CN110414993A - Alias remittance malice querying method and device - Google Patents

Alias remittance malice querying method and device Download PDF

Info

Publication number
CN110414993A
CN110414993A CN201910716429.3A CN201910716429A CN110414993A CN 110414993 A CN110414993 A CN 110414993A CN 201910716429 A CN201910716429 A CN 201910716429A CN 110414993 A CN110414993 A CN 110414993A
Authority
CN
China
Prior art keywords
alias
remittance
malice
inquiry
event attribute
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910716429.3A
Other languages
Chinese (zh)
Inventor
李慧贞
梁溪
方安
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN201910716429.3A priority Critical patent/CN110414993A/en
Publication of CN110414993A publication Critical patent/CN110414993A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

This application provides a kind of alias remittance malice querying method and device, alias remittance malice querying method includes: to extract alias inquiry data according to alias remittance inquiry request message;Screening alias remittance malice inquires the attribute value of relevant event attribute from alias inquiry data;According to the information gain of each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute;Decision tree operation is carried out according to calculated result, obtains alias remittance malice query result.Using the application, alias remittance malice inquiry control can be realized, to take precautions against the risk of customer information leakage, it is ensured that transaction security in the case where not influencing normal clients alias remittance.

Description

Alias remittance malice querying method and device
Technical field
The application is about computer networking technology, especially with regard to a kind of alias remittance malice querying method and device.
Background technique
In the application of network remittance, by the remittance scenes of the alias such as cell-phone number, mail using increasing, using When alias is remitted money, client only needs the information such as input handset number or mailbox, does not need input password, can inquire payee in advance Name in an account book and account information.It inquires, may be obtained by being constantly trying to input Alias information if client initiates malice intentionally The information for taking payee, there are the risks of customer information leakage.
Summary of the invention
For the problems of the prior art, the application provides a kind of alias remittance malice querying method and device, not In the case where influencing normal clients alias remittance, alias remittance malice inquiry control is realized, to take precautions against customer information leakage Risk, it is ensured that transaction security.
In order to solve the above technical problems, the application the following technical schemes are provided:
In a first aspect, this application provides a kind of alias remittance malice querying methods, comprising:
Alias, which is extracted, according to alias remittance inquiry request message inquires data;The alias inquiry data include at least: stepping on Record User ID, currently logged on user alias inquiry cumulative number, session id, request time stamp, source IP address, physical location, Customer number, alias type, remittance alias, remittance account, money transfer amount and the remittance currency type of client is initiated in transaction;
Screening alias remittance malice inquires the attribute value of relevant event attribute, the category from alias inquiry data Property value includes at least: no identical login user ID, whether same session ID, request time interval, whether identical source IP address, be No same physical place and the customer information that background query acquisition is initiated with customer number;
According to the information of each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute Gain;
Decision tree operation is carried out according to calculated result, obtains alias remittance malice query result.
Further, each thing of probability calculation according to the corresponding alias remittance malice inquiry of the event attribute The information gain of part attribute, comprising:
According to the information of each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute Entropy;
The comentropy of each event attribute and the information of alias malice query event attribute are made the difference respectively, obtained The information gain of each event attribute.
Further, described that decision tree operation is carried out according to calculated result, obtain alias remittance malice query result, packet It includes:
Select the maximum event attribute of information gain as root node;
The maximum event attribute of information gain in all event attributes is selected to calculate as branch node using recurrence every time Method, the decision tree that building comentropy is successively decreased;
Alias remittance malice query result is obtained according to the decision tree.
It is further, described that alias remittance malice query result is obtained according to the decision tree, comprising:
It predicts whether to remit money for alias according to the attribute value of the corresponding event attribute of each branch node in decision tree and dislike Meaning inquiry.
Second aspect, this application provides a kind of alias remittance malice inquiry units, comprising:
Data extracting unit inquires data for extracting alias according to alias remittance inquiry request message;The alias is looked into Ask data include at least: login user ID, currently logged on user alias inquiry cumulative number, session id, request time stamp, source IP address, physical location, transaction initiate the customer number of client, alias type, remittance alias, remittance account, money transfer amount and Remittance currency type;
Attribute value screening unit inquires relevant event for screening alias remittance malice from alias inquiry data The attribute value of attribute, the attribute value include at least: no identical login user ID, whether same session ID, request time interval, Whether identical source IP address, whether same physical place and with customer number initiate background query obtain customer information;
Gain generation unit, for generating each institute according to the probability of the corresponding alias remittance malice inquiry of the event attribute State the information gain of event attribute;
Query result generation unit obtains alias remittance malice and inquires for carrying out decision tree operation according to calculated result As a result.
Further, the gain generation unit includes:
Comentropy computing module, it is each for the probability calculation according to the corresponding alias remittance malice inquiry of the event attribute The comentropy of the event attribute;
Information gain computing unit, by the information of the comentropy of each event attribute and alias malice query event attribute It is made the difference respectively, obtains the information gain of each event attribute.
Further, the query result generation unit includes:
Root node selecting module, for selecting the maximum event attribute of information gain as root node;
Recurrence module, for selecting in all event attributes the maximum event attribute of information gain to save as branch every time Point constructs the decision tree that comentropy is successively decreased using recursive algorithm;
Query result generation module, for obtaining alias remittance malice query result according to the decision tree.
Further, the query result generation module is specifically used for: according to the correspondence of each branch node in decision tree Event attribute attribute value predict whether for alias remit money malice inquire.
The third aspect, this application provides a kind of electronic equipment, including memory, processor and storage are on a memory simultaneously The computer program that can be run on a processor, the processor realize that above-mentioned alias remittance malice is looked into when executing described program The step of inquiry method.
Fourth aspect, this application provides a kind of computer readable storage mediums, are stored thereon with computer program, the meter Calculation machine program realizes the step of above-mentioned alias remittance malice querying method when being executed by processor.
Using the application, it can realize that alias remittance malice is inquired in the case where not influencing normal clients alias remittance Control, to take precautions against the risk of customer information leakage, it is ensured that transaction security.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is the alias remittance malice querying method flow chart of the embodiment of the present application;
Fig. 2 is the information gain flow chart that the embodiment of the present application calculates each event attribute;
Fig. 3 is that the embodiment of the present application generates alias remittance malice query result flow chart;
Fig. 4 is that the embodiment of the present application generates decision tree flow chart;
Fig. 5 is the structural block diagram one of the alias remittance malice inquiry unit of the embodiment of the present application;
Fig. 6 is the structural block diagram two of the alias remittance malice inquiry unit of the embodiment of the present application;
Fig. 7 is the structural block diagram three of the alias remittance malice inquiry unit of the embodiment of the present application;
Fig. 8 is the schematic block diagram that the system of the electronic equipment 9600 of the embodiment of the present application is constituted.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall in the protection scope of this application.
Fig. 1 is the alias remittance malice querying method flow chart of the embodiment of the present application, as shown in Figure 1, alias remittance is disliked Meaning querying method include:
S101: alias is extracted according to alias remittance inquiry request message and inquires data;
Alias remittance inquiry request is issued by trader front end, and trader front end initiates HTTP message request, before the transaction End can be the equipment such as intelligent terminal, PC, PDA, and the application is not limited with this.
Specifically, alias inquiry data include: alias the inquiry cumulative number, meeting of login user ID, currently logged on user It talks about ID, request time stamp, source IP address, physical location, the customer number of transaction initiation client, alias type, remittance alias, converge Money account, money transfer amount and remittance currency type etc..
Wherein, session id refers to the ID of HTTP request, IP address of the source IP address to the client for initiating request, physical location Refer to the client geographic location for initiating request.
S102: screening alias remittance malice inquires the attribute value of relevant event attribute from alias inquiry data;
The attribute value includes at least: no identical login user ID, whether same session ID, request time interval, whether Identical source IP address, whether same physical place and with customer number initiate background query obtain customer information;
S103: according to each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute Information gain;
Specifically, the information gain of event attribute can be each event attribute comentropy and alias malice inquires this event The difference of the comentropy of attribute.
S104: carrying out decision tree operation according to calculated result, obtains alias remittance malice query result.
The executing subject of method shown in FIG. 1 is background server, and this method is mentioned according to alias remittance inquiry request message Alias is taken to inquire data, screening alias remittance malice inquires the attribute value of relevant event attribute from alias inquiry data And the information gain of each event attribute of probability calculation according to the corresponding alias remittance malice inquiry of the event attribute, most Decision tree operation is carried out according to calculated result afterwards, alias remittance malice query result is obtained, realizes prediction.Using this method, Alias remittance malice inquiry control can be realized, to take precautions against client's letter in the case where not influencing normal clients alias remittance Cease the risk of leakage, it is ensured that transaction security.
It is embodied, the attribute value of event attribute can be as shown in table 1 below in S102.
Table 1
In one embodiment, as shown in Fig. 2, S103 may include step:
S201: according to each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute Comentropy;
As shown in Table 1 above, it is assumed that the probability of event attribute corresponding alias remittance malice inquiry is P1, P2, P3 ... Pn, Alias malice inquires the comentropy of (x) is defined as:
Other attributes (y, other attributes in table 1 other than alias malice query event attribute) are inquired about alias malice Comentropy be respectively defined as:
" alias inquiry times add up direction ", " identical source IP address ", " same session ID " are chosen below " between request time Every " comentropy calculation specifications are carried out for four event attributes:
Table 2
Malice inquiry (a) Alias inquiry times add up direction (b) Identical source IP address (c) Same session ID (d) Request time interval (e)
1 0 0 1 1
0 0 1 1 1
0 1 0 0 0
1 1 0 0 1
1 0 0 0 1
1 1 0 0 1
Table 2 is " alias inquiry times add up direction ", " identical source IP address ", " same session ID " " request time interval " Whether four event attributes are the record maliciously inquired of remitting money.
Calculating process is as follows so that the comentropy of " whether malice is inquired " calculates as an example:
The probability of no malice inquiry is first calculated, there are two different values: 0 and 1.
It is similar, calculate the comentropy of other attributes, it may be assumed that H (a | b)=0.459, H (a | c)=0.602, H (a | d)= 0.874, H (a | e)=0.809.
S202: the comentropy of each event attribute and the information of alias malice query event attribute are done respectively Difference obtains the information gain of each event attribute.
Information gain is formulated are as follows:
IG (X, Y)=H (X)-H (X | Y)
Due to final decision be require determine whether alias malice inquire, using alias malice inquiry comentropy as Last numerical value, each different attribute is subtracted each other by it, to obtain corresponding information gain.
For the above step data, information gain calculated result is as follows:
IG (a, b)=0.918-0.459=0.459
IG (a, c)=0.918-0.602=0.316
IG (a, d)=0.918-0.874=0.044
IG (a, e)=0.918-0.809=0.109
In one embodiment, as shown in figure 3, S104 is when it is implemented, include the following steps:
S301: select the maximum event attribute of information gain as root node;
Based on information gain, use decision tree ID3 algorithm as sorting algorithm.ID3 decision tree uses greedy inductive learning Method select in all properties the maximum attribute of information gain to be used as categorical attribute every time, and recurrence keeps decision tree past deeper Direction is developed.
S302: selecting in all event attributes the maximum event attribute of information gain as branch node every time, using passing Reduction method, the decision tree that building comentropy is successively decreased;
When it is implemented, the maximum attribute of information gain is selected first to be used as decision tree according to the calculating of information gain Root node continues to introduce branch node later for each attribute, so that the decision tree for lowering comentropy is constructed, Uncertainty is set to reach minimum, it is last to obtain alias malice inquiry prediction result according to decision tree.
S303: alias remittance malice query result is obtained according to the decision tree.
When it is implemented, can be according to the prediction of the attribute value of the corresponding event attribute of each branch node in decision tree It is no to be inquired for alias remittance malice.
For the above step data, the maximum event attribute of information gain is " alias inquiry times add up direction ", first First be selected be used as decision root vertex, after through recursive calculation, final result is as shown in Figure 4." the accumulative side of alias inquiry times To " information gain result be maximum (0.459), as decision root vertex.Referring to shown in table 2, " alias inquiry times are accumulative When direction " probability is 1 (incremental), corresponding event attribute only has " request event interval ", therefore in Fig. 4, in the decision tree root section Under point, incremental branch node is " request event interval ", according to the specific time at request event interval and preset time (such as 30S), it can be determined that whether be that malice is inquired.In addition, when " alias inquiry times add up direction " probability is 0 (successively decreasing), it is corresponding The information gain of event attribute " identical source IP address " is relatively large, therefore under the decision root vertex, the branch node to successively decrease For " identical source IP address ", successively recurrence, obtains all branch nodes.Attribute value based on branch node is it may determine that be It is no to be inquired for alias remittance malice.
Using the application, it can realize that alias remittance malice is inquired in the case where not influencing normal clients alias remittance Control, to take precautions against the risk of customer information leakage, it is ensured that transaction security.
Based on the same inventive concept, the embodiment of the present application also provides a kind of alias remittance malice inquiry unit, Ke Yiyong The method described in realization above-described embodiment, as described in the following examples.Since alias remittance malice inquiry unit solves The principle of problem is similar to alias remittance malice querying method, therefore the implementation of alias remittance malice inquiry unit may refer to not The implementation of name remittance malice inquiry, overlaps will not be repeated.Used below, term " unit " or " module " can be real The combination of the software and/or hardware of existing predetermined function.Although system described in following embodiment is preferably realized with software, But the realization of the combination of hardware or software and hardware is also that may and be contemplated.
Fig. 5 is the structural block diagram of the alias remittance malice inquiry unit of the embodiment of the present application, as shown in figure 5, the alias converges Money malice inquiry unit includes:
Data extracting unit 501 inquires data for extracting alias according to alias remittance inquiry request message;The alias Inquiry data include at least: login user ID, currently logged on user alias inquiry cumulative number, session id, request time stamp, Source IP address, physical location, the customer number of transaction initiation client, alias type, remittance alias, remittance account, money transfer amount And remittance currency type;
Attribute value screening unit 502, for from the alias inquiry data in screening alias remittance malice inquire it is relevant The attribute value of event attribute, the attribute value include at least: no identical login user ID, whether same session ID, request time Interval, whether identical source IP address, whether same physical place and with customer number initiate background query obtain customer information;
Gain generation unit 503, for being generated according to the probability of the corresponding alias remittance malice inquiry of the event attribute The information gain of each event attribute;
Query result generation unit 504 obtains alias remittance malice and looks into for carrying out decision tree operation according to calculated result Ask result.
In one embodiment, as shown in fig. 6, the gain generation unit 503 includes:
Comentropy computing module 601, based on the probability according to the corresponding alias remittance malice inquiry of the event attribute Calculate the comentropy of each event attribute;
Information gain computing unit 602, by the comentropy of each event attribute and alias malice query event attribute Information is made the difference respectively, obtains the information gain of each event attribute.
In one embodiment, as shown in fig. 7, the query result generation unit includes:
Root node selecting module 701, for selecting the maximum event attribute of information gain as root node;
Recurrence module 702, for selecting in all event attributes the maximum event attribute of information gain as branch every time Node constructs the decision tree that comentropy is successively decreased using recursive algorithm;
Query result generation module 703, for obtaining alias remittance malice query result according to the decision tree.
In one embodiment, which is specifically used for: according to pair of each branch node in decision tree The attribute value for the event attribute answered predicts whether malice inquiry of remitting money for alias.
Using the application, it can realize that alias remittance malice is inquired in the case where not influencing normal clients alias remittance Control, to take precautions against the risk of customer information leakage, it is ensured that transaction security.
For hardware view, the application provides all or part of the content in a kind of alias remittance malice querying method The embodiment of electronic equipment, the electronic equipment specifically includes following content:
Processor (processor), memory (memory), communication interface (Communications Interface) and Bus;Wherein, the processor, memory, communication interface complete mutual communication by the bus;The communication interface For realizing sale front end and sell the information transmission between rear end;The electronic equipment can be desktop computer, tablet computer And mobile terminal etc., the present embodiment is without being limited thereto.In the present embodiment, which is referred to the remittance of the alias in embodiment The embodiment of money malice querying method, and, the embodiment of terminal and server is implemented, and content is incorporated in this, weight Multiple place repeats no more.
Fig. 8 is the schematic block diagram that the system of the electronic equipment 9600 of the embodiment of the present application is constituted.As shown in figure 8, the electronics Equipment 9600 may include central processing unit 9100 and memory 9140;Memory 9140 is coupled to central processing unit 9100.Value It obtains it is noted that the Fig. 8 is exemplary;Other kinds of structure can also be used, to supplement or replace the structure, to realize Telecommunications functions or other function.
In one embodiment, alias remittance malice query function can be integrated into central processing unit 9100.Wherein, central It is control as follows that processor 9100 can be configured as progress:
S101: alias is extracted according to alias remittance inquiry request message and inquires data;
S102: screening alias remittance malice inquires the attribute value of relevant event attribute from alias inquiry data;
S103: according to each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute Information gain;
S104: carrying out decision tree operation according to calculated result, obtains alias remittance malice query result.
As can be seen from the above description, the electronic equipment that embodiments herein provides, can not influence normal clients alias In the case where remittance, alias remittance malice inquiry control is realized, to take precautions against the risk of customer information leakage, it is ensured that transaction peace Entirely.
In another embodiment, terminal or server can be with 9100 separate configurations of central processing unit, such as can be with It is the chip being connect with central processing unit 9100 by terminal or server, realizes that alias is remitted money by the control of central processing unit Malice query function.
As shown in figure 8, the electronic equipment 9600 can also include: communication module 9110, input unit 9120, audio processing Device 9130, display 9160, power supply 9170.It is worth noting that, electronic equipment 9600 is also not necessary to include institute in Fig. 8 All components shown;In addition, electronic equipment 9600 can also include the component being not shown in Fig. 8, the prior art can be referred to.
As shown in figure 8, central processing unit 9100 be otherwise referred to as controller or operational controls, may include microprocessor or Other processor devices and/or logic device, the central processing unit 9100 receive input and controlling electronic devices 9600 it is each The operation of component.
Wherein, memory 9140, such as can be buffer, flash memory, hard disk driver, removable medium, volatile memory, non- One of volatile memory or other appropriate devices or more.Above-mentioned information related with failure can be stored, additionally The program executed for information about can be stored.And the program of the memory 9140 storage can be performed in central processing unit 9100, with Realize information storage or processing etc..
Input unit 9120 provides input to central processing unit 9100.The input unit 9120 is, for example, key or touches defeated Enter device.Power supply 9170 is used to provide electric power to electronic equipment 9600.Display 9160 is for carrying out the display such as image and text The display of object.The display may be, for example, LCD display, and but it is not limited to this.
The memory 9140 can be solid-state memory, for example, read-only memory (ROM), random access memory (RAM), SIM card etc..The memory that may also is that, saves information when power is off, can be selectively erased And more data are equipped with, the example of the memory is sometimes referred to as EPROM etc..Memory 9140 can also be some other type Device.Memory 9140 includes buffer storage 9141 (sometimes referred to as buffer).Memory 9140 may include using/ Function storage unit 9142, the applications/functions storage unit 9142 is for storing application program and function program or for passing through center Processor 9100 executes the process of the operation of electronic equipment 9600.
Memory 9140 can also include data store 9143, the data store 9143 for storing data, such as Contact person, numerical data, picture, sound and/or any other data used by electronic equipment.The driving journey of memory 9140 Sequence storage unit 9144 may include electronic equipment for communication function and/or other function for executing electronic equipment (such as Messaging application, address list application etc.) various drivers.
Communication module 9110 is the transmitter receiver 9110 sent and received signal via antenna 9111.Communicate mould Block (transmitter receiver) 9110 is coupled to central processing unit 9100, and to provide input signal and receive output signal, this can be with The case where with normal mobile communication terminal, is identical.
Based on the different communication technologys, in same electronic equipment, multiple communication modules 9110 can be set, such as honeycomb Network module, bluetooth module and/or Wireless LAN module etc..Communication module (transmitter receiver) 9110 is also via audio Processor 9130 is coupled to loudspeaker 9131 and microphone 9132, to provide audio output via loudspeaker 9131, and receives and From the audio input of microphone 9132, to realize common telecommunications functions.Audio processor 9130 may include any suitable Buffer, decoder, amplifier etc..In addition, audio processor 9130 is additionally coupled to central processing unit 9100, so that can Can record in the machine by microphone 9132, and allow to play the sound stored in the machine by loudspeaker 9131 Sound.
It is server or client that embodiments herein, which also provides and can be realized the executing subject in above-described embodiment, A kind of computer readable storage medium of Overall Steps, the computer readable storage medium in alias remittance malice querying method On be stored with computer program, the computer program realized when being executed by processor the executing subject in above-described embodiment for service The Overall Steps of device or the alias of client remittance malice querying method, for example, the processor executes the computer program Shi Shixian following step:
As can be seen from the above description, the computer readable storage medium that embodiments herein provides, can not influence just In the case that regular guest family alias is remitted money, alias remittance malice inquiry control is realized, to take precautions against the risk of customer information leakage, really Protect transaction security.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Specific embodiment is applied in the application, and the principle and implementation of this application are described, above embodiments Explanation be merely used to help understand the present processes and its core concept;At the same time, for those skilled in the art, According to the thought of the application, there will be changes in the specific implementation manner and application range, in conclusion in this specification Hold the limitation that should not be construed as to the application.

Claims (10)

  1. The malice querying method 1. a kind of alias is remitted money characterized by comprising
    Alias, which is extracted, according to alias remittance inquiry request message inquires data;The alias inquiry data include at least: logging in and use Family ID, currently logged on user alias inquire cumulative number, session id, request time stamp, source IP address, physical location, transaction Initiate customer number, alias type, remittance alias, remittance account, money transfer amount and the remittance currency type of client;
    Screening alias remittance malice inquires the attribute value of relevant event attribute, the attribute value from alias inquiry data Include at least: no identical login user ID, whether same session ID, request time interval, whether identical source IP address, whether phase The customer information that background query obtains is initiated with physical location and with customer number;
    According to the information gain of each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute;
    Decision tree operation is carried out according to calculated result, obtains alias remittance malice query result.
  2. The malice querying method 2. alias according to claim 1 is remitted money, which is characterized in that described according to the event attribute The information gain of each event attribute of probability calculation of corresponding alias remittance malice inquiry, comprising:
    According to the comentropy of each event attribute of probability calculation of the corresponding alias remittance malice inquiry of the event attribute;
    The comentropy of each event attribute and the information of alias malice query event attribute are made the difference respectively, obtain each institute State the information gain of event attribute.
  3. The malice querying method 3. alias according to claim 1 is remitted money, which is characterized in that described to be carried out according to calculated result Decision tree operation obtains alias remittance malice query result, comprising:
    Select the maximum event attribute of information gain as root node;
    Select in all event attributes that the maximum event attribute of information gain is as branch node every time, using recursive algorithm, structure Build the decision tree that comentropy is successively decreased;
    Alias remittance malice query result is obtained according to the decision tree.
  4. The malice querying method 4. alias according to claim 3 is remitted money, which is characterized in that described to be obtained according to the decision tree To alias remittance malice query result, comprising:
    It predicts whether to remit money for alias according to the attribute value of the corresponding event attribute of each branch node in decision tree and maliciously look into It askes.
  5. The malice inquiry unit 5. a kind of alias is remitted money characterized by comprising
    Data extracting unit inquires data for extracting alias according to alias remittance inquiry request message;The alias inquires number According to including at least: login user ID, the alias inquiry cumulative number of currently logged on user, session id, request time stamp, source IP Location, physical location, the customer number of transaction initiation client, alias type, remittance alias, remittance account, money transfer amount and remittance Currency type;
    Attribute value screening unit inquires relevant event attribute for screening alias remittance malice from alias inquiry data Attribute value, the attribute value includes at least: no identical login user ID, whether same session ID, request time interval, whether Identical source IP address, whether same physical place and with customer number initiate background query obtain customer information;
    Gain generation unit, for generating each thing according to the probability of the corresponding alias remittance malice inquiry of the event attribute The information gain of part attribute;
    Query result generation unit obtains alias remittance malice query result for carrying out decision tree operation according to calculated result.
  6. The malice inquiry unit 6. alias according to claim 5 is remitted money, which is characterized in that the gain generation unit packet It includes:
    Comentropy computing module, it is each described for the probability calculation according to the corresponding alias remittance malice inquiry of the event attribute The comentropy of event attribute;
    Information gain computing unit obtains the comentropy of each event attribute and the information of alias malice query event attribute It makes the difference respectively, obtains the information gain of each event attribute.
  7. The malice inquiry unit 7. alias according to claim 5 is remitted money, which is characterized in that the query result generation unit Include:
    Root node selecting module, for selecting the maximum event attribute of information gain as root node;
    Recurrence module, for selecting the maximum event attribute of information gain in all event attributes to adopt as branch node every time With recursive algorithm, the decision tree that comentropy is successively decreased is constructed;
    Query result generation module, for obtaining alias remittance malice query result according to the decision tree.
  8. The malice inquiry unit 8. alias according to claim 7 is remitted money, which is characterized in that the query result generation module It is specifically used for: predicts whether to remit money for alias according to the attribute value of the corresponding event attribute of each branch node in decision tree and dislike Meaning inquiry.
  9. 9. a kind of electronic equipment including memory, processor and stores the calculating that can be run on a memory and on a processor Machine program, which is characterized in that the processor realizes alias described in any one of Claims 1-4 when executing described program The step of remittance malice querying method.
  10. 10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program quilt Processor realizes the step of alias remittance malice querying method described in any one of Claims 1-4 when executing.
CN201910716429.3A 2019-08-05 2019-08-05 Alias remittance malice querying method and device Pending CN110414993A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910716429.3A CN110414993A (en) 2019-08-05 2019-08-05 Alias remittance malice querying method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910716429.3A CN110414993A (en) 2019-08-05 2019-08-05 Alias remittance malice querying method and device

Publications (1)

Publication Number Publication Date
CN110414993A true CN110414993A (en) 2019-11-05

Family

ID=68365724

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910716429.3A Pending CN110414993A (en) 2019-08-05 2019-08-05 Alias remittance malice querying method and device

Country Status (1)

Country Link
CN (1) CN110414993A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160203487A1 (en) * 2006-03-31 2016-07-14 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
CN107437026A (en) * 2017-07-13 2017-12-05 西北大学 A kind of malicious web pages commercial detection method based on advertising network topology
CN109345332A (en) * 2018-08-27 2019-02-15 中国民航信息网络股份有限公司 A kind of intelligent detecting method of Airline reservation malicious act
CN109377301A (en) * 2018-08-27 2019-02-22 中国民航信息网络股份有限公司 A kind of Feature Extraction Method based on Airline reservation behavioral data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160203487A1 (en) * 2006-03-31 2016-07-14 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
CN107437026A (en) * 2017-07-13 2017-12-05 西北大学 A kind of malicious web pages commercial detection method based on advertising network topology
CN109345332A (en) * 2018-08-27 2019-02-15 中国民航信息网络股份有限公司 A kind of intelligent detecting method of Airline reservation malicious act
CN109377301A (en) * 2018-08-27 2019-02-22 中国民航信息网络股份有限公司 A kind of Feature Extraction Method based on Airline reservation behavioral data

Similar Documents

Publication Publication Date Title
CN109716375A (en) Processing method, device and the storage medium of block chain account
US8595303B2 (en) Thread data aggregation
CN111083179B (en) Internet of things cloud platform, and equipment interaction method and device based on same
CN103218718A (en) Order number generating method and order number generating system based on multiple platforms
CN103731536B (en) A kind of method of shared high in the clouds family address list
CN109521956A (en) A kind of cloud storage method, apparatus, equipment and storage medium based on block chain
CN106301772A (en) Cipher set-up method, device and for arranging the device of password
CN110020846A (en) A kind of transferred account service processing method and system
CN109559164A (en) Favor information processing method, device, electronic equipment and computer-readable medium
CN107612870A (en) Delegable method, server, terminal and the internet of things equipment of internet of things equipment
CN107808227A (en) A kind of distributing method and system of work order of constructing
CN110728579A (en) Asset management method, block chain platform, equipment and storage medium
CN106302368B (en) Transaction methods and device
CN106227597A (en) Task priority treating method and apparatus
CN105323145A (en) Malicious information identification method, device and system
CN106919365A (en) The generation method and device of random number in computer system
CN103873558A (en) Processing method and system for business object based on third-party platforms
CN110414993A (en) Alias remittance malice querying method and device
CN104123635B (en) A kind of method, system and equipment that handling object is processed
CN104123637B (en) A kind of to processing method, system and the equipment that object processes
CN107979580B (en) A kind of access control method, device and server
CN109271438A (en) A kind of data bank access method and its system
CN113935069A (en) Data verification method, device and equipment based on block chain and storage medium
CN103856557A (en) Business object processing method and system based on third-party platform
CN106603604A (en) Method and device of triggering transaction processing motion

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191105

RJ01 Rejection of invention patent application after publication