CN114629942A - Fraud early warning task generation method, device, equipment and medium - Google Patents
Fraud early warning task generation method, device, equipment and medium Download PDFInfo
- Publication number
- CN114629942A CN114629942A CN202210531782.6A CN202210531782A CN114629942A CN 114629942 A CN114629942 A CN 114629942A CN 202210531782 A CN202210531782 A CN 202210531782A CN 114629942 A CN114629942 A CN 114629942A
- Authority
- CN
- China
- Prior art keywords
- early warning
- fraud
- log
- target
- task
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/26—Government or public services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
Abstract
The application discloses a fraud early warning task generation method, device, equipment and medium, which relate to the technical field of computers and comprise the following steps: acquiring a to-be-processed early warning log corresponding to a user operation behavior related to the target suspected fraud event, and storing the to-be-processed early warning log to a local preset log library; screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs; and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task. Through the technical scheme, fraud early warning dissuading efficiency can be improved, repeated early warning probability is reduced, and fraud damage rate is reduced.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a fraud early warning task generating method, device, equipment and medium.
Background
At present, an edge gateway collects early warning data and generates an early warning trigger message, wherein the early warning trigger message comprises the early warning data and the number of a triggered alarm rule; the message uploading module receives the early warning trigger message and uploads the early warning trigger message to the cloud server; the cloud server generates an alarm message according to the alarm rule corresponding to the latest received serial number, but the alarm message is sent to remind a victim, so that the situation of repeated early warning on the same victim exists, and the working difficulty of early warning dissuaders is greatly increased.
Therefore, how to improve the fraud early warning dissuading efficiency and reduce the repeated early warning probability in the fraud early warning task generation process is a problem to be solved in the field.
Disclosure of Invention
In view of this, the present invention provides a fraud early warning task generation method, apparatus, device and medium, which can effectively improve fraud early warning dissuasion efficiency, reduce repeated early warning probability, and thereby reduce fraud damage rate. The specific scheme is as follows:
in a first aspect, the present application discloses a fraud early warning task generating method, including:
acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and storing the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user;
screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs;
and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task.
Optionally, the obtaining a to-be-processed early warning log corresponding to a user operation behavior related to a suspected fraud event of a target, and storing the to-be-processed early warning log in a local preset log library includes:
acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and determining the acquisition time of the to-be-processed early warning log;
and storing the early warning log to be processed and the acquisition time of the early warning log to be processed to the local preset log library.
Optionally, the screening out all the early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain a target early warning log includes:
determining the time range of the current preset period;
and screening all early warning logs corresponding to the unique identifier and with the acquisition time within the time range of the current preset period from the preset log library to obtain target early warning logs.
Optionally, the obtaining of the to-be-processed early warning log corresponding to the user operation behavior related to the suspected fraud event of the target includes:
obtaining log data information, regional requirements, business requirements and target regional early warning requirements corresponding to user operation behaviors related to the target suspected fraud event, and determining the to-be-processed early warning log containing the risk level.
Optionally, after the fraud early warning task corresponding to the unique identifier and the current preset period is generated by using the target fraud early warning record, the method further includes:
calculating a log risk score corresponding to the target early warning log based on the risk level in the target early warning log, calculating a unique identification risk score corresponding to the unique identification at the same time, and then determining the fraud early warning task risk score by using the log risk score and the unique identification risk score;
and determining a target early warning mode and a target early warning grade based on the fraud early warning task risk classification, and storing the target early warning mode and the target early warning grade to the fraud early warning task.
Optionally, the sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal performs corresponding processing on the fraud early warning task includes:
and sending the fraud early warning task comprising the target early warning mode and the target early warning grade to a preset fraud supervision terminal so that the fraud supervision terminal can correspondingly process the fraud early warning task according to the target early warning mode and the target early warning grade.
Optionally, the calculating a log risk score corresponding to the target early warning log based on the risk level in the target early warning log and calculating a unique identifier risk score corresponding to the unique identifier at the same time includes:
classifying the target early warning logs according to preset fraud types to obtain different types of target early warning logs, and then respectively calculating the different types of target early warning logs based on preset log risk score calculation rules and risk grades in the target early warning logs to obtain log risk scores corresponding to the target early warning logs;
and calculating all early warning logs which are screened from the preset log library and correspond to the unique identifier by utilizing a preset unique identifier risk score calculation rule so as to obtain the unique identifier risk score corresponding to the unique identifier.
In a second aspect, the present application discloses a fraud warning task generating device, including:
the system comprises a to-be-processed early warning log acquisition module, a to-be-processed early warning log storage module and a to-be-processed early warning log storage module, wherein the to-be-processed early warning log acquisition module is used for acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event and storing the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user;
the target early warning log acquisition module is used for screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs;
and the fraud early warning task processing module is used for constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task.
In a third aspect, the present application discloses an electronic device, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the fraud early warning task generation method.
In a fourth aspect, the present application discloses a computer storage medium for storing a computer program; wherein the computer program, when being executed by a processor, implements the steps of the fraud early warning task generation method disclosed in the foregoing.
The fraud early warning task generation method comprises the steps of obtaining a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and storing the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user; screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs; and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task. According to the fraud early warning method and device, the target early warning logs are screened out from the log library, corresponding target fraud early warning records are constructed based on the target early warning logs, fraud early warning dissuading efficiency can be effectively improved, the target fraud early warning records are utilized to generate fraud early warning tasks corresponding to the unique identifiers and the current preset period, repeated early warning probability can be reduced, and fraud damage rate is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart illustrating a fraud warning task generation method disclosed in the present application;
FIG. 2 is a flowchart illustrating a fraud alert task generation method disclosed in the present application;
fig. 3 is a detailed flowchart of a fraud early warning task generation method disclosed in the present application;
FIG. 4 is a schematic structural diagram of a fraud warning task generating apparatus disclosed in the present application;
fig. 5 is a block diagram of an electronic device provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the current background, the edge gateway collects early warning data and generates an early warning trigger message, wherein the early warning trigger message comprises the early warning data and the number of a triggered alarm rule; the message uploading module receives the early warning trigger message and uploads the early warning trigger message to the cloud server; the cloud server generates an alarm message according to the alarm rule corresponding to the latest received serial number, but the alarm message is sent to remind a victim, so that the situation of repeated early warning on the same victim exists, and the working difficulty of early warning dissuaders is greatly increased. Therefore, how to improve the fraud early warning dissuading efficiency and reduce the repeated early warning probability in the fraud early warning task generation process is a problem to be solved in the field.
Referring to fig. 1, an embodiment of the present invention discloses a fraud early warning task generating method, which specifically includes:
step S11: acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and storing the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises the unique identification of the corresponding user.
In this embodiment, log data information, regional requirements, service requirements and target regional early warning requirements corresponding to user operation behaviors related to a target suspected fraud event are obtained, and the to-be-processed early warning log containing a risk level is determined and then stored in a local preset log library; the pre-warning log to be processed comprises the unique identification of the corresponding user.
It can be understood that the method is firstly docked with actual data conditions and real-time data of a data manufacturer, then an initial risk level of the pre-warning log to be processed is defined through regional requirements and business requirements, and then the pre-warning log to be processed containing the risk level is determined according to the pre-warning requirements of a target region.
Step S12: and screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs.
In this embodiment, for example, if the unique identifier of the user is a mobile phone number, all the early warning logs corresponding to the mobile phone number and within the current preset period are screened from the preset log library, so as to obtain a target early warning log of the current mobile phone number.
Step S13: and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task.
In this embodiment, a corresponding target fraud early warning record is constructed based on the target early warning log, then a fraud early warning task corresponding to the unique identifier and a current preset period is generated by using the target fraud early warning record, a log risk score corresponding to the target early warning log is calculated based on a risk level in the target early warning log, a unique identifier risk score corresponding to the unique identifier is calculated at the same time, and then the fraud early warning task risk score is determined by using the log risk score and the unique identifier risk score; and determining a target early warning mode and a target early warning grade based on the fraud early warning task risk classification, and storing the target early warning mode and the target early warning grade to the fraud early warning task.
It can be understood that, the target early warning logs are classified according to preset fraud types to obtain different types of target early warning logs, and then the different types of target early warning logs are respectively calculated based on preset log risk score calculation rules and risk levels in the target early warning logs to obtain the log risk scores corresponding to the target early warning logs; and calculating all early warning logs corresponding to the unique identifier screened from the preset log library by utilizing a preset unique identifier risk score calculation rule to obtain the unique identifier risk score corresponding to the unique identifier, and then determining the fraud early warning task risk score by utilizing the log risk score and the unique identifier risk score.
In this embodiment, after a fraud early warning task is generated, the fraud early warning task including the target early warning mode and the target early warning level is sent to a preset fraud supervision terminal, so that the fraud supervision terminal performs corresponding processing on the fraud early warning task according to the target early warning mode and the target early warning level.
In the embodiment, a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event is obtained, and the to-be-processed early warning log is stored in a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user; screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs; and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task. According to the fraud early warning method and device, the target early warning logs are screened out from the log library, corresponding target fraud early warning records are constructed based on the target early warning logs, fraud early warning dissuading efficiency can be effectively improved, the target fraud early warning records are utilized to generate fraud early warning tasks corresponding to the unique identifiers and the current preset period, repeated early warning probability can be reduced, and fraud damage rate is reduced.
Referring to fig. 2, an embodiment of the present invention discloses a fraud early warning task generating method, which specifically includes:
step S21: acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, determining the acquisition time of the to-be-processed early warning log, and storing the to-be-processed early warning log and the acquisition time of the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises the unique identification of the corresponding user.
Step S22: and determining the time range of the current preset period, and screening all early warning logs corresponding to the unique identifier and having the acquisition time within the time range of the current preset period from the preset log library to obtain target early warning logs.
Step S23: and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can correspondingly process the fraud early warning task.
In this embodiment, a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event is acquired, the acquisition time of the to-be-processed early warning log is determined, and then the to-be-processed early warning log and the acquisition time of the to-be-processed early warning log are stored in the local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user; determining the time range of the current preset period, and screening all early warning logs corresponding to the unique identifier and having the acquisition time within the time range of the current preset period from the preset log library to obtain target early warning logs; and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task. According to the fraud early warning method and device, the target early warning logs are screened out from the log library, corresponding target fraud early warning records are constructed based on the target early warning logs, fraud early warning dissuading efficiency can be effectively improved, the target fraud early warning records are utilized to generate fraud early warning tasks corresponding to the unique identifiers and the current preset period, repeated early warning probability can be reduced, and fraud damage rate is reduced.
For example, as shown in fig. 3, the database reads a local task before the current preset period, takes the task before the current preset period as a historical fraud early warning task, then obtains the to-be-processed early warning log, and determines the obtaining time of the to-be-processed early warning log, it can be understood that the obtaining time is taken as the last warehousing time, so that when a new to-be-processed early warning log is input again, the target early warning log can be determined according to the latest warehousing time. Then storing the pre-warning logs to be processed and the acquisition time of the pre-warning logs to be processed to the local preset log library, then recalculating log risk scores, classifying the target pre-warning logs according to preset fraud types to obtain different types of target pre-warning logs, then forming fraud pre-warning records based on the target pre-warning logs, finally generating fraud pre-warning tasks by the fraud pre-warning records, for example, classifying the target pre-warning logs according to phishing, electric fraud and APP fraud, then calculating the phishing, electric fraud and APP fraud logs to obtain log risk scores, calculating all pre-warning logs in the preset log library corresponding to the current mobile phone number to obtain unique identification risk scores, and deduplication of the phishing, electric fraud and APP fraud pre-warning logs according to the mobile phone numbers to respectively generate fraud pre-warning records, and generating a fraud early warning task by the fraud early warning record, then determining the fraud early warning task risk score by utilizing the log risk score and the unique identification risk score to determine a target early warning mode and a target early warning grade, storing the target early warning mode and the target early warning grade to the fraud early warning task, and updating the fraud early warning record to obtain a new fraud early warning task if an unexecuted target early warning log exists in a preset log library by inquiring at last.
Referring to fig. 4, an embodiment of the present invention discloses a fraud early warning task generating device, which specifically includes:
the to-be-processed early warning log obtaining module 11 is configured to obtain a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and store the to-be-processed early warning log in a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user;
a target early warning log obtaining module 12, configured to screen all early warning logs corresponding to the unique identifier and the current preset period from the preset log library, so as to obtain a target early warning log;
and the fraud early warning task processing module 13 is configured to construct a corresponding target fraud early warning record based on the target early warning log, generate a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and send the fraud early warning task to a preset fraud supervision terminal, so that the fraud supervision terminal performs corresponding processing on the fraud early warning task.
In the embodiment, a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event is obtained, and the to-be-processed early warning log is stored in a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user; screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs; and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task. According to the fraud early warning method and device, the target early warning logs are screened out from the log library, corresponding target fraud early warning records are constructed based on the target early warning logs, fraud early warning dissuading efficiency can be effectively improved, the target fraud early warning records are utilized to generate fraud early warning tasks corresponding to the unique identifiers and the current preset period, repeated early warning probability can be reduced, and fraud damage rate is reduced.
In some specific embodiments, the to-be-processed early warning log obtaining module 11 may specifically include:
the system comprises an acquisition time determining module, a processing module and a processing module, wherein the acquisition time determining module is used for acquiring the to-be-processed early warning log corresponding to the user operation behavior related to the target suspected fraud event and determining the acquisition time of the to-be-processed early warning log;
and the storage module is used for storing the to-be-processed early warning log and the acquisition time of the to-be-processed early warning log to the local preset log library.
In some specific embodiments, the target early warning log obtaining module 12 may specifically include:
the time range determining module is used for determining the time range of the current preset period;
and the target early warning log acquisition module is used for screening all the early warning logs corresponding to the unique identifier and having the acquisition time within the time range of the current preset period from the preset log library so as to obtain the target early warning logs.
In some specific embodiments, the to-be-processed early warning log obtaining module 11 may specifically include:
the to-be-processed early warning log obtaining module is used for obtaining the to-be-processed early warning log which is determined to contain the risk level based on log data information, regional requirements, business requirements and target regional early warning requirements corresponding to user operation behaviors related to the target suspected fraud event.
In some specific embodiments, the fraud early warning task processing module 13 may specifically include:
a fraud early warning task risk score determining module, configured to calculate a log risk score corresponding to the target early warning log based on a risk level in the target early warning log, calculate a unique identifier risk score corresponding to the unique identifier, and then determine the fraud early warning task risk score by using the log risk score and the unique identifier risk score;
and the storage module is used for determining a target early warning mode and a target early warning grade based on the fraud early warning task risk classification, and storing the target early warning mode and the target early warning grade to the fraud early warning task.
In some specific embodiments, the fraud early warning task processing module 13 may specifically include:
and the sending module is used for sending the fraud early warning task comprising the target early warning mode and the target early warning grade to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task according to the target early warning mode and the target early warning grade.
In some specific embodiments, the fraud early warning task processing module 13 may specifically include:
the log risk score calculation module is used for classifying the target early warning logs according to preset fraud types to obtain different types of target early warning logs, and then calculating the different types of target early warning logs respectively based on preset log risk score calculation rules and risk grades in the target early warning logs to obtain the log risk scores corresponding to the target early warning logs;
and the unique identification risk score calculation module is used for calculating all early warning logs which are screened from the preset log library and correspond to the unique identification by utilizing a preset unique identification risk score calculation rule so as to obtain the unique identification risk score corresponding to the unique identification.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application. The electronic device 20 may specifically include: at least one processor 21, at least one memory 22, a power supply 23, a communication interface 24, an input output interface 25, and a communication bus 26. Wherein, the memory 22 is used for storing a computer program, which is loaded and executed by the processor 21, so as to implement the relevant steps in the fraud early warning task generation method performed by an electronic device disclosed in any of the foregoing embodiments.
In this embodiment, the power supply 23 is configured to provide a working voltage for each hardware device on the electronic device 20; the communication interface 24 can create a data transmission channel between the electronic device 20 and an external device, and a communication protocol followed by the communication interface is any communication protocol applicable to the technical solution of the present application, and is not specifically limited herein; the input/output interface 25 is configured to obtain external input data or output data to the outside, and a specific interface type thereof may be selected according to specific application requirements, which is not specifically limited herein.
In addition, the storage 22 is used as a carrier for storing resources, and may be a read-only memory, a random access memory, a magnetic disk or an optical disk, etc., the resources stored thereon include an operating system 221, a computer program 222, data 223, etc., and the storage mode may be a transient storage mode or a permanent storage mode.
The operating system 221 is used for managing and controlling each hardware device and the computer program 222 on the electronic device 20, so as to realize the operation and processing of the data 223 in the memory 22 by the processor 21, which may be Windows, Unix, Linux, and the like. The computer programs 222 may further include computer programs that can be used to accomplish other specific tasks in addition to the computer programs that can be used to accomplish the fraud alert task generation method performed by the electronic device 20 disclosed in any of the foregoing embodiments. The data 223 may include data received by the fraud warning task generation device and transmitted by an external device, or may include data collected by the self input/output interface 25.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Further, an embodiment of the present application further discloses a computer-readable storage medium, where a computer program is stored in the storage medium, and when the computer program is loaded and executed by a processor, the steps of the fraud early warning task generation method disclosed in any of the foregoing embodiments are implemented.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The fraud early warning task generation method, the fraud early warning task generation device, the fraud early warning task generation equipment and the storage medium are described in detail, specific examples are applied in the text to explain the principle and the implementation of the invention, and the description of the examples is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A fraud early warning task generation method is characterized by comprising the following steps:
acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and storing the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user;
screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs;
and constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal can perform corresponding processing on the fraud early warning task.
2. The fraud early warning task generating method of claim 1, wherein the obtaining a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event and saving the to-be-processed early warning log to a local preset log library comprises:
acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event, and determining the acquisition time of the to-be-processed early warning log;
and storing the to-be-processed early warning log and the acquisition time of the to-be-processed early warning log to the local preset log library.
3. The fraud early warning task generating method of claim 2, wherein the screening out all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain a target early warning log comprises:
determining the time range of the current preset period;
and screening all early warning logs corresponding to the unique identifier and with the acquisition time within the time range of the current preset period from the preset log library to obtain target early warning logs.
4. The fraud early warning task generation method of claim 1, wherein said obtaining a pending early warning log corresponding to a user operation behavior related to a target suspected fraud event comprises:
obtaining log data information, regional requirements, business requirements and target regional early warning requirements corresponding to user operation behaviors related to the target suspected fraud event, and determining the to-be-processed early warning log containing the risk level.
5. The fraud early warning task generating method of claim 4, wherein after said generating a fraud early warning task corresponding to said unique identifier and a current preset period using said target fraud early warning record, further comprising:
calculating a log risk score corresponding to the target early warning log based on the risk level in the target early warning log, calculating a unique identification risk score corresponding to the unique identification at the same time, and then determining the fraud early warning task risk score by using the log risk score and the unique identification risk score;
and determining a target early warning mode and a target early warning grade based on the fraud early warning task risk classification, and storing the target early warning mode and the target early warning grade to the fraud early warning task.
6. The fraud early warning task generation method of claim 5, wherein said sending the fraud early warning task to a preset fraud supervision terminal so that the fraud supervision terminal performs corresponding processing on the fraud early warning task comprises:
and sending the fraud early warning task comprising the target early warning mode and the target early warning grade to a preset fraud supervision terminal so that the fraud supervision terminal can correspondingly process the fraud early warning task according to the target early warning mode and the target early warning grade.
7. The fraud alert task generating method of any one of claims 4 to 6, wherein the calculating a log risk score corresponding to the target alert log based on the risk level in the target alert log and simultaneously calculating a unique identification risk score corresponding to the unique identification comprises:
classifying the target early warning logs according to preset fraud types to obtain different types of target early warning logs, and then respectively calculating the different types of target early warning logs based on preset log risk score calculation rules and risk grades in the target early warning logs to obtain log risk scores corresponding to the target early warning logs;
and calculating all early warning logs which are screened from the preset log library and correspond to the unique identifier by utilizing a preset unique identifier risk score calculation rule so as to obtain the unique identifier risk score corresponding to the unique identifier.
8. A fraud alert task generating apparatus, comprising:
the system comprises a to-be-processed early warning log acquisition module, a to-be-processed early warning log storage module and a to-be-processed early warning log storage module, wherein the to-be-processed early warning log acquisition module is used for acquiring a to-be-processed early warning log corresponding to a user operation behavior related to a target suspected fraud event and storing the to-be-processed early warning log to a local preset log library; the pre-warning log to be processed comprises unique identification of a corresponding user;
the target early warning log acquisition module is used for screening all early warning logs corresponding to the unique identifier and the current preset period from the preset log library to obtain target early warning logs;
the fraud early warning task processing module is used for constructing a corresponding target fraud early warning record based on the target early warning log, generating a fraud early warning task corresponding to the unique identifier and the current preset period by using the target fraud early warning record, and sending the fraud early warning task to a preset fraud supervision terminal, so that the fraud supervision terminal can correspondingly process the fraud early warning task.
9. An electronic device, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the fraud early warning task generating method of any one of claims 1 to 7.
10. A computer-readable storage medium for storing a computer program; wherein the computer program, when executed by a processor, implements the fraud early warning task generating method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210531782.6A CN114629942B (en) | 2022-05-17 | 2022-05-17 | Fraud early warning task generation method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210531782.6A CN114629942B (en) | 2022-05-17 | 2022-05-17 | Fraud early warning task generation method, device, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114629942A true CN114629942A (en) | 2022-06-14 |
| CN114629942B CN114629942B (en) | 2022-08-09 |
Family
ID=81906984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210531782.6A Active CN114629942B (en) | 2022-05-17 | 2022-05-17 | Fraud early warning task generation method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114629942B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180189467A1 (en) * | 2016-12-30 | 2018-07-05 | Fortinet, Inc. | Spatiotemporal credential leak detection to prevent identity fraud using a log management system |
| US20180324297A1 (en) * | 2016-11-01 | 2018-11-08 | Transaction Network Services, Inc. | Systems and methods for automatically conducting risk assessments for telephony communications |
| CN111222131A (en) * | 2020-01-07 | 2020-06-02 | 上海欣方智能系统有限公司 | Internet fraud APK (android Package) identification method |
| US10924609B1 (en) * | 2019-12-30 | 2021-02-16 | First Orion Corp. | Call screening service for detecting fraudulent inbound/outbound communications with subscriber devices |
| CN112925757A (en) * | 2021-03-26 | 2021-06-08 | 广东好太太智能家居有限公司 | Method, equipment and storage medium for tracking operation log of intelligent equipment |
| CN113098870A (en) * | 2021-04-01 | 2021-07-09 | 恒安嘉新(北京)科技股份公司 | Phishing detection method and device, electronic equipment and storage medium |
| CN113627566A (en) * | 2021-08-23 | 2021-11-09 | 上海淇玥信息技术有限公司 | Early warning method and device for phishing and computer equipment |
| CN113923669A (en) * | 2021-11-10 | 2022-01-11 | 恒安嘉新(北京)科技股份公司 | Anti-fraud early warning method, device, equipment and medium for multi-source cross-platform fusion |
| CN114363839A (en) * | 2021-12-31 | 2022-04-15 | 恒安嘉新(北京)科技股份公司 | Fraud data early warning method, device, equipment and storage medium |
| CN114417198A (en) * | 2021-12-24 | 2022-04-29 | 中国电信股份有限公司 | Phishing early warning method, phishing early warning device, phishing early warning system |
-
2022
- 2022-05-17 CN CN202210531782.6A patent/CN114629942B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180324297A1 (en) * | 2016-11-01 | 2018-11-08 | Transaction Network Services, Inc. | Systems and methods for automatically conducting risk assessments for telephony communications |
| US20180189467A1 (en) * | 2016-12-30 | 2018-07-05 | Fortinet, Inc. | Spatiotemporal credential leak detection to prevent identity fraud using a log management system |
| US10924609B1 (en) * | 2019-12-30 | 2021-02-16 | First Orion Corp. | Call screening service for detecting fraudulent inbound/outbound communications with subscriber devices |
| CN111222131A (en) * | 2020-01-07 | 2020-06-02 | 上海欣方智能系统有限公司 | Internet fraud APK (android Package) identification method |
| CN112925757A (en) * | 2021-03-26 | 2021-06-08 | 广东好太太智能家居有限公司 | Method, equipment and storage medium for tracking operation log of intelligent equipment |
| CN113098870A (en) * | 2021-04-01 | 2021-07-09 | 恒安嘉新(北京)科技股份公司 | Phishing detection method and device, electronic equipment and storage medium |
| CN113627566A (en) * | 2021-08-23 | 2021-11-09 | 上海淇玥信息技术有限公司 | Early warning method and device for phishing and computer equipment |
| CN113923669A (en) * | 2021-11-10 | 2022-01-11 | 恒安嘉新(北京)科技股份公司 | Anti-fraud early warning method, device, equipment and medium for multi-source cross-platform fusion |
| CN114417198A (en) * | 2021-12-24 | 2022-04-29 | 中国电信股份有限公司 | Phishing early warning method, phishing early warning device, phishing early warning system |
| CN114363839A (en) * | 2021-12-31 | 2022-04-15 | 恒安嘉新(北京)科技股份公司 | Fraud data early warning method, device, equipment and storage medium |
Non-Patent Citations (3)
| Title |
|---|
| 佟晖: ""电信诈骗态势与反诈新思路研究"", 《北京警察学院学报》 * |
| 王明: "基于实时流技术的诈骗短信预警系统的设计与实现", 《软件》 * |
| 马庆贺等: "基于海量数据分析与远程取证的反电信诈骗平台", 《警察技术》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114629942B (en) | 2022-08-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102238612B1 (en) | DoS/DDoS attack detection method, device, server and storage medium | |
| CN110661659A (en) | Alarm method, device and system and electronic equipment | |
| CN111600746B (en) | Network fault positioning method, device and equipment | |
| CN112311617A (en) | Configured data monitoring and alarming method and system | |
| CN110198305A (en) | It attends a banquet method for detecting abnormality, system, computer equipment and the storage medium of IP | |
| US20200320845A1 (en) | Adaptive severity functions for alerts | |
| CN112636979B (en) | Cluster alarm method and related device | |
| CN110868418A (en) | Threat information generation method and device | |
| CN110704283A (en) | Method, device and medium for uniformly generating alarm information | |
| CN111444067A (en) | Rule engine-based configuration system monitoring method, device and equipment | |
| CN110191097B (en) | Method, system, equipment and storage medium for detecting security of login page | |
| CN111339062A (en) | Data monitoring method and device, electronic equipment and storage medium | |
| CN114443441A (en) | Storage system management method, device, equipment and readable storage medium | |
| CN110737565A (en) | data monitoring method, device, electronic equipment and storage medium | |
| CN114629942B (en) | Fraud early warning task generation method, device, equipment and medium | |
| CN110888790B (en) | Log management method and device, electronic equipment and storage medium | |
| US20230359514A1 (en) | Operation-based event suppression | |
| US11308212B1 (en) | Adjudicating files by classifying directories based on collected telemetry data | |
| CN115878932A (en) | Website security event processing method, device, equipment and medium | |
| CN106357481B (en) | Power utilization safety management method and system | |
| CN114826877A (en) | Asset alarm processing method and device, computer equipment and storage medium | |
| CN114239963A (en) | Method and device for detecting directed graph circulation path | |
| EP3585034A1 (en) | Big data-based method for learning and protecting service logic and device for learning and protection | |
| CN115208938B (en) | User behavior control method and device and computer readable storage medium | |
| CN110955579A (en) | Ambari-based large data platform monitoring method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |