CN113344453A - Risk monitoring method, device, system, storage medium and equipment - Google Patents

Risk monitoring method, device, system, storage medium and equipment Download PDF

Info

Publication number
CN113344453A
CN113344453A CN202110757389.4A CN202110757389A CN113344453A CN 113344453 A CN113344453 A CN 113344453A CN 202110757389 A CN202110757389 A CN 202110757389A CN 113344453 A CN113344453 A CN 113344453A
Authority
CN
China
Prior art keywords
model
request data
risk
wind control
rule
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110757389.4A
Other languages
Chinese (zh)
Inventor
向钊豫
吴红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Original Assignee
Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Happly Sunshine Interactive Entertainment Media Co Ltd filed Critical Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Priority to CN202110757389.4A priority Critical patent/CN113344453A/en
Publication of CN113344453A publication Critical patent/CN113344453A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0639Performance analysis of employees; Performance analysis of enterprise or organisation operations
    • G06Q10/06393Score-carding, benchmarking or key performance indicator [KPI] analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Entrepreneurship & Innovation (AREA)
  • General Physics & Mathematics (AREA)
  • Economics (AREA)
  • Data Mining & Analysis (AREA)
  • Educational Administration (AREA)
  • Marketing (AREA)
  • Development Economics (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Mathematical Physics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Molecular Biology (AREA)
  • General Health & Medical Sciences (AREA)
  • Evolutionary Computation (AREA)
  • Game Theory and Decision Science (AREA)
  • Computational Linguistics (AREA)
  • Biophysics (AREA)
  • Biomedical Technology (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application discloses a risk monitoring method, a risk monitoring device, a risk monitoring system, a storage medium and a risk monitoring device, wherein the corresponding relation between an event type and a wind control model is configured in advance. And under the condition of receiving request data sent from the outside, analyzing the request data to obtain the type of the target event. And determining a wind control model corresponding to the target event type based on the corresponding relation. And if the corresponding wind control model is the regular model, acquiring a request result of the request data, and inputting the request result into the regular model to obtain the risk level. And if the corresponding wind control model is an intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score. The rule model can realize the configuration of dynamic rules (namely risk rules) and take effect in real time, and the rule model is combined with the intelligent model, so that the workload of manual review can be effectively reduced compared with the prior art. And moreover, the risk assessment is carried out by using the intelligent model, so that the reliability is higher.

Description

Risk monitoring method, device, system, storage medium and equipment
Technical Field
The present application relates to the field of big data processing technologies, and in particular, to a risk monitoring method, apparatus, system, storage medium, and device.
Background
Risk monitoring has always been an important module required for each business item (e.g., activity class, user-generated content class). According to the traditional risk monitoring scheme, risk data are processed mainly through key word filtering, blacklist, rule, manual auditing and the like. However, the conventional risk monitoring scheme often takes a long time to configure the risk rule, and needs to check the risk data manually, so that the reliability of risk assessment is low, and the labor cost is too high.
Therefore, how to improve the reliability of risk assessment under the condition of controllable labor cost becomes a problem to be solved urgently in the field.
Disclosure of Invention
The application provides a risk monitoring method, a risk monitoring device, a risk monitoring system, a storage medium and a risk monitoring device, and aims to improve the reliability of risk assessment under the condition that the labor cost is controllable.
In order to achieve the above object, the present application provides the following technical solutions:
a risk monitoring method, comprising:
presetting a corresponding relation between an event type and a wind control model; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
under the condition of receiving request data sent from the outside, analyzing the request data to obtain a target event type;
determining a wind control model corresponding to the target event type based on the corresponding relation;
if the wind control model corresponding to the target event type is the rule model, acquiring a request result of the request data, and inputting the request result into the rule model to obtain a risk level output by the rule model;
and if the wind control model corresponding to the target event type is the intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model.
Optionally, if the wind control model corresponding to the target event type is the rule model, obtaining a request result of the request data includes:
asynchronously writing each request data sent from the outside into a preset message queue in advance;
performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field;
taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
and if the wind control model corresponding to the target event type is the rule model, reading a request result of the request data from the database.
Optionally, after the inputting the request result into the rule model and obtaining the risk level output by the rule model, the method further includes:
and prompting the user that the requested data has risks under the condition that the risk level output by the rule model is greater than a preset level.
Optionally, after the vector is input into the intelligent model and a risk score output by the intelligent model is obtained, the method further includes:
and prompting the user that the requested data has risks under the condition that the risk score output by the intelligent model is larger than a preset threshold value.
A risk monitoring device comprising:
the configuration unit is used for configuring the corresponding relation between the event type and the wind control model in advance; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
the analysis unit is used for analyzing the request data to obtain a target event type under the condition of receiving the request data sent from the outside;
the determining unit is used for determining a wind control model corresponding to the target event type based on the corresponding relation;
the first evaluation unit is used for acquiring a request result of the request data if the wind control model corresponding to the target event type is the rule model, and inputting the request result into the rule model to obtain the risk level output by the rule model;
and the second evaluation unit is used for embedding the request data to obtain a vector if the wind control model corresponding to the target event type is the intelligent model, and inputting the vector into the intelligent model to obtain the risk score output by the intelligent model.
Optionally, the first evaluation unit is specifically configured to:
asynchronously writing each request data sent from the outside into a preset message queue in advance;
performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field;
taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
and if the wind control model corresponding to the target event type is the rule model, reading a request result of the request data from the database.
Optionally, the method further includes:
the prompting unit is used for prompting a user that the requested data has risks under the condition that the risk level output by the rule model is greater than a preset level;
the prompting unit is further used for prompting the user that the requested data has risks under the condition that the risk score output by the intelligent model is larger than a preset threshold value.
A risk monitoring system comprising:
the system comprises a management background, a big data processing module and a decision engine;
the management background is used for configuring the corresponding relation between the event type and the wind control model; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
the big data processing module is used for asynchronously writing each request data sent from the outside into a preset message queue in advance; performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field; taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
the decision engine is used for analyzing the request data to obtain a target event type under the condition of receiving the request data sent from the outside; determining a wind control model corresponding to the target event type based on the corresponding relation; if the wind control model corresponding to the target event type is the rule model, acquiring a request result of the request data, and inputting the request result into the rule model to obtain a risk level output by the rule model; and if the wind control model corresponding to the target event type is the intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model.
A computer-readable storage medium comprising a stored program, wherein the program performs the risk monitoring method.
A risk monitoring device comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is used for storing a program, and the processor is used for executing the program, wherein the risk monitoring method is executed when the program runs.
According to the technical scheme, the corresponding relation between the event type and the wind control model is configured in advance. The wind control model comprises a regular model and an intelligent model. The rule model is constructed based on a preset corresponding relation between the risk rule and the risk level. The intelligent model is obtained by training based on the fact that a training sample is used as input of a convolutional neural network, and risk scores of the pre-labeled training sample are used as training targets, the training sample comprises a vector sample, and the vector sample is obtained by embedding sample request data. And under the condition of receiving request data sent from the outside, analyzing the request data to obtain the type of the target event. And determining a wind control model corresponding to the target event type based on the corresponding relation. And if the wind control model corresponding to the target event type is a regular model, acquiring a request result of the request data, and inputting the request result into the regular model to obtain the risk level output by the regular model. And if the wind control model corresponding to the target event type is an intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model. The rule model can realize the configuration of dynamic rules (namely risk rules) and take effect in real time, and the rule model is combined with the intelligent model, so that compared with the prior art, the manual auditing workload can be effectively reduced, and the labor cost is reduced. Moreover, risk assessment is carried out by using the intelligent model, so that more secret risks can be effectively prevented, and the reliability is higher. Therefore, by the scheme, the reliability of risk assessment can be improved under the condition that the labor cost is controllable.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1a is a schematic diagram of an architecture of a risk monitoring system according to an embodiment of the present application;
FIG. 1b is a schematic diagram of a default interface provided in an embodiment of the present application;
FIG. 1c is a schematic diagram illustrating a correspondence between configuration event types and wind control models according to an embodiment of the present application;
FIG. 1d is a schematic diagram of a big data processing flow provided in the application example;
FIG. 1e is a schematic diagram of another big data processing flow provided in the application example;
FIG. 1f is a schematic representation of a risk score provided in an embodiment of the application;
FIG. 1g is a schematic diagram of a risk decision provided in an embodiment of the application;
FIG. 1h is a schematic diagram illustrating a risk monitoring system according to an embodiment of the present application;
fig. 2 is a schematic diagram of a risk monitoring method according to an embodiment of the present application;
FIG. 3 is a schematic diagram of another risk monitoring method provided in the embodiments of the present application;
fig. 4 is a schematic structural diagram of a risk monitoring apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
As shown in fig. 1a, an architecture diagram of a risk monitoring system provided in the embodiment of the present application includes:
management backend 100, big data processing module 200, and decision engine 300.
And the management background 100 is used for configuring the corresponding relation between the event type and the wind control model.
Event types (eventcode) are common general knowledge familiar to those skilled in the art and include, but are not limited to: login behavior, registration behavior, transaction behavior, and the like. The wind control model includes a rule model and an intelligent model (an artificial intelligence algorithm, hereinafter referred to as ai model).
The rule model is pre-constructed based on the preset corresponding relationship between the risk rule and the risk level, and the risk rule is common knowledge familiar to those skilled in the art, including but not limited to: system rules, counting rules, and blacklists, among others.
The ai model is obtained by training based on the training sample as the input of the convolutional neural network and the risk score of the pre-labeled training sample as the training target. The training samples comprise vector samples, and the vector samples are obtained by embedding (embedding) sample request data.
In the embodiment of the present application, the management background 100 is developed based on a springboot frame, and the wind control model is an algorithm model developed based on the springboot frame and a groovy programming language. The rule model is developed based on a springboot frame and a groovy programming language, the configuration of dynamic rules (namely risk rules) can be realized, the dynamic rules are effective in real time, and the rule model is combined with the ai model. And moreover, risk assessment is carried out by using the ai model, so that more secret risks can be effectively prevented, and the reliability is higher.
It should be noted that, a user may issue an adjustment instruction to the management background 100 through a preset interface developed based on an vue framework (existing java language framework), and control the management background 100 to adjust a corresponding relationship between an event type and a wind control model, where the preset interface is specifically shown in fig. 1 b.
In addition, the management background 100 is used to configure a specific implementation manner of the corresponding relationship between the event type and the wind control model, which is common knowledge familiar to those skilled in the art, and specifically, can refer to fig. 1 c.
A big data processing module 200, configured to asynchronously write each request data sent from outside into a preset message queue (for example, a kafka queue, so-called kafka being a public distributed publish-subscribe message system); performing stream processing on the request data contained in the message queue to obtain values of a preset abstract field (abstract field, which is common knowledge familiar to those skilled in the art and is not described herein again), specifically, taking an abstract field "ip-associated user number" as an example, performing stream processing on the request data in the message queue to obtain values of "ip-associated user number" within 1 hour; the sum of the values is used as a request result for requesting data, and is stored in a preset database (for example, redis, which is a public database).
In the embodiment of the present application, the big data processing module 200 is pre-constructed based on the kafka framework (a published message subscription system) and the flink framework (a published data analysis algorithm).
Specifically, the big data processing module 200 is configured to perform stream processing on request data included in the message queue to obtain each value of the preset abstract field, and store a sum of the values as a request result of the request data in a preset database, as shown in fig. 1d and fig. 1 e.
The decision engine 300 is configured to, in the case of receiving request data sent from the outside, parse the request data to obtain a target event type; determining a wind control model corresponding to the target event type based on the corresponding relation between the event type and the wind control model; if the wind control model corresponding to the target event type is a rule model, reading a request result of the request data from the database, and inputting the request result into the rule model to obtain a risk level output by the rule model; and if the wind control model corresponding to the target event type is the ai model, embedding the request data to obtain a vector, and inputting the vector into the ai model to obtain a risk score output by the ai model.
It should be noted that the ai model includes a first sub model, a second sub model, a fully connected layer (dense), and an activation function (activate), the first sub model includes a 1-dimensional convolutional neural network (covld) and a fully connected layer, and the second sub model includes a preset convolutional neural network (i.e., covld +2-cycle + bn + covld), an attention mechanism (attention), and a fully connected layer (dense). Specifically, the vectors are respectively used as the input of the first submodel and the second submodel to obtain the output of the first submodel and the output of the second submodel, the output of the first submodel and the output of the second submodel are combined to obtain a combined result, and finally the combined result is output through the full connection layer and the activation function to obtain the risk score output by the ai model.
Specifically, assuming that the request data includes a mobile phone number, a mailbox, an IP, and other data, the request data is embedded to obtain a vector, and the vector is input to the ai model to obtain a specific process of the risk score output by the ai model, as shown in fig. 1 f.
In the embodiment of the present application, the decision engine 300 performs qualitative evaluation on the request data by using the rule model, performs quantitative evaluation on the request data by using the ai model, and combines the qualitative evaluation and the quantitative evaluation, so as to improve the accuracy and reliability of risk evaluation. Specifically, the decision engine 300 implements the above-mentioned qualitative evaluation and quantitative evaluation processes, which can be seen in fig. 1 g. Besides, based on the decision engine 300, the big data processing module 200, and the management background 100, a specific implementation manner of risk monitoring is implemented, including but not limited to the above-mentioned contents, and a technician may increase functions of each module according to actual situations so as to be applied to an actual using process, specifically, as shown in fig. 1 h.
In addition, the decision engine 300 is further configured to prompt the user to request that the data has a risk when the risk level output by the rule model is greater than a preset level; and prompting the user to request the data to have risks under the condition that the risk score output by the ai model is larger than a preset threshold value.
In summary, the rule model can implement configuration of dynamic rules (i.e., risk rules) and take effect in real time, and the rule model and the ai model are combined, so that compared with the prior art, the workload of manual review can be effectively reduced, and the labor cost can be reduced. And moreover, risk assessment is carried out by using the ai model, so that more secret risks can be effectively prevented, and the reliability is higher. Therefore, by the scheme of the embodiment, the reliability of risk assessment can be improved under the condition that the labor cost is controllable.
As shown in fig. 2, a schematic diagram of a risk monitoring method provided in an embodiment of the present application includes the following steps:
s201: and pre-configuring the corresponding relation between the event type and the wind control model.
The wind control model comprises a regular model and an intelligent model. The rule model is pre-constructed based on a preset corresponding relation between the risk rule and the risk level. The intelligent model is obtained by training based on the fact that a training sample is used as input of a convolutional neural network, and risk scores of the pre-labeled training sample are used as training targets, the training sample comprises a vector sample, and the vector sample is obtained by embedding sample request data.
S202: and asynchronously writing each request data sent from the outside into a preset message queue.
S203: and performing streaming processing on the request data contained in the message queue to obtain each value of the preset abstract field.
S204: and taking the sum of all the values as a request result of requesting data, and storing the request result in a preset database.
S205: and analyzing the request data aiming at each request data to obtain the type of the target event.
S206: and determining a wind control model corresponding to the target event type based on the corresponding relation between the event type and the wind control model.
S207: and if the wind control model corresponding to the target event type is a regular model, reading a request result of the request data from the database.
S208: and inputting the request result into the rule model to obtain the risk level output by the rule model.
S209: and prompting the user to request the data to have risk under the condition that the risk level output by the rule model is greater than the preset level.
S210: and if the wind control model corresponding to the target event type is an intelligent model, embedding the request data to obtain a vector.
S211: and inputting the vector into the intelligent model to obtain the risk score output by the intelligent model.
S212: and prompting the user to request the data to have risks under the condition that the risk score output by the intelligent model is larger than a preset threshold value.
In summary, the rule model can implement configuration of dynamic rules (i.e., risk rules) and take effect in real time, and the rule model is combined with the intelligent model, so that compared with the prior art, the workload of manual review can be effectively reduced, and the labor cost can be reduced. Moreover, risk assessment is carried out by using the intelligent model, so that more secret risks can be effectively prevented, and the reliability is higher. Therefore, by the scheme of the embodiment, the reliability of risk assessment can be improved under the condition that the labor cost is controllable.
It should be noted that, in the above embodiment, the reference S202 is an optional specific implementation manner of the risk monitoring method described in this application. In addition, S212 mentioned in the above embodiments is also an optional specific implementation manner of the risk monitoring method described in this application. For this reason, the flow mentioned in the above embodiment can be summarized as the method shown in fig. 3.
As shown in fig. 3, a schematic view of another risk monitoring method provided in the embodiment of the present application includes the following steps:
s301: and pre-configuring the corresponding relation between the event type and the wind control model.
The wind control model comprises a rule model and an intelligent model, the rule model is constructed based on a preset corresponding relation between risk rules and risk grades, the intelligent model is obtained by training based on a training sample as the input of a convolutional neural network and the risk score of the pre-labeled training sample as a training target, the training sample comprises a vector sample, and the vector sample is obtained by embedding sample request data.
S302: and under the condition of receiving request data sent from the outside, analyzing the request data to obtain the type of the target event.
S303: and determining a wind control model corresponding to the target event type based on the corresponding relation.
S304: and if the wind control model corresponding to the target event type is a regular model, acquiring a request result of the request data, and inputting the request result into the regular model to obtain the risk level output by the regular model.
S305: and if the wind control model corresponding to the target event type is an intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model.
In summary, the rule model can implement configuration of dynamic rules (i.e., risk rules) and take effect in real time, and the rule model is combined with the intelligent model, so that compared with the prior art, the workload of manual review can be effectively reduced, and the labor cost can be reduced. Moreover, risk assessment is carried out by using the intelligent model, so that more secret risks can be effectively prevented, and the reliability is higher. Therefore, by the scheme of the embodiment, the reliability of risk assessment can be improved under the condition that the labor cost is controllable.
Corresponding to the risk monitoring method provided by the embodiment of the application, the embodiment of the application also provides a risk monitoring device.
As shown in fig. 4, an architecture diagram of a risk monitoring device provided in the embodiment of the present application includes:
the configuration unit 401 is configured to pre-configure a corresponding relationship between the event type and the wind control model. The wind control model comprises a rule model and an intelligent model, the rule model is constructed based on a preset corresponding relation between risk rules and risk grades, the intelligent model is obtained by training based on a training sample as the input of a convolutional neural network and the risk score of the pre-labeled training sample as a training target, the training sample comprises a vector sample, and the vector sample is obtained by embedding sample request data.
An analyzing unit 402, configured to, in a case that request data sent from the outside is received, analyze the request data to obtain a target event type.
A determining unit 403, configured to determine, based on the correspondence, a wind control model corresponding to the target event type.
The first evaluation unit 404 is configured to, if the wind control model corresponding to the target event type is a rule model, obtain a request result of the request data, and input the request result into the rule model to obtain a risk level output by the rule model.
The process of obtaining the request result of the request data by the first evaluation unit 404 includes: asynchronously writing each request data sent from the outside into a preset message queue in advance; performing streaming processing on request data contained in the message queue to obtain values of a preset abstract field; taking the sum of all the values as a request result of requesting data, and storing the request result in a preset database; and if the wind control model corresponding to the target event type is a regular model, reading a request result of the request data from the database.
And a second evaluation unit 405, configured to, if the wind control model corresponding to the target event type is an intelligent model, embed the request data to obtain a vector, and input the vector into the intelligent model to obtain a risk score output by the intelligent model.
And the prompting unit 406 is configured to prompt the user to request that the data has a risk when the risk level output by the rule model is greater than a preset level.
And the prompting unit 406 is further configured to prompt the user to request that the data has a risk when the risk score output by the intelligent model is greater than a preset threshold.
In summary, the rule model can implement configuration of dynamic rules (i.e., risk rules) and take effect in real time, and the rule model is combined with the intelligent model, so that compared with the prior art, the workload of manual review can be effectively reduced, and the labor cost can be reduced. Moreover, risk assessment is carried out by using the intelligent model, so that more secret risks can be effectively prevented, and the reliability is higher. Therefore, by the scheme of the embodiment, the reliability of risk assessment can be improved under the condition that the labor cost is controllable.
The present application also provides a computer-readable storage medium comprising a stored program, wherein the program performs the risk monitoring method provided by the present application.
The present application further provides a risk monitoring device, including: a processor, a memory, and a bus. The processor is connected with the memory through a bus, the memory is used for storing programs, and the processor is used for running the programs, wherein when the programs run, the risk monitoring method provided by the application is executed, and the method comprises the following steps:
presetting a corresponding relation between an event type and a wind control model; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
under the condition of receiving request data sent from the outside, analyzing the request data to obtain a target event type;
determining a wind control model corresponding to the target event type based on the corresponding relation;
if the wind control model corresponding to the target event type is the rule model, acquiring a request result of the request data, and inputting the request result into the rule model to obtain a risk level output by the rule model;
and if the wind control model corresponding to the target event type is the intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model.
Optionally, if the wind control model corresponding to the target event type is the rule model, obtaining a request result of the request data includes:
asynchronously writing each request data sent from the outside into a preset message queue in advance;
performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field;
taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
and if the wind control model corresponding to the target event type is the rule model, reading a request result of the request data from the database.
Optionally, after the inputting the request result into the rule model and obtaining the risk level output by the rule model, the method further includes:
and prompting the user that the requested data has risks under the condition that the risk level output by the rule model is greater than a preset level.
Optionally, after the vector is input into the intelligent model and a risk score output by the intelligent model is obtained, the method further includes:
and prompting the user that the requested data has risks under the condition that the risk score output by the intelligent model is larger than a preset threshold value.
The functions described in the method of the embodiment of the present application, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution to the prior art of the embodiments of the present application or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including several instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of risk monitoring, comprising:
presetting a corresponding relation between an event type and a wind control model; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
under the condition of receiving request data sent from the outside, analyzing the request data to obtain a target event type;
determining a wind control model corresponding to the target event type based on the corresponding relation;
if the wind control model corresponding to the target event type is the rule model, acquiring a request result of the request data, and inputting the request result into the rule model to obtain a risk level output by the rule model;
and if the wind control model corresponding to the target event type is the intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model.
2. The method according to claim 1, wherein if the wind control model corresponding to the target event type is the rule model, obtaining the request result of the request data comprises:
asynchronously writing each request data sent from the outside into a preset message queue in advance;
performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field;
taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
and if the wind control model corresponding to the target event type is the rule model, reading a request result of the request data from the database.
3. The method of claim 1, wherein after inputting the request result into the rule model and obtaining the risk level output by the rule model, the method further comprises:
and prompting the user that the requested data has risks under the condition that the risk level output by the rule model is greater than a preset level.
4. The method of claim 1, wherein after inputting the vector into the intelligent model and obtaining the risk score output by the intelligent model, further comprising:
and prompting the user that the requested data has risks under the condition that the risk score output by the intelligent model is larger than a preset threshold value.
5. A risk monitoring device, comprising:
the configuration unit is used for configuring the corresponding relation between the event type and the wind control model in advance; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
the analysis unit is used for analyzing the request data to obtain a target event type under the condition of receiving the request data sent from the outside;
the determining unit is used for determining a wind control model corresponding to the target event type based on the corresponding relation;
the first evaluation unit is used for acquiring a request result of the request data if the wind control model corresponding to the target event type is the rule model, and inputting the request result into the rule model to obtain the risk level output by the rule model;
and the second evaluation unit is used for embedding the request data to obtain a vector if the wind control model corresponding to the target event type is the intelligent model, and inputting the vector into the intelligent model to obtain the risk score output by the intelligent model.
6. The apparatus according to claim 5, wherein the first evaluation unit is specifically configured to:
asynchronously writing each request data sent from the outside into a preset message queue in advance;
performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field;
taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
and if the wind control model corresponding to the target event type is the rule model, reading a request result of the request data from the database.
7. The apparatus of claim 5, further comprising:
the prompting unit is used for prompting a user that the requested data has risks under the condition that the risk level output by the rule model is greater than a preset level;
the prompting unit is further used for prompting the user that the requested data has risks under the condition that the risk score output by the intelligent model is larger than a preset threshold value.
8. A risk monitoring system, comprising:
the system comprises a management background, a big data processing module and a decision engine;
the management background is used for configuring the corresponding relation between the event type and the wind control model; the wind control model comprises a regular model and an intelligent model; the rule model is constructed based on a preset corresponding relation between the risk rule and the risk level; the intelligent model is obtained by training based on taking a training sample as the input of a convolutional neural network and taking a risk score of the pre-labeled training sample as a training target, wherein the training sample comprises a vector sample which is obtained by embedding sample request data;
the big data processing module is used for asynchronously writing each request data sent from the outside into a preset message queue in advance; performing streaming processing on the request data contained in the message queue to obtain each value of a preset abstract field; taking the sum of all the values as a request result of the request data, and storing the request result in a preset database;
the decision engine is used for analyzing the request data to obtain a target event type under the condition of receiving the request data sent from the outside; determining a wind control model corresponding to the target event type based on the corresponding relation; if the wind control model corresponding to the target event type is the rule model, acquiring a request result of the request data, and inputting the request result into the rule model to obtain a risk level output by the rule model; and if the wind control model corresponding to the target event type is the intelligent model, embedding the request data to obtain a vector, and inputting the vector into the intelligent model to obtain a risk score output by the intelligent model.
9. A computer-readable storage medium, comprising a stored program, wherein the program performs the risk monitoring method of any of claims 1-4.
10. A risk monitoring device, comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is configured to store a program and the processor is configured to execute the program, wherein the program is configured to perform the risk monitoring method of any of claims 1-4 when executed.
CN202110757389.4A 2021-07-05 2021-07-05 Risk monitoring method, device, system, storage medium and equipment Pending CN113344453A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110757389.4A CN113344453A (en) 2021-07-05 2021-07-05 Risk monitoring method, device, system, storage medium and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110757389.4A CN113344453A (en) 2021-07-05 2021-07-05 Risk monitoring method, device, system, storage medium and equipment

Publications (1)

Publication Number Publication Date
CN113344453A true CN113344453A (en) 2021-09-03

Family

ID=77482543

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110757389.4A Pending CN113344453A (en) 2021-07-05 2021-07-05 Risk monitoring method, device, system, storage medium and equipment

Country Status (1)

Country Link
CN (1) CN113344453A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992429A (en) * 2021-12-22 2022-01-28 支付宝(杭州)信息技术有限公司 Event processing method, device and equipment
CN115473735A (en) * 2022-09-13 2022-12-13 企查查科技有限公司 Risk assessment method and device for data request
CN117155719A (en) * 2023-11-01 2023-12-01 北京傲星科技有限公司 Vehicle data security detection method, system, electronic equipment and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107316134A (en) * 2017-06-16 2017-11-03 深圳乐信软件技术有限公司 A kind of risk control method, device, server and storage medium
CN107330572A (en) * 2016-04-28 2017-11-07 阿里巴巴集团控股有限公司 Air control method, apparatus and system
CN107451710A (en) * 2017-04-27 2017-12-08 北京鼎泰智源科技有限公司 A kind of Information Risk grade five-category method and system
CN108062629A (en) * 2017-12-26 2018-05-22 平安科技(深圳)有限公司 Processing method, terminal device and the medium of transaction event
CN108090829A (en) * 2017-12-21 2018-05-29 深圳市买买提信息科技有限公司 A kind of data managing method, data administrator and electronic equipment
CN108665143A (en) * 2018-04-11 2018-10-16 阿里巴巴集团控股有限公司 The appraisal procedure and device of air control model
CN109636607A (en) * 2018-12-18 2019-04-16 平安科技(深圳)有限公司 Business data processing method, device and computer equipment based on model deployment
CN110020780A (en) * 2019-02-26 2019-07-16 阿里巴巴集团控股有限公司 The method, apparatus and electronic equipment of information output
CN111951008A (en) * 2020-07-22 2020-11-17 中国建设银行股份有限公司 Risk prediction method and device, electronic equipment and readable storage medium
CN111967807A (en) * 2020-10-23 2020-11-20 支付宝(杭州)信息技术有限公司 Method and device for generating risk event judgment rule executed by computer

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107330572A (en) * 2016-04-28 2017-11-07 阿里巴巴集团控股有限公司 Air control method, apparatus and system
CN107451710A (en) * 2017-04-27 2017-12-08 北京鼎泰智源科技有限公司 A kind of Information Risk grade five-category method and system
CN107316134A (en) * 2017-06-16 2017-11-03 深圳乐信软件技术有限公司 A kind of risk control method, device, server and storage medium
CN108090829A (en) * 2017-12-21 2018-05-29 深圳市买买提信息科技有限公司 A kind of data managing method, data administrator and electronic equipment
CN108062629A (en) * 2017-12-26 2018-05-22 平安科技(深圳)有限公司 Processing method, terminal device and the medium of transaction event
CN108665143A (en) * 2018-04-11 2018-10-16 阿里巴巴集团控股有限公司 The appraisal procedure and device of air control model
CN109636607A (en) * 2018-12-18 2019-04-16 平安科技(深圳)有限公司 Business data processing method, device and computer equipment based on model deployment
CN110020780A (en) * 2019-02-26 2019-07-16 阿里巴巴集团控股有限公司 The method, apparatus and electronic equipment of information output
CN111951008A (en) * 2020-07-22 2020-11-17 中国建设银行股份有限公司 Risk prediction method and device, electronic equipment and readable storage medium
CN111967807A (en) * 2020-10-23 2020-11-20 支付宝(杭州)信息技术有限公司 Method and device for generating risk event judgment rule executed by computer

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
何文涛: "面向借贷数据的风控模型研究", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》, no. 3, 15 March 2020 (2020-03-15), pages 35 - 37 *
张靓裔: "《企业迁云之路》", 机械工业出版社, pages: 196 - 200 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992429A (en) * 2021-12-22 2022-01-28 支付宝(杭州)信息技术有限公司 Event processing method, device and equipment
CN115473735A (en) * 2022-09-13 2022-12-13 企查查科技有限公司 Risk assessment method and device for data request
CN117155719A (en) * 2023-11-01 2023-12-01 北京傲星科技有限公司 Vehicle data security detection method, system, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN113344453A (en) Risk monitoring method, device, system, storage medium and equipment
KR101789962B1 (en) Method and system for inferring application states by performing behavioral analysis operations in a mobile device
CN105939350B (en) Network access control method and system
CN111311136A (en) Wind control decision method, computer equipment and storage medium
CN111898023A (en) Message pushing method and device, readable storage medium and computing equipment
EP2983117A1 (en) Event processing method in stream processing system and stream processing system
CN111866016A (en) Log analysis method and system
CN109873752B (en) Robot interaction method, device, storage medium and equipment in communication group
WO2020253364A1 (en) Big data analytics-based information pushing method, apparatus, and device, and storage medium
CN110929145A (en) Public opinion analysis method, public opinion analysis device, computer device and storage medium
CN111680287B (en) Application program detection method and device based on user privacy protection
CN110912874B (en) Method and system for effectively identifying machine access behaviors
CN113127746A (en) Information pushing method based on user chat content analysis and related equipment thereof
CN111510446B (en) Attack detection method and device, electronic equipment and storage medium
CN111581258B (en) Security data analysis method, device, system, equipment and storage medium
CN113438374B (en) Intelligent outbound call processing method, device, equipment and storage medium
CN113190682B (en) Method and device for acquiring event influence degree based on tree model and computer equipment
CN111177725A (en) Method, device, equipment and storage medium for detecting malicious click operation
CN116955573B (en) Question searching method, device, equipment and storage medium
CN117522593A (en) Client consultation service management method, device, equipment and storage medium
CN115329347B (en) Prediction method, device and storage medium based on car networking vulnerability data
CN113032836B (en) Data desensitization method and apparatus
CN116208513A (en) Gateway health degree prediction method and device
US20150378797A1 (en) Event Processing Method in Stream Processing System and Stream Processing System
CN116050520A (en) Risk processing model training method, risk object processing method and related devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210903