CN112906301B - Credible fraud detection method, system, medium and terminal for financial transaction - Google Patents
Credible fraud detection method, system, medium and terminal for financial transaction Download PDFInfo
- Publication number
- CN112906301B CN112906301B CN202110190219.2A CN202110190219A CN112906301B CN 112906301 B CN112906301 B CN 112906301B CN 202110190219 A CN202110190219 A CN 202110190219A CN 112906301 B CN112906301 B CN 112906301B
- Authority
- CN
- China
- Prior art keywords
- behavior
- individual
- trusted
- transaction
- prototype
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 81
- 230000006399 behavior Effects 0.000 claims abstract description 216
- 238000000034 method Methods 0.000 claims abstract description 48
- 238000013507 mapping Methods 0.000 claims abstract description 33
- 230000006870 function Effects 0.000 claims description 49
- 230000003542 behavioural effect Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 10
- 238000012163 sequencing technique Methods 0.000 claims description 6
- 238000010276 construction Methods 0.000 claims description 4
- 238000003860 storage Methods 0.000 claims description 4
- 230000000295 complement effect Effects 0.000 claims description 3
- 230000001419 dependent effect Effects 0.000 claims description 3
- 238000011161 development Methods 0.000 claims description 3
- 238000005259 measurement Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 description 10
- 239000013598 vector Substances 0.000 description 7
- 239000011159 matrix material Substances 0.000 description 5
- 238000013528 artificial neural network Methods 0.000 description 4
- 238000012549 training Methods 0.000 description 4
- 230000002776 aggregation Effects 0.000 description 3
- 238000004220 aggregation Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000013135 deep learning Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000007477 logistic regression Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000011524 similarity measure Methods 0.000 description 2
- 238000012706 support-vector machine Methods 0.000 description 2
- YZCKVEUIGOORGS-IGMARMGPSA-N Protium Chemical compound [1H] YZCKVEUIGOORGS-IGMARMGPSA-N 0.000 description 1
- 238000012952 Resampling Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000012512 characterization method Methods 0.000 description 1
- 238000013527 convolutional neural network Methods 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013136 deep learning model Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/20—Design optimisation, verification or simulation
- G06F30/27—Design optimisation, verification or simulation using machine learning, e.g. artificial intelligence, neural networks, support vector machines [SVM] or training a model
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
- G06Q10/06393—Score-carding, benchmarking or key performance indicator [KPI] analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/08—Insurance
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Human Resources & Organizations (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Marketing (AREA)
- General Business, Economics & Management (AREA)
- Educational Administration (AREA)
- Technology Law (AREA)
- Entrepreneurship & Innovation (AREA)
- Evolutionary Computation (AREA)
- Artificial Intelligence (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Operations Research (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Game Theory and Decision Science (AREA)
- Medical Informatics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Geometry (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a credible fraud detection method, a system, a medium and a terminal for financial transactions; the method comprises the following steps: constructing a trusted individual behavior portrait frame; depicting a preference mode of a virtual user based on the trusted individual behavior portrait frame to build a trusted individual behavior model; carrying out fraud detection on a financial transaction to be detected according to the credible individual behavior model; the invention discloses a method for modeling credible individual behaviors, which divides the credible individual behavior modeling problem into two steps, wherein the two steps are respectively realized by constructing a credible individual behavior portrait frame and a credible individual behavior portrait frame, and the credibility of an individual behavior model is ensured by defining the credible transaction description, individual credibility constraint, co-occurrence mapping, designing a credible recommendation algorithm and other technical means, so that a new thought is provided for the credible individual behavior modeling in the field of financial fraud detection, and the requirement of high-quality fraud detection is met.
Description
Technical Field
The invention relates to the technical field of Internet financial fraud detection, in particular to a credible fraud detection method, a credible fraud detection system, a credible fraud detection medium and a credible fraud detection terminal for financial transactions.
Background
The anomaly detection is a main means of financial fraud detection, and depends on effective depiction of behavior patterns behind transactions, and the behavior models can be divided into two categories, namely group behavior models and individual behavior models; the group behavior model is a coarse-grained behavior model, can effectively utilize the common information of the groups, but cannot reflect the difference between individuals; although individual behavior models can depict a finer-grained behavior pattern, the common features among individuals cannot be reflected, so that the models are not accurate enough, especially in the field of financial fraud detection, individual historical data are often scarce, and the difficulty of individual behavior modeling is further aggravated.
Most of traditional financial fraud detection methods are based on group behavior models, depend on portraits of group behavior patterns, and can be subdivided into fraud detection methods based on supervised learning and unsupervised learning according to modeling mechanisms adopted by the traditional financial fraud detection methods.
A fraud detection method based on supervised learning requires data to be provided with labels, the method divides the transaction data into different categories according to transaction data characteristics, ensures the similarity of transaction examples in the same category and simultaneously maximizes the distinguishing performance of the transaction examples among the different categories, therefore, a supervised learning model is essentially to construct a two-classifier by using the characteristics of the transaction data and data label information to distinguish legal transaction examples and fraudulent transaction examples, and the commonly used supervised learning model comprises classification methods such as logistic regression, support vector machine and artificial neural network; among them, logistic regression is the simplest linear classifier; the support vector machine can realize nonlinear classification by adopting different types of kernel functions; the artificial neural network is essentially a nonlinear function, the relevance of input and output is constructed through training, in recent years, deep learning is widely applied to fraud detection, and common supervised deep learning models comprise an Auto-Encoder (Auto-Encoder), a convolutional neural network, a cyclic neural network and the like; the data imbalance problem is a main problem faced by fraud detection based on supervised learning, and two main methods for solving the data imbalance problem are a data-based method and a model-based method respectively; the method based on data is data resampling and comprises an undersampling method and an oversampling method, and in the method based on the model, ensemble learning is an effective method and mainly comprises implementation based on a guided aggregation algorithm (Bagging) and implementation based on a Boosting method (Boosting).
The method mainly comprises the steps of mining pattern information implicit behind data, wherein logic assumption is that a fraud sample only accounts for a small part of the total amount of the data relative to a legal sample, commonly used unsupervised learning models comprise a clustering algorithm, an artificial neural network, a single-Class Classifier (One-Class Classifier), Peer-Group Analysis (Peer Group Analysis), Self-Organizing mapping (Self-Organizing Maps) and the like, in addition, deep learning is also used as an unsupervised learning model to be applied to fraud detection due to a feature learning mechanism of layer-by-layer abstraction, and the most common fraud detection method based on a deep Self-encoder is based on the basic principle that the fraud detection is realized by utilizing a reconstruction error of the Self-encoder on the sample.
In financial Transaction fraud detection based on individual behavior models, the user account is taken as an individual as default in the existing research, the adopted modeling method is mainly Transaction Aggregation (Transaction Aggregation), the final individual behavior model is represented as certain empirical distribution of Transaction attribute values, in order to improve fraud detection performance, some methods try to cluster the individual first to improve modeling accuracy by using Transaction data of similar individuals, however, in the field of financial fraud detection, due to the reasons of individual historical data scarcity, data attribute heterogeneity, label distribution imbalance, label unreliability and the like, the existing individual behavior modeling method has the credibility problem and cannot meet the requirement of high-quality fraud detection.
Disclosure of Invention
In view of the above drawbacks of the prior art, an object of the present invention is to provide a method, a system, a medium, and a terminal for detecting a financial transaction fraud, which are used to solve the problem that the existing individual behavior modeling method has a credibility problem and cannot meet the requirement of detecting a high-quality fraud.
To achieve the above and other related objects, the present invention provides a method for detecting a trusted fraud in a financial transaction, comprising the steps of: constructing a trusted individual behavior portrait frame; depicting a preference mode of a virtual user based on the trusted individual behavior portrait frame to build a trusted individual behavior model; and carrying out fraud detection on a financial transaction to be detected according to the credible individual behavior model.
In an embodiment of the present invention, the constructing a trusted individual behavior representation frame includes the following steps: dividing transaction attributes of financial transactions into context attributes and behavior attributes to obtain a context attribute set and a behavior attribute set; wherein the context attribute defines a context environment of the financial transaction; the behavioral attribute characterizes the financial transaction from a plurality of perspectives; the context attribute set comprises at least one context attribute; the behavior attribute set comprises at least one behavior attribute; the set of context attributes is denoted A c (ii) a The set of behavior attributes is denoted as A b (ii) a Acquiring an expansion individual set corresponding to each context attribute in the context attribute set; the extended individual set comprises at least one extended individual; i.e. i C Representing an extended individual, i, corresponding to the context attribute C C ∈I C ;I C Representing an extended individual set corresponding to the context attribute C; acquiring a prototype behavior set based on the behavior attribute set; the prototype behavior set comprises at least one prototype behavior; p represents the prototype behavior, p ═<v 1 ,v 2 ,...,v J >; wherein v is j ∈V j (j=1,2,...,J);V j Representing a jth of said behavior attributes; the set formed by the prototype behaviors P is the prototype behavior set P; describing the financial transaction with a tuple; the financial transaction is embodied as a co-occurrence relationship of the extended individual and the prototype behavior; the co-occurrence relationship comprises two types of co-occurrence information, which are respectively: frequency information and tag information; the frequency information refers to the co-occurrence frequency of the extended individuals and the prototype behaviors and is global information; the label information is a transaction label of the expanded individual and the prototype behavior and is local information; the tuple is denoted as τ ═<{i C ,N C |C∈Ac},ρ,l>(ii) a Wherein, L belongs to L, L represents a tag set, L is {0, 1}, 0 represents a legal transaction, and 1 represents a fraudulent transaction; n is a radical of C Indicate corresponding up and downThe frequency information of text attribute C; acquiring a behavior pattern of the expanded individual according to a tuple corresponding to the financial transaction; the behavior pattern represents the importance of the development individual and the prototype behavior in co-occurrence; the importance is noted as
Acquiring individual behavior credibility constraints based on the importance and the tuples; the individual behavior credibility constraints include: sorting conditions, scoring conditions, and adjacency conditions; and constructing the trusted individual behavior portrait framework based on the tuple and the individual behavior credibility constraint.
In one embodiment of the present invention, a tuple of the financial transaction is designated as τ 1 =<{i C ,N C,1 |C∈A c },ρ 1 ,l 1 >(ii) a Another tuple of the financial transaction is denoted as τ 2 =<{i C ,N C,2 |C∈A c },ρ 2 ,l 2 >(ii) a Wherein N is C,1 Information indicating a frequency corresponding to one of the financial transactions; n is a radical of C,2 Information indicative of a frequency corresponding to another of said financial transactions; rho 1 Representing an archetype behavior corresponding to one of the financial transactions; rho 2 Representing an archetype behavior corresponding to another of said financial transactions; l 1 A transaction tag representing a transaction corresponding to one of the financial transactions; l 2 A transaction tag representing a transaction corresponding to another of the financial transactions; the ranking condition is the comparison of the importance of the extended individuals and different prototype behavior combinations under different labels, and comprises the following steps: for C ∈ A c If l is 1 =0,l 2 =1,N C,1 Not equal to 0, then no matter N C,2 How to take values is all
For C ∈ A c If l is 1 =0,N C,1 ≠0,N C,2 When 1 is equal to 0, then 2 How to take values is all
The scoring condition is the comparison of the importance of the extended individuals and the different prototype transaction combinations under the same label, and comprises the following steps: for C ∈ A c ,l 1 =l 2 =0,N C,1 ≠0,N C,2 Not equal to 0, if N C,1 >N C,2 Then there are
For C ∈ A c ,l 1 =l 2 =1,N C,1 ≠0,N C,2 Not equal to 0, if N C,1 >N C,2 Then there are
The adjacent condition means if l 1 =l 2 =l 3 And | N C,1 -N C,2 |<|N C,1 -N C,3 If so, then for any C e A c Must satisfy the conditions
The trusted individual behavior representation frame comprises two parts: the expression form of the financial transaction satisfies tau ═<{i C ,N C |C∈A c },ρ,l>(ii) a And the behavior pattern of the expanded individual meets the individual behavior credibility constraint.
In an embodiment of the invention, the method for depicting the preference mode of the virtual user based on the trusted individual behavior representation framework includes the following steps: mapping the expanded individuals to virtual users by using a co-occurrence mapping based on the trusted individual behavior representation frame; mapping the prototype behavior to a virtual item using the co-occurrence mapping based on the trusted individual behavior representation framework; mapping the tag information and the frequency information to a virtual score using the co-occurrence mapping based on the trusted individual behavioral profile framework; the co-occurrence map is a mapping of τ of the financial transaction=<{i C ,N C |C∈A c },ρ,l>Mapped as a virtual recommendation system instance xi ═<u C ,e,r>;π C (τ) ═ ξ; wherein, pi C (i C )=u C ,π C (ρ)=e,π C (l,N C )=r;u C Representing the virtual user; e represents the virtual article; r represents the virtual score; mapping the tag information and the frequency information to the virtual score satisfies the individual behavior credibility constraint and is represented as:
wherein,
is a combination<i C ,ρ>(C∈A c ) The total frequency of co-occurrence at l-0,
is a combination<i C ,ρ>(C∈A c ) Total frequency of co-occurrence at 1; depicting the preference pattern based on the virtual user, the virtual item, and the virtual score.
In an embodiment of the present invention, characterizing the preference pattern based on the virtual user, the virtual item, and the virtual score includes the following steps: constructing a first objective function based on ranking recommendation; constructing a second objective function based on the score recommendation; and taking the scoring information as credibility measurement of the sequencing information, and combining the first objective function and the second objective function in an exponential mode to obtain a credible recommendation objective function.
In an embodiment of the present invention, constructing the first objective function based on the ranking recommendation includes the following steps: acquiring a preference event set; the preference event set is a set formed by preference events and is marked as omega C (ii) a If a virtual user u C For two virtualArticle e 1 ,e 2 Respectively, are r 1 And r 2 And one of the following conditions is satisfied: condition one, r 1 >r 2 And r is 1 >0.5,r 2 Less than 0.5; and a second condition: r is 1 >r 2 And r is 1 >0.5,r 2 When 0.5, the triplet is considered<u C ,e 1 ,e 2 >For the virtual user u C A preference event of (1); dividing the set of preference events into two complementary proper subsets, respectively:
wherein,
and is
On the corresponding co-occurrence combinations of actually occurring preference events<i C ,ρ 2 >To is that
On preference event corresponds to unreal co-occurrence combinations<i C ,ρ 2 >(ii) a Assuming that all the preference events are independent of each other, the joint probability of all the preference events is expressed as:
wherein the probability of a single preference event ω is represented as:
wherein e is a constant dependent on a subset of preference events; by setting different values for e
And
the importance of the above preference event; assuming that the virtual user preference events corresponding to different contexts are independent of each other, the first objective function is expressed as:
constructing a second objective function based on the score recommendations includes: assuming the virtual user u C The score for virtual item e is r (u) C And e), the sum of squares error is selected as the loss function, and then the second objective function is expressed as:
the trusted recommendation objective function is expressed as:
wherein gamma represents an attenuation factor, and gamma is more than 0 and less than 1.
In an embodiment of the present invention, the fraud detection of a financial transaction to be detected according to the trusted individual behavior model includes the following steps: the financial transaction to be detected is recorded as<{i C |C∈A c },ρ>According to the credible individual behavior model, the behavior pattern of the individual is specified and expanded and recorded as
Calculating the score of the financial transaction to be detected
And normalizing the score of the financial transaction to be detected, and comparing the score with a preset threshold value to obtain a fraud detection result of the financial transaction to be detected.
The invention provides a credible fraud detection system for financial transactions, which comprises: the system comprises a framework building module, a model building module and a fraud detection module; the frame construction module is used for constructing a trusted individual behavior portrait frame; the model building module is used for depicting a preference mode of a virtual user based on the trusted individual behavior portrait frame so as to build a trusted individual behavior model; and the fraud detection module is used for carrying out fraud detection on a financial transaction to be detected according to the credible individual behavior model.
The present invention provides a storage medium having stored thereon a computer program which, when executed by a processor, implements the above-described trusted fraud detection method for financial transactions.
The present invention provides a terminal, including: a processor and a memory; the memory is used for storing a computer program; the processor is configured to execute the computer program stored in the memory to cause the terminal to perform the above-described trusted fraud detection method for financial transactions.
As described above, the method, system, medium and terminal for detecting trusted fraud of financial transactions according to the present invention have the following advantages:
compared with the prior art, the credibility of the individual behavior model is ensured by defining the technical means of credible transaction description, individual credibility constraint, co-occurrence mapping, design of credible recommendation algorithm and the like, so that a new thought is provided for credible individual behavior modeling in the field of financial fraud detection, and the requirement of high-quality fraud detection is met.
Drawings
FIG. 1 is a flowchart illustrating a trusted fraud detection method for financial transactions according to an embodiment of the present invention.
FIG. 2 is a block diagram of an embodiment of a method for detecting trusted fraud in financial transactions according to the present invention.
FIG. 3 is a flowchart illustrating a preferred mode of characterizing a virtual user based on a trusted individual behavioral representation framework according to an embodiment of the present invention.
FIG. 4 is a flowchart illustrating a preference model according to an embodiment of the present invention based on virtual users, virtual objects, and virtual ratings.
FIG. 5 is a flow chart illustrating fraud detection for a financial transaction to be detected according to the trusted individual behavior model according to an embodiment of the present invention.
FIG. 6 is a block diagram of an embodiment of a trusted fraud detection system for financial transactions according to the present invention.
Fig. 7 is a schematic structural diagram of a terminal according to an embodiment of the invention.
Description of the reference symbols
61 framework building block
62 model building module
63 fraud detection module
71 processor
72 memory
S1-S3
S21-S24
Steps S241 to S243
S31-S33
Detailed Description
The following description of the embodiments of the present invention is provided by way of specific examples, and other advantages and effects of the present invention will be readily apparent to those skilled in the art from the disclosure herein. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the drawings only show the components related to the present invention rather than the number, shape and size of the components in actual implementation, and the type, quantity and proportion of the components in actual implementation may be changed freely, and the layout of the components may be more complicated.
Compared with the prior art, the credible fraud detection method, the credible fraud detection system, the medium and the terminal for financial transactions disclosed by the invention are used for solving the credibility requirement of an online payment system on fraud detection and combining the characteristics of transaction data, and the credible individual behavior modeling method is characterized in that the credible individual behavior modeling problem is divided into two steps, namely the construction of a credible individual behavior portrait frame and the implementation of the frame are respectively realized, and the credible behavior portrait frame is ensured by defining credible transaction description, individual credibility constraint, co-occurrence mapping, designing credible recommendation algorithm and other technical means, so that a new thought is provided for credible behavior modeling in the field of financial fraud detection, and the requirement of high-quality fraud detection is met.
As shown in fig. 1 and fig. 2, in one embodiment, the method for detecting trusted fraud in financial transactions of the present invention includes the following steps:
and step S1, constructing a trusted individual behavior portrait frame.
In one embodiment, the method for constructing the trusted individual behavior representation frame comprises the following steps:
dividing transaction attributes of financial transactions into context attributes and behavior attributes to obtain a context attribute set and a behavior attribute set.
It should be noted that, the attribute set a is used to describe the financial transaction, and the transaction attributes of the financial transaction can be divided into context attributes and behavior attributes according to different functions; wherein the context attribute defines the financial transactionContext environment, commonly known as user card number, merchant number, etc.; the behavior attribute characterizes the financial transaction from multiple perspectives, such as time, frequency, amount, etc. of the transaction; the context attribute set comprises at least one context attribute; the behavior attribute set comprises at least one behavior attribute; the set of context attributes is denoted A c (ii) a The set of behavior attributes is denoted as A b ;A=A c ∪A b 。
And secondly, acquiring an expansion individual set corresponding to each context attribute in the context attribute set.
It should be noted that the extended individual set includes at least one extended individual; i.e. i C Representing an extended individual, i, corresponding to the context attribute C C ∈I C ;I C Representing an extended individual set corresponding to the context attribute C; in particular, for any context attribute C ∈ A c Set of values I thereof C Defines a partition of the transaction set, and sets of values I are set accordingly C Referred to as an extended set of context attributes C.
And thirdly, acquiring a prototype behavior set based on the behavior attribute set.
It should be noted that the prototype behavior set includes at least one prototype behavior; p represents the prototype behavior, p ═<v 1 ,v 2 ,...,v J >(ii) a Wherein v is j ∈V j (j=1,2,...,J);V j Representing a jth of said behavior attributes; the set formed by the prototype behaviors P is the prototype behavior set P; specifically, assume that there are J behavior attributes, whose sets of values are respectively V j (J ═ 1, 2.. times, J), then the combination of these behavior attribute values is defined as the prototype behavior.
And fourthly, describing the financial transaction by using the tuple.
It should be noted that a financial transaction may be described by a tuple, i.e. the tuple is denoted as τ ═ t<{i C ,N C |C∈A c },ρ,l>(ii) a Where L ∈ L, L denotes a tag set, L ═ {0, 1}, 0 denotes a legitimate transaction, and 1 denotes a fraudulent transaction;N C The frequency information representing the corresponding context attribute C.
It should be noted that the financial transaction is embodied as a co-occurrence relationship between the extended individual and the prototype behavior; the co-occurrence relationship comprises two types of co-occurrence information, which are respectively: frequency information and tag information; wherein the frequency information N C The co-occurrence times of the extended individuals and the prototype behaviors are global information; the label information is a transaction label of the extended individual and the prototype behavior, and is local information specific to a financial transaction.
Fifthly, according to the tuple tau corresponding to one financial transaction<{i C ,N C |C∈A c },ρ,l>Acquiring the extended individuals i C (C∈A c ) The behavior pattern of (c).
It should be noted that the behavior pattern represents the importance of the co-occurrence of the extended individual and the prototype behavior ρ; the importance is noted as
Sixthly, in the description of credible transaction tau ═<{i C ,N C |C∈A c },ρ,l>Medium and frequency information N C Is a measure of trustworthiness of the tag information l:
(1) if l is 0, then N C The larger, the higher the trustworthiness of the transaction legitimacy,
the larger.
(2) If l is 1, then N C The larger, the higher the trustworthiness of the transaction fraud,
the smaller.
And seventhly, acquiring individual behavior credibility constraint based on the importance and the tuple.
It should be noted that the individual behavior credibility constraint includes: ordering conditions, scoring conditions, and adjacency conditions.
In one embodiment, a tuple of the financial transaction is denoted as τ 1 =<{i C ,N C,1 |C∈A c },ρ 1 ,l 1 >(ii) a Another tuple of the financial transaction is denoted as τ 2 =<{i C ,N C,2 |C∈A c },ρ 2 ,l 2 >。
Wherein N is C,1 Information indicating a frequency corresponding to one of the financial transactions; n is a radical of C,2 Information indicative of a frequency corresponding to another of said financial transactions; rho 1 Representing an archetype behavior corresponding to one of the financial transactions; rho 2 Representing an archetype behavior corresponding to another of said financial transactions; l 1 A transaction tag representing a transaction corresponding to one of the financial transactions; l 2 A transaction tag corresponding to another of the financial transactions is represented.
Wherein the ranking condition is an importance comparison of the extended individuals and different prototype behavior combinations under different labels, and comprises:
condition one, for C ∈ A c If l is 1 =0,l 2 =1,N C,1 Not equal to 0, then no matter N C,2 How to take values is all
Condition two for C ∈ A c If l is 1 =0,N C,1 ≠0,N C,2 When equal to 0, then no matter l 2 How to take values is all
The scoring condition is a comparison of the importance of the extended individuals and the different archetype transaction combinations under the same label, and comprises the following steps:
condition one, for C ∈ A c ,l 1 =l 2 =0,N C,1 ≠0,N C,2 Not equal to 0, if N C,1 >N C,2 Then there are
Condition two for C ∈ A c ,l 1 =l 2 =1,N C,1 ≠0,N C,2 Not equal to 0, if N C,1 >N C,2 Then there are
The adjacent condition means that if l 1 =l 2 =l 3 And | N C,1 -N C,2 |<|N C,1 -N C,3 If so, then for any C e A c Must satisfy the conditions
And eighthly, constructing the trusted individual behavior portrait framework based on the tuple and the individual behavior credibility constraint.
In one embodiment, the trusted individual behavioral representation framework includes two parts:
(1) the expression form of the financial transaction satisfies tau ═<{i C ,N C |C∈A c },ρ,l>。
(2) And the behavior pattern of the expanded individual meets the individual behavior credibility constraint.
The trusted individual behavior representation framework defines a description form of financial transactions and individual behavior credibility constraints, and is the basis of trusted individual behavior modeling.
And step S2, depicting a preference mode of a virtual user based on the trusted individual behavior portrait frame to build a trusted individual behavior model.
In addition, the step S2 corresponds to the step of realizing the trusted individual behavior representation frame.
It should be noted that, when a trusted individual behavior representation framework is implemented, an individual behavior modeling problem is first converted into a virtual user preference pattern characterization problem of a virtual recommendation system, and the process is completed through co-occurrence mapping.
It should be noted that, in the virtual recommendation system, an instance may be represented as a triple<u C ,e,r>Wherein
Representing a virtual user; e belongs to epsilon and represents a virtual article;
representing a virtual score.
Further, the co-occurrence mapping is to convert τ of the financial transaction to τ<{i C ,N C |C∈A c },ρ,l>Mapped as a virtual recommendation system instance xi ═<u C ,e,r>;π C (τ) ═ ξ; wherein, pi C (i C )=u C ,π C (ρ)=e,π C (l,N C )=r;u C Representing the virtual user; e represents the virtual article; r represents the virtual score.
As shown in fig. 3, in an embodiment, the method for depicting a preference pattern of a virtual user based on the trusted individual behavioral representation framework includes the following steps:
and step S21, mapping the expanded individuals to virtual users by using co-occurrence mapping based on the credible individual behavior representation frame.
And step S22, mapping the prototype behavior to a virtual article by utilizing the co-occurrence mapping based on the credible individual behavior portrait frame.
And step S23, mapping the label information and the frequency information to a virtual score by utilizing the co-occurrence mapping based on the credible individual behavior portrait frame.
It should be noted that, in the co-occurrence mapping, the mapping from the developed individuals to the virtual users and from the prototype behaviors to the virtual articles is very intuitive, but the mapping from the labels and the frequency to the virtual scores must satisfy the individual behavior credibility constraint, that is, the label information and the frequency information are mapped to the virtual scores to satisfy the individual behavior credibility constraint, and expressed as:
wherein,
is a combination<i C ,ρ>(C∈A c ) The total frequency of co-occurrence at l-0,
is a combination<i C ,ρ>(C∈A c ) Total frequency of co-occurrence at l ═ 1.
It should be noted that the execution sequence of the steps S21 to S23 is not limited to the present invention, as long as the virtual user, the virtual item and the virtual score are obtained after the steps S21 to S23.
Step S24, depicting the preference mode based on the virtual user, the virtual item and the virtual score.
It should be noted that, in order to effectively depict the preference mode of the virtual user, the invention designs a credible recommendation algorithm for collaborative transaction sequencing and scoring.
As shown in fig. 4, in an embodiment, characterizing the preference pattern based on the virtual user, the virtual object, and the virtual score includes the following steps:
and step S241, constructing a first objective function based on the sequencing recommendation.
In one embodiment, constructing the first objective function based on the ranked recommendations comprises the steps of:
a set of preference events is obtained.
It should be noted that the preference event set is a set composed of preference events, and is denoted as Ω C (ii) a If a virtual user u C For two virtual articles e 1 ,e 2 Respectively, are r 1 And r 2 And one of the following conditions is satisfied: condition one, r 1 >r 2 And r is 1 >0.5,r 2 Less than 0.5; and a second condition: r is a radical of hydrogen 1 >r 2 And r is 1 >0.5,r 2 If 0.5, the triplet is considered<u C ,e 1 ,e 2 >For the virtual user u C A preference event.
Dividing the set of preference events into two complementary proper subsets, respectively:
wherein,
and is
On the corresponding co-occurrence combinations of actually occurring preference events<i C ,ρ 2 >To do so
Corresponding to unreal co-occurrence combinations of preference events<i C ,ρ 2 >。
Assuming that all the preference events are independent of each other, the joint probability of all the preference events is expressed as:
wherein the probability of a single preference event ω is represented as:
wherein e is a constant dependent on a subset of preference events; by setting different values for e
And
upper importance of preference event.
Further assuming that the virtual user preference events corresponding to different contexts are independent of each other, the first objective function is expressed as:
and step S242, constructing a second objective function recommended based on the scores.
In one embodiment, constructing the second objective function based on the score recommendation includes: given a context attribute C ∈ A c Assuming said virtual user u C The score for virtual item e is r (u) C And e), the sum of squares error is selected as the loss function, and then the second objective function is expressed as:
it should be noted that, the execution sequence of the step S241 and the step S242 is not limited to the present invention, and the step S241 may be executed first and then the step S242 may be executed, or the step S242 may be executed first and then the step S241 may be executed, or of course, the step S241 and the step S242 may be executed simultaneously, as long as it is ensured that the first objective function and the second objective function can be obtained after the step S241 and the step S242.
And S243, taking the grading information as credibility measurement of the sequencing information, and combining the first objective function and the second objective function in an exponential mode to obtain a credible recommended objective function.
In one embodiment, the trusted recommendation objective function is represented as:
wherein gamma represents an attenuation factor, gamma is more than 0 and less than 1, and is used for controlling the influence of the scoring on the sequencing, and the physical meaning of the method is that the influence of the co-occurrence frequency information is controlled through gamma on the credibility of the label information; if γ is assumed to be 0, the frequency information has no influence on the credibility of the tag at all; the larger the value of γ, the greater this effect.
It should be noted that, the credibility of the behavior profiling method is ensured based on the behavior modeling of the combined objective function.
Further, in order to instantiate a preference pattern of a virtual user, an Embedding (Embedding) -based method is adopted to parameterize the behavior model of the trusted individual, and attribute Embedding and virtual user Embedding are respectively defined.
The attribute embedding means that for each behavior attribute B, the attribute is embedded j ∈A b (J1, 2.. times.j), its attribute value is initialized randomly
Mapped as a point in a d-dimensional vector space to obtain its vectorized representation, i.e.
It should be noted that, on the basis of attribute embedding, a virtual article is subjected to
The embedded expression of each attribute value is arranged in the form of column vector, so that the corresponding embedded matrix can be obtained, and is marked as A e In the specific form of
And is provided with
The virtual user embedding means that the virtual user u is embedded in the virtual user C (C∈A c ) Embedding the vector space with random initialization
In the method, a corresponding preference matrix is obtained
Note that the virtual user u C The preference matrix of (a) contains J columns, and the meaning of J (J1, 2.. gth, J) can be understood as the personalized preference pattern of the virtual user for the J th behavior attribute value of the virtual object.
Further, virtual user u may be expressed based on the embedded representation of the virtual item and the virtual user C (C∈A c ) Is parameterized as the following mathematical expression:
where the function g (x, y) is a similarity measure for the parameters x and y.
Assuming that the J behavioral attributes of the user characterizing the transaction are equally important and the inner product of the vectors is used as the similarity measure method, the right side of the above equation can be expanded to the following mathematical expression:
wherein,
and
respectively representing personalized preference matrices
And virtual article embedding matrix A e The jth column vector of (2).
For the above trusted recommendation objective function:
taking negative logarithm at the two sides of the training target function simultaneously to obtain equivalent training target function:
wherein,
representing a set of model parameters, note that here the two-norm regularization term of the parameters is used to prevent the overfitting phenomenon.
It should be noted that the optimal parameter set is obtained by minimizing the objective function, and the method is as follows:
it should be noted that, in order to perform objective function optimization by using a statistical gradient descent (Stochastic gradientdescnter) algorithm, the gradient of the objective function to the model parameter needs to be calculated.
For context C (C ∈ A) c ) Random event of<u C ,e p ,e q >Suppose that
And
respectively being virtual articles e p And e q The J (J ═ 1, 2.., J) th column vector of the embedding matrix, defines the following variables:
wherein, I (x) is an indication function, and when x ≧ 0, I (x) is 1, otherwise f (x) is-1.
Based on the above defined variables, the gradient of the objective function to the relevant parameter is calculated as:
after the gradient is calculated, for any model parameter theta epsilon theta, the updating mode in the training is as follows:
where η is the learning rate, which determines the iteration step size of the algorithm.
It should be noted that, the specific steps of the credible recommendation algorithm based on the statistical gradient descent are shown in algorithm 1:
and step S3, carrying out fraud detection on a financial transaction to be detected according to the credible individual behavior model.
It should be noted that, after the description of the preference mode of the virtual user is completed through the above steps S241 to S243 according to the trusted recommendation algorithm, vector representations of the virtual user and the virtual article can be obtained, so as to implement fraud detection on the financial transaction to be detected.
As shown in fig. 5, in one embodiment, the fraud detection on a financial transaction to be detected according to the trusted individual behavior model includes the following steps:
and step S31, the behavior mode of the individual is specifically expanded according to the credible individual behavior model.
In particular, the financial transaction to be detected is recorded<{i C |C∈A c },ρ>The corresponding extended individual behavior pattern is recorded as
And step S32, calculating the score of the financial transaction to be detected.
In particular, the score is recorded as
It should be noted that, as shown in algorithm 2, it is a normalization way to convert the financial transaction score to be detected into its ranking ratio in the reference transaction score.
Step S33, the score of the financial transaction to be detected is normalized and compared with a preset threshold value to obtain the fraud detection result of the financial transaction to be detected.
Specifically, the normalized score P (τ) is compared with a preset threshold value set in advance
And comparing to obtain a fraud detection result.
It should be noted that if
Determining the corresponding transaction as legitimate; if it is not
The corresponding transaction is determined to be fraudulent(ii) a Obviously by adjusting
Can obtain different determination results according to the value of (c),
the choice of (A) depends on the actual application requirements, in general, when
When the fraud detection precision is increased, the fraud detection precision is reduced, and the recall rate is increased; on the contrary, when
As it becomes smaller, the accuracy of fraud detection will increase and recall will decrease.
It should be noted that the protection scope of the trusted fraud detection method for financial transactions according to the present invention is not limited to the execution sequence of the steps listed in this embodiment, and all the solutions implemented by adding or subtracting steps and replacing steps according to the principles of the present invention are included in the protection scope of the present invention.
As shown in fig. 6, in an embodiment of the present invention, the trusted fraud detection system for financial transactions includes a framework building module 61, a model building module 62, and a fraud detection module 63.
The frame construction module 61 is used for constructing a trusted individual behavior representation frame.
The model building module 62 is configured to depict a preference model of a virtual user based on the trusted individual behavior representation frame to build a trusted individual behavior model.
The fraud detection module 63 is configured to perform fraud detection on a financial transaction to be detected according to the trusted individual behavior model.
It should be noted that the structures and principles of the framework building module 61, the model building module 62, and the fraud detection module 63 correspond to the steps in the above trusted fraud detection method for financial transactions one by one, and therefore are not described herein again.
It should be noted that the division of the modules of the above system is only a logical division, and the actual implementation may be wholly or partially integrated into one physical entity, or may be physically separated. And these modules can be realized in the form of software called by processing element; or can be implemented in the form of hardware; and part of the modules can be realized in the form of calling software by the processing element, and part of the modules can be realized in the form of hardware. For example, the x module may be a processing element that is set up separately, or may be implemented by being integrated in a chip of the system, or may be stored in a memory of the system in the form of program code, and the function of the x module may be called and executed by a processing element of the system. Other modules are implemented similarly. In addition, all or part of the modules can be integrated together or can be independently realized. The processing element described herein may be an integrated circuit having signal processing capabilities. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in the form of software.
For example, the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more Application Specific Integrated Circuits (ASICs), or one or more Digital Signal Processors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs), etc. For another example, when one of the above modules is implemented in the form of a Processing element scheduler code, the Processing element may be a general-purpose processor, such as a Central Processing Unit (CPU) or other processor capable of calling program code. For another example, these modules may be integrated together and implemented in the form of a System-On-a-Chip (SOC).
The storage medium of the present invention has stored thereon a computer program which, when executed by a processor, implements the above-described method of trusted fraud detection for financial transactions. The storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic disk, U-disk, memory card, or optical disk.
As shown in fig. 7, the terminal of the present invention includes a processor 71 and a memory 72.
The memory 72 is used for storing computer programs; preferably, the memory 72 includes: various media that can store program codes, such as ROM, RAM, magnetic disk, U-disk, memory card, or optical disk.
The processor 71 is connected to the memory 72 and is configured to execute the computer program stored in the memory 72 to enable the terminal to execute the above-mentioned trusted fraud detection method for financial transactions.
Preferably, the Processor 71 may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, or discrete hardware components.
It should be noted that the trusted fraud detection system for financial transactions of the present invention can implement the trusted fraud detection method for financial transactions of the present invention, but the implementation apparatus of the trusted fraud detection method for financial transactions of the present invention includes but is not limited to the structure of the trusted fraud detection system for financial transactions recited in this embodiment, and all structural modifications and substitutions in the prior art made according to the principles of the present invention are included in the protection scope of the present invention.
In summary, compared with the prior art, the invention discloses a credible individual behavior modeling method aiming at the credibility requirement of an online payment system on fraud detection and combining the characteristics of transaction data, and the method divides the credible individual behavior modeling problem into two steps, namely constructing a credible individual behavior image frame and realizing the frame respectively, and ensures the credibility of an individual behavior model by defining the credible transaction description, individual credibility constraint, co-occurrence mapping, designing a credible recommendation algorithm and other technical means, thereby providing a new idea for credible individual behavior modeling in the field of financial fraud detection and meeting the requirement of high-quality fraud detection; therefore, the invention effectively overcomes various defects in the prior art and has high industrial utilization value.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Those skilled in the art can modify or change the above-described embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.
Claims (9)
1. A method for detecting trusted fraud in financial transactions, comprising the steps of:
constructing a trusted individual behavior portrait frame; the method for constructing the trusted individual behavior portrait frame comprises the following steps:
dividing transaction attributes of financial transactions into context attributes and behavior attributes to obtain a context attribute set and a behavior attribute set; wherein the context attribute defines a context environment of the financial transaction; the behavioral attribute characterizes the financial transaction from a plurality of perspectives; the context attribute set comprises at least one context attribute; the behavior attribute set comprises at least one behavior attribute; the set of context attributes is denoted A c (ii) a The set of behavioral attributes is denoted A b ;
Acquiring an expansion individual set corresponding to each context attribute in the context attribute set; the extended individual set comprises at least one extended individual; i.e. i C Representing an extended individual, i, corresponding to the context attribute C C ∈I C ;I C Representing an extended individual set corresponding to the context attribute C;
acquiring a prototype behavior set based on the behavior attribute set; what is needed isThe prototype behavior set comprises at least one prototype behavior; p represents the prototype behavior, p ═<v 1 ,v 2 ,...,v J >(ii) a Wherein v is j ∈V j (j=1,2,...,J);V j Representing the jth of said behavior attributes; the set formed by the prototype behaviors P is the prototype behavior set P;
describing the financial transaction with a tuple; the financial transaction is embodied as a co-occurrence relationship of the extended individual and the prototype behavior; the co-occurrence relationship comprises two types of co-occurrence information, which are respectively: frequency information and tag information; the frequency information refers to the co-occurrence frequency of the extended individuals and the prototype behaviors and is global information; the label information is a transaction label of the expanded individual and the prototype behavior and is local information; the tuple is denoted as τ ═<{i C ,N C |C∈A c },ρ,l>(ii) a Wherein L belongs to L, L represents a tag set, L is {0, 1}, 0 represents a legal transaction, and 1 represents a fraudulent transaction; n is a radical of C The frequency information representing the corresponding context attribute C;
acquiring a behavior pattern of the expanded individual according to a tuple corresponding to the financial transaction; the behavior pattern represents the importance of the development individual and the prototype behavior in co-occurrence; the importance is noted as
Acquiring individual behavior credibility constraints based on the importance and the tuples; the individual behavior credibility constraints include: sorting conditions, scoring conditions, and adjacency conditions;
constructing the trusted individual behavior representation frame based on the tuple and the individual behavior credibility constraint;
depicting a preference mode of a virtual user based on the trusted individual behavior portrait frame to build a trusted individual behavior model;
and carrying out fraud detection on a financial transaction to be detected according to the credible individual behavior model.
2. The method of claim 1, wherein the financial transaction is conducted in a trusted fraud detection system,
a tuple of said financial transaction is denoted as τ 1 =<{i C ,N C,1 |C∈A c },ρ 1 ,l 1 >;
Another tuple of the financial transaction is denoted as τ 2 =<{i C ,N C,2 |C∈A c },ρ 2 ,l 2 >;
Wherein N is C,1 Information indicating a frequency corresponding to one of the financial transactions; n is a radical of C,2 Information indicative of a frequency corresponding to another of said financial transactions; rho 1 Representing a prototype behavior corresponding to one of the financial transactions; ρ is a unit of a gradient 2 Representing an archetype behavior corresponding to another of said financial transactions; l. the 1 A transaction tag representing a transaction corresponding to one of the financial transactions; l 2 A transaction tag representing a transaction corresponding to another of the financial transactions;
the ranking condition is a comparison of the importance of the extended individuals and the different prototype behaviors under different labels, and comprises the following steps:
for C ∈ A c If l is 1 =0,l 2 =1,N C,1 Not equal to 0, then no matter N C,2 How to take values is all
For C ∈ A c If l is 1 =0,N C,1 ≠0,N C,2 When 1 is equal to 0, then 2 How to take values is all
The scoring condition is the comparison of the importance of the extended individuals and different prototype behaviors under the same label, and comprises the following steps:
for C ∈ A c ,l 1 =l 2 =0,N C,1 ≠0,N C,2 Not equal to 0, if N C,1 >N C,2 Then there are
For C ∈ A c ,l 1 =l 2 =1,N C,1 ≠0,N C,2 Not equal to 0, if N C,1 >N C,2 Then there are
The adjacent condition means if l 1 =l 2 =l 3 And | N C,1 -N C,2 |<|N C,1 -N C,3 If so, then for any C e A c Must satisfy the conditions
The trusted individual behavior representation frame comprises two parts:
the expression form of the financial transaction satisfies tau ═<{i C ,N C |C∈A c },ρ,l>;
And the behavior pattern of the expanded individual meets the individual behavior credibility constraint.
3. The method of claim 2, wherein characterizing a preference pattern of a virtual user based on the trusted individual behavioral representation framework comprises:
mapping the expanded individuals to virtual users by using a co-occurrence mapping based on the trusted individual behavior representation frame;
mapping the prototype behavior to a virtual item using the co-occurrence mapping based on the trusted individual behavior representation framework;
mapping the tag information and the frequency information to a virtual score using the co-occurrence mapping based on the trusted individual behavioral profile framework; the co-occurrence mapping is to map the co-occurrenceτ of financial transaction<{i C ,N C |C∈A c },ρ,l>Mapping to a virtual recommendation system instance ξ ═ u C ,e,r>;π C (τ) ═ ξ; wherein, pi C (i C )=u C ,π C (ρ)=e,π C (l,N C )=r;u C Representing the virtual user; e represents the virtual article; r represents the virtual score; mapping the tag information and the frequency information to the virtual score satisfies the individual behavior credibility constraint and is represented as:
wherein,
is a combination<i C ,ρ>(C∈A c ) The total frequency of co-occurrence at l-0,
is a combination<i C ,ρ>(C∈A c ) Total frequency of co-occurrence at 1;
depicting the preference pattern based on the virtual user, the virtual item, and the virtual score.
4. The method of claim 3, wherein characterizing the preference pattern based on the virtual user, the virtual item, and the virtual score comprises:
constructing a first objective function based on ranking recommendation;
constructing a second objective function based on the grading recommendation;
and taking the scoring information as credibility measurement of the sequencing information, and combining the first objective function and the second objective function in an exponential mode to obtain a credible recommendation objective function.
5. The method of claim 4, wherein constructing the first objective function based on the ranked recommendations comprises:
acquiring a preference event set; the preference event set is a set formed by preference events and is marked as omega C (ii) a If a virtual user u C For two virtual articles e 1 ,e 2 Respectively, are r 1 And r 2 And one of the following conditions is satisfied: condition one, r 1 >r 2 And r is 1 >0.5,r 2 Less than 0.5; and a second condition: r is 1 >r 2 And r is 1 >0.5,r 2 When 0.5, the triplet is considered<u C ,e 1 ,e 2 >For the virtual user u C A preference event of (1);
dividing the set of preference events into two complementary proper subsets, respectively:
wherein,
eyes of a user
On the corresponding co-occurrence combinations of actually occurring preference events<i C ,ρ 2 >To do so
Corresponding to unreal co-occurrence combinations of preference events<i C ,ρ 2 >;
Assuming that all the preference events are independent of each other, the joint probability of all the preference events is expressed as:
wherein the probability of a single preference event ω is represented as:
wherein e is a constant dependent on a subset of preference events; by setting different values for e
And
the importance of the above preference event;
assuming that the virtual user preference events corresponding to different contexts are independent of each other, the first objective function is expressed as:
constructing a second objective function based on the score recommendations includes:
assuming the virtual user u C The score for virtual item e is r (u) C And e), the sum of squares error is selected as the loss function, and then the second objective function is expressed as:
the trusted recommendation objective function is expressed as:
wherein gamma represents an attenuation factor, and gamma is more than 0 and less than 1.
6. The method of claim 1, wherein the fraud detection of a financial transaction to be detected according to the trusted individual behavior model comprises the following steps:
the financial transaction to be detected is recorded as<{i C |C∈A c },ρ>According to the credible individual behavior model, the behavior pattern of the individual is specified and expanded and recorded as
Calculating the score of the financial transaction to be detected
And normalizing the score of the financial transaction to be detected, and comparing the score with a preset threshold value to obtain a fraud detection result of the financial transaction to be detected.
7. A trusted fraud detection system for financial transactions, comprising: the system comprises a framework building module, a model building module and a fraud detection module;
the frame construction module is used for constructing a trusted individual behavior portrait frame; the method for constructing the trusted individual behavior portrait frame comprises the following steps:
dividing transaction attributes of financial transactions into context attributes and behavior attributes to obtain a context attribute set and a behavior attribute set; wherein the context attribute defines a context environment of the financial transaction; the behavioral attribute characterizes the financial transaction from a plurality of perspectives; the context attribute set comprises at least one context attribute; the behavior attribute set comprises at least one behavior attribute; the set of context attributes is denoted A c (ii) a The set of behavioral attributes is denoted A b ;
Acquiring an expansion individual set corresponding to each context attribute in the context attribute set; the extended individual set comprises at least one extended individual; i.e. i C Representing an extended individual, i, corresponding to the context attribute C C ∈I C ;I C Representing an extended individual set corresponding to the context attribute C;
acquiring a prototype behavior set based on the behavior attribute set; the prototype behavior set comprises at least one prototype behavior; p represents the prototype behavior, p ═<v 1 ,v 2 ,...,v J >(ii) a Wherein v is j ∈V j (j=1,2,...,J);V j Representing the jth of said behavior attributes; the set formed by the prototype behaviors P is the prototype behavior set P;
describing the financial transaction with a tuple; the financial transaction is embodied as a co-occurrence relationship of the extended individual and the prototype behavior; the co-occurrence relationship comprises two types of co-occurrence information, which are respectively: frequency information and tag information; the frequency information refers to the co-occurrence frequency of the extended individuals and the prototype behaviors and is global information; the label information is a transaction label of the expanded individual and the prototype behavior and is local information; the tuple is denoted as τ ═<{i C ,N C |C∈A c },ρ,l>(ii) a Wherein L belongs to L, L represents a tag set, L is {0, 1}, 0 represents a legal transaction, and 1 represents a fraudulent transaction; n is a radical of C The frequency information representing the corresponding context attribute C;
acquiring a behavior pattern of the expanded individual according to a tuple corresponding to the financial transaction; the behavior pattern represents the importance of the development individual and the prototype behavior in co-occurrence; the importance is noted as
Acquiring individual behavior credibility constraints based on the importance and the tuples; the individual behavior credibility constraints include: sorting conditions, scoring conditions, and adjacency conditions;
constructing the trusted individual behavior representation frame based on the tuple and the individual behavior credibility constraint;
the model building module is used for depicting a preference mode of a virtual user based on the trusted individual behavior portrait frame so as to build a trusted individual behavior model;
and the fraud detection module is used for carrying out fraud detection on a financial transaction to be detected according to the credible individual behavior model.
8. A storage medium having stored thereon a computer program, characterized in that the computer program, when executed by a processor, implements a method of trusted fraud detection of financial transactions according to any of claims 1 to 6.
9. A terminal, comprising: a processor and a memory;
the memory is used for storing a computer program;
the processor is configured to execute the memory-stored computer program to cause the terminal to perform the trusted fraud detection method of a financial transaction of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110190219.2A CN112906301B (en) | 2021-02-18 | 2021-02-18 | Credible fraud detection method, system, medium and terminal for financial transaction |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110190219.2A CN112906301B (en) | 2021-02-18 | 2021-02-18 | Credible fraud detection method, system, medium and terminal for financial transaction |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112906301A CN112906301A (en) | 2021-06-04 |
| CN112906301B true CN112906301B (en) | 2022-08-09 |
Family
ID=76123822
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110190219.2A Active CN112906301B (en) | 2021-02-18 | 2021-02-18 | Credible fraud detection method, system, medium and terminal for financial transaction |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112906301B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111242744A (en) * | 2020-01-16 | 2020-06-05 | 东华大学 | Individual behavior modeling and fraud detection method for low-frequency transaction |
| CN111415167A (en) * | 2020-02-19 | 2020-07-14 | 同济大学 | Network fraud transaction detection method and device, computer storage medium and terminal |
| CN111539733A (en) * | 2020-04-16 | 2020-08-14 | 同济大学 | Fraud transaction identification method, system and device based on whole-center loss function |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109754258B (en) * | 2018-12-24 | 2023-05-12 | 同济大学 | Online transaction fraud detection method based on individual behavior modeling |
| CN109829721B (en) * | 2019-02-13 | 2023-06-06 | 同济大学 | Online transaction multi-subject behavior modeling method based on heterogeneous network characterization learning |
-
2021
- 2021-02-18 CN CN202110190219.2A patent/CN112906301B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111242744A (en) * | 2020-01-16 | 2020-06-05 | 东华大学 | Individual behavior modeling and fraud detection method for low-frequency transaction |
| CN111415167A (en) * | 2020-02-19 | 2020-07-14 | 同济大学 | Network fraud transaction detection method and device, computer storage medium and terminal |
| CN111539733A (en) * | 2020-04-16 | 2020-08-14 | 同济大学 | Fraud transaction identification method, system and device based on whole-center loss function |
Non-Patent Citations (3)
| Title |
|---|
| WEB:一种基于网络嵌入的互联网借贷欺诈预测方法;王成等;《大数据》(第06期);全文 * |
| 一种面向网络支付反欺诈的自动化特征工程方法;王成等;《计算机学报》;20201015(第10期);全文 * |
| 金融交易风险监控平台的相关技术研究;赵文瑜等;《电子测试》;20160905(第17期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112906301A (en) | 2021-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ren et al. | Semi-supervised deep embedded clustering | |
| Benchaji et al. | Using genetic algorithm to improve classification of imbalanced datasets for credit card fraud detection | |
| Lin et al. | Multi-label feature selection with streaming labels | |
| CN109522435B (en) | Image retrieval method and device | |
| Kuo et al. | An application of a metaheuristic algorithm-based clustering ensemble method to APP customer segmentation | |
| CN113313208A (en) | Object clustering method and system | |
| Cardoso et al. | Financial credit analysis via a clustering weightless neural classifier | |
| Li et al. | Heterogeneous ensemble learning with feature engineering for default prediction in peer-to-peer lending in China | |
| CN107622326B (en) | User classification and available resource prediction method, device and equipment | |
| Yu et al. | Control chart recognition based on the parallel model of CNN and LSTM with GA optimization | |
| US11783252B1 (en) | Apparatus for generating resource allocation recommendations | |
| Liu et al. | Novel evolutionary multi-objective soft subspace clustering algorithm for credit risk assessment | |
| Liu et al. | Illustration design model with clustering optimization genetic algorithm | |
| Bhavatarini et al. | Deep learning: Practical approach | |
| CN116862078B (en) | Method, system, device and medium for predicting overdue of battery-change package user | |
| US20230334742A1 (en) | Apparatus, system, and method for generating a video avatar | |
| CN113656707A (en) | Financing product recommendation method, system, storage medium and equipment | |
| CN112906301B (en) | Credible fraud detection method, system, medium and terminal for financial transaction | |
| CN116151857A (en) | Marketing model construction method and device | |
| CN110837853A (en) | Rapid classification model construction method | |
| US20230124258A1 (en) | Embedding optimization for machine learning models | |
| CN114757581A (en) | Financial transaction risk assessment method and device, electronic equipment and computer readable medium | |
| CN115344794A (en) | Scenic spot recommendation method based on knowledge map semantic embedding | |
| CN113554099A (en) | Method and device for identifying abnormal commercial tenant | |
| CN118505398B (en) | Asset processing traceability method and system based on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |