CN112347392A - Anti-fraud assessment method and device based on transfer learning and electronic equipment - Google Patents
Anti-fraud assessment method and device based on transfer learning and electronic equipment Download PDFInfo
- Publication number
- CN112347392A CN112347392A CN202011132042.2A CN202011132042A CN112347392A CN 112347392 A CN112347392 A CN 112347392A CN 202011132042 A CN202011132042 A CN 202011132042A CN 112347392 A CN112347392 A CN 112347392A
- Authority
- CN
- China
- Prior art keywords
- domain data
- fraud
- data
- target domain
- source domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000013526 transfer learning Methods 0.000 title claims abstract description 26
- 238000013508 migration Methods 0.000 claims description 44
- 230000005012 migration Effects 0.000 claims description 44
- 230000000694 effects Effects 0.000 claims description 9
- 238000011156 evaluation Methods 0.000 claims description 8
- 238000012360 testing method Methods 0.000 claims description 7
- 230000006978 adaptation Effects 0.000 claims description 6
- 238000013135 deep learning Methods 0.000 claims description 5
- 238000002372 labelling Methods 0.000 abstract description 5
- 238000012549 training Methods 0.000 abstract description 2
- 238000012545 processing Methods 0.000 description 12
- 230000006870 function Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 238000004590 computer program Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013527 convolutional neural network Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000004900 laundering Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000008929 regeneration Effects 0.000 description 1
- 238000011069 regeneration method Methods 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 210000002268 wool Anatomy 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/35—Clustering; Classification
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses an anti-fraud assessment method and device based on transfer learning and electronic equipment, wherein the method comprises the following steps: respectively acquiring anti-fraud source domain data and target domain data; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated; performing transfer learning on the source domain data and the target domain data; establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data; and evaluating the fraudulent user according to the anti-fraud model. According to the method and the device, the anti-fraud assessment of the target domain is realized through the transfer learning of the source domain and the target domain, complex data labeling and model training are not required to be carried out on data in each service scene, the workload of the anti-fraud assessment can be effectively reduced, and the wind control cost is reduced. In addition, in the invention, the source domain data and the target domain data do not obey the same distribution, and the method has the advantage of wide application.
Description
Technical Field
The invention relates to the technical field of computer information processing, in particular to an anti-fraud assessment method and device based on transfer learning, electronic equipment and a computer readable medium.
Background
Due to the rapid development of the internet and the popularization of intelligent terminals, people can transact a plurality of services such as online shopping and electronic banking without going out of home. But then also face some network fraud.
Network fraud can be classified according to the purpose of fraud: marketing cheating (e.g. wool pulling, false traffic, etc.), spending cheating (e.g. cash-out), financial cheating (e.g. cheating loan, fraudulent swiping of bank card, fraudulent swiping of quota, etc.), transaction cheating (e.g. swiping good comment, swiping bad comment, malicious occupation, money laundering, etc.), account cheating (e.g. fishing, false registration, etc.), etc. Surveys have shown that cyber fraud is increasingly complex and pervasive to different industries, with economic losses of up to $ 4450 billion worldwide each year, and has evolved into a black industrial chain with well-organized, specialized and defined divisions, with serious challenges for the development of the internet industry.
At present, in anti-fraud wind control, machine learning is mainly carried out on risk characteristics of a whole service flow through a machine learning algorithm, so that fraud behaviors are identified. When the anti-fraud service scene changes, there is a phenomenon that the model in the current service scene cannot adapt to the new scene. For different service scenes, to realize anti-fraud wind control, client data needs to be accumulated in each service scene to serve as a label for supervised learning, and then a data acquisition model of a new scene is retrained. This anti-fraud approach requires a great deal of time and effort to label the samples and train the models, and is time and labor intensive, as well as costly.
Disclosure of Invention
The invention aims to solve the technical problems of multiple anti-fraud assessment workloads and large cost investment caused by the fact that labels need to be marked again and models need to be trained in different service scenes in the prior art.
In order to solve the above technical problem, a first aspect of the present invention provides an anti-fraud assessment method based on transfer learning, where the method includes:
respectively acquiring anti-fraud source domain data and target domain data; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated;
performing transfer learning on the source domain data and the target domain data;
establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data;
and evaluating the fraudulent user according to the anti-fraud model.
According to a preferred embodiment of the present invention, the establishing an anti-fraud model according to the migrated source domain data and target domain data includes:
establishing an anti-fraud model and strategy according to the migrated source domain data;
and testing the migration effect according to the migrated target domain data.
According to a preferred embodiment of the present invention, after performing migration learning of multiple migration manners on the source domain data and the target domain data, the method further includes:
determining the maximum mean difference distance between the source domain data and the target domain data after the transfer learning;
adjusting the plurality of migration modes such that the maximum mean difference distance is minimized.
According to a preferred embodiment of the present invention, the migration method includes: the migration component analyzes TCA and/or a deep adaptation network DAN.
According to a preferred embodiment of the present invention, the plurality of migration modes are adjusted by hyper-parameter tuning, kernel function tuning, or data logic tuning, so that the maximum mean difference distance is minimized.
According to a preferred embodiment of the invention, anti-fraud models and strategies are established by deep learning classifiers.
In order to solve the above technical problem, a second aspect of the present invention provides an anti-fraud assessment apparatus based on transfer learning, the apparatus including:
the acquisition module is used for respectively acquiring anti-fraud source domain data and target domain data; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated;
the migration module is used for performing migration learning on the source domain data and the target domain data;
the creation module is used for establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data;
and the evaluation module is used for evaluating the fraudulent user according to the anti-fraud model.
According to a preferred embodiment of the present invention, the creating module includes:
the sub-creation module is used for establishing an anti-fraud model and a strategy according to the migrated source domain data;
and the test module is used for testing the migration effect according to the migrated target domain data.
According to a preferred embodiment of the invention, the device further comprises:
the determining module is used for determining the maximum mean difference distance between the source domain data and the target domain data after the transfer learning;
and the adjusting module is used for adjusting the plurality of migration modes to enable the maximum mean difference distance to be minimum.
According to a preferred embodiment of the present invention, the migration method includes: the migration component analyzes TCA and/or a deep adaptation network DAN.
According to a preferred embodiment of the present invention, the adjusting module adjusts the plurality of migration modes in a manner of hyper-parameter tuning, kernel function tuning, or data logic tuning, so that the maximum mean difference distance is minimum.
According to a preferred embodiment of the present invention, the sub-creation module builds anti-fraud models and strategies through deep learning classifiers.
To solve the above technical problem, a third aspect of the present invention provides an electronic device, comprising:
a processor; and
a memory storing computer executable instructions that, when executed, cause the processor to perform the method described above.
In order to solve the above technical problem, a fourth aspect of the present invention proposes a computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs that, when executed by a processor, implement the above method.
The method comprises the steps of taking the data distribution to be stable, taking sample data with fraud marks larger than a preset number as a source domain, taking the sample data of a service scene to be subjected to anti-fraud evaluation as a target domain, mapping the source domain data and the target domain data into the same distribution space through the transfer learning of the source domain data and the target domain data, and then establishing an anti-fraud model to perform anti-fraud evaluation on the target domain and the source domain. According to the method and the device, the anti-fraud assessment of the target domain is realized through the transfer learning of the source domain and the target domain, complex data labeling and model training are not required to be carried out on data in each service scene, the workload of the anti-fraud assessment can be effectively reduced, and the wind control cost is reduced. In addition, in the invention, the source domain data and the target domain data do not obey the same distribution, and the method has the advantage of wide application. The invention can also migrate between different tasks without the need to model each subtask separately.
Drawings
In order to make the technical problems solved by the present invention, the technical means adopted and the technical effects obtained more clear, the following will describe in detail the embodiments of the present invention with reference to the accompanying drawings. It should be noted, however, that the drawings described below are only illustrations of exemplary embodiments of the invention, from which other embodiments can be derived by those skilled in the art without inventive step.
FIG. 1 is a flow chart of an anti-fraud assessment method based on transfer learning according to the present invention;
FIG. 2 is a flow chart illustrating steps of establishing an anti-fraud model according to the migrated source domain data and target domain data according to the present invention;
FIG. 3 is a schematic structural framework diagram of an anti-fraud assessment apparatus based on transfer learning according to the present invention;
FIG. 4 is a block diagram of an exemplary embodiment of an electronic device in accordance with the present invention;
FIG. 5 is a schematic diagram of one embodiment of a computer-readable medium of the present invention.
Detailed Description
Exemplary embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments of the invention may be embodied in many specific forms, and should not be construed as limited to the embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art.
The structures, properties, effects or other characteristics described in a certain embodiment may be combined in any suitable manner in one or more other embodiments, while still complying with the technical idea of the invention.
In describing particular embodiments, specific details of structures, properties, effects, or other features are set forth in order to provide a thorough understanding of the embodiments by one skilled in the art. However, it is not excluded that a person skilled in the art may implement the invention in a specific case without the above-described structures, performances, effects or other features.
The flow chart in the drawings is only an exemplary flow demonstration, and does not represent that all the contents, operations and steps in the flow chart are necessarily included in the scheme of the invention, nor does it represent that the execution is necessarily performed in the order shown in the drawings. For example, some operations/steps in the flowcharts may be divided, some operations/steps may be combined or partially combined, and the like, and the execution order shown in the flowcharts may be changed according to actual situations without departing from the gist of the present invention.
The block diagrams in the figures generally represent functional entities and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The same reference numerals denote the same or similar elements, components, or parts throughout the drawings, and thus, a repetitive description thereof may be omitted hereinafter. It will be further understood that, although the terms first, second, third, etc. may be used herein to describe various elements, components, or sections, these elements, components, or sections should not be limited by these terms. That is, these phrases are used only to distinguish one from another. For example, a first device may also be referred to as a second device without departing from the spirit of the present invention. Furthermore, the term "and/or", "and/or" is intended to include all combinations of any one or more of the listed items.
In the invention, the transfer learning refers to a learning process of applying a model learned in an old field to a new field by using data, tasks or similarity among models.
The domain is a subject of migration learning, and the domain mainly includes data and probability distribution (i.e., labeling of data) for generating the data. The Source Domain (Source Domain) is a Domain with knowledge and a large amount of data labels, and is an object to be migrated; the Target Domain is the object that we will eventually give knowledge and label. The transfer of knowledge from the source domain to the target domain completes the migration. In the invention, the service scene with fraud marks larger than the preset number can be selected as the source domain, and the service field needing anti-fraud evaluation is taken as the target domain.
Referring to fig. 1, fig. 1 is a flowchart of an anti-fraud assessment method based on transfer learning according to the present invention, as shown in fig. 1, the method includes:
s1, respectively acquiring anti-fraud source domain data and target domain data;
the source domain data is user data of a domain with fraud labels larger than a preset number, and the target domain data is user data of a domain to be subjected to anti-fraud evaluation. The preset data can be preset according to needs so as to ensure that the source domain data has enough marked samples. In the present invention, the user data includes user basic data and user operation data. The user basic data is used for identifying the user identity, such as identity card data, contact data and the like. The user operation data is used for identifying the service operation of the user. Specifically, the user operation data may include: basic operation data and business operation data, wherein the basic operation comprises registration, login and the like, and correspondingly, the basic operation data comprises registration data and login data. The service operation is related to a specific service, and includes all operations of the user in the whole service. Taking the internet banking service as an example, the service operation includes: transfer accounts, consumption, payment, borrowing, deposit, etc. Taking online shopping as an example, the business operation includes: ordering, paying, receiving, refunding, returning, etc.
Specifically, a service scene with a number of fraud flags greater than a preset number may be selected as a source domain, and a service domain requiring anti-fraud evaluation may be used as a target domain. In one example, if the online banking scene is a target domain, one of a mobile phone bank, a direct sales bank or a wechat bank which is similar to the online banking scene and has fraud annotations larger than a preset number can be selected as a source domain; any two of the service scenarios, or all three of the service scenarios, may also be used as the source domain. Because the three service scenes have similarity, the multiple similar service scenes are used as the source domain, so that sufficient anti-fraud labeling samples of the source domain data can be ensured, and the accuracy of anti-fraud identification is improved.
S2, performing transfer learning on the source domain data and the target domain data;
in this step, migration learning in multiple migration modes can be performed on the source domain data and the target domain data. The migration methods include but are not limited to: migration Component Analysis (TCA) and Deep Adaptation Network (DAN). The TCA is an edge distribution self-adaptive method, and when a source domain and a target domain are in different data distribution, the TCA maps data of the two domains to a high-dimensional regeneration core Hilbert space together. In this space, the distance of the source domain data and the target domain data is minimized while preserving their respective internal properties to the greatest extent. The goal of TCA is to reduce the distance of the edge probability distribution of the source domain and the target domain, thereby completing the transfer learning. The DAN populates a deep convolutional neural network to a field self-adaptive scene, performs adaptive migration by taking the deep network as a carrier, and is mainly applied to the classification and regression problems. Deep neural networks can learn migratable features that exhibit good generalization ability on new tasks when used for domain adaptation.
Further, in order to improve the accuracy of the migration learning, the migration mode may be optimized, and the migration function may be evaluated for the Maximum Mean Difference (MMD). Therefore, after this step, the following step may be further performed:
s21, determining the maximum mean difference distance between the source domain data and the target domain data after the transfer learning;
the maximum mean difference Distance (D)s,Dt) Obtained by the following formula:
wherein D issRepresenting source domain data, DtRepresenting target domain data, n1Representing the number of source domain samples, n2Representing the number of samples in the target domain, phi is the mapping function.
And S22, adjusting the plurality of migration modes to enable the maximum mean difference to be minimum.
In the invention, the plurality of migration modes can be adjusted in a super-parameter tuning, kernel function tuning or data logic adjusting mode to enable the maximum mean difference distance to be minimum.
And S3, establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data.
Illustratively, as shown in fig. 2, the present step includes:
s31, establishing an anti-fraud model and strategy according to the migrated source domain data;
and establishing an anti-fraud model and strategy through a deep learning classifier.
And S32, testing the migration effect according to the migrated target domain data.
And S4, evaluating the fraudulent user according to the anti-fraud model.
It is applied in a fraudulent user identification scenario. Specifically, the shown anti-fraud model can be used for user risk identification, sample labeling and the like of a target domain.
Fig. 3 is a schematic diagram of an architecture of an anti-fraud assessment apparatus based on transfer learning according to the present invention, as shown in fig. 3, the apparatus includes:
an obtaining module 31, configured to obtain anti-fraud source domain data and target domain data respectively; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated;
a migration module 32, configured to perform migration learning on the source domain data and the target domain data;
the creating module 33 is configured to create an anti-fraud model according to the migrated source domain data and target domain data;
and the evaluation module 34 is used for evaluating the fraudulent user according to the anti-fraud model.
Wherein the creating module 33 comprises:
the sub creation module 331 is configured to establish an anti-fraud model and a policy according to the migrated source domain data; specifically, the sub-creation module 331 establishes an anti-fraud model and a strategy through a deep learning classifier.
The testing module 332 is configured to test a migration effect according to the migrated target domain data.
Further, the apparatus further comprises:
the determining module is used for determining the maximum mean difference distance between the source domain data and the target domain data after the transfer learning;
and the adjusting module is used for adjusting the plurality of migration modes to enable the maximum mean difference distance to be minimum. Specifically, the adjusting module adjusts the plurality of migration modes in a manner of hyper-parameter tuning, kernel function tuning, or data logic tuning so that the maximum mean difference distance is minimum.
Wherein, the migration mode comprises: the migration component analyzes TCA and/or a deep adaptation network DAN.
Those skilled in the art will appreciate that the modules in the above-described embodiments of the apparatus may be distributed as described in the apparatus, and may be correspondingly modified and distributed in one or more apparatuses other than the above-described embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.
In the following, embodiments of the electronic device of the present invention are described, which may be regarded as an implementation in physical form for the above-described embodiments of the method and apparatus of the present invention. Details described in the embodiments of the electronic device of the invention should be considered supplementary to the embodiments of the method or apparatus described above; for details which are not disclosed in embodiments of the electronic device of the invention, reference may be made to the above-described embodiments of the method or the apparatus.
Fig. 4 is a block diagram of an exemplary embodiment of an electronic device according to the present invention. The electronic device shown in fig. 4 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 4, the electronic device 400 of the exemplary embodiment is represented in the form of a general-purpose data processing device. The components of electronic device 400 may include, but are not limited to: at least one processing unit 410, at least one memory unit 420, a bus 430 connecting different electronic device components (including the memory unit 420 and the processing unit 410), a display unit 440, and the like.
The storage unit 420 stores a computer-readable program, which may be a code of a source program or a read-only program. The program may be executed by the processing unit 410 such that the processing unit 410 performs the steps of various embodiments of the present invention. For example, the processing unit 410 may perform the steps as shown in fig. 1.
The storage unit 420 may include readable media in the form of volatile storage units, such as a random access memory unit (RAM)4201 and/or a cache memory unit 4202, and may further include a read only memory unit (ROM) 4203. The storage unit 420 may also include a program/utility 4204 having a set (at least one) of program modules 4205, such program modules 4205 including, but not limited to: operating the electronic device, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 400 may also communicate with one or more external devices 300 (e.g., keyboard, display, network device, bluetooth device, etc.), enable a user to interact with the electronic device 400 via the external devices 400, and/or enable the electronic device 400 to communicate with one or more other data processing devices (e.g., router, modem, etc.). Such communication may occur via input/output (I/O) interfaces 450, and may also occur via a network adapter 460 with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network such as the Internet). The network adapter 460 may communicate with other modules of the electronic device 400 via the bus 430. It should be appreciated that although not shown in FIG. 4, other hardware and/or software modules may be used in the electronic device 400, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID electronics, tape drives, and data backup storage electronics, among others.
FIG. 5 is a schematic diagram of one computer-readable medium embodiment of the present invention. As shown in fig. 5, the computer program may be stored on one or more computer readable media. The computer readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may be, for example, but not limited to, an electronic device, apparatus, or device that is electronic, magnetic, optical, electromagnetic, infrared, or semiconductor, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. The computer program, when executed by one or more data processing devices, enables the computer-readable medium to implement the above-described method of the invention, namely: respectively acquiring anti-fraud source domain data and target domain data; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated; performing transfer learning on the source domain data and the target domain data; establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data; and evaluating the fraudulent user according to the anti-fraud model.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments of the present invention described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiment of the present invention can be embodied in the form of a software product, which can be stored in a computer-readable storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to make a data processing device (which can be a personal computer, a server, or a network device, etc.) execute the above-mentioned method according to the present invention.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution electronic device, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including object oriented programming languages such as Java, C + + or the like and conventional procedural programming languages, such as "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In summary, the present invention can be implemented as a method, an apparatus, an electronic device, or a computer-readable medium executing a computer program. Some or all of the functions of the present invention may be implemented in practice using a general purpose data processing device such as a microprocessor or a Digital Signal Processor (DSP).
While the foregoing embodiments have described the objects, aspects and advantages of the present invention in further detail, it should be understood that the present invention is not inherently related to any particular computer, virtual machine or electronic device, and various general-purpose machines may be used to implement the present invention. The invention is not to be considered as limited to the specific embodiments thereof, but is to be understood as being modified in all respects, all changes and equivalents that come within the spirit and scope of the invention.
Claims (9)
1. An anti-fraud assessment method based on transfer learning, the method comprising:
respectively acquiring anti-fraud source domain data and target domain data; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated;
performing transfer learning on the source domain data and the target domain data;
establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data;
and evaluating the fraudulent user according to the anti-fraud model.
2. The method of claim 1, wherein the establishing an anti-fraud model from the migrated source domain data and target domain data comprises:
establishing an anti-fraud model and strategy according to the migrated source domain data;
and testing the migration effect according to the migrated target domain data.
3. The method according to any one of claims 1-2, wherein after performing migration learning of multiple migration modes on the source domain data and the target domain data, the method further comprises:
determining the maximum mean difference distance between the source domain data and the target domain data after the transfer learning;
adjusting the plurality of migration modes such that the maximum mean difference distance is minimized.
4. The method according to any one of claims 1-3, wherein the migration mode comprises: the migration component analyzes TCA and/or a deep adaptation network DAN.
5. The method according to any one of claims 1-4, wherein the plurality of migration patterns are adjusted by hyper-parametric tuning, kernel-function tuning, or data-logic tuning to minimize the maximum mean difference distance.
6. The method of any one of claims 1-5, wherein the anti-fraud model and policy are established by a deep learning classifier.
7. An apparatus for migration learning based anti-fraud assessment, the apparatus comprising:
the acquisition module is used for respectively acquiring anti-fraud source domain data and target domain data; the source domain data is user data of a field with a number greater than a preset number of fraud markers, and the target domain data is user data of a field to be anti-fraud evaluated;
the migration module is used for performing migration learning on the source domain data and the target domain data;
the creation module is used for establishing an anti-fraud model according to the migrated source domain data and the migrated target domain data;
and the evaluation module is used for evaluating the fraudulent user according to the anti-fraud model.
8. An electronic device, comprising:
a processor; and
a memory storing computer-executable instructions that, when executed, cause the processor to perform the method of any of claims 1-6.
9. A computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011132042.2A CN112347392A (en) | 2020-10-21 | 2020-10-21 | Anti-fraud assessment method and device based on transfer learning and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011132042.2A CN112347392A (en) | 2020-10-21 | 2020-10-21 | Anti-fraud assessment method and device based on transfer learning and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112347392A true CN112347392A (en) | 2021-02-09 |
Family
ID=74359512
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011132042.2A Pending CN112347392A (en) | 2020-10-21 | 2020-10-21 | Anti-fraud assessment method and device based on transfer learning and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112347392A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343087A (en) * | 2021-06-09 | 2021-09-03 | 南京星云数字技术有限公司 | Method and system for acquiring marketing user |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108304316A (en) * | 2017-12-25 | 2018-07-20 | 浙江工业大学 | A kind of Software Defects Predict Methods based on collaboration migration |
| CN109242107A (en) * | 2018-09-11 | 2019-01-18 | 北京芯盾时代科技有限公司 | Anti- fraud model training method, system based on transfer learning and counter cheat method |
| CN110543860A (en) * | 2019-09-05 | 2019-12-06 | 燕山大学 | Mechanical fault diagnosis method and system based on TJM (machine learning model) transfer learning |
-
2020
- 2020-10-21 CN CN202011132042.2A patent/CN112347392A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108304316A (en) * | 2017-12-25 | 2018-07-20 | 浙江工业大学 | A kind of Software Defects Predict Methods based on collaboration migration |
| CN109242107A (en) * | 2018-09-11 | 2019-01-18 | 北京芯盾时代科技有限公司 | Anti- fraud model training method, system based on transfer learning and counter cheat method |
| CN110543860A (en) * | 2019-09-05 | 2019-12-06 | 燕山大学 | Mechanical fault diagnosis method and system based on TJM (machine learning model) transfer learning |
Non-Patent Citations (1)
| Title |
|---|
| 梅子行: "《智能风控:原理、算法与工程实践》", 机械工业出版社, pages: 88 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343087A (en) * | 2021-06-09 | 2021-09-03 | 南京星云数字技术有限公司 | Method and system for acquiring marketing user |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11151573B2 (en) | Intelligent chargeback processing platform | |
| CA3089076C (en) | Method and system for user data driven financial transaction description dictionary construction | |
| US11531987B2 (en) | User profiling based on transaction data associated with a user | |
| US20210216859A1 (en) | Interpretability-Aware Adversarial Attack and Defense Method for Deep Learnings | |
| US10726501B1 (en) | Method to use transaction, account, and company similarity clusters derived from the historic transaction data to match new transactions to accounts | |
| US20150262184A1 (en) | Two stage risk model building and evaluation | |
| US20220005041A1 (en) | Enhancing explainability of risk scores by generating human-interpretable reason codes | |
| CN108830443A (en) | A kind of contract review method and device | |
| CN111583018A (en) | Credit granting strategy management method and device based on user financial performance analysis and electronic equipment | |
| CN111626381A (en) | User identification method and device based on anti-migration and electronic equipment | |
| CN112347393A (en) | Fraud prediction method and device based on heterogeneous ensemble learning and electronic equipment | |
| CN113010798A (en) | Information recommendation method, information recommendation device, electronic equipment and readable storage medium | |
| CN112347392A (en) | Anti-fraud assessment method and device based on transfer learning and electronic equipment | |
| US11854018B2 (en) | Labeling optimization through image clustering | |
| CN112950347A (en) | Resource data processing optimization method and device, storage medium and terminal | |
| KR20210097204A (en) | Methods and devices for outputting information | |
| CN117009873A (en) | Method for generating payment risk identification model, and method and device for payment risk identification | |
| US20230111445A1 (en) | Neural network based methods and systems for increasing approval rates of payment transactions | |
| CN114742645B (en) | User security level identification method and device based on multi-stage time sequence multitask | |
| CN115587830A (en) | Work task excitation method and device, computer equipment and storage medium | |
| US11561963B1 (en) | Method and system for using time-location transaction signatures to enrich user profiles | |
| CN113568739A (en) | User resource limit distribution method and device and electronic equipment | |
| CN111178535A (en) | Method and device for realizing automatic machine learning | |
| US20220207409A1 (en) | Timeline reshaping and rescoring | |
| Shah et al. | Data Balancing for Credit Card Fraud Detection Using Complementary Neural Networks and SMOTE Algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Country or region after: China Address after: Room 1109, No. 4, Lane 800, Tongpu Road, Putuo District, Shanghai, 200062 Applicant after: Shanghai Qiyue Information Technology Co.,Ltd. Address before: Room a2-8914, 58 Fumin Branch Road, Hengsha Township, Chongming District, Shanghai, 201500 Applicant before: Shanghai Qiyue Information Technology Co.,Ltd. Country or region before: China |
|
| CB02 | Change of applicant information |