CN116595234A - Data screening method, device and equipment - Google Patents
Data screening method, device and equipment Download PDFInfo
- Publication number
- CN116595234A CN116595234A CN202310327611.6A CN202310327611A CN116595234A CN 116595234 A CN116595234 A CN 116595234A CN 202310327611 A CN202310327611 A CN 202310327611A CN 116595234 A CN116595234 A CN 116595234A
- Authority
- CN
- China
- Prior art keywords
- data
- screening
- auditing
- alarm
- experience
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012216 screening Methods 0.000 title claims abstract description 155
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000004458 analytical method Methods 0.000 claims abstract description 13
- 238000007619 statistical method Methods 0.000 claims abstract description 10
- 238000012550 audit Methods 0.000 claims description 42
- 238000004590 computer program Methods 0.000 claims description 25
- 238000007726 management method Methods 0.000 claims description 11
- 238000000605 extraction Methods 0.000 claims description 9
- 238000001914 filtration Methods 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 abstract description 8
- 230000005540 biological transmission Effects 0.000 abstract description 5
- 230000000694 effects Effects 0.000 abstract description 3
- 238000004891 communication Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003058 natural language processing Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/903—Querying
- G06F16/9035—Filtering based on additional data, e.g. user or group profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/18—Complex mathematical operations for evaluating statistical data, e.g. average values, frequency distributions, probability functions, regression analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- Data Mining & Analysis (AREA)
- Marketing (AREA)
- Finance (AREA)
- Human Resources & Organizations (AREA)
- General Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Economics (AREA)
- Databases & Information Systems (AREA)
- Mathematical Optimization (AREA)
- Operations Research (AREA)
- Mathematical Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Technology Law (AREA)
- Mathematical Physics (AREA)
- General Engineering & Computer Science (AREA)
- Entrepreneurship & Innovation (AREA)
- Computational Mathematics (AREA)
- Development Economics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Software Systems (AREA)
- Algebra (AREA)
- Probability & Statistics with Applications (AREA)
- Evolutionary Biology (AREA)
- Bioinformatics & Computational Biology (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Computational Linguistics (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the application relates to the technical field of data processing and discloses a data screening method, a device and equipment, wherein the method comprises the steps of obtaining historical screening alarm data; extracting alarm characteristics in historical screening alarm data; carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule; establishing an experience auditing model based on experience auditing rules; and screening the target data by using an experience auditing model. According to the application, by extracting the characteristics of the historical screening alarm data to obtain the experience auditing rule and generating the corresponding model by utilizing the experience auditing rule, the technical problems of auditing false passing and false alarming caused by the fact that part of fonts in the names are very easy to appear in a transmission message in the screening of target data in the combined mode of a list matching engine and manual auditing in the prior art are solved, and the technical effects of reducing invalid alarm quantity, improving auditing efficiency and saving labor cost are realized.
Description
Technical Field
The embodiment of the application relates to the technical field of data processing, in particular to a data screening method, a data screening device and data screening equipment.
Background
At present, most of screening of financial sanctioned lists adopts a mode of checking the transaction and the list one by one to find out suspected hit transaction, and then manually checking the suspected hit transaction to screen out sanctioned entities on the sanctioned list.
However, when clearing and settling are performed between financial institutions, generally, a global homonymy financial network system Swift messages are used to interact, before the list screening is adopted in the scene of the Swift message screening, an NLP (natural language processing) technology is generally adopted to identify entities in the Swift messages, and a search engine technology is used to screen the list. Entity extraction is generally identified by information in list data, the external list data contains more aliases such AS MTS, AS and the like, the names are easy to appear in the message, and once screened, the entity is easy to hit a sanction entity, and the screening audit is also carried out manually, so that the false alarm condition is caused.
Disclosure of Invention
The embodiment of the application provides a data screening method, a device and equipment, which solve the technical problems of verification false passing and false alarm caused by the fact that partial fonts in names are very easy to appear in a transmission message in the screening of target data by using a mode of combining a list matching engine with manual verification in the prior art.
In a first aspect, the present application provides a data screening method comprising:
acquiring historical screening alarm data, wherein the historical screening alarm data comprises alarm detail data and manual auditing alarm data;
extracting alarm characteristics in the history screening alarm data;
carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule;
establishing an experience auditing model based on the experience auditing rule;
and screening the target data by using the experience auditing model.
In a second aspect, the present application provides a data screening apparatus, including a model generator, a model management unit, and an audit filtering unit;
the model generator comprises a data acquisition unit, a feature extraction unit and a rule generation unit;
the data acquisition unit is used for acquiring historical screening alarm data, wherein the historical screening alarm data comprises alarm detail data and manual auditing alarm data;
the feature extraction unit is used for extracting alarm features in the history screening alarm data;
the rule generating unit is used for carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule;
the model management unit is used for establishing an experience auditing model based on the experience auditing rule;
and the auditing and filtering unit is used for screening the target data by using the experience auditing model.
In a third aspect, the present application provides a data screening apparatus comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data screening method of the first aspect of the present application.
In a fourth aspect, the present application provides a computer readable storage medium storing computer instructions for causing a processor to perform the data screening method according to the first aspect of the present application.
In a fifth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the data screening method of the first aspect of the present application.
The embodiment of the application discloses a data screening method, a device and equipment, wherein the method comprises the steps of obtaining historical screening alarm data; extracting alarm characteristics in historical screening alarm data; carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule; establishing an experience auditing model based on experience auditing rules; and screening the target data by using an experience auditing model. According to the application, by extracting the characteristics of the historical screening alarm data to obtain the experience auditing rule and generating the corresponding model by utilizing the experience auditing rule, the technical problems of auditing false passing and false alarming caused by the fact that part of fonts in the names are very easy to appear in a transmission message in the screening of target data in the combined mode of a list matching engine and manual auditing in the prior art are solved, and the technical effects of reducing invalid alarm quantity, improving auditing efficiency and saving labor cost are realized.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the application or to delineate the scope of the application. Other features of the present application will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a data screening method provided by an embodiment of the present application;
FIG. 2 is a flow chart of another data screening method provided by an embodiment of the present application;
FIG. 3 is a flow chart of yet another data screening method provided by an embodiment of the present application;
FIG. 4 is a block diagram of a data screening apparatus according to an embodiment of the present application;
FIG. 5 is a flow chart of screening target data provided by an embodiment of the present application;
fig. 6 is a schematic structural diagram of a data screening apparatus according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," "target," and the like in the description and claims of the present application and in the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Fig. 1 is a flowchart of a data screening method according to an embodiment of the present application, where the embodiment is applicable to any data screening scenario when a Swift message is used for data transmission, the method may be performed by a data screening device, and the data screening device may be implemented in a form of hardware and/or software and may be generally integrated in a server. The technical scheme of the application obtains, stores, uses, processes and the like the data, which all meet the relevant regulations of national laws and regulations.
As shown in fig. 1, the data screening method specifically includes the following steps:
s101, historical screening alarm data is obtained, wherein the historical screening alarm data comprises alarm detail data and manual auditing alarm data.
Optionally, S101 specifically includes: and acquiring historical screening alarm data within a first preset time.
Specifically, in order to build an empirical audit model based on audit experience, historical screening alert data needs to be acquired first, and typically, the historical screening alert data needs to be acquired within a first preset time, which may be set to 24 hours, that is, 24 hours before the historical screening alert data is acquired once a day.
The acquired historical screening alarm data comprises alarm detail data and manual checking alarm data, wherein the alarm detail data is data which is matched and screened by a list matching engine and needs to be alarmed, the manual checking alarm data is the alarm data which is checked by a checking staff, and the data may have checking results which are not alarmed and may have checking results which are data which need to be alarmed.
S102, extracting alarm characteristics in the history screening alarm data.
Specifically, after the historical screening alarm data is obtained, corresponding alarm features are extracted from the historical screening alarm data.
Optionally, S103, extracting the alert feature in the history screening alert data includes: and extracting an identity mark and identity information in the history screening alarm data, wherein the identity mark comprises a column value, a message domain name and context information of a position where the column value is located, and the identity information comprises a list hit name, a list main name and an alarm name ID.
Specifically, the alarm feature comprises an identity mark and identity information in history screening alarm data, wherein the identity mark comprises a column value, a message domain name and context information of a position where the column value is located, and the column value refers to the value information of an alarm column in the transaction data; the message domain name refers to the message domain name where the alarm column value is located, such as 50A, 59A, etc.; the context information in the message where the alarm field value is located refers to the information in the transaction data, which can provide the specific details of the transaction data, the field is empty for the element type, and for the audit model scene with higher precision, the context information of the alarm field value can more accurately assist the system in judging the current new alarm details, for example, the context information of the alarm field value can be the remittance address, remittance use and the like of the transaction.
Specifically, the list hit name refers to the name of the list which is directly matched with the value of the alarm column and triggers the alarm action, and the name can be a main name or an alias; the list main name refers to the main name of the list hit name corresponding to the list detail, and illustratively, the list main name may be the king XX, and the list hit name may be its alias king; the alarm name ID refers to a unique ID corresponding to the main name of the list in the alarm detail data.
And S103, carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule.
Optionally, the preset analysis rule includes: the identity of each piece of history screening alarm data is corresponding to the identity information, and the screening result of the history screening alarm data is that no alarm is given; the history screening alarm data is subjected to at least three times of manual auditing, and the auditing results are all non-alarm.
Specifically, statistical analysis is performed on the alarm characteristics according to a preset analysis rule, the alarm characteristics conforming to the preset analysis rule are screened out, and then the alarm characteristics are reserved to be used as experience auditing rules.
S104, establishing an experience auditing model based on the experience auditing rule.
Specifically, after the experience auditing rule is obtained, the experience auditing rule is required to be subjected to secondary auditing again based on the manual auditing experience, and the secondary auditing rule can be performed manually or by importing the manual auditing experience in advance, so that the secondary auditing rule is automatically performed. After the secondary audit, an experience audit model is established by utilizing experience audit rules passing the audit, specifically, one experience audit rule can be set as an experience audit model according to the need, and a plurality of experience audit rules with similar categories can be used as an experience audit model, and the method is not particularly limited.
S105, screening the target data by using an experience auditing model.
Specifically, after the empirical audit model is established, the target data is screened by the empirical audit model, wherein the target data is a transaction action of an entity that may exist on a sanctioned entity list, which may be an individual, a business, or a company, and the sanctioned entity list is updated at regular or irregular times. And screening the target data by using an experience auditing model, and filtering a part of target data which possibly needs to be alarmed according to the transaction context without risk, so that the target data does not need to enter a list matching engine for screening, and the risk of possibly generating false alarm is avoided.
According to the application, by extracting the characteristics of the historical screening alarm data to obtain the experience auditing rule and generating the corresponding model by utilizing the experience auditing rule, the technical problems of auditing false passing and false alarming caused by the fact that part of fonts in the names are very easy to appear in a transmission message in the screening of target data in the combined mode of a list matching engine and manual auditing in the prior art are solved, and the technical effects of reducing invalid alarm quantity, improving auditing efficiency and saving labor cost are realized.
On the basis of the above technical solutions, after S101, the data screening method further includes: and reserving historical screening alarm data in a second preset time, wherein the second preset time is longer than the first preset time.
By way of example, the second preset time is generally set to be three months, and the first preset time is set to be 24 hours, so that the corresponding historical screening alarm data are only required to be acquired every day, the historical screening alarm data of nearly three months are reserved, the huge workload caused by feature extraction of a large amount of historical screening alarm data acquired at one time is avoided, and the problem of large memory requirement caused by excessive reservation of the historical screening alarm data is avoided. Meanwhile, the alarm characteristics are extracted according to the history screening alarm data of the last three months, so that corresponding experience auditing rules are generated, the timeliness of the alarm characteristics can be ensured, and the problem that the experience auditing rules cannot be updated in time due to untimely characteristic updating is avoided.
Based on the above technical solutions, fig. 2 is a flowchart of another data screening method provided in the embodiment of the present application, as shown in fig. 2, S104 specifically includes:
s201, auditing the experience auditing rule based on the manual auditing experience.
Specifically, after the experience auditing rule is obtained, the experience auditing rule is required to be subjected to secondary auditing again based on manual auditing experience, and specifically, the secondary auditing can be performed manually, whether the obtained experience auditing rule can meet the requirement of screening target data or not can be judged, and manual auditing experience can be pre-led in, so that the secondary auditing can be automatically performed.
S202, deleting the experience auditing rule which is not passed by the auditing, and establishing an experience auditing model by utilizing the experience auditing rule which is passed by the auditing.
Specifically, after the secondary audit, the experience audit rule which is not passed through the audit is deleted, and an experience audit model is built by using the experience audit rule which is passed through the audit, specifically, one experience audit rule can be set as one experience audit model according to the need, and a plurality of experience audit rules with similar categories can be used as one experience audit model, and the method is not particularly limited.
Based on the above technical solutions, fig. 3 is a flowchart of another data screening method provided in an embodiment of the present application, and as shown in fig. 3, S105 specifically includes:
s301, acquiring target data, wherein the target data is a Swift message.
Specifically, the target data is various financial transaction data transmitted through a Swift message, wherein the Swift is an abbreviation of the global banking and financial telecommunication society (Society for Worldwide Interbank Financial Telecommunications), and the standardized Swift message can provide safer, more reliable, faster, standardized and automated communication service when settling accounts among financial institutions such as banks.
S302, importing the target data into an experience auditing model for screening.
Specifically, after the target data is obtained, the target data is imported into an experience auditing model for screening, so that the problem that some target data trigger an alarm action after being screened by using a list matching engine can be avoided, and the false alarm rate is reduced.
And S303, if the target data contains newly added data exceeding the experience verification rule in the experience verification model, importing the newly added data into a list matching engine for screening.
Specifically, because the sanctioned entity list is updated regularly or irregularly, the experience auditing rule also needs to be updated according to the corresponding alarming characteristics, if new data exceeding the experience auditing rule in the existing experience auditing model exists in the screening process, the new data is automatically transferred into a list matching engine for screening, after the list matching engine screens, alarming details are generated, one part of the alarming details are filtered and then directly executed, the other part of the alarming details enter an alarming detail unit to be processed, and the second auditing is waited for manually, so that the manual auditing alarming data is finally obtained.
After the list matching engine and the manual auditing screening are performed on the newly added data, the obtained new historical screening alarm data is imported into the model generator again to extract alarm characteristics so as to update the experience screening rules and ensure timeliness of the experience screening rules.
FIG. 4 is a block diagram of a data screening device according to an embodiment of the present application, and as shown in FIG. 4, the data screening device includes a model generator 41, a model management unit 42, and an audit filtering unit 43;
the model generator 41 includes a data acquisition unit 410, a feature extraction unit 411, and a rule generation unit 412;
the data acquisition unit 410 is configured to acquire historical screening alarm data, where the historical screening alarm data includes alarm detail data and manual audit alarm data;
the feature extraction unit 411 is configured to extract an alarm feature in the history screening alarm data;
the rule generating unit 412 is configured to perform statistical analysis on the alarm feature based on a preset analysis rule to obtain an experience auditing rule;
the model management unit 42 is configured to establish an experience auditing model based on the experience auditing rule;
the audit filtration unit 43 is used to screen the target data using an empirical audit model.
The implementation of the data screening method is described in detail below with reference to a specific embodiment. Fig. 5 is a flowchart of screening target data according to an embodiment of the present application.
As shown in fig. 5, the model generator may obtain historical screening alarm data, including alarm detail data and manual audit alarm data, extract alarm features of the obtained historical screening alarm data, and then perform statistical analysis on the alarm features based on preset analysis rules to obtain experience audit rules; the model management unit carries out secondary audit confirmation on the experience audit rule again based on manual audit experience, and stores the confirmed experience audit rule, and an experience audit model is built, and the model management unit can record and store all operations of changing the model on line, so that on-line trace and traceability of all operations are realized; after the model management unit establishes the experience auditing model, after the target data (i.e. the screening message shown in fig. 5) at the business component is obtained, the target data information is directly audited by the auditing and filtering unit, so that the auditing cost of the system can be reduced while the invalid alarm quantity is reduced.
Referring to fig. 5, when new data exceeding the experience auditing rule in the existing experience auditing model appears, the system will automatically transfer the new data into the list matching engine for traditional list screening, after the list matching engine screens, alarm details will be generated, one part of the new data is filtered and then directly executed, the other part of the new data will finally generate corresponding alarm details, the other part of the new data enters an alarm details unit to be processed, waiting for manual secondary auditing, and finally obtaining manual auditing alarm data.
After the newly added data is subjected to list matching engine and manual auditing screening, the obtained new historical screening alarm data can be re-imported into a model generator to extract alarm characteristics so as to update the experience screening rules and ensure timeliness of the experience screening rules.
Alternatively, the feature extraction unit 411 specifically functions to:
and extracting an identity mark and identity information in the history screening alarm data, wherein the identity mark comprises a column value, a message domain name and context information of a position where the column value is located, and the identity information comprises a list hit name, a list main name and an alarm name ID.
Optionally, the data acquisition unit 410 is specifically configured to:
and acquiring historical screening alarm data within a first preset time.
Optionally, after the data acquisition unit 410 acquires the history screening alert data, the model generator 41 further includes: the data storage unit is used for reserving historical screening alarm data in a second preset time, wherein the second preset time is longer than the first preset time.
Alternatively, the model management unit 42 is specifically configured to:
auditing the experience auditing rule based on the manual auditing experience;
and deleting the experience auditing rule which is not audited, and establishing an experience auditing model by utilizing the experience auditing rule which is audited to be audited.
Optionally, the audit filtering unit 43 is specifically configured to:
acquiring target data, wherein the target data is a Swift message;
importing the target data into an experience auditing model for screening;
and if the target data contains newly added data exceeding the experience auditing rules in the experience auditing model, importing the newly added data into a list matching engine for screening.
The data screening device provided by the embodiment of the application can execute the data screening method provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
Fig. 6 is a schematic structural diagram of a data screening apparatus according to an embodiment of the present application. The data screening apparatus is intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the applications described and/or claimed herein.
As shown in fig. 6, the electronic device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data required for the operation of the electronic device 10 may also be stored. The processor 11, the ROM 12 and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
Various components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the various methods and processes described above, such as a data screening method.
In some embodiments, the data screening method may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. One or more of the steps of the data screening method described above may be performed when the computer program is loaded into RAM 13 and executed by processor 11. Alternatively, in other embodiments, the processor 11 may be configured to perform the data screening method in any other suitable manner (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for carrying out methods of the present application may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present application, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.
Embodiments of the present application also provide a computer program product comprising computer executable instructions for performing the data screening method provided by any of the embodiments of the present application when executed by a computer processor.
Computer program product in the implementation, the computer program code for carrying out operations of the present application may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
Of course, the computer program product provided by the embodiments of the present application, the computer executable instructions of which are not limited to the method operations described above, may also perform the relevant operations in the method provided by any of the embodiments of the present application.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present application may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present application are achieved, and the present application is not limited herein.
The above embodiments do not limit the scope of the present application. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present application should be included in the scope of the present application.
Claims (11)
1. A data screening method, the data screening method comprising:
acquiring historical screening alarm data, wherein the historical screening alarm data comprises alarm detail data and manual auditing alarm data;
extracting alarm characteristics in the history screening alarm data;
carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule;
establishing an experience auditing model based on the experience auditing rule;
and screening the target data by using the experience auditing model.
2. The data screening method of claim 1, wherein extracting alert features in the historical screening alert data comprises:
and extracting an identity mark and identity information in the history screening alarm data, wherein the identity mark comprises a column value, a message domain name and context information of a position where the column value is located, and the identity information comprises a list hit name, a list main name and an alarm name ID.
3. The data screening method of claim 2, wherein the preset analysis rules include:
the identity of each piece of history screening alarm data is corresponding to the identity information, and the screening result of the history screening alarm data is that no alarm is given;
and the history screening alarm data is subjected to at least three times of manual audits, and the audit results are all non-alarm.
4. The data screening method of claim 1, wherein obtaining historical screening alert data comprises:
and acquiring the historical screening alarm data within a first preset time.
5. The data screening method of claim 4, wherein after obtaining historical screening alert data, the data screening method further comprises: and reserving the historical screening alarm data within a second preset time, wherein the second preset time is longer than the first preset time.
6. The data screening method of claim 1, wherein building an empirical audit model based on the empirical audit rules comprises:
auditing the experience auditing rule based on manual auditing experience;
and deleting the experience auditing rule which is not approved, and establishing the experience auditing model by utilizing the experience auditing rule which is approved.
7. The data screening method of claim 1, wherein screening the target data using the empirical audit model comprises:
acquiring the target data, wherein the target data is a Swift message;
importing the target data into the experience auditing model for screening;
and if the target data contains new data exceeding the experience verification rule in the experience verification model, importing the new data into a list matching engine for screening.
8. The data screening device is characterized by comprising a model generator, a model management unit and an auditing and filtering unit;
the model generator comprises a data acquisition unit, a feature extraction unit and a rule generation unit;
the data acquisition unit is used for acquiring historical screening alarm data, wherein the historical screening alarm data comprises alarm detail data and manual auditing alarm data;
the feature extraction unit is used for extracting alarm features in the history screening alarm data;
the rule generating unit is used for carrying out statistical analysis on the alarm characteristics based on a preset analysis rule to obtain an experience auditing rule;
the model management unit is used for establishing an experience auditing model based on the experience auditing rule;
and the auditing and filtering unit is used for screening the target data by using the experience auditing model.
9. A data screening apparatus, the data screening apparatus comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data screening method of any one of claims 1-7.
10. A computer readable storage medium storing computer instructions for causing a processor to perform the data screening method of any one of claims 1-7.
11. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the data screening method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310327611.6A CN116595234A (en) | 2023-03-29 | 2023-03-29 | Data screening method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310327611.6A CN116595234A (en) | 2023-03-29 | 2023-03-29 | Data screening method, device and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116595234A true CN116595234A (en) | 2023-08-15 |
Family
ID=87606863
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310327611.6A Pending CN116595234A (en) | 2023-03-29 | 2023-03-29 | Data screening method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116595234A (en) |
-
2023
- 2023-03-29 CN CN202310327611.6A patent/CN116595234A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN117474091A (en) | Knowledge graph construction method, device, equipment and storage medium | |
| CN115328621B (en) | Transaction processing method, device, equipment and storage medium based on block chain | |
| CN117057795A (en) | Account number-based account transfer method, device and equipment | |
| CN114676266B (en) | Conflict identification method, device, equipment and medium based on multi-layer relation graph | |
| CN116451210A (en) | Rights recovery method, device, equipment and storage medium | |
| CN116595234A (en) | Data screening method, device and equipment | |
| CN115270984A (en) | Anti-fraud model construction method and device, electronic equipment and storage medium | |
| CN115242731A (en) | Message processing method, device, equipment and storage medium | |
| CN116629810B (en) | Operation recommendation method, device, equipment and medium based on building office system | |
| CN115797033A (en) | Capital supervision method and device, electronic equipment and storage medium | |
| CN117632741A (en) | Determination method and device of regression test case library, electronic equipment and storage medium | |
| CN117011026A (en) | Associated risk identification method, device, equipment, storage medium and program product | |
| CN117857626A (en) | Account notification method, device and storage medium | |
| CN116719847A (en) | Service data checking method, device, equipment and storage medium | |
| CN116720972A (en) | System docking method and device, electronic equipment and storage medium | |
| CN115601139A (en) | Automatic deduction method and device, electronic equipment and storage medium | |
| CN117453746A (en) | Method, device, equipment and medium for data cycle screening | |
| CN115455437A (en) | Code unauthorized detection method and device, electronic equipment and storage medium | |
| CN116091161A (en) | Operation management method and device of filter element, electronic equipment and storage medium | |
| CN115601043A (en) | Risk transaction processing method and device, electronic equipment and storage medium | |
| CN117251433A (en) | Power grid transaction account management method and device, electronic equipment and storage medium | |
| CN115131148A (en) | Transaction data processing method, device, equipment and storage medium | |
| CN114282835A (en) | Method and device for generating financing model in supply chain and electronic equipment | |
| CN117093627A (en) | Information mining method, device, electronic equipment and storage medium | |
| CN116308713A (en) | Multiplexing method and device for business transaction codes, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |