the risk behavior in the business scene can be responded to quickly.
Example 8
This embodiment provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the program, the risk behavior control method provided in embodiment 7 is implemented.
Example 9
The present embodiment provides a computer-readable storage medium on which a computer program is stored, which when executed by a processor implements the steps of the risk behaviour control method provided in embodiment 7.
Example 10
Fig. 8 shows a schematic structural diagram of a risk behavior control system of this embodiment, where the risk behavior control system includes a risk behavior scoring module 1, and specifically includes, as shown in fig. 8:
the first acquisition unit 11 is used for acquiring behavior data of various risk behaviors of a user;
the extraction unit 12 is used for extracting the user information and the characteristic index items in the behavior data of each risk behavior;
and the first scoring unit 13 is used for calculating the risk behavior score of each risk behavior according to the characteristic index items by using at least one scoring model.
That is, first, the first acquisition unit 11 collects a large amount of behavior data (including offline data, quasi-real-time data and real-time data), and may screen the collected behavior data according to a service scene, a user behavior track, and the like, and screen out various risk behaviors, such as batch registration, batch login, batch ordering, batch coupon picking, malicious rejection, inventory locking, deceiving mail, false transactions, and the like, and then acquires the behavior data of each risk behavior; for a specific risk behavior, such as lock inventory, the extracting unit 12 extracts the user information and the feature index items in the behavior data of the collected lock inventory behavior, which are respectively used for pointing to the user with the lock inventory behavior and serving as parameters for calculating the risk behavior score of the lock inventory behavior; the first scoring unit 13 calculates a risk behavior score (including off-line calculation and real-time calculation) of the lock inventory behavior of each user having the lock inventory behavior according to the feature index items extracted from the collected behavior data by using one or a set of scoring models corresponding to the lock inventory behavior, and the scoring criterion may refer to a score range of 0-100, where 0 represents no risk and higher score represents higher risk.
The risk behavior control system of the embodiment subdivides the massive behavior data into multiple risk behaviors based on different characteristics of the massive behavior data, and calculates the risk behavior score for each risk behavior independently, so that the risk users of each risk behavior can be accurately identified, defense for the risk behaviors is more targeted, and defense effect is improved. It can be understood that the more finely divided the risk behaviors, the better the targeted defense effect on the risk behaviors.
Example 11
The risk behavior control system of this embodiment is a further improvement of embodiment 10, and includes a risk behavior scoring module 1, a policy configuration module 2, and a real-time defense module 3, and specifically, fig. 9 is a schematic structural diagram of the risk behavior control system of this embodiment.
As shown in fig. 9, compared with embodiment 10, the risk behavior scoring module 1 of this embodiment further includes: the first storage unit 14 is used for storing the risk behavior score, the corresponding user information and the risk behavior to a risk behavior score database, so that the subsequent operation can quickly acquire the related risk behavior score data.
As shown in fig. 9, the policy configuration module 2 specifically includes:
a first configuration unit 21, configured to configure at least one risk behavior for a business scenario;
the risk grade dividing unit 22 is used for dividing at least one risk grade for the risk behaviors, wherein different risk grades correspond to risk behavior scores in different ranges;
a second configuration unit 23 for configuring at least one defensive action for the risk behavior of each risk level;
a second storage unit 24, configured to store the business scenario, the corresponding risk behavior, the risk level, and the defense action in a policy configuration database.
The internet transaction platform includes a plurality of service scenarios, such as registration, login, order placement, second order killing, first, one or more risk behaviors that may occur in the scenario are analyzed for the service scenario, for example, the risk behavior X needs to be considered in the service scenario, and then the first configuration unit 21 configures the risk behavior X for the service scenario; the risk ranking unit 22 ranks the risk behavior X into at least one risk ranking, the different risk rankings corresponding to different ranges of risk behavior scores, for example, the risk behavior scoring range of [1,25) corresponds to a first risk ranking, the risk behavior scoring range of [25,50) corresponds to a second risk ranking, the risk behavior scoring range of [50,75) corresponds to a third risk ranking, and the risk behavior scoring range of [75,100] corresponds to a fourth risk ranking; the second configuration unit 23 configures one or more defense actions for the risk behaviors X of the first to fourth risk levels, for example, configures a first defense action for the risk behavior X of the first risk level, configures a second defense action and a third defense action for the risk behavior X of the second risk level, configures a fourth defense action for the risk behavior X of the third risk level, and configures a fifth defense action and a sixth defense action for the risk behavior X of the fourth risk level; and then, the service scene, the corresponding risk behavior, the risk behavior grade and the defense action are stored in a strategy configuration database, so that the subsequent operation can quickly acquire the relevant strategy configuration data. Therefore, even if the business scene is newly set, the risk behaviors can be configured for the business scene according to experience, and defense actions can be configured for the risk behaviors in the business scene more flexibly.
As shown in fig. 9, the real-time defense module 3 specifically includes:
the second acquisition unit 31 is used for acquiring behavior data in the service scene a in real time and extracting user information;
the second scoring unit 32 is configured to obtain a risk behavior score of behavior data collected in real time from the risk behavior score database;
the third configuration unit 33 is configured to obtain a defense action corresponding to the behavior data acquired in real time from the policy configuration database according to the risk behavior score;
a control policy generation unit 34 for combining the defense actions and generating a control policy;
a real-time defense unit 35 for applying the control policy to the service scenario a.
When providing a real-time defense service in a service scene a, first, the second acquisition unit 31 acquires behavior data in the service scene a in real time, and extracts user information; the second scoring unit 32 obtains the risk behavior score of the behavior data in the service scene a from the risk behavior score database; the third configuration unit 33 obtains defensive actions corresponding to the behavior data collected in real time, such as a first defensive action, a second defensive action and a third defensive action, from the policy configuration database according to the risk behavior score; the control policy generation unit 34 combines the first, second, and third prevention actions, including deduplication of configuration data of the first, second, and third prevention actions to simplify intermediate data, rearrangement combination, and the like, to generate a control policy; finally, the real-time defense unit 35 applies the control policy to the service scenario a to perform targeted real-time defense on the risky behavior in the service scenario a.
In the risk behavior control system of this embodiment, on the basis that the risk behavior scoring module 1 scores risk behaviors individually, defense actions of different risk levels are set for the risk behaviors that may occur in each scene through the policy configuration module 2, and the control policy of the risk behaviors is flexibly configured, so that when real-time defense is performed in a specific service scene, behavior data in the service scene can be analyzed in time, and defense actions are configured to be used by the real-time defense module 3 and defend the risk behaviors in real time.
Example 12
The method for controlling risk behaviors is a further improvement of embodiment 11, and more specifically, the real-time defense module 3 of the present embodiment is a further refinement of embodiment 11, and fig. 10 shows a schematic structural diagram of a risk behavior control system.
As shown in fig. 10, the second scoring unit 32 of the real-time defense module 3 specifically includes:
a first judging unit 321, configured to judge whether the risk behavior score database in the first storage unit 14 includes the user information;
a second determining unit 322, configured to determine, when the first determining unit 36 determines that the risk behavior is the same as the risk behavior configured for the service scenario a by the first configuring unit 21, whether the risk behavior corresponding to the user information in the risk behavior scoring database is the same as the risk behavior configured for the service scenario a by the first configuring unit;
a first retrieving unit 323, configured to retrieve, when the second determining unit 37 determines that the risk behavior score is positive, a risk behavior score corresponding to the user information and the risk behavior from the risk behavior score database.
The third configuration unit 33 of the real-time defense module 3 specifically includes: the second retrieving unit 331 is configured to retrieve the defense action corresponding to the user information and the risk behavior in the policy configuration database of the second storage unit 24.
Specifically judging whether a user in the service scene A has a risk behavior configured for the service scene A by the strategy configuration module 2, if so, applying a control strategy to the user in the service scene A for real-time defense; and if not, continuing to monitor the behavior data in the service scene A.
Certainly, the data in the risk behavior scoring database and the policy configuration database in this embodiment may be synchronously updated to a cache redis (an open source, support network, log-type, key-value database that may be based on an internal memory or may be persistent, written in ANSI C language), so as to ensure fast response of the data in the risk behavior control method.
The risk behavior control system of this embodiment is a further improvement of embodiment 11, and by invoking and judging data stored in the database and/or the cache in each module, the processing speed of the data is increased, so that a response can be quickly made to the risk behavior in a business scenario.
While specific embodiments of the invention have been described above, it will be appreciated by those skilled in the art that this is by way of example only, and that the scope of the invention is defined by the appended claims. Various changes and modifications to these embodiments may be made by those skilled in the art without departing from the spirit and scope of the invention, and these changes and modifications are within the scope of the invention.

Claims (12)

1. A risk behavior control method, comprising a risk behavior scoring step, the risk behavior scoring step comprising:
s11, collecting behavior data of various risk behaviors of the user;
s12, extracting user information and characteristic index items in the behavior data of each risk behavior;
s13, calculating a risk behavior score of each risk behavior according to the characteristic index items by using at least one scoring model;
the risk behavior control method further comprises a real-time defense step, wherein the real-time defense step comprises the following steps:
s31, collecting behavior data in a service scene in real time, and extracting user information;
s32, acquiring the risk behavior score of the behavior data acquired in real time in the step S31 from a risk behavior score database;
s33, obtaining defense actions corresponding to the real-time collected behavior data from a strategy configuration database according to the risk behavior scores in the step S32;
s34, combining the defense actions in the step S33 and generating a control strategy;
s35, applying the control strategy to the service scenario in step S31.
2. The risk behavior control method according to claim 1, wherein step S11 specifically includes:
the method comprises the steps of collecting behavior data of a user, screening various risk behaviors from the behavior data, and collecting the behavior data of the risk behaviors.
3. The risk behavior control method of claim 1, wherein in step S13, the scoring models for different types of the risk behaviors differ.
4. The risk behavior control method of claim 1, further comprising a policy configuration step, the policy configuration step comprising:
s21, configuring at least one risk behavior for the business scene;
s22, dividing at least one risk grade for the risk behaviors, wherein different risk grades correspond to risk behavior scores in different ranges;
s23, configuring at least one defense action for the risk behaviors of each risk level.
5. The risk behavior control method of claim 4,
the risk behavior scoring step further comprises: s14, storing the risk behavior score, the corresponding user information and the risk behavior into a risk behavior score database;
the policy configuration step further comprises: s24, saving the business scenario, the corresponding risk behavior, the risk level and the defense action to a strategy configuration database.
6. An electronic device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the risk behavior control method of any of claims 1-5 when executing the computer program.
7. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the risk behaviour control method according to any one of claims 1-6.
8. A risk behavior control system, comprising a risk behavior scoring module, the risk behavior scoring module comprising:
the first acquisition unit is used for acquiring behavior data of various risk behaviors of a user;
the extraction unit is used for extracting user information and characteristic index items in the behavior data of each risk behavior;
the first scoring unit is used for calculating a risk behavior score of each risk behavior according to the characteristic index items by utilizing at least one scoring model;
the risk behavior control system further comprises a real-time defense module, wherein the real-time defense module comprises:
the second acquisition unit is used for acquiring behavior data in a service scene in real time and extracting user information;
the second scoring unit is used for acquiring the risk behavior score of the behavior data acquired by the second acquisition unit in real time from a risk behavior score database;
the third configuration unit is used for acquiring defense actions corresponding to the real-time acquired behavior data from a strategy configuration database according to the risk behavior scores of the second scoring unit;
a control policy generation unit configured to combine the defensive actions configured by the third configuration unit and generate a control policy;
and the real-time defense unit is used for applying the control strategy to the service scene applied by the second acquisition unit.
9. The risk-behavior control system of claim 8, wherein the first acquisition unit is specifically configured to:
the method comprises the steps of collecting behavior data of a user, screening various risk behaviors from the behavior data, and collecting the behavior data of the risk behaviors.
10. The risk behavior control system of claim 8, wherein the scoring model is different for different types of the risk behavior.
11. The risk behavior control system of claim 8, further comprising a policy configuration module, the policy configuration module comprising:
the first configuration unit is used for configuring at least one risk behavior for a business scenario;
the risk grade dividing unit is used for dividing at least one risk grade for the risk behaviors, and different risk grades correspond to risk behavior scores in different ranges;
a second configuration unit for configuring at least one defensive action for the risk behavior of each of the risk classes.
12. The risk behavior control system of claim 11,
the risk behavior scoring module further comprises: the first storage unit is used for storing the risk behavior scores, the corresponding user information and the risk behaviors into a risk behavior score database;
the policy configuration module further comprises: and the second storage unit is used for storing the business scene, the corresponding risk behavior, the risk level and the defense action to a policy configuration database.
CN201711465448.0A 2017-12-28 2017-12-28 Risk behavior control method, risk behavior control system, risk behavior control device and storage medium Active CN109978547B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711465448.0A CN109978547B (en) 2017-12-28 2017-12-28 Risk behavior control method, risk behavior control system, risk behavior control device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711465448.0A CN109978547B (en) 2017-12-28 2017-12-28 Risk behavior control method, risk behavior control system, risk behavior control device and storage medium

Publications (2)

Publication Number Publication Date
CN109978547A CN109978547A (en) 2019-07-05
CN109978547B true CN109978547B (en) 2021-08-03

Family

ID=67075269

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711465448.0A Active CN109978547B (en) 2017-12-28 2017-12-28 Risk behavior control method, risk behavior control system, risk behavior control device and storage medium

Country Status (1)

Country Link
CN (1) CN109978547B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131166B (en) * 2019-11-28 2022-06-21 重庆小雨点小额贷款有限公司 User behavior prejudging method and related equipment
CN111429145B (en) * 2020-03-26 2022-04-01 深圳市腾讯计算机系统有限公司 Risk control method and device for electronic transaction and electronic equipment
CN113420941A (en) * 2021-07-16 2021-09-21 湖南快乐阳光互动娱乐传媒有限公司 Risk prediction method and device for user behavior
CN114881711B (en) * 2022-07-11 2023-06-30 荣耀终端有限公司 Method for carrying out exception analysis based on request behaviors and electronic equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101022539A (en) * 2007-02-15 2007-08-22 华为技术有限公司 Method, system, interactive EPG and business middleware for realizing business service control
CN101132300A (en) * 2007-08-22 2008-02-27 华为技术有限公司 Multimedia business implementing system, method and relevant device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9665835B2 (en) * 2012-02-17 2017-05-30 Facebook, Inc. Social distribution of emergency status
CN102752142B (en) * 2012-07-05 2016-01-27 深圳市易聆科信息技术有限公司 A kind of method for supervising of the information system based on Conceptual Modeling and supervisory control system
CN104142970B (en) * 2013-11-26 2017-09-15 深圳市雁联计算系统有限公司 Run managing and control system and method
CN106022800A (en) * 2016-05-16 2016-10-12 北京百分点信息科技有限公司 User feature data processing method and device
US10498605B2 (en) * 2016-06-02 2019-12-03 Zscaler, Inc. Cloud based systems and methods for determining and visualizing security risks of companies, users, and groups
CN107067157A (en) * 2017-03-01 2017-08-18 北京奇艺世纪科技有限公司 Business risk appraisal procedure, device and air control system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101022539A (en) * 2007-02-15 2007-08-22 华为技术有限公司 Method, system, interactive EPG and business middleware for realizing business service control
CN101132300A (en) * 2007-08-22 2008-02-27 华为技术有限公司 Multimedia business implementing system, method and relevant device

Also Published As

Publication number Publication date
CN109978547A (en) 2019-07-05

Similar Documents

Publication Publication Date Title
CN109978547B (en) Risk behavior control method, risk behavior control system, risk behavior control device and storage medium
Carcillo et al. Scarff: a scalable framework for streaming credit card fraud detection with spark
US20210173711A1 (en) Integrated value chain risk-based profiling and optimization
US10997063B1 (en) System testing from production transactions
US10592308B2 (en) Aggregation based event identification
US9727723B1 (en) Recommendation system based approach in reducing false positives in anomaly detection
US9632861B1 (en) Computer-implemented method, system, and storage medium
US8819442B1 (en) Assessing risk associated with a computer technology
CN107704369A (en) A kind of recording method of Operation Log, electronic equipment, storage medium, system
CN111522724A (en) Abnormal account determination method and device, server and storage medium
Al-Dhaqm et al. Model derivation system to manage database forensic investigation domain knowledge
US10884909B1 (en) Code release with automatic callback
US11232019B1 (en) Machine learning based test coverage in a production environment
CN112749973A (en) Authority management method and device and computer readable storage medium
CN113033966A (en) Risk target identification method and device, electronic equipment and storage medium
CN110209558B (en) Intelligent operation and maintenance method and device based on software definition storage
CN109919608B (en) Identification method, device and server for high-risk transaction main body
US8452815B2 (en) System and methods for management of risk data and analytics
US20220353289A1 (en) Infrastructure as code pre-deployment compliance testing
CN108257011B (en) Drop list processing method and device
US11822578B2 (en) Matching machine generated data entries to pattern clusters
CN105656858B (en) A kind of data-updating method and device
CN114282940A (en) Method and apparatus for intention recognition, storage medium, and electronic device
EP3877838B1 (en) Intelligent software asset classification for software update validation
CN113254781A (en) Model determination method and device in recommendation system, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant