CN113596844A - Early warning method, device, medium and electronic equipment based on data information - Google Patents

Early warning method, device, medium and electronic equipment based on data information Download PDF

Info

Publication number
CN113596844A
CN113596844A CN202110862658.3A CN202110862658A CN113596844A CN 113596844 A CN113596844 A CN 113596844A CN 202110862658 A CN202110862658 A CN 202110862658A CN 113596844 A CN113596844 A CN 113596844A
Authority
CN
China
Prior art keywords
information
data
blacklist
communication
fraud
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110862658.3A
Other languages
Chinese (zh)
Inventor
何欣阳
张录录
李雪峰
尚程
王杰
杨满智
蔡琳
梁彧
田野
金红
陈晓光
傅强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eversec Beijing Technology Co Ltd
Original Assignee
Eversec Beijing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eversec Beijing Technology Co Ltd filed Critical Eversec Beijing Technology Co Ltd
Priority to CN202110862658.3A priority Critical patent/CN113596844A/en
Publication of CN113596844A publication Critical patent/CN113596844A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the application discloses an early warning method, an early warning device, an early warning medium and electronic equipment based on data information. Wherein, the method comprises the following steps: determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information; if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request; and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information. The technical scheme avoids the limitation of identification lag in the existing fraud conversation behavior identification technology, introduces a fraud behavior prior identification analysis mechanism taking data association as a core, realizes accurate positioning and prior early warning of fraud behavior numbers, and greatly reduces fraud risks.

Description

Early warning method, device, medium and electronic equipment based on data information
Technical Field
The embodiment of the application relates to the technical field of big data, in particular to an early warning method, an early warning device, an early warning medium and electronic equipment based on data information.
Background
Currently, telephone anti-fraud systems deployed by operators generally adopt a fraud conversation behavior identification method based on a fraud model.
However, with the continuous renovation of fraud means and the continuous acceleration of fraud communication behaviors, the current fraud conversation behavior identification technology based on the fraud model has the following disadvantages: 1. training is needed before the fraud behavior recognition model is online, and the online speed is influenced; 2. the fraud behavior recognition model can be recognized only after the occurrence of the event, and the event cannot be early warned in advance. Therefore, fraud conversation behavior identification techniques based on fraud models are not suitable for use in the current scenario.
Disclosure of Invention
The embodiment of the application provides a data information-based early warning method, a data information-based early warning device, a data information-based early warning medium and electronic equipment, which can realize early warning of fraud behaviors by establishing a fraud behavior prior identification analysis mechanism.
In a first aspect, an embodiment of the present application provides a data information-based early warning method, where the method includes:
determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information;
if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request;
and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
In a second aspect, an embodiment of the present application provides an early warning apparatus based on data information, where the apparatus includes:
the data association module is used for determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information;
the information acquisition module is used for acquiring the identity information and/or the communication information carried in a new number acquisition request if the new number acquisition request exists;
and the early warning information generating module is used for generating early warning information if the identity information and/or the communication information carried in the new number obtaining request hits blacklist information.
In a third aspect, an embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a warning method based on data information according to an embodiment of the present application.
In a fourth aspect, an embodiment of the present application provides an electronic device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor executes the computer program to implement the data information-based warning method according to the embodiment of the present application.
The embodiment adopts the following method to realize early warning of fraud behaviors. The method comprises the following steps: determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information; if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request; and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information. The embodiment introduces a fraud behavior prior identification analysis mechanism taking data association as a core, realizes accurate positioning and prior early warning of fraud behavior numbers, and can shut down the numbers in time, thereby greatly reducing fraud risks.
Drawings
Fig. 1 is a flowchart of an early warning method based on data information according to an embodiment of the present disclosure;
FIG. 2 is a schematic diagram of data association provided in an embodiment of the present application;
fig. 3 is a flowchart of a warning method based on data information according to a second embodiment of the present application;
fig. 4 is a diagram of an early warning logic architecture based on data information according to a second embodiment of the present application;
fig. 5 is a block diagram illustrating a structure of an early warning device based on data information according to a third embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. It should be further noted that, for the convenience of description, only some of the structures related to the present application are shown in the drawings, not all of the structures.
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the steps as a sequential process, many of the steps can be performed in parallel, concurrently or simultaneously. In addition, the order of the steps may be rearranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
Example one
Fig. 1 is a flowchart of a data information-based warning method according to an embodiment of the present application, where the present embodiment is applicable to a scenario in which a fraud is warned in advance, and the method can be executed by the data information-based warning apparatus provided in the embodiment of the present application, and the apparatus can be implemented by software and/or hardware, and can be integrated in an electronic device.
As shown in fig. 1, the data information-based early warning method includes:
s110, determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information includes identity information and/or communication information.
The execution subject of the method of the embodiment is a data information-based early warning device, which is integrated into a fraud prevention platform, which can be installed in various electronic devices. The early warning device of the data information collects the ticket information from each channel to form a fraud blacklist. When a purchase request of a new number occurs, the fraud prevention platform matches the information associated with the purchase number with the information in the blacklist, and if at least one of the information is matched, the fraud prevention platform sends out an early warning signal.
Wherein, the target number refers to a telephone number used by fraud.
Further, the preset rule refers to a method of determining a target number, and for example, a fraud-occurring number marked by a person, a public security, a communication authority, or the like may be determined as the target number.
Further, the identity data may be data indicating user identity information, and may include one or a combination of several of an identification number, an order number of a purchase telephone number, a shipping address of the purchase telephone number, a name of a recipient of the purchase telephone number, and the like, for example. The communication data may include the actions of surfing the internet, talking and the like by using the mobile phone number, the ID information of the base station which performs information transmission with the number, and the like.
Further, the identification data association and/or the communication data association of the target number means that the identification data and/or the communication data of the target number are found and a corresponding relationship is formed.
The blacklist information can be associated with the target number, and can represent the current user or the position information of the user, and the like, which are very likely to be used by fraudulent conduct in handling another number. For example, the blacklist information may be the identity information of users having more than 5 cards in a month.
In this embodiment, optionally, the blacklist information includes: at least one of an identification number blacklist, a delivery address blacklist, a delivery number blacklist, a consignee blacklist, and a base station ID blacklist.
It will be appreciated that the above-described blacklist information is associated with a destination number.
According to the technical scheme, the multi-dimension matching of the information associated with the target number is realized by setting various blacklist information, whether the target number has a fraud tendency can be rapidly judged, and therefore early warning of fraud is realized.
In this embodiment, optionally, performing identity data association and/or communication data association on the target number to obtain blacklist information includes:
performing primary association according to the identity information and the order information associated with the target number, and performing secondary association according to the receiving address, the receiving number and the name of the receiver associated with the target number to obtain an identity data association result in the blacklist information;
and/or the presence of a gas in the gas,
and determining a communication data association result in the blacklist information according to the communication behavior of the target number and the base station ID used by the internet surfing behavior.
Wherein the secondary association is performed on the basis of the primary association.
According to the technical scheme of the embodiment, the target number can be determined from multiple layers by performing data association on the target number for multiple times, so that more accurate blacklist information is formed.
And S120, if a new number acquisition request exists, acquiring the identity information and/or the communication information carried in the new number acquisition request.
The new number acquisition request may be an action of any user purchasing a mobile phone number from any channel. It can be understood that the user needs to provide identification information such as identification number when purchasing the mobile phone number from any channel, and the action of purchasing the number also generates communication information. When the server receives the new number acquisition request, the identity information and/or the communication information carried in the new number acquisition request is extracted and compared with all information in the blacklist.
And S130, if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
The early warning information can be in a form of short message to inform other users that the number may cause fraud. In this embodiment, the form of generating the warning information is not limited.
Fig. 2 is a schematic diagram of data association provided in the first embodiment. As shown in fig. 2, the fraud behavior recognition model result data and the third party fraud data (fraud-related mobile phone number) are combined to determine the target number, the number is associated with the identity card number when the number card is purchased, the receiving address when the number card is purchased, the receiving number when the number card is purchased, the name of the receiver, the base station ID near the opened card, and the like, and a fraud-related data blacklist (identity card number blacklist, receiving address blacklist, receiving number blacklist, receiving person blacklist, base station blacklist) is output.
The embodiment adopts the following method to realize early warning of fraud behaviors. The method comprises the following steps: determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information; if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request; and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
In the embodiment, a fraud behavior pre-identification analysis mechanism taking data association as a core is introduced, so that the fraud behavior number is accurately positioned and pre-warned in advance, and is stopped in time, and fraud risks are greatly reduced.
Example two
Fig. 3 is a flowchart of an early warning method based on data information according to a second embodiment of the present application, which is optimized based on the second embodiment. The concrete optimization is as follows:
as shown in fig. 3, the method of this embodiment specifically includes the following steps:
s210, acquiring the dialogue list data through preset data acquisition equipment; the call ticket data comprises a communication call ticket and/or a user information call ticket.
The preset data acquisition device may be a server, such as an interface server.
Furthermore, the call ticket data may be a communication call ticket of any B-domain user, such as a call record, including a call point start, a call point end, and a call object. The call ticket data can also be a B-domain user information call ticket, and the user information call ticket can be the identity numbers of both parties of the call in the call record, the used package and the like.
It can be understood that the preset data acquisition device can acquire call ticket data from a communication operator.
In this embodiment, optionally, the acquiring of the dialog sheet data by the preset data acquiring device includes:
determining the use number of preset data acquisition equipment according to the phone bill quantity;
and the number of the first and second groups,
and if at least one preset data acquisition device is in a fault state, performing load balancing processing on the current acquired call ticket quantity to determine that the call ticket acquisition result is a full result.
The usage quantity of the preset data acquisition equipment is determined according to the quantity of the telephone bills, and each data acquisition equipment can be allocated to telephone bills with equal quantity or telephone bills with small quantity difference.
Further, the load balancing processing means that the collection number of the call tickets is distributed to the preset data collection equipment in a balanced manner. Illustratively, the number of the existing telephone bills is 100, the number of the preset data acquisition devices is 10, and each device is responsible for acquiring 10 telephone bills. If one preset data acquisition device fails and cannot be used, the 10-ticket acquisition task which is responsible for the failed data acquisition device is distributed to other 9 data acquisition devices in a balanced manner.
Further, the full result refers to all call ticket data of the B domain user.
The technical scheme of the embodiment utilizes the load balancing capability of the pooling (Pool) technology, can effectively avoid performance loss caused by unbalanced call tickets of B domains from different time, and can reasonably utilize equipment.
S220, inputting the collected ticket data into the preset fraud behavior recognition model to obtain result data obtained by the preset fraud behavior recognition model.
The preset fraud behavior recognition model may be built based on a conventional machine learning algorithm, such as a linear regression algorithm, a support vector machine, and the like, or may be built based on a deep learning algorithm, such as a cyclic neural network, a convolutional neural network, and the like, which is not limited in this embodiment.
Further, the resulting data may be a fraud number and corresponding information, such as an identification number used for purchasing the number, etc.
In this embodiment, optionally, the step of inputting the collected ticket data into the preset fraud behavior recognition model to obtain result data obtained by the preset fraud behavior recognition model includes:
running the preset fraud behavior recognition model through preset data analysis equipment to analyze the collected ticket data to obtain result data obtained by the preset fraud behavior recognition model;
and the number of the first and second electrodes,
and if detecting that at least one preset data analysis device is in a fault state, performing load balancing processing on the current call ticket data analysis task to determine that all call ticket data are analyzed.
The preset data analysis device may be a server, such as a big data server, and the preset data analysis device may have an environment in which an operation model is installed. And the preset fraud behavior recognition model automatically outputs result data according to the input call ticket data.
Furthermore, the mode of detecting that at least one preset data analysis device is in a fault state may be that the data analysis device is checked manually at regular time, or that the data analysis device automatically alarms to the fraud prevention platform after a fault occurs.
The technical scheme provided by the embodiment can obtain possible fraud numbers through analysis of a large amount of ticket data, and can effectively avoid performance loss caused by unbalanced B-domain tickets from different times by utilizing the load balancing capability of the pooling (Pool) technology, so that equipment can be reasonably utilized.
And S230, determining the fraud usage number as the target number according to the result data obtained by the preset fraud behavior identification model or according to the predetermined number information used by the fraud behavior.
S240, performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information includes identity information and/or communication information.
And S250, if a new number acquisition request exists, acquiring the identity information and/or the communication information carried in the new number acquisition request.
And S260, if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
Fig. 4 is a diagram of an early warning logic architecture based on data information according to a second embodiment of the present application. As shown in fig. 4, the architecture includes, from bottom to top, a data acquisition layer, a data storage association layer, and a data presentation layer.
The data acquisition layer is responsible for acquiring the call ticket data of the B domain; the B-domain data acquisition equipment can be configured according to the characteristic of the call ticket quantity, and the quantity/configuration of the equipment can be increased or decreased as required, so that the dependence relationship between the cost and the service use requirement can be fully balanced. The data storage association layer combines fraud behavior identification model result data and third party fraud data (fraud-related mobile phone numbers), associates information such as an identity card number when the number is purchased, a receiving address when the number is purchased, a receiving number when the number is purchased, a name of a receiver, a base station ID near the opened card and the like with B-domain user data, and outputs a fraud-related data blacklist (identity card number blacklist, receiving address blacklist, receiving number blacklist, receiver blacklist and base station blacklist). The data display layer is responsible for displaying basic data and statistical data of the B-domain call ticket; various query man-machine interfaces can be provided, the query command is managed through a query strategy, manual query and release are carried out automatically at regular intervals, a quick query mode is supported, and operation and maintenance personnel can input queried content to query related data at any time; the report can be automatically realized, and daily reports, weekly reports, monthly reports and annual reports can be output periodically.
The embodiment realizes the acquisition and analysis of the call ticket data to obtain the target number by the following method. The method mainly comprises the following steps: acquiring the dialogue list data through preset data acquisition equipment; the call ticket data comprises a communication call ticket and/or a user information call ticket; and inputting the collected ticket data into the preset fraud behavior recognition model to obtain result data obtained by the preset fraud behavior recognition model. And determining the fraud usage number as the target number according to result data obtained by a preset fraud behavior identification model or according to predetermined number information used by fraud behaviors.
According to the technical scheme, the fraud number is accurately positioned by collecting and analyzing a large amount of ticket data, and support is provided for subsequently determining the fraud number. Meanwhile, according to the technical scheme of the embodiment, through a load balancing processing technology, the performance loss of the equipment caused by unbalance of the B-domain telephone bills from different times can be effectively avoided, and the equipment can be reasonably and effectively utilized.
EXAMPLE III
Fig. 5 is a block diagram of a data information-based early warning apparatus provided in this application, which is capable of executing the data information-based early warning method provided in any embodiment of this application, and has functional modules and beneficial effects corresponding to the execution method.
As shown in fig. 5, the apparatus may include:
a data association module 510, configured to determine a target number by using a preset rule, and perform identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information includes identity information and/or communication information.
The information obtaining module 520 is configured to, if a new number obtaining request exists, obtain identity information and/or communication information carried in the new number obtaining request.
An early warning information generating module 530, configured to generate early warning information if the identity information and/or the communication information carried in the new number obtaining request hits blacklist information.
Further, the determining the target number by using the preset rule includes:
and determining the fraud usage number as the target number according to result data obtained by a preset fraud behavior identification model or according to predetermined number information used by fraud behaviors.
Further, the performing identity data association and/or communication data association on the target number to obtain blacklist information includes:
performing primary association according to the identity information and the order information associated with the target number, and performing secondary association according to the receiving address, the receiving number and the name of the receiver associated with the target number to obtain an identity data association result in the blacklist information;
and/or the presence of a gas in the gas,
and determining a communication data association result in the blacklist information according to the communication behavior of the target number and the base station ID used by the internet surfing behavior.
Further, the result data obtained according to the preset fraud behavior recognition model includes:
acquiring the dialogue list data through preset data acquisition equipment; the call ticket data comprises a communication call ticket and/or a user information call ticket;
and inputting the collected ticket data into the preset fraud behavior recognition model to obtain result data obtained by the preset fraud behavior recognition model.
Further, the collection of the dialogue list data through the preset data collection device includes:
determining the use number of preset data acquisition equipment according to the phone bill quantity;
and the number of the first and second groups,
and if at least one preset data acquisition device is in a fault state, performing load balancing processing on the current acquired call ticket quantity to determine that the call ticket acquisition result is a full result.
Further, the inputting the collected ticket data into the preset fraud behavior recognition model to obtain result data obtained by the preset fraud behavior recognition model includes:
running the preset fraud behavior recognition model through preset data analysis equipment to analyze the collected ticket data to obtain result data obtained by the preset fraud behavior recognition model;
and the number of the first and second electrodes,
and if detecting that at least one preset data analysis device is in a fault state, performing load balancing processing on the current call ticket data analysis task to determine that all call ticket data are analyzed.
The product can execute the early warning method based on the data information, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
A fourth embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the data information-based early warning method provided in all embodiments of the present application:
determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information;
if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request;
and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
Any combination of one or more computer-readable media may be employed. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
EXAMPLE five
Fig. 6 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present application. FIG. 6 illustrates a block diagram of an exemplary computer device 12 suitable for use in implementing embodiments of the present application. The electronic device 12 shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in FIG. 6, electronic device 12 is embodied in the form of a general purpose computing device. The components of electronic device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.
Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, micro-channel architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Electronic device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by electronic device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM)30 and/or cache memory 32. The electronic device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 6, and commonly referred to as a "hard drive"). Although not shown in FIG. 6, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the application.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally perform the functions and/or methodologies of the embodiments described herein.
Electronic device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with electronic device 12, and/or with any devices (e.g., network card, modem, etc.) that enable electronic device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. In the electronic device 12 of the present embodiment, the display 24 is not provided as a separate body but is embedded in the mirror surface, and when the display surface of the display 24 is not displayed, the display surface of the display 24 and the mirror surface are visually integrated. Also, the electronic device 12 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via the network adapter 20. As shown, the network adapter 20 communicates with other modules of the electronic device 12 via the bus 18. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with electronic device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 16 executes various functional applications and data processing by running programs stored in the system memory 28, for example, implementing the data information-based warning method provided in the embodiment of the present application:
determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information;
if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request;
and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A data information-based early warning method is characterized by comprising the following steps:
determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information;
if a new number acquisition request exists, acquiring identity information and/or communication information carried in the new number acquisition request;
and if the identity information and/or the communication information carried in the new number acquisition request hits blacklist information, generating early warning information.
2. The method of claim 1, wherein determining the destination number using a predetermined rule comprises:
and determining the fraud usage number as the target number according to result data obtained by a preset fraud behavior identification model or according to predetermined number information used by fraud behaviors.
3. The method of claim 1, wherein associating the destination number with identity data and/or communication data to obtain blacklist information comprises:
performing primary association according to the identity information and the order information associated with the target number, and performing secondary association according to the receiving address, the receiving number and the name of the receiver associated with the target number to obtain an identity data association result in the blacklist information;
and/or the presence of a gas in the gas,
and determining a communication data association result in the blacklist information according to the communication behavior of the target number and the base station ID used by the internet surfing behavior.
4. The method of claim 3, wherein the blacklist information comprises: at least one of an identification number blacklist, a delivery address blacklist, a delivery number blacklist, a consignee blacklist, and a base station ID blacklist.
5. The method according to claim 2, wherein said result data obtained according to a preset fraud behavior recognition model comprises:
acquiring the dialogue list data through preset data acquisition equipment; the call ticket data comprises a communication call ticket and/or a user information call ticket;
and inputting the collected ticket data into the preset fraud behavior recognition model to obtain result data obtained by the preset fraud behavior recognition model.
6. The method of claim 5, wherein the collection of the dialog data by the pre-set data collection device comprises:
determining the use number of preset data acquisition equipment according to the phone bill quantity;
and the number of the first and second groups,
and if at least one preset data acquisition device is in a fault state, performing load balancing processing on the current acquired call ticket quantity to determine that the call ticket acquisition result is a full result.
7. The method as claimed in claim 5, wherein inputting the collected ticket data into the predetermined fraud recognition model to obtain result data obtained by the predetermined fraud recognition model, comprises:
running the preset fraud behavior recognition model through preset data analysis equipment to analyze the collected ticket data to obtain result data obtained by the preset fraud behavior recognition model;
and the number of the first and second electrodes,
and if detecting that at least one preset data analysis device is in a fault state, performing load balancing processing on the current call ticket data analysis task to determine that all call ticket data are analyzed.
8. An early warning apparatus based on data information, the apparatus comprising:
the data association module is used for determining a target number by adopting a preset rule, and performing identity data association and/or communication data association on the target number to obtain blacklist information; wherein the blacklist information comprises identity information and/or communication information;
the information acquisition module is used for acquiring the identity information and/or the communication information carried in a new number acquisition request if the new number acquisition request exists;
and the early warning information generating module is used for generating early warning information if the identity information and/or the communication information carried in the new number obtaining request hits blacklist information.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the data-information-based warning method according to any one of claims 1 to 7.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the data-information-based warning method according to any one of claims 1 to 7 when executing the computer program.
CN202110862658.3A 2021-07-29 2021-07-29 Early warning method, device, medium and electronic equipment based on data information Pending CN113596844A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110862658.3A CN113596844A (en) 2021-07-29 2021-07-29 Early warning method, device, medium and electronic equipment based on data information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110862658.3A CN113596844A (en) 2021-07-29 2021-07-29 Early warning method, device, medium and electronic equipment based on data information

Publications (1)

Publication Number Publication Date
CN113596844A true CN113596844A (en) 2021-11-02

Family

ID=78251720

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110862658.3A Pending CN113596844A (en) 2021-07-29 2021-07-29 Early warning method, device, medium and electronic equipment based on data information

Country Status (1)

Country Link
CN (1) CN113596844A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338915A (en) * 2021-12-24 2022-04-12 中国联合网络通信集团有限公司 Caller ID risk identification method, caller ID risk identification device, caller ID risk identification equipment and storage medium
CN114379592A (en) * 2022-01-10 2022-04-22 中国第一汽车股份有限公司 Target association method and device, electronic equipment and storage medium
CN114980116A (en) * 2022-05-17 2022-08-30 中移互联网有限公司 Target number identification method based on 5G message and electronic equipment
CN116939616A (en) * 2023-09-15 2023-10-24 中关村科学城城市大脑股份有限公司 Equipment control method and device applied to telecommunication fraud prevention and electronic equipment
CN117459634A (en) * 2023-11-22 2024-01-26 深圳市众智达信息科技有限公司 Method, system and medium for improving cross-data center blacklist interface access performance

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100130172A1 (en) * 2008-11-26 2010-05-27 Ringcentral, Inc. Fraud prevention techniques
CN106791220A (en) * 2016-11-04 2017-05-31 国家计算机网络与信息安全管理中心 Prevent the method and system of telephone fraud
CN107392451A (en) * 2017-07-11 2017-11-24 重庆卡西匚匚科技有限公司 A kind of risk control system
CN108399573A (en) * 2017-12-20 2018-08-14 平安科技(深圳)有限公司 Electronic device, long-range declaration form go out folk prescription method and storage medium
CN109429230A (en) * 2017-08-28 2019-03-05 中国移动通信集团浙江有限公司 A kind of communication swindle recognition methods and system
CN109461068A (en) * 2018-09-13 2019-03-12 深圳壹账通智能科技有限公司 Judgment method, device, equipment and the computer readable storage medium of fraud
WO2019056343A1 (en) * 2017-09-25 2019-03-28 深圳传音通讯有限公司 System and method for avoiding internet and mobile payment fraud
CN109615389A (en) * 2018-12-15 2019-04-12 深圳壹账通智能科技有限公司 Electronic-payment transaction risk control method, device, server and storage medium
CN109658256A (en) * 2018-10-11 2019-04-19 平安科技(深圳)有限公司 Risk control method, device, equipment and readable storage medium storing program for executing
CN110536302A (en) * 2018-05-25 2019-12-03 中国移动通信集团广东有限公司 Telecommunication fraud based reminding method and device

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100130172A1 (en) * 2008-11-26 2010-05-27 Ringcentral, Inc. Fraud prevention techniques
CN106791220A (en) * 2016-11-04 2017-05-31 国家计算机网络与信息安全管理中心 Prevent the method and system of telephone fraud
CN107392451A (en) * 2017-07-11 2017-11-24 重庆卡西匚匚科技有限公司 A kind of risk control system
CN109429230A (en) * 2017-08-28 2019-03-05 中国移动通信集团浙江有限公司 A kind of communication swindle recognition methods and system
WO2019056343A1 (en) * 2017-09-25 2019-03-28 深圳传音通讯有限公司 System and method for avoiding internet and mobile payment fraud
CN108399573A (en) * 2017-12-20 2018-08-14 平安科技(深圳)有限公司 Electronic device, long-range declaration form go out folk prescription method and storage medium
CN110536302A (en) * 2018-05-25 2019-12-03 中国移动通信集团广东有限公司 Telecommunication fraud based reminding method and device
CN109461068A (en) * 2018-09-13 2019-03-12 深圳壹账通智能科技有限公司 Judgment method, device, equipment and the computer readable storage medium of fraud
CN109658256A (en) * 2018-10-11 2019-04-19 平安科技(深圳)有限公司 Risk control method, device, equipment and readable storage medium storing program for executing
CN109615389A (en) * 2018-12-15 2019-04-12 深圳壹账通智能科技有限公司 Electronic-payment transaction risk control method, device, server and storage medium

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338915A (en) * 2021-12-24 2022-04-12 中国联合网络通信集团有限公司 Caller ID risk identification method, caller ID risk identification device, caller ID risk identification equipment and storage medium
CN114379592A (en) * 2022-01-10 2022-04-22 中国第一汽车股份有限公司 Target association method and device, electronic equipment and storage medium
CN114980116A (en) * 2022-05-17 2022-08-30 中移互联网有限公司 Target number identification method based on 5G message and electronic equipment
CN114980116B (en) * 2022-05-17 2023-09-19 中移互联网有限公司 Target number identification method based on 5G message and electronic equipment
CN116939616A (en) * 2023-09-15 2023-10-24 中关村科学城城市大脑股份有限公司 Equipment control method and device applied to telecommunication fraud prevention and electronic equipment
CN116939616B (en) * 2023-09-15 2023-12-08 中关村科学城城市大脑股份有限公司 Equipment control method and device applied to telecommunication fraud prevention and electronic equipment
CN117459634A (en) * 2023-11-22 2024-01-26 深圳市众智达信息科技有限公司 Method, system and medium for improving cross-data center blacklist interface access performance
CN117459634B (en) * 2023-11-22 2024-06-11 深圳市众智达信息科技有限公司 Method, system and medium for improving cross-data center blacklist interface access performance

Similar Documents

Publication Publication Date Title
CN113596844A (en) Early warning method, device, medium and electronic equipment based on data information
CN107391359B (en) Service testing method and device
CN107273531B (en) Telephone number classification identification method, device, equipment and storage medium
CN109961296A (en) Merchant type recognition methods and device
CN105989268A (en) Safety access method and system for human-computer identification
CN110933103B (en) Anti-crawler method, device, equipment and medium
CN107678935A (en) Data creation method, terminal and computer-readable recording medium
CN109345417B (en) Online assessment method and terminal equipment for business personnel based on identity authentication
CN103975334B (en) Authentication method and Verification System
CN106603327B (en) Behavioral data analysis method and device
CN111931047B (en) Artificial intelligence-based black product account detection method and related device
CN111260465A (en) Business processing method, device, server and storage medium
CN110647523B (en) Data quality analysis method and device, storage medium and electronic equipment
CN111191925B (en) Data processing method, device, equipment and storage medium
CN104091386B (en) The method and system of banking flow processs based on computer and big data
CN110348471B (en) Abnormal object identification method, device, medium and electronic equipment
CN110414603B (en) Method, apparatus, computer system, and medium for detecting mobile device
CN111754241A (en) User behavior perception method, device, equipment and medium
CN113032834A (en) Database table processing method, device, equipment and storage medium
CN114419631A (en) Network management virtual system based on RPA
CN113918905A (en) Service processing method and device and electronic equipment
CN116071152A (en) Data processing method and device, electronic equipment and storage medium
CN112270424B (en) Order processing method and device, electronic equipment and storage medium
CN115099670A (en) Battery replacement station management method and device, electronic equipment and storage medium
CN110348984B (en) Automatic credit card data input method and related equipment under different transaction channels

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination