CN114792007A - Code detection method, device, equipment, storage medium and computer program product - Google Patents

Code detection method, device, equipment, storage medium and computer program product Download PDF

Info

Publication number
CN114792007A
CN114792007A CN202210457160.3A CN202210457160A CN114792007A CN 114792007 A CN114792007 A CN 114792007A CN 202210457160 A CN202210457160 A CN 202210457160A CN 114792007 A CN114792007 A CN 114792007A
Authority
CN
China
Prior art keywords
character string
code
transaction account
detected
risk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210457160.3A
Other languages
Chinese (zh)
Inventor
黄艳虹
胡锐明
吴佳文
黄振华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202210457160.3A priority Critical patent/CN114792007A/en
Publication of CN114792007A publication Critical patent/CN114792007A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • G06F16/90335Query processing
    • G06F16/90344Query processing by using string matching techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Abstract

The application relates to the technical field of information security, and provides a code detection method, a code detection device, computer equipment, a storage medium and a computer program product, which can be particularly applied to the financial field or other related fields. The method and the device can improve the accuracy and efficiency of code detection and reduce the cost of code detection. The method comprises the following steps: the method comprises the steps of obtaining a code to be detected and a transaction account forming rule, obtaining character string length target information of a transaction account according to the transaction account forming rule, extracting each character string in the code to be detected, obtaining character string length information corresponding to each character string, taking the character string with the character string length information matched with the character string length target information as a character string to be judged, judging whether the character string to be judged accords with the transaction account forming rule or not, and determining whether the code to be detected contains an illegal transaction account according to a judgment result.

Description

Code detection method, device, equipment, storage medium and computer program product
Technical Field
The present application relates to the field of information security technologies, and in particular, to a code detection method, apparatus, computer device, storage medium, and computer program product.
Background
With the development of information security technology, code detection is an important link in information security level protection work, and is also one of effective means for improving system security in the whole software life cycle. For example, in a system involving settlement and payment, if the program code is maliciously written into an illegal transaction account number (including a transaction card number, a transaction account number, etc.) by a programmer, when the program code is executed, funds may be transferred into the corresponding transaction account number, which results in the loss of funds.
In the conventional technology, code detection is usually performed by manually detecting codes, but the technology has low efficiency in code detection.
Disclosure of Invention
In view of the foregoing, it is necessary to provide a code detection method, apparatus, computer device, computer readable storage medium and computer program product for solving the above technical problems.
In a first aspect, the present application provides a code detection method. The method comprises the following steps:
acquiring a rule consisting of a code to be detected and a transaction account number;
acquiring character string length target information of a transaction account according to a transaction account composition rule;
extracting each character string in the code to be detected, and acquiring character string length information corresponding to each character string;
taking a character string with the character string length information matched with the character string length target information as a character string to be judged;
judging whether the character string to be judged accords with a transaction account composition rule or not;
and determining whether the code to be detected contains an illegal transaction account number or not according to the judgment result.
In one embodiment, extracting each character string in the code to be detected includes:
carrying out syntactic analysis and/or lexical analysis on the code to be detected, and extracting each assignment statement contained in the code to be detected;
and extracting each character string contained in each assignment statement.
In one embodiment, the determining whether the character string to be determined conforms to the rules for forming the transaction account includes:
judging whether each character string to be judged is matched with account information in a preset transaction account white list or not;
if the non-uniform matching exists, extracting each non-matching character string to be judged in the character strings to be judged;
and judging whether the non-matched character strings to be judged accord with the composition rule of the transaction account.
In one embodiment, the method further comprises:
and if the codes are matched, determining that the codes to be detected do not contain illegal transaction account numbers.
In one embodiment, determining whether the code to be detected contains an illegal transaction account number according to the judgment result includes:
calculating a risk value of the code to be detected according to the judgment result;
determining a risk threshold interval condition met by the risk value;
if the risk threshold interval condition met by the risk value is a first risk threshold interval condition, determining that the code to be detected does not contain an illegal transaction account number;
if the risk threshold interval condition met by the risk value is a second risk threshold interval condition, determining that the code to be detected has a risk of containing an illegal transaction account number;
if the risk threshold interval condition met by the risk value is a third risk threshold interval condition, determining that the code to be detected contains an illegal transaction account number;
wherein the first risk threshold interval condition is a risk interval less than or equal to the first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to a second risk threshold; the third risk threshold interval condition is a risk interval greater than the second risk threshold.
In one embodiment, the method further comprises:
acquiring a code sample and whether the code sample contains a real result of an illegal transaction account;
training the risk threshold acquisition model to be trained by using the code sample and the real result to obtain a trained risk threshold acquisition model;
and acquiring a first risk threshold and a second risk threshold through the trained risk threshold acquisition model.
In one embodiment, the obtaining of the transaction account number composition rule comprises:
and acquiring the latest transaction account composition rule corresponding to each transaction account type according to a preset time period.
In a second aspect, the present application further provides a code detection apparatus. The device comprises:
the code acquisition module to be detected is used for acquiring the rules formed by the code to be detected and the transaction account number;
the character string length target information acquisition module is used for acquiring character string length target information of the transaction account according to the transaction account composition rule;
the character string extraction module is used for extracting each character string in the code to be detected and acquiring the length information of the character string corresponding to each character string;
the character string to be judged is used as a module for taking the character string of which the character string length information is matched with the character string length target information as the character string to be judged;
the transaction account composition rule judging module is used for judging whether the character string to be judged accords with the transaction account composition rule or not;
and the illegal transaction account determining module is used for determining whether the code to be detected contains an illegal transaction account according to the judgment result.
In a third aspect, the application also provides a computer device. The computer device comprises a memory storing a computer program and a processor implementing the following steps when executing the computer program:
acquiring a rule consisting of a code to be detected and a transaction account number; acquiring character string length target information of a transaction account according to a transaction account composition rule; extracting each character string in the code to be detected, and acquiring character string length information corresponding to each character string; taking a character string with the character string length information matched with the character string length target information as a character string to be judged; judging whether the character string to be judged accords with a transaction account number composition rule or not; and determining whether the code to be detected contains an illegal transaction account number or not according to the judgment result.
In a fourth aspect, the present application further provides a computer-readable storage medium. The computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of:
acquiring a rule consisting of a code to be detected and a transaction account number; acquiring character string length target information of a transaction account according to a transaction account composition rule; extracting each character string in the code to be detected, and acquiring character string length information corresponding to each character string; taking a character string with the character string length information matched with the character string length target information as a character string to be judged; judging whether the character string to be judged accords with a transaction account number composition rule or not; and determining whether the code to be detected contains an illegal transaction account number or not according to the judgment result.
In a fifth aspect, the present application further provides a computer program product. The computer program product comprising a computer program which when executed by a processor performs the steps of:
acquiring a rule consisting of a code to be detected and a transaction account number; acquiring character string length target information of a transaction account according to a transaction account composition rule; extracting each character string in the code to be detected, and acquiring character string length information corresponding to each character string; taking the character string with the character string length information matched with the character string length target information as a character string to be judged; judging whether the character string to be judged accords with a transaction account number composition rule or not; and determining whether the code to be detected contains an illegal transaction account number or not according to the judgment result.
According to the code detection method, the code detection device, the computer equipment, the storage medium and the computer program product, a code to be detected and a transaction account number composition rule are obtained, character string length target information of the transaction account number is obtained according to the transaction account number composition rule, each character string in the code to be detected is extracted, character string length information corresponding to each character string is obtained, the character string with the character string length information matched with the character string length target information is used as a character string to be judged, whether the character string to be judged accords with the transaction account number composition rule or not is judged, and whether the code to be detected contains an illegal transaction account number or not is determined according to a judgment result. According to the scheme, the latest transaction account composition rule corresponding to each transaction account type can be obtained in advance, the code to be detected is obtained, the character string length target information of the transaction account is obtained according to the transaction account composition rule, all character strings in the code to be detected are extracted, the character string length information corresponding to all the character strings is obtained, whether the character string length information is matched with the character string length target information is judged, the matched character strings are used as the character strings to be judged, whether the character strings to be judged accord with the transaction account composition rule is judged, whether the code to be detected contains an illegal transaction account is determined according to the judgment result, therefore, the accuracy and the efficiency of code detection are improved, and the cost of code detection is reduced.
Drawings
FIG. 1 is a flow diagram illustrating a method for code detection in one embodiment;
FIG. 2 is a diagram of an application environment of a code detection method in one embodiment;
FIG. 3 is a schematic diagram of a software structure of a transaction account detection decision server in one embodiment;
FIG. 4 is a schematic flow chart diagram of a code detection method in another embodiment;
FIG. 5 is a block diagram showing the structure of a code detection apparatus according to an embodiment;
FIG. 6 is a diagram of the internal structure of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
In an embodiment, as shown in fig. 1, a code detection method is provided, and this embodiment is exemplified by applying the method to a server or a terminal, and includes the following steps:
and step S101, acquiring a rule formed by the code to be detected and the transaction account number.
In this step, as shown in fig. 2, the transaction account number composition rule may be the latest transaction account number composition rule corresponding to each transaction account number type, where the transaction account number composition rule includes, but is not limited to, card BIN, card number length, area code position in the account, account number length, and other rules, and the transaction account number type includes, but is not limited to, card number, account number, and two-dimensional code account system.
Specifically, as shown in fig. 2, 3, and 4, a server (which may be referred to as a transaction account detection decision server 01) obtains latest transaction account composition rules corresponding to each transaction account type according to a preset time period, such as receiving a card and an account rule sent by a bank system server 02, a card BIN rule sent by a card organization system server 03, and a transaction account composition rule sent by another account system server 04, and receiving a call detection service (code detection service call, including a code to be detected) sent by an order payment system server 05, where the transaction account detection decision server 01 returns a check result to the order payment system server 05 after completing code detection, where the check result may include whether an illegal transaction account number is included, whether a risk value including an illegal transaction account number is included, or whether a risk value including an illegal transaction account number is included.
For example, as shown in fig. 3, the software structure of the server (which may be referred to as a transaction account detection decision server) may include a configuration management center 01, a transaction account rule base 02, a source code reading module 03, a source code parsing module 04, a white list filtering module 05, a code variable value matching module 06, a risk threshold value calculation module 07, an interactive decision module 08, a composition rule obtaining module 09, and a data analysis processing module 10. The configuration management center 01 may be configured to configure parameters, such as parameters of a transaction account composition rule, parameters of a white list, parameters of risk calculation, and parameters of risk thresholds (a first risk threshold and a second risk threshold); the transaction account rule base 02 is used for storing transaction account composition rules; the source code reading module 03 is used for reading the code to be detected after acquiring the code to be detected, inputting the code to be detected into the source code syntax analysis module 04, calculating the difference (illegal) code segments of each batch, and providing the calculated risk values to the code variable value matching module 06 and the risk threshold value calculation module 07; the source code syntax analysis module 04 is used for extracting the assignment statements and then performing subsequent analysis on the white list filtering module 05 and the code variable value matching module 06; the white list filtering module 05 is used for filtering elements which are determined not to need to calculate the risk score, such as specific files, values of specific variables (or constants), specific sentences and the like, and codes which are determined to be consistent with the elements in the white list are filtered without further subsequent matching and influencing subsequent risk value judgment; the code variable value matching module 06 is used for performing rule judgment on related source code characteristics according to the input of the source code syntactic analysis module 04 and the transaction account rule base 02, and outputting a risk value to the risk threshold calculation module 07; the risk threshold value calculation module 07 is used for calculating a risk value, performing arithmetic addition on the risk value output by the code variable value matching module 06, summarizing risk prompt information and outputting a detection result to the interactive decision module 08; the interactive decision module 08 is configured to determine a code detection result through decision threshold configuration parameters in combination with the calculation result of the risk threshold calculation module 07, where the code detection result may be "no risk-passing detection", "low risk-requiring manual verification", "high risk-refusing submission"; the composition rule acquisition module 09 is used for acquiring the latest transaction account composition rule regularly and storing the latest transaction account composition rule in a local database; the data analysis processing module 10 is used for recording the code detection accuracy, adjusting parameters in a recognition algorithm of the code detection and training a neural network model, adjusting parameter values in the algorithm, and improving the accuracy of recognition of illegal transaction accounts, thereby improving the accuracy of code detection.
And step S102, acquiring character string length target information of the transaction account according to the transaction account composition rule.
In this step, the character string length target information of the transaction account may refer to a length corresponding to a character string of the transaction account represented in the code, and the character string length target information of the transaction account may be obtained according to a transaction account composition rule or may be a rule of character string length target information of one transaction account belonging to the transaction account composition rule.
Specifically, the corresponding character string length of the transaction account is obtained according to the transaction account composition rule.
And step S103, extracting each character string in the code to be detected, and acquiring character string length information corresponding to each character string.
In this step, the length information of the character string corresponding to each character string may be a length corresponding to each character string.
Specifically, all character strings are extracted from the code to be detected, and the respective corresponding lengths of all the character strings are obtained.
And step S104, taking the character string with the character string length information matched with the character string length target information as a character string to be judged.
Specifically, whether the character string length information is matched with the character string length target information is judged, the matched character string is used as a character string to be judged, and as shown in fig. 4, a character string which accords with the length of the transaction account in the transaction account composition rule is screened out from the code to be detected (the character string which accords with the length of the account is screened out).
Step S105, judging whether the character string to be judged accords with the composition rule of the transaction account.
Specifically, as shown in fig. 3, the code variable value matching module 06 determines whether the character string to be determined conforms to all rules in the transaction account composition rule, or determines whether the character string to be determined conforms to all rules in the transaction account composition rule except for the character string length target information rule, for example, determines whether to match a value in a corresponding bit of the defined value, whether to match a value of the defined value after logical deformation or operation, and outputs the determination score to the risk threshold value calculation module 07.
And step S106, determining whether the code to be detected contains an illegal transaction account number or not according to the judgment result.
In this step, the illegal transaction account may refer to a transaction account that is not allowed to appear in the code to be detected, and may be an illegal transaction account or a transaction account maliciously written into the code to be detected.
Specifically, according to the judgment result, a code detection result of whether the code to be detected contains the illegal transaction account number is obtained.
The code detection method comprises the steps of obtaining a code to be detected and a transaction account number composition rule, obtaining character string length target information of a transaction account number according to the transaction account number composition rule, extracting each character string in the code to be detected, obtaining character string length information corresponding to each character string, taking the character string with the character string length information matched with the character string length target information as a character string to be judged, judging whether the character string to be judged accords with the transaction account number composition rule or not, and determining whether the code to be detected contains an illegal transaction account number or not according to a judgment result. According to the scheme, the latest transaction account composition rule corresponding to each transaction account type can be obtained in advance, the code to be detected is obtained, the target information of the length of the character string of the transaction account is obtained according to the transaction account composition rule, all character strings in the code to be detected are extracted, the length information of the character string corresponding to each character string is obtained, whether the length information of the character string is matched with the target information of the length of the character string is judged, the matched character string is used as the character string to be judged, whether the character string to be judged accords with the transaction account composition rule is judged, whether the code to be detected contains an illegal transaction account is determined according to the judgment result, so that the accuracy and the efficiency of code detection are improved, and the cost of code detection is reduced.
In an embodiment, the extracting of each character string in the code to be detected in step S103 specifically includes: carrying out syntactic analysis and/or lexical analysis on the code to be detected, and extracting each assignment statement contained in the code to be detected; and extracting each character string contained in each assignment statement.
In this embodiment, the syntax analysis and/or lexical analysis is used to extract each assignment statement included in the code to be detected, and the syntax analysis and/or lexical analysis may be used to analyze the type of a variable (or constant), a defined value, a fixed relationship related to an account implicit in a program code context and/or operation, and the like; the assignment statement may include a variable definition statement, a variable (or constant) assignment statement, a logical operation statement, a value operation statement, and the like risk statements (or assignment statements).
Specifically, as shown in fig. 4, after the code to be detected (the uploading code) is read, the code to be detected is first matched with a white list file (a code file which does not need to be checked/detected), if the code to be detected is matched with the white list file, a detection result that the code to be detected does not contain an illegal transaction account (the code file passes the check) is directly obtained, if the code to be detected is not matched with the white list file, syntax analysis and/or lexical analysis are performed on the code to be detected, all assignment statements (effective statement row screening) included in the code to be detected are extracted, and all character strings included in each assignment statement are extracted from all the assignment statements.
According to the technical scheme, the accuracy and the efficiency of extracting the character strings are improved by extracting the assignment sentences in the codes to be detected and extracting the character strings contained in the assignment sentences, so that the accuracy and the efficiency of detecting the code are improved subsequently.
In an embodiment, the step S105 of determining whether the character string to be determined conforms to the transaction account formation rule specifically includes: judging whether each character string to be judged is matched with account information in a preset transaction account white list or not; if the non-uniform matching exists, extracting each non-matching character string to be judged in the character strings to be judged; and judging whether the non-matched character strings to be judged accord with the composition rule of the transaction account.
In this embodiment, the account information in the preset transaction account white list may be an account value in the preset transaction account white list.
Specifically, as shown in fig. 4, it is determined through a white list filter whether each character string to be determined matches an account value in a preset transaction account white list (matches a white list account), where the matching indicates that the transaction account represented by the character string belongs to a safe or legal account in the white list), if not, the non-matching character string to be determined is screened out from the character string to be determined, whether each non-matching character string to be determined matches a transaction account composition rule is determined, and if so, a character string conforming to the transaction account composition rule (i.e., a statement row of a hit rule) is extracted for performing risk assessment and determination.
According to the technical scheme, whether each character string to be judged is matched with the account information in the preset transaction account white list or not is judged, so that the time for judging whether the character string to be judged accords with the transaction account forming rule or not is favorably shortened, and the efficiency of code detection is favorably improved.
In one embodiment, the method may further include determining that the code to be detected does not include an illegal transaction account number by the following steps, specifically including: and if the codes are matched, determining that the codes to be detected do not contain illegal transaction account numbers.
Specifically, as shown in fig. 4, whether each character string to be determined matches an account value in a preset transaction account white list is determined through a white list filter, and if all character strings to be determined match account values in the preset transaction account white list, it is determined that the code to be detected does not contain an illegal transaction account, and a detection result that the code to be detected does not contain an illegal transaction account (check pass) is obtained.
According to the technical scheme, whether each character string to be judged is matched with the account information in the preset transaction account white list or not is judged, so that the situation that safe or legal accounts in the white list are taken as illegal transaction accounts is favorably prevented, code detection results are directly obtained when all the accounts are matched, and the accuracy and the efficiency of code detection are favorably improved.
In an embodiment, the determining, according to the determination result in the step S106, whether the code to be detected includes an illegal account number specifically includes: calculating a risk value of the code to be detected according to the judgment result; determining a risk threshold interval condition met by the risk value; if the risk threshold interval condition met by the risk value is a first risk threshold interval condition, determining that the code to be detected does not contain an illegal transaction account number; if the risk threshold interval condition met by the risk value is a second risk threshold interval condition, determining that the code to be detected has a risk of containing an illegal transaction account; and if the risk threshold interval condition met by the risk value is a third risk threshold interval condition, determining that the code to be detected contains the illegal transaction account number.
In this embodiment, the first risk threshold interval condition is a risk interval less than or equal to the first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to a second risk threshold; the third risk threshold interval condition is a risk interval greater than the second risk threshold. Where the first risk threshold may be M% and the second risk threshold may be N%, the first risk threshold being less than the second risk threshold.
Specifically, as shown in fig. 4, according to the judgment result, the risk value of the code to be detected is calculated (whether risk assessment exists), the risk threshold interval condition that the risk value satisfies is determined, if the risk threshold interval condition that the risk value satisfies is the first risk threshold interval condition, determining that the code to be detected does not contain an illegal transaction account number (no risk-pass detection, check pass), if the risk value meets the risk threshold interval condition of a second risk threshold interval condition, determining that the code to be detected has a risk of containing the illegal transaction account number (low risk-manual verification is needed, and after manual verification, determining whether the code passes or rejects warehousing), and if the risk threshold interval condition met by the risk value is the third risk threshold interval condition, determining that the code to be detected contains the illegal transaction account number (high risk-submission rejection, warehousing rejection).
According to the technical scheme, the risk threshold interval condition met by the risk value of the code to be detected is determined, so that the code detection result of the code to be detected can be acquired more accurately, and the code detection accuracy is improved.
In an embodiment, the method may further include obtaining the first risk threshold and the second risk threshold by the following steps, specifically including: acquiring a code sample and whether the code sample contains a real result of an illegal transaction account; training the risk threshold acquisition model to be trained by using the code sample and the real result to obtain a trained risk threshold acquisition model; the first risk threshold and the second risk threshold are obtained through the trained risk threshold obtaining model.
In this embodiment, the risk threshold obtaining model to be trained may be a neural network model, for example, a BP neural network model.
Specifically, whether a code sample and a real result of whether the code sample contain an illegal transaction account number are obtained, the code sample and the real result are input into a BP neural network model containing a BP algorithm, a gradient search technology is utilized to minimize the mean square error of an actual output value and an expected output value of the network, the BP algorithm comprises two processes of forward propagation of signals and backward propagation of errors, namely, the error output is calculated according to the direction from input to output, and the adjustment of a weight and a threshold value is carried out from the direction from output to input, when the forward propagation is carried out, the input signals act on output nodes through a hidden layer, an output signal is generated through nonlinear transformation, if the actual output does not accord with the expected output, the backward propagation process of the errors is carried out, the error backward propagation is that the output errors are reversely transmitted to the input layer through the hidden layer by layer, and the errors are distributed to all neural units of each layer, the error signals obtained from each layer are used as the basis for adjusting the weight of each unit, the error is reduced along the gradient direction by adjusting the connection strength between the input node and the hidden node and the connection strength between the hidden node and the output node in the neural unit and the threshold values, and the trained risk threshold value acquisition model is obtained through repeated learning and training, so that the parameters (including the first risk threshold value and the second risk threshold value, and also including the parameters of the transaction account number composition rule, the parameters of the white list, the parameters of risk calculation and the like) corresponding to the minimum error are determined.
According to the technical scheme, the trained risk threshold acquisition model is used for acquiring the first risk threshold and the second risk threshold, so that the first risk threshold and the second risk threshold which are better can be acquired, and the accuracy of code detection can be improved.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not limited to being performed in the exact order illustrated and, unless explicitly stated herein, may be performed in other orders. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the application also provides a code detection device for realizing the code detection method. The implementation scheme for solving the problem provided by the apparatus is similar to the implementation scheme described in the above method, so the specific limitations in one or more embodiments of the code detection apparatus provided below can be referred to the limitations on the code detection method in the foregoing, and details are not described here.
In one embodiment, as shown in fig. 5, there is provided a code detection apparatus 500, which may include:
a code to be detected acquisition module 501, configured to acquire a rule formed by a code to be detected and a transaction account;
a character string length target information obtaining module 502, configured to obtain character string length target information of the transaction account according to the transaction account composition rule;
a character string extraction module 503, configured to extract each character string in the code to be detected, and obtain character string length information corresponding to each character string;
a character string to be determined as a module 504, configured to use a character string in which the character string length information matches the character string length target information as a character string to be determined;
a transaction account composition rule determining module 505, configured to determine whether the character string to be determined meets the transaction account composition rule;
an illegal transaction account determining module 506, configured to determine whether the code to be detected includes an illegal transaction account according to the determination result.
In one embodiment, the character string extraction module 503 is further configured to perform syntax analysis and/or lexical analysis on the code to be detected, and extract each assignment statement included in the code to be detected; and extracting each character string contained in each assignment statement.
In one embodiment, the transaction account composition rule determining module 505 is further configured to determine whether each character string to be determined matches account information in a preset transaction account white list; if the non-uniform matching exists, extracting each non-matching character string to be judged in the character strings to be judged; and judging whether the non-matched character strings to be judged accord with the composition rule of the transaction account.
In one embodiment, the apparatus 500 further comprises: and the illegal transaction account number determining module is used for determining that the code to be detected does not contain the illegal transaction account number if the code to be detected is matched with the illegal transaction account number.
In an embodiment, the illegal transaction account number determining module 506 is further configured to calculate a risk value of the code to be detected according to the determination result; determining a risk threshold interval condition that the risk value satisfies; if the risk threshold interval condition met by the risk value is a first risk threshold interval condition, determining that the code to be detected does not contain an illegal transaction account; if the risk threshold interval condition met by the risk value is a second risk threshold interval condition, determining that the code to be detected has a risk of containing an illegal transaction account; if the risk threshold interval condition met by the risk value is a third risk threshold interval condition, determining that the code to be detected contains an illegal transaction account number; wherein the first risk threshold interval condition is a risk interval less than or equal to a first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to a second risk threshold; the third risk threshold interval condition is a risk interval greater than the second risk threshold.
In one embodiment, the apparatus 500 further comprises: the risk threshold value acquisition module is used for acquiring a code sample and whether the code sample contains a real result of an illegal transaction account number; training a risk threshold acquisition model to be trained by using the code sample and the real result to obtain a trained risk threshold acquisition model; obtaining the first risk threshold and the second risk threshold through the trained risk threshold obtaining model.
The modules in the code detection device can be wholly or partially implemented by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent of a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
It should be noted that the method and apparatus for code detection provided by the present application may be used in the application field related to code detection in the financial field, and may also be used in processing related to code detection in any field other than the financial field.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used for storing the rule data formed by the codes to be detected and the transaction account number. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer equipment also comprises an input/output interface, wherein the input/output interface is a connecting circuit for exchanging information between the processor and external equipment, and is connected with the processor through a bus, namely an I/O interface for short. The computer program is executed by a processor to implement a code detection method.
Those skilled in the art will appreciate that the architecture shown in fig. 6 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is further provided, which includes a memory and a processor, the memory stores a computer program, and the processor implements the steps of the above method embodiments when executing the computer program.
In an embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, carries out the steps in the method embodiments described above.
It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, displayed data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high-density embedded nonvolatile Memory, resistive Random Access Memory (ReRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), Phase Change Memory (PCM), graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, and these are all within the scope of protection of the present application. Therefore, the protection scope of the present application should be subject to the appended claims.

Claims (10)

1. A method of code detection, the method comprising:
acquiring a rule consisting of a code to be detected and a transaction account number;
acquiring character string length target information of the transaction account according to the transaction account composition rule;
extracting each character string in the code to be detected, and acquiring character string length information corresponding to each character string;
taking a character string with the character string length information matched with the character string length target information as a character string to be judged;
judging whether the character string to be judged accords with the composition rule of the transaction account;
and determining whether the code to be detected contains an illegal transaction account number or not according to a judgment result.
2. The method according to claim 1, wherein the extracting each character string in the code to be detected comprises:
performing syntactic analysis and/or lexical analysis on the code to be detected, and extracting each assignment statement contained in the code to be detected;
and extracting each character string contained in each assignment statement.
3. The method of claim 1, wherein the determining whether the character string to be determined conforms to the transaction account number composition rule comprises:
judging whether each character string to be judged is matched with account information in a preset transaction account white list or not;
if the non-uniform matching exists, extracting each non-matching character string to be judged in the character strings to be judged;
and judging whether the non-matched character strings to be judged accord with the composition rule of the transaction account.
4. The method of claim 3, further comprising:
and if the two codes are matched, determining that the to-be-detected code does not contain an illegal transaction account number.
5. The method according to any one of claims 1 to 4, wherein the determining whether the code to be detected contains an illegal account number according to the judgment result comprises:
calculating a risk value of the code to be detected according to a judgment result;
determining a risk threshold interval condition that the risk value satisfies;
if the risk threshold interval condition met by the risk value is a first risk threshold interval condition, determining that the code to be detected does not contain an illegal transaction account number;
if the risk threshold interval condition met by the risk value is a second risk threshold interval condition, determining that the code to be detected has a risk of containing an illegal transaction account;
if the risk threshold interval condition met by the risk value is a third risk threshold interval condition, determining that the code to be detected contains an illegal transaction account number;
wherein the first risk threshold interval condition is a risk interval less than or equal to a first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to a second risk threshold; the third risk threshold interval condition is a risk interval greater than the second risk threshold.
6. The method of claim 5, further comprising:
acquiring a code sample and whether the code sample contains a real result of an illegal transaction account;
training a risk threshold acquisition model to be trained by using the code sample and the real result to obtain a trained risk threshold acquisition model;
obtaining the first risk threshold and the second risk threshold through the trained risk threshold obtaining model.
7. A code detection apparatus, characterized in that the apparatus comprises:
the code acquisition module to be detected is used for acquiring the rules formed by the code to be detected and the transaction account number;
the character string length target information acquisition module is used for acquiring character string length target information of the transaction account according to the transaction account composition rule;
the character string extraction module is used for extracting each character string in the code to be detected and acquiring character string length information corresponding to each character string;
the character string to be judged is used as a module for taking the character string of which the character string length information is matched with the character string length target information as the character string to be judged;
the transaction account composition rule judging module is used for judging whether the character string to be judged accords with the transaction account composition rule or not;
and the illegal transaction account determining module is used for determining whether the code to be detected contains an illegal transaction account according to the judgment result.
8. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor realizes the steps of the method of any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
CN202210457160.3A 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product Pending CN114792007A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210457160.3A CN114792007A (en) 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210457160.3A CN114792007A (en) 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product

Publications (1)

Publication Number Publication Date
CN114792007A true CN114792007A (en) 2022-07-26

Family

ID=82461216

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210457160.3A Pending CN114792007A (en) 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product

Country Status (1)

Country Link
CN (1) CN114792007A (en)

Similar Documents

Publication Publication Date Title
CN107025596B (en) Risk assessment method and system
CA2738480C (en) Detection of confidential information
CN106960358A (en) A kind of financial fraud behavior based on rural area electronic commerce big data deep learning quantifies detecting system
CN111309822A (en) User identity identification method and device
CN114036531A (en) Multi-scale code measurement-based software security vulnerability detection method
CN110782349A (en) Model training method and system
CN112927072A (en) Block chain-based anti-money laundering arbitration method, system and related device
CN109242165A (en) A kind of model training and prediction technique and device based on model training
Barua et al. Swindle: Predicting the probability of loan defaults using catboost algorithm
CN112990989B (en) Value prediction model input data generation method, device, equipment and medium
CN113570437A (en) Product recommendation method and device
CN113139876A (en) Risk model training method and device, computer equipment and readable storage medium
CN114285587A (en) Domain name identification method and device and domain name classification model acquisition method and device
CN114792007A (en) Code detection method, device, equipment, storage medium and computer program product
CN113761536B (en) Safety detection method and system based on business logic
CN114626553A (en) Training method and device of financial data monitoring model and computer equipment
CN112632219B (en) Method and device for intercepting junk short messages
CN114372867A (en) User credit verification and evaluation method and device and computer equipment
CN114170000A (en) Credit card user risk category identification method, device, computer equipment and medium
CN111737319A (en) User cluster prediction method and device, computer equipment and storage medium
KR102557800B1 (en) Device and method for constructing differentially private decision trees
CN111369352B (en) Joint modeling method, apparatus, and medium
CN115037648B (en) Intelligent contract test case generation method and system based on data flow reduction
CN113254644B (en) Model training method, non-complaint work order processing method, system, device and medium
CN115131138A (en) Credit assessment method, device, equipment and medium based on enterprise financial stability

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination