CN113869781A

CN113869781A - Risk early warning method, device, equipment and readable storage medium

Info

Publication number: CN113869781A
Application number: CN202111201519.2A
Authority: CN
Inventors: 刘志强; 傅威; 刘秀媚; 田鸥; 潘敏
Original assignee: Ping An Technology Shenzhen Co Ltd
Current assignee: Ping An Technology Shenzhen Co Ltd
Priority date: 2021-10-14
Filing date: 2021-10-14
Publication date: 2021-12-31

Abstract

The embodiment of the application discloses a risk early warning method, a risk early warning device, risk early warning equipment and a readable storage medium, wherein the method comprises the following steps: acquiring user data of N users, determining risk characteristics existing in the user data of the N users, and determining risk characteristic scores of the N users based on the risk characteristics existing in the user data of the N users; dividing the N users based on the association degree among the user data of the N users to obtain M user sets; acquiring the intimacy between users included in each user set in the M user sets; and determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users, and performing risk early warning based on the risk score of each user. By adopting the method and the device, the accuracy of risk identification can be improved, and the accuracy of risk early warning is further improved.

Description

Risk early warning method, device, equipment and readable storage medium

Technical Field

The present application relates to the field of data analysis technologies, and in particular, to a risk early warning method, apparatus, device, and readable storage medium.

Background

Under the new situation of foreign exchange management with trade convenience and business authenticity and compliance audit, violation conditions are increasingly diversified and concealed, and various requirements of foreign exchange compliance management under the new situation are difficult to meet only by traditional foreign exchange business management and supervision means such as policy training declaration and manual post-inspection, and a risk conduction early warning system based on community association relationship is imperative to be constructed. At present, transaction scenes of foreign exchange services are complex, fund flow is complicated, and illegal fund flows are realized by disguising normal fund flows of some fraudulent users, so that a certain bottleneck exists in manual verification aiming at the users, namely monitoring is invalid based on a big data model of the users.

In the prior art, risk monitoring and identification are generally carried out on transaction information of a single user, and early warning is carried out on the transaction of the user based on a risk identification result.

Disclosure of Invention

The embodiment of the application provides a risk early warning method, a risk early warning device, risk early warning equipment and a readable storage medium, which can improve the accuracy of risk identification and further improve the accuracy of risk early warning.

In a first aspect, the present application provides a risk early warning method, including:

acquiring user data of N users, determining risk characteristics existing in the user data of the N users, and determining risk characteristic fractions of the N users based on the risk characteristics existing in the user data of the N users, wherein N is a positive integer;

dividing the N users based on the association degree between the user data of the N users to obtain M user sets, wherein each user set comprises at least one user, and M is a positive integer;

acquiring affinity between users included in each user set in the M user sets, wherein the affinity is used for reflecting the probability of risk conduction between the users included in the user sets;

and determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users, and performing risk early warning based on the risk score of each user.

In a second aspect, the present application provides a risk early warning device, including:

the risk determination module is used for acquiring user data of N users, determining risk characteristics existing in the user data of the N users, and determining risk characteristic scores of the N users based on the risk characteristics existing in the user data of the N users, wherein N is a positive integer;

the user dividing module is used for dividing the N users based on the association degree between the user data of the N users to obtain M user sets, each user set comprises at least one user, and M is a positive integer;

the risk conduction module is used for acquiring intimacy degree among users included in each user set in the M user sets, and the intimacy degree is used for reflecting the probability of risk conduction among the users included in the user sets;

and the risk early warning module is used for determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users, and carrying out risk early warning based on the risk score of each user.

With reference to the second aspect, in one possible implementation manner, the user data of one user includes association data between the one user and other users, the association data including at least one of assets delivered by the one user to other users, assets offered by the one user to other users for guarantee, and assets invested by the one user to other users;

for every two users included in each of the M user sets, the risk conduction module is configured to perform the following operations to obtain affinity between the users included in each of the M user sets:

acquiring target associated data related to the jth user in the user data of the ith user included in each user set in the M user sets, and acquiring assets delivered to the jth user by the ith user from the target associated data, or providing guaranteed assets for the jth user by the ith user, or investing assets for the jth user by the ith user;

determining the ratio of the assets delivered to the jth user by the ith user to the total assets delivered to the jth user by each of the R users in the user set as the intimacy between the ith user and the jth user;

or, determining the ratio of the assets which are provided by the ith user and vouched to the jth user to the sum of the assets which are provided by each user of the R users in the user set and vouched to the jth user as the intimacy degree between the ith user and the jth user;

or, determining the ratio of the assets invested by the ith user to the jth user to the total assets invested by each user in the R users in the user set to the jth user as the intimacy between the ith user and the jth user;

wherein R is equal to the total number of users in the user set, and the R users comprise the ith user and the jth user.

With reference to the second aspect, in a possible implementation manner, the risk early warning module includes:

a set obtaining unit, configured to obtain a sum of intimacy degrees among any Q users included in each user set of the M user sets, to obtain an intimacy degree set corresponding to each user set, where a value of Q is 2,3,4,. and Q, and Q is a total number of users included in the user set;

the data sorting unit is used for sorting the sum of the intimacy degrees in the intimacy degree set corresponding to each user set from large to small;

a quantity obtaining unit, configured to obtain a sum of the first f intimacy densities in the ranked intimacy density set, obtain user quantities corresponding to the sum of the first f intimacy densities, determine a target intimacy density sum in the sum of the first f intimacy densities, and obtain p users corresponding to the target intimacy density sum, where the user quantity corresponding to the target intimacy density sum is greater than the user quantity corresponding to any intimacy density sum except the target intimacy density sum in the sum of the first f intimacy densities, f is a positive integer, and p is a positive integer;

and the score calculating unit is used for respectively obtaining a preset intimacy weight and a preset risk weight, and determining the risk score of each user included in each user set based on the sum of intimacy between the p users, the preset intimacy weight, the risk characteristic score of each user in the p users and the preset risk weight, wherein p is a positive integer.

With reference to the second aspect, in a possible implementation manner, the score calculating unit is specifically configured to:

and weighting the sum of the affinities among the p users, the preset affinity weight, the risk characteristic score of each user in the p users and the preset risk weight to obtain the risk score of each user included in each user set.

the graph generating unit is used for generating an association relation graph based on user data of a first user and user data of an associated user having an association relation with the first user if the first user with a risk score larger than an early warning threshold exists in the N users, wherein the associated user is p-1 users except the first user in the open air in p users corresponding to the sum of target affinities in an affinity set corresponding to a user set where the first user is located;

the data marking unit is used for acquiring a marking data type, determining a second user from the users contained in the association relationship graph, wherein the data type of the user data of the second user is the same as the marking data type;

and the graphic output unit is used for marking the second user in the incidence relation graph to obtain a marked incidence relation graph, and outputting the marked incidence relation graph to perform risk early warning.

With reference to the second aspect, in a possible implementation manner, the risk early warning apparatus further includes:

the risk processing module is used for sending the marked incidence relation graph, the risk score of the first user and the risk score of the associated user to a management terminal so that the management terminal determines a risk processing scheme aiming at the first user based on the marked incidence relation graph and the risk score of the first user and determines a risk processing scheme aiming at the associated user based on the marked incidence relation graph and the risk score of the associated user;

the risk processing module is used for carrying out risk processing on the first user based on the risk processing scheme of the first user and carrying out risk processing on the associated user based on the risk processing scheme of the associated user.

With reference to the second aspect, in a possible implementation manner, the risk determination module includes:

the feature matching unit is used for matching the risk features existing in the user data of each user in the N users with at least one preset risk feature to obtain a risk matching result, wherein the risk matching result is whether the risk features existing in the user data are matched with preset risk features in the at least one preset risk feature;

and the risk calculation unit is used for determining the sum of reference scores corresponding to the matched preset risk features as the risk feature scores of the users to obtain the risk feature scores of the N users if the risk matching result is that the risk features existing in the user data are matched with the preset risk features in the at least one preset risk feature.

In a third aspect, the present application provides a computer device comprising: a processor, a memory, a network interface;

the processor is connected with a memory and a network interface, wherein the network interface is used for providing a data communication function, the memory is used for storing a computer program, and the processor is used for calling the computer program so as to enable computer equipment comprising the processor to execute the risk early warning method.

In a fourth aspect, the present application provides a computer-readable storage medium having stored thereon a computer program adapted to be loaded and executed by a processor, so as to cause a computer device having the processor to execute the above risk pre-warning method.

In a fifth aspect, the present application provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the risk pre-warning method provided in the various alternatives of the first aspect of the present application.

In the embodiment of the application, risk characteristics existing in the user data of the N users are determined by acquiring the user data of the N users, and risk characteristic scores of the N users are determined based on the risk characteristics existing in the user data of the N users; dividing N users based on the association degree among the user data of the N users to obtain M user sets; acquiring the intimacy between users included in each user set in the M user sets; and determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users, and performing risk early warning based on the risk score of each user. By acquiring the intimacy between the users in the user set, the risk conduction in the user set can be identified among the users in the user set, so that the risks of the users are identified based on the risk conduction condition in the user set and the risk condition of the users, namely, the risk condition of the users is identified from multiple dimensions, the risk identification accuracy can be improved, and the risk early warning accuracy is further improved.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.

Fig. 1 is a schematic flowchart of a risk early warning method according to an embodiment of the present disclosure;

fig. 2 is a schematic node partitioning diagram provided in an embodiment of the present application;

fig. 3 is a schematic diagram of determining a shortest path in a node set according to an embodiment of the present disclosure;

fig. 4 is a schematic flowchart of another risk early warning method provided in the embodiment of the present application;

FIG. 5 is a graph of an association provided by an embodiment of the present application;

FIG. 6 is a labeled incidence relation diagram provided in the embodiments of the present application;

fig. 7 is a schematic structural diagram of a risk early warning apparatus provided in an embodiment of the present application;

fig. 8 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

The technical scheme is suitable for acquiring and analyzing the user data of all users in the transaction scene of the foreign exchange service, determining the user set to which each user belongs in the scene, and identifying which users in the user set have risk conduction among the users by acquiring the intimacy among the users in the user set, so that the risks of the users are identified based on the risk conduction condition in the user set and the risk condition of the users, namely, the risk condition of the users is identified from multiple dimensions, the risk identification accuracy can be improved, and further, the risk early warning accuracy is improved.

Referring to fig. 1, fig. 1 is a schematic flow chart of a risk early warning method according to an embodiment of the present disclosure; as shown in fig. 1, the risk pre-warning method may be applied to a computer device. The computer device may be an independent server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, Network service, cloud communication, middleware service, domain name service, security service, Content Delivery Network (CDN), big data and an artificial intelligence platform. The computer device may also be an electronic device, including but not limited to a mobile phone, a tablet computer, a desktop computer, a notebook computer, a palm computer, a vehicle-mounted device, an Augmented Reality/Virtual Reality (AR/VR) device, a helmet-mounted display, a wearable device, a smart speaker, a digital camera, a camera, and other Mobile Internet Devices (MID) with network access capability, and the like. As shown in fig. 1, the risk pre-warning method includes, but is not limited to, the following steps:

s101, obtaining user data of N users, determining risk characteristics existing in the user data of the N users, and determining risk characteristic scores of the N users based on the risk characteristics existing in the user data of the N users.

In the embodiment of the application, the computer device may obtain the user data of the N users, determine risk features existing in the user data of the N users, and determine the risk feature scores of the N users based on the risk features existing in the user data of the N users. The N is a positive integer, and the user data of the user may be user data in a transaction scenario of the foreign exchange service, that is, the user may be a user who has registered a public account in the scenario. The technical scheme of the application can also be suitable for the scenes of direct connection of enterprise online banking, digital pockets and bank enterprises, bank development and the like. The user may include a physical person, a legal person, or other organization, for example, the user may include a person, organization, company, or other organization, and the user data may include data such as the user's business data, transaction data, collateral data, equity data, legal person data, corporate personnel composition data, address information, and contact details.

Optionally, the computer device may identify risk features present in the user data to determine a risk feature score for the user. Specifically, the computer device may match risk features existing in the user data of each of the N users with at least one preset risk feature to obtain a risk matching result. And the risk matching result is whether the risk characteristics existing in the user data are matched with preset risk characteristics in at least one preset risk characteristic. Further, if the risk matching result is that the risk features existing in the user data are matched with preset risk features in at least one preset risk feature, determining the sum of reference scores corresponding to the matched preset risk features as the risk feature scores of the users to obtain the risk feature scores of the N users.

Optionally, the computer device may preset at least one preset risk feature, and the at least one preset risk feature may include, but is not limited to, one or more of a loss of credit risk feature, a blacklist risk feature, a complaint risk feature, an overdue risk feature, and a transaction abnormality risk feature. The loss of credit risk features may include, but are not limited to, clearing in business data, loss of credit performed, informal fixed office operations, lack of accurate contact, etc. Blacklist risk characteristics may include, but are not limited to, an operational interest list, an anti-money laundering blacklist, a check blacklist, a merchant blacklist, a wainscot blacklist, and the like in bank blacklist data. Complaint risk characteristics may include, but are not limited to, frequency of complaints, amount of claims made, amount of executions, etc. in jurisdictional data. Overdue risk characteristics may include, but are not limited to, historical days of overdue, amount of overdue, number of overdue, etc. in the credit data. Transaction anomaly risk characteristics may include, but are not limited to, sudden large transactions, large revolutionary secrets, large amounts, high frequency pay remittance, long payoff intervals, off-shore turn-to-deal transactions with small transaction spread, inconsistent transaction backgrounds, etc. in transaction settlement data. Further, the computer device may further set a reference score corresponding to at least one preset risk feature, that is, set a reference score corresponding to each preset risk feature. Optionally, the computer device may determine a reference score corresponding to each preset risk feature according to an importance degree of each preset risk feature in the foreign exchange transaction scenario, for example, if the importance degree of the blacklist risk feature in the foreign exchange transaction scenario is greater than the importance degree of the complaint risk feature, the reference score corresponding to the blacklist risk feature is greater than the reference score corresponding to the complaint risk feature, and by presetting the importance degree of each preset risk feature, the reference score corresponding to each preset risk feature may be set based on the importance degree of each preset risk feature.

Further, the computer device may obtain potentially risky features in the user data for each of the N users and match the potentially risky features with at least one preset risk feature, thereby determining a risk feature score for each user based on the matching results. Specifically, the computer device may match the risk characteristics existing in the user data of each of the N users with at least one preset risk characteristic to obtain a risk matching result, that is, whether the risk characteristics existing in the user data of the user are matched with one or more of the above-mentioned credit loss risk characteristic, blacklist risk characteristic, complaint risk characteristic, overdue risk characteristic, and transaction abnormality risk characteristic. If the risk features existing in the user data of the user are not matched with each preset risk feature in the information loss risk features, the blacklist risk features, the complaint risk features, the overdue risk features and the transaction abnormity risk features, the risk feature score of the user can be 0 or a default value. And if the risk characteristics existing in the user data of the user are matched with any preset risk characteristics of the information loss risk characteristics, the blacklist risk characteristics, the complaint risk characteristics, the overdue risk characteristics and the transaction abnormal risk characteristics, determining the reference score corresponding to the matched preset risk characteristics as the risk characteristic score of the user. And if the risk characteristics existing in the user data of the user are matched with at least two preset risk characteristics in the information loss risk characteristics, the blacklist risk characteristics, the complaint risk characteristics, the overdue risk characteristics and the transaction abnormal risk characteristics, determining the sum of reference scores corresponding to the matched at least two preset risk characteristics as the risk characteristic score of the user.

Optionally, if the risk features existing in the user data of the user are matched with at least two preset risk features among the above-mentioned information loss risk feature, blacklist risk feature, complaint risk feature, overdue risk feature and transaction abnormality risk feature, an average value of reference scores corresponding to the matched at least two preset risk features may be determined as the risk feature score of the user. By matching the risk characteristics existing in the user data of each of the N users with at least one preset risk characteristic, the risk characteristic score of each of the N users can be determined, i.e., the risk existing in the user is determined from the risk condition of the user.

S102, dividing the N users based on the association degree among the user data of the N users to obtain M user sets.

In the embodiment of the application, the computer device can divide the N users based on the association degree between the user data of the N users to obtain M user sets. Wherein, each user set comprises at least one user, and M is a positive integer.

Optionally, the computer device may divide the N users by calculating the modularity between the nodes to obtain M user sets, so as to facilitate subsequent judgment of user data of the users in each user set and determine a risk condition existing in each user set, where the modularity between the nodes is used to reflect the degree of association between the nodes. Optionally, the computer device may create a relationship network between the N users based on the user data of the N users, divide the N users based on the relationship network between the N users, and determine the M user sets.

In a specific implementation, the computer device may extract a triple relationship in the user data, for example, may extract data such as transaction data, guarantee data, share right data, legal person data, company and staff composition data, address information, and a contact manner of the user, import the extracted data into the neo4j database, and establish a relationship network between N users, where the relationship network between N users may be a knowledge graph between N users, or may be other network architecture that reflects an association relationship between N users.

Optionally, the computer device may divide the N users based on the degree of association between the N users to obtain k user sets, and merge the k user sets to obtain M user sets. Specifically, the computer device may determine N users as N nodes, where one user corresponds to one node; and adding any two nodes of which the first modularity is greater than the threshold of the modularity among the N nodes into the same node set to obtain k node sets, wherein k is a positive integer greater than or equal to M. If the second modularity between the first target node and any one of the N nodes in the N nodes is smaller than or equal to the threshold of the modularity, calculating the second modularity between the first target node and the first node set, and if the second modularity between the first target node and the first node set is larger than the threshold of the modularity, adding the first target node into the first node set. The first target node is a node of the N nodes except the k node sets, and the first node set is any one node set of the k node sets. Further, the computer device may calculate a modularity between any two node sets of the k node sets, and if the modularity between any two node sets is greater than a threshold of the modularity, merge any two node sets into one node set to obtain M node sets.

Optionally, if a second modularity between the first target node and the first node set is less than or equal to the threshold of the modularity, the computer device may recalculate a second modularity between the first target node and a second node set of the k node sets except the first node set, if the second modularity between the first target node and the second node set is greater than the threshold of the modularity, add the first target node to the second node set, and if the second modularity between the first target node and the second node set is less than or equal to the threshold of the modularity, recalculate the modularity between the first target node and the other node sets of the k node sets until the first target node adds to one of the k node sets.

It is to be understood that if the second modularity between the first target node and each of the k node sets is less than or equal to the threshold modularity, indicating that the first target node and the other nodes of the N nodes are associated to a lesser degree, then the first target node may be added to a third node set, which may include the first target node.

That is, in this implementation, the computer device may determine k sets of nodes consisting of two nodes by calculating a first modularity between each two of the N nodes. Further, if a first target node (single node) other than the k node sets remains in the N nodes, the computer device may calculate second modularity between the first target node and the k node sets, respectively, and add a third target node to the first node set if the second modularity between the first target node and the first node set is greater than the threshold of the modularity. Alternatively, if the second modularity between the first target node and the first set of nodes is less than or equal to the threshold for modularity, the computer device may calculate the second modularity between the first target node and a set of nodes other than the first set of nodes in the k sets of nodes, thereby enabling the first target node to be added to one of the k sets of nodes. At this time, the computer device adds N nodes to k node sets corresponding to the N nodes, respectively, and there is no single node among the N nodes. Still further, the computer device may calculate a third modularity between any two node sets of the k node sets, and if the third modularity between any two node sets is higher than the threshold of the modularity, may merge the any two node sets into one node set, and finally obtain M node sets. In the process, the modularity among the nodes and the node sets and the modularity among the node sets are continuously calculated, so that the N nodes can be divided, the nodes with higher association degree are divided into the same node set as much as possible, and M node sets are obtained. The first modularity is used for reflecting the association degree between the nodes, the second modularity is used for reflecting the association degree between the nodes and the node set, and the third modularity is used for reflecting the association degree between the node set and the node set.

Optionally, the modularity between the nodes is a measurement method for evaluating the quality of the relational network partitioning, that is, a method for evaluating the degree of association between users, the physical meaning of the method is the difference between the number of edges connecting the nodes in the user set and the number of edges in the random case, the value range of the modularity is [ -0.5, 1), and the calculation formula of the modularity may be as shown in formula (1-1):

wherein D represents modularity, c_uRepresenting the set of nodes to which node u belongs, c_vRepresenting the node set to which the node v belongs, and when the node is not added into the node set, the node can be regarded as a set, namely c_uCan represent nodes u, c_vNode v may be represented. h is 0.5 × Σ_uvA_uvRepresents the sum of the weights of all edges, A_uvWeight, L, representing an edge between node u and node v_u＝∑_vA_uvRepresents the sum of the weights, L, of all edges connected to node u_v＝∑_uA_uvRepresenting the sum of the weights of all edges connected to node v. Wherein, when the node u and the node v belong to the same node set, delta (c)_u，c_v) Equal to 1, delta (c) when node u and node v do not belong to the same node set_u，c_v) Equal to 0. Alternatively, the initial weights of edges between nodes mayIf the modularity between a node and multiple nodes is equal to or greater than the threshold modularity, the node and any one of the multiple nodes may be added to the same node set. The above modularity equation (1-1) can also be simplified to the following equation (1-2):

where Σ in represents the sum of the weights of the edges between all nodes in the node set c, and Σ tot represents the sum of the weights of the edges connected to the nodes in the node set c.

Optionally, as shown in fig. 2, fig. 2 is a schematic node division diagram provided in this embodiment of the present application, and fig. 2 includes 12 nodes (black dots in fig. 2 represent nodes), and a connection line between the nodes represents an edge between the nodes. For node set 1, Σ in represents the sum of the edge (solid line) weights between 4 nodes in node set 1, Σ tot represents the sum of the edge (dashed line) weights between node set 1 and node set 3, and the edge (dashed line) weights between node set 1 and node set 2. By calculating the modularity among the nodes, the modularity between the nodes and the node sets, and the modularity between the node sets, the 12 nodes are finally divided into 3 node sets, such as the node set 1, the node set 2, and the node set 3, that is, the 12 users can be divided into 3 different user sets.

Because the modularity between the nodes is used for reflecting the association degree between the nodes, the nodes can be divided based on the association degree between the nodes by calculating the modularity between the N nodes to obtain the node set, namely the N users can be divided based on the association degree between the users to obtain the M user sets, so that the risk condition of the users can be conveniently combined in the subsequent steps, and the risk condition in the user set where the users are located can be analyzed, the accuracy of risk identification is improved, and the accuracy of risk early warning is further improved.

It can be understood that if two users belong to the same user set, it indicates that there is a possibility of risk conduction between the two users, and therefore, the possibility of risk conduction between users included in each of the M user sets can be analyzed subsequently. If the two users do not belong to the same user set, it is indicated that no risk conduction occurs between the two users, and for any multiple users belonging to different user sets, because no risk conduction occurs between different user sets, it is not necessary to analyze the risk conduction possibility between different user sets, thereby improving the risk identification efficiency.

S103, acquiring the intimacy between the users in each user set in the M user sets.

In this embodiment, the computer device may obtain affinity between users included in each of the M user sets. Wherein the affinity is used to reflect the probability of risk propagation occurring between users comprised in the set of users.

Optionally, the user data of one user may include association data between one user and other users, and the association data may include at least one of assets delivered by one user to other users, assets provided by one user to other users for vouching, and assets invested by one user to other users. For every two users included in each of the M sets of users, the computer device may perform the following four operations to obtain an affinity between the users included in each of the M sets of users:

first, when the association data includes assets that one user delivers to other users, the computer device may obtain target association data related to a jth user in user data of an ith user included in each of the M user sets, and obtain assets that the ith user delivers to the jth user from the target association data; and determining the ratio of the assets delivered to the jth user by the ith user to the total assets delivered to the jth user by each user in the R users in the user set as the intimacy between the ith user and the jth user. Wherein, R is equal to the total number of users in the user set, and R users comprise the ith user and the jth user.

Secondly, when the association data comprises assets which are provided by one user for guaranteeing to other users, the computer equipment can acquire target association data which is related to the jth user in the user data of the ith user and is included by each user set in the M user sets, and acquire assets which are provided by the ith user for guaranteeing to the jth user from the target association data; and determining the ratio of the assets which are provided with the guarantee by the ith user to the jth user to the total assets which are provided with the guarantee by each user in the R users in the user set to the jth user as the intimacy degree between the ith user and the jth user.

Thirdly, when the associated data includes assets invested by one user to other users, the computer device may obtain target associated data related to the jth user in the user data of the ith user included in each of the M user sets, and obtain the assets invested by the ith user to the jth user from the target associated data; and determining the ratio of the assets invested by the ith user to the jth user to the sum of the assets invested by each user in the R users in the user set to the jth user as the intimacy between the ith user and the jth user.

Fourthly, when the associated data comprises at least one of assets delivered by one user to other users, assets provided by one user to other users for guarantee and assets invested by one user to other users, the computer equipment can acquire target associated data related to the jth user in the user data of the ith user in each of the M user sets, acquire the assets delivered by the ith user to the jth user from the target associated data, or provide the assets provided by the guarantee to the jth user or the assets invested by the ith user to the jth user; and determining the ratio of the assets delivered to the jth user by the ith user to the total assets delivered to the jth user by each user in the R users in the user set as the intimacy between the ith user and the jth user. Or, determining the ratio of the assets which are provided with the guarantee by the ith user to the jth user to the total assets which are provided with the guarantee by each user in the R users in the user set to the jth user as the intimacy between the ith user and the jth user. Or, determining the ratio of the assets invested by the ith user to the jth user to the total assets invested by each user in the R users in the user set to the jth user as the intimacy between the ith user and the jth user.

For example, when the association data includes assets invested by one user to other users, each of the M user sets including user B1, user B2, and user B3, the computer device may obtain target association data related to user B2 in the user data of user B1, and obtain assets, such as 3 ten thousand dollars, invested by user B1 to user B2 from target association data related to user B2 in the user data of user B1. The ratio between the asset that user B1 invested in user B2 and the sum of the assets (e.g., 10 ten-thousand dollars) that each of the R users in the user set invested in user B2 is determined as the affinity between user B1 and user B2, i.e., 3/10 for user B1 and user B2.

Further, the computer device may obtain target associated data of user B3 related to user B2 in the user data of user B3, and obtain assets, such as 5 ten thousand dollars, invested by user B3 to user B2 from target associated data of user B3 related to user B2. The ratio between the asset that user B3 invested in user B2 and the sum of the assets (e.g., 10 ten-thousand dollars) that each of the R users in the user set invested in user B2 is determined as the affinity between user B3 and user B2, i.e., 1/2 for user B3 and user B2. That is, the affinity between each of the R users and user B2 may be determined separately by determining the ratio between the assets each user in the set of users invests separately into user B2 and the sum of the assets each user in the set of R users invests separately into user B2. The higher the amount of assets one user invests into another, indicating a higher affinity between the one user and the other user, the greater the probability of risk conductance being transmitted between the two users.

In this embodiment of the application, for every two users included in each of the M user sets, the computer device may obtain affinity between all users included in each of the M user sets by performing the above operations.

Alternatively, the computer device may determine R users included in each user set as R nodes, where one user corresponds to one node, so that an affinity calculation method based on common neighbors between nodes may be used to calculate affinities between any two nodes in the user set, and determine the affinities between the nodes as affinities between users corresponding to the nodes, so as to obtain the affinities between users included in each user set in the M user sets, where the affinity calculation method may be as shown in formula (1-3):

s (x, y) represents the intimacy between the node x and the node y, w (t) is a node set adjacent to the node t, that is, w (t) is the number of nodes adjacent to the node t, t is any one node in an intersection of the node set adjacent to the node x and the node set adjacent to the node y, S (x, y) is 0 and represents that the node x and the node y are not close to each other, the higher the value of S (x, y) is, the greater the intimacy between the two nodes is, the intimacy between R nodes can be calculated by an intimacy measuring and calculating method, and the intimacy between the nodes is determined as the intimacy between users corresponding to the nodes, so that the intimacy between all users in each user set in M user sets is obtained.

S104, determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users, and carrying out risk early warning based on the risk score of each user.

In this embodiment of the application, the computer device may determine a risk score of each of the N users based on an affinity between users included in each of the M user sets and risk feature scores of the N users, and perform risk early warning based on the risk score of each user. Wherein, the greater the intimacy between users, the greater the probability of risk conduction occurring between users; the smaller the intimacy between users, the smaller the probability of risk propagation occurring between users.

Optionally, the computer device may obtain an affinity between p users with the highest risk conduction probability in each of the M user sets, and adjust the risk feature score of the user in the user set based on the affinity between the p users, so that the determined risk score of the user may reflect the risk of the user from multiple dimensions, such as the risk of the user and the risk conduction of the user in the user set where the user is located, and improve the accuracy of risk identification of the user.

Specifically, the computer device may obtain a sum of affinity between any q users included in each of the M user sets, to obtain an affinity set corresponding to each user set. Wherein, the value of Q is 2,3, 4. Further, the computer device may sort the sums of the affinities in the affinity set corresponding to each user set from large to small; and acquiring the sum of the first f intimacy degrees in the sequenced intimacy degree set, acquiring the number of users corresponding to the sum of the first f intimacy degrees respectively, determining the sum of the target intimacy degrees in the sum of the first f intimacy degrees, and acquiring p users corresponding to the sum of the target intimacy degrees. The number of users corresponding to the sum of the target affinities is larger than the number of users corresponding to the sum of any affinities except the sum of the target affinities in the sum of the f previous affinities, f is a positive integer, and p is a positive integer. Further, the computer device may respectively obtain a preset intimacy weight and a preset risk weight, and determine a risk score of each user included in each user set based on a sum of intimacy between p users, the preset intimacy weight, a risk feature score of each user of the p users, and the preset risk weight, where p is a positive integer.

Optionally, in the sorted intimacy degree set, there may be a case where the sum of two or more intimacy degrees in the sum of the first f intimacy degrees is equal, and the number of users corresponding to the sum of the two or more intimacy degrees is equal, then the computer device adjusts the risk feature scores of the users corresponding to the sum of the two or more intimacy degrees based on the sum of intimacy degrees between the users corresponding to the sum of the two or more intimacy degrees, respectively, to obtain the risk scores of the users corresponding to the sum of the two or more intimacy degrees, respectively. Take the example that the sum of two affinities (i.e. the sum of the first target affinities and the sum of the second target affinities) in the sum of the first f affinities in the sorted affinity set is equal, and the numbers of users corresponding to the two affinities are equal respectively. The computer device may determine a risk score for each user included in each set of users based on a sum of the first target affinity between p1 users, a preset affinity weight, a risk feature score for each of p1 users, and a preset risk weight, respectively. And determining a risk score for each user included in each user set based on a sum of second target affinity between p2 users, a preset affinity weight, a risk feature score for each of p2 users, and a preset risk weight. Wherein P1 is a positive integer, P2 is a positive integer, P1 is equal to P2, P1 users are used for representing users corresponding to the sum of the first target affinities, and P2 users are used for representing users corresponding to the sum of the second target affinities. Because the two different conditions are analyzed respectively, the accuracy of risk identification can be improved.

In the embodiment of the application, as the greater the intimacy between the users in the user set, the greater the probability of risk conduction occurring between the users is, and the intimacy between every two users in the user set is different, there may exist p users whose intimacy sum is greater than the sum of the intimacy between at least two users, or whose intimacy sum between any three users is greater than the sum of the intimacy between at least three users. Under the condition of ensuring that the sum of the intimacy degree is larger, users meeting the conditions can be found as many as possible, so that the users who are easy to have risk conduction in the user set can be avoided from being omitted, the accuracy of risk identification is improved, and the accuracy of risk early warning is further improved.

Optionally, the computer device may calculate shortest paths from any node to other nodes in the weighted undirected graph based on a shortest path calculation method, where one weighted undirected graph corresponds to one user set, one node in the weighted undirected graph represents one user in the user set, a connection relationship between nodes in the weighted undirected graph may reflect an association relationship between users in the user set, and the weighted undirected graph includes weights of edges between nodes. The shortest path calculation method is to calculate the shortest path from any node to other nodes according to the weights of the edges between the nodes in the weighted undirected graph, and the path with the minimum accumulated sum of the weights on the path is the shortest path. However, in the actual calculation process, when the intimacy degree between the users is used as the weight of the edge between the nodes corresponding to the users, the greater the intimacy degree between the users corresponding to the nodes is, the greater the weight of the edge between the nodes is, that is, the greater the probability of risk propagation occurring between the users is. Therefore, in this case, when the shortest path is calculated by using the shortest path calculation method, it is necessary to take the reciprocal of the edge weight between the actual nodes, that is, the reciprocal of the affinity between the users corresponding to the nodes, and then calculate the shortest path from any node to another node by using the shortest path calculation method based on the reciprocal of the edge weight between the nodes. That is, when the shortest path of risk propagation between user sets is calculated by using the shortest path calculation method, a numerical value obtained by taking the reciprocal of the affinity between users is determined as the weight of the edge between the nodes corresponding to the users.

As shown in fig. 3, fig. 3 is a schematic diagram for determining a shortest path in a node set according to an embodiment of the present disclosure, and a weight of an edge between nodes in fig. 3 may be equal to an inverse affinity between users corresponding to the nodes. For example, node a corresponds to user a, node B corresponds to user B, the affinity between user a and user B is 0.25, and the weight of the edge between node a and node B is 4, i.e. 1/0.25.

Optionally, as shown in fig. 3, initially, the initial node set includes a node A, B, C, D, E, a weight of an edge between the nodes a and D is 2, a weight of an edge between the nodes a and B is 4, a weight of an edge between the nodes D and C is 1, a weight of an edge between the nodes D and B is 1, a weight of an edge between the nodes D and E is 7, a weight of an edge between the nodes B and C is 4, and a weight of an edge between the nodes C and E is 3. The computer device may determine node a in the initial set of nodes as node set 1, determine nodes other than node a in the initial set of nodes as node set 2, i.e., node set 2 includes node B, C, D, E, and the distance between node set 2 and node set 1 (i.e., the weight of the edge) is the distance between node a and node set 2 (i.e., the weight of the edge). For example, the distance between the node C in the node set 2 and the distance between the node set 1 are the distances between the node a and the node C (i.e., the weights of the edges between the node a and the node C), and if the node a is not adjacent to the node C, the distance between the node C and the node a is infinite. Then, the computer device selects the node D with the shortest distance from the node set 1 from the node set 2, adds the node D to the node set 1, and removes the node D from the node set 2.

Further, the computer device updates the distance from each node in the node set 2 to the node set 1, and the purpose of updating the distance from each node in the node set 2 to the node set 1 is to previously determine that the node D is the node with the smallest distance from the node set 1, so that the distances from other nodes in the node set 2 to the node set 1 can be updated by using z, which is the remaining nodes in the node set 2. For example, the distance between node a and node B (i.e., the weight of the edge between node a and node B) is greater than the sum of the distance between node a and node D (i.e., the weight of the edge between node a and node D), and the distance between node D and node B (i.e., the weight of the edge between node D and node B). And repeating the steps of selecting the node with the shortest distance from the node set 1 from the node set 2 and updating the distance between each node in the node set 2 and the node set 1 until all nodes in the node set 2 are traversed, so that the shortest path in the initial node set can be determined, and further the users corresponding to p nodes forming the shortest path are determined, wherein the p users are the users with the risk transfer probability greater than the risk transfer threshold value in the user set corresponding to the initial node set. Illustratively, the shortest path determined in fig. 2 is a path formed by the node a, the node D, the node C, and the node E, and the p users include a user corresponding to the node a, a user corresponding to the node D, a user corresponding to the node C, and a user corresponding to the node E.

Optionally, the computer device may perform weighting processing on the sum of the affinities among the p users, the preset affinity weight, the risk feature score of each of the p users, and the preset risk weight to obtain the risk score of each user included in each user set.

For example, the computer device may perform weighted summation processing on the sum of the affinities among the p users, the preset affinity weight, the risk feature score of each of the p users, and the preset risk weight to obtain the risk score of each user included in each user set. Or, the computer device may perform weighted averaging processing on the sum of the affinities among the p users, the preset affinity weight, the risk feature score of each user in the p users, and the preset risk weight to obtain the risk score of each user included in each user set.

For example, taking the user risk score corresponding to the node D in fig. 3 as an example, assuming that the obtained preset risk weight is g1, the preset intimacy weight is g2, and the risk feature score of the user corresponding to the node D is f1, the p users in the user set where the user corresponding to the node D is located have risk propagation probability greater than the risk propagation threshold include the user corresponding to the node a, the user corresponding to the node C, the user corresponding to the node D, and the user corresponding to the node E, and the intimacy between the user corresponding to the node a and the user corresponding to the node D is f2, the intimacy between the user corresponding to the node C and the user corresponding to the node D is f3, and the intimacy between the user corresponding to the node E and the user corresponding to the node D is f4, then the user risk score corresponding to the node D may be f1 g1+ (f 5 + f3+ f4) () -g 2).

In the embodiment of the application, the risk condition of each user in the N users is determined, and then the risk conduction condition in the user set where each user is located is determined, so that the risk condition of each user can be analyzed from different dimensions, and the risk score of the user is obtained. The computer equipment can acquire the users with the risk scores larger than the early warning threshold value and output the user data of the users with the risk scores larger than the early warning threshold value, so that relevant management personnel can correspondingly manage the users with the risk scores larger than the early warning threshold value, and the risk occurrence probability is reduced. Or, the computer device may also sort the risk scores of the N users, output the sorted risk scores of the users, and the relevant manager may manage the users correspondingly based on the sorted risk scores of the users.

Optionally, please refer to fig. 4, where fig. 4 is a schematic flow chart of another risk early warning method provided in the embodiment of the present application. The risk early warning method can be applied to computer equipment; as shown in fig. 4, the risk pre-warning method includes, but is not limited to, the following steps:

s201, determining risk characteristics existing in the user data of the N users by acquiring the user data of the N users, and determining risk characteristic scores of the N users based on the risk characteristics existing in the user data of the N users.

S202, dividing the N users based on the association degree among the user data of the N users to obtain M user sets.

S203, acquiring the intimacy between the users included in each user set in the M user sets.

S204, determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users.

In this embodiment of the application, the specific implementation manners in step S201 to step S204 may refer to the implementation manners in step S101 to step S104 in fig. 1, and are not described herein again.

S205, if a first user with a risk score larger than an early warning threshold exists in the N users, an association relation graph is generated based on the user data of the first user and the user data of the associated user having an association relation with the first user.

In this embodiment of the application, if there is a first user whose risk score is greater than the early warning threshold among the N users, the computer device may generate an association graph based on user data of the first user and user data of an associated user who has an association with the first user. The associated users are p-1 users except the first user in p users corresponding to the sum of the target affinities in the affinity set corresponding to the user set where the first user is located. That is, the associated user refers to p-1 users in the set of users in which the first user is located, whose risk propagation probability is greater than the risk propagation threshold and which are other than the first user. And if the risk score of the user is larger than the early warning threshold value, the risk degree of the user is high, and then risk early warning can be performed, so that relevant management personnel can perform corresponding treatment on the user. The risk of the user is identified by combining the risk condition of the user and the risk conduction condition of the user set where the user is located, so that the accuracy of risk identification is higher.

Optionally, the association relationship graph may be as shown in fig. 5, fig. 5 is an association relationship graph provided in this embodiment, fig. 5 includes user data of the first user and user data of the associated user, and may include, for example, an identifier of the first user, such as a name of the first user, an identifier of the associated user, such as a name of the associated user, an association relationship between the first user and the associated user, such as an investment relationship, a guarantee relationship, a transaction relationship, and a legal relationship, and the like.

S206, acquiring the mark data type, and determining a second user from the users contained in the association relationship graph.

In the embodiment of the application, the computer device may obtain the tagged data type, and determine the second user from the users included in the association graph, where the data type of the user data of the second user is the same as the tagged data type. The type of the marked data can be determined according to specific requirements in a foreign exchange transaction scenario, and may include one or more of a loss of confidence risk data category, a blacklist risk data category, a complaint risk data category, an overdue risk data category, and a transaction exception risk data category, for example. Optionally, the marked data type may further include one or more of the categories of clearing in the industrial and commercial data, loss of credit performed, informal fixed office operations, inaccurate contact, etc. in the category of loss of credit risk data.

In the embodiment of the application, the computer device determines, by determining the type of the tagged data, a second user whose data type of the user data is the same as the type of the tagged data from the association graph, that is, a user who satisfies the type of the tagged data is determined from the association graph, and then the user who satisfies the type of the tagged data in the association graph can be tagged, or the user who satisfies the type of the tagged data in the association graph is highlighted, the user who does not satisfy the type of the tagged data in the association graph is weakened, and the user in the association graph can be viewed more intuitively.

And S207, marking the second user in the incidence relation graph to obtain a marked incidence relation graph, and outputting the marked incidence relation graph to perform risk early warning.

Optionally, the labeled association relationship graph may be as shown in fig. 6, where fig. 6 is a labeled association relationship graph provided in this embodiment of the application, and fig. 6 includes user data of the second user and user data of an associated user associated with the second user, for example, the user data may include an identifier of the second user, such as a name of the second user, an identifier of an associated user associated with the second user, such as a name of an associated user associated with the second user, an association relationship between the second user and the associated user, such as an investment relationship, a guarantee relationship, a transaction relationship, and a legal relationship, and so on. Optionally, the second user may also be marked with a box, and may include associated user 1, associated user 4, associated user 6, and associated user 7 in fig. 6. Or, marking the data belonging to different data types in the second user by using marking frames with different colors; alternatively, data belonging to different data types in the second user may also be marked using different shaped marking boxes. And related management personnel can clearly view the second user in the user set and the marked data type satisfied by the second user based on the marked incidence relation graph.

Optionally, the computer device may further send the marked association graph, the risk score of the first user, and the risk score of the associated user to a management terminal so that the management terminal performs targeted management on the first user and the associated user, where the management terminal may include terminals of organizations such as a bank, a public institution, a check institution, a law institution, and the like. Specifically, the computer device may send the marked association relationship diagram, the risk score of the first user, and the risk score of the associated user to the management terminal, so that the management terminal determines a risk handling scheme for the first user based on the marked association relationship diagram and the risk score of the first user, and determines a risk handling scheme for the associated user based on the marked association relationship diagram and the risk score of the associated user; and carrying out risk processing on the first user based on the risk processing scheme of the first user, and carrying out risk processing on the associated user based on the risk processing scheme of the associated user.

For example, if the marked association diagram shows that the user data of the first user meets the data types such as the execution of the loss of credit and the operation concern list in the bank blacklist data, and the risk score of the first user is greater than the early warning threshold, it may be determined that the risk processing scheme for the first user is to stop the subsequent transaction until the user data of the first user does not meet the data types such as the execution of the loss of credit and the operation concern list in the bank blacklist data. For example, if the user data of the associated user meets the data types that the claim judgment amount is greater than the first threshold, the overdue amount is greater than the second threshold, and the like, and the risk score of the associated user is greater than the early warning threshold, it may be determined that the risk processing scheme for the associated user is the subsequent transaction limit management, that is, the subsequent transaction needs to be less than the limit amount, until the user data of the associated user does not meet the data types that the claim judgment amount is greater than the first threshold, the overdue amount is greater than the second threshold, and the like. By analyzing each user contained in the association relation graph, whether the user data of each user meets the type of the marked data or not and which type of the marked data are met is determined, a risk processing scheme can be pertinently developed, and therefore risk early warning and risk processing effects on the users are better.

Optionally, the computer device obtains an affinity set corresponding to each user set after obtaining a sum of affinities among any q users included in each user set in the M user sets; sorting the sum of the intimacy degrees in the intimacy degree set corresponding to each user set from large to small; and acquiring the sum of the first f intimacy degrees in the sequenced intimacy degree set. If the number of users corresponding to each of the sums of the f previous affinities is greater than the number threshold, the sum of the affinities greater than the number threshold may be deleted from the sum of the f previous affinities, and it is determined whether the number of users corresponding to each of the sums of the remaining affinities is greater than the number threshold. And obtaining at least one user of which the number of users corresponding to the sum of the remaining affinities is less than or equal to a number threshold, and determining the risk score of each user in the at least one user based on the sum of the affinities among the at least one user, a preset affinity weight, the risk feature score of each user in the at least one user, and a preset risk weight. If the number of users corresponding to the sum of the affinities in the sum of the f previous affinities is greater than the number threshold, which may indicate that the degree of association between the users is low, the at least one user may not be subjected to subsequent processing. For example, the risk in the user set needs to be conducted to the user 2 by the user 1, then conducted to the user 3 by the user 2, then conducted to the user 4 by the user 3, and then conducted to the user 5 by the user 4, so that risk conduction can be realized, that is, when the risk conduction mode needs to satisfy the risk conduction between 5 users at the same time, the risk exists, and then the risk conduction probability of the risk conduction mode can be considered to be low, then the at least one user can not be subjected to subsequent processing, so that the risk identification efficiency is improved, and further the risk early warning efficiency is improved.

In the embodiment of the application, the first user with the risk score larger than the early warning threshold value and the associated user with the incidence relation with the first user are obtained, and the incidence relation graph is generated based on the user data of the first user and the associated user, so that the relation between the first user and the associated user can be displayed more intuitively. Furthermore, by marking and outputting the user data of the user, which is contained in the association relation graph, meeting the marked data type, the relevant management personnel can quickly process the user meeting the marked data type, and the risk processing efficiency is improved. Moreover, aiming at users with different types of contained marking data, targeted processing can be carried out, and the effectiveness of risk processing is improved.

The method of the embodiments of the present application is described above, and the apparatus of the embodiments of the present application is described below.

Referring to fig. 7, fig. 7 is a schematic diagram illustrating a structure of a risk early warning apparatus according to an embodiment of the present disclosure, where the risk early warning apparatus may be a computer program (including program code) running in a computer device, for example, the risk early warning apparatus is an application software; the risk early warning device can be used for executing corresponding steps in the risk early warning method provided by the embodiment of the application. The risk early warning device 70 includes:

a risk determining module 71, configured to obtain user data of N users, determine risk features existing in the user data of the N users, and determine risk feature scores of the N users based on the risk features existing in the user data of the N users, where N is a positive integer;

a user dividing module 72, configured to divide the N users based on the association degree between the user data of the N users to obtain M user sets, where each user set includes at least one user, and M is a positive integer;

a risk conduction module 73, configured to obtain an affinity between users included in each of the M user sets, where the affinity is used to reflect a probability that risk conduction occurs between users included in the user sets;

and the risk early warning module 74 is configured to determine a risk score of each of the N users based on the intimacy degree between the users included in each of the M user sets and the risk feature scores of the N users, and perform risk early warning based on the risk score of each user.

Optionally, the user data of one user comprises association data between the one user and other users, the association data comprising at least one of assets delivered by the one user to other users, assets offered by the one user to other users for guarantee, and assets invested by the one user to other users;

for every two users included in each of the M user sets, the risk conduction module 73 is configured to perform the following operations to obtain the intimacy between the users included in each of the M user sets:

Optionally, the risk early warning module 74 includes:

a set obtaining unit 741, configured to obtain a sum of affinities of arbitrary Q users included in each user set of the M user sets, to obtain an affinity set corresponding to each user set, where a value of Q is 2,3,4,. and Q, and Q is a total number of users included in the user set;

a data sorting unit 742, configured to sort the sums of the affinities in the affinity set corresponding to each user set from large to small;

a quantity obtaining unit 743, configured to obtain a sum of the first f intimacy densities in the sorted intimacy density set, obtain the user quantities corresponding to the sums of the first f intimacy densities, determine a target intimacy density sum in the sum of the first f intimacy densities, and obtain p users corresponding to the sum of the target intimacy densities, where the user quantity corresponding to the sum of the target intimacy densities is greater than the user quantity corresponding to any intimacy density sum except the target intimacy density sum in the sum of the first f intimacy densities, f is a positive integer, and p is a positive integer;

the score calculating unit 744 is configured to obtain a preset intimacy weight and a preset risk weight, and determine a risk score of each user included in each user set based on a sum of intimacy between the p users, the preset intimacy weight, a risk feature score of each user of the p users, and the preset risk weight, where p is a positive integer.

Optionally, the score calculating unit 744 is specifically configured to:

Optionally, the risk pre-warning module 74 includes:

a graph generating unit 745, configured to generate an association graph based on user data of a first user and user data of an associated user having an association relationship with the first user if there is the first user whose risk score is greater than an early warning threshold among the N users, where the associated user is p-1 users except the first user in the p users corresponding to the sum of target affinities in an affinity set corresponding to a user set where the first user is located;

the data marking unit 746 is configured to obtain a marked data type, determine a second user from the users included in the association diagram, where a data type of user data of the second user is the same as the marked data type;

and the graphic output unit 747 is configured to mark the second user in the association relationship diagram to obtain a marked association relationship diagram, and output the marked association relationship diagram for risk early warning.

Optionally, the risk early warning device 70 further includes:

a risk processing module 75, configured to send the labeled association relationship diagram, the risk score of the first user, and the risk score of the associated user to a management terminal, so that the management terminal determines a risk processing scheme for the first user based on the labeled association relationship diagram and the risk score of the first user, and determines a risk processing scheme for the associated user based on the labeled association relationship diagram and the risk score of the associated user;

the risk processing module 75 is configured to perform risk processing on the first user based on the risk processing scheme of the first user, and perform risk processing on the associated user based on the risk processing scheme of the associated user.

Optionally, the risk determination module 71 includes:

a feature matching unit 711, configured to match a risk feature existing in the user data of each of the N users with at least one preset risk feature to obtain a risk matching result, where the risk matching result is whether the risk feature existing in the user data matches a preset risk feature in the at least one preset risk feature;

and a risk calculating unit 712, configured to determine, if the risk matching result is that the risk features existing in the user data are matched with preset risk features in the at least one preset risk feature, a sum of reference scores corresponding to the matched preset risk features as risk feature scores of the user, so as to obtain risk feature scores of the N users.

It should be noted that, for the content that is not mentioned in the embodiment corresponding to fig. 7, reference may be made to the description of the method embodiment, and details are not described here again.

In the embodiment of the application, through acquiring the intimacy between the users in the user set, the risk conduction in the user set can be identified among the users in the user set, so that the risk conduction condition in the user set and the risk condition of the user can be identified, namely, the risk condition of the user can be identified from multiple dimensions, the risk identification accuracy can be improved, and the risk early warning accuracy can be improved.

Referring to fig. 8, fig. 8 is a schematic structural diagram of a computer device according to an embodiment of the present disclosure. As shown in fig. 8, the computer device 80 may include: the processor 801, the network interface 804 and the memory 805, and the computer device 80 may further include: a user interface 803, and at least one communication bus 802. Wherein a communication bus 802 is used to enable connective communication between these components. The user interface 803 may include a Display (Display) and a Keyboard (Keyboard), and the optional user interface 803 may also include a standard wired interface and a standard wireless interface. The network interface 804 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 805 may be a high-speed RAM memory or a non-volatile memory (e.g., at least one disk memory). The memory 805 may optionally be at least one memory device located remotely from the processor 801 as previously described. As shown in fig. 8, the memory 805, which is a kind of computer-readable storage medium, may include therein an operating system, a network communication module, a user interface module, and a device control application program.

In the computer device 80 shown in fig. 8, the network interface 804 may provide network communication functions; and the user interface 803 is primarily an interface for providing input to a user; and the processor 801 may be used to invoke the device control application stored in the memory 805 to implement:

It should be understood that the computer device 80 described in this embodiment of the present application may perform the description of the risk pre-warning method in the embodiment corresponding to fig. 1 and fig. 4, and may also perform the description of the risk pre-warning device in the embodiment corresponding to fig. 7, which is not described herein again. In addition, the beneficial effects of the same method are not described in detail.

Embodiments of the present application also provide a computer-readable storage medium storing a computer program, the computer program comprising program instructions, which, when executed by a computer, cause the computer to perform the method according to the foregoing embodiments, and the computer may be a part of the above-mentioned computer device. Such as the processor 801 described above. By way of example, the program instructions may be executed on one computer device, or on multiple computer devices located at one site, or distributed across multiple sites and interconnected by a communication network, which may comprise a blockchain network.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.

The above disclosure is only for the purpose of illustrating the preferred embodiments of the present application and is not to be construed as limiting the scope of the present application, so that the present application is not limited thereto, and all equivalent variations and modifications can be made to the present application.

Claims

1. A risk early warning method is characterized by comprising the following steps:

dividing the N users based on the association degree among the user data of the N users to obtain M user sets, wherein each user set comprises at least one user, and M is a positive integer;

determining the risk score of each user in the N users based on the intimacy degree between the users in each user set in the M user sets and the risk characteristic scores of the N users, and carrying out risk early warning based on the risk score of each user.

2. The method of claim 1, wherein the user data of one user comprises association data between the one user and other users, the association data comprising at least one of assets delivered by the one user to other users, assets offered by the one user to other users for guarantee, and assets invested by the one user to other users;

the obtaining of the intimacy degree between the users included in each of the M user sets includes:

for every two users included in each of the M user sets, performing the following operations to obtain affinity between the users included in each of the M user sets:

acquiring target associated data related to a jth user in user data of the ith user included in each user set in the M user sets, and acquiring assets delivered to the jth user by the ith user, or providing guaranteed assets for the jth user by the ith user, or investing assets for the jth user by the ith user from the target associated data;

determining the ratio of the assets delivered to the jth user by the ith user to the total assets delivered to the jth user by each of R users in the set of users as the intimacy between the ith user and the jth user;

or, determining the ratio between the assets which are provided with guarantees by the ith user to the jth user and the total assets which are provided with guarantees by each user in the R users in the user set to the jth user as the intimacy degree between the ith user and the jth user;

3. The method of claim 1, wherein determining the risk score for each of the N users based on the affinity between the users included in each of the M sets of users and the risk feature scores for the N users comprises:

acquiring the sum of intimacy between any Q users included in each user set in the M user sets to obtain an intimacy set corresponding to each user set, wherein the value of Q is 2,3, 4.

Sorting the sum of the intimacy degrees in the intimacy degree set corresponding to each user set from large to small;

obtaining the sum of the first f intimacy densities in the sequenced intimacy density set, obtaining the number of users corresponding to the sum of the first f intimacy densities respectively, determining the sum of target intimacy densities in the sum of the first f intimacy densities, and obtaining p users corresponding to the sum of the target intimacy densities, wherein the number of users corresponding to the sum of the target intimacy densities is larger than the number of users corresponding to the sum of the first f intimacy densities except for the sum of the target intimacy densities, f is a positive integer, and p is a positive integer;

respectively obtaining a preset intimacy weight and a preset risk weight, and determining the risk score of each user included in each user set based on the sum of intimacy between the p users, the preset intimacy weight, the risk feature score of each user in the p users and the preset risk weight, wherein p is a positive integer.

4. The method of claim 3, wherein the determining the risk score for each user included in the each user set based on the sum of the affinities between the p users, the preset affinity weight, the risk feature score for each of the p users, and the preset risk weight comprises:

5. The method of claim 3, wherein the risk pre-warning based on the risk score of each user comprises:

if a first user with a risk score larger than an early warning threshold exists in the N users, generating an association relation graph based on user data of the first user and user data of an associated user having an association relation with the first user, wherein the associated user is p-1 users except the first user from p users corresponding to the sum of target affinities in an affinity set corresponding to a user set where the first user is located;

acquiring a marked data type, and determining a second user from the users contained in the association relationship graph, wherein the data type of the user data of the second user is the same as the marked data type;

and marking the second user in the incidence relation graph to obtain a marked incidence relation graph, and outputting the marked incidence relation graph to perform risk early warning.

6. The method of claim 5, further comprising:

sending the marked incidence relation graph, the risk score of the first user and the risk score of the associated user to a management terminal, so that the management terminal determines a risk processing scheme for the first user based on the marked incidence relation graph and the risk score of the first user, and determines a risk processing scheme for the associated user based on the marked incidence relation graph and the risk score of the associated user;

and carrying out risk processing on the first user based on the risk processing scheme of the first user, and carrying out risk processing on the associated user based on the risk processing scheme of the associated user.

7. The method of claim 1, wherein determining risk characteristic scores for the N users based on risk characteristics present in the user data for the N users comprises:

matching the risk characteristics existing in the user data of each user in the N users with at least one preset risk characteristic to obtain a risk matching result, wherein the risk matching result is whether the risk characteristics existing in the user data are matched with the preset risk characteristics in the at least one preset risk characteristic or not;

and if the risk matching result is that the risk features existing in the user data are matched with preset risk features in the at least one preset risk feature, determining the sum of reference scores corresponding to the matched preset risk features as the risk feature scores of the users so as to obtain the risk feature scores of the N users.

8. A risk early warning device, comprising:

the user dividing module is used for dividing the N users based on the association degree between the user data of the N users to obtain M user sets, wherein each user set comprises at least one user, and M is a positive integer;

9. A computer device, comprising: a processor, a memory, and a network interface;

the processor is coupled to the memory and the network interface, wherein the network interface is configured to provide data communication functionality, the memory is configured to store program code, and the processor is configured to invoke the program code to cause the computer device to perform the method of any of claims 1-7.

10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program adapted to be loaded and executed by a processor to cause a computer device having the processor to perform the method of any of claims 1-7.