CN117112951A - User account pushing method and device, electronic equipment and storage medium - Google Patents
User account pushing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN117112951A CN117112951A CN202210507863.2A CN202210507863A CN117112951A CN 117112951 A CN117112951 A CN 117112951A CN 202210507863 A CN202210507863 A CN 202210507863A CN 117112951 A CN117112951 A CN 117112951A
- Authority
- CN
- China
- Prior art keywords
- user account
- violation
- probability
- time period
- change
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 230000008859 change Effects 0.000 claims abstract description 145
- 239000013598 vector Substances 0.000 claims description 88
- 238000004364 calculation method Methods 0.000 claims description 39
- 230000015654 memory Effects 0.000 claims description 21
- 238000007499 fusion processing Methods 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 7
- 230000009466 transformation Effects 0.000 claims description 6
- 238000010606 normalization Methods 0.000 claims description 5
- 230000001131 transforming effect Effects 0.000 claims 1
- 238000001514 detection method Methods 0.000 abstract description 11
- 239000002699 waste material Substances 0.000 abstract description 6
- 230000006870 function Effects 0.000 description 17
- 238000005516 engineering process Methods 0.000 description 16
- 238000007689 inspection Methods 0.000 description 14
- 238000013528 artificial neural network Methods 0.000 description 11
- 238000000605 extraction Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 11
- 238000013473 artificial intelligence Methods 0.000 description 10
- 230000004927 fusion Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 8
- 238000012549 training Methods 0.000 description 8
- 238000012550 audit Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 5
- 238000010801 machine learning Methods 0.000 description 5
- 230000000306 recurrent effect Effects 0.000 description 5
- 125000004122 cyclic group Chemical group 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 238000007726 management method Methods 0.000 description 3
- 238000013475 authorization Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005094 computer simulation Methods 0.000 description 2
- 238000013135 deep learning Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000003203 everyday effect Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008447 perception Effects 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000006403 short-term memory Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000012706 support-vector machine Methods 0.000 description 2
- 102100037651 AP-2 complex subunit sigma Human genes 0.000 description 1
- 201000004569 Blindness Diseases 0.000 description 1
- 101000806914 Homo sapiens AP-2 complex subunit sigma Proteins 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 238000007635 classification algorithm Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000003066 decision tree Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000006698 induction Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007787 long-term memory Effects 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 238000013526 transfer learning Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Biomedical Technology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Health & Medical Sciences (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- Evolutionary Computation (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the application discloses a user account pushing method, a device, electronic equipment and a storage medium; the method comprises the following steps: under the condition that the user account is reported, acquiring operation time sequence data of the user account in a preset time period before being reported; determining a change characteristic of a specified operation in a preset time period based on the operation time sequence data; based on the change characteristics, calculating the rule violation probability of the user account; and pushing the user account based on the violation grade determined by the violation probability. The probability that the user account is a violation account is determined according to the change trend of the appointed operation of the user account, the user account is pushed according to the violation level determined according to the probability that the user account is the violation account, and under the condition that the manual auditing capability is limited, the manpower waste caused by random auditing can be avoided, so that the targeted auditing of the user account can be realized, and the detection rate of the violation account is improved.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a user account pushing method, a device, an electronic device, and a storage medium.
Background
With the rapid development of computer technology and internet technology, users can make information publication and transmission on the network, so as to realize rapid information exchange. The internet brings convenience to information exchange, and meanwhile, bad information transmission is possibly caused, so that bad influence is caused. In order to maintain the safety and stability of the Internet, a corresponding reporting mechanism can be provided so as to audit the user account number of the published information and determine whether the user account number is illegal or not.
The auditing mode of the user account is usually manual auditing, and as the number of user accounts needing auditing increases, only part of user accounts can be extracted for manual auditing due to the limitation of manual auditing capability, and the extraction process has randomness and blindness, so that targeted auditing is difficult to realize, and the detection rate of illegal accounts is low.
Disclosure of Invention
The embodiment of the application provides a user account pushing method, a device, electronic equipment and a storage medium, which can realize targeted audit of a user account under the condition of limited manual audit capability and improve the detection rate of illegal accounts.
The embodiment of the application provides a user account pushing method, which comprises the following steps:
Under the condition that the user account is reported, acquiring operation time sequence data of the user account in a preset time period before being reported, wherein the operation time sequence data comprises operation data for performing specified operation on the user account arranged according to a time sequence;
determining a change characteristic of the specified operation in the preset time period based on the operation time sequence data, wherein the change characteristic represents a change trend of the specified operation in the preset time period;
based on the change characteristics, calculating the violation probability of the user account;
and pushing the user account based on the violation probability.
The embodiment of the application also provides a user account recommending device, which comprises:
the acquisition module is used for acquiring operation time sequence data of the user account in a preset time period before being reported under the condition that the user account is detected to be reported, wherein the operation time sequence data comprise operation data for performing specified operation on the user account arranged according to time sequence;
the characteristic determining module is used for determining the change characteristic of the specified operation in the preset time period based on the operation time sequence data, wherein the change characteristic represents the change trend of the specified operation in the preset time period;
The probability calculation module is used for calculating the rule violation probability of the user account based on the change characteristics;
the grade determining module is used for determining the violation grade of the user account based on the violation probability;
and the pushing module is used for pushing the user account according to the violation grade.
In some embodiments, the preset time period includes a plurality of sub-time periods, and the feature determination module further includes:
the feature extraction unit is used for carrying out feature extraction on the operation time sequence data to obtain a feature vector sequence, wherein the feature vector sequence comprises feature vectors corresponding to each sub-time period;
and the fusion unit is used for carrying out data fusion processing on the feature vector to obtain the change features of the appointed operation in a preset time period.
In some embodiments, the fusion unit is further to:
aiming at the feature vector of each current sub-time period, acquiring a forward hidden layer state corresponding to the feature vector of a previous sub-time period, wherein the previous sub-time period is a period before the current sub-time period;
and calculating to obtain the change characteristics of the specified operation in a preset time period according to the forward hidden layer state and each characteristic vector.
In some embodiments, the fusion unit is further to:
Performing forward coding on the feature vector of each current sub-time period to obtain a forward hidden layer state of each sub-time period;
performing backward coding on the feature vector of each current sub-time period to obtain a backward hidden layer state of each sub-time period;
and splicing the forward hidden layer state and the backward hidden layer state of each sub-time period to obtain the change characteristics of the appointed operation in the preset time period.
In some embodiments, the probability calculation module further comprises:
the attention weight calculation unit is used for carrying out linear transformation on the change characteristics based on preset weight parameters to obtain the attention weights corresponding to the change characteristics;
an attention feature calculating unit, configured to calculate an attention feature corresponding to the change feature based on the attention weight and the preset weight parameter;
and the probability calculation unit is used for obtaining the rule violation probability of the user account according to the attention characteristic.
In some embodiments, the preset weight parameters include a first weight parameter and a second weight parameter, and the attention weight calculation unit is further configured to:
calculating the product of the change characteristic and the first weight parameter to obtain a first attention weight;
Calculating the product of the change characteristic and the second weight parameter to obtain a second attention weight;
and obtaining the attention weight corresponding to the change characteristic according to the first attention weight and the second attention weight.
In some embodiments, the preset weight parameters further include a third weight parameter, and the attention feature calculation unit is further configured to:
based on the third weight parameter, performing linear transformation on the change characteristic to obtain an adjusted change characteristic;
and calculating the product of the attention weight and the adjusted change characteristic to obtain the attention characteristic corresponding to the change characteristic.
In some embodiments, the probability calculation unit is further configured to:
acquiring a target parameter and a target bias;
using the target parameters to carry out weighted calculation on the attention characteristics to obtain weighted attention characteristics;
calculating the sum of the weighted attention characteristic and the target bias to obtain a target characteristic vector;
and carrying out normalization processing on the target feature vector to obtain the violation probability of the user account.
In some embodiments, the rank determination module is further to:
acquiring the number of times of reporting the user account in the preset time period;
Calculating the product of the first preset weight and the times to obtain a first parameter value;
calculating the product of a second preset weight and the violation probability to obtain a second parameter value, wherein the first preset weight is smaller than the second preset weight;
summing the first parameter value and the second parameter value to obtain a target parameter value;
and determining the violation level of the user account based on the target parameter value.
In some embodiments, the rank determination module is further to:
if the violation probability is greater than or equal to the first probability, determining that the violation grade of the user account is the first violation grade;
if the violation probability is smaller than the first probability, determining a magnitude relation between the violation probability and a second probability, wherein the second probability is lower than the violation probability indicated by the first probability;
if the violation probability is greater than or equal to the second probability, determining that the violation grade of the user account is a second violation grade;
and if the violation probability is smaller than the second probability, determining that the violation grade of the user account is a third violation grade.
In some embodiments, the designating operation includes a releasing operation of designating information through the user account, and the operation data includes the number of times of releasing the designating information.
The embodiment of the application also provides electronic equipment, which comprises a memory, wherein the memory stores a plurality of instructions; the processor loads instructions from the memory to execute steps in any user account pushing method provided by the embodiment of the application.
The embodiment of the application also provides a computer readable storage medium which stores a plurality of instructions, wherein the instructions are suitable for being loaded by a processor to execute the steps in any user account pushing method provided by the embodiment of the application.
The embodiment of the application also provides a computer program product, which comprises a computer program/instruction, wherein the computer program/instruction realizes the steps in any user account pushing method provided by the embodiment of the application when being executed by a processor.
According to the embodiment of the application, under the condition that the user account is detected to be reported, the operation time sequence data of the user account in a preset time period before being reported can be obtained; and determining the change characteristics of the appointed operation in a preset time period according to the operation time sequence data, calculating the violation probability of the user account by utilizing the change characteristics, further determining the violation grade of the user account based on the violation probability, and pushing the user account based on the violation grade. The method comprises the steps of extracting change characteristics of specified operation from operation time sequence data in a preset time period, showing a change trend of the specified operation of a user account, determining probability of the user account being a violation account according to the change trend, determining violation grades according to the probability of the user account being the violation account, pushing the user account based on the violation grades, and avoiding manpower waste caused by random extraction and verification under the condition of limited manual verification capability, so that targeted verification of the user account can be achieved, and the detection rate of the violation account is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1a is a schematic view of a scenario of a user account pushing method according to an embodiment of the present application;
fig. 1b is a flowchart of a user account pushing method according to an embodiment of the present application;
FIG. 1c is a schematic diagram of a recurrent neural network according to an embodiment of the present application;
FIG. 1d is a schematic diagram of the internal structure of an LSTM according to an embodiment of the application;
FIG. 1e is a schematic flow chart of calculating the probability of violation provided by an embodiment of the application;
fig. 1f is a schematic flow chart of pushing a user account according to an embodiment of the present application;
fig. 2a is a flowchart of a user account pushing method according to another embodiment of the present application;
fig. 2b is an overall architecture diagram of a user pushing method according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a user account pushing device according to an embodiment of the present application;
Fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to fall within the scope of the application.
The embodiment of the application provides a user account pushing method, a device, electronic equipment and a storage medium.
The user account pushing device can be integrated in an electronic device, and the electronic device can be a terminal, a server and other devices. The terminal can be a mobile phone, a tablet computer, an intelligent Bluetooth device, a notebook computer, a personal computer (Personal Computer, PC) or the like; the server may be a single server or a server cluster composed of a plurality of servers.
In some embodiments, the user account pushing device may be integrated in a plurality of electronic devices, for example, the user account pushing device may be integrated in a plurality of servers, and the user account pushing method of the present application is implemented by the plurality of servers.
In some embodiments, the server may also be implemented in the form of a terminal.
For example, referring to fig. 1a, an application scenario schematic diagram of a user account pushing method provided by the embodiment of the present application is shown.
As shown in fig. 1a, the client 101, the server 102 and the quality inspection platform 103 are located in a wireless network or a wired network, the client 101 and the server 102 interact data, and the server 102 can interact with the quality inspection platform 103. The server 102 may be a separate server, may be a server cluster, may be a local server, may be a cloud server, and the quality inspection platform 103 is a platform for performing manual quality inspection on a user account.
When a user encounters a user to publish bad information in the process of information exchange, the user account publishing the bad information can be reported, for example, the user account corresponding to the user publishing the bad information can be marked as a violation account by the user terminal 101, and an identifier corresponding to the user account is sent to the server 102, so that the server 102 can obtain the user account marked as the violation account by the user terminal through the user terminal 101.
After obtaining the user account marked as the offence account by the user side, that is, after detecting that the user account is reported by other users, the server 102 may obtain operation time sequence data of a preset time period before the user account is reported, for example, operation data generated when the user account performs a specified operation in the preset time period, and arrange the operation data according to a time sequence.
The designating operation may refer to an operation of the user account to issue designating information, where the designating information may refer to a picture, a text, a network link, audio, video, and the like. The operation data may refer to operation data generated when a user corresponding to the user account performs a specified operation in the application program, for example, may be the number of times of issuing the specified information, and so on. The manner in which the server 102 obtains the operational timing data may be user reports or collected by SDK components within various applications within the user terminal.
After acquiring the operation time sequence data of the user account in the preset time period before being reported, the server 102 may determine a change feature of the specified operation in the preset time period based on the operation time sequence data, where the change feature is used to indicate a change trend of the specified operation in the preset time period; based on the change characteristics, the violation probability of the user account is calculated, then the violation grade of the user account is determined based on the violation probability, and finally the user account is pushed to the quality inspection platform 103 based on the violation grade so as to be manually audited, so that whether the user account is a violation account or not is determined. Wherein, the manual auditing can refer to manually checking account information such as complaint content of the user account to verify whether the user account is a violation account.
In some embodiments, if it is determined that the user account is a violation account, the quality inspection platform 103 may feed back the auditing result to the server 102, and feed back the auditing result to the user terminal 101 marking the user account as the violation account via the server 102.
It should be noted that, in the specific embodiment of the present application, related data related to the user, such as user account information, operation data, etc., and other data related to the user, such as a duration of using a certain application program by a target user, a number of times of issuing information, etc., when the embodiment of the present application applies these data to a specific product or technology, user permission or consent needs to be obtained, and collection, use and processing of related data need to comply with related laws and regulations and standards of related countries and regions, respectively, as described in detail below.
Artificial intelligence (Artificial Intelligence, AI) is a technology that utilizes a digital computer to simulate the human perception environment, acquire knowledge, and use the knowledge, which can enable machines to function similar to human perception, reasoning, and decision. Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a voice processing technology, a natural language processing technology, machine learning/deep learning, automatic driving, intelligent traffic and other directions.
Machine Learning (ML) is a multi-domain interdisciplinary, involving multiple disciplines such as probability theory, statistics, approximation theory, convex analysis, algorithm complexity theory, etc. It is specially studied how a computer simulates or implements the learning characteristics of a human being to acquire new knowledge or skills, reorganizing the existing knowledge structure to continuously improve its own performance. Machine learning is the core of artificial intelligence, a fundamental approach to letting computers have intelligence, which is applied throughout various areas of artificial intelligence. Machine learning and deep learning typically include techniques such as artificial neural networks, belief networks, reinforcement learning, transfer learning, induction learning, teaching learning, and the like.
With research and progress of artificial intelligence technology, research and application of artificial intelligence technology are being developed in various fields, such as common smart home, smart wearable devices, virtual assistants, smart speakers, smart marketing, unmanned, autopilot, unmanned, robotic, smart medical, smart customer service, car networking, autopilot, smart transportation, etc., and it is believed that with the development of technology, artificial intelligence technology will be applied in more fields and will be of increasing importance.
In this embodiment, a user account pushing method based on artificial intelligence is provided, as shown in fig. 1b, a specific flow of the user account pushing method may be as follows:
s110, under the condition that the user account is detected to be reported, acquiring operation time sequence data of the user account in a preset time period before being reported.
The user account refers to a user created to use a certain application or a certain function, and is used to refer to the identity of the user within the application. When the user account is reported, the user account becomes a reported user account, and the reported user account refers to an account which is subjected to illegal operation and reported by other users, for example, an account which is reported by issuing bad information, or an account which is reported by performing illegal activities, for example, an account which is reported by issuing false information by using the user account, and an account which is reported by illegally acquiring money of other people by using the user account.
The user can issue information through the user account and also can view information issued by other user accounts so as to realize information exchange. In some embodiments, the application may provide a function of the offending account marking so that the user may report the user account using the function of the offending account marking. For example, in the process of information exchange through the user account, the user finds that the user account a issues bad information, and then the user can mark the user account a as a violation account through a violation account marking function provided by an application program so as to report the user account a and send the user account a to a server.
In some embodiments, after the user account is marked as the violation account, a preset violation mark may be correspondingly generated, and the preset violation mark and the user account are sent to the server together, so that when the server receives the user account carrying the preset violation mark, it may be considered that the user account is detected to be reported.
Under the condition that the server detects that the user account is reported, operation time sequence data of the user account in a preset time period before being reported can be obtained, wherein the operation time sequence data can comprise operation data of the user account for specified operation, and the operation times are arranged according to time sequence. In some embodiments, when the user account performs the specified operation, the server may acquire and store the operation data for performing the specified operation, for example, may sequentially store the time generated by the operation data and the corresponding operation data according to the time sequence. For example, when the user account performs the specified operation at 12 to generate the operation data 1 and when the user account performs the specified operation at 14 to generate the operation data 2, the server may store the operation data and the time in order, 12 hours—the operation data 1, 14 hours—the operation data 2.
When the user account is detected to be reported, operation data of a preset time period before being reported can be extracted from the data according to time, so that operation time sequence data can be obtained.
The preset time period may be set to any time length, for example, 15 days, 7 days, and the like, and may be specifically set according to actual needs, which is not specifically limited herein.
The specified operation may refer to preset user operations, and these user operations may refer to operations that are often performed by the offending account. For example, the offending account may be a lot of friends in a short time, the login of the user account frequently jumps, and messages are sent to different user accounts at the same time, so that the specified operation may include an operation of logging in the account, an operation of publishing specified information, and the like, where the specified information may refer to text, pictures, videos, audios, network links, and the like. The operation data may refer to data generated when a specified operation is performed, or refer to data such as the number of times, time, etc. that the specified operation is performed, for example, account login place and account login time, the number of times of release of specified information, etc.
In some embodiments, when a user reports a certain user account, the reason for reporting the user account, that is, the tag information, may be sent to the server together, where the tag information may be in a text form, an image form, an audio form, a network link form, and so on. After the server acquires the marking information, the server can audit the user account based on the marking information, for example, the user account is audited through text recognition, image recognition and other technologies, and if the user account cannot be audited through the marking information, the operation time sequence data of the user account in a preset time period before being reported is acquired.
It should be noted that, the above operation data are all obtained under the condition of user authorization permission, for example, when the operation data need to be obtained, a prompt may be performed on the user side, and when a confirmation operation of the user for the prompt is received, the user authorization may be considered to be obtained, and then the operation data is obtained.
S120, based on the operation time sequence data, determining the change characteristics of the specified operation in the preset time period, wherein the change characteristics represent the change trend of the specified operation in the preset time period.
Based on the acquired operation time sequence data of the user account in the preset time period, the operation data of the user account for executing the specified operation in the preset time period is acquired, and the operation time sequence data can be processed to acquire the change characteristics of the specified operation in the preset time period, wherein the change characteristics are used for representing the change trend of the specified operation in the preset time period.
For example, if the preset time period is 2 days, and the operation data is counted every day, the user account issues the specified information 3 times in the previous day, and the user account issues the specified information 6 times in yesterday, it can be seen that the specified operation shows a growing trend in the preset time period.
In some embodiments, based on the operation time sequence data, determining the change characteristics of the specified operation in the preset time period may be to divide the preset time period into a plurality of sub-time periods, and then perform characteristic extraction on the operation time sequence data to obtain a characteristic vector sequence; and carrying out data fusion processing on the feature vector to obtain the change features of the appointed operation in a preset time period.
As an embodiment, the sub-period of time may be a preset length of time, such as 1 day, one hour, etc. If operation time series data within 7 days are acquired, the operation time series data can be divided into 7 parts according to the time length of the sub-time period being 1 day. When the feature extraction is performed on the operation time sequence data to obtain a feature vector sequence, the feature extraction may be performed on the operation time sequence data in each sub-time period to obtain feature vectors corresponding to each sub-time period, and then all the feature vectors are arranged according to the time sequence to obtain the feature vector sequence.
In some embodiments, when extracting features of the operation timing data to obtain the feature vector sequence, the operation timing data may be input into a Full Connected (FC) layer, and the FC layer encodes the operation timing data, and performs feature reduction and selection to obtain the feature vector sequence.
After extracting the characteristics of the operation time sequence data to obtain a characteristic vector sequence, the characteristic vector can be subjected to data fusion processing to obtain the change characteristics of the specified operation in a preset time period.
In some embodiments, the feature vectors may be data fused using a recurrent neural network (Recurrent Neural Network, RNN). The cyclic neural network is a recursive neural network which takes sequence data as input, carries out recursion in the evolution direction of the sequence, and all cyclic units are connected in a chained mode, and can generally describe the relation between the current output of the sequence and the previous information.
In one embodiment, when the feature vector is subjected to the data fusion processing, a forward hidden layer state corresponding to the feature vector of a previous sub-period may be obtained for each feature vector of the current sub-period, where the previous sub-period is a period before the current sub-period. The forward hidden layer state is a hidden layer state obtained by considering the influence of the hidden layer state in the previous sub-period of the current sub-period on the current hidden layer state. For example, the sub-period T1 is 4 months and 20 days, the sub-period T2 is 4 months and 21 days, the current sub-period is T2, and then the previous sub-period is T1.
For example, reference may be made to fig. 1c, which shows a schematic structural diagram of a recurrent neural network. The recurrent neural network shown on the left in FIG. 1c isInfrastructure of RNN model, where x t Representing inputs to the RNN model, A represents hidden layers of the RNN model, h t Represents hidden layer state of RNN model, W 1 Representing weights between input and hidden layers, U 1 The last value of the hidden layer is represented as the weight of this input. To facilitate understanding of the operation mechanism of the RNN model, the RNN model on the left may be expanded in time to obtain the model structure shown on the right in fig. 1 c.
The structure of the RNN model after being developed according to time can be known that the RNN model has one input at each moment, and then an output h is provided according to the current hidden state of the RNN model t . And each hidden layer A in the RNN model is determined according to the hidden layer state at the last moment and the current input. And inputting the feature vector sequence into an RNN model, wherein the feature vector sequence comprises feature vectors corresponding to each sub-time period, and aiming at the feature vector of each current sub-time period, acquiring a forward hidden layer state corresponding to the feature vector of a section of sub-time period before the current sub-time period, and acquiring a change feature according to the forward hidden layer state and the feature vector.
For example, the feature vector sequence is a sequence { x } of length T 1 ,x 2 ,…x T X, where x i =(x i,1 ,x i,2 ,…,x i,n ) Is a vector of n dimensions, and the hidden layer state can be calculated by the following formula:
h t =f(U 1 h t-1 +W 1 x t +b 1 );
wherein h is t Represents the current hidden layer state, h t-1 Represents the hidden layer state of the previous moment, b 1 Representing the bias value, typically h, during the calculation 0 Will be set to a vector of all 0's.
In some embodiments, the data fusion processing is performed on the feature vector, which may be that the feature vector of each current sub-time period is forward coded to obtain a forward hidden layer state of each sub-time period; performing backward coding on the feature vector of each current sub-time period to obtain a backward hidden layer state of each sub-time period; and splicing the forward hidden layer state and the backward hidden layer state of each sub-time period to obtain the change characteristics of the appointed operation in the preset time period. The backward hidden layer state is a hidden layer state obtained by considering the influence of the hidden layer state of the sub-time period after the current sub-time period on the current hidden layer state.
As an embodiment, a Long Short-Term Memory neural network (LSTM) may be used to perform data fusion processing on the feature vectors. The LSTM model is a special cyclic neural network, and the LSTM transmits useful information calculated at the subsequent moment and discards useless information through forgetting the existing information and memorizing the new information, and outputs hidden layer states at each time step, wherein forgetting, memorizing and outputting are controlled by forgetting gates, input gates and output gates calculated through the hidden layer states at the previous moment and the current input.
Referring specifically to FIG. 1d, a schematic diagram of the internal structure of an LSTM is shown, wherein the forgetting gate is the output h of the above cell t-1 And input x of the unit t For the sigmoid function of the input, i.e. σ1 in the figure, C t-1 Each of which produces a signal in [0,1]]The value in the memory to control the degree to which the state of the previous cell was forgotten.
The input gate sigma 2 cooperates with a tanh function, i.e. tanh 1 in the figure, to control which new information is added. the tanh function generates a new candidate vector and the input gate generates a value within 0,1 for each term in the candidate vector, controlling how much new information is added.
The output gate is used to control how much of the current cell state is filtered out. The cell state is first activated and the output gate generates an output value of 0,1 for each of the entries]The values in (1 d) and the degree to which the control unit state is filtered, namely tanh 2 and sigma 3 in FIG. 1d, calculate the hidden layer state h t Current state C t 。
Before using the LSTM model, a large amount of training data can be used for training the LSTM model in advance, so that the LSTM model can fuse the feature vectors to obtain the change features.
In some embodiments, when the feature vector of each current sub-period is forward coded, the feature vector sequence may be forward input into LSTM, so as to obtain a forward hidden layer state corresponding to each feature vector. When the feature vectors are backward coded, the feature vector sequences can be inverted into the LSTM to obtain the backward hidden layer state corresponding to each feature vector.
In some embodiments, the change characteristics may be obtained directly using a Bi-directional long and short Term Memory network (BiLSTM), where BiLSTM is a combination of forward LSTM and backward LSTM. Inputting the feature vector sequence into BiLSTM, performing forward coding on the feature vector sequence through forward LSTM to obtain a forward hidden layer state corresponding to each feature vector, and performing backward coding on the feature vector sequence through backward LSTM to obtain a backward hidden layer state corresponding to each feature vector.
After the forward hidden layer state and the backward hidden layer state corresponding to each feature vector are obtained, the forward hidden layer state and the backward hidden layer state can be spliced to obtain the change feature corresponding to each sub-time period, and the change feature of all the sub-time periods is used as the change feature of the appointed operation in the preset time period. For example, the forward hidden layer state is { hL0, hL1, hL2}, the backward hidden layer state is { hR0, hR1, hR2}, and the concatenation can obtain { [ hL0, hR2], [ hL1, hR1], [ hL2, hR0] }, and the change feature is obtained.
S130, calculating the rule violation probability of the user account based on the change characteristics.
After the change feature is calculated, the change feature may represent a change trend of the specified operation in a preset time period, and the violation probability of the user account may be calculated according to the change feature, where the violation probability refers to a probability that the user account is a violation account, and the change feature may include a plurality of sub-change features, where each sub-change feature corresponds to a sub-time period.
In some embodiments, the variable features can be directly input into the FC layer to be classified to obtain the offence probability, so that in order to further improve the accuracy of the offence probability, the mutual influence among the sub-variable features in the variable features can be considered, different weights are given to the sub-variable features in the variable features, and more accurate coding of the variable features is realized. For example, the change feature may be linearly transformed based on a preset weight parameter to obtain the attention weight corresponding to the change feature; based on the attention weight and a preset weight parameter, calculating the attention characteristic corresponding to the change characteristic; and obtaining the violation probability value of the user account according to the attention characteristic.
The Attention features corresponding to the calculation change features may use an Attention mechanism, the Attention mechanism is a method for solving the problem by simulating human Attention, high-value information can be quickly screened from a large amount of information, and algorithms related to the Attention mechanism may include Soft Attention, hard Attention, static Attention, dynamic Attention, self-Attention and the like, and any one or more of the above may be adopted when the Attention features corresponding to the change features are calculated, and the detailed description is given below by taking Self-Attention as an example.
Before computing the attention features, the attention model may be trained to obtain preset weight parameters, which may include W Q 、W K 、W V Three weight parameters, W Q As a first weight parameter, W K As a second weight parameter, W V As a third weight parameter.
Inputting the change characteristics into an attention model, wherein the attention model can calculate attention weights, and outputting attention characteristics corresponding to the change characteristics based on the attention weights, and when the change characteristics are linearly changed based on preset weight parameters to obtain the attention weights corresponding to the change characteristics, calculating the products of the change characteristics and first weight parameters to obtain first attention weights; calculating the product of the change characteristic and the second weight parameter to obtain a second attention weight; and obtaining the attention weight corresponding to the change characteristic according to the first attention weight and the second attention weight.
For example, if the change feature is denoted as X, first noteThe force weight is denoted Q and the second attention weight is denoted K, then q=x×w Q ,K=X*W K 。
Then, when calculating the attention weight corresponding to the change feature, the transpose of the first attention weight and the dot product of the second attention weight can be calculated, then the dot product is divided by the evolution of the K vector dimension, and normalization processing is performed through softmax to obtain the attention weight, and the specific calculation process can refer to the following formula:
Wherein K is T Represents the transpose of K, where d k Refers to the number of columns of Q, K, i.e. vector dimensions.
After the attention weight is calculated, attention features corresponding to the change features can be calculated based on the attention weight and a preset weight parameter. For example, the change feature may be linearly transformed based on a third weight parameter to obtain an adjusted change feature; and calculating the product of the attention weight and the adjusted change characteristic to obtain the attention characteristic corresponding to the change characteristic.
As previously described, the adjusted change characteristics may be expressed as: v=x×w V The method comprises the steps of carrying out a first treatment on the surface of the The previously calculated attention weight is then multiplied by the adjusted change characteristic to preserve the location characteristic.
And multiplying the attention weight by the adjusted change characteristic to obtain the attention characteristic corresponding to the change characteristic, wherein the attention characteristic can be calculated according to the following formula:
wherein Z represents the attention characteristic,represents the attention weight, and V represents the post-adjustment change feature. Each in the pair of varying features by means of a model of attentionWhen the sub-change feature is coded, the importance of other sub-change features on the currently coded sub-change feature is scored, the weight of the sub-change feature with more contribution is enhanced, and the dimension of the sub-change feature is not changed.
After the attention feature is calculated, the probability of violation of the user account may be obtained based on the attention feature. In some embodiments, the obtained attention features may be input into a fully-connected layer, and the violation probability of the user account is output through calculation of the fully-connected layer, where each node of the fully-connected layer is connected with all nodes of the upper layer, so as to integrate the extracted attention features to be converted into probabilities.
As one embodiment, the target parameters and the target bias may be obtained; weighting calculation is carried out on the attention features by using the target parameters, so that weighted attention features are obtained; calculating the sum of the weighted attention characteristic and the target bias to obtain a target characteristic vector; and carrying out normalization processing on the target feature vector to obtain the violation probability of the user account.
The target parameters and the target bias are obtained through training, after the target parameters and the target bias are obtained, attention characteristics and the target parameters can be multiplied to obtain weighted attention characteristics, the weighted attention characteristics and the target bias are added to obtain a target characteristic vector, and then the target characteristic vector is normalized to obtain the violation probability. For example, the calculation of the target feature vector may be performed according to the following formula:
Wherein,representing the probability of violation, W 2 Representing the target parameters, b 2 Representing the target bias, Z represents the attention feature, the sigmoid function is also called the Logistic function, and its output is between 0 and 1.
For a more clear description of the process of calculating the probability of a violation, reference is made to fig. 1e, which shows a schematic flow chart of the calculation of the probability of a violation. In fig. 1e, the obtained operation time sequence data in a preset time period is input into a feature extraction module to obtain a feature vector sequence, then the feature vector is input into a data fusion module to obtain change tailoring, then the change feature is input into an attention mechanism module to obtain attention feature, and then the attention feature is input into a probability calculation module to obtain rule violation probability. Wherein, the feature extraction module may refer to an FC layer; the data fusion module may refer to RNN, LSTM, biLSTM or GRU, etc., for example, the data fusion module shown in fig. 1e is BiLSTM; the Attention mechanism module can refer to Soft Attention, hard Attention, static Attention, dynamic Attention, self-Attention and the like; the probability computation module may refer to the FC layer.
In some implementations, the FC layer, the data fusion module, and the attention mechanism module may be referred to as probabilistic computational models. The model may be trained in advance using training data prior to using the probabilistic computational model. The training data may be operation time sequence data of the user account which is checked and marked as the offence account in a preset time period, the data corresponding to the offence account which is checked and marked as the check result of the user account is taken as a positive sample, and the data corresponding to the normal account which is checked and marked as the check result of the user account is taken as a negative sample. And training the model based on the positive sample and the negative sample until the model converges to obtain a probability calculation model.
In some embodiments, other classification or clustering models may also be used to simply determine the probability of violation of the user account, such as linear classification, decision trees, K Nearest Neighbor classification algorithms (KNN), support vector machines (Support Vector Machine, SVM), and the like.
And S140, determining the violation grade of the user account based on the violation probability.
And S150, pushing the user account according to the violation grade. The higher the value of the violation probability, the greater the possibility that the user account is the violation account, or the higher the value of the violation probability, the lower the possibility that the user account is the violation account, and the setting can be specifically performed according to actual needs.
After obtaining the violation probability corresponding to the user account, determining the violation grade of the user account according to the violation probability, and pushing the user account according to the violation grade.
In one embodiment, when determining the violation level of the user account based on the violation probability, it may be determined whether the violation probability is greater than or equal to the first probability, and if the violation probability is greater than or equal to the first probability, the violation level of the user account may be determined as the first violation level. If the violation probability is smaller than the first probability, judging whether the violation probability is larger than or equal to the second probability, and if the violation probability is larger than or equal to the second probability, determining that the violation grade of the user account is the second violation grade; if the violation probability is smaller than the second probability, the violation level of the user account can be determined to be a third violation level. Wherein the first level of violation is higher than the second level of violation, and the second level of violation is higher than the third level of violation.
For example, the violation probability of a user account is y, the first probability is y1, and the second probability is y2, where y1> y > y2, so that it can be determined that the violation level of the user account is the second violation level.
Referring to fig. 1f, a flow chart of pushing user accounts is shown, and as an implementation manner, when user accounts are pushed according to the violation level, user accounts of a first violation level may be pushed first, user accounts of a second violation level may be pushed, and user accounts of a third violation level may be pushed finally. As another implementation, only the user account of the first violation level may be pushed.
In some embodiments, if there are multiple reported user accounts, the rule violation probability corresponding to each user account may be calculated, and based on the rule violation probabilities corresponding to all the user accounts, the rule violation level of the user account may be determined. For example, the plurality of user accounts may be sorted in order of greater probability of violation, and the violation levels may be sequentially decreased in the sorted order.
In one embodiment, when calculating the violation level of the user account, the violation level of the user account may be comprehensively determined based on the number of times the user account is reported and the violation probability. For example, the number of times that the user account is reported in a preset time period can be obtained; calculating the product of the first preset weight and the times to obtain a first parameter value, and calculating the product of the second preset weight and the violation probability to obtain a second parameter value; summing the first parameter value and the second parameter value to obtain a target parameter value; based on the target parameter values, a level of violation of the user account is determined.
In some embodiments, the server may record a marking time, i.e. a reported time, of the user account marked as the offending account, and determine, based on the marking time, the number of times the user account is marked as the offending account in the preset period, where the greater the number of times the user account is marked as the offending account, the more likely the user account is to be the offending account, and also may be maliciously marked, so when determining the offending grade of the user account, the reported number of times and the offending probability of the user account may be comprehensively considered, so as to determine the offending grade of the user account more accurately.
The first preset weight is a weight corresponding to the times, the second preset weight is a weight corresponding to the violation probability, the first preset weight is smaller than the second preset weight, the first preset weight and the times are multiplied to obtain a first parameter value, the second preset weight and the violation probability are multiplied to obtain a second parameter value, then the first parameter value and the second parameter value are added to obtain a target parameter value, and finally the violation level can be determined based on the target parameter value. When the violation level is determined, the influence of marked times can be synthesized, so that the accuracy of the violation level determination is improved. When determining the violation level based on the target parameter value, if the target parameter value is greater than or equal to a first threshold value, determining the violation level as a first violation level; if the target parameter value is smaller than the first threshold value and larger than or equal to the second threshold value, determining that the violation level is a second violation level; and if the target parameter value is smaller than the second threshold value, determining the violation level as a third violation level, wherein the first threshold value is larger than the second threshold value.
When pushing the user account, the user account can be pushed to the quality inspection platform according to the violation grade, so that the user account can be checked manually to determine whether the user account is a violation account.
In some embodiments, in order to improve the accuracy of the foregoing probability calculation model, the auditing result may be used for iteration of the probability calculation model, for example, according to a preset time interval, an auditing result of a user account may be obtained by a person, and the operation time sequence data of the user account and the auditing result are used as training data to continuously update and iterate the probability calculation model, so as to ensure self-adaptation of the probability calculation model, and continuously improve the accuracy of violation probability calculation, thereby improving the detection rate of the violation account.
After the user account is audited manually, an audit result corresponding to the user account can be obtained. In some embodiments, the auditing result may indicate whether the user account is a violation account, and if so, the violation account may be penalized. In one embodiment, when the punishment is performed on the offensive account, a preset punishment policy set in advance is acquired, and the punishment is performed on the offensive account directly by adopting the preset punishment policy set in advance.
As another implementation mode, when the auditing result is that the user account is a violation account, a punishment policy input by a worker is acquired, and punishment is carried out on the violation account according to the punishment policy. The preset trigger policy and the punishment policy may include prohibiting the offending account from information publishing, recovering the offending account within a certain period of time, and the like, and may be specifically set according to actual needs. If the checking result is that the user account is not the illegal account, ending the flow, and punishing the illegal account can prevent the illegal account from issuing bad information again, thereby enhancing the security of the network environment or the application program.
The user account pushing scheme provided by the embodiment of the application can be applied to various scenes needing manual auditing. For example, taking the case that whether the user account is a violation account is manually checked, the scheme provided by the embodiment of the application can obtain the operation time sequence data of the user account in a preset time period under the condition that the user account is marked as the violation account, the change characteristics of the appointed operation in the preset time period can be obtained after the operation time sequence data are processed, then the violation probability of the user account is calculated by utilizing the change characteristics, and finally the user account can be pushed based on the violation grade determined by the violation probability, so that the user account with higher violation grade is pushed to a quality inspection platform. Compared with the situation of randomly selecting the user account, under the limited auditing capability, the method can reduce the waste of manpower and time and improve the detection rate of the illegal account.
The method described in the above embodiments will be described in further detail below.
In this embodiment, a method of the embodiment of the present application will be described in detail by taking pushing of an offending account as an example.
As shown in fig. 2a, a specific flow of the method for pushing the offending account is as follows:
s210, operation time sequence data of a user account in a preset time period before being reported are pulled from a data table, wherein the operation time sequence data comprise operation data for designating operation by the user account.
S220, inputting the operation time sequence data into a violation probability calculation model, and outputting the violation probability of the user account.
S230, determining the violation grade of the user account based on the violation probability of the user account, and pushing the violation grade to the quality inspection platform in sequence based on the violation grade.
S240, obtaining an auditing result of the user account, and processing the user account according to the auditing result.
For clarity of describing the overall flow of user account pushing, reference may be made to fig. 2b at the same time, which shows an overall architecture schematic of the user account pushing method.
Firstly, operation data of the user account for specified operation can be stored in a data table, and particularly when the operation data of the specified operation is stored, the asynchronous queue can be adopted to screen the operation data of the specified operation, namely operation time sequence data, from data actually generated by the user account, namely service data, and the operation time sequence data is stored in the data table, so that the influence of the data storage process on the actual operation of the user account can be avoided through the asynchronous queue, and the user account can be ensured to normally perform information release. The designating operation in the embodiment of the application can be a publishing operation, an account login operation and the like of designating information, and the designating information can refer to friend adding information, group adding information and the like.
Assuming that a large number of user accounts marked as offending accounts can be detected every day, the operational time sequence data of these user accounts for a preset period of time can be pulled from the data table. And then outputting the operation time sequence data of the user account to a probability calculation model to obtain the corresponding violation probability of the user account, wherein the specific calculation of the violation probability by the probability calculation model can be realized by referring to the following steps:
1. encoding operation time sequence data in a preset time period through an FC layer to realize feature dimension reduction and selection and obtain a feature vector sequence;
2. inputting the obtained characteristic vector sequence into a cyclic neural network for fusion processing to obtain a change characteristic, wherein the change characteristic represents the change trend of the appointed operation in a preset time period;
3. then, the change characteristics pass through a self-attention layer to perform attention calculation, different weights are given to the change characteristics in different time periods, and then the attention characteristics are obtained;
4. and inputting the attention features into a full connection layer to realize classification, and finally outputting the violation probability.
And then determining the violation grade of the user account according to the violation probability, and pushing the user account to the quality inspection platform according to the violation grade.
As an implementation manner, the violation grade of the user account can be determined according to the violation probability, wherein the higher the violation probability is, the higher the violation grade is, and the user account is pushed in sequence from high to low according to the violation grade. For example, the violation probability of the user account a is y1, the violation probability of the user account b is y2, the violation probability of the user account c is y3, and the violation probability of the user account d is y4, wherein y2> y4> y1> y3, and then the violation grades of the user accounts are as follows from top to bottom: user account b, user account d, user account a, user account c, then the user accounts may be pushed sequentially in the following order: user account b, user account d, user account a, user account c.
The staff can conduct manual auditing on the user account b, the user account d, the user account a and the user account c in sequence to determine whether the user account is a violation account, if the user account is the violation account, the user account can be penalized and then ended, and if the user account is not the violation account, the user account can be ended directly. Under the condition of limited manual verification capability, the user account with high violation grade can be verified first, so that the detection rate of the violation account is improved.
As can be seen from the above, the embodiment of the application can draw the operation time sequence data of the user account in a preset time period before being reported from the data table, input the operation time sequence data of the user account into the probability calculation model to obtain the rule violation probability of the user account, then determine the rule violation grade of the user account based on the rule violation probability, and push the user account to the quality inspection platform in turn based on the rule violation grade so as to manually check whether the user account is the rule violation account, and punish the user account if the user account is the rule violation account. And pushing the user account based on the violation level determined by the violation probability so as to push the user account with higher violation level to the quality inspection platform. Compared with the situation of randomly selecting the user account, under the limited auditing capability, the method can reduce the waste of manpower and time and improve the detection rate of the illegal account.
In order to better implement the method, the embodiment of the application also provides a user account pushing device, which can be integrated in electronic equipment, wherein the electronic equipment can be a terminal, a server and other equipment. The terminal can be a mobile phone, a tablet personal computer, an intelligent Bluetooth device, a notebook computer, a personal computer and other devices; the server may be a single server or a server cluster composed of a plurality of servers.
For example, in this embodiment, a method in the embodiment of the present application will be described in detail by taking a specific integration of the user account pushing device in a server as an example.
For example, as shown in fig. 3, the user account pushing device 300 may include an acquisition module 310, a feature determination module 320, a probability calculation module 330, a rank determination module 340, and a pushing module 350.
An obtaining module 310, configured to obtain, when it is detected that a user account is reported, operation time sequence data of the user account in a preset time period before the user account is reported, where the operation time sequence data includes operation data of performing a specified operation on the user account arranged according to a time sequence;
a feature determining module 320, configured to determine, based on the operation timing data, a change feature of the specified operation in the preset time period, where the change feature characterizes a change trend of the specified operation in the preset time period;
a probability calculation module 330, configured to calculate a rule-breaking probability of the user account based on the variation feature;
a level determination module 340, configured to determine a level of violation of the user account based on the probability of violation;
and a pushing module 350, configured to push the user account according to the violation level.
In some embodiments, the preset time period includes a plurality of sub-time periods, and the feature determination module 320 further includes:
the feature extraction unit is used for carrying out feature extraction on the operation time sequence data to obtain a feature vector sequence, wherein the feature vector sequence comprises feature vectors corresponding to each sub-time period;
and the fusion unit is used for carrying out data fusion processing on the feature vector to obtain the change features of the appointed operation in a preset time period.
In some embodiments, the fusion unit is further to:
aiming at the feature vector of each current sub-time period, acquiring a forward hidden layer state corresponding to the feature vector of a previous sub-time period, wherein the previous sub-time period is a period before the current sub-time period;
and calculating to obtain the change characteristics of the specified operation in a preset time period according to the forward hidden layer state and each characteristic vector.
In some embodiments, the fusion unit is further to:
performing forward coding on the feature vector of each current sub-time period to obtain a forward hidden layer state of each sub-time period;
performing backward coding on the feature vector of each current sub-time period to obtain a backward hidden layer state of each sub-time period;
And splicing the forward hidden layer state and the backward hidden layer state of each sub-time period to obtain the change characteristics of the appointed operation in the preset time period.
In some embodiments, probability calculation module 330 further includes:
the attention weight calculation unit is used for carrying out linear transformation on the change characteristics based on preset weight parameters to obtain the attention weights corresponding to the change characteristics;
an attention feature calculating unit, configured to calculate an attention feature corresponding to the change feature based on the attention weight and the preset weight parameter;
and the probability calculation unit is used for obtaining the rule violation probability of the user account according to the attention characteristic.
In some embodiments, the preset weight parameters include a first weight parameter and a second weight parameter, and the attention weight calculation unit is further configured to:
calculating the product of the change characteristic and the first weight parameter to obtain a first attention weight;
calculating the product of the change characteristic and the second weight parameter to obtain a second attention weight;
and obtaining the attention weight corresponding to the change characteristic according to the first attention weight and the second attention weight.
In some embodiments, the preset weight parameters further include a third weight parameter, and the attention feature calculation unit is further configured to:
Based on the third weight parameter, performing linear transformation on the change characteristic to obtain an adjusted change characteristic;
and calculating the product of the attention weight and the adjusted change characteristic to obtain the attention characteristic corresponding to the change characteristic.
In some embodiments, the probability calculation unit is further configured to:
acquiring a target parameter and a target bias;
using the target parameters to carry out weighted calculation on the attention characteristics to obtain weighted attention characteristics;
calculating the sum of the weighted attention characteristic and the target bias to obtain a target characteristic vector;
and carrying out normalization processing on the target feature vector to obtain the violation probability of the user account.
In some embodiments, the rank determination module 340 is further to:
acquiring the number of times of reporting the user account in the preset time period;
calculating the product of the first preset weight and the times to obtain a first parameter value;
calculating the product of a second preset weight and the violation probability to obtain a second parameter value, wherein the first preset weight is smaller than the second preset weight;
summing the first parameter value and the second parameter value to obtain a target parameter value;
And determining the violation level of the user account based on the target parameter value.
In some embodiments, the rank determination module 340 is further to:
if the violation probability is greater than or equal to the first probability, determining that the violation grade of the user account is the first violation grade;
if the violation probability is smaller than the first probability, determining a magnitude relation between the violation probability and a second probability, wherein the second probability is lower than the violation probability indicated by the first probability;
if the violation probability is greater than or equal to the second probability, determining that the violation grade of the user account is a second violation grade;
and if the violation probability is smaller than the second probability, determining that the violation grade of the user account is a third violation grade.
In some embodiments, the designating operation includes a releasing operation of designating information through the user account, and the operation data includes the number of times of releasing the designating information.
In the implementation, each unit or module may be implemented as an independent entity, or may be implemented as the same entity or several entities in any combination, and the implementation of each unit or module may be referred to the foregoing method embodiments and will not be repeated herein.
As can be seen from the above, the user account pushing device in this embodiment may obtain operation time sequence data of the user account in a preset time period when the user account is marked as a violation account, process the operation time sequence data to obtain a change feature of a specified operation in the preset time period, calculate the violation probability of the user account according to the change feature, and push the user account based on the violation level determined by the violation probability, so as to push the user account with higher violation probability to the quality inspection platform. Compared with the situation of randomly selecting the user account, under the limited auditing capability, the method can reduce the waste of manpower and time and improve the detection rate of the illegal account.
The embodiment of the application also provides electronic equipment which can be a terminal, a server and other equipment. The terminal can be a mobile phone, a tablet computer, an intelligent Bluetooth device, a notebook computer, a personal computer and the like; the server may be a single server, a server cluster composed of a plurality of servers, or the like.
In some embodiments, the user account pushing device may be integrated in a plurality of electronic devices, for example, the user account pushing device may be integrated in a plurality of servers, and the user account pushing method of the present application is implemented by the plurality of servers.
In this embodiment, a detailed description will be given taking an example that the electronic device of this embodiment is a server, for example, as shown in fig. 4, which shows a schematic structural diagram of the electronic device according to the embodiment of the present application, specifically:
the electronic device may include one or more processor cores 401, one or more computer-readable storage media memory 402, a power supply 403, an input module 404, and a communication module 405, among other components. Those skilled in the art will appreciate that the electronic device structure shown in fig. 4 is not limiting of the electronic device and may include more or fewer components than shown, or may combine certain components, or may be arranged in different components. Wherein:
the processor 401 is a control center of the electronic device, connects various parts of the entire electronic device using various interfaces and lines, and performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 402, and calling data stored in the memory 402. In some embodiments, processor 401 may include one or more processing cores; in some embodiments, processor 401 may integrate an application processor that primarily processes operating systems, user interfaces, applications, and the like, with a modem processor that primarily processes wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 401.
The memory 402 may be used to store software programs and modules, and the processor 401 executes various functional applications and data processing by executing the software programs and modules stored in the memory 402. The memory 402 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required for at least one function, and the like; the storage data area may store data created according to the use of the electronic device, etc. In addition, memory 402 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory 402 may also include a memory controller to provide the processor 401 with access to the memory 402.
The electronic device also includes a power supply 403 for powering the various components, and in some embodiments, the power supply 403 may be logically connected to the processor 401 by a power management system, such that charge, discharge, and power consumption management functions are performed by the power management system. The power supply 403 may also include one or more of any of a direct current or alternating current power supply, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
The electronic device may also include an input module 404, which input module 404 may be used to receive entered numeric or character information and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.
The electronic device may also include a communication module 405, and in some embodiments the communication module 405 may include a wireless module, through which the electronic device may wirelessly transmit over a short distance, thereby providing wireless broadband internet access to the user. For example, the communication module 405 may be used to assist a user in e-mail, browsing web pages, accessing streaming media, and so forth.
Although not shown, the electronic device may further include a display unit or the like, which is not described herein. In particular, in this embodiment, the processor 401 in the electronic device loads executable files corresponding to the processes of one or more application programs into the memory 402 according to the following instructions, and the processor 401 executes the application programs stored in the memory 402, so as to implement various functions as follows:
under the condition that the user account is reported, acquiring operation time sequence data of the user account in a preset time period before being reported, wherein the operation time sequence data comprises operation data for performing specified operation on the user account arranged according to a time sequence;
Determining a change characteristic of the specified operation in the preset time period based on the operation time sequence data, wherein the change characteristic represents a change trend of the specified operation in the preset time period;
based on the change characteristics, calculating the violation probability of the user account;
determining the violation grade of the user account based on the violation probability;
and pushing the user account according to the violation grade.
The specific implementation of each operation above may be referred to the previous embodiments, and will not be described herein.
As can be seen from the above, in the case that the user account is reported, the electronic device provided by the embodiment of the application can obtain the operation time sequence data of the user account in the preset time period before being reported, process the operation time sequence data to obtain the change characteristics of the appointed operation in the preset time period, calculate the rule violation probability of the user account by using the change characteristics, and push the user account based on the rule violation grade determined by the rule violation probability, so as to push the user account with higher rule violation grade to the quality inspection platform. Compared with the situation of randomly selecting the user account, under the limited auditing capability, the method can reduce the waste of manpower and time and improve the detection rate of the illegal account.
Those of ordinary skill in the art will appreciate that all or a portion of the steps of the various methods of the above embodiments may be performed by instructions, or by instructions controlling associated hardware, which may be stored in a computer-readable storage medium and loaded and executed by a processor.
To this end, an embodiment of the present application provides a computer readable storage medium storing a plurality of instructions capable of being loaded by a processor to perform any one of the steps in the user account pushing method provided by the embodiment of the present application. For example, the instructions may perform the steps of:
under the condition that the user account is reported, acquiring operation time sequence data of the user account in a preset time period before being reported, wherein the operation time sequence data comprises operation data for performing specified operation on the user account arranged according to a time sequence;
determining a change characteristic of the specified operation in the preset time period based on the operation time sequence data, wherein the change characteristic represents a change trend of the specified operation in the preset time period;
based on the change characteristics, calculating the violation probability of the user account;
Determining the violation grade of the user account based on the violation probability;
and pushing the user account according to the violation grade.
Wherein the storage medium may include: read Only Memory (ROM), random access Memory (RAM, random Access Memory), magnetic or optical disk, and the like.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The computer instructions are read from a computer-readable storage medium by a processor of a computer device, and executed by the processor, cause the computer device to perform the methods provided in various alternative implementations of the model training aspect or the user account pushing aspect provided in the above-described embodiments.
The steps in any one of the user account pushing methods provided by the embodiments of the present application can be executed due to the instructions stored in the storage medium, so that the beneficial effects that any one of the user account pushing methods provided by the embodiments of the present application can be achieved, and detailed descriptions of the previous embodiments are omitted.
The foregoing describes in detail a user account pushing method, apparatus, electronic device and computer readable storage medium provided by the embodiments of the present application, and specific examples are applied to illustrate the principles and embodiments of the present application, where the foregoing description of the embodiments is only for helping to understand the method and core idea of the present application; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in light of the ideas of the present application, the present description should not be construed as limiting the present application.
Claims (15)
1. The user account pushing method is characterized by comprising the following steps of:
under the condition that the user account is reported, acquiring operation time sequence data of the user account in a preset time period before being reported, wherein the operation time sequence data comprises operation data for performing specified operation on the user account arranged according to a time sequence;
determining a change characteristic of the specified operation in the preset time period based on the operation time sequence data, wherein the change characteristic represents a change trend of the specified operation in the preset time period;
based on the change characteristics, calculating the violation probability of the user account;
Determining the violation grade of the user account based on the violation probability;
and pushing the user account according to the violation grade.
2. The method of claim 1, wherein the preset time period comprises a plurality of sub-time periods, and wherein the determining a change characteristic of the specified operation over the preset time period based on the operation timing data comprises:
extracting features of the operation time sequence data to obtain a feature vector sequence, wherein the feature vector sequence comprises feature vectors corresponding to each sub-time period;
and carrying out data fusion processing on the feature vector to obtain the change feature of the appointed operation in a preset time period.
3. The method according to claim 2, wherein the performing data fusion processing on the feature vector to obtain the change feature of the specified operation in a preset time period includes:
aiming at the feature vector of each current sub-time period, acquiring a forward hidden layer state corresponding to the feature vector of a previous sub-time period, wherein the previous sub-time period is a period before the current sub-time period;
and calculating to obtain the change characteristics of the specified operation in a preset time period according to the forward hidden layer state and each characteristic vector.
4. The method according to claim 2, wherein the performing data fusion processing on the feature vector to obtain the change feature of the specified operation in a preset time period includes:
performing forward coding on the feature vector of each current sub-time period to obtain a forward hidden layer state of each sub-time period;
performing backward coding on the feature vector of each current sub-time period to obtain a backward hidden layer state of each sub-time period;
and splicing the forward hidden layer state and the backward hidden layer state of each sub-time period to obtain the change characteristics of the appointed operation in the preset time period.
5. The method of claim 1, wherein the calculating the probability of violation of the user account based on the change characteristics comprises:
performing linear transformation on the change characteristics based on preset weight parameters to obtain attention weights corresponding to the change characteristics;
calculating attention features corresponding to the change features based on the attention weights and the preset weight parameters;
and obtaining the violation probability of the user account according to the attention characteristic.
6. The method according to claim 5, wherein the preset weight parameters include a first weight parameter and a second weight parameter, the linearly transforming the change feature based on the preset weight parameters to obtain the attention weight corresponding to the change feature, including:
Calculating the product of the change characteristic and the first weight parameter to obtain a first attention weight;
calculating the product of the change characteristic and the second weight parameter to obtain a second attention weight;
and obtaining the attention weight corresponding to the change characteristic according to the first attention weight and the second attention weight.
7. The method of claim 5, wherein the preset weight parameters further comprise a third weight parameter, and the calculating the attention feature corresponding to the change feature based on the attention weight and the preset weight parameter comprises:
based on the third weight parameter, performing linear transformation on the change characteristic to obtain an adjusted change characteristic;
and calculating the product of the attention weight and the adjusted change characteristic to obtain the attention characteristic corresponding to the change characteristic.
8. The method of claim 5, wherein the deriving the probability of violation of the user account from the attention profile comprises:
acquiring a target parameter and a target bias;
using the target parameters to carry out weighted calculation on the attention characteristics to obtain weighted attention characteristics;
Calculating the sum of the weighted attention characteristic and the target bias to obtain a target characteristic vector;
and carrying out normalization processing on the target feature vector to obtain the violation probability of the user account.
9. The method of claim 1, wherein pushing the user account according to the level of violation comprises:
acquiring the number of times of reporting the user account in the preset time period;
calculating the product of the first preset weight and the times to obtain a first parameter value;
calculating the product of a second preset weight and the violation probability to obtain a second parameter value, wherein the first preset weight is smaller than the second preset weight;
summing the first parameter value and the second parameter value to obtain a target parameter value;
and determining the violation level of the user account based on the target parameter value.
10. The method of claim 1, wherein the determining the level of violation of the user account based on the probability of violation comprises:
if the violation probability is greater than or equal to the first probability, determining that the violation grade of the user account is the first violation grade;
if the violation probability is smaller than the first probability, determining a magnitude relation between the violation probability and a second probability, wherein the second probability is lower than the violation probability indicated by the first probability;
If the violation probability is greater than or equal to the second probability, determining that the violation grade of the user account is a second violation grade;
and if the violation probability is smaller than the second probability, determining that the violation grade of the user account is a third violation grade.
11. The method according to any one of claims 1 to 10, wherein the specifying operation includes a release operation of specifying information by the user account, and the operation data includes the number of times the specifying information is released.
12. A user account pushing device, the device comprising:
the acquisition module is used for acquiring operation time sequence data of the user account in a preset time period before being reported under the condition that the user account is detected to be reported, wherein the operation time sequence data comprise operation data for performing specified operation on the user account arranged according to time sequence;
the characteristic determining module is used for determining the change characteristic of the specified operation in the preset time period based on the operation time sequence data, wherein the change characteristic represents the change trend of the specified operation in the preset time period;
the probability calculation module is used for calculating the rule violation probability of the user account based on the change characteristics;
The grade determining module is used for determining the violation grade of the user account based on the violation probability;
and the pushing module is used for pushing the user account according to the violation grade.
13. An electronic device comprising a processor and a memory, the memory storing a plurality of instructions; the processor loads instructions from the memory to perform the steps in the user account pushing method of any of claims 1-11.
14. A computer readable storage medium storing a plurality of instructions adapted to be loaded by a processor to perform the steps in the user account pushing method of any of claims 1 to 11.
15. A computer program product comprising computer programs/instructions which when executed by a processor implement the steps in the user account pushing method of any of claims 1 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210507863.2A CN117112951A (en) | 2022-05-10 | 2022-05-10 | User account pushing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210507863.2A CN117112951A (en) | 2022-05-10 | 2022-05-10 | User account pushing method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117112951A true CN117112951A (en) | 2023-11-24 |
Family
ID=88802555
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210507863.2A Pending CN117112951A (en) | 2022-05-10 | 2022-05-10 | User account pushing method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117112951A (en) |
-
2022
- 2022-05-10 CN CN202210507863.2A patent/CN117112951A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111340112B (en) | Classification method, classification device and classification server | |
| CN112861945B (en) | Multi-mode fusion lie detection method | |
| CN112791414B (en) | Plug-in recognition model training method and device, electronic equipment and storage medium | |
| CN113761359B (en) | Data packet recommendation method, device, electronic equipment and storage medium | |
| KR20220026804A (en) | Apparatus and method for detecting delivery vehicle based on Inverse Reinforcement Learning | |
| CN113392331A (en) | Text processing method and equipment | |
| CN112819024B (en) | Model processing method, user data processing method and device and computer equipment | |
| CN115168720A (en) | Content interaction prediction method and related equipment | |
| CN115994321A (en) | Object classification method and related device | |
| CN113743522A (en) | Detection method and device for illegal behavior and electronic equipment | |
| CN113362852A (en) | User attribute identification method and device | |
| CN115359337B (en) | Searching method, system and application of pulse neural network for image recognition | |
| CN117112951A (en) | User account pushing method and device, electronic equipment and storage medium | |
| CN115952343A (en) | Social robot detection method based on multi-relation graph convolutional network | |
| CN114548382A (en) | Migration training method, device, equipment, storage medium and program product | |
| CN113762324A (en) | Virtual object detection method, device, equipment and computer readable storage medium | |
| CN113779396B (en) | Question recommending method and device, electronic equipment and storage medium | |
| CN117391456B (en) | Village management method and service platform system based on artificial intelligence | |
| CN117786416B (en) | Model training method, device, equipment, storage medium and product | |
| CN113207013B (en) | Multimedia data release management method, device, equipment and storage medium | |
| CN116977690A (en) | Image processing method, device, product, equipment and medium | |
| CN116561694A (en) | Object recognition method, device, electronic equipment and storage medium | |
| CN117579688A (en) | Information pushing method and related equipment | |
| CN114297455A (en) | Artificial intelligence based classification method and device, electronic equipment and storage medium | |
| CN116976309A (en) | Data analysis method, device, computer, readable storage medium and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |