CN111724069A - Method, apparatus, device and storage medium for processing data - Google Patents
Method, apparatus, device and storage medium for processing data Download PDFInfo
- Publication number
- CN111724069A CN111724069A CN202010573830.9A CN202010573830A CN111724069A CN 111724069 A CN111724069 A CN 111724069A CN 202010573830 A CN202010573830 A CN 202010573830A CN 111724069 A CN111724069 A CN 111724069A
- Authority
- CN
- China
- Prior art keywords
- strategy
- risk
- target
- determining
- policy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 84
- 238000012545 processing Methods 0.000 title claims abstract description 84
- 230000008569 process Effects 0.000 claims description 21
- 230000015654 memory Effects 0.000 claims description 19
- 230000004044 response Effects 0.000 claims description 13
- 238000012795 verification Methods 0.000 claims description 12
- 230000000694 effects Effects 0.000 abstract description 7
- 230000006872 improvement Effects 0.000 abstract description 2
- 238000012954 risk control Methods 0.000 abstract description 2
- 238000012217 deletion Methods 0.000 description 13
- 230000037430 deletion Effects 0.000 description 13
- 230000006399 behavior Effects 0.000 description 10
- 238000011282 treatment Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 7
- 239000003795 chemical substances by application Substances 0.000 description 5
- 208000012260 Accidental injury Diseases 0.000 description 4
- 238000004590 computer program Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 208000014674 injury Diseases 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 3
- 230000000903 blocking effect Effects 0.000 description 3
- 238000007405 data analysis Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000009795 derivation Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013527 convolutional neural network Methods 0.000 description 1
- 230000009193 crawling Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013075 data extraction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000007787 long-term memory Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000003908 quality control method Methods 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 238000007789 sealing Methods 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 230000006403 short-term memory Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000011277 treatment modality Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/049—Temporal neural networks, e.g. delay elements, oscillating neurons or pulsed inputs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/40—Business processes related to the transportation industry
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Economics (AREA)
- Data Mining & Analysis (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computational Linguistics (AREA)
- Mathematical Physics (AREA)
- Biophysics (AREA)
- Biomedical Technology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Strategic Management (AREA)
- Evolutionary Computation (AREA)
- Entrepreneurship & Innovation (AREA)
- Marketing (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Educational Administration (AREA)
- Game Theory and Decision Science (AREA)
- Development Economics (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Primary Health Care (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a method, a device, equipment and a storage medium for processing data, and relates to the fields of risk control, big data and cloud platforms. The specific implementation scheme is as follows: acquiring access data; determining target risk characteristics included in the access data according to the characteristics in the access data and a preset risk characteristic set; determining at least one strategy corresponding to the target risk characteristics according to the target risk characteristics and a preset model, wherein the preset model is used for representing the corresponding relation between the risk characteristics and the strategy; determining a target strategy from at least one strategy; and processing the access data by using the target strategy. The realization mode can realize the improvement of the processing efficiency of the access data, integrally improves the data processing effect, and reduces or avoids the generation of the on-line safety problem caused by the access data.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to the field of risk control, big data, and cloud platforms, and in particular, to a method, an apparatus, a device, and a storage medium for processing data.
Background
At present, the internet industry develops rapidly, but at the same time, a large number of risk events also occur. However, the wind control mechanism used by most companies/product lines is not sound at present, and the strategy means cannot be utilized efficiently, so that online security events are caused. For example, risk contents such as spam, illegal classes (e.g., political, pornographic, etc.), illegal classes (e.g., advertisement drainage), and risk behaviors such as billing, cash register, fraud, data crawling, etc., all kinds of risk events bring capital and reputation losses to users and companies, and severe wind control problems may cause platform shutdown with very bad influence.
Disclosure of Invention
The present disclosure provides a method, an apparatus, an electronic device, and a storage medium for processing data.
According to an aspect of the present disclosure, there is provided a method for processing data, the method including: acquiring access data; determining target risk characteristics included in the access data according to the characteristics in the access data and a preset risk characteristic set; determining at least one strategy corresponding to the target risk characteristics according to the target risk characteristics and a preset model, wherein the preset model is used for representing the corresponding relation between the risk characteristics and the strategy; determining a target strategy from at least one strategy; and processing the access data by using the target strategy.
According to another aspect of the present disclosure, there is provided an apparatus for processing data, the apparatus including: a data acquisition unit configured to acquire access data; the target risk characteristic determining unit is configured to determine a target risk characteristic included in the access data according to the characteristics in the access data and a preset risk characteristic set; the strategy determining unit is configured to determine at least one strategy corresponding to the target risk characteristics according to the target risk characteristics and a preset model, wherein the preset model is used for representing the corresponding relation between the risk characteristics and the strategies; a target policy determination unit configured to determine a target policy from the at least one policy; a data processing unit configured to process the access data using the target policy.
According to yet another aspect of the present disclosure, there is provided: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method for processing data as described above.
According to yet another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method for processing data as described above.
According to the technology of the application, the problem that the online security event is caused due to the fact that the data processing of the currently used wind control mechanism is not sound and cannot be carried out efficiently by utilizing a strategy means is solved, the processing efficiency of the access data is improved, the data processing effect is integrally improved, and the online security problem caused by the access data is reduced or avoided.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present application may be applied;
FIG. 2 is a flow diagram of one embodiment of a method for processing data according to the present application;
FIG. 3 is a flow diagram of another embodiment of a method for processing data according to the present application;
FIG. 4 is a schematic diagram of an application scenario of a method for processing data according to the present application;
FIG. 5 is a schematic block diagram illustrating one embodiment of an apparatus for processing data according to the present application;
fig. 6 is a block diagram of an electronic device for implementing a method for processing data according to an embodiment of the present application.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Fig. 1 shows an exemplary system architecture 100 to which embodiments of the present method for processing data or apparatus for processing data may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, servers 105, 106, and databases 107, 108. The network 104 is used to provide a medium for communication links between the terminal devices 101, 102, 103 and the servers 105, 106. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
Users may use terminal devices 101, 102, 103 to interact with servers 105, 106 via network 104 to receive or transmit data, etc. Various communication client applications, such as a web browsing application, a search application, a voice recognition application, etc., may be installed on the terminal devices 101, 102, 103.
The terminal apparatuses 101, 102, and 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various electronic devices including, but not limited to, smart phones, tablet computers, e-book readers, car computers, laptop portable computers, desktop computers, and the like. When the terminal apparatuses 101, 102, 103 are software, they can be installed in the electronic apparatuses listed above. It may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
The servers 105, 106 may be servers providing various services, such as background servers that risk avoid incoming data provided on the terminal devices 101, 102, 103. The background server may receive the input data, analyze the input data, perform corresponding rule configuration on the input data with risk to form one or more policies a, then process the data with risk by using the policies a to obtain processing results, feed the processing results back to the terminal devices 101, 102, and 103, and store the processing results in the database 107 or the database 108 or the database server. It is understood that the server 105 and the server 106 include, but are not limited to, a database server and an application server, and the server 105 and the server 106 may also transmit data to each other. In addition, server 105 or server 106 may also obtain offline data from database 107 or database 108.
The servers 105 and 106 may be hardware or software. When the servers 105 and 106 are hardware, they may be implemented as a distributed server cluster composed of a plurality of servers, or may be implemented as a single server. When the servers 105, 106 are software, they may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
It should be noted that the method for processing data provided by the embodiments of the present application is generally performed by the servers 105 and 106. Accordingly, means for processing data are typically provided in the servers 105, 106.
It should be understood that the number of terminal devices, networks, databases, and servers in fig. 1 are merely illustrative. There may be any number of terminal devices, networks, databases, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a method for processing data in accordance with the present application is shown. The method for processing data of the embodiment comprises the following steps:
In this embodiment, the execution subject may obtain the access data from the server, the terminal device, or the database through an interface corresponding to the access data or a data identifier of the access data according to needs. The user may send a request to the executing agent via the terminal to cause the executing agent to obtain the access data. For example, the user may send a request to the execution body through a website displayed on the terminal or a browse/click/post action in the application. The request includes various data, such as service identification, user information, and the like. The data may be used as access data. A service may refer to an application. In some specific applications, the method for processing data of this embodiment may be presented in the form of a service, and each application may call the service, so that each application is a service of the service. The service identifier may be an identifier of the application program. Specifically, the access data may further include user identification, request time, relationship account number, title content in the request, text content in the request, picture link in the request, user IP, location information when the request is sent, telephone number (desensitizable), other original requests, and the like. And accessing the data as basic data to perform the next data processing. For example, the access data may include data generated by user actions such as browsing/clicking/posting on a website or mobile APP. When the execution main body obtains the access data from the terminal device, the execution main body can acquire the click behavior of the user on the page of the terminal device through the N lines of software codes by adopting a Software Development Kit (SDK) mode, and can also transmit the acquired data back to the execution main body. Specifically, the access data may be online data or offline data. The online data may be data generated in real time by a user through browsing, clicking, posting, and the like in a website or a mobile APP, and is accessed through a data interface corresponding to the online data. The offline data may be data stored in a database, and the offline data corresponding to the identifier is called by calling the identifier of the offline scheduling task.
After the execution main body obtains the access data, the execution main body determines target risk characteristics included in the access data according to the characteristics in the access data and a preset risk characteristic set. In particular, features in the access data include, but are not limited to, user account ID, user IP, location information, picture links, and phone numbers. The preset risk feature set may include a single feature or a combination of multiple features. The target risk feature may be a feature that carries a security risk.
For example, the determination of the preset risk feature set may be specifically implemented by: the method comprises the steps of firstly, scoring the distinguishing capability of features such as user account ID, user IP, position information, picture links, telephone numbers and the like on risk features through a model algorithm, and finding out several features with high scores, wherein the features with high scores represent that the features have large influence capability on distinguishing the risk features, and as single features in the features with high scores cannot well identify the risk features and possibly cause omission of the risk features or accidental injury to non-risk features, a plurality of features with high scores (such as any combination of the user IP, the position information and the picture links) need to be arranged and combined to accurately distinguish the risk features, so that accidental injury to the non-risk features in access data is well avoided. Of course, one of these features that achieves a higher score may also accurately distinguish risk features in some cases. One or a plurality of characteristics in the characteristics with higher scores form a preset risk characteristic set so as to accurately distinguish the risk characteristics and improve the data analysis efficiency.
It can be understood that any one or a combination of multiple features that can accurately distinguish the risk features forms a rule that can accurately distinguish the risk features, and then the feature that is matched with the rule in the access data can be determined as the target risk feature included in the access data.
After determining the target risk characteristics included in the access data, the execution main body determines at least one strategy corresponding to the target risk characteristics according to the target risk characteristics and the preset model. The preset model is used for representing the corresponding relation between the risk characteristics and the strategies. Specifically, the preset model may be a pre-trained convolutional neural network or a long-term and short-term memory cyclic neural network that can determine a corresponding treatment policy according to risk characteristics. The preset model is trained with the corresponding relation between one or more risk features and the corresponding treatment modes and the corresponding relation between the treatment modes and the corresponding one or more strategies. Firstly, target risk characteristics are input into a preset model, a handling mode corresponding to the input target risk characteristics is determined according to the corresponding relation between one or more risk characteristics in the preset model and the corresponding handling mode, and then one or more strategies corresponding to the handling mode are determined according to the corresponding relation between the handling mode in the preset model and the corresponding one or more strategies, namely at least one strategy corresponding to the target risk characteristics is determined.
Target risk features include, but are not limited to, general features (e.g., basic fields such as user name, user ID), business features (e.g., business specific fields such as request ID), content recognition features (e.g., text, picture, and video recognition capabilities, where video recognition capabilities such as administrative text, pornographic picture recognition, etc.), behavior recognition features (e.g., rule features such as clustering, quality control, etc., primarily for anti-cheating scenarios), and user attribute features (e.g., user profile features, which may be used for anti-cheating and content security scenarios). Each target risk feature may correspond to one or more treatment methods, and each policy may select a corresponding treatment method, that is, one or more policies may be set for each treatment. That is, the correspondence stored in the preset model includes both the correspondence between the preset features and the corresponding disposal methods, and the correspondence between the disposal methods and the corresponding policies. And more than one strategy corresponding to one handling mode can correspond to a plurality of strategies, so that after one target risk characteristic enters the preset model, the preset model can calculate at least one strategy corresponding to the target risk characteristic. The policy in this embodiment refers to a scheme for taking corresponding measures to eliminate or reduce the risk caused by the risk feature. The processing method may be, for example, a deletion process, a block process, a verification process, or the like. For example, the executing entity configures 3 policies for the target risk feature according to the corresponding handling manners (e.g., deletion handling and block handling) of the target risk feature, where the policies are: strategy A: delete handling, policy B: forbidden disposition, policy C: delete handling, policy D: and (5) sealing and prohibiting the disposal.
And after determining at least one strategy corresponding to the target risk characteristics, the execution main body determines a target strategy from the at least one strategy. The execution main body can determine the strategy matched with the preset algorithm rule from at least one strategy through the preset algorithm rule as the target strategy. The preset algorithm rule may be, for example, a policy with the most features matching the target risk features, or a policy with the shortest time to treat the target risk features, and the preset algorithm rule is not specifically limited in the present application.
Specifically, the target policy is the policy with the strongest ability to handle the risk caused by the target risk feature, and the best effect. It is to be understood that one target policy may be determined from at least one policy, or a plurality of target policies may be determined. That is, at least one policy may be one policy cluster with the same handling manner (for example, both policy a and policy C for deletion handling), or may be a plurality of policy clusters with different handling manners (for example, a deletion handling policy cluster composed of policy a and policy C corresponding to deletion handling, and a block handling policy cluster composed of policy B and policy D corresponding to block handling, that is, two policy clusters with different handling manners). The target strategy is determined from one strategy cluster with the same handling mode, and a plurality of target strategies are obtained from a plurality of strategy clusters with different handling modes.
After determining the target policy, the executing agent processes the access data by using the target policy. Specifically, when a plurality of target policies are provided, the plurality of target policies are called in parallel to process the access data, and a plurality of processing results are obtained and retained. For example, when policy clusters with different handling manners are overhauled, each policy cluster can decide the highest-priority policy, and finally, the highest-priority policies are executed. For example, if N policies corresponding to different handles are determined for access data, the N policies are all executed, and because the handles are different, repeated handles are not generated. For example, the request corresponding to the access data is acquired, and the handling manner in the request may be, for example, delete and block, at this time, if the handling manner of the request is different, the request is subjected to both delete handling and block handling, which are performed independently and do not affect each other.
The method for processing data provided by the above embodiment of the application improves the processing efficiency of the access data, integrally improves the data processing effect, and reduces or avoids the online security problem caused by the access data.
With continued reference to FIG. 3, a flow 300 of another embodiment of a method for processing data according to the present application is shown. As shown in fig. 3, the method for processing data of the present embodiment may include the steps of:
The principle of step 301 is similar to that of step 201, and is not described herein again.
In this embodiment, after acquiring the access data, the execution subject determines a target risk feature included in the access data according to a combination of one or more features in a preset risk feature set corresponding to a feature in the access data. The risk features may include generic features, business features, content identification features, behavior identification features, user attribute features, etc., each of which further includes a plurality of different-named features. For example, general features including but not limited to basic fields such as user name, user ID, etc.; service characteristics including, but not limited to, special fields such as request ID; content recognition features including but not limited to text, pictures, video recognition capabilities, such as political text, pornographic picture recognition, and the like; behavior identification characteristics, including but not limited to clustering, frequency control and other rule characteristics, are mainly used for anti-cheating scenes; user attribute features, including but not limited to user portrayal features, may be applied to anti-cheating and content security scenarios. The method includes the steps of presetting risk features, wherein the risk features are preset and determine features which bring safety risks, such as set user account ID, user IP, position information, picture links and other features, the features in the access data are matched with one or more combinations of the features, and if the features matched with the user ID in the preset risk features exist in the access data, the target risk features in the access data are determined to be universal features.
In the embodiment, the target risk characteristics existing in the access data are determined by using the combination of one or more characteristics in the preset risk characteristic set, and the target risk characteristics in the access data are determined jointly by combining a plurality of preset risk characteristics in consideration of the fact that one preset risk characteristic is inaccurate for determining the target risk characteristics in the access data, so that the accuracy of determining the target risk characteristics in the access data can be improved, and the problem analysis efficiency is improved.
The principle of step 303 is similar to that of step 203, and is not described herein again.
And step 304, for each risk feature, determining the priority of each policy in the policy set corresponding to the risk feature according to the policy set corresponding to the risk feature and a preset global configuration condition.
In this embodiment, the target risk features include at least one risk feature, and each risk feature in the target risk features corresponds to a policy set. And the execution main body determines the priority of each strategy in the strategy set corresponding to each risk feature in the target risk features according to the strategy set corresponding to each risk feature in the target risk features and the preset global configuration conditions. The preset global configuration condition may be obtained by a technician configuring a global rule in advance for each risk feature in the target risk features, and is used to filter each policy in the policy set for the target risk features to obtain a policy corresponding to each risk feature in the target risk features and a priority thereof.
Specifically, each risk feature corresponds to one or more treatment modalities, such as: the general features are determined target risk features, the corresponding disposal manners include deletion, blocking and verification, each disposal manner corresponds to one or more disposal policies, for example, a policy a corresponds to deletion disposal, a policy B corresponds to blocking disposal, a policy C corresponds to deletion disposal, and a policy D corresponds to verification disposal, so that the policy a and the policy C which are both deletion disposal are classified into a deletion disposal policy set, the policy B is classified into a blocking disposal policy set, and the policy D is classified into a verification disposal policy set. The preset global configuration condition, for example, the Baidu post posting is taken as an example, and may be, for example, filtering posting data, where the corresponding handling cluster is a post deletion, and the corresponding global handling manner is a recall. For example, the special account may be exempted, the corresponding handling cluster is in a host guest state, and the corresponding global handling manner is exempted. The exemption from a particular account is an alternative to not using that particular account for determining a target risk profile. Specifically, the setting of the preset global configuration condition includes the following specific examples: when the business name is posted in a bar, the corresponding processing cluster is a deleted posting, the corresponding rule name is extremely fast edition cheating identification, the global processing is recall/exemption, and the rule is introduced into a strategy (rule) made according to the extremely fast edition and the user behavior track. Determining the priority of each policy in a policy set corresponding to the risk feature according to the policy set corresponding to the risk feature and a preset global configuration condition, specifically, setting a service name corresponding to each policy in details of each policy in the policy set corresponding to the risk feature, for example: issuing a label at a sticking bar; policy classifications, such as: real-time confrontation; policy numbers, such as: TB190555, the policy number is system-assigned, cannot be changed; policy names, such as: identifying cheating of the top-speed edition; policy priorities, for example: 10000; policy introduction, for example: a strategy is made according to the top speed version and the user behavior track; the disposal method is, for example, deleting. And determining one or more strategies which are most matched with the risk characteristics from the strategy set corresponding to the risk characteristics according to one or more combinations of service names, disposal clusters, rule names, global dispositions and rule introductions in the preset global configuration conditions corresponding to the target risk characteristics, and determining the priority of the determined one or more strategies. And the highest priority exists in the determined priorities of one or more strategies, and the strategy corresponding to the highest priority is the highest priority strategy. Specifically, when the highest priority policy is determined, matching with a preset global configuration condition is performed sequentially for each policy in a policy set corresponding to the same handling manner, and matching with a preset global configuration condition is performed simultaneously for each policy in a plurality of policy sets corresponding to a plurality of handling manners, at this time, each policy in the plurality of policy sets is still matched with a preset global configuration condition sequentially, so that data processing dimensionality is enriched.
In this embodiment, after determining the priority of each policy in the policy set corresponding to the risk feature, the execution main body determines the execution duration of each policy in the policy set corresponding to the risk feature. The execution duration is the time required by each policy in the policy set corresponding to the risk feature when executing the corresponding handling of the risk feature. And the execution main body determines the execution duration of each strategy in the strategy set corresponding to the risk characteristic according to the time required by each strategy in the strategy set to execute corresponding treatment on the risk characteristic.
And step 306, determining a target strategy corresponding to the risk characteristic according to the priority and the execution duration of each strategy.
In this embodiment, the execution subject combines the priority and the execution duration of each policy as a basis for determining the target policy corresponding to the risk characteristic. Specifically, the executing agent may use the priority as the most important determination condition, and the executing agent may select several higher priorities from the priorities of the policies, find the policy with the shortest execution duration from the policies corresponding to the several higher priorities, and determine the policy as the target policy corresponding to the risk feature.
In the embodiment, the target policy corresponding to the risk characteristic is determined by considering the priority and the execution duration of each policy at the same time. The method avoids the situation that only the highest priority strategy is selected as the target strategy and the execution time length of the highest priority strategy is ignored, so that the efficiency of risk characteristic decision making is reduced when the execution time length of the highest priority strategy is longer. In the embodiment, the target strategy corresponding to the risk characteristic is determined by simultaneously considering the priority and the execution duration of each strategy, so that the decision efficiency and the decision accuracy of the risk characteristic are improved, and the strategy management efficiency is high.
The principle of step 307 is similar to that of step 205, and is not described herein again.
In some optional implementations of this embodiment, the step 306 specifically includes the following steps:
In this implementation manner, when determining that the execution duration of each policy is less than or equal to the preset duration, the execution main body determines the policy with the highest priority as the target policy. The preset duration is the time required by the strategy obtained through the test under the conditions of high decision efficiency and good decision effect when the strategy executes corresponding treatment on the risk characteristics. The execution main body firstly takes the execution duration as a first consideration factor, and determines the policy with the highest priority as the target policy when the execution duration of each policy corresponding to the same handling mode is less than or equal to the preset duration. The target policy may be the most efficient and accurate policy for handling the target risk features.
The implementation mode takes the execution duration as a first consideration factor, filters the execution duration of each strategy by setting the preset duration, and selects the strategy with the highest priority aiming at the target risk characteristics and determines the strategy as the target strategy by considering the priority factor when the execution duration of each strategy is within the preset duration range, so that the efficiency and the accuracy of the strategy for disposing the target risk characteristics can be improved, and the problem analysis efficiency is high.
In some optional implementations of this embodiment, the step 306 specifically includes the following steps:
In this implementation manner, when determining that the execution duration of each policy is longer than the preset duration, the execution main body determines the policy with the shortest execution time as the target policy. In this implementation, the execution subject takes the execution duration as the first consideration and the priority as the second. When the execution duration of each policy corresponding to the same treatment is greater than the preset duration, it indicates that the execution duration of the policy with the highest priority is also greater than the preset duration. At this time, the policy with the shortest execution time length in each policy is determined as the target policy, regardless of the priority.
The implementation mode takes the execution time length as a first consideration, and determines the strategy with the shortest execution time length as the target strategy when the execution time length of each strategy is not within the preset time length range, so that the strategy execution efficiency can be ensured, and the same disposal mode is only used once at the same time, thereby avoiding the situations that decision paths are crowded and decision resources are wasted due to the fact that a plurality of strategies which are disposed at the same time are decided at the same time.
In some optional implementations of this embodiment, the method for processing data may further include the following steps not shown in fig. 3: and carrying out security check on the access data.
In this implementation, the execution main body performs security check on the access data after acquiring the access data. The security check includes a check on some parameters in the access data. The parameters to be checked may include, for example: the service identification is used for identifying the service line; and the safety secret key is used for verifying whether the data flow is correct or not, so that the wind control privacy service is prevented from being illegally called.
According to the embodiment, safety verification is carried out on the access data, after the verification is passed, self-service quick call of the online data or the offline data can be realized, access of risk data can be effectively controlled, illegal call of the wind-control privacy service is avoided, the safety of the access data is improved, and the access cost of new services is reduced.
In some optional implementations of this embodiment, the method for processing data may further include the following steps not shown in fig. 3: determining a parameter value generated in the processing process of the access data; and generating alarm information in response to determining that the parameter value is greater than the preset parameter threshold value.
In this implementation, the execution subject determines a parameter value resulting from the processing of the access data; and generating alarm information in response to determining that the parameter value is greater than the preset parameter threshold value. The access data includes offline data as well as synchronized online data. Determining a parameter value generated in the processing process of the access data, specifically, counting and monitoring the data of the critical path in the processing process of the access data, and determining the parameter value of the critical path. The key path comprises a process of matching the access data with the target risk characteristics, a process of matching the risk characteristics in the access data with the strategy, a process of performing parameter verification on the access data and the like. And parameter values generated in the processing process of the access data, wherein the parameters comprise time, policy numbers, operations (online and offline), operators, set-top data (user ID and corresponding user number) of users who do not log in for a long time, set-top data (user ID and corresponding user number) of users who frequently change territory posts, and the like. The preset parameter threshold may be a self-defined parameter value that triggers generation of alarm information. And when the execution main body determines that the value of the parameter exceeds a preset parameter threshold value, automatically generating alarm information and giving an alarm.
According to the embodiment, the problem can be quickly found by alarming abnormal data fluctuation of the parameter value generated in the processing process of the access data, various application environments such as early warning on offline data and early warning on synchronous online data are supported, the online strategy effect is further guaranteed, and the safety of strategy configuration is high.
With continued reference to fig. 4, a schematic diagram of one application scenario of a method for processing data according to the present application is shown. As in the application scenario of fig. 4, the execution body includes, but is not limited to, a server. The method for processing data according to this embodiment implements data access by online invoking data or offline scheduling data for service management, and at the same time, the service management also controls the accessed data traffic. Specifically, when data is called online through service management, basic information and an upper limit of flow control need to be edited; when offline scheduling data is managed through a service, basic information and an associated offline scheduling task number, namely an offline scheduling task Identifier (ID), need to be edited, and the basic information of the offline task is automatically displayed after the associated task number is selected.
And after the server accesses the data, the server checks the parameters of the accessed data. The parameters to be checked may include, for example: the service identification is used for identifying the service line; and the safety secret key is used for verifying whether the data flow is correct or not, so that the wind control privacy service is prevented from being illegally called.
And the server performs risk characteristic derivation based on model operation on the access data which passes the parameter verification through the rule engine. In addition, the server can also configure rules for disposing risk characteristics through a rule engine, and return and asynchronously call back rule configuration results in real time. The risk characteristic derivation means determining risk characteristics existing in the access data, for example, common characteristics including but not limited to basic fields such as a user name and a user ID; service characteristics including, but not limited to, special fields such as request ID; content recognition features including but not limited to text, pictures, video recognition capabilities, such as political text, pornographic picture recognition, and the like; behavior identification characteristics, including but not limited to clustering, frequency control and other rule characteristics, are mainly used for anti-cheating scenes; user attribute features, including but not limited to user portrayal features, may be applied to anti-cheating and content security scenarios.
The server determines a handling cluster corresponding to each risk feature or a combination of each risk feature for the risk features derived in the access data. And determining priorities for the policies in the handling cluster for the risk features or combinations of the risk features and the corresponding global configuration rules. For example, by the risk profile present in the access data: and combining the content identification features and the behavior identification features to determine corresponding handling clusters. Assume that its corresponding handling clusters are handling a and handling C clusters, respectively. The handling A cluster comprises a strategy A and a strategy B, and the handling C cluster comprises a strategy C and a strategy D. And determining the priority of the strategy A and the strategy B of the handling A cluster and the priority of the strategy C and the strategy D of the handling C cluster according to one or a combination of several kinds of service names, handling clusters, rule names, global handling and rule introduction in the global configuration rules corresponding to the access data content identification features and the behavior identification features.
The server determines the priority of each strategy in the disposal A cluster and the disposal C cluster through strategy management and determines the optimal strategy corresponding to the risk characteristics in the access data according to the execution duration of each strategy, and the strategy management efficiency is high. In addition, policy management may also implement classification of policies, global policy configuration, policy decision, policy deletion, and the like. It will be appreciated that the optimal policy need not be the highest priority policy, but may be the policy that performs the least time to handle risk features in the access data. In particular, the optimal policies in the handling a-cluster and the handling C-cluster will be executed in parallel after deciding out the optimal policies in the handling a-cluster and the handling C-cluster. For example, if the optimal policy in the handling a cluster is policy a and the optimal policy in the handling C cluster is policy D, the policy a and the policy D are executed in parallel on the risk features in the access data, and the two policies do not interfere with each other. Specifically, for example, policy a corresponds to deletion handling, policy D corresponds to prohibition handling, and policy a and policy D are handled in different ways, so both ways of handling are performed to ensure the accuracy of decision handling.
After the risk characteristics in the access data are processed through the corresponding strategies, the server stores processing results, original data, derived characteristic data, strategy logs, risk characteristic sets, risk user figures, threat intelligence and other data to a data center. In addition, the data center can analyze and manage risk data, and can perform quick query, offline data extraction, offline task scheduling and data analysis on data or tasks. The data is obtained through the methods of ES, data tables and the like for extracting the offline tasks. When the data center analyzes the data, characteristic scoring and automatic rule recommendation can be carried out. The feature classification is to find out a feature list with the highest degree of distinction for accurately distinguishing the risk features and the non-risk features by comparing the risk features with the non-risk features, and rank the importance of the found features from high to low according to the degree of distinction between the risk features and the non-risk features, for example, rank the importance of the user IP from high to low according to 99%, 98%, 96% and the like. In a characteristic scoring link of data analysis, specifically, firstly creating a scoring task, inputting risk characteristic and non-risk characteristic samples, and acquiring characteristic discrimination in a recursive mode; and checking details, checking feature scoring details and quickly positioning risk features. After the characteristics are scored and the risk characteristics are located, rule recommendation is performed, risk rules are automatically recommended according to the risk characteristics, the manual analysis cost is reduced, and the online problem is quickly solved. In addition, the data center can also realize automatic association of accidental injury data and visually display the accidental injury data on a policy management page.
With further reference to fig. 5, as an implementation of the methods shown in the above-mentioned figures, the present application provides an embodiment of an apparatus for processing data, which corresponds to the method embodiment shown in fig. 2, and which is particularly applicable to various electronic devices.
As shown in fig. 5, the apparatus 500 for processing data of the present embodiment includes: a data acquisition unit 501, a target risk characteristic determination unit 502, a policy determination unit 503, a target policy determination unit 504, and a data processing unit 505.
A data obtaining unit 501 configured to obtain access data.
A target risk characteristic determination unit 502 configured to determine a target risk characteristic included in the access data according to the characteristics in the access data and a preset risk characteristic set.
The policy determining unit 503 is configured to determine at least one policy corresponding to the target risk characteristic according to the target risk characteristic and a preset model, where the preset model is used to represent a corresponding relationship between the risk characteristic and the policy.
A target policy determining unit 504 configured to determine a target policy from the at least one policy.
A data processing unit 505 configured to process the access data using the target policy.
In some optional implementations of the present embodiment, the target risk characteristic determining unit 502 is further configured to: and determining the target risk characteristics included in the access data according to the combination of one or more characteristics in the preset risk characteristic set corresponding to the characteristics in the access data.
In some optional implementations of this embodiment, the target risk characteristics include at least one risk characteristic, each risk characteristic corresponding to a policy set; and the target policy determination unit 504 is further configured to: for each risk feature, determining the priority of each strategy in a strategy set corresponding to the risk feature according to the strategy set corresponding to the risk feature and a preset global configuration condition; determining the execution duration of each strategy in the strategy set corresponding to the risk characteristics; and determining a target strategy corresponding to the risk characteristic according to the priority and the execution duration of each strategy.
In some optional implementations of the present embodiment, the target policy determining unit 504 is further configured to: and in response to determining that the execution duration of each strategy is less than or equal to the preset duration, determining the strategy with the highest priority as the target strategy.
In some optional implementations of the present embodiment, the target policy determining unit 504 is further configured to: and in response to the fact that the execution duration of each strategy is larger than the preset duration, determining the strategy with the shortest execution duration as a target strategy.
In some optional implementations of this embodiment, the apparatus further comprises, not shown in fig. 5: a security verification unit configured to perform security verification on the access data.
In some optional implementations of this embodiment, the apparatus further comprises, not shown in fig. 5: an alarm unit configured to: determining a parameter value generated in the processing process of the access data; and generating alarm information in response to determining that the parameter value is greater than the preset parameter threshold value.
It should be understood that units 501 to 505, which are described in the apparatus 500 for processing data, correspond to the respective steps in the method described with reference to fig. 2, respectively. Thus, the operations and features described above for the method for processing data are equally applicable to the apparatus 500 and the units included therein and will not be described again here.
According to an embodiment of the present application, an electronic device and a readable storage medium are also provided.
As shown in fig. 6, is a block diagram of an electronic device for a method of processing data according to an embodiment of the present application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 6, the electronic apparatus includes: one or more processors 601, memory 602, and interfaces for connecting the various components, including a high-speed interface and a low-speed interface. The various components are interconnected using different buses 605 and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system). In fig. 6, one processor 601 is taken as an example.
The memory 602 is a non-transitory computer readable storage medium as provided herein. Wherein the memory stores instructions executable by at least one processor to cause the at least one processor to perform the methods for processing data provided herein. The non-transitory computer readable storage medium of the present application stores computer instructions for causing a computer to perform the method for processing data provided herein.
The memory 602, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and units, such as program instructions/units corresponding to the method for processing data in the embodiment of the present application (for example, the data acquisition unit 501, the target risk characteristic determination unit 502, the policy determination unit 503, the target policy determination unit 504, and the data processing unit 505 shown in fig. 5). The processor 601 executes various functional applications of the server and data processing by executing non-transitory software programs, instructions, and modules stored in the memory 602, that is, implements the method for processing data in the above method embodiments.
The memory 602 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the electronic device for the method of processing data, and the like. Further, the memory 602 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 602 optionally includes memory located remotely from the processor 601, which may be connected over a network to an electronic device for use in a method of processing data. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The electronic device of the method for processing data may further include: an input device 603 and an output device 604. The processor 601, the memory 602, the input device 603, and the output device 604 may be connected by a bus or other means, and are exemplified by a bus 605 in fig. 6.
The input device 603 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic apparatus for a method of processing data, such as an input device like a touch screen, a keypad, a mouse, a track pad, a touch pad, a pointer stick, one or more mouse buttons, a track ball, a joystick, etc. The output devices 604 may include a display device, auxiliary lighting devices (e.g., LEDs), and tactile feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.
Various implementations of the systems and techniques described here can be realized in digital electronic circuitry, integrated circuitry, application specific ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
These computer programs (also known as programs, software applications, or code) include machine instructions for a programmable processor, and may be implemented using high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. As used herein, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, Programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
According to the technical scheme of the embodiment of the application, the processing efficiency of the access data is improved, the data processing effect is integrally improved, and the online safety problem caused by the access data is reduced or avoided.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, and the present invention is not limited thereto as long as the desired results of the technical solutions disclosed in the present application can be achieved.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (16)
1. A method for processing data, comprising:
acquiring access data;
determining target risk characteristics included in the access data according to the characteristics in the access data and a preset risk characteristic set;
determining at least one strategy corresponding to the target risk characteristics according to the target risk characteristics and a preset model, wherein the preset model is used for representing the corresponding relation between the risk characteristics and the strategies;
determining a target strategy from the at least one strategy;
and processing the access data by utilizing the target strategy.
2. The method of claim 1, wherein the determining, according to the features in the access data and a preset risk feature set, a target risk feature included in the access data comprises:
and determining the target risk characteristics included in the access data according to the combination of one or more characteristics in a preset risk characteristic set corresponding to the characteristics in the access data.
3. The method of claim 2, wherein the target risk profile includes at least one risk profile, each risk profile corresponding to a policy set; and
the determining a target policy from the at least one policy includes:
for each risk feature, determining the priority of each strategy in a strategy set corresponding to the risk feature according to the strategy set corresponding to the risk feature and a preset global configuration condition;
determining the execution duration of each strategy in the strategy set corresponding to the risk characteristics;
and determining a target strategy corresponding to the risk characteristics according to the priority and the execution duration of each strategy.
4. The method of claim 3, wherein the determining the target policy corresponding to the risk feature according to the priority and the execution duration of each policy comprises:
and in response to determining that the execution duration of each strategy is less than or equal to the preset duration, determining the strategy with the highest priority as the target strategy.
5. The method of claim 4, wherein the determining the target policy corresponding to the risk feature according to the priority and the execution duration of each policy comprises:
and in response to the fact that the execution duration of each strategy is larger than the preset duration, determining the strategy with the shortest execution duration as a target strategy.
6. The method of any of claims 1-4, wherein the method further comprises:
and carrying out security check on the access data.
7. The method of claim 6, wherein the method further comprises:
determining a parameter value generated in the processing process of the access data;
and generating alarm information in response to determining that the parameter value is greater than a preset parameter threshold.
8. An apparatus for processing data, comprising:
a data acquisition unit configured to acquire access data;
a target risk characteristic determination unit configured to determine a target risk characteristic included in the access data according to a characteristic in the access data and a preset risk characteristic set;
the strategy determining unit is configured to determine at least one strategy corresponding to the target risk characteristics according to the target risk characteristics and a preset model, wherein the preset model is used for representing the corresponding relation between the risk characteristics and the strategies;
a target policy determination unit configured to determine a target policy from the at least one policy;
a data processing unit configured to process the access data using the target policy.
9. The apparatus of claim 8, wherein the target risk characteristic determination unit is further configured to: and determining the target risk characteristics included in the access data according to the combination of one or more characteristics in a preset risk characteristic set corresponding to the characteristics in the access data.
10. The apparatus of claim 9, wherein the target risk profile comprises at least one risk profile, each risk profile corresponding to a policy set; and
the target policy determination unit is further configured to:
for each risk feature, determining the priority of each strategy in a strategy set corresponding to the risk feature according to the strategy set corresponding to the risk feature and a preset global configuration condition;
determining the execution duration of each strategy in the strategy set corresponding to the risk characteristics;
and determining a target strategy corresponding to the risk characteristic according to the priority and the execution duration of each strategy.
11. The apparatus of claim 10, wherein the target policy determination unit is further configured to:
and in response to determining that the execution duration of each strategy is less than or equal to the preset duration, determining the strategy with the highest priority as the target strategy.
12. The apparatus of claim 11, wherein the target policy determination unit is further configured to:
and in response to the fact that the execution duration of each strategy is larger than the preset duration, determining the strategy with the shortest execution duration as a target strategy.
13. The apparatus of any one of claims 8 to 12, wherein the apparatus further comprises:
a security verification unit configured to perform security verification on the access data.
14. The apparatus of claim 13, wherein the apparatus further comprises: an alarm unit configured to:
determining a parameter value generated in the processing process of the access data;
and generating alarm information in response to determining that the parameter value is greater than a preset parameter threshold.
15. An electronic device for processing data, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-7.
16. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010573830.9A CN111724069A (en) | 2020-06-22 | 2020-06-22 | Method, apparatus, device and storage medium for processing data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010573830.9A CN111724069A (en) | 2020-06-22 | 2020-06-22 | Method, apparatus, device and storage medium for processing data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111724069A true CN111724069A (en) | 2020-09-29 |
Family
ID=72569875
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010573830.9A Pending CN111724069A (en) | 2020-06-22 | 2020-06-22 | Method, apparatus, device and storage medium for processing data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111724069A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112612645A (en) * | 2020-12-24 | 2021-04-06 | 深圳市科力锐科技有限公司 | Backup standard reaching rate determining method, equipment, storage medium and device |
| CN112667657A (en) * | 2020-12-24 | 2021-04-16 | 国泰君安证券股份有限公司 | System, method and device for realizing data desensitization based on computer software, processor and storage medium thereof |
| CN113254932A (en) * | 2021-06-16 | 2021-08-13 | 百度在线网络技术(北京)有限公司 | Application program risk detection method and device, electronic equipment and medium |
| CN113766256A (en) * | 2021-02-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Live broadcast wind control method and device |
| CN113888181A (en) * | 2021-10-25 | 2022-01-04 | 支付宝(杭州)信息技术有限公司 | Business processing and risk detection strategy system construction method, device and equipment |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU2012101273A4 (en) * | 2012-08-21 | 2012-09-20 | Peter Maccallum Cancer Institute | System and process for cancer risk estimation |
| US20170357922A1 (en) * | 2016-06-14 | 2017-12-14 | International Business Machines Corporation | Personalized behavior-driven dynamic risk management with constrained service capacity |
| CN109034660A (en) * | 2018-08-22 | 2018-12-18 | 平安科技(深圳)有限公司 | Based on the determination method and relevant apparatus of the risk control strategy of prediction model |
| CN109064175A (en) * | 2018-06-11 | 2018-12-21 | 阿里巴巴集团控股有限公司 | A kind of account takeover risk prevention system method and device |
| CN109165840A (en) * | 2018-08-20 | 2019-01-08 | 平安科技(深圳)有限公司 | Risk profile processing method, device, computer equipment and medium |
| CN109214683A (en) * | 2018-09-06 | 2019-01-15 | 平安科技(深圳)有限公司 | A kind of Application of risk decision method and device |
| CN109376999A (en) * | 2018-09-20 | 2019-02-22 | 阿里巴巴集团控股有限公司 | A kind of management-control method of transaction, device and equipment |
| CN109559221A (en) * | 2018-11-20 | 2019-04-02 | 中国银行股份有限公司 | Collection method, apparatus and storage medium based on user data |
| CN109741065A (en) * | 2019-01-28 | 2019-05-10 | 广州虎牙信息科技有限公司 | A kind of payment risk recognition methods, device, equipment and storage medium |
| CN110163741A (en) * | 2019-04-16 | 2019-08-23 | 深圳壹账通智能科技有限公司 | Credit decisions method, apparatus, equipment and medium based on credit air control model |
| CN110363653A (en) * | 2019-06-28 | 2019-10-22 | 北京淇瑀信息科技有限公司 | Financial service request response method, device and electronic equipment |
| CN110503565A (en) * | 2019-07-05 | 2019-11-26 | 中国平安人寿保险股份有限公司 | Behaviorist risk recognition methods, system, equipment and readable storage medium storing program for executing |
| CN110503564A (en) * | 2019-07-05 | 2019-11-26 | 中国平安人寿保险股份有限公司 | Save case processing method, system, equipment and storage medium from damage based on big data |
-
2020
- 2020-06-22 CN CN202010573830.9A patent/CN111724069A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| AU2012101273A4 (en) * | 2012-08-21 | 2012-09-20 | Peter Maccallum Cancer Institute | System and process for cancer risk estimation |
| US20170357922A1 (en) * | 2016-06-14 | 2017-12-14 | International Business Machines Corporation | Personalized behavior-driven dynamic risk management with constrained service capacity |
| CN109064175A (en) * | 2018-06-11 | 2018-12-21 | 阿里巴巴集团控股有限公司 | A kind of account takeover risk prevention system method and device |
| CN109165840A (en) * | 2018-08-20 | 2019-01-08 | 平安科技(深圳)有限公司 | Risk profile processing method, device, computer equipment and medium |
| CN109034660A (en) * | 2018-08-22 | 2018-12-18 | 平安科技(深圳)有限公司 | Based on the determination method and relevant apparatus of the risk control strategy of prediction model |
| CN109214683A (en) * | 2018-09-06 | 2019-01-15 | 平安科技(深圳)有限公司 | A kind of Application of risk decision method and device |
| CN109376999A (en) * | 2018-09-20 | 2019-02-22 | 阿里巴巴集团控股有限公司 | A kind of management-control method of transaction, device and equipment |
| CN109559221A (en) * | 2018-11-20 | 2019-04-02 | 中国银行股份有限公司 | Collection method, apparatus and storage medium based on user data |
| CN109741065A (en) * | 2019-01-28 | 2019-05-10 | 广州虎牙信息科技有限公司 | A kind of payment risk recognition methods, device, equipment and storage medium |
| CN110163741A (en) * | 2019-04-16 | 2019-08-23 | 深圳壹账通智能科技有限公司 | Credit decisions method, apparatus, equipment and medium based on credit air control model |
| CN110363653A (en) * | 2019-06-28 | 2019-10-22 | 北京淇瑀信息科技有限公司 | Financial service request response method, device and electronic equipment |
| CN110503565A (en) * | 2019-07-05 | 2019-11-26 | 中国平安人寿保险股份有限公司 | Behaviorist risk recognition methods, system, equipment and readable storage medium storing program for executing |
| CN110503564A (en) * | 2019-07-05 | 2019-11-26 | 中国平安人寿保险股份有限公司 | Save case processing method, system, equipment and storage medium from damage based on big data |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112612645A (en) * | 2020-12-24 | 2021-04-06 | 深圳市科力锐科技有限公司 | Backup standard reaching rate determining method, equipment, storage medium and device |
| CN112667657A (en) * | 2020-12-24 | 2021-04-16 | 国泰君安证券股份有限公司 | System, method and device for realizing data desensitization based on computer software, processor and storage medium thereof |
| CN112612645B (en) * | 2020-12-24 | 2024-04-02 | 深圳市科力锐科技有限公司 | Backup standard reaching rate determining method, equipment, storage medium and device |
| CN113766256A (en) * | 2021-02-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Live broadcast wind control method and device |
| CN113254932A (en) * | 2021-06-16 | 2021-08-13 | 百度在线网络技术(北京)有限公司 | Application program risk detection method and device, electronic equipment and medium |
| CN113254932B (en) * | 2021-06-16 | 2024-02-27 | 百度在线网络技术(北京)有限公司 | Application risk detection method and device, electronic equipment and medium |
| CN113888181A (en) * | 2021-10-25 | 2022-01-04 | 支付宝(杭州)信息技术有限公司 | Business processing and risk detection strategy system construction method, device and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10375093B1 (en) | Suspicious message report processing and threat response | |
| US11997115B1 (en) | Message platform for automated threat simulation, reporting, detection, and remediation | |
| US11336681B2 (en) | Malware data clustering | |
| US11102221B2 (en) | Intelligent security management | |
| CN111724069A (en) | Method, apparatus, device and storage medium for processing data | |
| US20200389495A1 (en) | Secure policy-controlled processing and auditing on regulated data sets | |
| CN110442712B (en) | Risk determination method, risk determination device, server and text examination system | |
| WO2016164844A1 (en) | Message report processing and threat prioritization | |
| CN110570217B (en) | Cheating detection method and device | |
| US12038984B2 (en) | Using a machine learning system to process a corpus of documents associated with a user to determine a user-specific and/or process-specific consequence index | |
| AU2016246074B2 (en) | Message report processing and threat prioritization | |
| US20220318681A1 (en) | System and method for scalable, interactive, collaborative topic identification and tracking | |
| CN109829033B (en) | Data display method and terminal equipment | |
| US20180129664A1 (en) | System and method to recommend a bundle of items based on item/user tagging and co-install graph | |
| CN114390011A (en) | Message processing method and device and readable storage medium | |
| CN112148979B (en) | Event-associated user identification method, device, electronic equipment and storage medium | |
| CN111416744B (en) | Method and device for monitoring and alarming on internet | |
| CN113642919A (en) | Risk control method, electronic device, and storage medium | |
| CN113159810A (en) | Policy evaluation method, device, equipment and storage medium | |
| CN114189585A (en) | Crank call abnormity detection method and device and computing equipment | |
| US20240340292A1 (en) | Cognitive framework and implementation methods for business operations intelligence | |
| US20240195841A1 (en) | System and method for manipulation of secure data | |
| CN118381644A (en) | Network access control method, device, equipment and medium | |
| CN115687778A (en) | Resource recommendation method, device, equipment and storage medium | |
| CN116862020A (en) | Training method of text classification model, text classification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |