CN114020991A - Intelligent network-involved crime risk revealing method - Google Patents
Intelligent network-involved crime risk revealing method Download PDFInfo
- Publication number
- CN114020991A CN114020991A CN202111308154.3A CN202111308154A CN114020991A CN 114020991 A CN114020991 A CN 114020991A CN 202111308154 A CN202111308154 A CN 202111308154A CN 114020991 A CN114020991 A CN 114020991A
- Authority
- CN
- China
- Prior art keywords
- network
- data
- risk
- account
- hit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000000694 effects Effects 0.000 claims abstract description 78
- 238000004458 analytical method Methods 0.000 claims abstract description 18
- 238000005516 engineering process Methods 0.000 claims abstract description 14
- 238000006243 chemical reaction Methods 0.000 claims abstract description 4
- 238000012545 processing Methods 0.000 claims description 37
- 239000002360 explosive Substances 0.000 claims description 21
- 238000001514 detection method Methods 0.000 claims description 17
- 238000004880 explosion Methods 0.000 claims description 17
- 238000010276 construction Methods 0.000 claims description 9
- 238000004364 calculation method Methods 0.000 claims description 8
- 238000002360 preparation method Methods 0.000 claims description 6
- 239000002994 raw material Substances 0.000 claims description 6
- 239000000463 material Substances 0.000 claims description 5
- 238000009960 carding Methods 0.000 claims description 4
- 238000009472 formulation Methods 0.000 claims description 3
- 238000005259 measurement Methods 0.000 claims description 3
- 239000000203 mixture Substances 0.000 claims description 3
- 238000007781 pre-processing Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 2
- 238000004891 communication Methods 0.000 abstract description 6
- 238000012544 monitoring process Methods 0.000 abstract description 4
- 230000006399 behavior Effects 0.000 description 14
- 230000007246 mechanism Effects 0.000 description 7
- 230000008859 change Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000013461 design Methods 0.000 description 4
- 238000012954 risk control Methods 0.000 description 4
- 230000007717 exclusion Effects 0.000 description 3
- 230000010354 integration Effects 0.000 description 3
- 210000001520 comb Anatomy 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 238000012827 research and development Methods 0.000 description 2
- 230000014155 detection of activity Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 238000005308 sum rule Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/205—Parsing
- G06F40/216—Parsing using statistical methods
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/279—Recognition of textual entities
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Artificial Intelligence (AREA)
- Data Mining & Analysis (AREA)
- Probability & Statistics with Applications (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses an intelligent network-related crime risk revealing method, which comprises the steps of monitoring and classifying text contents of related network activity data, extracting, analyzing and integrating the related network activity data by combining a defined basic library and applying a rule engine, big data comparison and text analysis technologies, outputting related scores of a series of network activities, endowing the scores to a related network account, and obtaining the final risk level of the account after risk level conversion. The invention can detect the online activity text data of online talk, communication information, transaction shopping, logistics consignment and the like, obtain the risk index of the related account through comprehensive operation, and can rapidly and objectively analyze the target account, thereby relieving the workload of workers for manually checking the network account and the activity thereof one by one, reducing the difficulty of manual study and judgment, and enabling the workers to rapidly predict the risk of the account related to the behavior.
Description
Technical Field
The invention relates to the technical field of public security industry, in particular to an intelligent network-involved crime risk revealing method, which is used for detecting and discovering network-involved crime activities in advance in the work of the public security industry.
Background
In the modern internet + big data era, people's living behaviors are increasingly networked and digitalized, and criminals gradually transfer traditional criminal activities to the network, and because activities on the network are characterized by fast flowing, fast changing, opaque network identity and the like, the criminal prevention and fighting activities are more challenging for workers.
At present, in the daily network activity investigation work, a worker can acquire the network activity data, but because the data volume is large, and a large amount of manual work exists in the data classification, analysis and identification work, scientific, quick and effective information analysis means for the network activity data is lacked, the efficiency is influenced, and the effect is influenced.
Some large internet companies on the market currently have some software for monitoring and detecting network activities, but all the software is used for performing some general comparison processing based on a general sensitive word matching technology, a comparison result is directly pushed to relevant units as a clue, the clue is not rounded, and the clue is not converted into a visual and easily understood risk index taking an account as a center from the perspective of risk control; moreover, the problems of inaccurate clues, large quantity, large workload of manual intervention and the like caused by the fact that a denoising processing and sensitive word replacement mechanism are not specifically performed in combination with related services; meanwhile, the risk index of the account related to the network behavior is not disclosed from the perspective of risk control and integration, and the staff cannot be intuitively told which kind of network activities should be paid more attention to; the lack of custom configurable rule engine technology does not allow for rapid and low-cost response to changes in subsequent user requirements.
In the face of a large amount of network activity data, how to quickly and accurately identify which network behaviors relate to network criminal activities through a quick, efficient and automatic technical means, whether to combine related services to formulate some specific rules to filter some noises, whether to realize the network criminal activities through an automatic and flexibly configurable rule engine-based technology, and how many risk indexes are, which are the problems concerned by workers who pay attention to activities and related accounts are the problems concerned by the workers who are also the problems to be solved urgently, and a powerful means for reducing the workers to manually check and research and judge network criminal activities one by one is a scientific method for efficiently and early preventing the network criminal activities.
Disclosure of Invention
The technical problem to be solved by the invention is to provide an intelligent network-involved crime risk revealing method, which is used for solving the problems in the background technology, so that the change of business requirements can be responded quickly, the prompt of the network-involved crime risk can be displayed more visually, and related scoring and eliminating methods can be set through a flexible rule engine, so that the detection operation is more automatic and accurate.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows.
The method comprises the steps of monitoring and classifying text contents of relevant network activity data, extracting, analyzing and integrating the relevant network activity data by combining a defined basic library and applying a rule engine, big data comparison and text analysis technologies, outputting relevant scores of the series of network activities, adding the scores to relevant network accounts, and obtaining final risk levels of the accounts after risk level conversion.
Further optimizing the technical scheme, the method specifically comprises the following steps:
s1, performing basic construction, including word library construction, explosive formula library construction and detection rule formulation;
s2, defining an integrated network-involved crime risk revealing flow model, starting the integrated network-involved crime risk revealing flow model, and carrying out risk measurement and calculation processing on network-involved activity data.
Further optimizing the technical solution, in the step S1, constructing the word stock includes the following steps:
s101, a sensitive word bank of activities on the explosion-related network is established through combing, and sensitive words are classified in a grading manner;
s102, carding and collecting civil replaceable explosion-making materials, establishing a civil substitute word bank, and setting up the civil substitute word bank in one-to-one correspondence with the established sensitive word bank of activities on the explosion-related network;
s103, combing out activities which are related to the explosion-making activities and are not related to crimes, establishing a corresponding word excluding library, and setting an excluding mode of each word.
Further optimizing the technical scheme, in the step S1, constructing the explosive formula library includes the following steps: according to the preparation requirements of each type of explosive, the raw materials required by the explosion preparation formula are combed out, a relevant formula table is established for each type of explosive, and an explosive formula library is established.
Further optimizing the technical solution, in the step S1, the formulating the detection rule includes the following steps:
s111, establishing scoring rules, wherein the scoring rules are defined into two categories of scoring according to hit times and scoring according to hit number/weight according to different types of characteristics;
and S112, formulating formula rules, combing and establishing a related formula library according to the raw material requirements of the formulated explosives, and formulating related weighted operation rules for each formula.
Further optimizing the technical scheme, the step S2 includes the following specific steps:
s21, accessing the internet-related data: acquiring and converging internet data;
s22, preprocessing data;
s23, extracting data content;
s24, loading a basic library: loading the basic library information defined in the step S21;
s25, performing score superposition operation and weighting processing;
and (3) score superposition operation: comparing and matching the content extracted from the data content in the step S23 according to the classification of the sensitive words, and scoring the hit content according to the classification of the sensitive words;
and (3) weighting: for a network behavior related to a certain account, if multiple data types are related simultaneously and sensitive words or civil substitute words under the data types are hit, weighted average operation needs to be carried out on the total score of the account, and then additional score processing needs to be carried out on the total score;
and S26, obtaining and outputting the risk index of the net-related activity account.
Further optimizing the technical solution, the step S22 includes the following steps:
identifying the type of the network-related data, carrying out standardized data processing and standardized storage on the type of the data, and matching the data with corresponding rules.
Further optimizing the technical solution, in the step S25, the score superposition operation includes the following steps:
s251, the network speech data is processed according to the hit scoring;
s252, when the same sensitive word is hit again, the score is added continuously;
s253, when other sensitive words in the same classification are hit, continuously adding points;
s254, if the hit sensitive words in the same classification are matched with the formula library, additional scoring processing is given according to the corresponding formula rules;
s255, when the sensitive words under different classifications are hit, the sensitive words are scored, and additional scoring processing is carried out;
s256, when the same data hits the excluded word, respectively performing unscored and subtractive processing according to the type of the hit excluded word;
s257, finally obtaining the total score of the data, and adding the score to the related speaking account;
and S258, repeating the steps S251 to S257 until all the data are traversed.
Due to the adoption of the technical scheme, the technical progress of the invention is as follows.
The invention relates to a network-related crime risk operation detection and analysis method based on internet activity data, which is a novel method based on multi-technology integration of big data operation, a self-research and development rule engine, text analysis and the like, can quickly respond to the change of business requirements, enables prompt of network-related crime risks to be displayed more visually, and enables detection operation to be more automatic and accurate by setting related scoring and eliminating methods through a flexible rule engine.
The invention can detect the online activity text data of online talk, communication information, transaction shopping, logistics consignment and the like, obtain the risk index of the related account through comprehensive operation, and can rapidly and objectively analyze the target account, thereby relieving the workload of workers for manually checking the network account and the activity thereof one by one, reducing the difficulty of manual study and judgment, and enabling the workers to rapidly predict the risk of the account related to the behavior.
1. The invention designs the integral operation rules under different scenes based on the self-defined and configurable rule engine, fully considers the related service scenes, more deeply integrates the explosion-related and gun-related services, and designs different explosive formula rules, materials and accessory combination rules, and the rule engine can be adjusted at any time according to the change of the requirements of future workers, can quickly meet the new requirements, and can also reduce the development and maintenance cost of related systems.
2. The invention introduces the idea of account risk control, adopts an integral operation mechanism for detecting the behavior of the network-related activities, combines with weighting processing to perform integral calculation processing with related network accounts as the center according to various rules set by a rule engine, and the calculation result is a comprehensive score and is converted into a corresponding risk grade.
3. The invention combines the related department services, establishes a related word bank, combs and eliminates words according to a plurality of dimensions of different professions, units, places and the like, establishes an eliminating mechanism, reduces noise and reduces pushing of useless information to workers.
4. The whole analysis method adopts an automatic processing mechanism, can automatically analyze various network-related activity data as long as network activity data are continuously accessed, and finds out high-risk network-related criminal activities and related network accounts.
Drawings
FIG. 1 is a conceptual block diagram of a risk detection model system according to the present invention;
FIG. 2 is a flow chart of the present invention.
Detailed Description
The invention will be described in further detail below with reference to the figures and specific examples.
An intelligent disclosure method for crime related to network is disclosed, which combines the technologies of monitoring and classifying text contents of related network activity data (transaction, post posting and the like) as shown in fig. 1 to fig. 2, applies the technologies of a rule engine, big data comparison, text analysis and the like by combining with a defined basic library, extracts, analyzes and integrates the related network activity data by methods of weighting analysis and the like, outputs related scores of the series of network activities, endows the scores to related network account numbers, obtains final risk grades of the account numbers by risk grade conversion, and enables workers to find medium and high risk network activity behaviors in time and guide detection directions.
The invention takes the actual business requirements of users as guidance, takes the prevention and analysis business of the network-related criminal activities as an entry point, takes the detection of activities on an explosion-related network as an example, takes big data, text analysis and a rule engine as basic technologies, aims to intelligently, quickly and accurately disclose risks of the behaviors of the network-related criminal activities, and forms a set of risk analysis scheme by researching and developing self-defined rule engines (point sum rules and explosion-related combination formula rules) and combining with an automatic processing method.
The method adopted by the invention can support the risk detection business of network explosion-related and gun-related criminal activities, and the invention takes the explosion-related online activities as an example to explain the processing scheme of the invention.
An intelligent network-involved crime risk revealing method specifically comprises the following steps:
and S1, performing basic construction, including word library construction, explosive formula library construction and detection rule formulation. The basis building is the basis of the operation of the subsequent step S2.
S10, building a word stock, including building a sensitive word stock and classifying the sensitive words in a grading way, building a civil substitute word stock and setting a one-to-one corresponding relation with the sensitive words, building an excluded word stock and setting the types of excluded words, and setting an excluded scoring way.
The word stock building method comprises the following steps:
s101, a sensitive word bank of activities on the explosion-related network is established through carding, and the sensitive words are classified in a grading mode according to business requirements and explosion-making activities, wherein the classification mode can comprise a large classification mode and a fine classification mode.
S102, according to explosion-making activity requirements, carding and collecting civil replaceable explosion-making materials, establishing a civil substitute lexicon, and setting up the civil substitute lexicon in one-to-one correspondence with the established sensitive lexicon of the explosion-related online activity.
S103, according to exceptional conditions of the explosion-making activities, activities which are related to the explosion-making activities and are not suspected of crimes are sorted out from the aspects of occupation, units and the like, a corresponding word excluding library is established, and the excluding mode of each word is set. Exclusion includes unscored exclusion and subtractive exclusion.
S11, constructing an explosive formula library, comprising the following steps: according to the preparation requirements of each type of explosive, the raw materials required by the explosion preparation formula are combed out, a relevant formula table is established for each type of explosive, and an explosive formula library is established.
S12, making detection rules, which is to analyze the text data generated by the online activities based on the content and find out whether the text data is explosive or not, if so, making corresponding rules.
Formulating a detection rule, comprising: the scoring rule and the formula combination rule specifically comprise the following steps:
and S121, establishing scoring rules, wherein the activity types on the explosion-related network are mainly classified into an online speech, communication information, transaction shopping and logistics consignment, and the scoring rules are defined into two categories of scoring according to hit times and scoring according to hit quantity/weight according to different types of characteristics.
The rules scored by hit number are: setting the score of the first hit sensitive word, the score of the second hit sensitive word and the weighted score of the combined hit different sensitive words according to the sensitive word classification, and setting the rule of excluding word scores.
The rules of scoring by number of hits/weight are: setting scores when the sensitive words are hit according to the sensitive word classification and different number/weight intervals (for example, the sensitive words are hit under a certain classification, 10 scores when the number is 3-20, and 15 scores when the number is 20-100), combining the weighted processing scores when the sensitive words are hit, and setting an excluded word score rule.
And S122, formulating formula rules, combing and establishing a related formula library according to the raw material requirements of the formulated explosives, and formulating related weighted operation rules for each formula so as to be used for weighted scoring operation of 'when different types of sensitive words are hit in combination'.
And S2, defining an integrated network-involved crime risk revealing process model, and starting the integrated network-involved crime risk revealing process model, wherein the process realizes risk measurement, calculation, analysis and processing of network-involved activity data based on the basis defined in the step S1.
The handling step will be described below by taking the spoken web data as an example, and step S2 includes the following specific steps:
s21, accessing the internet-related data: firstly, the internet data/networking activity data such as the internet talk, the communication information, the transaction shopping, the logistics consignment and the like are acquired and gathered through the regular data synchronous processing.
And S22, preprocessing the converged data. Step S22 includes the following steps:
s221, performing network-related behavior matching processing, namely identifying the type of the network-related data, and selecting corresponding processing rules for the accessed network-related activity data according to the data type of the network-related activity data, wherein the processing rules comprise a scoring mode and a weighting processing mode.
S222, after determining that the data type is data of the online speech type, continuing to perform a standardization process, that is, identifying data columns such as "speech account, speech time, speech content" in the data, storing the data columns in the database according to the specification, selecting a scoring mode (here, scoring according to hit times), and selecting a weighting processing mode (detailed later in steps).
S23, data content extraction: and reading data columns such as speaking content and speaking account numbers in batches. And extracting the standardized data to obtain text data to be analyzed.
S24, loading a basic library: loading the base library information defined in step S21, including: word stock, formula stock and rule stock.
And S25, score superposition operation and weighting processing. And analyzing and scoring the data according to the matched rule in the step S22 and the base library loaded in the step S24, performing additional scoring and weighting processing operations, and accumulating the scores on the related network account numbers.
And (3) score superposition operation: comparing and matching the speech content extracted from the data content of the step S23, all the sensitive words and the civil substitute words according to the categories to which the sensitive words belong, and scoring the hit sensitive words and the corresponding civil substitute words according to the categories to which the sensitive words belong. Because the sensitive words in different classifications have different scores, the sensitive words need to be scored respectively.
In step S25, the score superposition operation includes the following steps:
and S251, the network speech data needs to be processed according to the hit frequency score, so that when a certain sensitive word or a substitute word is hit for the first time, corresponding scores are added according to the classification of the words.
And S252, when the same sensitive word is hit again, the score is continuously added.
And S253, when other sensitive words in the same classification are hit, continuing to add points, and synchronizing the step S251 and the step S252.
And S254, if the plurality of hit sensitive words in the same classification are matched with the formula library, giving additional scoring processing according to the corresponding formula rules.
And S255, when the sensitive words under different classifications are hit, performing additional scoring processing on the sensitive words except scoring.
And S256, when the same data also hits the excluded word, respectively performing unscrambling and deducting processing according to the type of the hit excluded word.
And S257, finally obtaining the total score of the data, and adding the score to the related speaking account.
And S258, repeating the steps S251 to S257 until all the data are traversed. The data comprises online speech, communication information, transaction shopping and logistics consignment.
In step S25, the weighting process includes: for a network behavior related to a certain account, if multiple data types (such as an online statement and transaction shopping) are related at the same time and sensitive words or civil substitute words under the data types are hit, weighted average operation needs to be performed on the total score of the account (the proportion of each data type in the total score is set), and then additional score processing needs to be performed on the total score.
And S26, obtaining and outputting the risk index of the net-related activity account, and outputting the risk index (including risk level and total score) of the net-related activity of the account. And finally, obtaining the total points of the network accounts related to the network activities, converting the total points into risk grades (high, medium and low), and outputting the network-related crime risk indexes of the network accounts.
The invention relates to a text content detection method aiming at network activity data, which combines related services, a text analysis technology and a custom rule engine technology, integrates the idea of points to calculate the network-related crime risk of related behaviors, and can support the detection service of the crime risk of explosion-related and vendor-related behaviors.
The invention can detect the online activity text data of online talk, communication information, transaction shopping, logistics consignment and the like, obtain the risk index of the related account through comprehensive operation, and can rapidly and objectively analyze the target account, thereby relieving the workload of workers for manually checking the network account and the activity thereof one by one, reducing the difficulty of manual study and judgment, and enabling the workers to rapidly predict the risk of the account related to the behavior.
The invention designs the integral operation rules under different scenes based on the self-defined and configurable rule engine, fully considers the related service scenes, more deeply integrates the explosion-related and gun-related services, and designs different explosive formula rules, materials and accessory combination rules, and the rule engine can be adjusted at any time according to the change of the requirements of future workers, can quickly meet the new requirements, and can also reduce the development and maintenance cost of related systems.
The invention introduces the idea of account risk control, adopts an integral operation mechanism for detecting the behavior of the network-related activities, combines with weighting processing to perform integral calculation processing with related network accounts as the center according to various rules set by a rule engine, and the calculation result is a comprehensive score and is converted into a corresponding risk grade.
The invention combines the related department services, establishes a related word bank, combs and eliminates words according to a plurality of dimensions of different professions, units, places and the like, establishes an eliminating mechanism, reduces noise and reduces pushing of useless information to workers.
The whole analysis method adopts an automatic processing mechanism, can automatically analyze various network-related activity data as long as network activity data are continuously accessed, and finds out high-risk network-related criminal activities and related network accounts.
The invention relates to a network-related crime risk operation detection and analysis method based on internet activity data, which is a novel method based on multi-technology integration of big data operation, a self-research and development rule engine, text analysis and the like, can quickly respond to the change of business requirements, enables prompt of network-related crime risks to be displayed more visually, and enables detection operation to be more automatic and accurate by setting related scoring and eliminating methods through a flexible rule engine.
Claims (8)
1. The method is characterized in that text contents of relevant network activity data are monitored, classified and extracted, a rule engine, big data comparison and text analysis technologies are applied by combining a defined basic library, extraction analysis and integral calculation are carried out on the relevant network activity data, relevant scores of a series of network activities are output, the integral is given to and accumulated in a relevant network account, and the final risk grade of the account is obtained after risk grade conversion.
2. The intelligent disclosure method for crime risk relating to network according to claim 1, specifically comprising the following steps:
s1, performing basic construction, including word library construction, explosive formula library construction and detection rule formulation;
s2, defining an integrated network-involved crime risk revealing flow model, starting the integrated network-involved crime risk revealing flow model, and carrying out risk measurement and calculation processing on network-involved activity data.
3. The method for intelligently revealing crime risk related to network according to claim 2, wherein the step S1 of constructing a word stock comprises the steps of:
s101, a sensitive word bank of activities on the explosion-related network is established through combing, and sensitive words are classified in a grading manner;
s102, carding and collecting civil replaceable explosion-making materials, establishing a civil substitute word bank, and setting up the civil substitute word bank in one-to-one correspondence with the established sensitive word bank of activities on the explosion-related network;
s103, combing out activities which are related to the explosion-making activities and are not related to crimes, establishing a corresponding word excluding library, and setting an excluding mode of each word.
4. The method for intelligently revealing online crime risk according to claim 2, wherein the step S1 of constructing an explosive formula library comprises the following steps: according to the preparation requirements of each type of explosive, the raw materials required by the explosion preparation formula are combed out, a relevant formula table is established for each type of explosive, and an explosive formula library is established.
5. The method for intelligently revealing the crime risk related to the network according to claim 2, wherein in the step S1, the step of formulating the detection rule includes the steps of:
s111, establishing scoring rules, wherein the scoring rules are defined into two categories of scoring according to hit times and scoring according to hit number/weight according to different types of characteristics;
and S112, formulating formula rules, combing and establishing a related formula library according to the raw material requirements of the formulated explosives, and formulating related weighted operation rules for each formula.
6. The method for intelligently revealing crime risk concerning net according to claim 2, wherein the step S2 includes the following specific steps:
s21, accessing the internet-related data: acquiring and converging internet data;
s22, preprocessing data;
s23, extracting data content;
s24, loading a basic library: loading the basic library information defined in the step S21;
s25, performing score superposition operation and weighting processing;
and (3) score superposition operation: comparing and matching the content extracted from the data content in the step S23 according to the classification of the sensitive words, and scoring the hit content according to the classification of the sensitive words;
and (3) weighting: for a network behavior related to a certain account, if multiple data types are related simultaneously and sensitive words or civil substitute words under the data types are hit, weighted average operation needs to be carried out on the total score of the account, and then additional score processing needs to be carried out on the total score;
and S26, obtaining and outputting the risk index of the net-related activity account.
7. The intelligent online crime risk disclosure method according to claim 6, wherein the step S22 includes the following steps:
identifying the type of the network-related data, carrying out standardized data processing and standardized storage on the type of the data, and matching the data with corresponding rules.
8. The method for intelligently revealing online crime risk according to claim 6, wherein in the step S25, the score superposition operation includes the following steps:
s251, the network speech data is processed according to the hit scoring;
s252, when the same sensitive word is hit again, the score is added continuously;
s253, when other sensitive words in the same classification are hit, continuously adding points;
s254, if the hit sensitive words in the same classification are matched with the formula library, additional scoring processing is given according to the corresponding formula rules;
s255, when the sensitive words under different classifications are hit, the sensitive words are scored, and additional scoring processing is carried out;
s256, when the same data hits the excluded word, respectively performing unscored and subtractive processing according to the type of the hit excluded word;
s257, finally obtaining the total score of the data, and adding the score to the related speaking account;
and S258, repeating the steps S251 to S257 until all the data are traversed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111308154.3A CN114020991A (en) | 2021-11-05 | 2021-11-05 | Intelligent network-involved crime risk revealing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111308154.3A CN114020991A (en) | 2021-11-05 | 2021-11-05 | Intelligent network-involved crime risk revealing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114020991A true CN114020991A (en) | 2022-02-08 |
Family
ID=80061755
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111308154.3A Pending CN114020991A (en) | 2021-11-05 | 2021-11-05 | Intelligent network-involved crime risk revealing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114020991A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080208901A1 (en) * | 2007-02-26 | 2008-08-28 | Friedlander Robert R | System and method for deriving a hierarchical event based database optimized for analysis of criminal and security information |
| US20140059641A1 (en) * | 2012-08-22 | 2014-02-27 | International Business Machines Corporation | Automated feedback for proposed security rules |
| CN105138570A (en) * | 2015-07-26 | 2015-12-09 | 吉林大学 | Calculation method of crime degree of speech data |
| KR20160001994A (en) * | 2014-06-30 | 2016-01-07 | 김왕철 | Server and method for managing crime using big data |
| KR20160104223A (en) * | 2015-02-26 | 2016-09-05 | 광운대학교 산학협력단 | A Method for a Crime Prediction Using a Crime Pattern Analysis based on Big Data and A System for the Same |
| CN113407886A (en) * | 2021-07-10 | 2021-09-17 | 广州数智网络科技有限公司 | Network crime platform identification method, system, device and computer storage medium |
-
2021
- 2021-11-05 CN CN202111308154.3A patent/CN114020991A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080208901A1 (en) * | 2007-02-26 | 2008-08-28 | Friedlander Robert R | System and method for deriving a hierarchical event based database optimized for analysis of criminal and security information |
| US20140059641A1 (en) * | 2012-08-22 | 2014-02-27 | International Business Machines Corporation | Automated feedback for proposed security rules |
| KR20160001994A (en) * | 2014-06-30 | 2016-01-07 | 김왕철 | Server and method for managing crime using big data |
| KR20160104223A (en) * | 2015-02-26 | 2016-09-05 | 광운대학교 산학협력단 | A Method for a Crime Prediction Using a Crime Pattern Analysis based on Big Data and A System for the Same |
| CN105138570A (en) * | 2015-07-26 | 2015-12-09 | 吉林大学 | Calculation method of crime degree of speech data |
| CN113407886A (en) * | 2021-07-10 | 2021-09-17 | 广州数智网络科技有限公司 | Network crime platform identification method, system, device and computer storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110223168B (en) | Label propagation anti-fraud detection method and system based on enterprise relationship map | |
| CN111614690B (en) | Abnormal behavior detection method and device | |
| CN112053221A (en) | Knowledge graph-based internet financial group fraud detection method | |
| CN112132233A (en) | Criminal personnel dangerous behavior prediction method and system based on effective influence factors | |
| CN108363717B (en) | Data security level identification and detection method and device | |
| CN111160696A (en) | Big data based detected person grading method | |
| CN112053222A (en) | Knowledge graph-based internet financial group fraud detection method | |
| CN110033284A (en) | Source of houses verification method, apparatus, equipment and storage medium | |
| CN110046889A (en) | A kind of detection method, device and the server of abnormal behaviour main body | |
| CN111861507A (en) | Identification method and system for analyzing risks of online catering stores in real time | |
| CN114118793A (en) | Local exchange risk early warning method, device and equipment | |
| CN108399387A (en) | The data processing method and device of target group for identification | |
| CN108921433B (en) | Risk quantitative analysis system based on business continuity | |
| CN114020991A (en) | Intelligent network-involved crime risk revealing method | |
| CN114817518B (en) | License handling method, system and medium based on big data archive identification | |
| CN115858598A (en) | Enterprise big data-based target information screening and matching method and related equipment | |
| CN113642820B (en) | Method and system for evaluating and managing personnel data information based on big data | |
| CN115392351A (en) | Risk user identification method and device, electronic equipment and storage medium | |
| CN114896629A (en) | Network information safety online monitoring and early warning management system based on big data analysis | |
| CN114708090A (en) | Bank payment business risk identification device based on big data | |
| CN114066219A (en) | Electricity stealing analysis method for intelligently identifying electricity utilization abnormal points under incidence matrix | |
| CN114780711B (en) | Certificate application identification method, system and medium based on intelligent file platform | |
| CN113590597B (en) | Identification method and equipment for analysis hierarchical division of key personnel of network abnormal behaviors | |
| CN114386529B (en) | Community service analysis method and system based on big data and readable storage medium | |
| CN117688503B (en) | Electricity safety inspection system based on mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |