CN116050520A - Risk processing model training method, risk object processing method and related devices - Google Patents

Abstract

The risk processing model training method, the risk object processing method and the related devices can select at least one target risk evaluation characteristic information by selecting the risk evaluation characteristic information on the risk characteristic selection page, namely the risk evaluation characteristic information is presented in a visual form, the target risk evaluation characteristic information can be quickly selected, the reference risk processing rule information is determined based on the target risk evaluation characteristic information, and the risk processing rule information is predicted, so that training of a risk processing model is accelerated, and development efficiency is improved.

Description

Risk processing model training method, risk object processing method and related devices

Technical Field

The application relates to the technical field of data processing, in particular to a risk processing model training method, a risk object processing method and related devices.

Background

With the development of internet technology, the traffic of hot services such as online social contact, short video, news points and the like is rapidly increased, and meanwhile, the black industry is derived. For the black industry, striking can be used. The prior striking mode for the black industry adopts a chimney mode, the chimney mode is to extract a user account from flowing water of a service striking request, count the behavior of the user account, and then judge the behavior of the user account by expert experience to determine a striking result, wherein the striking result refers to whether the user account is struck or not. And if the user account is determined to be hit, a hit rule is called to hit the user, so that a hit result is obtained.

The existing chimney type striking mode includes the steps of acquiring a service striking request, outputting a striking result, and covering development of all data processing, feature calculation and rule formulation, so that a chimney type black box is formed. And with the increase of service types, a large number of mutually independent chimneys are generated to strike the services of different service types. This results in a great deal of time and effort for the developer to develop the chimney-type striking mode, resulting in low development efficiency.

Disclosure of Invention

The embodiment of the application provides a risk processing model training method and a related device, wherein the related device comprises a risk processing model training device, computer equipment and a computer readable storage medium, and can improve development efficiency.

A risk processing model training method, comprising:

displaying a risk feature selection page comprising risk assessment feature information in at least one dimension for the target risk object;

selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information;

determining reference risk processing rule information based on the at least one target risk assessment feature information;

Predicting risk processing rule information for a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information;

and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

Accordingly, an embodiment of the present application provides a risk processing model training device, including:

a display unit configured to display a risk feature selection page including risk assessment feature information in at least one dimension for a target risk object;

a response unit configured to select at least one target risk assessment feature information from risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information;

a first determining unit configured to determine reference risk processing rule information based on at least one target risk assessment feature information;

the first prediction unit is used for predicting risk processing rule information aiming at a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information;

the training unit is used for training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

In some embodiments, the first determining unit may be specifically configured to determine sub-risk assessment logic information corresponding to each target risk assessment feature information; and combining the sub-risk assessment logic information corresponding to each target risk assessment characteristic information to generate reference risk processing rule information of the target risk object.

In some embodiments, the first determining unit may be specifically configured to display a risk assessment logic editing page, where the risk assessment logic editing page includes a component selection area and a logic editing area, and the component selection area includes a logic unit component corresponding to at least one piece of sub-risk assessment logic information of the target risk assessment feature information; and responding to the selection operation of the target logic unit component, displaying the target logic unit component in a logic editing area, and obtaining the sub-risk assessment logic information corresponding to each piece of target risk assessment characteristic information.

In some embodiments, the first determining unit may specifically be configured to establish, in response to a connection operation for the target logic unit components, a connection line between the target logic unit components, so as to perform a combination process on the sub-risk assessment logic information to obtain reference risk processing rule information of the target risk object, where the connection line characterizes an execution sequence between the target logic unit components.

The embodiment of the application also provides a risk object processing method, which comprises the following steps:

acquiring at least one target risk assessment characteristic information of a target risk object;

based on at least one target risk assessment feature information, predicting a target risk object by adopting a trained risk processing model to obtain risk processing rule information of the target risk object, wherein the trained risk processing model is the trained risk processing model;

determining a risk level of the risk processing rule information based on the risk processing rule information; and performing risk treatment on the target risk object based on the risk level.

Accordingly, an embodiment of the present application provides a risk object processing apparatus, including:

the acquisition unit can be used for acquiring at least one target risk assessment characteristic information of the target risk object;

the second prediction unit may be configured to perform prediction processing on the target risk object by using a trained risk processing model based on at least one target risk assessment feature information, to obtain risk processing rule information of the target risk object, where the trained risk processing model is a trained risk processing model as described above;

the second determining unit may be configured to determine a risk level of the risk processing rule information based on the risk processing rule information;

The risk processing unit can be used for determining the risk level of the risk processing rule information based on the risk processing rule information; and performing risk treatment on the target risk object based on the risk level.

In some embodiments, the second determining unit may be specifically configured to obtain an actual risk level of the risk processing rule information based on the risk processing rule information, and obtain a plurality of preset level threshold sets, where the preset level threshold set includes at least one preset level threshold; determining candidate risk levels of the risk processing rule information based on preset level thresholds in the preset level threshold sets for each preset level threshold set; determining a target level threshold set from a plurality of preset level threshold sets based on the actual risk level and the candidate risk level; and determining the risk level corresponding to the risk processing rule information based on the target level threshold set.

In some embodiments, the second determining unit may be specifically configured to determine, based on the actual risk level and the candidate risk level, a target classification curve, where the target classification curve characterizes a classification condition of the risk processing rule information for each preset level threshold set; acquiring the slope of a target classification curve, wherein the slope represents the accuracy rate of risk processing rule information classification aiming at each preset level threshold set; and determining a target grade threshold set from the preset grade threshold set based on the slope of the target classification curve.

In some embodiments, the second determining unit may be specifically configured to obtain a risk level mapping relationship set, where the risk level mapping relationship set includes a mapping relationship between preset risk processing rule information and a preset risk level; and determining the risk level corresponding to the risk processing rule information according to the risk level and the risk level mapping relation set.

In addition, the embodiment of the application also provides computer equipment, which comprises a memory and a processor; the memory stores a computer program, and the processor is configured to execute the computer program in the memory to perform any of the risk processing model training methods provided in the embodiments of the present application.

In addition, the embodiment of the application further provides a computer readable storage medium, and the computer readable storage medium stores a computer program, and the computer program is suitable for being loaded by a processor to execute any risk processing model training method provided by the embodiment of the application.

In addition, the embodiment of the application also provides computer equipment, which comprises a memory and a processor; the memory stores a computer program, and the processor is configured to execute the computer program in the memory, so as to perform any of the risk object processing methods provided in the embodiments of the present application.

In addition, the embodiment of the application further provides a computer readable storage medium, and the computer readable storage medium stores a computer program, and the computer program is suitable for being loaded by a processor to execute any risk object processing method provided by the embodiment of the application.

The embodiment of the application can display a risk feature selection page, wherein the risk feature selection page comprises risk assessment feature information aiming at least one dimension of a target risk object; selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information; determining reference risk processing rule information based on the at least one target risk assessment feature information; predicting risk processing rule information for a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information; and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model. The risk evaluation feature information on the risk feature selection page can be selected, at least one target risk evaluation feature information is selected, namely the risk evaluation feature information is presented in a visual form, the target risk evaluation feature information can be rapidly selected, the reference risk processing rule information is determined based on the target risk evaluation feature information, and the risk processing rule information is predicted, so that training of a risk processing model is accelerated, and development efficiency is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic view of a scenario of a risk processing model training method provided in an embodiment of the present application;

FIG. 2 is a schematic flow chart of a risk processing model training method according to an embodiment of the present disclosure;

FIG. 3 is a flowchart of generating reference risk processing rule information of a target risk object according to an embodiment of the present disclosure;

fig. 4 is a schematic flow chart of determining sub-risk assessment logic information corresponding to each target risk assessment feature information according to an embodiment of the present application;

FIG. 5 is a schematic flowchart of a risk object handling method according to an embodiment of the present disclosure;

fig. 6 is a schematic flow chart of determining a risk level of risk processing rule information based on risk processing rule information provided in an embodiment of the present application;

FIG. 7 is a schematic diagram of a level threshold provided by an embodiment of the present application;

FIG. 8 is a schematic diagram of coordinate points on an ROC curve provided by an embodiment of the present application;

fig. 9 is a schematic two flow chart diagrams of a risk object handling method according to an embodiment of the present application;

FIG. 10 is a schematic diagram of a risk feature selection page provided by an embodiment of the present application;

FIG. 11 is a schematic diagram of a risk assessment logic editing page provided by an embodiment of the present application;

FIG. 12 is a schematic structural diagram of a risk processing model training device according to an embodiment of the present disclosure;

fig. 13 is a schematic structural diagram of a risk object handling apparatus provided in an embodiment of the present application;

fig. 14 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.

Embodiments of the present application relate to artificial intelligence (Artificial Intelligence, AI), which is a theory, method, technique, and application system that simulates, extends, and extends human intelligence, senses environment, obtains knowledge, and uses knowledge to obtain optimal results using a digital computer or a machine controlled by a digital computer. In other words, artificial intelligence is an integrated technology of computer science that attempts to understand the essence of intelligence and to produce a new intelligent machine that can react in a similar way to human intelligence. Artificial intelligence, i.e. research on design principles and implementation methods of various intelligent machines, enables the machines to have functions of sensing, reasoning and decision.

The artificial intelligence technology is a comprehensive subject, and relates to the technology with wide fields, namely the technology with a hardware level and the technology with a software level. Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and other directions.

The embodiment of the application provides a risk processing model training method, a risk object processing method and related devices, wherein the related devices comprise a risk processing model training device, a risk object processing device, computer equipment and a computer readable storage medium. The risk processing model training device can be integrated in computer equipment, and the computer equipment can be a server or a terminal and other equipment. The risk object processing apparatus may be integrated into a computer device, which may be a server or a terminal.

The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, network acceleration services (Content Delivery Network, CDN), basic cloud computing services such as big data and an artificial intelligent platform. The terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, a smart car couplet, etc. The terminal and the server may be directly or indirectly connected through wired or wireless communication, which is not limited herein.

For example, referring to fig. 1, taking the example of the risk processing model training apparatus being integrated in a computer device, the computer device displays a risk feature selection page that includes risk assessment feature information in at least one dimension for a target risk object; selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information; determining reference risk processing rule information based on the at least one target risk assessment feature information; predicting risk processing rule information for a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information; and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

The target risk object can be represented in the form of an identifier, wherein the identifier comprises an account number, a device identifier, a terminal identifier, a website identifier, a mobile phone number and the like.

The dimensions comprise basic attribute dimensions, account behavior dimensions, model dimensions and the like.

The risk assessment feature information of the basic attribute dimension comprises a credit score of the mark, a judgment score of whether the blackout software is used or not, whether the basic attribute is normal or not, and whether the mark is on a blacklist or a white list or not. The identification basic attributes comprise the number of friends, registration time and data perfection degree. The black-out software is software for performing a black industry transaction, and the black industry is industry which does not conform to a preset rule.

The account behavior dimension comprises an active behavior dimension and a passive behavior dimension, and the risk assessment characteristic information of the active behavior dimension comprises the number of added friends, praise frequency, browsing content, change of an account ip, total information sent by the account and the number of added groups. The risk assessment characteristic information of the passive behavior dimension comprises the number of times the account is deleted, the number of times the account is kicked out of the group and the number of times the account is reported by complaints. The risk assessment feature information of the account behavior dimension can adopt risk assessment feature information of different time periods.

The model dimension includes predictions of information of target risk objects by various subdivision models, for example, a video understanding deep learning model identifies whether a picture message sent by an account contains advertisements which do not conform to preset rules, a video understanding deep learning model identifies whether a head portrait picture of an account contains two-dimensional codes which do not conform to preset rules, and the like, and a text semantic nlp model identifies whether characters sent by the account contain information which do not conform to preset rules.

The reference risk processing rule information refers to rule information obtained by performing risk assessment on the target risk assessment feature information by using at least one piece of sub-risk assessment logic information. The sub-risk assessment logic information includes expert rules.

The following will describe in detail. The following description of the embodiments is not intended to limit the preferred embodiments.

The embodiment will be described from the perspective of a risk processing model training apparatus, which may be specifically integrated in a computer device, where the computer device may be a server or a device such as a terminal; the terminal may include a tablet computer, a notebook computer, a personal computer (PC, personal Computer), a wearable device, a virtual reality device, or other devices that may obtain data.

As shown in fig. 2, the specific flow of the risk processing model training method is as follows:

s101, displaying a risk feature selection page.

Wherein the risk feature selection page includes risk assessment feature information in at least one dimension for the target risk object.

The target risk object can be represented in the form of an identifier, wherein the identifier comprises an account number, a device identifier, a terminal identifier, a website identifier, a mobile phone number and the like.

The dimensions comprise basic attribute dimensions, account behavior dimensions, model dimensions and the like.

The risk assessment feature information of the basic attribute dimension comprises a credit score of the mark, a judgment score of whether the blackout software is used or not, whether the basic attribute is normal or not, and whether the mark is on a blacklist or a white list or not. The identification basic attributes comprise the number of friends, registration time and data perfection degree. The black-out software is software for performing a black industry transaction, and the black industry is industry which does not conform to a preset rule.

The account behavior dimension comprises an active behavior dimension and a passive behavior dimension, and the risk assessment characteristic information of the active behavior dimension comprises the number of added friends, praise frequency, browsing content, change of an account ip, total information sent by the account and the number of added groups. The risk assessment characteristic information of the passive behavior dimension comprises the number of times the account is deleted, the number of times the account is kicked out of the group and the number of times the account is reported by complaints. The risk assessment feature information of the account behavior dimension can adopt risk assessment feature information of different time periods.

The model dimension includes predictions of information of target risk objects by various subdivision models, for example, a video understanding deep learning model identifies whether a picture message sent by an account contains advertisements which do not conform to preset rules, a video understanding deep learning model identifies whether a head portrait picture of an account contains two-dimensional codes which do not conform to preset rules, a text semantic nlp model identifies whether characters sent by the account contain information which do not conform to preset rules, and the like.

S102, responding to a selection operation for risk assessment feature information, and selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension.

In the embodiment of the application, the user can perform selection operation on the risk assessment feature information on the risk feature selection page to select the target risk assessment feature information.

The selection operation comprises a clicking operation and a dragging operation.

S103, determining reference risk processing rule information based on at least one target risk assessment characteristic information.

The reference risk processing rule information refers to rule information obtained by performing risk assessment on the target risk assessment feature information by using at least one piece of sub-risk assessment logic information. The sub-risk assessment logic information includes rules set by the expert.

As shown in fig. 3, the process of generating the reference risk processing rule information of the target risk object by the computer device may be as follows:

a1, determining sub-risk assessment logic information corresponding to each target risk assessment characteristic information.

The sub risk assessment logic information refers to information for risk assessment of the target risk assessment feature information.

Each piece of target risk assessment feature information may correspond to one piece of sub-risk assessment logic information separately, for example, the target risk assessment feature information is a credit score of a WeChat account, and the sub-risk assessment logic information is: when the credit score of the WeChat account is larger than a first preset threshold, the WeChat account has no risk; when the credit score of the WeChat account is smaller than or equal to a first preset threshold value, the WeChat account has risk.

In this embodiment of the present application, at least two pieces of target risk assessment feature information may correspond to one piece of sub-risk assessment logic information, for example, the target risk assessment feature information includes credit of a WeChat account and credit of a QQ account, and the sub-risk assessment logic information corresponding to the target risk assessment feature information is: when the credit score of the WeChat account is larger than a first preset threshold value and the credit score of the QQ account is larger than a second preset threshold value, the WeChat account and the QQ account have no risk; when the credit score of the WeChat account number is smaller than or equal to a first preset threshold value and the credit score of the QQ account number is smaller than or equal to a second preset threshold value, the WeChat account number and the QQ account number have risks.

The computer device may determine sub-risk assessment logic information corresponding to each target risk assessment feature information based on the input instruction in response to the input instruction of the user. That is, the user inputs codes to construct sub-risk assessment logic information corresponding to each target risk assessment feature information.

As shown in fig. 4, the embodiment of the present application may further determine the sub-risk assessment logic information corresponding to each target risk assessment feature information by using the following procedure:

a1, displaying a risk assessment logic editing page.

The risk assessment logical edit page comprises a component selection area and a logical edit area. The component selection area may be disposed on the left side of the risk assessment logical edit page, and the logical edit area may be disposed on the right side of the risk assessment logical edit page.

The component selection area may be understood as a tool box, and the component selection area includes a logic unit component corresponding to at least one piece of sub-risk assessment logic information of the target risk assessment feature information. Each logical unit component corresponds to one piece of sub-risk assessment logical information.

The risk assessment logic edit page may be triggered by a user to be displayed on a display screen of the computer device by performing a target operation on the computer device. The target operation may be a voice operation, may be a trigger operation of a virtual key on a display screen of the computer device, or the like. The risk assessment logic edit page may be displayed based on the computer device in response to a run operation of the validation control on the selection page for the risk feature.

A2, responding to the selection operation of the target logic unit assembly, displaying the target logic unit assembly in a logic editing area, and obtaining the sub-risk assessment logic information corresponding to each piece of target risk assessment characteristic information.

The selection operation for the target logical unit component may be a drag operation for the target logical unit component, for example, the computer device responds to the drag operation for the target logical unit component, and the position of the drag operation is a logical editing area, and if the target logical unit component is detected in the logical editing area, the target logical unit component is displayed in the logical editing area.

Further, for example, the computer device responds to a drag operation for the target logical unit component, and the position of the drag operation is a preset position of the logical editing area, and if the target logical unit component is detected at the preset position, the target logical unit component is displayed at the preset position.

Wherein the selection operation for the target logical unit component may also be a click operation for the target logical unit component. For example, the computer device displays the target logical unit component in the logical edit area in response to a click operation in the component selection area for the target logical unit component.

A2, combining the sub-risk assessment logic information corresponding to each target risk assessment characteristic information to generate reference risk processing rule information of the target risk object.

The computer device may perform the combination processing on the sub-risk assessment logic information according to a preset sequence, where the preset sequence may be determined based on dimensions of the target risk assessment feature information, for example, a sequence of the target risk assessment feature information of the basic attribute dimension is prioritized over a sequence of the target risk assessment feature information of the account behavior dimension, and a sequence of the target risk assessment feature information of the account behavior dimension is prioritized over a sequence of the target risk assessment feature information of the model dimension.

The computer device may also combine the sub-risk assessment logic information using the following procedure:

specifically, the computer equipment responds to the connection operation aiming at the target logic unit components, and establishes connection lines among the target logic unit components so as to carry out combined processing on the sub-risk assessment logic information and obtain the reference risk processing rule information of the target risk object.

Wherein the connection lines characterize the execution order between the target logical unit components.

For example, the target risk object is a mobile phone account, the mobile phone account binds the QQ account and the WeChat account, the target risk assessment feature information includes credit of the WeChat account, credit of the QQ account, number of times the WeChat account is deleted, whether the picture message sent by the QQ account contains an advertisement that does not conform to a preset rule, and the multiple pieces of sub-risk assessment logic information include first sub-risk assessment logic information, second sub-risk assessment logic information and third sub-risk assessment logic information, for example, the first sub-risk assessment logic information is: when the credit score of the WeChat account is larger than a first preset threshold value and the credit score of the QQ account is larger than a second preset threshold value, the WeChat account and the QQ account have no risk; when the credit score of the WeChat account number is smaller than or equal to a first preset threshold value and the credit score of the QQ account number is smaller than or equal to a second preset threshold value, the WeChat account number and the QQ account number have risks. For example, the second sub-risk assessment logic information is: when the number of times that the WeChat account is deleted is larger than a third preset threshold, the WeChat account has risks; when the number of times that the WeChat account is deleted is smaller than or equal to a third preset threshold value, the WeChat account has no risk. For example, the third sub-risk assessment logic information is: when the picture message sent by the QQ account contains advertisements which do not accord with the preset rule, the QQ account has risks; when the picture message sent by the QQ account does not contain advertisements which do not accord with the preset rule, the QQ account does not have risks.

The target logical unit components include a first target logical unit component, a second target logical unit component, and a third target logical unit component. The first target logic unit component is a target logic unit component corresponding to the first sub-risk assessment logic information, the second target logic unit component is a target logic unit component corresponding to the second sub-risk assessment logic information, and the third target logic unit component is a target logic unit component corresponding to the third sub-risk assessment logic information. The computer device establishes a connection between the first target logical unit component and the second target logical unit component and establishes a connection between the second target logical unit component and the third target logical unit component in response to the connection operation for the target logical unit components. Thus, the reference risk processing rule information of the target risk object is obtained.

Specifically, after the computer device establishes the connection lines between the target logical unit components in response to the connection operation for the target logical unit components, a reference risk processing rule diagram of the target risk object is obtained; and the computer equipment responds to the running operation aiming at the reference risk processing rule graph to obtain the reference risk processing rule information of the target risk object.

In the embodiment of the application, an operation control can be set in the risk assessment logic editing page, and the reference risk processing rule information of the target risk object is obtained by operating the operation control. The operation of the operation control can be click operation or touch operation of the operation control.

For example, the target risk assessment feature information includes credit of the WeChat account number and the number of times the WeChat account number is deleted. The reference risk handling rule graph includes links between target logical unit components and target logical unit components. The target logical unit components comprise an A target logical unit component and a B target logical unit component, and the operation sequence of the A target logical unit component is higher than that of the B target logical unit component.

The sub-risk assessment logic information of the A target logic unit component representation is as follows: when the credit score of the WeChat account is larger than a first preset threshold, the WeChat account has no risk; when the credit score of the WeChat account is smaller than or equal to a first preset threshold value, the WeChat account has risk. The sub-risk assessment logic information represented by the B target logic unit component is as follows: when the number of times that the WeChat account is deleted is larger than a third preset threshold, the WeChat account has risks; when the number of times that the WeChat account is deleted is smaller than or equal to a third preset threshold value, the WeChat account has no risk.

The computer equipment responds to the operation aiming at the reference risk processing rule diagram, and operates the reference risk processing rule diagram to obtain a judging result of the A target logic unit component and a judging result of the B target logic unit component, wherein the judging result of the A target logic unit component is that the WeChat account has risk, and the judging result of the B target logic unit component is that the WeChat account has risk. The computer equipment obtains the reference risk processing rule information based on the judging result of the A target logic unit component and the judging result of the B target logic unit component. The reference risk processing rule information may be characterized in terms of a score.

According to the method, the device and the system for combining the sub-risk assessment logic information, the target logic unit component is operated through the risk assessment logic editing page to achieve the mode of combining the sub-risk assessment logic information, the sub-risk assessment logic information can be arranged rapidly, and the generation efficiency of the reference risk processing rule information is improved.

S104, predicting risk processing rule information for the target risk object by adopting the risk processing model and at least one target risk evaluation characteristic information.

The risk processing model can be an LR logistic regression model or an XGBoost decision tree.

S105, training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

The reference risk processing rule information is a label, and the risk processing rule information is a predicted value. According to the embodiment of the application, the loss value between the reference risk processing rule information and the risk processing rule information is calculated, and the risk processing model is trained based on the loss value until the risk processing model converges.

When the risk processing model is an LR logistic regression model, training the risk processing model to obtain the weight of the risk assessment characteristic information; when the risk processing model is an XGBoost decision tree, training the risk processing model can obtain a tree splitting node.

The embodiment of the application can display a risk feature selection page, wherein the risk feature selection page comprises risk assessment feature information aiming at least one dimension of a target risk object; selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information; determining reference risk processing rule information based on the at least one target risk assessment feature information; predicting risk processing rule information for a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information; and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model. The risk evaluation feature information on the risk feature selection page can be selected, at least one target risk evaluation feature information is selected, namely the risk evaluation feature information is presented in a visual form, the target risk evaluation feature information can be rapidly selected, the reference risk processing rule information is determined based on the target risk evaluation feature information, and the risk processing rule information is predicted, so that training of a risk processing model is accelerated, and development efficiency is improved.

The present embodiment will be described from the perspective of a risk object handling apparatus, which may be specifically integrated in a computer device, where the computer device may be a server or a device such as a terminal; the terminal may include a tablet computer, a notebook computer, a personal computer (PC, personal Computer), a wearable device, a virtual reality device, or other devices that may obtain data.

As shown in fig. 5, the specific flow of the risk object processing method is as follows:

s201, at least one target risk assessment characteristic information of the target risk object is acquired.

Wherein the computer device obtains the target risk assessment feature information may be obtained in response to a selection operation for the target risk assessment feature information on the displayed risk feature selection page. The method can be concretely as follows:

the computer device displays a risk feature selection page comprising risk assessment feature information in at least one dimension for the target risk object; at least one target risk assessment feature information is selected from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information.

S202, based on at least one target risk assessment feature information, predicting the target risk object by adopting a trained risk processing model to obtain risk processing rule information of the target risk object.

The risk processing model after training is the risk processing model after training. The risk processing model after training can be an LR logistic regression model or an XGBoost decision tree model.

S203, determining the risk level of the risk processing rule information based on the risk processing rule information.

The risk level has a plurality of risk levels, for example, the risk levels are sequentially from high to low: a first risk level, a second risk level, a third risk level, a fourth risk level.

Wherein the risk processing rule information may be characterized in terms of a score.

The embodiment of the application can preset the mapping relation between risk processing rule information and risk level. Specifically, the computer equipment determines an interval range where the risk processing rule information is located based on the risk processing rule information; acquiring a first mapping relation set, wherein the first mapping relation set comprises a mapping relation between a preset interval range and a preset risk level; and determining the risk level of the risk processing rule information based on the first mapping relation set and the interval range.

As shown in fig. 6, the process of determining the risk level of the risk processing rule information by the computer device based on the risk processing rule information may further be as follows:

b1, acquiring actual risk levels of the risk processing rule information based on the risk processing rule information, and acquiring a plurality of preset level threshold sets.

The actual risk level may be a risk level determined based on judgment of the reference risk processing rule information. For example, the reference risk processing rule information is characterized in terms of scores. Determining a reference interval range of the reference risk processing rule information based on the reference risk processing rule information; acquiring a second mapping relation set, wherein the second mapping relation set comprises a mapping relation between a preset reference interval range and a preset actual risk level; and determining the actual risk level of the reference risk processing rule information based on the first mapping relation set and the reference interval range.

Wherein, since the risk processing rule information may be characterized in a score form, the risk processing rule information may be compared with a preset score threshold value to determine whether to perform risk processing on the target risk object.

For example, if the risk processing rule information is higher than or equal to the preset score threshold value, which indicates that the target risk object is a safe object, risk processing is not performed on the target risk object; and if the risk processing rule information is lower than the preset score threshold value, indicating that the target risk object is an object with risk, performing risk processing on the risk object. Based on this, i.e. the computer device compares the risk handling rule information with a preset score threshold, and if the risk handling rule information is below the preset score threshold, obtains the actual risk level of the risk handling rule information and obtains several sets of preset level thresholds. The preset score threshold may be set to 0.5.

When the risk processing rule information is lower than a preset score threshold, at least one grade threshold is required to be calculated, and the risk grade is determined based on the grade threshold, so that risk processing is carried out on the target risk object according to the risk grade.

For example, as shown in fig. 7, taking the example that the rank threshold has 3 rank thresholds, the rank threshold includes a first rank threshold, a second rank threshold, and a third rank threshold in order from the smaller value to the larger value. The interval range [0, the first level threshold ] is a first risk level, the interval range (the first level threshold, the second level threshold) is a second risk level, the interval range (the second level threshold, the third level threshold) is a third risk level, and the interval range (the third level threshold, the preset fraction threshold) is a fourth risk level threshold.

When the risk level is the first risk level, the risk of the target risk object is treated as a permanent seal; when the risk level is the second risk level, the risk of the target risk object is treated as a short-term seal; when the risk level is the third risk level, the risk of the target risk object is processed to be a verification code; and when the risk level is the fourth risk level, the risk treatment on the target risk object is refusal treatment.

Because not every level threshold is reasonable when the risk processing rule information is below the preset score threshold, based on this, the embodiment of the application needs to calculate a relatively reasonable level threshold. Therefore, the embodiment of the application obtains a plurality of preset grade threshold value sets, wherein the preset grade threshold value sets comprise at least one preset grade threshold value.

According to the embodiment of the application, a ROC curve evaluation method can be adopted to calculate a reasonable grade threshold. For example, as many values as possible are taken between the interval ranges [0, preset score threshold values), such as taking 500 preset level threshold values, and each preset level threshold value is calculated as an attempt value of the first level threshold value, the second level threshold value, and the third level threshold value.

B2, determining candidate risk levels of the risk processing rule information according to preset level threshold values in each preset level threshold value set.

The method comprises the steps of dividing a plurality of candidate interval ranges based on a preset grade threshold value in a preset grade threshold value set, and determining candidate risk grades based on the candidate interval ranges, wherein the candidate interval ranges correspond to the candidate risk grades one by one. And judging the range of the candidate interval in which the risk processing rule information exists, so as to determine the candidate risk level of the risk processing rule information.

And B3, determining a target grade threshold set from a plurality of preset grade threshold sets based on the actual risk grade and the candidate risk grade.

Specifically, the computer device may determine the target level threshold set from among several preset level threshold sets based on the actual risk level and the candidate risk level as follows:

the computer equipment determines a target classification curve based on the actual risk level and the candidate risk level, wherein the target classification curve characterizes classification conditions of risk processing rule information aiming at each preset level threshold value set; acquiring the slope of a target classification curve, wherein the slope represents the accuracy rate of risk processing rule information classification aiming at each preset level threshold set; and determining a target grade threshold set from the preset grade threshold set based on the slope of the target classification curve.

The embodiment of the application determines the real class rate and the negative and positive class rate based on the actual risk level and the candidate risk level. The calculation formula of the true class rate TPR is as follows: tpr=tp/(tp+fn). The real class rate TPR characterizes the proportion of the candidate risk level of the real class, which is obtained by predicting the risk processing rule information by the classifier, to the candidate risk level of all positive classes.

The candidate risk levels of the positive class include the candidate risk level TP of the true class and the candidate risk level FN of the false negative class. When the risk processing rule information is in a positive class, the predicted candidate risk level is in a positive class, and the candidate risk level can be called as a candidate risk level TP of a real class. When the risk processing rule information is in a positive class and the predicted candidate risk level is in a negative class, the candidate risk level can be called as a candidate risk level FN of a false negative class.

The calculation formula of the negative-positive class rate FPR is as follows: fpr=fp/(fp+tn). The negative positive class rate FPR characterizes the proportion of the candidate risk level of the false positive class obtained by predicting the risk processing rule information by the classifier to the candidate risk level of all negative classes.

The candidate risk levels of the negative class include the candidate risk level FP of the false positive class and the candidate risk level TN of the true negative class. When the risk processing rule information is in a negative class, the predicted candidate risk level is in a positive class, and the candidate risk level can be called as a candidate risk level FP of a false positive class. When the risk processing rule information is in a negative class, the predicted candidate risk level is in a negative class, and the candidate risk level can be called as a candidate risk level TN of a true negative class.

The embodiment of the application can determine the candidate risk level of which the actual risk level is positive or negative by comparing the actual risk level with the candidate risk level. For example, when the actual risk level is the same as the candidate risk level, the candidate risk level is a candidate risk level of a positive class; when the actual risk level is different from the candidate risk level, the candidate risk level is a candidate risk level of the negative class.

The embodiment of the application can compare the risk processing rule information with the reference risk processing rule information to determine whether the risk processing rule information is positive risk processing rule information or negative risk processing rule information. For example, when the reference risk processing rule information is the same as the risk processing rule information, the risk processing rule information is the risk processing rule information of the positive class; when the reference risk processing rule information is different from the risk processing rule information, the risk processing rule information is negative-class risk processing rule information.

According to the embodiment of the application, the target classification curve can be determined based on the real class rate and the negative and positive class rate, and the target classification curve is the ROC curve. The coordinate points on the ROC curve are shown in fig. 8. The preset level threshold set can map coordinate points in fig. 8, and a part of the coordinate points are shown as a point a, a point B, and a point C in fig. 8. And connecting all coordinate points to obtain an ROC curve.

The negative-positive class rate FPR corresponding to the steepest point of the target classification curve is the smallest, the true class rate TPR is the largest, and the corresponding preset level threshold value set value is the optimal value. Based on this, embodiments of the present application may determine a set of target rank thresholds based on the slope of the target classification curve.

And B4, determining the risk level corresponding to the risk processing rule information based on the target level threshold set.

Specifically, the process of determining the risk level corresponding to the risk processing rule information by the computer device based on the target level threshold set may be as follows:

the method comprises the steps that a computer device obtains a risk level mapping relation set, wherein the risk level mapping relation set comprises mapping relation between preset risk processing rule information and preset risk levels; and determining the risk level corresponding to the risk processing rule information according to the risk level and the risk level mapping relation set.

S204, performing risk treatment on the target risk object based on the risk level.

According to the embodiment of the application, different risk treatments are carried out on the target risk object according to different risk grades, wherein the risk treatments comprise permanent number sealing, short-term number sealing, verification code sending, refusal treatment and the like.

For example, in order from high to low risk level: a first risk level, a second risk level, a third risk level, a fourth risk level. When the risk level is the first risk level, the risk of the target risk object is treated as a permanent seal; when the risk level is the second risk level, the risk of the target risk object is treated as a short-term seal; when the risk level is the third risk level, the risk of the target risk object is processed to be a verification code; and when the risk level is the fourth risk level, the risk treatment on the target risk object is refusal treatment.

As can be seen from the above, the embodiment of the present application may acquire at least one target risk assessment feature information of the target risk object; based on at least one target risk assessment feature information, predicting a target risk object by adopting a trained risk processing model to obtain risk processing rule information of the target risk object, wherein the trained risk processing model is the trained risk processing model; determining a risk level of the risk processing rule information based on the risk processing rule information; and performing risk treatment on the target risk object based on the risk level. Because the embodiment of the application can directly adopt the risk processing model after training to predict the target risk object, the risk processing rule information can be obtained quickly, and thus, the risk processing can be carried out on the target risk object quickly based on the risk processing rule information.

According to the method described in the above embodiments, examples are described in further detail below.

In this embodiment, the risk object processing apparatus is specifically integrated in a computer device, which is a server.

As shown in fig. 9, a risk object processing method specifically includes the following steps:

S301, displaying a risk feature selection page by the computer equipment.

Wherein the risk feature selection page includes risk assessment feature information in at least one dimension for the target risk object. The dimensions include basic attribute dimensions, account behavior dimensions, model dimensions, and the like.

The target risk object can be represented in the form of an identifier, wherein the identifier comprises an account number, a device identifier, a terminal identifier, a website identifier, a mobile phone number and the like.

As shown in fig. 10, the risk feature selection page has multiple dimension controls, such as a basic attribute dimension control, an account behavior dimension control, and a model dimension control. The basic attribute dimension control corresponds to the risk assessment feature information of the basic attribute dimension, the account behavior dimension control corresponds to the risk assessment feature information of the account behavior dimension, and the model dimension control corresponds to the risk assessment feature information of the model dimension.

The computer device responds to triggering operation for the dimension control, and risk assessment feature information of the dimension control is displayed on a risk feature selection page. For example, in response to a triggering operation for the basic attribute dimension control, risk assessment feature information under the account behavior dimension corresponding to the basic attribute dimension control is displayed on the risk feature selection page. The risk assessment feature information under the account behavior dimension comprises QQ account credit score, friend number and whether black-out software is used or not.

S302, the computer equipment responds to the selection operation of the risk assessment feature information, and at least one target risk assessment feature information is selected from the risk assessment feature information in at least one dimension.

As shown in fig. 10, for example, clicking operation is performed on risk assessment feature information such as QQ account credit in the risk feature selection page, that is, risk assessment feature information such as QQ account credit is selected.

A validation control may also be provided on the risk feature selection page. The computer device displays a risk assessment logic edit page in response to a click operation for the validation control.

According to the embodiment of the application, the risk assessment feature information can be abstracted into the visualized risk assessment feature information in the dimensions of basic attribute dimension, account behavior dimension, model dimension and the like, and a developer can select the risk assessment feature information to develop, so that the real-time performance is achieved.

S303, the computer equipment determines reference risk processing rule information based on at least one target risk assessment characteristic information.

Specifically, the computer device displays a risk assessment logic edit page. As shown in fig. 11, the risk assessment logical edit page includes a component selection area and a logical edit area. The component selection area is arranged on the left side of the risk assessment logic editing page, and the logic editing area is arranged on the right side of the risk assessment logic editing page.

The component selection area comprises logic unit components corresponding to at least one piece of sub-risk assessment logic information of the target risk assessment feature information. For example, the component selection area includes a first logic unit component, a second logic unit component, a third logic unit component, and a fourth logic unit component, where the first logic unit component is a logic unit component corresponding to the first sub-risk assessment logic information, the second logic unit component is a logic unit component corresponding to the second sub-risk assessment logic information, the third logic unit component is a logic unit component corresponding to the third sub-risk assessment logic information, and the fourth logic unit component is a logic unit component corresponding to the fourth sub-risk assessment logic information.

The target risk object is a mobile phone number, and the mobile phone number is bound with a WeChat account and a QQ account. The first sub-risk assessment logic information is: when the credit score of the WeChat account is larger than a first preset threshold value and the credit score of the QQ account is larger than a second preset threshold value, the WeChat account and the QQ account have no risk; when the credit score of the WeChat account number is smaller than or equal to a first preset threshold value and the credit score of the QQ account number is smaller than or equal to a second preset threshold value, the WeChat account number and the QQ account number have risks. For example, the second sub-risk assessment logic information is: when the number of times that the WeChat account is deleted is larger than a third preset threshold, the WeChat account has risks; when the number of times that the WeChat account is deleted is smaller than or equal to a third preset threshold value, the WeChat account has no risk. For example, the third sub-risk assessment logic information is: when the picture message sent by the QQ account contains advertisements which do not accord with the preset rule, the QQ account has risks; when the picture message sent by the QQ account does not contain advertisements which do not accord with the preset rule, the QQ account does not have risks. For example, the fourth sub-risk assessment logic information is: when the number of times that the WeChat account is reported by complaints is larger than a fourth preset threshold, the WeChat account has risks; when the number of times that the WeChat account is reported by complaints is smaller than or equal to a fourth preset threshold value, the WeChat account does not have risk.

Specifically, the computer device displays the target logical unit components in the logical editing area in response to a selection operation for the target logical unit components, and obtains sub-risk assessment logic information corresponding to each piece of target risk assessment feature information.

For example, the computer device responds to a drag operation for the target logical unit component, and the position of the drag operation is a preset position of the logical editing area, and if the target logical unit component is detected at the preset position, the target logical unit component is displayed at the preset position. In this way, the target logical unit is selected to include the first logical unit component, the second logical unit component, and the third logical unit component, and the first logical unit component, the second logical unit component, and the third logical unit component are displayed in the logical edit area.

The computer equipment responds to the connection operation aiming at the target logic unit components, establishes connection lines among the target logic unit components, so as to carry out combination processing on the sub-risk assessment logic information, obtain reference risk processing rule information of the target risk object, and the connection lines represent the execution sequence among the target logic unit components.

For example, the first logic cell assembly establishes a connection with the second logic cell assembly, and the second logic cell assembly establishes a connection with the third logic cell assembly.

Wherein the component selection area may include a start component and a wire component. The computer device displays the start component in the logical edit area in response to a selection operation for the start component. The computer equipment responds to the selection operation aiming at the connection component, displays the connection component in the logic editing area, establishes connection between the target logic unit components when the connection component is detected at the preset position of the logic editing area, and establishes connection between the target logic unit components and the starting component, so that a reference risk processing rule diagram of the target risk object is obtained.

The risk assessment logic editing page can be further provided with a running control, and the reference risk processing rule diagram is run in response to clicking operation of the running control so as to generate reference risk processing rule information of the target risk object.

The running of the reference risk processing rule diagram in the embodiment of the application needs to execute a script, and the script comprises a conditional statement, a parallel statement, a serial statement and the like.

For example, by running a reference risk processing rule graph, and determining by the target logic unit component, rule 1 is obtained, rule 1 includes: the judgment result of the first logic unit component, the judgment result of the second logic unit component and the judgment result of the third logic unit component. Judgment result of the first logic unit component: when the credit score of the WeChat account is smaller than or equal to a first preset threshold value and the credit score of the QQ account is smaller than or equal to a second preset threshold value, both the WeChat account and the QQ account have risks; judgment result of the second logic unit component: when the number of times that the WeChat account is deleted is larger than a third preset threshold, the WeChat account has risks; judgment result of the third logic unit component: when the picture message sent by the QQ account contains advertisements which do not accord with the preset rule, the QQ account has risks. Based on the rule 1, reference risk processing rule information for the rule 1 is generated. The reference risk processing rule information may be expressed in the form of a score.

Based on the above manner, the embodiments of the present application can determine different rules, for example, rule 1, rule 2, and rule n, where n is a positive integer; and determining the reference risk processing rule information corresponding to each rule, as shown in table 1.

TABLE 1

According to the risk evaluation method and the risk evaluation device, risk evaluation characteristic information and reference risk processing rule information of at least one dimension can influence the risk processing rule information, so that prediction of the risk processing rule information by the risk processing model can be refined, and the prediction effect of the trained risk processing model is improved.

S304, the computer equipment predicts risk processing rule information for the target risk object by adopting the risk processing model and at least one target risk evaluation characteristic information.

The risk processing model can be an LR logistic regression model or an XGBoost decision tree.

And S305, training the risk processing model by the computer equipment based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

The reference risk processing rule information is a label, and the risk processing rule information is a predicted value. According to the embodiment of the application, the loss value between the reference risk processing rule information and the risk processing rule information is calculated, and the risk processing model is trained based on the loss value until the risk processing model converges.

As shown in table 1, the basic attribute dimension risk assessment feature information, the account behavior dimension risk assessment feature information, the model dimension risk assessment feature information and the reference risk processing rule information are standardized to be within a value range of 0-1, so that rapid model convergence is facilitated.

According to the embodiment of the application, basic attribute dimension risk assessment feature information, account behavior dimension risk assessment feature information and model dimension risk assessment feature information are taken as samples, and risk processing rule information is taken as a label to train a risk processing model.

When the risk processing model is an LR logistic regression model, training the risk processing model to obtain the weight of the risk assessment characteristic information; when the risk processing model is an XGBoost decision tree, training the risk processing model can obtain a tree splitting node.

According to the risk evaluation method and device, the weight of each risk evaluation characteristic information can be utilized to evaluate the influence of each risk evaluation characteristic information on risk processing rule information, important risk evaluation characteristic information is screened out, and invalid risk evaluation characteristic information is eliminated. Because the embodiment of the application is applied to risk processing of target risk objects, the risk processing rule information can be accurately determined by a small amount of important risk evaluation characteristic information. Other large amounts of invalid risk assessment feature information are lack of an effective assessment system, so that a large amount of calculation and storage cost is consumed, and the effective assessment system is established to provide quality assurance for mining more mass risk assessment feature information.

In the embodiment of the application, in the process of training the risk processing model, a large amount of risk evaluation characteristic information influences the risk processing model, so that the risk processing model after training has stronger resistance.

S306, the computer equipment acquires at least one target risk assessment characteristic information of the target risk object.

The embodiment of the application can display the risk feature selection page. The risk feature selection page includes risk assessment feature information in at least one dimension for the target risk object; the computer device selects at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information.

S307, the computer equipment predicts the target risk object by adopting the trained risk processing model based on at least one target risk assessment characteristic information to obtain risk processing rule information of the target risk object.

The risk processing model after training is the risk processing model after training.

And S308, the computer equipment determines the risk level of the risk processing rule information based on the risk processing rule information.

Specifically, the computer equipment acquires actual risk levels of the risk processing rule information based on the risk processing rule information, and acquires a plurality of preset level threshold sets, wherein the preset level threshold sets comprise at least one preset level threshold; determining candidate risk levels of the risk processing rule information based on preset level thresholds in the preset level threshold sets for each preset level threshold set; determining a target level threshold set from a plurality of preset level threshold sets based on the actual risk level and the candidate risk level; and determining the risk level corresponding to the risk processing rule information based on the target level threshold set.

Specifically, the computer equipment determines a target classification curve based on the actual risk level and the candidate risk level, wherein the target classification curve characterizes classification conditions of risk processing rule information aiming at each preset level threshold value set; acquiring the slope of a target classification curve, wherein the slope represents the accuracy rate of risk processing rule information classification aiming at each preset level threshold set; and determining a target grade threshold set from the preset grade threshold set based on the slope of the target classification curve.

Specifically, the computer equipment acquires a risk level mapping relation set, wherein the risk level mapping relation set comprises mapping relation between preset risk processing rule information and preset risk levels; and determining the risk level corresponding to the risk processing rule information according to the risk level and the risk level mapping relation set.

And S309, the computer equipment carries out risk processing on the target risk object based on the risk level.

According to the embodiment of the application, different risk treatments are carried out on the target risk object according to different risk grades, wherein the risk treatments comprise permanent number sealing, short-term number sealing, verification code sending, refusal treatment and the like.

According to the method and the device for risk processing, the risk processing result obtained by risk processing of the target risk object can be displayed on the risk feature selection page. The risk processing result comprises permanent sealing, short-term sealing, verification code sending and refusal processing. As shown in fig. 10, a risk processing result control is set on the risk feature selection page, and the computer device responds to clicking operation for the risk processing result control to display a risk processing result for the target risk object on the risk feature selection page.

For example, the target risk object is hit, the target risk object is predicted by adopting a trained risk processing model, the target risk object is found to be a support number, a false ip and a black-product software login, and the basic attribute dimension score is determined to be very low, namely the target risk object has risk; meanwhile, the account number of the target risk object has abnormal initiative, a large number of friends are added in a short time, a plurality of groups are added in at high frequency, a large number of messages are sent at high frequency, and the passive behavior is blacked and kicked out of the group by the friends for a plurality of times, so that the account number behavior dimension score is low, namely the target risk object has risks; and judging the picture information sent by the target risk object through a subdivision model, wherein the picture information has a two-dimensional code and contains graphic and text information which does not accord with a preset rule, and determining that the model dimension score is very low, namely the target risk object has risk. And (3) comprehensively judging all the characteristics, basically defining a target risk object as a black-out account, supposing that the risk processing rule information obtained by prediction of the risk processing model after training has score of 0.1, determining a risk level corresponding to the interval range where 0.1 is located, and hooking a short-term number sealing level based on the risk level to perform risk processing.

The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.

The embodiment of the application can display a risk feature selection page, wherein the risk feature selection page comprises risk assessment feature information aiming at least one dimension of a target risk object; selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information; determining reference risk processing rule information based on the at least one target risk assessment feature information; predicting risk processing rule information for a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information; and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model. The risk evaluation feature information on the risk feature selection page can be selected, at least one target risk evaluation feature information is selected, namely the risk evaluation feature information is presented in a visual form, the target risk evaluation feature information can be rapidly selected, the reference risk processing rule information is determined based on the target risk evaluation feature information, and the risk processing rule information is predicted, so that training of a risk processing model is accelerated, and development efficiency is improved.

In order to better implement the above method, the embodiment of the application further provides a risk processing model training device, where the risk processing model training device may be integrated into a computer device, such as a server or a terminal, and the terminal may include a tablet computer, a notebook computer, a personal computer, or the like.

For example, as shown in fig. 12, the risk processing model training apparatus may include a display unit 301, a response unit 302, a first determination unit 303, a first prediction unit 304, and a training unit 305, as follows:

(1) A display unit 301;

a display unit 301 for displaying a risk feature selection page, the risk feature selection page comprising risk assessment feature information in at least one dimension for a target risk object.

(2) A response unit 302;

the response unit 302 may be configured to select at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information.

(3) A first determination unit 303;

the first determining unit 303 may be configured to determine the reference risk processing rule information based on at least one target risk assessment feature information.

In some embodiments, the first determining unit 303 may be specifically configured to determine sub-risk assessment logic information corresponding to each target risk assessment feature information; and combining the sub-risk assessment logic information corresponding to each target risk assessment characteristic information to generate reference risk processing rule information of the target risk object.

In some embodiments, the first determining unit 303 may be specifically configured to display a risk assessment logic editing page, where the risk assessment logic editing page includes a component selection area and a logic editing area, and the component selection area includes a logic unit component corresponding to at least one piece of sub-risk assessment logic information of the target risk assessment feature information; and responding to the selection operation of the target logic unit component, displaying the target logic unit component in a logic editing area, and obtaining the sub-risk assessment logic information corresponding to each piece of target risk assessment characteristic information.

In some embodiments, the first determining unit 303 may specifically be configured to, in response to a connection operation for the target logic unit components, establish a connection between the target logic unit components, so as to perform a combined processing on the sub-risk assessment logic information to obtain reference risk processing rule information of the target risk object, where the connection characterizes an execution sequence between the target logic unit components.

(4) A first prediction unit 304;

the first prediction unit 304 may be configured to predict risk processing rule information for the target risk object using the risk processing model and the at least one target risk assessment feature information.

(5) A training unit 305;

the training unit 305 may be configured to train the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object, to obtain a trained risk processing model.

As can be seen from the above, the display unit 301 of the embodiment of the present application may display a risk feature selection page, where the risk feature selection page includes risk assessment feature information in at least one dimension for a target risk object; the response unit 302 may select at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information; the first determining unit 303 may determine the reference risk processing rule information based on the at least one target risk assessment feature information; the first prediction unit 304 may predict risk processing rule information for the target risk object using the risk processing model and the at least one target risk assessment feature information; the training unit 305 may train the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object, to obtain a trained risk processing model. The risk evaluation feature information on the risk feature selection page can be selected, at least one target risk evaluation feature information is selected, namely the risk evaluation feature information is presented in a visual form, the target risk evaluation feature information can be rapidly selected, the reference risk processing rule information is determined based on the target risk evaluation feature information, and the risk processing rule information is predicted, so that training of a risk processing model is accelerated, and development efficiency is improved.

In order to better implement the above method, the embodiment of the application also provides a risk object processing apparatus, where the risk object processing apparatus may be integrated into a computer device, such as a server or a terminal, where the terminal may include a tablet computer, a notebook computer, and/or a personal computer.

For example, as shown in fig. 13, the risk object processing apparatus may include an acquisition unit S401, a second prediction unit S402, a second determination unit S403, and a risk processing unit S404, as follows:

(1) An acquisition unit S401;

the obtaining unit S401 may be configured to obtain at least one target risk assessment feature information of the target risk object.

(2) A second prediction unit S402;

the second prediction unit S402 may be configured to perform prediction processing on the target risk object by using a trained risk processing model based on at least one target risk assessment feature information, so as to obtain risk processing rule information of the target risk object, where the trained risk processing model is the trained risk processing model.

(3) A second determination unit S403;

the second determining unit S403 may be configured to determine a risk level of the risk processing rule information based on the risk processing rule information.

In some application embodiments, the second determining unit S403 may be specifically configured to obtain, based on the risk processing rule information, an actual risk level of the risk processing rule information, and obtain a plurality of preset level threshold sets, where the preset level threshold set includes at least one preset level threshold; determining candidate risk levels of the risk processing rule information based on preset level thresholds in the preset level threshold sets for each preset level threshold set; determining a target level threshold set from a plurality of preset level threshold sets based on the actual risk level and the candidate risk level; and determining the risk level corresponding to the risk processing rule information based on the target level threshold set.

In some application embodiments, the second determining unit S403 may be specifically configured to determine, based on the actual risk level and the candidate risk level, a target classification curve, where the target classification curve characterizes a classification condition of the risk processing rule information for each preset level threshold set; acquiring the slope of a target classification curve, wherein the slope represents the accuracy rate of risk processing rule information classification aiming at each preset level threshold set; and determining a target grade threshold set from the preset grade threshold set based on the slope of the target classification curve.

In some application embodiments, the second determining unit S403 may be specifically configured to obtain a risk level mapping relationship set, where the risk level mapping relationship set includes a mapping relationship between preset risk processing rule information and a preset risk level; and determining the risk level corresponding to the risk processing rule information according to the risk level and the risk level mapping relation set.

(4) A risk processing unit S404;

the risk processing unit S404 may be configured to perform risk processing on the target risk object based on the risk level.

As can be seen from the above, the obtaining unit S401 in the embodiment of the present application may obtain at least one target risk assessment feature information of the target risk object; the second prediction unit S402 may perform prediction processing on the target risk object by using a trained risk processing model based on at least one target risk assessment feature information, so as to obtain risk processing rule information of the target risk object, where the trained risk processing model is the trained risk processing model described above; the second determining unit S403 may determine a risk level of the risk processing rule information based on the risk processing rule information; the risk processing unit S404 may perform risk processing on the target risk object based on the risk level. Because the embodiment of the application can directly adopt the risk processing model after training to predict the target risk object, the risk processing rule information can be obtained quickly, and thus, the risk processing can be carried out on the target risk object quickly based on the risk processing rule information.

The embodiment of the application further provides a computer device, as shown in fig. 14, which shows a schematic structural diagram of the computer device according to the embodiment of the application, specifically:

the computer device may include one or more processors 401 of a processing core, memory 402 of one or more computer readable storage media, a power supply 403, and an input unit 404, among other components. Those skilled in the art will appreciate that the computer device structure shown in FIG. 14 is not limiting of the computer device and may include more or fewer components than shown, or may be combined with certain components, or a different arrangement of components. Wherein:

the processor 401 is a control center of the computer device, connects various parts of the entire computer device using various interfaces and lines, and performs various functions of the computer device and processes data by running or executing software programs and/or modules stored in the memory 402, and calling data stored in the memory 402, thereby performing overall monitoring of the computer device. Optionally, processor 401 may include one or more processing cores; preferably, the processor 401 may integrate an application processor and a modem processor, wherein the application processor mainly processes an operating system, a user interface, a computer program, etc., and the modem processor mainly processes wireless communication. It will be appreciated that the modem processor described above may not be integrated into the processor 401.

The memory 402 may be used to store software programs and modules, and the processor 401 executes various functional applications and data processing by executing the software programs and modules stored in the memory 402. The memory 402 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, a computer program (such as a sound playing function, an image playing function, etc.) required for at least one function, and the like; the storage data area may store data created according to the use of the computer device, etc. In addition, memory 402 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory 402 may also include a memory controller to provide the processor 401 with access to the memory 402.

The computer device further comprises a power supply 403 for supplying power to the various components, preferably the power supply 403 may be logically connected to the processor 401 by a power management system, so that functions of charge, discharge, and power consumption management may be performed by the power management system. The power supply 403 may also include one or more of any of a direct current or alternating current power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.

The computer device may also include an input unit 404, which input unit 404 may be used to receive input digital or character information communications and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.

Although not shown, the computer device may further include a display unit or the like, which is not described herein. In particular, in this embodiment, the processor 401 in the computer device loads executable files corresponding to the processes of one or more computer programs into the memory 402 according to the following instructions, and the processor 401 executes the computer programs stored in the memory 402, so as to implement various functions, as follows:

displaying a risk feature selection page comprising risk assessment feature information in at least one dimension for the target risk object; selecting at least one target risk assessment feature information from the risk assessment feature information in at least one dimension in response to a selection operation for the risk assessment feature information; determining reference risk processing rule information based on the at least one target risk assessment feature information; predicting risk processing rule information for a target risk object by adopting a risk processing model and at least one target risk evaluation characteristic information; and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.

It will be appreciated by those of ordinary skill in the art that all or part of the steps of the various methods of the above embodiments may be performed by a computer program, or by computer program control related hardware, which may be stored in a computer readable storage medium and loaded and executed by a processor.

To this end, embodiments of the present application provide a computer readable storage medium having stored therein a computer program that is capable of being loaded by a processor to perform any of the risk processing model training methods, and any of the risk object processing methods provided by embodiments of the present application.

The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.

Wherein the computer-readable storage medium may comprise: read Only Memory (ROM), random access Memory (RAM, random Access Memory), magnetic or optical disk, and the like.

Because the instructions stored in the computer readable storage medium may execute the steps in any risk processing model training method provided in the embodiments of the present application, the beneficial effects that any risk processing model training method provided in the embodiments of the present application may be achieved, which are detailed in the previous embodiments and are not described herein.

The instructions stored in the computer readable storage medium may further perform steps in any risk object processing method provided in the embodiments of the present application, so that the beneficial effects that any risk object processing method provided in the embodiments of the present application can be achieved, which are detailed in the previous embodiments and are not described herein.

Among other things, according to one aspect of the present application, a computer program product or computer program is provided that includes computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the methods provided in the various alternative implementations provided in the above embodiments.

The foregoing describes in detail a risk processing model training method, a risk object processing method, and related devices, where the related devices include a risk processing model training device, a risk object processing device, a computer device, and a computer readable storage medium, and specific examples are applied to illustrate principles and implementations of the present application, and the descriptions of the foregoing examples are only used to help understand the method and core ideas of the present application; meanwhile, as those skilled in the art will vary in the specific embodiments and application scope according to the ideas of the present application, the contents of the present specification should not be construed as limiting the present application in summary.

Claims (11)

1. A risk processing model training method, comprising:

displaying a risk feature selection page comprising risk assessment feature information in at least one dimension for a target risk object;

selecting at least one target risk assessment feature information from the risk assessment feature information in the at least one dimension in response to a selection operation for the risk assessment feature information;

determining reference risk processing rule information based on the at least one target risk assessment feature information;

predicting risk processing rule information for the target risk object by adopting a risk processing model and the at least one target risk assessment characteristic information;

and training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

2. The risk processing model training method of claim 1, wherein the determining the reference risk processing rule information based on the at least one target risk assessment feature information comprises:

determining sub-risk assessment logic information corresponding to each piece of target risk assessment characteristic information;

And combining the sub-risk assessment logic information corresponding to each target risk assessment characteristic information to generate reference risk processing rule information of the target risk object.

3. The risk processing model training method according to claim 2, wherein determining the sub-risk assessment logic information corresponding to each of the target risk assessment feature information includes:

displaying a risk assessment logic editing page, wherein the risk assessment logic editing page comprises a component selection area and a logic editing area, and the component selection area comprises a logic unit component corresponding to at least one piece of sub-risk assessment logic information of the target risk assessment characteristic information;

and responding to the selection operation of the target logic unit assembly, displaying the target logic unit assembly in the logic editing area, and obtaining the sub-risk assessment logic information corresponding to each piece of target risk assessment characteristic information.

4. The risk processing model training method according to claim 3, wherein the combining the sub-risk assessment logic information corresponding to each of the target risk assessment feature information to generate the reference risk processing rule information of the target risk object includes:

And establishing a connection line between the target logic unit components in response to the connection operation aiming at the target logic unit components so as to carry out combination processing on the sub-risk assessment logic information to obtain reference risk processing rule information of the target risk object, wherein the connection line represents the execution sequence between the target logic unit components.

5. A risk object handling method, comprising:

acquiring at least one target risk assessment characteristic information of a target risk object;

predicting the target risk object by using a trained risk processing model based on the at least one target risk assessment feature information to obtain risk processing rule information of the target risk object, wherein the trained risk processing model is a trained risk processing model according to any one of claims 1 to 4;

determining a risk level of the risk processing rule information based on the risk processing rule information;

and carrying out risk treatment on the target risk object based on the risk grade.

6. The risk object processing method according to claim 5, wherein the determining a risk level of the risk processing rule information based on the risk processing rule information includes:

Acquiring an actual risk level of the risk processing rule information based on the risk processing rule information, and acquiring a plurality of preset level threshold sets, wherein the preset level threshold sets comprise at least one preset level threshold;

determining candidate risk levels of the risk processing rule information based on preset level thresholds in each preset level threshold set;

determining a target level threshold set from the plurality of preset level threshold sets based on the actual risk level and the candidate risk level;

and determining the risk level corresponding to the risk processing rule information based on the target level threshold set.

7. The risk object handling method of claim 6, wherein the determining a set of target level thresholds from the number of preset level threshold sets based on the actual risk level and the candidate risk level comprises:

determining a target classification curve based on the actual risk level and the candidate risk level, wherein the target classification curve represents the classification condition of the risk processing rule information aiming at each preset level threshold set;

Acquiring the slope of the target classification curve, wherein the slope characterizes the accuracy rate of the risk processing rule information for classifying each preset level threshold set;

and determining a target grade threshold set from the preset grade threshold set based on the slope of the target classification curve.

8. The risk object processing method according to claim 6, wherein the determining a risk level of the risk processing rule information based on the risk processing rule information includes:

acquiring a risk level mapping relation set, wherein the risk level mapping relation set comprises mapping relation between preset risk processing rule information and preset risk levels;

and determining the risk level corresponding to the risk processing rule information according to the risk level and the risk level mapping relation set.

9. A risk processing model training device, comprising:

a display unit configured to display a risk feature selection page including risk assessment feature information in at least one dimension for a target risk object;

a response unit configured to select at least one target risk assessment feature information from the risk assessment feature information in the at least one dimension in response to a selection operation for the risk assessment feature information;

A first determining unit configured to determine reference risk processing rule information based on the at least one target risk assessment feature information;

a first prediction unit, configured to predict risk processing rule information for the target risk object using a risk processing model and the at least one target risk assessment feature information;

the training unit is used for training the risk processing model based on the risk processing rule information and the reference risk processing rule information of the target risk object to obtain a trained risk processing model.

10. A computer device comprising a memory and a processor; the memory stores a computer program, and the processor is configured to execute the computer program in the memory to perform the risk processing model training method according to any one of claims 1 to 4.

11. A computer readable storage medium, characterized in that it stores a computer program adapted to be loaded by a processor for executing the risk treatment model training method of any of claims 1 to 4.

Images