CN113706158A - Big data intrusion prevention analysis method and system based on cloud payment - Google Patents
Big data intrusion prevention analysis method and system based on cloud payment Download PDFInfo
- Publication number
- CN113706158A CN113706158A CN202111022321.8A CN202111022321A CN113706158A CN 113706158 A CN113706158 A CN 113706158A CN 202111022321 A CN202111022321 A CN 202111022321A CN 113706158 A CN113706158 A CN 113706158A
- Authority
- CN
- China
- Prior art keywords
- cloud payment
- item
- interactive session
- cloud
- payment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 347
- 230000002265 prevention Effects 0.000 title claims abstract description 70
- 230000002452 interceptive effect Effects 0.000 claims abstract description 645
- 230000009471 action Effects 0.000 claims abstract description 105
- 238000001514 detection method Methods 0.000 claims abstract description 46
- 238000012545 processing Methods 0.000 claims abstract description 46
- 230000003993 interaction Effects 0.000 claims description 241
- 230000004069 differentiation Effects 0.000 claims description 120
- 238000011156 evaluation Methods 0.000 claims description 112
- 230000000007 visual effect Effects 0.000 claims description 54
- 230000004913 activation Effects 0.000 claims description 46
- 230000008859 change Effects 0.000 claims description 45
- 238000000034 method Methods 0.000 claims description 35
- 230000008569 process Effects 0.000 claims description 15
- 238000006243 chemical reaction Methods 0.000 description 151
- 238000004422 calculation algorithm Methods 0.000 description 9
- 238000012795 verification Methods 0.000 description 8
- 230000006399 behavior Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000011002 quantification Methods 0.000 description 4
- 238000013139 quantization Methods 0.000 description 3
- 230000000737 periodic effect Effects 0.000 description 2
- 230000035484 reaction time Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000007635 classification algorithm Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
According to the cloud payment-based big data intrusion prevention analysis method and system, the cloud payment interactive session items are subjected to differentiated analysis and processing on the first cloud payment interactive session message set in a differentiated analysis mode, and processing overhead required by the cloud payment interactive session messages can be weakened when the second cloud payment interactive session message set is determined in the cloud payment intrusion prevention system. Cloud payment interactive session items with significant differences can be extracted as target cloud payment interactive session items according to each differential analysis condition through a differential analysis mode, when cloud payment interactive session item analysis is carried out through the target cloud payment interactive session items, the intrusion behavior detection reliability between any two target cloud payment interactive session items with binding relations in the second cloud payment interactive session message set can be guaranteed as much as possible, and the data intrusion intention detection efficiency can be improved through the payment action tendency state description between the target cloud payment interactive session items.
Description
Technical Field
The application relates to the technical field of cloud payment and intrusion prevention, in particular to a cloud payment-based big data intrusion prevention analysis method and system.
Background
The cloud payment is a new generation payment mode which combines cloud determination and the Internet and takes a cloud payment intelligent terminal as a carrier to provide various cloud services such as settlement, financial business, electronic commerce, big data and the like based on safe payment for customers including individuals, families, merchants and enterprises. The cloud payment mode can improve the service aggregation capability and the expansibility, improve the processing efficiency of the payment service to a certain extent and weaken unnecessary resource waste.
With the continuous expansion of the cloud payment scale, the access of various cloud payment intelligent terminals makes the data information security of the whole cloud payment network challenging. In order to avoid the data intrusion risk of various clients, certain intrusion protection is required. One of the key steps of intrusion prevention is intrusion intention detection, so as to implement corresponding prevention measures according to the detection result. However, the related art has the technical problems of more resource occupation and low reliability when intrusion intention detection is carried out.
Disclosure of Invention
In order to solve the technical problems in the related art, the application provides a cloud payment-based big data intrusion prevention analysis method and system.
In a first aspect, the present application provides a cloud payment-based big data intrusion prevention analysis method, where the method includes: performing differentiation analysis processing on cloud payment interactive session items in the first cloud payment interactive session message set to obtain differentiation analysis conditions corresponding to the first cloud payment interactive session message set, and obtaining target cloud payment interactive session items in the differentiation analysis conditions; the number of the target cloud payment interactive session items is consistent with the number of the differential analysis conditions; determining a second cloud payment interactive session message set according to the target cloud payment interactive session project; determining the state description of the payment action tendency between two target cloud payment interactive session items in the second cloud payment interactive session message set, which have a binding relationship, through the stage change information corresponding to the payment action tendency of the target cloud payment interactive session items in the first cloud payment interactive session message set; and performing data intrusion intention detection on the second cloud payment interactive session message set according to the description of the payment action tendency state between the two target cloud payment interactive session items with the binding relationship.
In a second aspect, the application further provides a cloud payment intrusion prevention analysis system, which includes a processor and a memory; the processor is connected with the memory in communication, and the processor is used for reading the determining machine program from the memory and executing the program to realize the method.
The technical scheme provided by the embodiment of the application can have the following beneficial effects.
The application provides a cloud payment-based big data intrusion prevention analysis method and system, wherein a first cloud payment interactive session message set is subjected to cloud payment interactive session item differential analysis processing through a differential analysis form, so that the number of cloud payment interactive session items in a second cloud payment interactive session message set obtained after the cloud payment interactive session item differential analysis processing is effectively ensured to be less than that of the cloud payment interactive session items in the first cloud payment interactive session message set, and the processing overhead required by the cloud payment interactive session messages can be weakened when the second cloud payment interactive session message set is determined in a cloud payment intrusion prevention system; in addition, cloud payment interactive session items with significant differences can be extracted as target cloud payment interactive session items according to each differential analysis condition through a differential analysis form, so that the intrusion behavior detection reliability between any two target cloud payment interactive session items with binding relation in the second cloud payment interactive session message set can be guaranteed as much as possible when the cloud payment interactive session items are analyzed through the target cloud payment interactive session items; in addition, through the description of the payment action tendency state between the two target cloud payment interactive session items with the binding relationship, the payment action tendency switching information of each cloud payment interactive session item can be effectively optimized, and the data intrusion intention detection efficiency of the cloud payment interactive session information can be further improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic structural diagram of a communication architecture of a cloud payment-based big data intrusion prevention analysis method according to an embodiment of the present application.
Fig. 2 is a schematic flowchart of a big data intrusion prevention analysis method based on cloud payment according to an embodiment of the present application.
Fig. 3 is a block diagram of a big data intrusion prevention analysis device based on cloud payment according to an embodiment of the present application.
Fig. 4 is a hardware structure block diagram of a cloud payment intrusion prevention analysis system according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
Fig. 1 is a schematic structural diagram of a communication architecture of a cloud payment-based big data intrusion prevention analysis method according to an embodiment of the present application. Based on the content shown in fig. 1, the communication architecture of the cloud payment-based big data intrusion prevention analysis method may include a cloud payment intrusion prevention analysis system 200 and a cloud payment intelligent terminal cluster, where the cloud payment intelligent terminal cluster may include a plurality of cloud payment intelligent terminals, and further may include a cloud payment intelligent terminal _310, a cloud payment intelligent terminal _320, a cloud payment intelligent terminal _330, and the like based on the content shown in fig. 1. Based on the content shown in fig. 1, the cloud payment intelligent terminal _310, the cloud payment intelligent terminal _320, the cloud payment intelligent terminal _330, and the like may be respectively in communication connection with the cloud payment intrusion prevention analysis system 200, so that each cloud payment intelligent terminal may perform cloud payment service transaction interaction with the cloud payment intrusion prevention analysis system 200 through the communication connection.
For convenience of understanding, in the embodiment of the present application, one cloud payment intelligent terminal may be selected from the plurality of cloud payment intelligent terminals shown in fig. 1 as a target cloud payment intelligent terminal, and the target cloud payment intelligent terminal may include: smart terminals including a cloud payment service function (e.g., a cross-border payment function), such as smart phones, tablet computers, and desktop computers. For the cloud payment intrusion prevention analysis system 200, the cloud payment intrusion prevention analysis system 200 may be integrated with a function of providing a relevant cloud payment service. The cloud payment interactive session message set loaded and operated in the cloud payment intrusion prevention analysis system 200 may include a first cloud payment interactive session message set and a second cloud payment interactive session message set. The second cloud payment interactive session message set may be a cloud payment interactive session message set obtained by the cloud payment intrusion prevention analysis system 200 performing cloud payment interactive session item analysis processing on the first cloud payment interactive session message set by setting a differentiation analysis algorithm (classification algorithm).
It can be understood that the scheme for implementing the cloud payment interactive item analysis by setting the differentiation analysis algorithm described in the embodiment of the present application may be applied to most of implementation environments of cloud payment interactive item information implemented by using a cloud payment interactive item set. When a target cloud payment service with a cloud payment service function operates in the cloud payment intrusion prevention analysis system 200, the first cloud payment interaction session message set acquired by the cloud payment intrusion prevention analysis system 200 may cover cloud payment interaction item information preset in the target cloud payment service, and may also cover cloud payment interaction item information currently searched from a target cloud payment intelligent terminal through a network.
For some possible examples, the cloud payment interaction item information set in the target cloud payment service in advance and the currently searched cloud payment interaction item information may be collectively regarded as a cloud payment interaction session message (i.e., a first cloud payment interaction session message set) that needs to be analyzed and processed for the cloud payment interaction session item. Therefore, in the embodiment of the application, during the operation of the payment interaction task or the target cloud payment service, the cloud payment interaction session item analysis processing can be performed on the first cloud payment interaction session message set to obtain the second cloud payment interaction session message set, so that when the second cloud payment interaction session message set is determined in the payment interaction task or the cloud payment intelligent terminal, the accuracy of the cloud payment interaction session message can be improved, the resource overhead occupied by the cloud payment interaction session message can be weakened, meanwhile, by determining the state description of the payment action tendency between two target cloud payment interaction session items in the second cloud payment interaction session message set, which have a binding relationship, and performing data intrusion intention detection on the second cloud payment interaction session message set, whether the second cloud payment interaction session message has an abnormal payment action tendency (such as an intrusion action tendency) can be quickly and reliably determined, this enables detection of the associated payment action trend in dependence on the state description of the payment action trend.
Optionally, in this embodiment of the application, before the cloud payment intrusion prevention analysis system 200 operates the target cloud payment service, the cloud payment interaction session item analysis processing may be further performed on the obtained first cloud payment interaction session message set to obtain the second cloud payment interaction session message set, so that when the target cloud payment intelligent terminal operates the target cloud payment service, the second cloud payment interaction session message set may be directly loaded and used, so as to weaken the resource occupation of the cloud payment intrusion prevention analysis system 200 during the operation of the target cloud payment service (for example, the resource overhead occupied by the cloud payment interaction session message may be weakened in the target cloud payment intelligent terminal).
The cloud payment interactive item information described in the embodiment of the application may include authentication information, payment method selection information, information filling information, and the like. In other words, one or more behavior events in which actual cloud payment interaction behavior exists may be included in the cloud payment interaction item information.
Wherein, for convenience of understanding, the following example is further an example of acquiring a target cloud payment interactive session item provided by the embodiment of the present application. The first set of cloud payment interactive session messages may cover a plurality of cloud payment interactive session items, and further may cover x cloud payment interactive session items, where x may be a positive integer greater than 1, and the x cloud payment interactive session items may include: cloud payment interactive session item conversion _1, cloud payment interactive session item conversion _2, cloud payment interactive session item conversion _3, cloud payment interactive session item conversion _4, cloud payment interactive session item conversion _5, …, cloud payment interactive session item conversion _ x. It can be understood that, on the premise that the processing capability of the cloud payment intrusion prevention analysis system 200 is relatively general (that is, the intrusion intention detection effect of the cloud payment intrusion prevention analysis system 200 is relatively general), in order to avoid a phenomenon that the data intrusion intention detection efficiency is relatively low when the cloud payment intrusion prevention analysis system 200 directly loads the first cloud payment interactive session message set, the cloud payment interactive task or the cloud payment intelligent terminal in the cloud payment intrusion prevention analysis system 200 may perform cloud payment interactive session item analysis processing on the first cloud payment interactive session message set by setting a differentiation analysis algorithm, so as to obtain u target items corresponding to the first cloud payment interactive session message set, where u may be a positive integer greater than 1 and less than x.
For some possible examples, a common evaluation (association degree) between the cloud payment interaction session items in the first cloud payment interaction session message set may be determined by setting a differentiation analysis algorithm, so that differentiation analysis conditions corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set may be distinguished according to the determined common evaluation between the cloud payment interaction session items. For example, u differentiated analysis category conditions can be obtained, so that the cloud payment interactive session item with the highest priority corresponding to the session item priority data can be respectively extracted from the u differentiated analysis category conditions to serve as the target cloud payment interactive session item. The u differentiated analysis category conditions can be uniformly regarded as differentiated analysis conditions, and further can include the following differentiated analysis conditions result _1, differentiated analysis conditions result _2, differentiated analysis conditions result _3, differentiated analysis conditions result _4, …, and differentiated analysis conditions result _ u. It can be understood that, in each of the u differentiated analysis category cases, at least one cloud payment interactive session item may be covered. For example, the differentiated analysis condition result _1 may include cloud payment interactive session item conversion _1, cloud payment interactive session item conversion _2, and cloud payment interactive session item conversion _ 3; the differentiated analysis condition result _2 can cover a cloud payment interactive session item conversion _4 and a cloud payment interactive session item conversion _ 5; the differentiated analysis condition result _3 can cover the cloud payment interactive session item conversion _ 6; the differentiated analysis condition result _4 may include cloud payment interactive session items conversion _7 and …, and the differentiated analysis condition result _ u may include cloud payment interactive session item conversion _ (x-1) and cloud payment interactive session item conversion _ x.
Therefore, a plurality of differential analysis category conditions corresponding to the first cloud payment interactive session message set can be obtained by performing differential analysis processing on the cloud payment interactive session items in the first cloud payment interactive session message set, so that the cloud payment interactive session item with the highest priority corresponding to the session item priority data can be regarded as a target cloud payment interactive session item in each differential analysis category condition, the cloud payment interactive session item analysis processing on the first cloud payment interactive session message set can be realized according to the target cloud payment interactive session items, and the cloud payment interactive session message set formed by the target cloud payment interactive session items can be regarded as a second cloud payment interactive session message set after the cloud payment interactive session item analysis processing. For example, the cloud payment interactive session items in the second cloud payment interactive session message set may include u target cloud payment interactive session items obtained by performing cloud payment interactive session item analysis processing on the first cloud payment interactive session item, and each target cloud payment interactive session item in the u target cloud payment interactive session items is a cloud payment interactive session item extracted from a corresponding differentiated analysis condition. For example, the cloud payment interactive session item conversion _1 with the highest priority corresponding to the session item priority data in the differentiation analysis condition result _1 may be regarded as the target cloud payment interactive session item corresponding to the differentiation analysis condition result _1, and similarly, the cloud payment interactive session item conversion _5 with the highest priority corresponding to the session item priority data in the differentiation analysis condition result _2 may be regarded as the target cloud payment interactive session item corresponding to the differentiation analysis condition result _ 2. Similarly, the cloud payment interactive session item conversion _6 with the highest priority corresponding to the session item priority data in the differentiated analysis condition result _3 can be regarded as the target cloud payment interactive session item corresponding to the differentiated analysis condition result _ 3. Similarly, the cloud payment interactive session item conversion _7 with the highest priority corresponding to the session item priority data in the differentiated analysis condition result _4 can be regarded as the target cloud payment interactive session item corresponding to the differentiated analysis condition result _ 4. Similarly, the cloud payment interactive session item conversion _ x with the highest priority corresponding to the session item priority data in the differentiated analysis condition result _ u may be regarded as the target cloud payment interactive session item corresponding to the differentiated analysis condition result _ u. Further, when the cloud payment intrusion prevention analysis system 200 loads the second cloud payment interaction session message set in the payment interaction task or the target cloud payment service, the item allocation condition of the cloud payment interaction session message needs to be optimized, for example, the second cloud payment interaction session message set may be determined by a payment action tendency time point (i.e., the phase change information corresponding to the payment action tendency) of each target cloud payment interaction session item in the u target cloud payment interaction session items in the first cloud payment interaction session message set, so that the payment action tendency switching information of each target cloud payment interaction session item in the second cloud payment interaction session message set may be effectively optimized.
When the set differentiation analysis algorithm is used for carrying out differentiation analysis on the first cloud payment interaction session message set, u differentiation analysis categories corresponding to the first cloud payment interaction session message can be obtained, wherein u can be a positive integer larger than 1, one differentiation analysis category can be regarded as one differentiation analysis category condition, and at least one cloud payment interaction session item can be covered in one differentiation analysis category condition. It can be understood that, in the u differentiation analysis categories, for any one differentiation analysis category covering multiple cloud payment interaction session items, any two cloud payment interaction session items in the same differentiation analysis (i.e., differentiation analysis conditions) are similar, and in some implementation environments where data intrusion intention detection sensitivity needs to be improved, in order to prevent different cloud payment interaction session items with similar information from occupying intrusion intention detection resources of a system when payment action tends to cloud payment interaction session messages, processing overhead required by the cloud payment interaction session items can be appropriately optimized, that is, a first cloud payment interaction session message set covering the cloud payment interaction session items can be subjected to differentiation analysis processing, so that the highest existing session item priority data corresponding to the highest existing session item priority data can be respectively extracted in each differentiation analysis category obtained by differentiation analysis The cloud payment interactive session items with the priority are used as target cloud payment interactive session items, and further, the cloud payment interactive session items of the first cloud payment interactive session message set can be analyzed and processed according to the target cloud payment interactive session items, so that performance loss of the cloud payment interactive session items (for example, information filling information) in a payment interactive task or a target cloud payment service is reduced. For some possible examples, any two of the x differential analysis categories are dissimilar, and by extracting the target cloud payment interaction session item in each differential analysis category, it can be ensured that each target cloud payment interaction session item in the second cloud payment interaction session message set obtained after the cloud payment interaction session item is analyzed and processed has a strong significant difference, so that when the second cloud payment interaction session message is determined in the payment interaction task or the target cloud payment service, the data intrusion intention detection efficiency of the cloud payment interaction session message corresponding to the cloud payment interaction session item can be ensured.
In other words, by performing cloud payment interactive session item analysis processing on the first cloud payment interactive session item, processing overhead required by the cloud payment interactive session message can be effectively reduced when the second cloud payment interactive session message set is loaded in the payment interactive task or the target cloud payment service. In addition, by recording the phase change information corresponding to the payment action tendency of each target cloud payment interaction session item in the first cloud payment interaction session message set, the payment action tendency state description between any two cloud payment interaction session items having a binding relationship in the second cloud payment interaction session message set can be quickly determined, and because each cloud payment interaction session item (i.e. target cloud payment interaction session item) in the second cloud payment interaction session message set is a cloud payment interaction session item obtained by performing differential analysis processing on the first cloud payment interaction session message set, the payment action tendency state descriptions between the two cloud payment interaction session items having a binding relationship in the second cloud payment interaction session message set can not be completely the same, for example, the payment action tendency state description between the two cloud payment interaction session items having a binding relationship in the second cloud payment interaction session item set is not completely the same The trend state description may be state description _1 or state description _2, where the payment action trend state description state _1 may be the same as the payment action trend state description state _2 or different from the payment action trend state description state _2, so that optimization of resource overhead occupied by the cloud payment interactive session message may be implemented when determining the second cloud payment interactive session message set, and data intrusion intention detection efficiency of the cloud payment interactive session message may be improved.
The following corresponding embodiments can be referred to for further implementation manners of acquiring the differentiated analysis condition corresponding to the first cloud payment interactive session message set, acquiring the target cloud payment interactive session item from the differentiated analysis condition, and determining the second cloud payment interactive session message set by the target cloud payment intelligent terminal.
Further, the following is related to a cloud payment-based big data intrusion prevention analysis method provided by an embodiment of the present application, and the method at least includes the following exemplary contents.
STEP STEP101, performing differentiation analysis processing on cloud payment interactive session items in a first cloud payment interactive session message set to obtain a differentiation analysis condition corresponding to the first cloud payment interactive session message set, and acquiring a target cloud payment interactive session item in the differentiation analysis condition;
exemplarily, the cloud payment intrusion prevention analysis system 200 may update default cloud payment item information corresponding to a cloud payment interactive session item in a first cloud payment interactive session message set to target cloud payment item information when the first cloud payment interactive session message set is acquired, so that the cloud payment interactive session item in the first cloud payment interactive session message set may be further subjected to differential analysis processing in the target cloud payment item information to obtain a differential analysis condition corresponding to the first cloud payment interactive session message set; further, the cloud payment intrusion prevention analysis system 200 may use the cloud payment interactive session item that meets the target item selection requirement as the target cloud payment interactive session item in the differentiation analysis case. In other words, the cloud payment intrusion prevention analysis system 200 may distinguish the first cloud payment interactive session message set into a plurality of differentiated analysis category conditions by setting a differentiated analysis algorithm, so that the cloud payment interactive session items meeting the target item selection requirement may be screened out according to each differentiated analysis condition as the target cloud payment interactive session items. The target item selection requirement is a cloud payment interactive session item with the highest priority corresponding to the session item priority data, which is screened from the session item priority data corresponding to each cloud payment interactive session item of a differentiated analysis type situation by the cloud payment intrusion prevention analysis system 200.
It can be understood that, in order to ensure the data intrusion intention detection efficiency of the cloud payment interaction item information in the implementation environment, the cloud payment interaction session item analysis processing may be performed on the cloud payment interaction session items in the first cloud payment interaction session message set by setting a differentiation analysis algorithm in the implementation environment, so as to reduce the processing overhead required by the cloud payment interaction session messages in the implementation environment. The implementation environment may include authentication information, payment method selection information, and the like in the payment interaction task, which will not be exemplified one by one. In addition, in the embodiments of the present application, in these implementation environments, cloud payment interactive session messages corresponding to project behaviors having actual cloud payment interactive behaviors are uniformly regarded as a first cloud payment interactive session message set.
Wherein, there may be a cloud payment interaction session item that covers the payment action tendency item (e.g., item taskA) in the first cloud payment interaction session message set, and there may also be a cloud payment interaction session item that does not cover the payment action tendency item. For example, for each cloud payment interaction session item in a first cloud payment interaction session message set covering the payment action tendency item (i.e., item taskA), a common evaluation between each cloud payment interaction session item in the first cloud payment interaction session message set may be determined, so that a differential analysis may be performed on the first cloud payment interaction session message set according to the common evaluation between the cloud payment interaction session items, so as to obtain a plurality of differential analysis category conditions corresponding to the first cloud payment interaction session message set. For example, for each cloud payment interaction session item covering the item taskA, the common evaluation between each cloud payment interaction session item covering the item taskA may be determined, so that the cloud payment interaction session items with higher common evaluation may be distinguished in the same differential analysis case in the first cloud payment interaction session message set, that is, higher common evaluation may exist between each cloud payment interaction session item in the same differential analysis case, for example, when it is determined that higher common evaluation exists between the j1 th cloud payment interaction session item in the first cloud payment interaction session message set and the j2 th cloud payment interaction session item and the j3 th cloud payment interaction session item, the 3 cloud payment interaction session items may be distinguished in the same differential analysis case. In the cloud payment intrusion prevention analysis system 200, in order to avoid the problem of excessive operation pressure of the cloud payment intrusion prevention system caused by loading a plurality of cloud payment interactive session items with higher common evaluation together, the cloud payment interactive session item analysis processing can be performed on the first cloud payment interactive session message set when the first cloud payment interactive session message set is acquired in a payment interactive task or a cloud payment intelligent terminal, so as to weaken the processing overhead required by the cloud payment interactive session items with higher common evaluation. In other words, the cloud payment interactive session items with the higher common evaluation may be analyzed and processed for the 3 cloud payment interactive session items, so as to optimize the processing overhead required by the cloud payment interactive session items in the 3 cloud payment interactive session items in the payment interactive task or the cloud payment intelligent terminal.
For example, in the process of determining the common evaluation between two cloud payment interaction session items in the first cloud payment interaction session message set, in order to better conform to the actual interaction preference of the user for the cloud payment items, the cloud payment item information corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set may be updated from the default cloud payment item information to the target cloud payment item information, so that the cloud payment item activation logs participating in the determination between the two cloud payment interaction session items may be obtained one by one in the target cloud payment item information in a manner of item-first execution (i.e., in a manner of item-by-item differentiation analysis), and further the item type common evaluation between the two cloud payment item activation logs may be uniformly regarded as the common evaluation between the two cloud payment interaction session items, the evaluation of commonality between the two cloud payment interactive session items may also be regarded as an evaluation of item category commonality between the two cloud payment interactive session items.
For example, in the process of distinguishing the differential analysis conditions corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set by setting the differential analysis algorithm, each differential analysis category (that is, the differential analysis condition) corresponds to one piece of differential analysis category template information (which may be simply referred to as template information), so that in the embodiment of the present application, one cloud payment interaction session item of two cloud payment interaction session items participating in analysis can be regarded as a first cloud payment interaction session item, and the other cloud payment interaction session item can be regarded as a second cloud payment interaction session item. The first cloud payment interactive session item can be understood as a cloud payment interactive session item which can be used as differential analysis template information in the first cloud payment interactive session message set, after the first cloud payment interactive session item is selected, second cloud payment interactive session items can be obtained in the first cloud payment interactive session message set one by one through item attention, and therefore item type common evaluation between cloud payment item activation logs corresponding to the two cloud payment interactive session items can be analyzed, and the common evaluation between the two cloud payment interactive session items can be described through the analyzed item type common evaluation between the two cloud payment item activation logs.
Therefore, before performing common evaluation differential analysis on the cloud payment interaction session items in the first cloud payment interaction session message set by setting a differential analysis algorithm, the embodiment of the application may update the cloud payment item information corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set from default cloud payment item information to target cloud payment item information, so as to determine common evaluation (i.e., item type common evaluation) between each cloud payment interaction session item in the first cloud payment interaction session message set in the target cloud payment item information, and distinguish the differential analysis condition of the first cloud payment interaction session message set through the item type common evaluation between the cloud payment interaction session items.
For convenience of understanding, please refer to the following example, which is an example provided in the embodiment of the present application for distinguishing a differentiated analysis case corresponding to a first cloud payment interactive session message set. The first cloud payment interactive session message set may cover a plurality of cloud payment interactive session items, and the plurality of cloud payment interactive session items may be cloud payment interactive session item conversion _1, cloud payment interactive session item conversion _2, cloud payment interactive session item conversion _3, cloud payment interactive session item conversion _4, and cloud payment interactive session item conversion _ 5. The cloud payment item information corresponding to the cloud payment interactive session item in the first cloud payment interactive session message set is the target cloud payment item information. That is, in the target cloud payment item information, the cloud payment intrusion prevention analysis system 200 integrated with the relevant functional modules may perform differentiated analysis processing on the cloud payment interactive session items in the first cloud payment interactive session message set to obtain a differentiated analysis condition corresponding to the first cloud payment interactive session message set.
Further, the cloud payment intrusion prevention analysis system 200 may regard a first cloud payment interactive session item in the first cloud payment interactive session message set as a first cloud payment interactive session item that can be regarded as the differentiated analysis template information, may determine a cloud payment interactive session item other than the first cloud payment interactive session item in the first cloud payment interactive session message set as a second cloud payment interactive session item, and may acquire the second cloud payment interactive session item one by one according to the item attention. For example, when determining the first cloud payment interactive session item, the cloud payment interactive session item conversion _2, the cloud payment interactive session item conversion _3, the cloud payment interactive session item conversion _4, and the cloud payment interactive session item conversion _5 may be collectively regarded as the second cloud payment interactive session item one by one according to an item tag of each cloud payment interactive session item in the first cloud payment interactive session message set, so as to determine the item type commonality evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item one by one.
For example, when the cloud payment interactive session item conversion _1 is used as the first cloud payment interactive session item, the differentiation analysis condition corresponding to the cloud payment interactive session item conversion _1 may be determined first. In other words, the cloud payment intrusion prevention analysis system 200 may start the first round of common evaluation determination when the cloud payment interaction session item conversion _1 is used as the differentiated analysis template information sample _001, that is, may determine the item type common evaluation between the cloud payment interaction session item conversion _1 (i.e., the first cloud payment interaction session item) and the cloud payment interaction session item conversion _2 (i.e., the second cloud payment interaction session item) (i.e., the common evaluation correlation _001 may be obtained in the first round of common evaluation determination), may determine whether the item type common evaluation between the two cloud payment interaction session items (i.e., the common evaluation correlation _ 001) is smaller than the set differentiated analysis threshold, and may identify the common evaluation correlation _001 larger than the set differentiated analysis threshold as the first cloud payment interaction session item conversion session conversion _2 when the common evaluation _001 is larger than (or equal to the set differentiated analysis threshold) In a differentiation analysis condition (i.e., differentiation analysis condition category _ 001) corresponding to the cloud payment interaction session item conversion _1, in other words, in the embodiment of the present application, the second cloud payment interaction session item whose item type commonality evaluation is not less than the set differentiation analysis threshold may be identified as the differentiation analysis condition corresponding to the first cloud payment interaction session item.
In addition, since the cloud payment interactive session item conversion _3 is the next cloud payment interactive session item of the cloud payment interactive session item conversion _2, the cloud payment intrusion prevention analysis system 200 can still continue the second round of common evaluation determination when the cloud payment interactive session item conversion _1 is used as the differentiated analysis template information sample _001, the cloud payment intrusion prevention analysis system 200 can continue to determine the item type common evaluation between the cloud payment interactive session item conversion _1 (i.e. the first cloud payment interactive session item) and the cloud payment interactive session item conversion _3 (i.e. the new second cloud payment interactive session item) (i.e. the common evaluation _002 can be obtained in the second round of common evaluation determination), so as to determine whether the item type common evaluation (i.e. the common evaluation _ 002) between the two cloud payment interactive session items is less than the set differentiated analysis threshold, and when the commonness evaluation correlation _002 is smaller than the set differentiation analysis threshold, optimizing the first cloud payment interaction session item through the cloud payment interaction session item conversion _3, that is, in the embodiment of the present application, the second cloud payment interaction session item (that is, the cloud payment interaction session item conversion _3 in the first cloud payment interaction session message set) whose item type commonness evaluation is smaller than the set differentiation analysis threshold can be used as new differentiation analysis template information, and the new differentiation analysis template information can be differentiation analysis template information sample _ 002. At this time, since the item type commonality evaluation between the cloud payment interactive session item conversion _1 and the cloud payment interactive session item conversion _3 is smaller than the set differentiation analysis threshold, the embodiment of the present application may not continuously pair the cloud payment interactive session item conversion _1 and the unpaired second cloud payment interactive session items (i.e., the cloud payment interactive session item conversion _4 and the cloud payment interactive session item conversion _ 5) for the item type commonality evaluation.
In another implementation process, when determining new differential analysis template information (i.e., differential analysis template information sample _ 002), the embodiment of the present application may obtain a new first cloud payment interactive session item (cloud payment interactive session item conversion _ 3), at this time, a differential analysis condition corresponding to the cloud payment interactive session item conversion _3 may be a differential analysis condition category _002, and then, the cloud payment intrusion prevention analysis system 200 may still obtain second cloud payment interactive session items one by one according to the item attention degree, that is, may continue to obtain second cloud payment interactive session items from the unpaired second cloud payment interactive session items (i.e., cloud payment interactive session item conversion _4 and cloud payment interactive session item conversion _ 5). Further, the cloud payment intrusion prevention analysis system 200 may restart the first round of common evaluation determination when the cloud payment interaction session item conversion _3 is used as the differentiated analysis template information sample _002, that is, may determine the item type common evaluation between the cloud payment interaction session item conversion _3 (i.e., the new first cloud payment interaction session item) and the cloud payment interaction session item conversion _4 (i.e., the second cloud payment interaction session item) (i.e., the common evaluation _003 may be obtained in the new first round of common evaluation determination process), so as to determine whether the item type common evaluation (i.e., the common evaluation _ 003) between the two cloud payment interaction session items is smaller than the set differentiated analysis threshold, and may optimize the new first payment cloud session item through the cloud payment interaction session item conversion _4 when the common evaluation _003 is smaller than the set differentiated analysis threshold, that is, in the embodiment of the present application, the second cloud payment interactive session item (i.e., the cloud payment interactive session item conversion _4 in the first cloud payment interactive session message set) whose item type commonality evaluation is smaller than the set differentiation analysis threshold may be used as another new differentiation analysis template information, and the another new differentiation analysis template information may be used as the differentiation analysis template information sample _003, in the embodiment of the present application, a new differentiation analysis condition may be determined for the cloud payment interactive session item conversion _4, and the new differentiation analysis condition may be the differentiation analysis condition category _ 003. At this time, since the item type commonality evaluation between the cloud payment interactive session item conversion _3 and the cloud payment interactive session item conversion _4 is smaller than the set differentiation analysis threshold, the cloud payment interactive session item conversion _3 and the new unpaired second cloud payment interactive session item (i.e., the cloud payment interactive session item conversion _ 5) may not be continuously paired for the item type commonality evaluation.
For some possible examples, in the embodiment of the present application, when another new differential analysis template information (i.e., differential analysis template information sample _ 003) is determined, another new first cloud payment interaction session item (i.e., cloud payment interaction session item conversion _ 4) may be obtained, at this time, a differential analysis condition corresponding to the cloud payment interaction session item conversion _4 may be a differential analysis condition category _003, and then, the cloud payment intrusion prevention analysis system 200 may still obtain the second cloud payment interaction session item according to the item attention degree, i.e., may continue to obtain the second cloud payment interaction session item from the unpaired second cloud payment interaction session item (i.e., cloud payment interaction session item conversion _ 5). Further, the target cloud payment intelligent terminal may restart the first round of common evaluation determination when the cloud payment interaction session item conversion _4 is used as the differentiated analysis template information sample _003, that is, may determine the item type common evaluation between the cloud payment interaction session item conversion _4 (i.e., another new first cloud payment interaction session item) and the cloud payment interaction session item conversion _5 (i.e., a second cloud payment interaction session item), so that the differentiated analysis condition corresponding to the cloud payment interaction session item conversion _5 may be distinguished according to the determined item type common evaluation (e.g., common evaluation _ 004) between the two cloud payment interaction session items. For example, if the common evaluation correlation _004 is not less than the set differentiation analysis threshold, the cloud payment interaction session item conversion _5 (i.e., the second cloud payment interaction session item whose item type common evaluation is not less than the set differentiation analysis threshold) may be identified as the differentiation analysis case (i.e., the differentiation analysis case category _ 003) corresponding to the cloud payment interaction session item conversion _4, and at this time, the differentiation analysis case corresponding to the first cloud payment interaction session message set, which is determined by the item type common evaluation between the cloud payment interaction session items, may cover the differentiation analysis case category _001, the differentiation analysis case category _002, and the differentiation analysis case category _ 003. Optionally, if the common evaluation correlation _004 is smaller than the set differentiation analysis threshold, the cloud payment interactive session item conversion _5 (i.e., the second cloud payment interactive session item whose item type common evaluation is not smaller than the differentiation analysis threshold) may be identified as a new differentiation analysis case, i.e., the cloud payment intrusion prevention analysis system 200 may determine a new differentiation analysis case (e.g., differentiation analysis case category _ 004) for the cloud payment interactive session item conversion _ 5. At this time, the differentiation analysis condition corresponding to the first cloud payment interactive session item determined by the item type commonality evaluation between the cloud payment interactive session items may cover the differentiation analysis condition category _001, the differentiation analysis condition category _002, and the differentiation analysis condition category _003, and may also cover the differentiation analysis condition category _ 004.
Therefore, when the differential analysis condition corresponding to the first cloud payment interactive session item is determined, item type common evaluation pairing can be performed on the first cloud payment interactive session item and the second cloud payment interactive session item in the target cloud payment item information; if the item type common evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item is not smaller than the differentiation analysis threshold value after the pairing is obtained, identifying the second cloud payment interactive session item of which the item type common evaluation is not smaller than the differentiation analysis threshold value as the differentiation analysis condition corresponding to the first cloud payment interactive session item; optionally, if the item type commonality evaluation between the paired first cloud payment interactive session item and the paired second cloud payment interactive session item is smaller than the differentiation analysis threshold, optimizing the first cloud payment interactive session item according to the second cloud payment interactive session item whose item type commonality evaluation is smaller than the differentiation analysis threshold, determining the differentiation analysis condition corresponding to the optimized first cloud payment interactive session item, performing item type commonality evaluation pairing on the optimized first cloud payment interactive session item and the unpaired second cloud payment interactive session items one by one until the cloud payment interactive session items in the first cloud payment interactive session message set all complete item type commonality evaluation pairing, that is, until each second cloud payment interactive session item in the first cloud payment interactive session message set all complete item type commonality evaluation pairing, the differentiation analysis condition corresponding to the cloud payment interactive session item in the first cloud payment interactive session message set can be presented. In addition, in the target cloud payment item information, a further process of performing item type commonality evaluation pairing on the first cloud payment interactive session item and the second cloud payment interactive session item in the embodiment of the present application may also be described as follows: the cloud payment intrusion prevention analysis system 200 may determine a cloud payment item activation log of the first cloud payment interaction session item in the target cloud payment item information as a first activation log, and determine a cloud payment item activation log of the second cloud payment interaction session item in the target cloud payment item information as a second activation log; the target cloud payment item information covers a plurality of cloud payment item relation descriptions; further, the cloud payment intrusion prevention analysis system 200 may determine the commonality evaluation between the first activation log and the second activation log according to the quantitative calling heat corresponding to each cloud payment item relationship description in the first activation log and the quantitative calling heat corresponding to each cloud payment item relationship description in the second activation log; further, the cloud payment intrusion prevention analysis system 200 may determine a commonality evaluation between the first activation log and the second activation log as an item category commonality evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item.
In related embodiments, for some possible examples, after determining a plurality of differentiation analysis category conditions corresponding to the first cloud payment interaction session message set, the embodiment of the present application may obtain a cloud payment interaction session item with a significant difference as a target cloud payment interaction session item according to each differentiation analysis condition. Namely, the cloud payment interactive session items meeting the target item selection requirement can be screened out in each differentiation analysis category condition, and the cloud payment interactive session items meeting the target item selection requirement can be uniformly regarded as the target cloud payment interactive session items, so that the STEP STEP102 can be further executed.
STEP102, determining a second cloud payment interactive session message set according to the target cloud payment interactive session item.
For ease of understanding, further, this is an example of determining a second cloud payment interactive session message set provided in this application embodiment. When the cloud payment interactive session item conversion _1 in the first cloud payment interactive session message set is used as the differential analysis template information (i.e., the differential analysis template information sample _ 001), the cloud payment interactive session item in the differential analysis condition category _001 may cover the cloud payment interactive session item conversion _1 and the cloud payment interactive session item conversion _ 2; in addition, when the cloud payment interactive session item conversion _3 in the first cloud payment interactive session message set is used as new differential analysis template information (i.e., differential analysis template information sample _ 002), the cloud payment interactive session item in the differential analysis case category _002 may cover the cloud payment interactive session item conversion _ 3; in addition, when the cloud payment interactive session item conversion _4 in the first cloud payment interactive session message set is used as another new differentiated analysis template information (i.e., the differentiated analysis template information sample _ 003), the cloud payment interactive session item in the differentiated analysis case category _003 may cover the cloud payment interactive session item conversion _4 and the cloud payment interactive session item conversion _ 5. In the embodiment of the application, the differentiated analysis condition category _001, the differentiated analysis condition category _002 and the differentiated analysis condition category _003 can be uniformly regarded as the differentiated analysis condition, and then, the cloud payment intrusion prevention analysis system 200 can determine session item priority data corresponding to the cloud payment interaction session item in the differentiated analysis condition according to the addition and quantification calling heat degrees respectively corresponding to the cloud payment item relationship descriptions included in the cloud payment interaction session item in the differentiated analysis condition in the target cloud payment item information; further, the cloud payment intrusion prevention analysis system 200 may search, in the session item priority data corresponding to the cloud payment interaction session item in the differentiated analysis case, for a cloud payment interaction session item having a highest priority corresponding to the session item priority data, and the cloud payment intrusion prevention analysis system 200 may regard, as the target cloud payment interaction session item conversion _001 that satisfies the target item selection requirement, the cloud payment interaction session item conversion _1 having the highest priority corresponding to the session item priority data from the differentiated analysis case category _ 001; similarly, the cloud payment intrusion prevention analysis system 200 may regard the cloud payment interactive session item conversion _3 with the highest priority corresponding to the session item priority data as the target cloud payment interactive session item conversion _002 meeting the target item selection requirement in the differentiation analysis case category _002, and similarly, the cloud payment intrusion prevention analysis system 200 may regard the cloud payment interactive session item conversion _3 with the highest priority corresponding to the session item priority data as the target cloud payment interactive session item conversion _003 meeting the target item selection requirement in the differentiation analysis case category _ 003. In other words, the cloud payment interactive session items with the highest priority corresponding to the searched existing session item priority data can be uniformly regarded as the target cloud payment interactive session items obtained from the differentiation analysis situation. Further, the cloud payment intrusion prevention analysis system 200 may form a new cloud payment interactive session message set through the above 3 target cloud payment interactive session items, and may regard the new cloud payment interactive session message set as the above second cloud payment interactive session message set, thereby implementing analysis processing on the cloud payment interactive session items of the first cloud payment interactive session message set. It can be understood that the cloud payment interactive session items in the second cloud payment interactive session message set may include the target cloud payment interactive session item conversion _001 (i.e., the highest-priority cloud payment interactive session item conversion _1 corresponding to the session item priority data exists in the differential analysis case category _ 001), the target cloud payment interactive session item conversion _002 (i.e., the highest-priority cloud payment interactive session item conversion _3 corresponding to the session item priority data exists in the differential analysis case category _ 002), and the target cloud payment interactive session item conversion _003 (i.e., the highest-priority cloud payment interactive session item conversion _4 corresponding to the session item priority data exists in the differential analysis case category _ 003).
In the target cloud payment item information, according to the addition and quantification calling heat degree respectively corresponding to each cloud payment item relationship description included in the cloud payment interaction session item in the differentiated analysis situation, a further process of determining session item priority data corresponding to the cloud payment interaction session item in the differentiated analysis situation may be described as follows: acquiring visual indication description information of each cloud payment item relation description in the target cloud payment item information; obtaining the quantitative calling heat of the cloud payment interactive session items in the differentiation analysis situation relative to the visual indication description information described by the relation of each cloud payment item, and summing the quantitative calling heat on the visual indication description information described by the relation of each cloud payment item to obtain the summed quantitative calling heat corresponding to the relation description of each cloud payment item; and determining session item priority data of the cloud payment interaction session items in the differential analysis situation according to the addition quantitative calling heat corresponding to each cloud payment item relation description and the item interaction degree corresponding to the corresponding cloud payment item relation description.
STEP103, determining, by means of the stage change information corresponding to the payment action tendency of the target cloud payment interactive session item in the first cloud payment interactive session message set, a description of the payment action tendency state between two target cloud payment interactive session items in the second cloud payment interactive session message set, which have a binding relationship.
Two target cloud payment interactive session items in the second cloud payment interactive session message set, which have a binding relationship, can cover the first target cloud payment interactive session item and the second target cloud payment interactive session item, and by recording the phased change information corresponding to the payment action tendency of the two corresponding target cloud payment interactive session items in the first cloud payment interactive session message set, the description of the payment action tendency state between the two target cloud payment interactive session items can be obtained, so that the first target cloud payment interactive session item can be supported in the description of the payment action tendency state, and the STEP STEP104 is further executed.
And STEP STEP104, performing data intrusion intention detection on the second cloud payment interactive session message set according to the description of the payment action tendency state between the two target cloud payment interactive session items with the binding relationship.
Illustratively, the target cloud payment intelligent terminal may optimize payment action tendency switching information (i.e., payment service reaction duration) of the first target cloud payment interactive session item according to the description of the payment action tendency state between the first target cloud payment interactive session item and the second target cloud payment interactive session item; therefore, payment action tendency can be carried out on the first target cloud payment interactive session item in the payment action tendency switching information (namely payment service response duration) of the first target cloud payment interactive session item until the session progress of the second cloud payment interactive session message set meets the change prompt requirement of the stage change information corresponding to the payment action tendency of the second target cloud payment interactive session item, and data intrusion intention detection is carried out on the second cloud payment interactive session message set.
For convenience of understanding, further, the following is an example of determining a second cloud payment interaction session message set provided in this embodiment of the present application, when determining that there is a payment action tendency state description between two target cloud payment interaction session items in a binding relationship (i.e., a payment action tendency state description between a first target cloud payment interaction session item and a second target cloud payment interaction session item), the cloud payment intrusion prevention analysis system 200 may optimize the payment action tendency switching information of the first target cloud payment interaction session item according to the payment action tendency state description between the two target cloud payment interaction session items. The target cloud payment interactive session item conversion _001 in the second cloud payment interactive session message set may be cloud payment interactive session item conversion _1 in the first cloud payment interactive session message set, the target cloud payment interactive session item conversion _002 in the second cloud payment interactive session message set may be cloud payment interactive session item conversion _3 in the first cloud payment interactive session message set, and the target cloud payment interactive session item conversion _003 in the second cloud payment interactive session message set may be cloud payment interactive session item conversion _4 in the first cloud payment interactive session message set. The step change information corresponding to the payment action tendency of the target cloud payment interactive session item conversion _001 in the first cloud payment interactive session message set may be step change information state description _1, that is, in the first cloud payment interactive session message set, when the session process reaches the step change information state description _1, the cloud payment interactive session item conversion _1 in the first cloud payment interactive session message set may be paid for the action tendency; similarly, the step change information corresponding to the payment action tendency of the target cloud payment interactive session item conversion _002 in the first cloud payment interactive session message set may be step change information state description _3, that is, in the first cloud payment interactive session message set, when the session process reaches the step change information state description _3, the cloud payment interactive session item conversion _3 in the first cloud payment interactive session message set may be paid for the action tendency; similarly, the stage change information corresponding to the payment action tendency of the target cloud payment interactive session item conversion _003 in the first cloud payment interactive session message set may be stage change information state description _4, that is, in the first cloud payment interactive session message set, when the session process reaches the stage change information state description _4, the cloud payment interactive session item conversion _4 in the first cloud payment interactive session message set may be paid for the action tendency. In addition, in order to ensure the reliability of detecting the payment action tendency of each target cloud payment interactive session item after the cloud payment interactive session item is analyzed and processed, the item allocation condition of each target cloud payment interactive session item in the second cloud payment interactive session message set needs to be optimized. For example, the cloud payment intrusion prevention analysis system 200 may, when performing cloud payment interactive session item analysis processing on a cloud payment interactive session item in a differential analysis case, synchronously mark a time point (i.e., the stage change information state description _1, the stage change information state description _3, and the stage change information state description _ 4) of a target cloud payment interactive session item in each differential analysis category case in a first cloud payment interactive session message set, so as to determine the second cloud payment interactive session message set by using the time point corresponding to each target cloud payment interactive session item. In other words, according to the embodiment of the application, when the second cloud payment interactive session message set is determined, each target cloud payment interactive session item can be detected according to the time point corresponding to each target cloud payment interactive session item.
Optionally, when determining the periodic change information (such as a time point) corresponding to the payment action tendency of each target cloud payment interaction session item, the embodiment of the application may further determine the payment action tendency state description between two target cloud payment interaction session items having a binding relationship (i.e., a first target cloud payment interaction session item and a second target cloud payment interaction session item), so that the payment service reaction duration of a first target cloud payment interaction session item of the two target cloud payment interaction session items may be optimized through the payment action tendency state description between the two target cloud payment interaction session items having the binding relationship, so as to further optimize the item allocation condition of each target cloud payment interaction session item in the second cloud payment interaction session message set. For example, for three target cloud payment interactive session items in the second cloud payment interactive session message set, the target cloud payment interactive session item conversion _001 and the target cloud payment interactive session item conversion _002 may be regarded as two target cloud payment interactive session items having a binding relationship, and similarly, the target cloud payment interactive session item conversion _002 and the target cloud payment interactive session item conversion _003 may also be regarded as two target cloud payment interactive session items having a binding relationship in the embodiment of the present application. The description of the payment action tendency state between the target cloud payment interactive session item conversion _001 and the target cloud payment interactive session item conversion _002 may be the description of the payment action tendency state between the staged change information state description _1 corresponding to the cloud payment interactive session item conversion _1 and the staged change information state description _2 corresponding to the cloud payment interactive session item conversion _3, and the payment action tendency state description between the two target cloud payment interactive session items having the binding relationship may obtain the payment action reaction duration time _001, so that the target cloud payment interactive session item conversion _001 may be detected within the payment action reaction duration time _001, so as to optimize the payment action tendency switching information of the target cloud payment interactive session item conversion _001 (i.e., the first target cloud payment interactive session item), and the payment action tendency switching information of the target cloud payment interactive session item conversion _001 (i.e., the first target cloud payment interactive session item) may be reached in the progress of the second cloud payment interactive session message set The payment action tendency state of 002 is described (i.e., the aforementioned stage change information state description _ 3), the target cloud payment interactive session item conversion _002 (i.e., the second target cloud payment interactive session item) is detected.
Similarly, the description of the payment action tendency state between the target cloud payment interactive session item conversion _002 and the target cloud payment interactive session item conversion _003 may be the description of the payment action tendency state between the staged change information state description _3 corresponding to the cloud payment interactive session item conversion _3 and the staged change information state description _4 corresponding to the cloud payment interactive session item conversion _4, and the payment action tendency state description between the two target cloud payment interactive session items having the binding relationship may obtain the payment action reaction time duration time _002, so that the target cloud payment interactive session item conversion _001 may be detected within the payment action reaction time duration time _002, so as to optimize the payment action tendency switching information of the target cloud payment interactive session item conversion _002 (i.e. the new first target cloud payment interactive session item), and the payment action tendency switching information of the session process of the second cloud payment interactive session message set may reach the target payment interactive session payment item process When the payment action tendency state of the conversion _003 is described (i.e., the aforementioned stage change information state description _ 4), detecting the target cloud payment interaction session item conversion _003 (i.e., a new second target cloud payment interaction session item), and stopping the data intrusion intention detection on the second cloud payment interaction session message set until the payment action tendency switching information of the second cloud payment interaction session message set reaches the payment action tendency switching information of the first cloud payment interaction session message set.
In the embodiment of the application, the cloud payment interactive session items of the first cloud payment interactive session message set are analyzed and processed in a differentiated analysis mode, so that the number of the cloud payment interactive session items in the second cloud payment interactive session message set obtained after the cloud payment interactive session items are analyzed and processed can be effectively ensured to be less than that of the cloud payment interactive session items in the first cloud payment interactive session message set, and the processing overhead required by the cloud payment interactive session messages can be reduced when the second cloud payment interactive session message set is determined; in addition, cloud payment interactive session items with significant differences can be extracted as target cloud payment interactive session items according to each differential analysis condition through a differential analysis form, so that the intrusion behavior detection reliability between any two target cloud payment interactive session items with binding relation in the second cloud payment interactive session message set can be guaranteed as much as possible when the cloud payment interactive session items are analyzed through the target cloud payment interactive session items; in addition, through the description of the payment action tendency state between the two target cloud payment interactive session items with the binding relationship, the payment action tendency switching information of each cloud payment interactive session item can be effectively optimized, and the data intrusion intention detection efficiency of the cloud payment interactive session information can be further improved.
Further, the following example is an implementation of another cloud payment-based big data intrusion prevention analysis method provided in the embodiments of the present application, and the method may include the following steps.
STEP201, acquiring a first cloud payment interactive session message set, and updating default cloud payment item information corresponding to cloud payment interactive session items in the first cloud payment interactive session message set to target cloud payment item information; a further implementation manner of the cloud payment intrusion prevention analysis system 200 updating the default cloud payment item information corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set to the target cloud payment item information may refer to the description of the target cloud payment item information in the embodiment corresponding to fig. 2, and will not be described again here.
STEP STEP202, in the target cloud payment item information, performing differentiation analysis processing on cloud payment interaction session items in the first cloud payment interaction session message set to obtain differentiation analysis conditions corresponding to the first cloud payment interaction session message set; illustratively, the target cloud payment intelligent terminal may obtain a first cloud payment interactive session item regarded as differential analysis template information from the first cloud payment interactive session message set; further, the target cloud payment intelligent terminal may determine, in the first cloud payment interactive session message set, cloud payment interactive session items other than the first cloud payment interactive session item as second cloud payment interactive session items, and obtain the second cloud payment interactive session items one by one according to item attention; further, the target cloud payment intelligent terminal can distinguish the differentiation analysis situation corresponding to the cloud payment interactive session items in the first cloud payment interactive session message set through item type common evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item in the target cloud payment item information.
The target cloud payment intelligent terminal can perform item-by-item differentiation analysis on two cloud payment interactive session items in the first cloud payment interactive session message set in the target cloud payment item information, and mainly performs differentiation analysis through item type common evaluation between the two cloud payment interactive session items in the process of item-by-item differentiation analysis. The two cloud payment interactive session items in the first cloud payment interactive session message set can cover the first cloud payment interactive session item and the second cloud payment interactive session item. In the embodiment of the application, one cloud payment interactive session item (namely, a first cloud payment interactive session item) of the two cloud payment interactive session items can be regarded as the differential analysis template information, and the other cloud payment interactive session item of the two cloud payment interactive session items can be regarded as a second cloud payment interactive session item to be subjected to item type common evaluation pairing with the differential analysis template information.
It can be understood that, for the first cloud payment interactive session message set, a first cloud payment interactive session item in the first cloud payment interactive session message set (i.e. cloud payment interactive session item conversion _ 1) may be regarded as the differentiated analysis template information sample _001, and at this time, the embodiment of the present application may uniformly treat the differential analysis template information sample _001 as a first cloud payment interactive session item of two cloud payment interactive session items, and may regard the cloud payment interactive session item except for the differential analysis template information sample _001 as the second cloud payment interactive session item in the first cloud payment interactive session message set, and at this time, the second cloud payment interactive session items are all the second cloud payment interactive session items to be subjected to item type common evaluation pairing with the differential analysis template information sample _ 001. Further, in the embodiment of the application, second cloud payment interactive session items to be subjected to item type common evaluation pairing with the first cloud payment interactive session item are acquired one by one in the first cloud payment interactive session message set through the round-robin mechanism according to the rule of item difference analysis one by one, and at this time, the second cloud payment interactive session items to be subjected to item type common evaluation pairing with the difference analysis template information sample _001 (for example, the cloud payment interactive session item conversion _2, the cloud payment interactive session item conversion _3, the cloud payment interactive session item conversion _4, and the cloud payment interactive session item conversion _ 5) may be regarded as the second cloud payment interactive session items to be paired in a unified manner. Therefore, the cloud payment interactive session item conversion _2 corresponding to the cloud payment interactive session item conversion _1 can be preferentially determined as the second cloud payment interactive session item to be paired in the first cloud payment interactive session message set according to the item attention, so as to determine the item type commonality evaluation between the cloud payment interactive session item conversion _1 (i.e., the first cloud payment interactive session item) and the cloud payment interactive session item conversion _ 2.
It can be understood that, when determining the common evaluation (i.e., the item type common evaluation) between the two cloud payment interactive session items in the first cloud payment interactive session message set (i.e., the cloud payment interactive session item conversion _1 and the cloud payment interactive session item conversion _ 2), the similarity between the cloud payment item activation logs of the two cloud payment interaction session items may be determined separately first, that is, the cloud payment item activation log of the first cloud payment interactive session item (i.e. the aforementioned cloud payment interactive session item conversion _ 3) in the target cloud payment item information may be regarded as the first activation log, and regarding the cloud payment item activation log of the second cloud payment interaction session item (i.e., cloud payment interaction session item conversion _ 2) in the target cloud payment item information as a second activation log.
When the target cloud payment intelligent terminal obtains the lowest addition and quantification calling heat degrees respectively corresponding to the three relationship descriptions in the cloud payment item information, it can be understood that the common evaluation between the first activation log and the second activation log of the two cloud payment interaction session items can be determined through the lowest addition and quantification calling heat degrees respectively corresponding to the three cloud payment item relationship descriptions, so as to indirectly determine the item type common evaluation between the cloud payment interaction session item conversion _1 and the cloud payment interaction session item conversion _ 2.
Therefore, in the process of comparing the common evaluation between two cloud payment interaction session items, the embodiment of the present application may compare the similarity between the cloud payment item activation logs of the two cloud payment interaction session items, that is, may compare the similarity between the three cloud payment item relationship descriptions in the cloud payment item activation logs of the two cloud payment interaction session items, in other words, after obtaining the lowest addition and quantization calling heat respectively corresponding to the 3 cloud payment item relationship descriptions, the embodiment of the present application may obtain the weight corresponding to each cloud payment item relationship description, so that the weight corresponding to each cloud payment item relationship description may be multiplied by the corresponding lowest addition and quantization calling heat respectively and the corresponding weight corresponding to the corresponding cloud payment item relationship description, and then the summation processing is performed to determine the common evaluation between the first activation log and the second activation log of the two cloud payment interaction session items, and further, the common evaluation between the first activation log and the second activation log of the two cloud payment interaction session items can be uniformly regarded as the item category common evaluation between the first cloud payment interaction session item and the second cloud payment interaction session item, so that the differentiation analysis condition corresponding to the cloud payment interaction session item conversion _2 in the first cloud payment interaction session message set can be distinguished through the item category common evaluation (i.e., common evaluation) of the two cloud payment interaction session items subsequently. For example, if the item type common evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item is not less than the differentiation analysis threshold after the pairing, the second cloud payment interactive session item (for example, the cloud payment interactive session item conversion _ 2) whose item type common evaluation is not less than the differentiation analysis threshold may be identified as the differentiation analysis case (for example, the differentiation analysis case category _ 001) corresponding to the first cloud payment interactive session item. Optionally, if the item type commonality evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item is smaller than the differentiation analysis threshold value after the pairing, the first cloud payment interactive session item (e.g., cloud payment interactive session item conversion _ 1) may be optimized according to the second cloud payment interactive session item (e.g., cloud payment interactive session item conversion _ 3) whose item type commonality evaluation is smaller than the differentiation analysis threshold value, and the differentiation analysis condition corresponding to the optimized first cloud payment interactive session item (i.e., differentiation analysis condition category _002 corresponding to the cloud payment interactive session item conversion _ 3) is determined, and the optimized first cloud payment interactive session item (i.e., cloud payment interactive session item conversion _ 3) is paired with the unpaired second cloud payment interactive session item one by one, until the cloud payment interactive session items in the first cloud payment interactive session message set all complete the item type commonality evaluation pairing, the differential analysis conditions corresponding to the cloud payment interactive session items in the first cloud payment interactive session message set can be presented, and further, the description of each differential analysis condition in the corresponding embodiment can be referred to together, and the description is not repeated here.
STEP STEP203, taking the cloud payment interactive session item which is in accordance with the target item selection requirement as a target cloud payment interactive session item in the differentiation analysis condition; exemplarily, the target cloud payment intelligent terminal may determine, in the target cloud payment item information, session item priority data corresponding to the cloud payment interaction session items in the differentiated analysis situation according to the addition and quantization calling heat degree respectively corresponding to each cloud payment item relationship description included in the cloud payment interaction session items in the differentiated analysis situation; further, the target cloud payment intelligent terminal can search the highest-priority cloud payment interactive session item corresponding to the session item priority data in the session item priority data corresponding to the cloud payment interactive session item in the differentiation analysis condition; further, the target cloud payment intelligent terminal may use the searched cloud payment interactive session item with the highest priority corresponding to the session item priority data as the target cloud payment interactive session item obtained from the differentiation analysis condition.
STEP204, determining a second cloud payment interactive session message set according to the target cloud payment interactive session item;
STEP205, determining, by means of the stage change information corresponding to the payment action tendency of the target cloud payment interactive session item in the first cloud payment interactive session message set, a description of the payment action tendency state between two target cloud payment interactive session items in the second cloud payment interactive session message set, which have a binding relationship;
it can be understood that the phased change information corresponding to the payment action tendency of each cloud payment interactive session item in the first cloud payment interactive session message set described in the embodiment of the present application may be phased change information in data intrusion intention detection, that is, data intrusion intention detection may be started at a time corresponding to the phased change information with the lowest payment action tendency when the data intrusion intention detects the first cloud payment interactive session message set until the session progress of the first cloud payment interactive session message set reaches the phased change information corresponding to the endpoint of the first cloud payment interactive session message set. At this time, the stage change information corresponding to the payment action tendency of the first target cloud payment interactive session item in the second cloud payment interactive session message set also has the lowest stage change information. Optionally, in the embodiment of the application, interval-type data intrusion intention detection may be performed on the first cloud payment interactive session message set, that is, when the first cloud payment interactive session message set is detected according to a set duration, the detection may be performed starting from the stage change information with the highest stage change information corresponding to the payment action tendency until the session progress of the first cloud payment interactive session message set reaches the stage change information corresponding to the starting point of the first cloud payment interactive session message set. At this time, the highest piece of staged change information exists in the staged change information corresponding to the payment action tendency of the first target cloud payment interactive session item in the second cloud payment interactive session message set. For convenience of understanding, in the embodiment of the application, only the first cloud payment interactive session message set is taken as an example for data intrusion intention detection, and further, through the step change information corresponding to the payment action tendency of each target cloud payment interactive session item in the first cloud payment interactive session message set, the description of the payment action tendency state between two target cloud payment interactive session items having a binding relationship is determined in the second cloud payment interactive session message set. The two target cloud payment interactive session items with the binding relationship cover a first target cloud payment interactive session item and a second target cloud payment interactive session item;
STEP206, optimizing payment action tendency switching information of the first target cloud payment interactive session item according to the description of the payment action tendency state between the first target cloud payment interactive session item and the second target cloud payment interactive session item;
STEP207, performing payment action tendency on the first target cloud payment interactive session item according to the payment action tendency switching information of the first target cloud payment interactive session item, and performing data intrusion intention detection on the second cloud payment interactive session message set until the session process of the second cloud payment interactive session message set reaches the change prompt requirement of the stage change information corresponding to the payment action tendency of the second target cloud payment interactive session item. For further implementation of STEP 204-STEP 207, refer to the description of STEP 102-STEP 104 in the embodiment corresponding to fig. 2, which will not be described again.
In some embodiments, the performing data intrusion intention detection on the second cloud payment interactive session message set described in STEP207 may further include the following STEPs: acquiring cloud payment key information of two continuous groups of second cloud payment interactive session message sets, wherein the cloud payment key information comprises request security verification data of cloud payment request description content and session reminding visual description of session reminding indication; processing the cloud payment key information by using a message processing thread to respectively obtain the significance guide characteristics of the two continuous groups of session reminding visual descriptions, the initial distinguishing visual keywords of the two continuous groups of session reminding visual descriptions and the effective cloud payment visual descriptions of the two continuous groups of session reminding visual descriptions; debugging a target feature identification thread, and determining an initial target payment action tendency in the target feature identification thread by using the request security verification data, the significance guide features of the two continuous groups of session reminding visual descriptions and the effective cloud payment visual descriptions of the two continuous groups of session reminding visual descriptions; and debugging an intention detection thread, and detecting and processing the target distinguishing visual keywords and the target payment action tendency in the intention detection thread by using the initial distinguishing visual keywords of the two continuous groups of session reminding visual descriptions and the initial target payment action tendency in the target characteristic identification thread, so that the intention detection thread iteratively detects the target distinguishing visual keywords and the target payment action tendency to obtain a real-time target data intrusion intention detection result. By the design, the reliability of data intrusion intention detection can be ensured on the premise of improving the timeliness of the data intrusion intention detection, so that the efficiency of the data intrusion intention detection is ensured.
On the basis of the above contents, the step of debugging the target feature recognition thread, determining the initial target payment action tendency in the target feature recognition thread by using the request security verification data, the saliency guide features of the two consecutive groups of session reminder visual descriptions, and the effective cloud payment visual descriptions of the two consecutive groups of session reminder visual descriptions, includes: acquiring a visual security check index corresponding to the request security check index of the request security check data and the significance guide characteristics of the cloud payment request description content; determining the corresponding relation of the visual safety check indexes of the two groups of continuous request safety check data by utilizing the effective cloud payment visual description of the two groups of continuous session reminding visual descriptions and the visual safety check index corresponding to the request safety check index of the request safety check data; combining the significance guide characteristics of the session reminding visual description and the significance guide characteristics of the cloud payment request description content to obtain a global information combination result; debugging the target feature identification thread, and determining a thread variable of the target feature identification thread by using the corresponding relation of the visual safety check indexes of the two continuous groups of request safety check data and the global information merging result; and determining the initial target payment action tendency by using the weight information of the target feature recognition thread variable. In this way, the visual security check index can be taken into account to ensure the reliability of the target payment action trend in combination with the weight information of the target feature recognition thread variable when determining the initial target payment action trend.
On the basis of the above contents, the step of obtaining the visual security check index corresponding to the request security check index of the request security check data and the saliency guide characteristics of the cloud payment request description content includes: according to the correlation response information between the session reminding indication and the cloud payment request description content, converting the request security check index of the request security check data in the request security check index state of the cloud payment request description content into the request security check index in the request security check index state of the session reminding indication; and according to the associated request information of the session reminding indication, obtaining the visual safety verification index corresponding to the request safety verification data and the significance guide characteristic of the cloud payment request description content from the request safety verification index of the request safety verification data in the request safety verification index state of the session reminding indication. In this way, the accuracy of the visual type security check index and the integrity of the significance guide feature of the cloud payment request description can be ensured.
Further, the step of "merging the saliency guidance feature of the visual description of the session reminder and the saliency guidance feature of the description content of the cloud payment request to obtain a global information merging result" may include: performing content validity detection on the significance guide characteristic of the session reminding visual description and the significance guide characteristic of the cloud payment request description content, and judging whether the detection is passed; if so, the saliency leading characteristics of the cloud payment request description content are used as a global information merging result.
In another embodiment, the step of processing the cloud payment key information by using a message processing thread to obtain the saliency guide features of the two consecutive groups of session reminder visual descriptions, the initial differentiation visual keywords of the two consecutive groups of session reminder visual descriptions, and the effective cloud payment visual descriptions of the two consecutive groups of session reminder visual descriptions, respectively, includes: inputting the cloud payment key information into an information extraction thread, and respectively obtaining the significance guide characteristics of the two continuous groups of session reminding visual descriptions; inputting the cloud payment key information into a cloud payment classification thread to respectively obtain initial distinguishing visual keywords of the two continuous groups of session reminding visual description targets; and inputting the cloud payment key information into an effective payment service analysis thread to obtain effective cloud payment visual description of the two continuous groups of session reminding visual description.
In summary, in the embodiment of the present application, the cloud payment interactive session item differentiation analysis processing is performed on the first cloud payment interactive session message set in a differentiation analysis form, so that it can be effectively ensured that the number of cloud payment interactive session items in the second cloud payment interactive session message set obtained after the cloud payment interactive session item differentiation analysis processing is less than the number of cloud payment interactive session items in the first cloud payment interactive session message set, and thus, when the second cloud payment interactive session message set is determined in the cloud payment intrusion prevention system, the processing overhead required by the cloud payment interactive session messages can be weakened; in addition, cloud payment interactive session items with significant differences can be extracted as target cloud payment interactive session items according to each differential analysis condition through a differential analysis form, so that the intrusion behavior detection reliability between any two target cloud payment interactive session items with binding relation in the second cloud payment interactive session message set can be guaranteed as much as possible when the cloud payment interactive session items are analyzed through the target cloud payment interactive session items; in addition, through the description of the payment action tendency state between the two target cloud payment interactive session items with the binding relationship, the payment action tendency switching information of each cloud payment interactive session item can be effectively optimized, and the data intrusion intention detection efficiency of the cloud payment interactive session information can be further improved.
On the basis, please refer to fig. 3, the present application further provides a block diagram of a cloud payment-based big data intrusion prevention analysis device 400, where the device includes the following functional modules:
the differentiation analysis module 410 is configured to perform differentiation analysis processing on cloud payment interactive session items in the first cloud payment interactive session message set to obtain a differentiation analysis condition corresponding to the first cloud payment interactive session message set, and obtain a target cloud payment interactive session item in the differentiation analysis condition; the number of the target cloud payment interactive session items is consistent with the number of the differential analysis conditions;
a session message determining module 420, configured to determine a second cloud payment interactive session message set according to the target cloud payment interactive session item;
a state description determining module 430, configured to determine, through the periodic change information corresponding to the payment action tendency of the target cloud payment interactive session item in the first cloud payment interactive session message set, a payment action tendency state description between two target cloud payment interactive session items in the second cloud payment interactive session message set that have a binding relationship;
and an intrusion intention detection module 440, configured to perform data intrusion intention detection on the second cloud payment interactive session message set according to the description of the payment action tendency state between the two target cloud payment interactive session items having the binding relationship.
On the basis of the above, please refer to fig. 4, a block diagram of a hardware structure of a cloud payment intrusion prevention analysis system 200 is also provided, where the cloud payment intrusion prevention analysis system 200 may include a processor 210 and a memory 220, which are in communication with each other, and the processor 210 invokes a deterministic machine program from the memory 220 and runs to implement the above method. Further, a readable storage medium is provided, on which a program is stored, which when executed by a processor implements the method described above.
For some possible examples, the present application is not limited to the precise structures that have been described above and shown in the drawings, and various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (10)
1. A big data intrusion prevention analysis method based on cloud payment is characterized by comprising the following steps:
performing differentiation analysis processing on cloud payment interactive session items in the first cloud payment interactive session message set to obtain differentiation analysis conditions corresponding to the first cloud payment interactive session message set, and obtaining target cloud payment interactive session items in the differentiation analysis conditions; the number of the target cloud payment interactive session items is consistent with the number of the differential analysis conditions;
determining a second cloud payment interactive session message set according to the target cloud payment interactive session project;
determining the state description of the payment action tendency between two target cloud payment interactive session items in the second cloud payment interactive session message set, which have a binding relationship, through the stage change information corresponding to the payment action tendency of the target cloud payment interactive session items in the first cloud payment interactive session message set;
and performing data intrusion intention detection on the second cloud payment interactive session message set according to the description of the payment action tendency state between the two target cloud payment interactive session items with the binding relationship.
2. The method according to claim 1, wherein the cloud payment interactive session items in the first cloud payment interactive session message set are subjected to differential analysis processing to obtain a differential analysis condition corresponding to the first cloud payment interactive session message set, and a target cloud payment interactive session item is obtained in the differential analysis condition; the number of the target cloud payment interactive session items is consistent with the number of the differential analysis conditions, and the method comprises the following steps:
acquiring a first cloud payment interactive session message set, and updating default cloud payment item information corresponding to cloud payment interactive session items in the first cloud payment interactive session message set into target cloud payment item information;
in the target cloud payment item information, performing differential analysis processing on cloud payment interactive session items in the first cloud payment interactive session message set to obtain a differential analysis condition corresponding to the first cloud payment interactive session message set;
and taking the cloud payment interactive session item which is in accordance with the target item selection requirement as the target cloud payment interactive session item in the differential analysis condition.
3. The method according to claim 2, wherein the performing, in the target cloud payment item information, a differential analysis process on cloud payment interaction session items in the first cloud payment interaction session message set to obtain a differential analysis condition corresponding to the first cloud payment interaction session message set includes:
acquiring a first cloud payment interactive session item which is regarded as differential analysis template information from the first cloud payment interactive session message set;
determining cloud payment interactive session items except the first cloud payment interactive session item in the first cloud payment interactive session message set as second cloud payment interactive session items, and acquiring the second cloud payment interactive session items one by one according to item attention;
in the target cloud payment item information, differentiating the differentiated analysis conditions corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set through item type commonality evaluation between the first cloud payment interaction session item and the second cloud payment interaction session item.
4. The method according to claim 3, wherein the distinguishing, in the target cloud payment item information, the differentiated analysis cases corresponding to the cloud payment interaction session items in the first cloud payment interaction session message set through item type commonality evaluation between the first cloud payment interaction session item and the second cloud payment interaction session item includes:
determining a differentiation analysis condition corresponding to the first cloud payment interactive session project;
performing item type common evaluation pairing on the first cloud payment interactive session item and the second cloud payment interactive session item in the target cloud payment item information;
if the item type common evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item is not smaller than the differentiation analysis threshold value after the pairing is obtained, identifying the second cloud payment interactive session item of which the item type common evaluation is not smaller than the differentiation analysis threshold value as the differentiation analysis condition corresponding to the first cloud payment interactive session item;
if the item kind common evaluation between the first cloud payment interactive session item and the second cloud payment interactive session item obtained by pairing is smaller than the differentiation analysis threshold, optimizing the first cloud payment interactive session item according to the second cloud payment interactive session item with the item type commonality evaluation smaller than the differentiation analysis threshold, and determining a differentiation analysis condition corresponding to the optimized first cloud payment interactive session item, and the optimized first cloud payment interactive session items are subjected to item type common evaluation pairing with unpaired second cloud payment interactive session items one by one until the cloud payment interactive session items in the first cloud payment interactive session message set are subjected to item type common evaluation pairing, and presenting the differentiated analysis condition corresponding to the cloud payment interactive session item in the first cloud payment interactive session message set.
5. The method of claim 4, wherein the pairing the first cloud payment interactive session item with the second cloud payment interactive session item for item category commonality evaluation in the target cloud payment item information comprises:
determining a cloud payment item activation log of the first cloud payment interaction session item in the target cloud payment item information as a first activation log, and determining a cloud payment item activation log of the second cloud payment interaction session item in the target cloud payment item information as a second activation log; the target cloud payment item information covers a plurality of cloud payment item relation descriptions;
determining the common evaluation between the first activation log and the second activation log according to the quantitative calling degree corresponding to each cloud payment item relation description in the first activation log and the quantitative calling degree corresponding to each cloud payment item relation description in the second activation log;
determining the common evaluation between the first activation log and the second activation log as an item category common evaluation between a first cloud payment interactive session item and a second cloud payment interactive session item.
6. The method of claim 5, wherein the determining the common evaluation between the first activation log and the second activation log according to the quantified call degree corresponding to each cloud payment item relationship description in the first activation log and the quantified call degree corresponding to each cloud payment item relationship description in the second activation log comprises:
obtaining a target cloud payment item relationship description from each cloud payment item relationship description in the first activation log; the target cloud payment item relation description is presented through a plurality of visual indication description information in the target cloud payment item information;
determining the quantitative calling degree of the target cloud payment item relation description relative to each visual indication description information as a first quantitative calling degree corresponding to each visual indication description information in the first activation log, and determining the quantitative calling degree of the target cloud payment item relation description relative to each visual indication description information as a second quantitative calling degree corresponding to each visual indication description information in the second activation log;
carrying out quantitative difference comparison on the first quantitative calling heat corresponding to each visual indication description information and the second quantitative calling heat corresponding to the same visual indication description information, and determining the lowest calling heat corresponding to each visual indication description information through a quantitative difference comparison result; and determining the lowest adding and quantitative calling heat corresponding to the target cloud payment item relation description according to the lowest calling heat corresponding to each piece of visual indication description information, and determining the common evaluation between the first activation log and the second activation log according to the lowest adding and quantitative calling heat corresponding to the target cloud payment item relation description.
7. The method of claim 2, wherein the step of regarding the cloud payment interactive session item meeting the target item selection requirement as the target cloud payment interactive session item in the differentiated analysis case comprises:
in the target cloud payment item information, determining session item priority data corresponding to cloud payment interaction session items in the differentiated analysis situation according to the addition quantitative calling heat degree respectively corresponding to each cloud payment item relation description included in the cloud payment interaction session items in the differentiated analysis situation;
searching the session item priority data corresponding to the cloud payment interaction session item in the differentiation analysis condition for the cloud payment interaction session item with the highest priority corresponding to the session item priority data;
and taking the searched cloud payment interactive session item with the highest priority corresponding to the session item priority data as the target cloud payment interactive session item obtained from the differential analysis condition.
8. The method according to claim 7, wherein the determining, in the target cloud payment item information, session item priority data of cloud payment interaction session items in the differentiated analysis case according to the adding quantitative calling heat degree respectively corresponding to each cloud payment item relationship description included in the cloud payment interaction session items in the differentiated analysis case comprises:
acquiring visual indication description information of each cloud payment item relation description in the target cloud payment item information;
obtaining the quantitative calling heat of the cloud payment interactive session items in the differentiation analysis situation relative to the visual indication description information described by the relation of each cloud payment item, and summing the quantitative calling heat on the visual indication description information described by the relation of each cloud payment item to obtain the summed quantitative calling heat corresponding to the relation description of each cloud payment item;
and determining session item priority data of the cloud payment interaction session items in the differential analysis situation according to the addition quantitative calling heat corresponding to each cloud payment item relation description and the item interaction degree corresponding to the corresponding cloud payment item relation description.
9. The method according to claim 1, wherein the two target cloud payment interactive session items in the binding relationship cover a first target cloud payment interactive session item and a second target cloud payment interactive session item; the data intrusion intention detection is carried out on the second cloud payment interactive session message set according to the payment action tendency state description between the two target cloud payment interactive session items with the binding relationship, and the method comprises the following steps:
optimizing payment action tendency switching information of the first target cloud payment interactive session item according to the description of the payment action tendency state between the first target cloud payment interactive session item and the second target cloud payment interactive session item;
and performing data intrusion intention detection on the first target cloud payment interactive session item according to the payment action tendency switching information of the first target cloud payment interactive session item until the session progress of the second cloud payment interactive session message set meets the change prompt requirement of the stage change information corresponding to the payment action tendency of the second target cloud payment interactive session item, and performing data intrusion intention detection on the second cloud payment interactive session message set.
10. A cloud payment intrusion prevention analysis system is characterized by comprising a processor and a memory; the processor is communicatively connected to the memory, and the processor is configured to read the determination program from the memory and execute the determination program to implement the method of any of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111022321.8A CN113706158A (en) | 2021-09-01 | 2021-09-01 | Big data intrusion prevention analysis method and system based on cloud payment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111022321.8A CN113706158A (en) | 2021-09-01 | 2021-09-01 | Big data intrusion prevention analysis method and system based on cloud payment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113706158A true CN113706158A (en) | 2021-11-26 |
Family
ID=78658890
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111022321.8A Withdrawn CN113706158A (en) | 2021-09-01 | 2021-09-01 | Big data intrusion prevention analysis method and system based on cloud payment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113706158A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114154995A (en) * | 2021-12-08 | 2022-03-08 | 河北晓博互联网科技有限公司 | Abnormal payment data analysis method and system applied to big data wind control |
| CN114154990A (en) * | 2021-12-08 | 2022-03-08 | 河北晓博互联网科技有限公司 | Big data anti-attack method based on online payment and storage medium |
-
2021
- 2021-09-01 CN CN202111022321.8A patent/CN113706158A/en not_active Withdrawn
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114154995A (en) * | 2021-12-08 | 2022-03-08 | 河北晓博互联网科技有限公司 | Abnormal payment data analysis method and system applied to big data wind control |
| CN114154990A (en) * | 2021-12-08 | 2022-03-08 | 河北晓博互联网科技有限公司 | Big data anti-attack method based on online payment and storage medium |
| CN114154990B (en) * | 2021-12-08 | 2022-09-20 | 北京汇收钱科技股份有限公司 | Big data anti-attack method based on online payment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110445688B (en) | Interface service function monitoring method and system based on data collection | |
| CN105590055B (en) | Method and device for identifying user credible behaviors in network interaction system | |
| US8615516B2 (en) | Grouping similar values for a specific attribute type of an entity to determine relevance and best values | |
| CN112837069B (en) | Block chain and big data based secure payment method and cloud platform system | |
| US20100192222A1 (en) | Malware detection using multiple classifiers | |
| CN113706158A (en) | Big data intrusion prevention analysis method and system based on cloud payment | |
| US20100161603A1 (en) | Grouping methods for best-value determination from values for an attribute type of specific entity | |
| CN109062965B (en) | Big data analysis system, server, data processing method and storage medium | |
| CN114154995B (en) | Abnormal payment data analysis method and system applied to big data wind control | |
| CN113918621A (en) | Big data protection processing method based on internet finance and server | |
| CN114244611B (en) | Abnormal attack detection method, device, equipment and storage medium | |
| CN111612037A (en) | Abnormal user detection method, device, medium and electronic equipment | |
| CN110570188A (en) | Method and system for processing transaction requests | |
| CN114567495B (en) | Network attack analysis method and server applied to cloud computing | |
| CN113313479A (en) | Payment service big data processing method and system based on artificial intelligence | |
| CN113177609A (en) | Method, device, system and storage medium for processing data class imbalance | |
| CN114417405A (en) | Privacy service data analysis method based on artificial intelligence and server | |
| CN117934075A (en) | Electronic rights issuing method, electronic rights issuing device, electronic equipment and storage medium | |
| CN111476560A (en) | Resource management method and computer readable storage medium | |
| US20100161542A1 (en) | Detecting entity relevance due to a multiplicity of distinct values for an attribute type | |
| CN115296895A (en) | Request response method and device, storage medium and electronic equipment | |
| CN110943982B (en) | Document data encryption method and device, electronic equipment and storage medium | |
| CN114579711A (en) | Method, device, equipment and storage medium for identifying fraud application program | |
| CN112949752B (en) | Training method and device of business prediction system | |
| US12118095B1 (en) | Machine learning model for calculating confidence scores associated with potential security vulnerabilities |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220120 Address after: 266071 20a, block a, No. 9, Shandong Road, Shinan District, Qingdao, Shandong Province Applicant after: Qingdao youjindi big data Development Co.,Ltd. Address before: 529000 Room 101, No. 95, Gangkou Second Road, Pengjiang district, Jiangmen City, Guangdong Province Applicant before: Yang Siting |
|
| TA01 | Transfer of patent application right | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20211126 |
|
| WW01 | Invention patent application withdrawn after publication |