CN114581219A - Anti-telecommunication network fraud early warning method and system - Google Patents
Anti-telecommunication network fraud early warning method and system Download PDFInfo
- Publication number
- CN114581219A CN114581219A CN202210462183.3A CN202210462183A CN114581219A CN 114581219 A CN114581219 A CN 114581219A CN 202210462183 A CN202210462183 A CN 202210462183A CN 114581219 A CN114581219 A CN 114581219A
- Authority
- CN
- China
- Prior art keywords
- early warning
- loan
- data set
- preset
- fraud
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/018—Certifying business or products
- G06Q30/0185—Product, service or business identity fraud
Abstract
The invention provides an anti-telecommunication network fraud early warning method and system, and relates to the technical field of data processing. Obtaining user loan wind control data; then, calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes; and finally, inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The loan behavior characteristic indexes are constructed by deeply analyzing the loan wind control behavior of the user, an accurate early warning model is constructed by combining an advanced machine learning algorithm, early warning information which is possibly damaged is calculated and output, and the potential risk is found and early warned, so that the potential risk is found and early warned in advance, and the occurrence of fraud events is reduced.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to an anti-telecommunication network fraud early warning method and system.
Background
In recent years, telecommunication phishing cases are continuously and highly issued, so that great loss is caused to the properties of people, high importance is brought to public security institutions of all levels, and a lot of technical companies for providing anti-telecommunication fraud services are also emerged.
The traditional anti-telecommunication fraud technology mainly relies on communication, internet surfing and social network data of users, and carries out early warning by analyzing the data, but the method has the following problems: 1) the data volume is very large, the formats are not uniform, and the data processing workload is very large; 2) a considerable part of phishing behaviors relate to loan, and the various data cannot directly reflect the loan behaviors of the user.
In the telecom fraud case, the loan-related percentage of phishing is usually 30% or even higher, and a considerable part of victims have abnormal loan behaviors before the phishing is encountered, and the potential risks in the loan behaviors cannot be found in advance in the existing various early warning schemes for early warning.
Disclosure of Invention
The invention aims to provide an anti-telecommunication phishing early warning method and system, which are used for solving the problem that potential risks cannot be found in advance to carry out early warning in the prior art.
In a first aspect, an embodiment of the present application provides an anti-telecommunication phishing early warning method, including the following steps:
acquiring user loan wind control data;
calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes;
and inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result.
In the implementation process, the loan wind control data of the user is obtained; then, calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes; and finally, inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The method breaks through the traditional thought of anti-fraud early warning based on user network, communication and social behavior data, constructs loan behavior characteristic indexes by deeply analyzing loan wind control behaviors of users, constructs an accurate early warning model by combining with an advanced machine learning algorithm, calculates and outputs early warning information which is possibly damaged, finds potential risks and carries out early warning, thereby finding the potential risks in advance and carrying out early warning, and reducing the occurrence of fraud events.
Based on the first aspect, in some embodiments of the present invention, the method further comprises the following steps:
and obtaining and screening a preset loan wind control historical database according to the information of the cheated personnel to obtain a positive sample data set and a negative sample data set.
Preprocessing the positive sample data set to obtain a positive sample preprocessing data set;
comparing and analyzing the positive sample preprocessing data set and the negative sample data set through a data analysis tool to obtain the distribution characteristics of the harmed personnel on the loan behavior data;
respectively calculating the personal loan behavior characteristic indexes of the positive sample data set and the negative sample data set by adopting a preset characteristic index calculation formula according to the distribution characteristics of the harmed personnel on the loan behavior data;
and training by adopting a deep learning algorithm according to the personal loan behavior characteristic index, the positive sample data set and the negative sample data set to obtain a fraud early warning model.
Based on the first aspect, in some embodiments of the present invention, the step of preprocessing the positive sample data set to obtain a positive sample preprocessed data set includes the following steps:
respectively carrying out format conversion on the sample data in the positive sample data set to generate a new positive sample data set;
and analyzing the new positive sample data set to obtain fraud related information so as to form a positive sample preprocessing data set.
Based on the first aspect, in some embodiments of the present invention, the step of comparing and analyzing the positive sample preprocessing data set and the negative sample data set by the data analysis tool to obtain the distribution characteristics of the injured person on the loan behavior data includes the following steps:
analyzing the loan behavior of the harmed personnel in the positive sample preprocessing data set through a data analysis tool to obtain the loan behavior data of the harmed personnel;
comparing the loan behavior data of the damaged person with the loan behavior data corresponding to each loan person with the negative sample data set to obtain a plurality of difference results;
and obtaining the distribution characteristics of the harmed personnel on the loan behavior data according to the plurality of difference results.
Based on the first aspect, in some embodiments of the present invention, the method further comprises the following steps:
and updating the data in the preset loan wind control historical database at regular time to obtain a new loan wind control historical database.
Based on the first aspect, in some embodiments of the present invention, the method further comprises the following steps:
obtaining a verification dataset;
inputting the verification data set into a preset fraud early warning model to obtain a plurality of verification results;
and calculating by using a preset model verification index calculation formula according to the verification results to obtain a plurality of model indexes.
Based on the first aspect, in some embodiments of the present invention, the method further comprises the following steps:
acquiring a new sample data set according to a plurality of model indexes;
and training the preset fraud early warning model according to the new sample data set to obtain a new fraud early warning model.
In a second aspect, an embodiment of the present application provides an anti-telecommunication phishing early warning system, including:
the loan wind control data acquisition module is used for acquiring loan wind control data of the user;
the loan behavior characteristic index calculation module is used for calculating a plurality of user loan behavior characteristic indexes according to the user loan wind control data and a preset characteristic index calculation formula;
and the fraud early warning module is used for inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result.
In the implementation process, the loan wind control data acquisition module is used for acquiring the loan wind control data of the user; the loan behavior characteristic index calculation module calculates a plurality of user loan behavior characteristic indexes according to the user loan wind control data and a preset characteristic index calculation formula; and the fraud early warning module inputs the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The method breaks through the traditional thought of anti-fraud early warning based on user network, communication and social behavior data, constructs loan behavior characteristic indexes by deeply analyzing loan wind control behaviors of users, constructs an accurate early warning model by combining with an advanced machine learning algorithm, calculates and outputs early warning information which is possibly damaged, finds potential risks and carries out early warning, thereby finding the potential risks in advance and carrying out early warning, and reducing the occurrence of fraud events.
In a third aspect, an embodiment of the present application provides an electronic device, which includes a memory for storing one or more programs; a processor. The program or programs, when executed by a processor, implement the method of any of the first aspects as described above.
In a fourth aspect, embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the method according to any one of the first aspect described above.
The embodiment of the invention at least has the following advantages or beneficial effects:
the embodiment of the invention provides an anti-telecommunication phishing early warning method and system, which comprises the steps of obtaining loan wind control data of a user; then, calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes; and finally, inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The method breaks through the traditional thought of anti-fraud early warning based on user network, communication and social behavior data, constructs loan behavior characteristic indexes by deeply analyzing loan wind control behaviors of users, constructs an accurate early warning model by combining with an advanced machine learning algorithm, calculates and outputs early warning information which is possibly damaged, finds potential risks and carries out early warning, thereby finding the potential risks in advance and carrying out early warning, and reducing the occurrence of fraud events. By running the fraud early warning model on the verification data set and calculating the model index according to the verification result, the effectiveness of the fraud early warning model can be judged through the model index, and data support is provided for the evaluation of the fraud early warning model. Iterative optimization is performed on the fraud early warning model based on the updated sample data set, so that a better fraud early warning model is obtained, and the early warning accuracy of the fraud early warning model is further improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
FIG. 1 is a flowchart illustrating an anti-phishing early warning method according to an embodiment of the present invention;
FIG. 2 is a flow chart of a fraud early warning model construction process provided by the embodiment of the present invention;
FIG. 3 is a diagram illustrating a preprocessing step of a positive sample data set according to an embodiment of the present invention;
FIG. 4 is a block diagram of an anti-telecommunication phishing early warning system according to an embodiment of the present invention;
fig. 5 is a block diagram of an electronic device according to an embodiment of the present invention.
An icon: 110-loan wind control data acquisition module; 120-loan behavior characteristic index calculation module; 130-fraud warning module; 101-a memory; 102-a processor; 103-communication interface.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Examples
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the individual features of the embodiments can be combined with one another without conflict.
Referring to fig. 1, fig. 1 is a flowchart illustrating an anti-phishing early warning method according to an embodiment of the invention. The anti-telecommunication network fraud early warning method comprises the following steps:
step S110: acquiring user loan wind control data; the user loan wind control data comprises information such as user loan behavior data and user names. The user loan behavior data includes the number of loans, channel, whether credit was successful, etc. The acquisition may be from a query in the loan wind control database or may be from user input.
Step S120: calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes; the preset characteristic index calculation formula is a plurality of preset characteristic index calculation formulas, and comprises calculation formulas in a plurality of modes, including modes of summarizing, averaging, standard deviation and the like. For example, the characteristic index is calculated by means of a mean value, and the corresponding characteristic index calculation formula is as follows: average number of loans per week of last 1 month =
(ii) a Average monthly loan number of last 2 years =
. The calculated plurality of user loan behavior characteristic indexes are used for reflecting the personal loan behaviors of the user, and the more the user loan behavior characteristic indexes are, the more the user loan behavior characteristic indexes can truly reflect the user loan behaviors.
Step S130: and inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The preset fraud early warning model is a prediction model obtained by training according to historical fraud data, and whether the user has specific potential risks or not is predicted and early warning is carried out by inputting a plurality of user loan behavior characteristic indexes so as to obtain an early warning result.
Referring to fig. 2, fig. 2 is a flow chart of a fraud warning model construction process according to an embodiment of the present invention.
The preset fraud early warning model can be obtained by training through the following steps:
firstly, a preset loan wind control historical database is obtained and screened according to the information of the deceived personnel, and a positive sample data set and a negative sample data set are obtained. The preset loan wind control historical database is used as a source of sample data, and the screening can be carried out according to preset conditions during screening: for example, the mobile phone numbers are used for screening, the mobile phone numbers of a plurality of cheated persons are firstly obtained, then the mobile phone numbers are searched in the loan wind control historical database according to the mobile phone numbers to find corresponding loan data, a positive sample data set is formed, the remaining loan data with the mobile phone numbers not equal to the positive sample can be used as a negative sample data set, and random extraction can be carried out by trying different proportions for many times. Some limiting conditions can also be added for screening, such as: success of the loan, loan platform, etc.
The positive sample data set comprises loan data of a plurality of harmed persons, and the negative sample data set comprises loan data of a plurality of unharmed persons, wherein fields in the positive sample data set and the negative sample data set are consistent so as to facilitate later data processing.
Then, preprocessing the positive sample data set to obtain a positive sample preprocessing data set; the positive sample data set includes loan data of a plurality of unharmed persons, and the loan data of each unharmed person needs to be preprocessed, please refer to fig. 3, where fig. 3 is a diagram of preprocessing steps of the positive sample data set according to an embodiment of the present invention. The pretreatment mainly comprises the following steps:
firstly, respectively carrying out format conversion on sample data in a positive sample data set to generate a new positive sample data set; the format conversion is to convert the text data into a structured data format and complete the processes of audit verification and the like. The data format is converted to make the format uniform, so that the data processing speed is improved.
And secondly, analyzing the new positive sample data set to obtain fraud related information so as to form a positive sample preprocessing data set. The analysis is to intensively analyze the relevant information such as the incident occurrence time, the calling number (suspect), the called number (fraud victim) and the like of each victim from the new positive sample data through technical means such as a regular expression, an NLP and the like so as to obtain fraud relevant information.
Then, comparing and analyzing the positive sample preprocessing data set and the negative sample data set through a data analysis tool to obtain the distribution characteristics of the harmed personnel on the loan behavior data; the comparative analysis is performed to find the difference between the positive sample data and the negative sample data, so as to obtain the distribution characteristics of the harmed person on the loan behavior data. Mainly comprises the following steps:
firstly, analyzing the loan behavior of the harmed personnel in the positive sample preprocessing data set through a data analysis tool to obtain the loan behavior data of the harmed personnel; and analyzing the characteristics of the victim group on the loan behaviors such as the recent loan times, channels, whether credit investigation is successful and the like through a related data analysis tool to obtain the loan behavior data of the victim.
Secondly, comparing the loan behavior data of the damaged person with the loan behavior data corresponding to each loan person with the negative sample data set to obtain a plurality of difference results; comparing each loan behavior characteristic in the loan behavior data of the harmed person with the corresponding loan behavior characteristic in the negative sample data set, such as: and comparing the recent loan times in the loan behavior data of the damaged person with the recent loan times of each borrower in the load sample data set.
And thirdly, obtaining the distribution characteristics of the harmed people on the loan behavior data according to the plurality of difference results. And taking the loan behavior corresponding to each difference result as the distribution characteristics of the harmed person on the loan behavior data. For example, if the difference results are that the number of times of recent loans is 10 and the channels are different, the number of times of recent loans and the channels are used as the distribution characteristics of the harmed person on the loan behavior data.
Then, respectively calculating the personal loan behavior characteristic indexes in the positive sample data set and the negative sample data set by adopting a preset characteristic index calculation formula according to the distribution characteristics of the harmed people on the loan behavior data; through deep analysis of all dimensions of data, behavior characteristics of the harmed personnel in the positive sample data set are combined, and more than 300 characteristic indexes related to the personal loan behaviors are calculated through modes of summarizing, averaging, standard deviation and the like.
And finally, training by adopting a deep learning algorithm according to the personal loan behavior characteristic index, the positive sample data set and the negative sample data set to obtain a fraud early warning model. And selecting a proper machine learning/deep learning algorithm, including random forests, XGboost and the like, and completing model construction and training.
In the implementation process, the loan wind control data of the user is obtained; then, calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes; and finally, inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The method breaks through the traditional thought of anti-fraud early warning based on user network, communication and social behavior data, constructs loan behavior characteristic indexes by deeply analyzing loan wind control behaviors of users, constructs an accurate early warning model by combining with an advanced machine learning algorithm, calculates and outputs early warning information which is possibly damaged, finds potential risks and carries out early warning, thereby finding the potential risks in advance and carrying out early warning, and reducing the occurrence of fraud events.
Wherein, in order to archive the data, the method further comprises the following steps:
and updating the data in the preset loan wind control historical database at regular time to obtain a new loan wind control historical database. And cleaning, removing the weight, converting the format and the like of the data in the loan wind control historical database in a timing task mode, and finally outputting the data into standard and structured data. The timing task mode is to process/update the database at regular time; the period of the database timing update can be flexibly defined, and the loan request data is updated in real time, but is usually processed and filed in the historical database in batches at regular intervals. The loan wind control historical database is updated regularly, so that the truth and the effectiveness of the data in the loan wind control historical database are ensured.
Wherein, in order to verify the effectiveness of the fraud early warning model obtained by training, the method further comprises the following steps:
firstly, acquiring a verification data set; the verification data set can be obtained from the loan wind control historical database and is obtained through analysis processing.
Then, inputting the verification data set into a preset fraud early warning model to obtain a plurality of verification results; and operating the fraud early warning model on the verification data set, and outputting a verification result.
And finally, calculating by using a preset model verification index calculation formula according to the plurality of verification results to obtain a plurality of model indexes. The preset model verification index calculation formula comprises index calculation formulas such as accuracy and recall rate. Such as: accuracy = number of samples predicted to be 1 and correctly predicted/number of samples of all predicted to be 1; recall = number of samples predicted to be 1 and correctly predicted/number of samples for all real cases to be 1. The calculated multiple model indexes comprise accuracy, recall rate and the like.
In the implementation process, the fraud early warning model is operated on the verification data set, and the model index is calculated according to the verification result, so that the effectiveness of the fraud early warning model can be judged through the model index, and data support is provided for the evaluation of the fraud early warning model.
Wherein, in order to optimize the fraud early warning model, the method further comprises the following steps:
firstly, acquiring a new sample data set according to a plurality of model indexes; a plurality of model index thresholds can be preset, whether each model index meets the model index threshold is judged, and if yes, the fraud early warning model is well trained and can not be optimized; and if not, acquiring a new sample data set for model training. The new sample data set may be obtained from the updated loan wind control historical database, so as to obtain the new sample data set.
And then, training the preset fraud early warning model according to the new sample data set to obtain a new fraud early warning model. Iterative optimization is performed on the fraud early warning model based on the updated sample data set, so that a better fraud early warning model is obtained, and the early warning accuracy of the fraud early warning model is further improved.
Based on the same inventive concept, the present invention further provides an anti-telecommunication phishing early warning system, please refer to fig. 4, where fig. 4 is a structural block diagram of the anti-telecommunication phishing early warning system provided in the embodiment of the present invention; the anti-telecommunication network fraud early warning system comprises:
the loan wind control data acquisition module 110 is used for acquiring loan wind control data of the user;
the loan behavior characteristic index calculation module 120 is used for calculating a plurality of user loan behavior characteristic indexes according to the user loan wind control data and a preset characteristic index calculation formula;
the fraud early warning module 130 is configured to input the loan behavior characteristic indicators of the multiple users into a preset fraud early warning model to obtain an early warning result.
In the implementation process, the loan wind control data acquisition module 110 is used for acquiring the loan wind control data of the user; the loan behavior characteristic index calculation module 120 calculates a plurality of user loan behavior characteristic indexes according to the user loan wind control data and a preset characteristic index calculation formula; the fraud early warning module 130 inputs the loan behavior characteristic indexes of the plurality of users into a preset fraud early warning model to obtain an early warning result. The method breaks through the traditional thought of anti-fraud early warning based on user network, communication and social behavior data, constructs loan behavior characteristic indexes by deeply analyzing loan wind control behaviors of users, constructs an accurate early warning model by combining with an advanced machine learning algorithm, calculates and outputs early warning information which is possibly damaged, finds potential risks and carries out early warning, thereby finding the potential risks in advance and carrying out early warning, and reducing the occurrence of fraud events.
Referring to fig. 5, fig. 5 is a schematic structural block diagram of an electronic device according to an embodiment of the present disclosure. The electronic device comprises a memory 101, a processor 102 and a communication interface 103, wherein the memory 101, the processor 102 and the communication interface 103 are electrically connected to each other directly or indirectly to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The memory 101 may be used for storing software programs and modules, such as program instructions/modules corresponding to an anti-telecommunication phishing warning system provided by the embodiment of the present application, and the processor 102 executes various functional applications and data processing by executing the software programs and modules stored in the memory 101. The communication interface 103 may be used for communicating signaling or data with other node devices.
The Memory 101 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like.
The processor 102 may be an integrated circuit chip having signal processing capabilities. The Processor 102 may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
It will be appreciated that the configuration shown in fig. 5 is merely illustrative and that the electronic device may include more or fewer components than shown in fig. 5 or have a different configuration than shown in fig. 5. The components shown in fig. 5 may be implemented in hardware, software, or a combination thereof.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In summary, the embodiment of the invention provides an anti-telecommunication phishing early warning method and system, by obtaining user loan wind control data; then, calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes; and finally, inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result. The method breaks through the traditional thought of anti-fraud early warning based on user network, communication and social behavior data, constructs loan behavior characteristic indexes by deeply analyzing loan wind control behaviors of users, constructs an accurate early warning model by combining with an advanced machine learning algorithm, calculates and outputs early warning information which is possibly damaged, finds potential risks and carries out early warning, thereby finding the potential risks in advance and carrying out early warning, and reducing the occurrence of fraud events. By running the fraud early warning model on the verification data set and calculating the model index according to the verification result, the effectiveness of the fraud early warning model can be judged through the model index, and data support is provided for the evaluation of the fraud early warning model. Iterative optimization is performed on the fraud early warning model based on the updated sample data set, so that a better fraud early warning model is obtained, and the early warning accuracy of the fraud early warning model is further improved.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Claims (10)
1. An anti-telecommunication phishing early warning method is characterized by comprising the following steps:
acquiring user loan wind control data;
calculating according to the user loan wind control data and a preset characteristic index calculation formula to obtain a plurality of user loan behavior characteristic indexes;
and inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result.
2. The anti-telecommunication phishing early warning method of claim 1, further comprising the steps of:
obtaining and screening a preset loan wind control historical database according to the information of the cheated personnel to obtain a positive sample data set and a negative sample data set;
preprocessing the positive sample data set to obtain a positive sample preprocessing data set;
comparing and analyzing the positive sample preprocessing data set and the negative sample data set through a data analysis tool to obtain the distribution characteristics of the harmed personnel on the loan behavior data;
respectively calculating the personal loan behavior characteristic indexes of the positive sample data set and the negative sample data set by adopting a preset characteristic index calculation formula according to the distribution characteristics of the harmed personnel on the loan behavior data;
and training by adopting a deep learning algorithm according to the personal loan behavior characteristic index, the positive sample data set and the negative sample data set to obtain a fraud early warning model.
3. The anti-telecommunication phishing early warning method of claim 2, wherein the step of preprocessing the positive sample data set to obtain a positive sample preprocessed data set comprises the steps of:
respectively carrying out format conversion on the sample data in the positive sample data set to generate a new positive sample data set;
and analyzing the new positive sample data set to obtain fraud related information so as to form a positive sample preprocessing data set.
4. The anti-telecommunication phishing early warning method of claim 2, wherein the step of obtaining the distribution characteristics of the harmed person on the loan behavior data by comparing and analyzing the positive sample preprocessing data set and the negative sample data set through the data analysis tool comprises the steps of:
analyzing the loan behavior of the harmed personnel in the positive sample preprocessing data set through a data analysis tool to obtain the loan behavior data of the harmed personnel;
comparing the loan behavior data of the damaged person with the loan behavior data corresponding to each loan person with the negative sample data set to obtain a plurality of difference results;
and obtaining the distribution characteristics of the harmed personnel on the loan behavior data according to the plurality of difference results.
5. The anti-telecommunication phishing early warning method as recited in claim 2, further comprising the steps of:
and updating the data in the preset loan wind control historical database at regular time to obtain a new loan wind control historical database.
6. The anti-telecommunication phishing early warning method as recited in claim 1, further comprising the steps of:
obtaining a verification dataset;
inputting the verification data set into a preset fraud early warning model to obtain a plurality of verification results;
and calculating by using a preset model verification index calculation formula according to the verification results to obtain a plurality of model indexes.
7. The anti-telecommunications phishing early warning method of claim 6, further comprising the steps of:
acquiring a new sample data set according to a plurality of model indexes;
and training the preset fraud early warning model according to the new sample data set to obtain a new fraud early warning model.
8. An anti-telecommunication phishing early warning system, comprising:
the loan wind control data acquisition module is used for acquiring loan wind control data of the user;
the loan behavior characteristic index calculation module is used for calculating a plurality of user loan behavior characteristic indexes according to the user loan wind control data and a preset characteristic index calculation formula;
and the fraud early warning module is used for inputting the loan behavior characteristic indexes of the users into a preset fraud early warning model to obtain an early warning result.
9. An electronic device, comprising:
a memory for storing one or more programs;
a processor;
the one or more programs, when executed by the processor, implement the method of any of claims 1-7.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210462183.3A CN114581219A (en) | 2022-04-29 | 2022-04-29 | Anti-telecommunication network fraud early warning method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210462183.3A CN114581219A (en) | 2022-04-29 | 2022-04-29 | Anti-telecommunication network fraud early warning method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114581219A true CN114581219A (en) | 2022-06-03 |
Family
ID=81783986
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210462183.3A Pending CN114581219A (en) | 2022-04-29 | 2022-04-29 | Anti-telecommunication network fraud early warning method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114581219A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460059A (en) * | 2022-07-28 | 2022-12-09 | 浪潮通信信息系统有限公司 | Risk early warning method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7546271B1 (en) * | 2007-12-20 | 2009-06-09 | Choicepoint Asset Company | Mortgage fraud detection systems and methods |
| CN110222992A (en) * | 2019-06-11 | 2019-09-10 | 深圳市安络科技有限公司 | A kind of network swindle method for early warning and device based on group's portrait of being deceived |
| CN110706090A (en) * | 2019-08-26 | 2020-01-17 | 阿里巴巴集团控股有限公司 | Credit fraud identification method and device, electronic equipment and storage medium |
| CN112307464A (en) * | 2020-10-30 | 2021-02-02 | 维沃移动通信有限公司 | Fraud identification method and device and electronic equipment |
| CN113627566A (en) * | 2021-08-23 | 2021-11-09 | 上海淇玥信息技术有限公司 | Early warning method and device for phishing and computer equipment |
| CN114254867A (en) * | 2021-11-20 | 2022-03-29 | 安丘市公安局 | Telecommunication fraud victim risk assessment system and method |
-
2022
- 2022-04-29 CN CN202210462183.3A patent/CN114581219A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7546271B1 (en) * | 2007-12-20 | 2009-06-09 | Choicepoint Asset Company | Mortgage fraud detection systems and methods |
| CN110222992A (en) * | 2019-06-11 | 2019-09-10 | 深圳市安络科技有限公司 | A kind of network swindle method for early warning and device based on group's portrait of being deceived |
| CN110706090A (en) * | 2019-08-26 | 2020-01-17 | 阿里巴巴集团控股有限公司 | Credit fraud identification method and device, electronic equipment and storage medium |
| CN112307464A (en) * | 2020-10-30 | 2021-02-02 | 维沃移动通信有限公司 | Fraud identification method and device and electronic equipment |
| CN113627566A (en) * | 2021-08-23 | 2021-11-09 | 上海淇玥信息技术有限公司 | Early warning method and device for phishing and computer equipment |
| CN114254867A (en) * | 2021-11-20 | 2022-03-29 | 安丘市公安局 | Telecommunication fraud victim risk assessment system and method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460059A (en) * | 2022-07-28 | 2022-12-09 | 浪潮通信信息系统有限公司 | Risk early warning method and device |
| CN115460059B (en) * | 2022-07-28 | 2024-03-08 | 浪潮通信信息系统有限公司 | Risk early warning method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108200054B (en) | Malicious domain name detection method and device based on DNS (Domain name Server) resolution | |
| CN107040397B (en) | Service parameter acquisition method and device | |
| CN113627566A (en) | Early warning method and device for phishing and computer equipment | |
| CN114186626A (en) | Abnormity detection method and device, electronic equipment and computer readable medium | |
| CN112422574A (en) | Risk account identification method, device, medium and electronic equipment | |
| WO2016188334A1 (en) | Method and device for processing application access data | |
| CN112950359B (en) | User identification method and device | |
| CN114581219A (en) | Anti-telecommunication network fraud early warning method and system | |
| CN108804501B (en) | Method and device for detecting effective information | |
| CN117131281B (en) | Public opinion event processing method, apparatus, electronic device and computer readable medium | |
| CN111179055B (en) | Credit line adjusting method and device and electronic equipment | |
| CN111245815B (en) | Data processing method and device, storage medium and electronic equipment | |
| CN112131381A (en) | Method and device for identifying high-alarm-level place, electronic equipment and storage medium | |
| CN111340062A (en) | Mapping relation determining method and device | |
| CN114090601B (en) | Data screening method, device, equipment and storage medium | |
| CN113869904B (en) | Suspicious data identification method, device, electronic equipment, medium and computer program | |
| CN114925275A (en) | Product recommendation method and device, computer equipment and storage medium | |
| CN114493853A (en) | Credit rating evaluation method, credit rating evaluation device, electronic device and storage medium | |
| CN112346938B (en) | Operation auditing method and device, server and computer readable storage medium | |
| CN114066603A (en) | Post-loan risk early warning method and device, electronic equipment and computer readable medium | |
| CN113190562A (en) | Report generation method and device and electronic equipment | |
| CN111429257A (en) | Transaction monitoring method and device | |
| CN116911313B (en) | Semantic drift text recognition method and device | |
| US11551152B2 (en) | Input feature significance identification based on batches of prediction | |
| CN117473511B (en) | Edge node vulnerability data processing method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220603 |